Since the TF-A 2.7 release, the tools OpenSSL
API version were upgraded to 3.0+.
The git commit states "compatible with openssl 3.0", but in
fact forces host to upgrade because the new API calls are
obviously not not available in older releases.
I think this is way premature, since 1.1.1 is fully
supported atleast one more year.
And even then, there is no need to force the API upgrade
since that will be supported for an even longer time.
There are a lot of builds/buildenvs out there that might be interested
in a TF-A update, but rely on openssl 1.1.1-series.
I don't see any real benefits beside some code simplification,
which is nice and all, but excludes a lot of envs.
I can't build this on a plain Ubuntu 20.04 (without extra upgrades).
I don't mind TF-A having OpenSSL 3.0 compatibility,
but I don't think a forced API upgrade this early on is the way to go.