use crypto/sha256 for FIPS 140-2 compliance (#11623)

This commit replaces the usage of
github.com/minio/sha256-simd with crypto/sha256
of the standard library in all non-performance
critical paths.

This is necessary for FIPS 140-2 compliance which
requires that all crypto. primitives are implemented
by a FIPS-validated module.

Go can use the Google FIPS module. The boringcrypto
branch of the Go standard library uses the BoringSSL
FIPS module to implement crypto. primitives like AES
or SHA256.

We only keep github.com/minio/sha256-simd when computing
the content-SHA256 of an object. Therefore, this commit
relies on a build tag `fips`.

When MinIO is compiled without the `fips` flag it will
use github.com/minio/sha256-simd. When MinIO is compiled
with the fips flag (go build --tags "fips") then MinIO
uses crypto/sha256 to compute the content-SHA256.

pkg/event/target/kafka_scram_client.go

@@ -17,20 +17,19 @@
 package target
 
 import (
+	"crypto/sha256"
 	"crypto/sha512"
-	"hash"
 
-	"github.com/minio/sha256-simd"
 	"github.com/xdg/scram"
 )
 
 // KafkaSHA256 is a function that returns a crypto/sha256 hasher and should be used
 // to create Client objects configured for SHA-256 hashing.
-var KafkaSHA256 scram.HashGeneratorFcn = func() hash.Hash { return sha256.New() }
+var KafkaSHA256 scram.HashGeneratorFcn = sha256.New
 
 // KafkaSHA512 is a function that returns a crypto/sha512 hasher and should be used
 // to create Client objects configured for SHA-512 hashing.
-var KafkaSHA512 scram.HashGeneratorFcn = func() hash.Hash { return sha512.New() }
+var KafkaSHA512 scram.HashGeneratorFcn = sha512.New
 
 // XDGSCRAMClient implements the client-side of an authentication
 // conversation with a server.  A new conversation must be created for