ima-evm-utils: Support SM2/3 algorithm for sign and verify

Keep in sync with the kernel IMA, IMA signature tool supports SM2/3
algorithm combination. Because in the current version of OpenSSL 1.1.1,
the SM2 algorithm and the public key using the EC algorithm share the
same ID 'EVP_PKEY_EC', and the specific algorithm can only be
distinguished by the curve name used. This patch supports this feature.

Secondly, the openssl 1.1.1 tool does not fully support the signature
of SM2/3 algorithm combination, so the openssl3 tool is used in the
test case, and there is no this problem with directly calling the
openssl 1.1.1 API in evmctl.

Signed-off-by: Tianjia Zhang <tianjia.zhang@linux.alibaba.com>
[zohar@linux.ibm.com: "COMPILE_SSL: " -> "COMPILE_SSL=" in .travis.yml
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>

.github/workflows/ci.yml

@@ -17,6 +17,7 @@ jobs:
               ARCH: i386
               TSS: tpm2-tss
               VARIANT: i386
+              COMPILE_SSL: openssl-3.0.0-beta1
 
           # cross compilation builds
           - container: "debian:stable"
@@ -51,6 +52,7 @@ jobs:
             env:
               CC: clang
               TSS: ibmtss
+              COMPILE_SSL: openssl-3.0.0-beta1
 
           - container: "opensuse/leap"
             env:
@@ -61,6 +63,7 @@ jobs:
             env:
               CC: gcc
               TSS: ibmtss
+              COMPILE_SSL: openssl-3.0.0-beta1
 
           - container: "ubuntu:xenial"
             env:
@@ -115,6 +118,7 @@ jobs:
         INSTALL="${INSTALL%%/*}"
         if [ "$VARIANT" ]; then ARCH="$ARCH" ./ci/$INSTALL.$VARIANT.sh; fi
         ARCH="$ARCH" CC="$CC" TSS="$TSS" ./ci/$INSTALL.sh
+        if [ "$COMPILE_SSL" ]; then COMPILE_SSL="$COMPILE_SSL" ./tests/install-openssl3.sh; fi
 
     - name: Build swtpm
       run: |