Accepting request 1284327 from devel:libraries:c_c++

OBS-URL: https://build.opensuse.org/request/show/1284327 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libgcrypt?expand=0&rev=109
Accepting request 1276114 from devel:libraries:c_c++
2025-06-12 13:52:18 +00:00 · 2025-05-12 14:46:49 +00:00 · 2025-05-09 08:27:38 +00:00 · 2025-05-08 17:28:12 +00:00 · 2025-05-07 17:14:32 +00:00 · 2025-05-06 07:37:32 +00:00
55 changed files with 0 additions and 10281 deletions
--- a/libgcrypt-1.10.3.tar.bz2
+++ b/libgcrypt-1.10.3.tar.bz2
--- a/libgcrypt-1.10.3.tar.bz2.sig
+++ b/libgcrypt-1.10.3.tar.bz2.sig
--- a/libgcrypt-1.11.0.tar.bz2
+++ b/libgcrypt-1.11.0.tar.bz2
--- a/libgcrypt-1.11.0.tar.bz2.sig
+++ b/libgcrypt-1.11.0.tar.bz2.sig
--- a/libgcrypt-Chacha20-poly1305-Optimized-chacha20-poly1305.patch
+++ b/libgcrypt-Chacha20-poly1305-Optimized-chacha20-poly1305.patch
--- a/libgcrypt-Disable-SHA3-s390x-acceleration-for-CSHAKE.patch
+++ b/libgcrypt-Disable-SHA3-s390x-acceleration-for-CSHAKE.patch
@@ -1,61 +0,0 @@
-From 2486d9b5ae015c1786cb84466a751da4bc0d7122 Mon Sep 17 00:00:00 2001
-From: Jussi Kivilinna <jussi.kivilinna@iki.fi>
-Date: Thu, 20 Jun 2024 20:10:09 +0300
-Subject: Disable SHA3 s390x acceleration for CSHAKE
-
-* cipher/keccak.c (keccak_final_s390x): Add assert check for
-expected SHAKE suffix.
-(_gcry_cshake_customize, cshake_hash_buffers): Disable s390x
-acceleration when selecting CSHAKE suffix.
--
-
-Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
-
-diff --git a/cipher/keccak.c b/cipher/keccak.c
-index aaf83a62..44cc9f71 100644
--- a/cipher/keccak.c
-+++ b/cipher/keccak.c
-@@ -745,6 +745,8 @@ keccak_final_s390x (void *context)
-     }
-   else
-     {
-+      gcry_assert(ctx->suffix == SHAKE_DELIMITED_SUFFIX);
-+
-       klmd_shake_execute (ctx->kimd_func, &ctx->state, NULL, 0, ctx->buf,
- 			  ctx->count);
-       ctx->count = 0;
-@@ -1497,9 +1499,14 @@ _gcry_cshake_customize (void *context, struct gcry_cshake_customization *p)
-     /* No customization */
-     return 0;
- 
-+  ctx->suffix = CSHAKE_DELIMITED_SUFFIX;
-+#ifdef USE_S390X_CRYPTO
-+  /* CSHAKE suffix is not supported by s390x/kimd. */
-+  ctx->kimd_func = 0;
-+#endif
-+
-   len_written = cshake_input_n (ctx, p->n, p->n_len);
-   cshake_input_s (ctx, p->s, p->s_len, len_written);
-  ctx->suffix = CSHAKE_DELIMITED_SUFFIX;
-   return 0;
- }
- 
-@@ -1536,9 +1543,14 @@ cshake_hash_buffers (const gcry_md_spec_t *spec, void *outbuf, size_t nbytes,
-           size_t s_len = iov[1].len;
-           size_t len;
- 
-+          ctx.suffix = CSHAKE_DELIMITED_SUFFIX;
-+#ifdef USE_S390X_CRYPTO
-+          /* CSHAKE suffix is not supported by s390x/kimd. */
-+          ctx.kimd_func = 0;
-+#endif
-+
-           len = cshake_input_n (&ctx, n, n_len);
-           cshake_input_s (&ctx, s, s_len, len);
-          ctx.suffix = CSHAKE_DELIMITED_SUFFIX;
-         }
-       iovcnt -= 2;
-       iov += 2;
-- 
-2.49.0
-
--- a/libgcrypt-Fix-the-previous-change.patch
+++ b/libgcrypt-Fix-the-previous-change.patch
@@ -1,45 +0,0 @@
-From b4eb23dc01a40e13d542fbfc5169dffa7fae5677 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 19 Dec 2024 14:16:02 +0900
-Subject: [PATCH 13/19] Fix the previous change.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/pubkey.c (_gcry_pk_sign_md): Fix memory leak.
-(_gcry_pk_verify_md): Likewise.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/pubkey.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/cipher/pubkey.c b/cipher/pubkey.c
-index 11bf1ec9..4d7743cc 100644
--- a/cipher/pubkey.c
-+++ b/cipher/pubkey.c
-@@ -626,7 +626,7 @@ _gcry_pk_sign_md (gcry_sexp_t *r_sig, const char *tmpl, gcry_md_hd_t hd_orig,
-   else if (!spec->flags.fips && fips_mode ())
-     {
-       if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-        return GPG_ERR_PUBKEY_ALGO;
-+        rc = GPG_ERR_PUBKEY_ALGO;
-       else
-         fips_service_indicator_mark_non_compliant ();
-     }
-@@ -708,7 +708,7 @@ _gcry_pk_verify_md (gcry_sexp_t s_sig, const char *tmpl, gcry_md_hd_t hd_orig,
-   else if (!spec->flags.fips && fips_mode ())
-     {
-       if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-        return GPG_ERR_PUBKEY_ALGO;
-+        rc = GPG_ERR_PUBKEY_ALGO;
-       else
-         fips_service_indicator_mark_non_compliant ();
-     }
-- 
-2.49.0
-
--- a/libgcrypt-build-Improve-__thread-specifier-check.patch
+++ b/libgcrypt-build-Improve-__thread-specifier-check.patch
@@ -1,41 +0,0 @@
-From 42e8858566e32080aaf818b168f34c698a9ef084 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 9 Jan 2025 10:15:50 +0900
-Subject: [PATCH 1/1] build: Improve __thread specifier check.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* configure.ac (AC_COMPILE_IFELSE __thread): Move the declaration to
-global, referring the variable with (void) in main to avoid an error
-buidling with -Werror=unused-variable.  Don't need to include
-stdlib.h.
-
--
-
-Reported-by: Lucas Mulling <lucas.mulling@suse.com>
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- configure.ac | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/configure.ac b/configure.ac
-index d708f89a..f38e20c5 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -1495,8 +1495,9 @@ fi
- AC_CACHE_CHECK([whether compiler supports '__thread' storage class specifier],
-        [gcry_cv_gcc_storage_class__thread],
-        [gcry_cv_gcc_storage_class__thread=no
-        AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <stdlib.h>],
-          [static  __thread  int bar;]
-+        AC_COMPILE_IFELSE([AC_LANG_PROGRAM(
-+          [[static __thread int bar;]],
-+          [[(void)bar;]]
-           )],
-           [gcry_cv_gcc_storage_class__thread=yes])])
- if test "$gcry_cv_gcc_storage_class__thread" = "yes" ; then
-- 
-2.49.0
-
--- a/libgcrypt-cipher-Add-KAT-for-non-rfc6979-ECDSA-with-fixed-k.patch
+++ b/libgcrypt-cipher-Add-KAT-for-non-rfc6979-ECDSA-with-fixed-k.patch
@@ -1,94 +0,0 @@
-From be57179f42f8a7cb64f72f73ccea753400573b4f Mon Sep 17 00:00:00 2001
-From: Lucas Mulling via Gcrypt-devel <gcrypt-devel@gnupg.org>
-Date: Wed, 26 Feb 2025 12:29:53 -0300
-Subject: [PATCH 02/14] cipher: Add KAT for non-rfc6979 ECDSA with fixed k
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/ecc.c (run_selftests): Implement KAT for non-deterministic
-ECDSA.
-* cipher/ecc. (rfc6979_ecdsa_sample_data, rfc6979_ecdsa_sample_data_bad,
-rfc6979_ecdsa_data_tmpl): New.
-
-Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/ecc.c | 40 +++++++++++++++++++++++++++++++++++++---
- 1 file changed, 37 insertions(+), 3 deletions(-)
-
-diff --git a/cipher/ecc.c b/cipher/ecc.c
-index 525523ed..d331a014 100644
--- a/cipher/ecc.c
-+++ b/cipher/ecc.c
-@@ -93,23 +93,47 @@ static const char ecdsa_sample_secret_key_secp256[] =
-   /**/  "7903FE1008B8BC99A41AE9E95628BC64F2F1B20C2D7E9F5177A3C294D4462299#)))";
- 
- /* Sample data from RFC 6979 section A.2.5, hash is of message "sample" */
-static const char ecdsa_sample_data[] =
-+static const char rfc6979_ecdsa_sample_data[] =
-   "(data (flags rfc6979 prehash)"
-   " (hash-algo sha256)"
-   " (value 6:sample))";
- 
-static const char ecdsa_sample_data_bad[] =
-+static const char rfc6979_ecdsa_sample_data_bad[] =
-   "(data (flags rfc6979)"
-   " (hash sha256 #bf2bdbe1aa9b6ec1e2ade1d694f41fc71a831d0268e98915"
-   /**/           "62113d8a62add1bf#))";
- 
-+static const char *rfc6979_ecdsa_data_tmpl =
-+  "(data (flags rfc6979)"
-+  " (hash %s %b))";
-+
-+/*
-+ * Sample data from RFC 6979 section A.2.5, with fixed k,
-+ * hash is of message "sample".
