[DRAFT] Bugfixes to SymCrypt-OpenSSL for OpenSSL 3.5

[mamckee]

This PR contains a number of small bugfixes needed to SymCrypt-OpenSSL for OpenSSL 3.5. These were found in OpenSSL's tests with the SymCrypt provider loaded.

• HKDF and TLS1-PRF no longer fail if an empty IKM or salt is supplied.
• Provider algorithm names (used in the dispatch tables in p_scossl_base.c) match the OpenSSL default implementation exactly
  • Some functions (such as EVP_MD_name) are sensitive to the order of these names. The SymCrypt provider should match the order exactly for algorithms also supported by the default provider.
• PBKDF2 will no longer fail if the derived key length is 0. Instead, it will just be a no-op.
• RSA key duplication will return NULL if OSSL_KEYMGMT_SELECT_KEYPAIR is not set in the selection
• ECDSA verify returns -1 in the case of an error (not verification failure).
  • This matches the default OpenSSL implementation. RSA verify does not follow this pattern
• Output size is checked in RSA encrypt
• AES block cipher context is properly zeroed when initialized
• Disallow XOFs for the digest used in DH key exchange