doc: note that get_params and set_params calls should return true if the param array is null

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

doc: document the additional params argument to the various init() calls

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

support params argument to AES cipher init calls

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

doc: update cipher documentation to include the new init functions with params

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

prov: support params argument to common cipher init calls

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

prov: support param argument to DES cipher init calls

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

prov: support param argument to null cipher init calls

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

prov: support params argument to CHACHA20 ciphers

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

prov: support params argument to RCx ciphers

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

prov: support params arguments to signature init calls

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

prov: update digests to support modified ctx params

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

doc: update digest documentation to include the new init functions with params

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

prov: support param argument to digest init calls

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

doc: document param argument to RSA calls

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

doc: document param argument to cipher init calls

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

test: support params arguments to init functions

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

ssl: support params arguments to init functions

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

apps: support param argument to init functions

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

prov: update KEM to support params on init()

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

prov: update exchange algorithms to support params on the init call

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

misc: other init function param additions

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

doc: update PKEY documentation to include the new init functions with params

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

evp: add params arguments to init functions

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

core: add params arguments to init calls

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

prov: asym ciphers take an extra init() params argument

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

doc: add params argument to key manager's gen_init call

Fixes #14286

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

core: add params argument to key manager's gen_init call

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

provider: add params argument to key manager's gen_init call

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

evp: add params argument to key manager's gen_init call

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

test: add params argument to key manager's gen_init call

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14383)

Fix error-checking compiles for mutex

Fixes: #14229
Reviewed-by: Kurt Roeckx <kurt@roeckx.be>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14264)

Increase the upper limit on group name length

While all the standardized groups would fit within the old limit,
with the addition of providers, some might want to experiment with
new and unstandardized groups. As such, their names might not fit
within the old limit.

Define it as GROUP_NAME_BUFFER_LENGTH with value 64.

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14502)

TEST: Stop the cleanup in test/recipes/20-test_mac.t

Let the files remain to make test forensics easy

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14484)

PROV: use EVP_CIPHER_CTX_set_params() rather than EVP_CIPHER_CTX_ctrl()

This is in gmac_final(), where the cipher is known to be fetched.
It's more suitable to use OSSL_PARAMs than _ctrl functions, as the
latter are expected to become obsolete.

Fixes #14359

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/14484)

openssl-cmp.pod.in and apps/cmp.c: Various minor do improvements

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14493)

Prepare for 3.0 alpha 14

Reviewed-by: Richard Levitte <levitte@openssl.org>

Prepare for release of 3.0 alpha 13

Reviewed-by: Richard Levitte <levitte@openssl.org>

Update copyright year

Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14512)

Use read/write locking on Windows

Fixes #13914

The "SRWLock" synchronization primitive is available in Windows Vista
and later.  CRYPTO_THREAD functions now use SRWLock functions when the
target operating system supports them.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14381)

Check SSL_set1_chain error in set_cert_cb

CLA: trivial

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14469)

Fix reason code: EVP_R_OPERATON_NOT_INITIALIZED

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14429)

test: convert store test to use relative paths

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14419)

core: add up_ref callback for OSSL_CORE_BIO

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14419)

Add a real type for OSSL_CORE_BIO which is distinct from and not castable to BIO

Providers (particularly the FIPS provider) needs access to BIOs from libcrypto.
Libcrypto is allowed to change the internal format of the BIO structure and it
is still expected to work with providers that were already built.  This means
that the libcrypto BIO must be distinct from and not castable to the provider
side OSSL_CORE_BIO.

Unfortunately, this requirement was broken in both directions.  This fixes
things by forcing the two to be different and any casts break loudly.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14419)

Use BIO_f_readbuffer() in the decoder to support stdin.

Fixes #13185
Fixes #13352

Removed the existing code in file_store that was trying to figure out the
input type.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14407)

Add new filter BIO BIO_f_readbuffer()

This allows BIO_tell() and BIO_seek() to work for BIO's that do
not support these methods. The main use case for this is file/fd BIO's
that use stdin.

This works for stdin taken from input redirection (command < file),
and stdin via pipe (cat file | command).