-+ */
-+static const char ecdsa_sample_data[] =
-+  "(data (flags raw prehash)"
-+  " (label #A6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60#)"
-+  " (hash-algo sha256)"
-+  " (value 6:sample))";
-+
-+static const char ecdsa_sample_data_bad[] =
-+  "(data (flags raw)"
-+  " (label #A6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60#)"
-+  " (hash sha256 #bf2bdbe1aa9b6ec1e2ade1d694f41fc71a831d0268e98915"
-+  /**/           "62113d8a62add1bf#))";
-+
-+static const char *ecdsa_data_tmpl =
-+  "(data (flags raw)"
-+  " (label #A6E3C57DD01ABE90086538398355DD4C3B17AA873382B0F24D6129493D8AAD60#)"
-+  " (hash %s %b))";
-+
- static const char ecdsa_signature_r[] =
-   "efd48b2aacb6a8fd1140dd9cd45e81d69d2c877b56aaf991c34d0ea84eaf3716";
- 
- static const char ecdsa_signature_s[] =
-   "f7cb1c942d657c41d436c7a1b6e29f65f3e900dbb9aff4064dc4ab2f843acda8";
- 
-static const char *ecdsa_data_tmpl = "(data (flags rfc6979) (hash %s %b))";
- /* Sample data from RFC 6979 section A.2.5, hash is of message "sample" */
- static const char ecdsa_sample_data_string[] = "sample";
- static const char ecdsa_sample_data_bad_string[] = "sbmple";
-@@ -2409,6 +2433,16 @@ run_selftests (int algo, int extended, selftest_report_func_t report)
-   if (r)
-     return r;
- 
-+  r = selftests_ecc (report, extended, 0,
-+                     ecdsa_sample_secret_key_secp256,
-+                     ecdsa_sample_public_key_secp256,
-+                     rfc6979_ecdsa_sample_data, rfc6979_ecdsa_sample_data_bad,
-+                     rfc6979_ecdsa_data_tmpl,
-+                     ecdsa_sample_data_string, ecdsa_sample_data_bad_string,
-+                     ecdsa_signature_r, ecdsa_signature_s);
-+  if (r)
-+    return r;
-+
-   r = selftests_ecc (report, extended, 1,
-                      ed25519_sample_secret_key,
-                      ed25519_sample_public_key,
-- 
-2.49.0
-
--- a/libgcrypt-cipher-Check-and-mark-non-compliant-cipher-modes-in-the-SLI.patch
+++ b/libgcrypt-cipher-Check-and-mark-non-compliant-cipher-modes-in-the-SLI.patch
@@ -1,236 +0,0 @@
-From 9f0fd2656d7d7ba26fcf95cc64d2514ae9ac8ec1 Mon Sep 17 00:00:00 2001
-From: Lucas Mulling <lucas.mulling@suse.com>
-Date: Fri, 24 Jan 2025 09:57:49 -0300
-Subject: [PATCH] cipher: Check and mark non-compliant cipher modes in the SLI
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/cipher.c (_gcry_cipher_open_internal): Check and mark if the
-cipher mode is compliant and reject accordingly.
-(_gcry_cipher_is_mode_fips_compliant): New.
-* src/gcrypt.h.in (GCRY_FIPS_FLAG_REJECT_CIPHER_MODE): New.
-* tests/t-fips-service-ind.c (check_cipher_o_s_e_d_c): Add test to
-verify that the service level indication is correctly set for non-
-compliant cipher modes, and correctly rejected if
-GCRY_FIPS_FLAG_REJECT_CIPHER_MODE is set.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/cipher.c            | 43 ++++++++++++++++++----
- src/gcrypt.h.in            |  1 +
- tests/t-fips-service-ind.c | 74 +++++++++++++++++++++++++++++++++-----
- 3 files changed, 104 insertions(+), 14 deletions(-)
-
-diff --git a/cipher/cipher.c b/cipher/cipher.c
-index 74dc2df7..b5420671 100644
--- a/cipher/cipher.c
-+++ b/cipher/cipher.c
-@@ -504,6 +504,26 @@ _gcry_cipher_open (gcry_cipher_hd_t *handle,
-   return rc;
- }
- 
-+int
-+_gcry_cipher_is_mode_fips_compliant(int mode)
-+{
-+  switch (mode)
-+    {
-+    case GCRY_CIPHER_MODE_ECB:
-+    case GCRY_CIPHER_MODE_CBC:
-+    case GCRY_CIPHER_MODE_CFB:
-+    case GCRY_CIPHER_MODE_CFB8:
-+    case GCRY_CIPHER_MODE_OFB:
-+    case GCRY_CIPHER_MODE_CTR:
-+    case GCRY_CIPHER_MODE_CCM:
-+    case GCRY_CIPHER_MODE_XTS:
-+    case GCRY_CIPHER_MODE_AESWRAP:
-+      return GPG_ERR_NO_ERROR;
-+    default:
-+      return GPG_ERR_NOT_SUPPORTED;
-+    }
-+}
-+
- 
- gcry_err_code_t
- _gcry_cipher_open_internal (gcry_cipher_hd_t *handle,
-@@ -523,14 +543,25 @@ _gcry_cipher_open_internal (gcry_cipher_hd_t *handle,
-     err = GPG_ERR_CIPHER_ALGO;
-   else if (spec->flags.disabled)
-     err = GPG_ERR_CIPHER_ALGO;
-  else if (!spec->flags.fips && fips_mode ())
-+  else if (fips_mode ())
-     {
-      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_CIPHER))
-        err = GPG_ERR_CIPHER_ALGO;
-      else
-+      if (!spec->flags.fips)
-         {
-          fips_service_indicator_mark_non_compliant ();
-          err = 0;
-+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_CIPHER))
-+            err = GPG_ERR_CIPHER_ALGO;
-+          else
-+            {
-+              fips_service_indicator_mark_non_compliant ();
-+              err = 0;
-+            }
-+        }
-+      else if ((err = _gcry_cipher_is_mode_fips_compliant(mode)))
-+        {
-+          if (!fips_check_rejection (GCRY_FIPS_FLAG_REJECT_CIPHER_MODE))
-+            {
-+              fips_service_indicator_mark_non_compliant ();
-+              err = 0;
-+            }
-         }
-     }
-   else
-diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
-index fcb6a327..1a6f7269 100644
--- a/src/gcrypt.h.in
-+++ b/src/gcrypt.h.in
-@@ -1988,6 +1988,7 @@ char *gcry_get_config (int mode, const char *what);
- #define GCRY_FIPS_FLAG_REJECT_PK            (1 << 5)
- #define GCRY_FIPS_FLAG_REJECT_PK_MD         (1 << 6)
- #define GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2   (1 << 7)
-+#define GCRY_FIPS_FLAG_REJECT_CIPHER_MODE   (1 << 8)
- 
- #define GCRY_FIPS_FLAG_REJECT_MD \
-   (GCRY_FIPS_FLAG_REJECT_MD_MD5 | GCRY_FIPS_FLAG_REJECT_MD_OTHERS)
-diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
-index fe963fa5..74521bb3 100644
--- a/tests/t-fips-service-ind.c
-+++ b/tests/t-fips-service-ind.c
-@@ -606,27 +606,41 @@ check_cipher_o_s_e_d_c (int reject)
- {
-   static struct {
-     int algo;
-+    int mode;
-     const char *key;
-     int keylen;
-+    const char *tag;
-+    int taglen;
-     const char *expect;
-     int expect_failure;
-   } tv[] = {
- #if USE_DES
-      { GCRY_CIPHER_3DES,
-	"\xe3\x34\x7a\x6b\x0b\xc1\x15\x2c\x64\x2a\x25\xcb\xd3\xbc\x31\xab"
-	"\xfb\xa1\x62\xa8\x1f\x19\x7c\x15", 24,
-        "\x3f\x1a\xb8\x83\x18\x8b\xb5\x97", 1 },
-+   { GCRY_CIPHER_3DES, GCRY_CIPHER_MODE_ECB,
-+	 "\xe3\x34\x7a\x6b\x0b\xc1\x15\x2c\x64\x2a\x25\xcb\xd3\xbc\x31\xab"
-+	 "\xfb\xa1\x62\xa8\x1f\x19\x7c\x15", 24,
-+     "", -1,
-+     "\x3f\x1a\xb8\x83\x18\x8b\xb5\x97", 1 },
- #endif
-      { GCRY_CIPHER_AES,
-	"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16,
-        "\x5c\x71\xd8\x5d\x26\x5e\xcd\xb5\x95\x40\x41\xab\xff\x25\x6f\xd1" }
-+   { GCRY_CIPHER_AES, GCRY_CIPHER_MODE_ECB,
-+	 "\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16,
-+     "", -1,
-+     "\x5c\x71\xd8\x5d\x26\x5e\xcd\xb5\x95\x40\x41\xab\xff\x25\x6f\xd1" },
-+   { GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_SIV,
-+	 "\xff\xfe\xfd\xfc\xfb\xfa\xf9\xf8\xf7\xf6\xf5\xf4\xf3\xf2\xf1\xf0"
-+	 "\xf0\xf1\xf2\xf3\xf4\xf5\xf6\xf7\xf8\xf9\xfa\xfb\xfc\xfd\xfe\xff", 32,
-+     "\x51\x66\x54\xc4\xe1\xb5\xd9\x37\x31\x52\xdb\xea\x35\x10\x8b\x7b", 16,
-+     "\x83\x69\xf6\xf3\x20\xff\xa2\x72\x31\x67\x15\xcf\xf4\x75\x01\x9a", 1 }
-   };
-+
-   const char *pt = "Shohei Ohtani 2024: 54 HR, 59 SB";
-   int ptlen;
-   int tvidx;
-   unsigned char out[MAX_DATA_LEN];
-   gpg_error_t err;
- 
-+  unsigned char tag[16];
-+  size_t taglen = 0;
-+
-   ptlen = strlen (pt);
-   assert (ptlen == 32);
-   for (tvidx=0; tvidx < DIM(tv); tvidx++)
-@@ -640,10 +654,12 @@ check_cipher_o_s_e_d_c (int reject)
-                  tvidx);
- 
-       blklen = gcry_cipher_get_algo_blklen (tv[tvidx].algo);
-+
-       assert (blklen != 0);
-       assert (blklen <= ptlen);
-       assert (blklen <= DIM (out));
-      err = gcry_cipher_open (&h, tv[tvidx].algo, GCRY_CIPHER_MODE_ECB, 0);
-+      assert (tv[tvidx].taglen <= 16);
-+      err = gcry_cipher_open (&h, tv[tvidx].algo, tv[tvidx].mode, 0);
-       if (err)
-         {
-           if (in_fips_mode && reject && tv[tvidx].expect_failure)
-@@ -694,6 +710,18 @@ check_cipher_o_s_e_d_c (int reject)
-           continue;
-         }
- 
-+      if (tv[tvidx].taglen >= 0)
-+        {
-+          err = gcry_cipher_info (h, GCRYCTL_GET_TAGLEN, NULL, &taglen);
-+          if (err)
-+              fail ("gcry_cipher_info %d failed: %s\n", tvidx,
-+                    gpg_strerror (err));
-+
-+          if (taglen != tv[tvidx].taglen)
-+              fail ("gcry_cipher_info %d failed: taglen mismatch %d != %ld\n", tvidx,
-+                    tv[tvidx].taglen, taglen);
-+        }
-+
-       err = gcry_cipher_encrypt (h, out, MAX_DATA_LEN, pt, blklen);
-       if (err)
-         {
-@@ -714,6 +742,35 @@ check_cipher_o_s_e_d_c (int reject)
-           putc ('\n', stderr);
-         }
- 
-+      if (tv[tvidx].taglen >= 0)
-+        {
-+           err = gcry_cipher_gettag (h, tag, tv[tvidx].taglen);
-+           if (err)
-+              fail ("gcry_cipher_gettag %d failed: %s", tvidx,
-+                     gpg_strerror(err));
-+
-+          if (memcmp (tv[tvidx].tag, tag, tv[tvidx].taglen))
-+            {
-+              int i;
-+
-+              fail ("gcry_cipher_gettag %d: tag mismatch\n", tvidx);
-+              fputs ("got:", stderr);
-+              for (i=0; i < 16 ; i++)
-+                fprintf (stderr, " %02x", tag[i]);
-+              putc ('\n', stderr);
-+            }
-+
-+          err = gcry_cipher_reset (h);
-+          if (err)
-+            fail("gcry_cipher_reset %d failed: %s", tvidx,
-+                  gpg_strerror(err));
-+
-+          err = gcry_cipher_set_decryption_tag (h, tag, 16);
-+          if (err)
-+            fail ("gcry_cipher_set_decryption_tag %d failed: %s\n", tvidx<
-+                   gpg_strerror (err));
-+      }
-+
