This bug was initially created as a copy of Bug #2104724

I am copying this bug because: we also need this in RHEL 9, OpenJDK 11

As analyzed in OPENJDK-824 [1], NSS doesn't support wrapping/unwrapping of Diffie-Hellman private keys (CKK_DH), so we can't import/export them from the NSS PKCS#11 software token.

In addition, as part of Bug 2023467 work, we started to blindly consider a private key extractable when the plain key support is enabled [2], preventing DH private keys from being instantiated as the opaque P11PrivateKey. This now causes an error, as an attempt is made to extract these keys when instantiating the P11DHPrivateKey full-data object.

This work:
1. Avoids the import/export of DH private keys, going back to the opaque P11PrivateKey for them (instead of P11DHPrivateKey)
2. Removes the useless code from the FIPS key importer (Bug 1994682), which hasn't triggered any issue, but it will never work
• NOTE: the FIPS key exporter doesn't have code to handle CKK_DH private keys.

[1] https://issues.redhat.com/browse/OPENJDK-824?focusedCommentId=20495041&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-20495041
[2] https://github.com/rh-openjdk/jdk/commit/bd324bda437a924e58730cc67c133275e8203780#diff-8f7a3a78c41a81cc7d6198037c7cdaf5fc42d3536921d3751d8bbb681265dbe8R387-R388