tls: Use SHA1 for sessionIdContext in FIPS mode

By default, a call to tls.createServer() without a sessionIdContext will use a “MD5 hash value generated from command-line” as per documentation.

In FIPS mode MD5 is not allowed, however createServer is often called without specifying an explicit sessionIdContext. A significant number of test cases and applications break. The simple solution is to to use an allowed hash function. I have chosen SHA1 and truncated the output to 128 bits (which is the hardcoded length required by OpenSSL’s SSL_MAX_SID_CTX_LENGTH).

Note that I have opted to maintain the use of MD5 in non-FIPS mode, and updated the documentation accordingly.