-       err = gcry_cipher_decrypt (h, out, blklen, NULL, 0);
-       if (err)
-         {
-@@ -1483,6 +1540,7 @@ main (int argc, char **argv)
- 
-   xgcry_control ((GCRYCTL_FIPS_REJECT_NON_FIPS,
-                   (GCRY_FIPS_FLAG_REJECT_MD_MD5
-+                   | GCRY_FIPS_FLAG_REJECT_CIPHER_MODE
-                    | GCRY_FIPS_FLAG_REJECT_PK_MD
-                    | GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2
-                    | GCRY_FIPS_FLAG_REJECT_COMPAT110)));
-- 
-2.49.0
-
--- a/libgcrypt-cipher-Differentiate-igninvflag-in-the-SLI.patch
+++ b/libgcrypt-cipher-Differentiate-igninvflag-in-the-SLI.patch
@@ -1,40 +0,0 @@
-From 3bdb59c21b77711cf7d44d692a7a02f5f469033e Mon Sep 17 00:00:00 2001
-From: Lucas Mulling via Gcrypt-devel <gcrypt-devel@gnupg.org>
-Date: Wed, 26 Feb 2025 17:19:22 -0300
-Subject: [PATCH 04/14] cipher: Differentiate igninvflag in the SLI
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist): Differentiate use
-of igninvflag.
-
-GnuPG-bug-id: 7338
-Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/pubkey-util.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c
-index 68defea6..9c927638 100644
--- a/cipher/pubkey-util.c
-+++ b/cipher/pubkey-util.c
-@@ -200,6 +200,14 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list,
-         }
-     }
- 
-+  if (fips_mode () && igninvflag)
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        rc = GPG_ERR_INV_FLAG;
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-+
-   if (r_flags)
-     *r_flags = flags;
-   if (r_encoding)
-- 
-2.49.0
-
--- a/libgcrypt-cipher-Differentiate-no-blinding-flag-in-the-SLI.patch
+++ b/libgcrypt-cipher-Differentiate-no-blinding-flag-in-the-SLI.patch
@@ -1,70 +0,0 @@
-From cc0a40bd74120dc06fd80f163b30abb91f60b63b Mon Sep 17 00:00:00 2001
-From: Lucas Mulling via Gcrypt-devel <gcrypt-devel@gnupg.org>
-Date: Wed, 26 Feb 2025 17:19:23 -0300
-Subject: [PATCH 05/14] cipher: Differentiate no-blinding flag in the SLI
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/rsa.c (rsa_decrypt, rsa_encrypt): Differentiate use of flag
-no-blinding in the service level indicator.
-
-GnuPG-bug-id: 7338
-Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/rsa.c | 30 ++++++++++++++++++++++++++++--
- 1 file changed, 28 insertions(+), 2 deletions(-)
-
-diff --git a/cipher/rsa.c b/cipher/rsa.c
-index c1329644..dce76414 100644
--- a/cipher/rsa.c
-+++ b/cipher/rsa.c
-@@ -1501,7 +1501,19 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
-      be practically mounted over the network as shown by Brumley and
-      Boney in 2003.  */
-   if ((ctx.flags & PUBKEY_FLAG_NO_BLINDING))
-    secret (plain, data, &sk);
-+    {
-+      if (fips_mode ())
-+        {
-+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+            {
-+              rc = GPG_ERR_INV_FLAG;
-+              goto leave;
-+            }
-+          else
-+            fips_service_indicator_mark_non_compliant ();
-+        }
-+      secret (plain, data, &sk);
-+    }
-   else
-     secret_blinded (plain, data, &sk, nbits);
- 
-@@ -1632,8 +1644,22 @@ rsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
- 
-   /* Do RSA computation.  */
-   sig = mpi_new (0);
-+
-   if ((ctx.flags & PUBKEY_FLAG_NO_BLINDING))
-    secret (sig, data, &sk);
-+    {
-+      if (fips_mode ())
-+        {
-+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+            {
-+              rc = GPG_ERR_INV_FLAG;
-+              goto leave;
-+            }
-+          else
-+            fips_service_indicator_mark_non_compliant ();
-+        }
-+
-+        secret (sig, data, &sk);
-+    }
-   else
-     secret_blinded (sig, data, &sk, nbits);
-   if (DBG_CIPHER)
-- 
-2.49.0
-
--- a/libgcrypt-cipher-Differentiate-use-of-label-K-in-the-SLI.patch
+++ b/libgcrypt-cipher-Differentiate-use-of-label-K-in-the-SLI.patch
@@ -1,139 +0,0 @@
-From 2f6d2db1a4c28775a568c1f81ca127d2daebaf1c Mon Sep 17 00:00:00 2001
-From: Lucas Mulling via Gcrypt-devel <gcrypt-devel@gnupg.org>
-Date: Wed, 26 Feb 2025 12:29:54 -0300
-Subject: [PATCH 03/14] cipher: Differentiate use of label K in the SLI
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/ecc.c (ecc_sign, ecc_verify): Use of label K is not allowed in
-fips mode, differentiate with the GCRY_FIPS_FLAG_REJECT_PK_ECC_K flag.
-* src/gcrypt.h.in: New GCRY_FIPS_FLAG_REJECT_PK_ECC_K.
-* tests/t-fips-service-ind.c (check_pk_hash_sign_verify): Mark non
-compliant use of label.
-
-Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/ecc.c               | 26 +++++++++++++++++++++++++-
- src/gcrypt.h.in            |  2 ++
- tests/t-fips-service-ind.c | 11 ++++++-----
- 3 files changed, 33 insertions(+), 6 deletions(-)
-
-diff --git a/cipher/ecc.c b/cipher/ecc.c
-index d331a014..569e41f6 100644
--- a/cipher/ecc.c
-+++ b/cipher/ecc.c
-@@ -961,7 +961,16 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
-     log_mpidump ("ecc_sign   data", data);
- 
-   if (ctx.label)
-    rc = _gcry_mpi_scan (&k, GCRYMPI_FMT_USG, ctx.label, ctx.labellen, NULL);
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_ECC_K))
-+        {
-+          rc = GPG_ERR_INV_DATA;
-+          goto leave;
-+        }
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+      rc = _gcry_mpi_scan (&k, GCRYMPI_FMT_USG, ctx.label, ctx.labellen, NULL);
-+    }
-   if (rc)
-     goto leave;
- 
-@@ -1118,6 +1127,21 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
-   rc = _gcry_pk_util_data_to_mpi (s_data, &data, &ctx);
-   if (rc)
-     goto leave;
-+
-+  if (ctx.label)
-+    {
-+      if (fips_mode ())
-+        {
-+          if(fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_ECC_K))
-+            {
-+              rc = GPG_ERR_INV_DATA;
-+              goto leave;
-+            }
-+          else
-+            fips_service_indicator_mark_non_compliant ();
-+        }
-+    }
-+
-   if (DBG_CIPHER)
-     log_mpidump ("ecc_verify data", data);
- 
-diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
-index 1a6f7269..fe3db16a 100644
--- a/src/gcrypt.h.in
-+++ b/src/gcrypt.h.in
-@@ -1989,6 +1989,8 @@ char *gcry_get_config (int mode, const char *what);
- #define GCRY_FIPS_FLAG_REJECT_PK_MD         (1 << 6)
- #define GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2   (1 << 7)
- #define GCRY_FIPS_FLAG_REJECT_CIPHER_MODE   (1 << 8)
-+/**/
-+#define GCRY_FIPS_FLAG_REJECT_PK_ECC_K      (1 << 10)
- 
- #define GCRY_FIPS_FLAG_REJECT_MD \
-   (GCRY_FIPS_FLAG_REJECT_MD_MD5 | GCRY_FIPS_FLAG_REJECT_MD_OTHERS)
-diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
-index a082b258..0ece55b8 100644
--- a/tests/t-fips-service-ind.c
-+++ b/tests/t-fips-service-ind.c
-@@ -728,7 +728,7 @@ check_pk_hash_sign_verify (void)
-       "ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9#)))",
-       "(data(flags raw)(hash %s %b)(label %b))",
-       "94a1bbb14b906a61a280f245f9e93c7f3b4a6247824f5d33b9670787642a68de",
-      0, 0
-+      1, 0,
-     }
-   };
-   int tvidx;
-@@ -827,7 +827,7 @@ check_pk_hash_sign_verify (void)
-       if (ec == GPG_ERR_INV_OP)
-         {
-           /* libgcrypt is old, no support of the FIPS service indicator.  */
-          fail ("gcry_pk_hash test %d unexpectedly failed to check the FIPS service indicator.\n",
-+          fail ("gcry_pk_hash_sign test %d unexpectedly failed to check the FIPS service indicator.\n",
-                 tvidx);
-           goto next;
-         }
-@@ -835,7 +835,7 @@ check_pk_hash_sign_verify (void)
-       if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-         {
-           /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-          fail ("gcry_pk_hash test %d unexpectedly set the indicator in FIPS mode.\n",
-+          fail ("gcry_pk_hash_sign test %d unexpectedly set the indicator in FIPS mode.\n",
-                 tvidx);
-           goto next;
-         }
-@@ -859,7 +859,7 @@ check_pk_hash_sign_verify (void)
-       if (ec == GPG_ERR_INV_OP)
-         {
-           /* libgcrypt is old, no support of the FIPS service indicator.  */
-          fail ("gcry_pk_hash test %d unexpectedly failed to check the FIPS service indicator.\n",
-+          fail ("gcry_pk_hash_verify test %d unexpectedly failed to check the FIPS service indicator.\n",
-                 tvidx);
-           goto next;
-         }
-@@ -867,7 +867,7 @@ check_pk_hash_sign_verify (void)
-       if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-         {
-           /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-          fail ("gcry_pk_hash test %d unexpectedly set the indicator in FIPS mode.\n",
-+          fail ("gcry_pk_hash_verify test %d unexpectedly set the indicator in FIPS mode.\n",
-                 tvidx);
-           goto next;
-         }
-@@ -1834,6 +1834,7 @@ main (int argc, char **argv)
-                    | GCRY_FIPS_FLAG_REJECT_CIPHER_MODE
-                    | GCRY_FIPS_FLAG_REJECT_PK_MD
-                    | GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2
-+                   | GCRY_FIPS_FLAG_REJECT_PK_ECC_K
-                    | GCRY_FIPS_FLAG_REJECT_COMPAT110)));
- 
-   check_md_o_w_r_c (1);
-- 
-2.49.0
-
--- a/libgcrypt-cipher-Don-t-differentiate-GCRY_CIPHER_MODE_CMAC-in-FIPS-mode.patch
+++ b/libgcrypt-cipher-Don-t-differentiate-GCRY_CIPHER_MODE_CMAC-in-FIPS-mode.patch
@@ -1,98 +0,0 @@
-From 608ff4b2261e2d8961f0ef4189e74b1173b2802c Mon Sep 17 00:00:00 2001
-From: Lucas Mulling <lucas.mulling@suse.com>
-Date: Sun, 2 Feb 2025 12:58:21 -0300
-Subject: [PATCH 2/2] cipher: Don't differentiate GCRY_CIPHER_MODE_CMAC in FIPS
- mode.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/cipher.c (_gcry_cipher_mode_fips_compliance): Allow
-GCRY_CIPHER_MODE_CMAC in fips mode.
