The 19 level is the BORINGSSL_API_VERSION of the latest certified
BoringCrypto release. And users that pass-in repository override for
boringssl currently fail the build.

If one uses `build --override_repository=boringssl_fips=/usr/lib/boringssl-fips-static` to provide own build of BoringCrypto the build currently fails, as the desired function calls are not present.

This PR re-introduces partial code snippet that is present in 1.33 and earlier,
and was dropped in 1.34 development cycle. Meaning this PR is a
partial revert of e451caf

I have also recently backported compat support for fips-20230428 to
the releases 1.33, 1.32, 1.31. See #39823, #39824, #39825. And the
same patches works on 1.30 and 1.29. Meaning those PRs are partial backports of e451caf

Reading CMVP tea leaves, the BORINGSSL_API_VERSION of 32 will get
certification in January 2026, or earlier, meaning before 1.37
release.

Thus this is a request to keep build-time compat with fips-20230428 release
(BORINGSSL_API_VERSION 19) in the releases 1.34, 1.35 and 1.36.

This would enable all users, of all envoy version streams to upgrade
to fips-20230428 cert, and then continue to update their FedRAMP
autorisations to upgrade to BoringCrypto update stream.

Risk Level: Low
Testing: Compiled with override_repository pointing at BoringCrypto FIPS 2023042800
Fixes: #39822
Signed-off-by: Dimitri John Ledkov <[email protected]>