proxy: simplify password validation

[conradludgate]

Problem

for HTTP/WS/password hack flows we imitate SCRAM to validate passwords. This code was unnecessarily complicated.

Summary of changes

Copy in the pbkdf2 and 'derive keys' steps from the postgres_protocol crate in our rust-postgres fork. Derive the client_key, server_key and stored_key from the password directly. Use constant time equality to compare the stored_key and server_key with the ones we are sent from cplane.

Checklist before requesting a review

• I have performed a self-review of my code.
• If it is a core feature, I have added thorough tests.
• Do we need to implement analytics? if so did you add the relevant metrics to the dashboard?
• If this PR requires public announcement, mark it with /release-notes label and add several sentences in this section.

Checklist before merging

• Do not forget to reformat commit message to not include the above checklist

[github-actions]

2706 tests run: 2574 passed, 0 failed, 132 skipped (full report)

---

Flaky tests (1)

Postgres 14

• test_statvfs_pressure_usage: debug

Code coverage* (full report)

• functions: 28.5% (7212 of 25313 functions)
• lines: 47.2% (44266 of 93860 lines)

* collected from Rust tests only

---

_{The comment gets automatically updated with the latest test results
ed540d2 at 2024-03-21T12:29:13.581Z :recycle:}