-* cipher/cipher.c (cipher_modes_fips_compliance)
-(cipher_int_modes_fips_compliance): New.
--
-
-Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
-
-Added some comments, changed scope of the new functions and shorted
-their names.  Also added restructured the switch and added all other
-modes.
-
-Signed-off-by: Werner Koch <wk@gnupg.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/cipher.c | 49 ++++++++++++++++++++++++++++++++++++++++++++-----
- 1 file changed, 44 insertions(+), 5 deletions(-)
-
-diff --git a/cipher/cipher.c b/cipher/cipher.c
-index 3b7970b3..fc130907 100644
--- a/cipher/cipher.c
-+++ b/cipher/cipher.c
-@@ -505,8 +505,9 @@ _gcry_cipher_open (gcry_cipher_hd_t *handle,
- }
- 
- 
-gcry_err_code_t
-_gcry_cipher_mode_fips_compliance (enum gcry_cipher_modes mode)
-+/* Return an error if the give cipher mode is non-FIPS compliant.  */
-+static gcry_err_code_t
-+cipher_modes_fips_compliance (enum gcry_cipher_modes mode)
- {
-   switch (mode)
-     {
-@@ -519,10 +520,48 @@ _gcry_cipher_mode_fips_compliance (enum gcry_cipher_modes mode)
-     case GCRY_CIPHER_MODE_CCM:
-     case GCRY_CIPHER_MODE_XTS:
-     case GCRY_CIPHER_MODE_AESWRAP:
-      return GPG_ERR_NO_ERROR;
-    default:
-      return GPG_ERR_NOT_SUPPORTED;
-+      return 0;
-+    case GCRY_CIPHER_MODE_NONE:
-+    case GCRY_CIPHER_MODE_STREAM:
-+    case GCRY_CIPHER_MODE_GCM:
-+    case GCRY_CIPHER_MODE_POLY1305:
-+    case GCRY_CIPHER_MODE_OCB:
-+    case GCRY_CIPHER_MODE_EAX:
-+    case GCRY_CIPHER_MODE_SIV:
-+    case GCRY_CIPHER_MODE_GCM_SIV:
-+      break;
-     }
-+  return GPG_ERR_NOT_SUPPORTED;
-+}
-+
-+
-+/* This is similar to cipher_modes_fips_compliance but only for the
-+ * internal modes (i.e. CMAC).  Return an error if the mode is
-+ * non-FIPS compliant. */
-+static gcry_err_code_t
-+cipher_int_modes_fips_compliance (enum gcry_cipher_internal_modes mode)
-+{
-+  switch (mode)
-+    {
-+    case GCRY_CIPHER_MODE_INTERNAL:
-+      break;
-+    case GCRY_CIPHER_MODE_CMAC:
-+      return 0;
-+    }
-+  return GPG_ERR_NOT_SUPPORTED;
-+}
-+
-+
-+/* Return an error if the give cipher mode is non-FIPS compliant. The
-+ * mode is not an enum here so that we can use it for real modes and
-+ * for internal modes.  */
-+gcry_err_code_t
-+_gcry_cipher_mode_fips_compliance (int mode)
-+{
-+  if (mode >= GCRY_CIPHER_MODE_INTERNAL)
-+    return cipher_int_modes_fips_compliance (mode);
-+  else
-+    return cipher_modes_fips_compliance (mode);
- }
- 
- 
-- 
-2.49.0
-
--- a/libgcrypt-cipher-Rename-_gcry_cipher_is_mode_fips_compliant.patch
+++ b/libgcrypt-cipher-Rename-_gcry_cipher_is_mode_fips_compliant.patch
@@ -1,64 +0,0 @@
-From 6b0fbb7e5e0da77787e3a87d74359ee21c44904e Mon Sep 17 00:00:00 2001
-From: Lucas Mulling <lucas.mulling@suse.com>
-Date: Tue, 28 Jan 2025 13:45:39 -0300
-Subject: [PATCH 1/2] cipher: Rename _gcry_cipher_is_mode_fips_compliant
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/cipher.c (_gcry_cipher_is_mode_fips_compliant): Rename to
-_gcry_cipher_mode_fips_compliance for better clarity and change the
-return type to gcry_err_code_t.
-* cipher/cipher.c (_gcry_cipher_mode_fips_compliance): Use
-gcry_cipher_modes instead of int for mode.
-* tests/t-fips-service-ind.c (check_cipher_o_s_e_d_c): Fix typo in fail.
--
-
-Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/cipher.c            | 7 ++++---
- tests/t-fips-service-ind.c | 2 +-
- 2 files changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/cipher/cipher.c b/cipher/cipher.c
-index b5420671..3b7970b3 100644
--- a/cipher/cipher.c
-+++ b/cipher/cipher.c
-@@ -504,8 +504,9 @@ _gcry_cipher_open (gcry_cipher_hd_t *handle,
-   return rc;
- }
- 
-int
-_gcry_cipher_is_mode_fips_compliant(int mode)
-+
-+gcry_err_code_t
-+_gcry_cipher_mode_fips_compliance (enum gcry_cipher_modes mode)
- {
-   switch (mode)
-     {
-@@ -555,7 +556,7 @@ _gcry_cipher_open_internal (gcry_cipher_hd_t *handle,
-               err = 0;
-             }
-         }
-      else if ((err = _gcry_cipher_is_mode_fips_compliant(mode)))
-+      else if ((err = _gcry_cipher_mode_fips_compliance (mode)))
-         {
-           if (!fips_check_rejection (GCRY_FIPS_FLAG_REJECT_CIPHER_MODE))
-             {
-diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
-index 74521bb3..ed5f8d3f 100644
--- a/tests/t-fips-service-ind.c
-+++ b/tests/t-fips-service-ind.c
-@@ -767,7 +767,7 @@ check_cipher_o_s_e_d_c (int reject)
- 
-           err = gcry_cipher_set_decryption_tag (h, tag, 16);
-           if (err)
-            fail ("gcry_cipher_set_decryption_tag %d failed: %s\n", tvidx<
-+            fail ("gcry_cipher_set_decryption_tag %d failed: %s\n", tvidx,
-                    gpg_strerror (err));
-       }
- 
-- 
-2.49.0
-
--- a/libgcrypt-cipher-ecc-Fix-for-supplied-K.patch
+++ b/libgcrypt-cipher-ecc-Fix-for-supplied-K.patch
@@ -1,88 +0,0 @@
-From 755e6dce727915249cbb1a98f22832d940b99c24 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 6 Mar 2025 09:12:36 +0900
-Subject: [PATCH 07/14] cipher,ecc: Fix for supplied K.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/ecc.c (ecc_sign): Check if it's under FIPS mode.
-(ecc_verify): Supplied K does no sense for verification, but add
-comment of clarification mark/reject-ing under FIPS mode.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/ecc.c | 39 +++++++++++++++++++++++----------------
- 1 file changed, 23 insertions(+), 16 deletions(-)
-
-diff --git a/cipher/ecc.c b/cipher/ecc.c
-index 569e41f6..a165bb7a 100644
--- a/cipher/ecc.c
-+++ b/cipher/ecc.c
-@@ -962,17 +962,21 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
- 
-   if (ctx.label)
-     {
-      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_ECC_K))
-+      /* ECDSA signing can have supplied K (for testing, deterministic).  */
-+      if (fips_mode ())
-         {
-          rc = GPG_ERR_INV_DATA;
-          goto leave;
-+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_ECC_K))
-+            {
-+              rc = GPG_ERR_INV_DATA;
-+              goto leave;
-+            }
-+          else
-+            fips_service_indicator_mark_non_compliant ();
-         }
-      else
-        fips_service_indicator_mark_non_compliant ();
-       rc = _gcry_mpi_scan (&k, GCRYMPI_FMT_USG, ctx.label, ctx.labellen, NULL);
-+      if (rc)
-+        goto leave;
-     }
-  if (rc)
-    goto leave;
- 
-   if (fips_mode ()
-       && ((ctx.flags & PUBKEY_FLAG_GOST) || (ctx.flags & PUBKEY_FLAG_SM2)))
-@@ -1128,18 +1132,21 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
-   if (rc)
-     goto leave;
- 
-  if (ctx.label)
-+  /*
-+   * ECDSA signing can have supplied K (for testing, deterministic),
-+   * but it's non-compliant.  For ECDSA signature verification, having
-+   * K is irrelevant, but an application may use same flags as the one
-+   * for signing.
