fips: upgrade self-test KATs to reduce SHA-1/SHA-224 usage
FIPS 140-3 IG states that SHA-224 needs standalone KAT, if it is
implemented without SHA-256. As OpenSSL implements SHA-256, upgrade
existing higher level KAT from SHA-224 to SHA-256 without adding
SHA-224 digest KAT.
Upgrade KATs that use SHA-1 to SHA-256, and add explicit SHA-1 KAT.
SHA-1 and SHA-224 are promised to be deprecated by 2030, as per draft
[NIST SP 800-131A Rev. 3](https://csrc.nist.gov/pubs/sp/800/131/a/r3/ipd).
With upgrades to these KATs it makes it easier to build a modules with
SHA-1 and SHA-224 marked as unapproved services, or removed
altogether.
Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28307)
projects / thirdparty / openssl.git / commit
