Move all ENGINE-based code into legacy-only modules and compile them only when GOST_ENABLE_LEGACY=1 is enabled

[VladGud]

Move all ENGINE-based code into legacy-only modules and compile them only when GOST_ENABLE_LEGACY=1 is enabled

Issue Summary

Refactor the codebase to isolate all ENGINE-based code into legacy-only modules that are compiled conditionally based on the GOST_ENABLE_LEGACY build flag. Move legacy compatibility glue for EVP_*_meth_* APIs to *_legacy.c files. Ensure that default builds exclude ENGINE dependencies, aligning with the removal of ENGINE APIs (§65–79).

Problem Description

The gost_eng.c file and related ENGINE registration code contain deprecated ENGINE APIs that are incompatible with OpenSSL builds disabling deprecated functionality. To prepare for OpenSSL 4.0 and maintain a clean provider-first architecture, all ENGINE code must be moved to optional legacy modules compiled only when explicitly enabled.

Current Implementation

• gost_eng.c contains ENGINE initialization, registration, and binding functions (populate_gost_engine, bind_gost_engine, ENGINE_load_gost, etc.)
• ENGINE methods are registered globally via ENGINE_register_* functions
• The file includes conditional compilation (#ifndef BUILDING_GOST_PROVIDER) but ENGINE code is still present in default builds
• Build system compiles gost_eng.c unconditionally, leading to ENGINE dependencies in all builds

Required Changes

1. Create legacy ENGINE module

• Create a new file gost_eng_legacy.c to house all ENGINE-based code
• Move functions like populate_gost_engine, bind_gost_engine, ENGINE_load_gost, and related ENGINE registration logic from gost_eng.c to gost_eng_legacy.c
• Move legacy compatibility glue for EVP_CIPHER_meth_*, EVP_MD_meth_*, EVP_PKEY_meth_*, and other EVP_*_meth_* APIs to *_legacy.c files (e.g., gost_crypt_legacy.c, gost_md_legacy.c, gost_pmeth_legacy.c)
• Retain only provider-compatible code (e.g., NID creation, if needed) in gost_eng.c or move to appropriate provider files

2. Update build system for conditional compilation

• Modify CMakeLists.txt to conditionally include gost_eng_legacy.c and *_legacy.c files only when GOST_ENABLE_LEGACY=ON
• Ensure gost_eng.c is compiled in all builds but stripped of ENGINE code
• Add build guards to prevent ENGINE code from being included in default builds

3. Isolate ENGINE dependencies

• Move ENGINE-specific includes and macros to gost_eng_legacy.c
• Ensure no ENGINE APIs are called in provider code paths
• Update any cross-references (e.g., from gost_prov.c) to avoid ENGINE dependencies

4. Preserve necessary functionality

• Move create_NIDs() and free_NIDs() to a shared location if needed by provider (e.g., gost_prov.c or a common file)
• Ensure provider initialization does not rely on ENGINE setup

5. Update documentation and scripts

• Modify build scripts and documentation to reflect the legacy flag requirement for ENGINE support

Files to Modify

• gost_eng.c: Remove ENGINE-based functions and move them to legacy file; retain only shared utilities like NID management
• gost_eng_legacy.c: New file containing all moved ENGINE code (populate_gost_engine, bind_gost_engine, ENGINE_load_gost, etc.)
• *_legacy.c: New files (e.g., gost_crypt_legacy.c, gost_md_legacy.c, gost_pmeth_legacy.c) for legacy compatibility glue
• CMakeLists.txt: Add conditional compilation for legacy files based on GOST_ENABLE_LEGACY
• gost_prov.c: Ensure no ENGINE calls remain; update initialization if needed
• README.md: Document the legacy flag and ENGINE support

Acceptance Criteria

• Default builds (without GOST_ENABLE_LEGACY) compile gost_eng.c without ENGINE code and do not link ENGINE libraries
• With GOST_ENABLE_LEGACY=ON, gost_eng_legacy.c and *_legacy.c files are compiled and ENGINE functionality is available
• Provider initializes and operates without ENGINE dependencies
• No ENGINE API calls in default build artifacts
• Legacy builds maintain full ENGINE compatibility

Testing

• Build and test provider without GOST_ENABLE_LEGACY: Ensure no ENGINE code is present, provider tests pass
• Build and test with GOST_ENABLE_LEGACY=ON: Ensure ENGINE tests pass and legacy functionality works
• Linker checks: Verify default builds do not include ENGINE symbols
• CI validation: Update workflows to test both modes