-+   */
-+  if (ctx.label && fips_mode ())
-     {
-      if (fips_mode ())
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_ECC_K))
-         {
-          if(fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_ECC_K))
-            {
-              rc = GPG_ERR_INV_DATA;
-              goto leave;
-            }
-          else
-            fips_service_indicator_mark_non_compliant ();
-+          rc = GPG_ERR_INV_DATA;
-+          goto leave;
-         }
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-     }
- 
-   if (DBG_CIPHER)
-- 
-2.49.0
-
--- a/libgcrypt-cipher-fips-Fix-for-random-override.patch
+++ b/libgcrypt-cipher-fips-Fix-for-random-override.patch
@@ -1,83 +0,0 @@
-From ca8bf05e111b41e482a2a4b34cda6bcf5aa1f27e Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 6 Mar 2025 09:45:36 +0900
-Subject: [PATCH 09/14] cipher,fips: Fix for random-override.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/pubkey-util.c (gcry_pk_util_data_to_mpi): Keep
-the behavior of 1.10.
-* src/visibility.c (gcry_pk_random_override_new): Likewise.
-* tests/t-fips-service-ind.c (main): Use GCRY_FIPS_FLAG_REJECT_PK_FLAGS.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/pubkey-util.c       | 6 +++---
- src/visibility.c           | 2 +-
- tests/t-fips-service-ind.c | 1 +
- 3 files changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c
-index 66a04f13..0e67f892 100644
--- a/cipher/pubkey-util.c
-+++ b/cipher/pubkey-util.c
-@@ -975,7 +975,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
-             {
-               if (fips_mode ())
-                 {
-                  if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+                  if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_FLAGS))
-                     {
-                       sexp_release (list);
-                       rc = GPG_ERR_INV_FLAG;
-@@ -1162,7 +1162,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
-             {
-               if (fips_mode ())
-                 {
-                  if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+                  if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_FLAGS))
-                     {
-                       sexp_release (list);
-                       rc = GPG_ERR_INV_FLAG;
-@@ -1272,7 +1272,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
-         {
-           if (fips_mode ())
-             {
-              if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+              if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_FLAGS))
-                 {
-                   sexp_release (list);
-                   rc = GPG_ERR_INV_FLAG;
-diff --git a/src/visibility.c b/src/visibility.c
-index ccd0de69..edb972bc 100644
--- a/src/visibility.c
-+++ b/src/visibility.c
-@@ -1091,7 +1091,7 @@ gcry_pk_random_override_new (gcry_ctx_t *r_ctx, const unsigned char *p, size_t l
- 
-   if (fips_mode ())
-     {
-      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_FLAGS))
-         return gpg_error (GPG_ERR_INV_OP);
-       else
-         fips_service_indicator_mark_non_compliant ();
-diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
-index 0ece55b8..0a270b38 100644
--- a/tests/t-fips-service-ind.c
-+++ b/tests/t-fips-service-ind.c
-@@ -1835,6 +1835,7 @@ main (int argc, char **argv)
-                    | GCRY_FIPS_FLAG_REJECT_PK_MD
-                    | GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2
-                    | GCRY_FIPS_FLAG_REJECT_PK_ECC_K
-+                   | GCRY_FIPS_FLAG_REJECT_PK_FLAGS
-                    | GCRY_FIPS_FLAG_REJECT_COMPAT110)));
- 
-   check_md_o_w_r_c (1);
-- 
-2.49.0
-
--- a/libgcrypt-cipher-rsa-Mark-reject-SHA1-unknown-with-RSA-signature-generation.patch
+++ b/libgcrypt-cipher-rsa-Mark-reject-SHA1-unknown-with-RSA-signature-generation.patch
@@ -1,445 +0,0 @@
-From 60e5039793c2474d29ded039cf1a6b8107733a20 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Fri, 21 Feb 2025 14:24:41 +0900
-Subject: [PATCH] cipher:rsa: Mark/reject SHA1/unknown with RSA signature
- generation.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/rsa-common.c (_gcry_rsa_pkcs1_encode_raw_for_sig): We can't
-determine if it's compliant when raw PKCS1 encoding is used.
-(_gcry_rsa_pss_encode): Add the behavior of marking non-compliant use.
-(_gcry_rsa_pss_verify): Likewise.
-* cipher/rsa.c (rsa_sign): Handle the check for SHA1.
-(rsa_verify): Likewise.
-* tests/t-fips-service-ind.c (check_pk_s_v): Add use cases for RSA
-and Ed25519.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/rsa-common.c        |  28 +++-
- cipher/rsa.c               |  34 +++++
- tests/t-fips-service-ind.c | 290 ++++++++++++++++++++++++++++++++++++-
- 3 files changed, 347 insertions(+), 5 deletions(-)
-
-diff --git a/cipher/rsa-common.c b/cipher/rsa-common.c
-index 1920eedd..c1d2dcd5 100644
--- a/cipher/rsa-common.c
-+++ b/cipher/rsa-common.c
-@@ -380,6 +380,16 @@ _gcry_rsa_pkcs1_encode_raw_for_sig (gcry_mpi_t *r_result, unsigned int nbits,
-   int i;
-   size_t n;
- 
-+  /* With RAW encoding, we can't know if the hash used is compliant or
-+   * not.  Reject or mark it's non-compliant.  */
-+  if (fips_mode ())
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_MD))
-+        return GPG_ERR_DIGEST_ALGO;
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-+
-   if ( !valuelen || valuelen + 4 > nframe)
-     {
-       /* Can't encode an DLEN byte digest MD into an NFRAME byte
-@@ -840,8 +850,13 @@ _gcry_rsa_pss_encode (gcry_mpi_t *r_result, unsigned int nbits, int algo,
-   /* The FIPS 186-4 Section 5.5 allows only 0 <= sLen <= hLen */
-   if (fips_mode () && saltlen > hlen)
-     {
-      rc = GPG_ERR_INV_ARG;
-      goto leave;
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        {
-+          rc = GPG_ERR_INV_ARG;
-+          goto leave;
-+        }
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-     }
- 
-   /* Allocate a help buffer and setup some pointers.  */
-@@ -1006,8 +1021,13 @@ _gcry_rsa_pss_verify (gcry_mpi_t value, int hashed_already,
-   /* The FIPS 186-4 Section 5.5 allows only 0 <= sLen <= hLen */
-   if (fips_mode () && saltlen > hlen)
-     {
-      rc = GPG_ERR_INV_ARG;
-      goto leave;
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        {
-+          rc = GPG_ERR_INV_ARG;
-+          goto leave;
-+        }
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-     }
- 
-   /* Allocate a help buffer and setup some pointers.
