Prevent md5 from being used for cache hashing when in FIPS mode

[ywangd]

SP 800-52 approves that MD5 can be used with TLS and it is the only scenario where it is allowed. However, the BCFIPS library (and maybe other libraries) does not prevent it from being used in other places (there really is no reliable way to detect it). In our case, user can choose to use it as the caching algorithm. The usage includes CachingUsernamePasswordRealm, ApiKeyService and maybe some other places. It also can be used in the fingerprint ingest processor. We should fix them by either throwing error or fail to start.

In all the aforementioned places we should be checking the value of XPackSettings.FIPS_MODE_ENABLED in the current loaded settings ( i.e. by checking Environment#settings ) and throw an exception that would cause the component and the node to exit or print a warning in the logs if we want to be more tolerant.

[elasticmachine]

Pinging @elastic/es-security (Team:Security)

[n1v0lg]

As discussed on slack, FingerprintProcessor does not use the hash function in a security context, i.e., does not require a cryptographically secure hash function. Instead the hash function is used for content fingerprinting. As such this is outside of scope for FIPS and it does not make sense to include a warning here.