Add more support for treating AlgorithmIdentifier parameters in our providers

[levitte]

This involves:

• Writing a DER reader, 'cause we've chosen - for good reason - to avoid using crypto/asn1 code in our providers, especially FIPS

  (RSA-PSS params are not easy to handle any other way)

• Add code to handle the "alg_id_params" value in all implementations that needs it.

  In some cases, all that's needed is to verify that the value is NULL (some algorithms' specification say that AlgorithmIdentifier.parameters MUST be present and NULL)

Design ref: https://github.com/openssl/openssl/pull/22162

[levitte]

@nhorman, I mixed this up with #232. This is still in progress, so I put it back there