-diff --git a/cipher/rsa.c b/cipher/rsa.c
-index c7a809f4..c1329644 100644
--- a/cipher/rsa.c
-+++ b/cipher/rsa.c
-@@ -1613,6 +1613,23 @@ rsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
-         }
-     }
- 
-+  /* Check if use of the hash is compliant.  */
-+  if (fips_mode ())
-+    {
-+      /* SHA1 is approved hash function, but not for digital signature.  */
-+      if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL)
-+          || ctx.hash_algo == GCRY_MD_SHA1)
-+        {
-+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_MD))
-+            {
-+              rc = GPG_ERR_DIGEST_ALGO;
-+              goto leave;
-+            }
-+          else
-+            fips_service_indicator_mark_non_compliant ();
-+        }
-+    }
-+
-   /* Do RSA computation.  */
-   sig = mpi_new (0);
-   if ((ctx.flags & PUBKEY_FLAG_NO_BLINDING))
-@@ -1720,6 +1737,23 @@ rsa_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
-       log_printmpi ("rsa_verify    e", pk.e);
-     }
- 
-+  /* Check if use of the hash is compliant.  */
-+  if (fips_mode ())
-+    {
-+      /* SHA1 is approved hash function, but not for digital signature.  */
-+      if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL)
-+          || ctx.hash_algo == GCRY_MD_SHA1)
-+        {
-+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_MD))
-+            {
-+              rc = GPG_ERR_DIGEST_ALGO;
-+              goto leave;
-+            }
-+          else
-+            fips_service_indicator_mark_non_compliant ();
-+        }
-+    }
-+
-   /* Do RSA computation and compare.  */
-   result = mpi_new (0);
-   public (result, sig, &pk);
-diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
-index ed5f8d3f..bec6c27e 100644
--- a/tests/t-fips-service-ind.c
-+++ b/tests/t-fips-service-ind.c
-@@ -231,7 +231,8 @@ check_pk_s_v (int reject)
-     const char *data;
-     int expect_failure;
-   } tv[] = {
-    {
-+    {                           /* Hashing is done externally, and feeded
-+                                   to gcry_pk_sign, specifing the hash used */
-       "(private-key (ecc (curve nistp256)"
-       " (d #519b423d715f8b581f4fa8ee59f4771a5b44c8130b4e3eacca54a56dda72b464#)))",
-       "(public-key (ecc (curve nistp256)"
-@@ -271,6 +272,293 @@ check_pk_s_v (int reject)
-       "#00112233445566778899AABBCCDDEEFF00010203#))",
-       1
-     },
-+    {                           /* Hashing is done internally in
-+                                   gcry_pk_sign with the hash-algo specified.  */
-+      "(private-key\n"
-+      " (ecc\n"
-+      "  (curve Ed25519)(flags eddsa)\n"
-+      "  (q #4014DB483F15527253B25B4C72BEA8BB70255029636BD71DBBCCD5D8BF48A35F17#)"
-+      "  (d #09A0C38E0F1699073541447C19DA12E3A07A7BFDB0C186E4AC5BCE6F23D55252#)"
-+      "))",
-+      "(public-key\n"
-+      " (ecc\n"
-+      "  (curve Ed25519)(flags eddsa)\n"
-+      "  (q #4014DB483F15527253B25B4C72BEA8BB70255029636BD71DBBCCD5D8BF48A35F17#)"
-+      "))",
-+      "(data(flags eddsa)(hash-algo sha512)(value "
-+      "#00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F"
-+      " 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F"
-+      " 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F#))",
-+      0
-+    },
-+    {                           /* RSA with compliant hash for signing */
-+      "(private-key"
-+      " (rsa"
-+      "  (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC"
-+      "      7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8"
-+      "      7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C"
-+      "      958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917"
-+      "      DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613"
-+      "      6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C"
-+      "      42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918"
-+      "      664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6"
-+      "      CB#)\n"
-+      "   (e #010001#)\n"
-+      "   (d #07EF82500C403899934FE993AC5A36F14FF2DF38CF1EF315F205EE4C83EDAA19"
-+      "       8890FC23DE9AA933CAFB37B6A8A8DBA675411958337287310D3FF2F1DDC0CB93"
-+      "       7E70F57F75F833C021852B631D2B9A520E4431A03C5C3FCB5742DCD841D9FB12"
-+      "       771AA1620DCEC3F1583426066ED9DC3F7028C5B59202C88FDF20396E2FA0EC4F"
-+      "       5A22D9008F3043673931BC14A5046D6327398327900867E39CC61B2D1AFE2F48"
-+      "       EC8E1E3861C68D257D7425F4E6F99ABD77D61F10CA100EFC14389071831B33DD"
-+      "       69CC8EABEF860D1DC2AAA84ABEAE5DFC91BC124DAF0F4C8EF5BBEA436751DE84"
-+      "       3A8063E827A024466F44C28614F93B0732A100D4A0D86D532FE1E22C7725E401"
-+      "       #)\n"
-+      "   (p #00C29D438F115825779631CD665A5739367F3E128ADC29766483A46CA80897E0"
-+      "       79B32881860B8F9A6A04C2614A904F6F2578DAE13EA67CD60AE3D0AA00A1FF9B"
-+      "       441485E44B2DC3D0B60260FBFE073B5AC72FAF67964DE15C8212C389D20DB9CF"
-+      "       54AF6AEF5C4196EAA56495DD30CF709F499D5AB30CA35E086C2A1589D6283F17"
-+      "       83#)\n"
-+      "   (q #00D1984135231CB243FE959C0CBEF551EDD986AD7BEDF71EDF447BE3DA27AF46"
-+      "       79C974A6FA69E4D52FE796650623DE70622862713932AA2FD9F2EC856EAEAA77"
-+      "       88B4EA6084DC81C902F014829B18EA8B2666EC41586818E0589E18876065F97E"
-+      "       8D22CE2DA53A05951EC132DCEF41E70A9C35F4ACC268FFAC2ADF54FA1DA110B9"
-+      "       19#)\n"
-+      "   (u #67CF0FD7635205DD80FA814EE9E9C267C17376BF3209FB5D1BC42890D2822A04"
-+      "       479DAF4D5B6ED69D0F8D1AF94164D07F8CD52ECEFE880641FA0F41DDAB1785E4"
-+      "       A37A32F997A516480B4CD4F6482B9466A1765093ED95023CA32D5EDC1E34CEE9"
-+      "       AF595BC51FE43C4BF810FA225AF697FB473B83815966188A4312C048B885E3F7"
-+      "       #)))\n",
-+      "(public-key\n"
-+      " (rsa\n"
-+      "  (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC"
-+      "      7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8"
-+      "      7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C"
-+      "      958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917"
-+      "      DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613"
-+      "      6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C"
-+      "      42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918"
-+      "      664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6"
-+      "      CB#)\n"
-+      "   (e #010001#)))\n",
-+      "(data\n (flags pkcs1)\n"
-+      " (hash sha256 "
-+      "#00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F#))\n",
-+      0
-+    },
-+    {                           /* RSA with non-compliant hash for signing */
-+      "(private-key"
-+      " (rsa"
-+      "  (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC"
-+      "      7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8"
-+      "      7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C"
-+      "      958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917"
-+      "      DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613"
-+      "      6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C"
-+      "      42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918"
-+      "      664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6"
-+      "      CB#)\n"
-+      "   (e #010001#)\n"
-+      "   (d #07EF82500C403899934FE993AC5A36F14FF2DF38CF1EF315F205EE4C83EDAA19"
-+      "       8890FC23DE9AA933CAFB37B6A8A8DBA675411958337287310D3FF2F1DDC0CB93"
-+      "       7E70F57F75F833C021852B631D2B9A520E4431A03C5C3FCB5742DCD841D9FB12"
-+      "       771AA1620DCEC3F1583426066ED9DC3F7028C5B59202C88FDF20396E2FA0EC4F"
-+      "       5A22D9008F3043673931BC14A5046D6327398327900867E39CC61B2D1AFE2F48"
-+      "       EC8E1E3861C68D257D7425F4E6F99ABD77D61F10CA100EFC14389071831B33DD"
-+      "       69CC8EABEF860D1DC2AAA84ABEAE5DFC91BC124DAF0F4C8EF5BBEA436751DE84"
-+      "       3A8063E827A024466F44C28614F93B0732A100D4A0D86D532FE1E22C7725E401"
-+      "       #)\n"
-+      "   (p #00C29D438F115825779631CD665A5739367F3E128ADC29766483A46CA80897E0"
-+      "       79B32881860B8F9A6A04C2614A904F6F2578DAE13EA67CD60AE3D0AA00A1FF9B"
-+      "       441485E44B2DC3D0B60260FBFE073B5AC72FAF67964DE15C8212C389D20DB9CF"
-+      "       54AF6AEF5C4196EAA56495DD30CF709F499D5AB30CA35E086C2A1589D6283F17"
-+      "       83#)\n"
-+      "   (q #00D1984135231CB243FE959C0CBEF551EDD986AD7BEDF71EDF447BE3DA27AF46"
-+      "       79C974A6FA69E4D52FE796650623DE70622862713932AA2FD9F2EC856EAEAA77"
-+      "       88B4EA6084DC81C902F014829B18EA8B2666EC41586818E0589E18876065F97E"
-+      "       8D22CE2DA53A05951EC132DCEF41E70A9C35F4ACC268FFAC2ADF54FA1DA110B9"
-+      "       19#)\n"
-+      "   (u #67CF0FD7635205DD80FA814EE9E9C267C17376BF3209FB5D1BC42890D2822A04"
-+      "       479DAF4D5B6ED69D0F8D1AF94164D07F8CD52ECEFE880641FA0F41DDAB1785E4"
-+      "       A37A32F997A516480B4CD4F6482B9466A1765093ED95023CA32D5EDC1E34CEE9"
-+      "       AF595BC51FE43C4BF810FA225AF697FB473B83815966188A4312C048B885E3F7"
-+      "       #)))\n",
-+      "(public-key\n"
-+      " (rsa\n"
-+      "  (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC"
-+      "      7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8"
-+      "      7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C"
-+      "      958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917"
-+      "      DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613"
-+      "      6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C"
-+      "      42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918"
-+      "      664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6"
-+      "      CB#)\n"
-+      "   (e #010001#)))\n",
-+      "(data\n (flags pkcs1)\n"
-+      " (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
-+      1
-+    },
-+    {                           /* RSA with unknown hash for signing */
-+      "(private-key"
-+      " (rsa"
-+      "  (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC"
-+      "      7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8"
-+      "      7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C"
-+      "      958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917"
-+      "      DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613"
