Replace hard-coded GCM tag length with named constant

- Add GCM_STANDARD_TAG_SIZE constant (16 bytes) with NIST SP 800-38D reference
- Replace magic numbers in tag allocation and validation logic
- Update error message with defensive handling comment
- Apply Rust formatting and linting standards

Tested: GCM functionality preserved, no regressions
Resolves TODO comments about hard-coded GCM tag length values

Author: Oblivionsage

src/rust/src/backend/ciphers.rs

@@ -507,7 +507,10 @@ impl PyAEADDecryptionContext {
         } else if tag.len() > GCM_STANDARD_TAG_SIZE {
             return Err(CryptographyError::from(
                 pyo3::exceptions::PyValueError::new_err(
-                    format!("Authentication tag cannot be more than {} bytes.", GCM_STANDARD_TAG_SIZE),
+                    // Defensive error handling - rarely triggered in normal usage
+                    format!(
+                        "Authentication tag cannot be more than {GCM_STANDARD_TAG_SIZE} bytes."
+                    ),
                 ),
             ));
         }