Add Xmlsec to our CI

[smittals2]

Issues:

2909

Description of changes:

Add xmlsec to our CI

Call-outs:

2 callouts regarding the patch file:

1. we lower the overall percentage of tests required to succeed with openSSL. Xmlsec verifies the percentage of tests that passed as an additional check. Skipped tests can skew this (and we skip a bunch because of missing features like ossl_store).
2. 10 tests are commented out in the Xmlsec test suite. These 10 tests all have certs that use MD5 digests. AWS-LC rejects these certs by default. OS level patching of OpenSSL adds support for OPENSSL_ENABLE_MD5_VERIFY to allow validating these certs. We don't support this in AWS-LC. I have verified that these 10 tests pass if we were to start accepting md5 digests.

Testing:

How is this change tested (unit tests, fuzz tests, etc.)? Are there any testing steps to be verified by the reviewer?

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 78.76%. Comparing base (38369db) to head (24319bf).
Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2333   +/-   ##
=======================================
  Coverage   78.76%   78.76%           
=======================================
  Files         620      620           
  Lines      107961   107961           
  Branches    15331    15330    -1     
=======================================
+ Hits        85033    85034    +1     
+ Misses      22273    22268    -5     
- Partials      655      659    +4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.