-+      "      6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C"
-+      "      42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918"
-+      "      664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6"
-+      "      CB#)\n"
-+      "   (e #010001#)\n"
-+      "   (d #07EF82500C403899934FE993AC5A36F14FF2DF38CF1EF315F205EE4C83EDAA19"
-+      "       8890FC23DE9AA933CAFB37B6A8A8DBA675411958337287310D3FF2F1DDC0CB93"
-+      "       7E70F57F75F833C021852B631D2B9A520E4431A03C5C3FCB5742DCD841D9FB12"
-+      "       771AA1620DCEC3F1583426066ED9DC3F7028C5B59202C88FDF20396E2FA0EC4F"
-+      "       5A22D9008F3043673931BC14A5046D6327398327900867E39CC61B2D1AFE2F48"
-+      "       EC8E1E3861C68D257D7425F4E6F99ABD77D61F10CA100EFC14389071831B33DD"
-+      "       69CC8EABEF860D1DC2AAA84ABEAE5DFC91BC124DAF0F4C8EF5BBEA436751DE84"
-+      "       3A8063E827A024466F44C28614F93B0732A100D4A0D86D532FE1E22C7725E401"
-+      "       #)\n"
-+      "   (p #00C29D438F115825779631CD665A5739367F3E128ADC29766483A46CA80897E0"
-+      "       79B32881860B8F9A6A04C2614A904F6F2578DAE13EA67CD60AE3D0AA00A1FF9B"
-+      "       441485E44B2DC3D0B60260FBFE073B5AC72FAF67964DE15C8212C389D20DB9CF"
-+      "       54AF6AEF5C4196EAA56495DD30CF709F499D5AB30CA35E086C2A1589D6283F17"
-+      "       83#)\n"
-+      "   (q #00D1984135231CB243FE959C0CBEF551EDD986AD7BEDF71EDF447BE3DA27AF46"
-+      "       79C974A6FA69E4D52FE796650623DE70622862713932AA2FD9F2EC856EAEAA77"
-+      "       88B4EA6084DC81C902F014829B18EA8B2666EC41586818E0589E18876065F97E"
-+      "       8D22CE2DA53A05951EC132DCEF41E70A9C35F4ACC268FFAC2ADF54FA1DA110B9"
-+      "       19#)\n"
-+      "   (u #67CF0FD7635205DD80FA814EE9E9C267C17376BF3209FB5D1BC42890D2822A04"
-+      "       479DAF4D5B6ED69D0F8D1AF94164D07F8CD52ECEFE880641FA0F41DDAB1785E4"
-+      "       A37A32F997A516480B4CD4F6482B9466A1765093ED95023CA32D5EDC1E34CEE9"
-+      "       AF595BC51FE43C4BF810FA225AF697FB473B83815966188A4312C048B885E3F7"
-+      "       #)))\n",
-+      "(public-key\n"
-+      " (rsa\n"
-+      "  (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC"
-+      "      7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8"
-+      "      7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C"
-+      "      958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917"
-+      "      DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613"
-+      "      6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C"
-+      "      42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918"
-+      "      664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6"
-+      "      CB#)\n"
-+      "   (e #010001#)))\n",
-+      "(data\n (flags pkcs1-raw)\n"
-+      " (value "
-+      "#00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F#))\n",
-+      1
-+    },
-+    {                           /* RSA with compliant hash for signing */
-+      "(private-key"
-+      " (rsa"
-+      "  (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC"
-+      "      7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8"
-+      "      7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C"
-+      "      958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917"
-+      "      DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613"
-+      "      6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C"
-+      "      42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918"
-+      "      664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6"
-+      "      CB#)\n"
-+      "   (e #010001#)\n"
-+      "   (d #07EF82500C403899934FE993AC5A36F14FF2DF38CF1EF315F205EE4C83EDAA19"
-+      "       8890FC23DE9AA933CAFB37B6A8A8DBA675411958337287310D3FF2F1DDC0CB93"
-+      "       7E70F57F75F833C021852B631D2B9A520E4431A03C5C3FCB5742DCD841D9FB12"
-+      "       771AA1620DCEC3F1583426066ED9DC3F7028C5B59202C88FDF20396E2FA0EC4F"
-+      "       5A22D9008F3043673931BC14A5046D6327398327900867E39CC61B2D1AFE2F48"
-+      "       EC8E1E3861C68D257D7425F4E6F99ABD77D61F10CA100EFC14389071831B33DD"
-+      "       69CC8EABEF860D1DC2AAA84ABEAE5DFC91BC124DAF0F4C8EF5BBEA436751DE84"
-+      "       3A8063E827A024466F44C28614F93B0732A100D4A0D86D532FE1E22C7725E401"
-+      "       #)\n"
-+      "   (p #00C29D438F115825779631CD665A5739367F3E128ADC29766483A46CA80897E0"
-+      "       79B32881860B8F9A6A04C2614A904F6F2578DAE13EA67CD60AE3D0AA00A1FF9B"
-+      "       441485E44B2DC3D0B60260FBFE073B5AC72FAF67964DE15C8212C389D20DB9CF"
-+      "       54AF6AEF5C4196EAA56495DD30CF709F499D5AB30CA35E086C2A1589D6283F17"
-+      "       83#)\n"
-+      "   (q #00D1984135231CB243FE959C0CBEF551EDD986AD7BEDF71EDF447BE3DA27AF46"
-+      "       79C974A6FA69E4D52FE796650623DE70622862713932AA2FD9F2EC856EAEAA77"
-+      "       88B4EA6084DC81C902F014829B18EA8B2666EC41586818E0589E18876065F97E"
-+      "       8D22CE2DA53A05951EC132DCEF41E70A9C35F4ACC268FFAC2ADF54FA1DA110B9"
-+      "       19#)\n"
-+      "   (u #67CF0FD7635205DD80FA814EE9E9C267C17376BF3209FB5D1BC42890D2822A04"
-+      "       479DAF4D5B6ED69D0F8D1AF94164D07F8CD52ECEFE880641FA0F41DDAB1785E4"
-+      "       A37A32F997A516480B4CD4F6482B9466A1765093ED95023CA32D5EDC1E34CEE9"
-+      "       AF595BC51FE43C4BF810FA225AF697FB473B83815966188A4312C048B885E3F7"
-+      "       #)))\n",
-+      "(public-key\n"
-+      " (rsa\n"
-+      "  (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC"
-+      "      7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8"
-+      "      7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C"
-+      "      958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917"
-+      "      DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613"
-+      "      6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C"
-+      "      42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918"
-+      "      664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6"
-+      "      CB#)\n"
-+      "   (e #010001#)))\n",
-+      "(data\n (flags pss)\n"
-+      " (hash sha256 "
-+      "#00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F#))\n",
-+      0
-+    },
-+    {                           /* RSA with non-compliant hash for signing */
-+      "(private-key"
-+      " (rsa"
-+      "  (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC"
-+      "      7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8"
-+      "      7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C"
-+      "      958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917"
-+      "      DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613"
-+      "      6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C"
-+      "      42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918"
-+      "      664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6"
-+      "      CB#)\n"
-+      "   (e #010001#)\n"
-+      "   (d #07EF82500C403899934FE993AC5A36F14FF2DF38CF1EF315F205EE4C83EDAA19"
-+      "       8890FC23DE9AA933CAFB37B6A8A8DBA675411958337287310D3FF2F1DDC0CB93"
-+      "       7E70F57F75F833C021852B631D2B9A520E4431A03C5C3FCB5742DCD841D9FB12"
-+      "       771AA1620DCEC3F1583426066ED9DC3F7028C5B59202C88FDF20396E2FA0EC4F"
-+      "       5A22D9008F3043673931BC14A5046D6327398327900867E39CC61B2D1AFE2F48"
-+      "       EC8E1E3861C68D257D7425F4E6F99ABD77D61F10CA100EFC14389071831B33DD"
-+      "       69CC8EABEF860D1DC2AAA84ABEAE5DFC91BC124DAF0F4C8EF5BBEA436751DE84"
-+      "       3A8063E827A024466F44C28614F93B0732A100D4A0D86D532FE1E22C7725E401"
-+      "       #)\n"
-+      "   (p #00C29D438F115825779631CD665A5739367F3E128ADC29766483A46CA80897E0"
-+      "       79B32881860B8F9A6A04C2614A904F6F2578DAE13EA67CD60AE3D0AA00A1FF9B"
-+      "       441485E44B2DC3D0B60260FBFE073B5AC72FAF67964DE15C8212C389D20DB9CF"
-+      "       54AF6AEF5C4196EAA56495DD30CF709F499D5AB30CA35E086C2A1589D6283F17"
-+      "       83#)\n"
-+      "   (q #00D1984135231CB243FE959C0CBEF551EDD986AD7BEDF71EDF447BE3DA27AF46"
-+      "       79C974A6FA69E4D52FE796650623DE70622862713932AA2FD9F2EC856EAEAA77"
-+      "       88B4EA6084DC81C902F014829B18EA8B2666EC41586818E0589E18876065F97E"
-+      "       8D22CE2DA53A05951EC132DCEF41E70A9C35F4ACC268FFAC2ADF54FA1DA110B9"
-+      "       19#)\n"
-+      "   (u #67CF0FD7635205DD80FA814EE9E9C267C17376BF3209FB5D1BC42890D2822A04"
-+      "       479DAF4D5B6ED69D0F8D1AF94164D07F8CD52ECEFE880641FA0F41DDAB1785E4"
-+      "       A37A32F997A516480B4CD4F6482B9466A1765093ED95023CA32D5EDC1E34CEE9"
-+      "       AF595BC51FE43C4BF810FA225AF697FB473B83815966188A4312C048B885E3F7"
-+      "       #)))\n",
-+      "(public-key\n"
-+      " (rsa\n"
-+      "  (n #009F56231A3D82E3E7D613D59D53E9AB921BEF9F08A782AED0B6E46ADBC853EC"
-+      "      7C71C422435A3CD8FA0DB9EFD55CD3295BADC4E8E2E2B94E15AE82866AB8ADE8"
-+      "      7E469FAE76DC3577DE87F1F419C4EB41123DFAF8D16922D5EDBAD6E9076D5A1C"
-+      "      958106F0AE5E2E9193C6B49124C64C2A241C4075D4AF16299EB87A6585BAE917"
-+      "      DEF27FCDD165764D069BC18D16527B29DAAB549F7BBED4A7C6A842D203ED6613"
-+      "      6E2411744E432CD26D940132F25874483DCAEECDFD95744819CBCF1EA810681C"
-+      "      42907EBCB1C7EAFBE75C87EC32C5413EA10476545D3FC7B2ADB1B66B7F200918"
-+      "      664B0E5261C2895AA28B0DE321E921B3F877172CCCAB81F43EF98002916156F6"
-+      "      CB#)\n"
-+      "   (e #010001#)))\n",
-+      "(data\n (flags pss)\n"
-+      " (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
-+      1
-+    }
-   };
-   int tvidx;
-   gpg_error_t err;
-- 
-2.49.0
-
--- a/libgcrypt-cipher-visibility-Differentiate-use-of-random-override-in-the-SLI.patch
+++ b/libgcrypt-cipher-visibility-Differentiate-use-of-random-override-in-the-SLI.patch
@@ -1,107 +0,0 @@
-From 234eb316b0a04c50e8511a570775ded45060f18b Mon Sep 17 00:00:00 2001
-From: Lucas Mulling via Gcrypt-devel <gcrypt-devel@gnupg.org>
-Date: Wed, 26 Feb 2025 17:19:24 -0300
-Subject: [PATCH 08/14] cipher,visibility: Differentiate use of random-override
- in the SLI
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/pubkey-util.c (_gcry_pk_util_data_to_mpi,
-_gcry_pk_single_data_push, _gcry_pk_util_free_encoding_ctx):
-Differentiate use of random-override in the SLI.
-* src/visibility.c (gcry_pk_random_override_new):
-Differentiate use explicit random override in the SLI.
