opencrypto: Disallow requests which pass VERIFY_DIGEST without a MAC

Otherwise we can end up comparing the computed digest with an
uninitialized kernel buffer.

In cryptoaead_op() we already unconditionally fail the request if a
pointer to a digest buffer is not specified.

Based on a patch by Simran Kathpalia.

Reported by: syzkaller
Reviewed by: jhb
Pull Request: https://github.com/freebsd/freebsd-src/pull/529

(cherry picked from commit 7c2f227a17ded0934c5941c7911797edb7d770a2)