This commit fixes the following failures in OpenSSL FIPS using the
`OPENSSL_FORCE_FIPS_MODE=1` in CentOS stream 9 non-FIPS OS environment.
```
$ cat /etc/redhat-release
CentOS Stream release 9
$ rpm -q openssl
openssl-3.0.7-24.el9.x86_64
$ pwd
/builddir/build/BUILD/ruby-3.1.2
$ make runruby 'TESTRUN_SCRIPT= \
-I/builddir/build/BUILD/ruby-3.1.2/tool/lib --enable-gems \
/builddir/build/SOURCES/test_openssl_fips.rb /builddir/build/BUILD/ruby-3.1.2 --verbose'
...
1) Failure:
OpenSSL::TestFIPS#test_fips_mode_get_with_fips_mode_set [/builddir/build/BUILD/ruby-3.1.2/test/openssl/test_fips.rb:38]:
assert_separately failed with error message
pid 2043890 exit 1
| /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `initialize': could not parse pkey (OpenSSL::PKey::DHError)
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `new'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `new'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:34:in `<class:SSLContext>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:20:in `<module:SSL>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:19:in `<module:OpenSSL>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:18:in `<top (required)>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl.rb:21:in `require_relative'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl.rb:21:in `<top (required)>'
| from -:in `require'
2) Failure:
OpenSSL::TestFIPS#test_fips_mode_get_is_true_on_fips_mode_enabled [/builddir/build/BUILD/ruby-3.1.2/test/openssl/test_fips.rb:12]:
assert_separately failed with error message
pid 2043891 exit 1
| /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `initialize': could not parse pkey (OpenSSL::PKey::DHError)
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `new'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/pkey.rb:132:in `new'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:34:in `<class:SSLContext>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:20:in `<module:SSL>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:19:in `<module:OpenSSL>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl/ssl.rb:18:in `<top (required)>'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl.rb:21:in `require_relative'
| from /builddir/build/BUILD/ruby-3.1.2/.ext/common/openssl.rb:21:in `<top (required)>'
| from -:in `require'
Finished tests in 0.154373s, 77.7337 tests/s, 369.2351 assertions/s.
12 tests, 57 assertions, 2 failures, 0 errors, 1 skips
ruby -v: ruby 3.1.2p20 (2022-04-12 revision 4491bb740a) [x86_64-linux]
make: *** [uncommon.mk:1249: runruby] Error 2
```
Note that we obverved the issue in RHEL 9.4 Beta non-FIPS OS environment too.
The error happened by applying the patch
ruby-3.3.0-openssl-3.2.0-fips-fix-pkey-read-in-openssl-3.patch
rewriting the `ossl_pkey_read_generic` properly.
The error didn't happen without the patch.
```
$ cat /etc/redhat-release
Red Hat Enterprise Linux release 9.4 Beta (Plow)
$ OPENSSL_FORCE_FIPS_MODE=1 bundle exec ruby -I./lib -e "require 'openssl'"
/builddir/work/ruby/openssl/lib/openssl/pkey.rb:132:in `initialize': could not parse pkey (OpenSSL::PKey::DHError)
from /builddir/work/ruby/openssl/lib/openssl/pkey.rb:132:in `new'
from /builddir/work/ruby/openssl/lib/openssl/pkey.rb:132:in `new'
from /builddir/work/ruby/openssl/lib/openssl/ssl.rb:34:in `<class:SSLContext>'
from /builddir/work/ruby/openssl/lib/openssl/ssl.rb:20:in `<module:SSL>'
from /builddir/work/ruby/openssl/lib/openssl/ssl.rb:19:in `<module:OpenSSL>'
from /builddir/work/ruby/openssl/lib/openssl/ssl.rb:18:in `<top (required)>'
from /builddir/work/ruby/openssl/lib/openssl.rb:21:in `require_relative'
from /builddir/work/ruby/openssl/lib/openssl.rb:21:in `<top (required)>'
from -e:1:in `require'
from -e:1:in `<main>'
```
Related: RHEL-5590