Make shared library default for fips.

crypto.h if needed.

Modify source tree to handle change.

OpenSSL malloc dependencies.

definition. Remove stale function references from fips.h

to EVP any more.

Move locking #define into fips.h.

Set FIPS locking callbacks at same time as OpenSSL locking callbacks.

on OpenSSL locking code. Use API in some internal FIPS files.

Remove redundant ENGINE defines from fips.h

redirect locking to minimal FIPS_lock() function where required.

need to inspect error queue.

Use EVP macros.

Use tiny EVP in FIPS mode.

library dependencies.

Check for selftest failures.

Pairwise consistency test for RSA key generation.

Use some EVP macros instead of EVP functions.

Use minimal FIPS EVP where needed.

Key size restrictions.

Check for selftest failures.

Pairwise consistency test for RSA key generation.

Use some EVP macros instead of EVP functions.

Use minimal FIPS EVP where needed.

Set EVP_CIPH_FLAG_FIPS on approved ciphers.

Support "default ASN1" flag which avoids need for ASN1 dependencies in FIPS
code.

Include some defines to redirect operations to a "tiny EVP" implementation
in some FIPS source files.

Change m_sha1.c to use EVP_PKEY_NULL_method: the EVP_MD sign/verify functions
are not used in OpenSSL 1.0 and later for SHA1 and SHA2 ciphers: the EVP_PKEY
API is used instead.

need a whole new PRNG for FIPS).

1. avoid use of ERR_peek().

2. If compiling with FIPS use small FIPS EVP and disable ENGINE