various fips patches

[nkraetzschmar]

Various FIPS-related patches:

• 0037-FIPS-ECDSA-allow-truncated-SHA512.patch: Stop reporting SHA2-512/224 and SHA2-512/256 as unapproved for ECDSA, they are FIPS 186-5 approved.
• 0038-FIPS-TDES-decrypt-disallow.patch: Flag Triple-DES decryption as legacy-use only; new tdes-decrypt-disabled config flag, KAT-safe.
• 0039-FIPS-RSA-no-padding-sign-indicator.patch: Gate RSA signing with RSA_NO_PADDING through the existing rsa_no_padding_disabled indicator.
• 0040-FIPS-ML-KEM-zeroize-intermediate-buffers.patch: Cleanse intermediate buffers in encap(), encrypt_cpa(), cbd_2/3(), gencbd_vector{,_ntt}(), case_decap, and the decap catastrophic-error path.
• 0041-FIPS-RSA-X931-verify-disallow.patch: Extend the X9.31 padding indicator to RSA verify operations.
• 0042-FIPS-RSA-verify-min-modulus-indicator.patch: Flag RSA verify with moduli below 2048 bits via a new rsa-verify-min-modulus-disabled indicator.
• 0043-FIPS-ECDSA-P192-verify-disallow.patch: Flag ECDSA verify on P-192 via a new ecdsa-p192-verify-disabled indicator.
• 0044-FIPS-ML-KEM-encap-key-check.patch: Re-assert public-key coefficient range at ossl_ml_kem_encap_seed() entry per FIPS 203 §7.2.
• 0045-FIPS-ML-KEM-decap-key-check.patch: Recompute and verify H(ek) == key->pkhash at ossl_ml_kem_decap() entry per FIPS 203 §7.3.

Findings addressed

Finding	Patches
14 — ML-KEM encapsulation key check	0044
15 — ML-KEM decapsulation key/ciphertext check	0045
16 — ML-KEM intermediate-value zeroizations	0040
29 — Legacy-use indicators (TDES decrypt, RSA <2048 verify, RSA X9.31 verify, ECDSA P-192 verify)	0038, 0041, 0042, 0043 (DSA-sigVer sub-item already covered by 0028)
30 — IG 2.4.B CVL primitives	0039 (RSA-decrypt no-padding and ECDSA-sigGen-component sub-items already covered by 0032 and 0034)
31 — ECDSA truncated SHA-512 wrongly non-approved	0037