fix: do not use "digest and sign" for ML-DSA in FIPS mode

[lrstewart]

Release Summary:

Resolved issues:

resolves #5343

Description of changes:

The error from #5343 is actually related to signing, not to supporting / loading ML-DSA certificates. It just occurs during certificate loading because we perform a sign/verify operation to test the certificates.

The issue is that to support FIPS for RSA and ECDSA, we have to support a rather hacky "digest_and_sign" variation of signing. The same variation isn't required for ML-DSA, and won't actually work, hence the signing error in FIPS mode. The error didn't occur with the current validated version of AWS-LC-FIPS because that version of AWS-LC doesn't support ML-DSA at all.

The fix is fairly simple: don't use the "digest_and_sign" signing method when using ML-DSA + FIPS. Stick to the more standard "digest_then_sign" method.

Testing:

Our CI does not currently support a version of AWS-LC-FIPS that supports ML-DSA. @dougch is working on that.
In the meantime, I tested locally with the mainline version of AWS-LC built in FIPS mode (./codebuild/bin/install_awslc_fips.sh "$(mktemp -d)" test-deps/awslc-fips-next next from our build scripts).

Without this fix, s2n_handshake_test and s2n_mldsa_test failed with:

Error Message: 'error signing data'
 Debug String: 'Error encountered in /home/ubuntu/s2n-tls/crypto/s2n_pkey_evp.c:140'

which is the same error the customer observed in #5343.

With this fix, all tests pass.

Edit: @dougch also got s2n_handshake_test and s2n_mldsa_test passing in a Codebuild job (link) with the new version of awslc-fips and this fix. The build is failing because s2n_build_test needs to be updated to account for the new S2N_LIBCRYPTO value, but from the output you can see that all other tests pass.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[jakemas]

Looks good to me. For background, this is a consequence of how NIST has been standardizing pre-hash mode of late.