First release, based on OpenSSL 3.6.0.

Changes from YuOpenSSL-3.5:

• Added support for EVP_SKEY opaque symmetric key objects to the key derivation and key exchange provider methods. Added EVP_KDF_CTX_set_SKEY, EVP_KDF_derive_SKEY, and EVP_PKEY_derive_SKEY functions.
• Added i2d_PKCS8PrivateKey API to complement i2d_PrivateKey, the former always outputs PKCS#8.
• Added NIST security categories for PKEY objects.
• Added notification when all stream FINs are acknowledged in QUIC. Once final FINs are ACKed, the channel transitions to terminating and SSL_poll signals completion. This allows applications to progress shutdown reliably.
• Added array memory allocation routines, i.e. CRYPTO_malloc_array.
• Fixed behavior change of EC keygen by adding the generic error entry if the provider did not itself add an error entry onto the queue. That way, there always is an error on the error queue in case of a failure, but no behavior change in case the provider emitted the error entry itself.
• Extended new CRYPTO_THREAD_get_local / CRYPTO_THREAD_set_local API to reduce the usage of OS thread-local variables.
• Refactored OSSL_PARAM name parsing so that automatically generated parsers are used instead of OSSL_PARAM_locate calls. This should also ensure that the list of acceptable parameters better matches those which are actually processed. It should also provide a small performance improvement, because repeated iteration over passed parameter arrays is avoided.
• Introduced SSL_OP_SERVER_PREFERENCE, superseding misleadingly named SSL_OP_CIPHER_SERVER_PREFERENCE.
• Added LMS signature verification support.
• Relaxed the path check in OpenSSL's file: scheme implementation for OSSL_STORE_open and friends. Previously, when the file: scheme is an explicit part of the URI, our implementation required an absolute path, such as file:/path/to/file.pem. This requirement is now relaxed, allowing file:path/to/file.pem, as well as file:file.pem.
• Added support for setting a free function thunk to OPENSSL_STACK_ptr stack types. Using a thunk allows the type specific free function to be called with the correct type information from generic functions like OPENSSL_sk_pop_free.
• Changed default EC point formats configuration to support only 'uncompressed' format, and added SSL_OP_LEGACY_EC_POINT_FORMATS flag and options to re-enable previous default, if required.
• Increased PKCS#12 default macsaltlen from 8 to 16, as, per NIST SP 800-132.
• Added X509_CRL_get0_tbs_sigalg accessor for the signature lgorithmIdentifier inside CRL's TBSCertList.
• Added OIDS for HKDFs with SHA-256, SHA-384, and SHA-512. Added ability to load HKDF configured with these explicit digests by name or OID.

Update the Brotli built-in decompressor to v1.2.0, with reduced binary size.