Missing OpenSSL guards in common code

[SWilson4]

Calls to the OpenSSL EVP API are not being error-checked in the SHA2 code. We should be using the OQS_OPENSSL_GUARD macro here.

liboqs/src/common/sha2/sha2_ossl.c

Lines 16 to 25 in 4cc8884

	static void do_hash(uint8_t *output, const uint8_t *input, size_t inplen, const EVP_MD *md) {
	EVP_MD_CTX *mdctx;
	unsigned int outlen;
	mdctx = OSSL_FUNC(EVP_MD_CTX_new)();
	OQS_EXIT_IF_NULLPTR(mdctx, "OpenSSL");
	OSSL_FUNC(EVP_DigestInit_ex)(mdctx, md, NULL);
	OSSL_FUNC(EVP_DigestUpdate)(mdctx, input, inplen);
	OSSL_FUNC(EVP_DigestFinal_ex)(mdctx, output, &outlen);
	OSSL_FUNC(EVP_MD_CTX_free)(mdctx);
	}

We could also use the macro here instead of error-checking manually:

liboqs/src/common/rand/rand_nist.c

Lines 59 to 70 in 4cc8884

	/* Create and initialise the context */
	if (!(ctx = OSSL_FUNC(EVP_CIPHER_CTX_new)())) {
	handleErrors();
	}
	if (1 != OSSL_FUNC(EVP_EncryptInit_ex)(ctx, oqs_aes_256_ecb(), NULL, key, NULL)) {
	handleErrors();
	}
	if (1 != OSSL_FUNC(EVP_EncryptUpdate)(ctx, buffer, &len, ctr, 16)) {
	handleErrors();
	}

Reported by @trailofbits in Week 1 of their audit of liboqs.