What does this PR do?

Hardens master pubkey validation so minions don’t fail with “Invalid master key” after restart when the cached key is empty/invalid, and improves recovery/logging.
Normalizes/reads/writes master pubkeys and detects invalid cached keys (salt/utils/minion.py).
Compares normalized keys and updates stored pubkey on verified rotation; fails fast if local key is unreadable (salt/crypt.py).
Logs actionable guidance and cleans invalid cached key during minion/syndic connect loops (salt/minion.py).

What issues does this PR fix or reference?

Fixes #68493

Previous Behavior

A restart could leave an empty/invalid minion_master.pub, causing “Invalid master key” errors and preventing reconnection until the file was manually removed.

New Behavior

Invalid/empty cached master keys are detected, logged with guidance, and removed so the minion can re-authenticate; verified key rotations update the cached key safely.

Merge requirements satisfied?

[NOTICE] Bug fixes or features added to Salt require tests.

• Docs
• Changelog - https://docs.saltproject.io/en/master/topics/development/changelog.html
• Tests written/updated

Commits signed with GPG?

No