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14407)

Fix formatting error of HISTORY section in some manual pages.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/14450)

Change default algorithms in PKCS12_create() and PKCS12_set_mac()

Use the modern defaults as now set in the pkcs12 app. This also
allows modifying the application to not override the default values
when calling the API.

Fixes #14034

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
(Merged from https://github.com/openssl/openssl/pull/14450)

Mention the change of licence in NEWS.md

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14465)

Expand the CHANGES entry for SHA1 and libssl

As well as SSL 3, TLS 1.0, TLS 1.1 and DTLS 1.0 not working at
security level 1 we also document that TLS 1.2 connection will fail
if the ClientHello does not have a signature algorithms extension.

Fixes #14447

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14465)

Add a CHANGES for OSSL_STORE_INFO_get_type()

The function OSSL_STORE_INFO_get_type() may now return a new object
type. Applications may have to be amended accordingly.

Fixes #14446

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14465)

Add a missing CHANGES.md entry for the legacy provider

Numerous ciphers and digests have been moved to the legacy provider.
There should be a CHANGES.md entry pointing this out.

Fixes #14441

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14465)

Non-const accessor to legacy keys

Fixes #14466.

Reverting the changes of the EVP_PKEY_get0 function.

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14468)

EVP_KDF-KB man page: Fix typo in the example code

CLA: trivial
Signed-off-by: Arthur Gautier <baloo@superbaloo.net>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14455)

Fixup support for io_pgetevents_time64 syscall

This is a fixup for the original commit 5b5e2985f355c8e99c196d9ce5d02c15bebadfbc
"Add support for io_pgetevents_time64 syscall" that didn't correctly
work for 32-bit architecutres with a 64-bit time_t that aren't RISC-V.

For a full discussion of the issue see:
https://github.com/openssl/openssl/commit/5b5e2985f355c8e99c196d9ce5d02c15bebadfbc

Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14432)

cmp_hdr.c: Fix minor Coverity issue CID 1473605

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14460)

http_test.c: Fix minor Coverity issue CID 1473608

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14460)

Reword repeated words.

A trivial PR to remove some commonly repeated words. It looks like this is
not the first PR to do this.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14420)

apps/pkcs12: Allow continuing on absent mac

Just print a warning in that case.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14445)

apps/pkcs12: Detect missing PKCS12KDF support on import

Report error message with hint to use -nomacver if
MAC verification is not required.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14445)

apps/pkcs12: Properly detect MAC setup failure

The MAC requires PKCS12KDF support which is not present
in FIPS provider as it is not an approved KDF algorithm.
Suggest using -nomac if MAC is not required.

Fixes #14057

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14445)

fake_rand_finish should be called if "OPENSSL_NO_SM2" is NOT defined

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14471)

Fix the check for suitable groups and TLSv1.3

If we have TLSv1.3 enabled then we must have at least one TLSv1.3 capable
group available. This check was not always working

Reviewed-by: Ben Kaduk <kaduk@mit.edu>
(Merged from https://github.com/openssl/openssl/pull/14430)

Make the EVP_PKEY_get0* functions have a const return type

OTC have decided that the EVP_PKEY_get0* functions should have a const
return type. This is a breaking change to emphasise that these values
should be considered as immutable.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14319)

Document the change in behaviour of the the low level key getters/setters

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14319)

Ensure the various legacy key EVP_PKEY getters/setters are deprecated

Most of these were already deprecated but a few have been missed. This
commit corrects that.

Fixes #14303
Fixes #14317

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14319)

Cache legacy keys instead of downgrading them

If someone calls an EVP_PKEY_get0*() function then we create a legacy
key and cache it in the EVP_PKEY - but it doesn't become an "origin" and
it doesn't ever get updated. This will be documented as a restriction of
the EVP_PKEY_get0*() function with provided keys.

