Replace current implementations in crypt() and gen_salt() to OpenSSL

Hi
This is Shibagaki.

When FIPS mode is enabled, some encryption algorithms cannot be used.
Since PostgreSQL15, pgcrypto requires OpenSSL[1], digest() and other functions
also follow this policy.

However, crypt() and gen_salt() do not use OpenSSL as mentioned in [2].
Therefore, if we run crypt() and gen_salt() on a machine with FIPS mode enabled,
they are not affected by FIPS mode. This means we can use encryption algorithms
disallowed in FIPS.

I would like to change the proprietary implementations of crypt() and gen_salt()
to use OpenSSL API.
If it's not a problem, I am going to create a patch, but if you have a better
approach, please let me know.

Thank you

[1] https://github.com/postgres/postgres/commit/db7d1a7b0530e8cbd045744e1c75b0e63fb6916f
[2] https://peter.eisentraut.org/blog/2023/12/05/postgresql-and-fips-mode

crypt() and gen_salt() are performed on in example below.

/////

-- OS RHEL8.6

$openssl version
OpenSSL 1.1.1k FIPS 25 Mar 2021

$fips-mode-setup --check
FIPS mode is enabled.

$./pgsql17/bin/psql
psql (17devel)
Type "help" for help.

postgres=# SHOW server_version;
server_version
----------------
17devel
(1 row)

postgres=# SELECT digest('data','md5');
ERROR: Cannot use "md5": Cipher cannot be initialized

postgres=# SELECT crypt('new password',gen_salt('md5')); -- md5 is not available when fips mode is turned on. This is a normal behavior
ERROR: crypt(3) returned NULL

postgres=# SELECT crypt('new password',gen_salt('des')); -- however, des is avalable. This may break a FIPS rule
crypt
---------------
32REGk7H6dSnE
(1 row)

/////

FYI - OpenSSL itself cannot use DES algorithm while encrypting files. This is an expected behavior.

-----------------------------------------------
Fujitsu Limited
Shibagaki Koshi
shibagaki(dot)koshi(at)fujitsu(dot)com