Story #3778: [Epic] As a user, I can run Pulp 3 in a FIPS-enabled environment
As a user, pulpcore itself is FIPS compatible
Currently pulp3 uses insecure checksums for data integrity purposes, for example when syncing EL5 content which only has md5 checksums available on EL5 systems so the repodata only has MD5. When Pulp is downloading it uses those md5 values to ensure the downloaded data is unmodified.
Mark the usage of insecure checksums in Pulp to not be used for security purposes using the Red Hat provided "usedforsecurity" flag.