Fixes #14020

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14319)

Avoid a null pointer deref on a malloc failure

Make sure we were sucessful in creating an EVP_PKEY

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14319)

Add a multi thread test for downgrading keys

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14319)

Restore GOST macros compatibility with 1.1.1

Fixes #14440

Before IANA assigned the official codes for the GOST signature
algorithms in TLS, the values from the Reserved for Private Use range
were in use in Russia. The old values were renamed.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14448)

apps/x509.c: Rename -signkey to -key for consistency with the req app

Also because this better reflects that usually also the public portion is used.
Retaining the old -signkey as an alias for backward compatibility.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14007)

HTTP: Fix BIO_mem_d2i() on NULL mem input

This fixes also failure behavior of OSSL_HTTP_REQ_CTX_sendreq_d2i(), OCSP_sendreq_nbio(), etc.
Fixes #14322

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14356)

http_local.h: Remove unused declaration of HTTP_sendreq_bio()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14356)

Simplify OCSP_sendreq_bio()

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14356)

Make more use of X509_add_certs(); minor related code & comments cleanup

This is a follow-up on #12615.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14436)

OCSP_resp_find_status.pod: Complete the RETURN VALUES section

Supersedes #11877. Also make order in NAME section consistent.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14347)

crypto/ocsp/ocsp_cl.c: coding style improvements

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14347)

Update the demos/README file because it is really old. New demos should provide best practice for API use.
Add demonstration for computing a SHA3-512 digest - digest/EVP_MD_demo

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14150)

CI external tests: separate each external test into its own phase

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14416)

CI external test: for now run only the krb5 and gost_engine tests

The boringssl (https://github.com/openssl/openssl/issues/14424)
and pyca-cryptography (https://github.com/openssl/openssl/issues/14425)
tests are currently broken.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14416)

gost_engine test: further cleanups and fixes

Allow absolute paths for $SRCTOP and $BLDTOP.

Do not build the gost_engine in tree.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14416)

gost_engine test: Run also perl and tcl tests

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14416)

CI: add job with external tests

Update gost-engine submodule.
Update pyca-cryptography submodule.

Fix condition for skipping krb5 test.

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14416)

DOCS: Document OSSL_STORE_INFO_PUBKEY in doc/man3/OSSL_STORE_INFO.pod

Fixes #14414

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14415)

Make provider provider_init thread safe, and flag checking/setting too

provider_init() makes changes in the provider structure, and needs a
bit of protection to ensure that doesn't happen concurrently with race
conditions.

This also demands a bit of protection of the flags, since they are
bits and presumably occupy the same byte in memory.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14354)

Make ossl_provider_disable_fallback_loading() thread safe

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14354)

test/threadstest.c: Add a test to load providers concurrently

If we don't synchronize properly in the core provider code, and build
with a thread sanitizer, this should cause a crash.

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14354)

ecx_set_priv_key: Try to obtain libctx from the pkey's keymgmt

We can try to do that although for legacy keys the keymgmt
will not be set. This function will disappear with legacy support
removed.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)

bn_ctx.c: Remove TODO 3.0 related to tracing in FIPS module

We do not want tracing in the FIPS module.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)

ecx_set_priv_key: Remove TODO 3.0 related to setting libctx

This function is used only for legacy keys so the TODO is
not relevant.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)

do_sigver_init: Remove fallback for missing provider implementations.

We now have everything implemented in providers.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)

Remove some of the TODO 3.0 in crypto/evp related to legacy support.

The legacy support stays in 3.0. The TODOs are dropped.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)

crypto/param_build_set.c: Remove irrelevant TODO 3.0

The OSSL_PARAM_set_BN() pads to data_size so there is no
need for OSSL_PARAM_set_BN_pad().

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)

crypto/ppccap.c: Remove useless TODO 3.0

The chacha and poly1305 algorithms are not FIPS approved so
they should stay out of FIPS module.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)

include/crypto: Remove TODOs that are irrelevant for 3.0

The legacy support will not be removed in 3.0. Remove the
related TODO 3.0 marks.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)

include/internal: Remove TODOs that are irrelevant for 3.0

The sha3 and sm3 legacy support requires these headers.

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14404)

test/x509: Test for issuer being overwritten when printing.

The regression from commit 05458fd was fixed, but there is
no test for that regression. This adds it simply by having
a certificate that we compare for -text output having
a different subject and issuer.

Reviewed-by: David von Oheimb <david.von.oheimb@siemens.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/14353)

OSSL_STORE: restore diagnostics on decrypt error; provide password hints

Fixes #13493

Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/13525)

crypto: rename error flags in internal structures

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14405)

Add a new test recipe to verify the generated test fipsmodule.cnf

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/14320)