events: emit on_key_exchange_group event

[WesleyRosenblum]

Release Summary:

• Adds on_key_exchange_group event to indicate the key exchange group negotiated during the TLS handshake. The event also indicates if a key encapsulation mechanism was part of the group by setting contains_kem to true.

Resolved issues:

resolves #2523

Description of changes:

This change uses the new s2n-tls API added in aws/s2n-tls#5209 to emit a new event on_key_exchange_group to indicate the key exchange group negotiated during the TLS handshake. The event also indicates if a key encapsulation mechanism was part of the group by setting contains_kem to true.

Call-outs:

rustls does not have a built in way to indicate if the named group contains a KEM, so I had to parse the string for kem. I can follow up with an issue or PR to rustls to add this functionality

I updated #[cfg(s2n_quic_enable_pq_tls)] static DEFAULT_POLICY: &s2n_tls::security::Policy as the existing TESTING_PQ policy is deprecated and no longer builds.

rustls uses capitalization for named groups that differs from the IANA specification (X25519 for example), so I'm ignoring capilization in the PartialEq impl:

thread 'tests::rustls_client_s2n_server_resumption_test' panicked at /home/runner/work/s2n-quic/s2n-quic/quic/s2n-quic-core/src/crypto/tls/testing.rs:482:9:
assertion `left == right` failed: key_exchange_group is not consistent between endpoints
  left: Some(NamedGroup { group_name: "X25519", contains_kem: false })
 right: Some(NamedGroup { group_name: "x25519", contains_kem: false })

Testing:

Updated existing tests

Observed example code emitting the event:

0.034798792s s2n_quic:client:conn: key_exchange_group: chosen_group_name="X25519MLKEM768" contains_kem=true id=0

9.003157875s s2n_quic:server:conn: key_exchange_group: chosen_group_name="X25519MLKEM768" contains_kem=true id=0

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.