Remove Requires field because it breaks application build which checks TLS library independently.

This reverts commit 7c611382.

Reported by Peter Wu in:
https://github.com/curl/curl/pull/5443#issuecomment-633138665

Deal with initial_scid, retry_scid, and original_dcid.  We need to set
and get QUIC transport parameters timely manner.  Therefore, transport
parameter operations are now done by ngtcp2_crypto library.
Applications do not need to do set it manually.  Added several
callback function implementations to ngtcp2_crypto library which can
be directly passed to ngtcp2_callbacks: client_initial, recv_retry,
and recv_client_initial.  Installation of initial packet number space
encryption keys is now handled by ngtcp2_crypto library.  They are
done in ngtcp2_crypto_client_initial_cb, ngtcp2_crypto_recv_retry_cb
and ngtcp2_crypto_recv_client_initial_cb.

Prior to commit 4e955731, ngtcp2 was
built as shared library. That has changed into a static or shared
library depending on the BUILD_SHARED_LIBS option, but this option was
not documented and the comments were misleading. Rectify both issues.

Note that autotools builds both libraries by default, but the current
CMake config is only able to build one of them.

Static libraries have to be built as position-independent, otherwise
they cannot be linked into a shared library which is built
position-independent (-fPIC).

Without this, linking objects into libcurl.so fails with:

    /usr/bin/ld: libngtcp2.a(ngtcp2_conn.c.o): relocation R_X86_64_PC32 against symbol `__asan_option_detect_stack_use_after_return' can not be used when making a shared object; recompile with -fPIC

Until mainline support of QUIC are present in OpenSSL and GnuTLS, be
sure to test whether the found library versions are the patched ones
since the version number check is insufficient. This fixes the default
build on a system where a new GnuTLS is present without the patches from
the GnuTLS tmp-quic branch.

Add new ENABLE_OPENSSL and ENABLE_GNUTLS CMake options to allow
explicitly disabling these libraries to mirror the --without-openssl and
the --without-gnutls functionality of autotools.

Partially addresses https://github.com/ngtcp2/ngtcp2/issues/238

This commit separates key installation function into 2 and let TLS
stack install rx and tx keys separately for handshake and 1RTT keys.
This change is aligned to the new BoringSSL API and GnuTLS API.  I
expect that OpenSSL will follow this change.  It also removes side
argument from crypto API if it can be inferred by
ngtcp2_conn_is_server.

This adds a crypto backend based on GnuTLS.  While most of the
gnutls_* functions used in this backend are officially available in
upstream GnuTLS, the following functions are only available in the
'tmp-quic' branch, for ABI assurance reasons until the QUIC standard
is finalized:
- gnutls_handshake_write
- gnutls_quic_get_peer_transport_params

Signed-off-by: Daiki Ueno <dueno@redhat.com>
Signed-off-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>

Remove conn and user_data from encrypt/decrypt/hp_mask callbacks so
that they can be used without conn.

Fixes: https://github.com/ngtcp2/ngtcp2/issues/213

so that application is not bothered by another cryptic function.

* `ngtcp2_crypto_generate_stateless_reset_token` - Used to generate
  a stateless reset token as an HKDF extraction using the CID and
  a token secret as input.

Instead of installing key and iv with ngtcp2_conn_update_key, pass key
and iv buffers to ngtcp2_update_key and let application fill those
buffers.

When SSL_dl_handshake() returns either an SSL_ERROR_WANT_CLIENT_HELLO_CB
or SSL_ERROR_WANT_X509_LOOKUP, return specific error codes rather than
-1 so that those conditions can be differentiated and handled
appropriately