instead of using regular OpenSSL API names.

we shouldn't reject digest lengths larger than SHA256: the FIPS
algorithm tests include SHA384 and SHA512 tests.

Not properly integrated or tested yet.

crypto.h if needed.

Modify source tree to handle change.

to EVP any more.

Move locking #define into fips.h.

Set FIPS locking callbacks at same time as OpenSSL locking callbacks.

Initial FIPS 140-2 code ported to HEAD. Doesn't even compile yet, may have
missing files, extraneous files and other nastiness.

In other words: it's experimental ATM, OK?