[BUG] FIPS mode uses non FIPS algorithms.

[dwoz]

Description

3006.x is supposed to fully support FIPS environments. It was discovered that non of our current crypto libraries (pycrypto, pycryptodome, or m2crypto) are fully capable of FIPS compliant for encryption, signing, and key serialization.

The work has been started to migrate to python cryptography for our main crypto library and cryptography is capable of running (and validating) the algorithms used in a FIPS environment. It's time to pull the plug on those older libraries.

• Make salt.crypt related bits use python cryptogrpahy.
• Add an option to specify a FIPS compliant algorithm where needed.
• Verify our test suite is properly validating FIPS compliance.

[dwoz]

This has been merged and will be in 3006.9