md: Make SHA-1 non-FIPS internally for 1.12 API.

* src/gcrypt.h.in (GCRY_FIPS_FLAG_REJECT_MD_SHA1): New.
* cipher/md.c (check_digest_algo_spec, _gcry_md_open, md_enable)
(_gcry_md_enable, md_copy): Care about SHA1.
* cipher/sha1.c (_gcry_digest_spec_sha1): Make SHA1 non-FIPS.
* tests/t-fips-service-ind.c (check_mac_o_w_r_c): SHA1 is non-FIPS.
(check_md_o_w_r_c, check_hash_buffer, check_hash_buffers): Likewise.
(main): Add GCRY_FIPS_FLAG_REJECT_MD_SHA1 for gcry_control.

For 1.10 ABI (which 1.11 keeps), SHA1 is an approved hash function
(while its use in public key crypto is non-FIPS).

For 1.12 API, the dynamic FIPS service indicator is going to be added.

In 1.11.1 implementation, we are trying to support 1.12 dynamic FIPS
service indicator in forward-compatible way. For this purpose,
internally, it's specified as non-FIPS in _gcry_digest_spec_sha1.

Note that update for tests/basic.c and tests/pkcs1v2.c are needed to
use SHA256 (or one of approved hash functions) in 1.12, so that test
program can be a reference for programmers.

• Co-authored-by: Lucas Mulling <lucas.mulling@suse.com>
• Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>