-
-GnuPG-bug-id: 7338
-Signed-off-by: Lucas Mulling <lucas.mulling@suse.com>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/pubkey-util.c | 33 +++++++++++++++++++++++++++++++++
- src/visibility.c     | 12 ++++++++++++
- 2 files changed, 45 insertions(+)
-
-diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c
-index e7355569..66a04f13 100644
--- a/cipher/pubkey-util.c
-+++ b/cipher/pubkey-util.c
-@@ -973,6 +973,17 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
-           list = sexp_find_token (ldata, "random-override", 0);
-           if (list)
-             {
-+              if (fips_mode ())
-+                {
-+                  if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+                    {
-+                      sexp_release (list);
-+                      rc = GPG_ERR_INV_FLAG;
-+                      goto leave;
-+                    }
-+                  else
-+                    fips_service_indicator_mark_non_compliant ();
-+                }
-               s = sexp_nth_data (list, 1, &n);
-               if (!s)
-                 rc = GPG_ERR_NO_OBJ;
-@@ -1149,6 +1160,17 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
-           list = sexp_find_token (ldata, "random-override", 0);
-           if (list)
-             {
-+              if (fips_mode ())
-+                {
-+                  if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+                    {
-+                      sexp_release (list);
-+                      rc = GPG_ERR_INV_FLAG;
-+                      goto leave;
-+                    }
-+                  else
-+                    fips_service_indicator_mark_non_compliant ();
-+                }
-               s = sexp_nth_data (list, 1, &n);
-               if (!s)
-                 rc = GPG_ERR_NO_OBJ;
-@@ -1248,6 +1270,17 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
-       list = sexp_find_token (ldata, "random-override", 0);
-       if (list)
-         {
-+          if (fips_mode ())
-+            {
-+              if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+                {
-+                  sexp_release (list);
-+                  rc = GPG_ERR_INV_FLAG;
-+                  goto leave;
-+                }
-+              else
-+                fips_service_indicator_mark_non_compliant ();
-+            }
-           s = sexp_nth_data (list, 1, &n);
-           if (!s)
-             rc = GPG_ERR_NO_OBJ;
-diff --git a/src/visibility.c b/src/visibility.c
-index 4134446a..ccd0de69 100644
--- a/src/visibility.c
-+++ b/src/visibility.c
-@@ -1085,6 +1085,18 @@ gcry_pk_hash_verify (gcry_sexp_t sigval, const char *data_tmpl, gcry_sexp_t pkey
- gcry_error_t
- gcry_pk_random_override_new (gcry_ctx_t *r_ctx, const unsigned char *p, size_t len)
- {
-+  if (!fips_is_operational ())
-+    return gpg_error (fips_not_operational ());
-+  fips_service_indicator_init ();
-+
-+  if (fips_mode ())
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        return gpg_error (GPG_ERR_INV_OP);
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-+
-   return gpg_error (_gcry_pk_single_data_push (r_ctx, p, len));
- }
- 
-- 
-2.49.0
-
--- a/libgcrypt-doc-Add-about-GCRYCTL_FIPS_SERVICE_INDICATOR.patch
+++ b/libgcrypt-doc-Add-about-GCRYCTL_FIPS_SERVICE_INDICATOR.patch
@@ -1,66 +0,0 @@
-From 636f40cb78587635ef663bfc3430937cf140f245 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 13 Mar 2025 15:02:58 +0900
-Subject: [PATCH 13/14] doc: Add about GCRYCTL_FIPS_SERVICE_INDICATOR.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* doc/gcrypt.texi (GCRYCTL_FIPS_SERVICE_INDICATOR): Add a description.
-(GCRYCTL_FIPS_REJECT_NON_FIPS): Likewise.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- doc/gcrypt.texi | 32 ++++++++++++++++++++++++++++++++
- 1 file changed, 32 insertions(+)
-
-diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi
-index 5d428738..6e82a41b 100644
--- a/doc/gcrypt.texi
-+++ b/doc/gcrypt.texi
-@@ -1052,6 +1052,38 @@ is responsible to check also the internal members.  For example:
-   /* ok */
- @end example
- 
-+@item GCRYCTL_FIPS_SERVICE_INDICATOR; Arguments: none
-+This commands provides ``dynamic'' service indicator.
-+
-+After a function call (of the use of security services), this command
-+can be used to check if the call is valid or not.  If the computation
-+is done in an approved way, it returns @code{GPG_ERR_NO_ERROR}.
-+Otherwise @code{GPG_ERR_NOT_SUPPORTED} is returned.
-+
-+An application may use this command directly or use the convenience
-+macro below.
-+
-+@deftypefun gcry_error_t gcry_get_fips_service_indicator (void)
-+
-+Returns @code{GPG_ERR_NO_ERROR} if a preceeding function call is
-+valid.  Otherwise @code{GPG_ERR_NOT_SUPPORTED} is returned.
-+@end deftypefun
-+
-+@item GCRYCTL_FIPS_REJECT_NON_FIPS; Arguments: unsigned int flags
-+In Libgcrypt 1.10, static implicit indicator is used; For an approved
-+function (which can be checked by
-+GCRYCTL_FIPS_SERVICE_INDICATOR_FUNCTION command) with an approved
-+algo/operation (which can be checked GCRYCTL_FIPS_SERVICE_INDICATOR_*
-+command), success of the function call means that it's valid and error
-+return (rejection) means it's invalid.  This command controls thread
-+specific behavior of the rejection.
-+
-+When using ``dynamic'' service indicator, this command with FLAGS=0
-+disables all rejections.
-+@example
-+  gcry_control (GCRYCTL_FIPS_REJECT_NON_FIPS, 0);
-+@endexample
-+
- @end table
- 
- @end deftypefun
-- 
-2.49.0
-
--- a/libgcrypt-doc-Fix-syntax-error.patch
+++ b/libgcrypt-doc-Fix-syntax-error.patch
@@ -1,31 +0,0 @@
-From 22e65f6f5b8dbddf925151894426e4c06d33803b Mon Sep 17 00:00:00 2001
-From: Werner Koch <wk@gnupg.org>
-Date: Thu, 13 Mar 2025 18:06:37 +0100
-Subject: [PATCH 14/14] doc: Fix syntax error
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
--
-
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- doc/gcrypt.texi | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi
-index 6e82a41b..eeab1a78 100644
--- a/doc/gcrypt.texi
-+++ b/doc/gcrypt.texi
-@@ -1082,7 +1082,7 @@ When using ``dynamic'' service indicator, this command with FLAGS=0
- disables all rejections.
- @example
-   gcry_control (GCRYCTL_FIPS_REJECT_NON_FIPS, 0);
-@endexample
-+@end example
- 
- @end table
- 
-- 
-2.49.0
-
--- a/libgcrypt-fips-Change-the-internal-API-for-new-FIPS-service-indicator.patch
+++ b/libgcrypt-fips-Change-the-internal-API-for-new-FIPS-service-indicator.patch
@@ -1,140 +0,0 @@
-From 4799914966a7f94f41e1ed5b7b62fded7ba09704 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 12 Dec 2024 11:03:38 +0900
-Subject: [PATCH 01/19] fips: Change the internal API for new FIPS service
- indicator.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/gcrypt-int.h (fips_service_indicator_init): Initialize by 0.
-(fips_service_indicator_mark_success): Remove.
-(fips_service_indicator_mark_non_compliant): New.
-* cipher/kdf.c (_gcry_kdf_derive): Follow the change of the API.
-* cipher/md.c (_gcry_md_hash_buffer): Likewise.
-(_gcry_md_hash_buffers_extract): Likewise.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/kdf.c     | 17 +++++++++--------
- cipher/md.c      |  8 ++++----
- src/gcrypt-int.h |  9 +++------
- 3 files changed, 16 insertions(+), 18 deletions(-)
-
-diff --git a/cipher/kdf.c b/cipher/kdf.c
-index 1eae2b90..71156ea4 100644
--- a/cipher/kdf.c
-+++ b/cipher/kdf.c
-@@ -248,6 +248,7 @@ _gcry_kdf_derive (const void *passphrase, size_t passphraselen,
-                   size_t keysize, void *keybuffer)
- {
-   gpg_err_code_t ec;
-+  int is_compliant_algo = 0;
- 
-   if (!passphrase)
-     {
-@@ -279,35 +280,32 @@ _gcry_kdf_derive (const void *passphrase, size_t passphraselen,
-       break;
- 
-     case GCRY_KDF_PBKDF2:
-+      is_compliant_algo = 1;
-       if (!saltlen || !iterations)
-         ec = GPG_ERR_INV_VALUE;
-       else
-         {
-          int is_compliant = 1;
-
-           if (fips_mode ())
-             {
-               /* FIPS requires minimum passphrase length, see FIPS 140-3 IG D.N */
-               if (passphraselen < 8)
-                is_compliant &= 0;
-+                fips_service_indicator_mark_non_compliant ();
- 
-               /* FIPS requires minimum salt length of 128 b (SP 800-132 sec. 5.1, p.6) */
-               if (saltlen < 16)
-                is_compliant &= 0;
-+                fips_service_indicator_mark_non_compliant ();
- 
-               /* FIPS requires minimum iterations bound (SP 800-132 sec 5.2, p.6) */
-               if (iterations < 1000)
-                is_compliant &= 0;
-+                fips_service_indicator_mark_non_compliant ();
- 
-               /* Check minimum key size */
-               if (keysize < 14)
-                is_compliant &= 0;
-+                fips_service_indicator_mark_non_compliant ();
-             }
- 
-           ec = _gcry_kdf_pkdf2 (passphrase, passphraselen, subalgo,
-                                 salt, saltlen, iterations, keysize, keybuffer);
-          if (!ec)
-            fips_service_indicator_mark_success (is_compliant);
-         }
-       break;
- 
-@@ -326,6 +324,9 @@ _gcry_kdf_derive (const void *passphrase, size_t passphraselen,
-       break;
-     }
- 
-+  if (!ec && !is_compliant_algo && fips_mode ())
-+    fips_service_indicator_mark_non_compliant ();
-+
-  leave:
-   return ec;
- }
-diff --git a/cipher/md.c b/cipher/md.c
-index c2bd18c6..ef2fc5a4 100644
--- a/cipher/md.c
-+++ b/cipher/md.c
-@@ -1286,8 +1286,8 @@ _gcry_md_hash_buffer (int algo, void *digest,
- 
-   if (fips_mode ())
-     {
-      int is_compliant = spec->flags.fips;
-      fips_service_indicator_mark_success (is_compliant);
-+      if (!spec->flags.fips)
-+        fips_service_indicator_mark_non_compliant ();
-     }
- }
- 
-@@ -1384,8 +1384,8 @@ _gcry_md_hash_buffers_extract (int algo, unsigned int flags, void *digest,
- 
-   if (fips_mode ())
-     {
-      int is_compliant = spec->flags.fips;
-      fips_service_indicator_mark_success (is_compliant);
-+      if (!spec->flags.fips)
-+        fips_service_indicator_mark_non_compliant ();
-     }
- 
-   return 0;
-diff --git a/src/gcrypt-int.h b/src/gcrypt-int.h
-index 7f894737..aa49d766 100644
--- a/src/gcrypt-int.h
-+++ b/src/gcrypt-int.h
-@@ -303,13 +303,10 @@ unsigned long _gcry_thread_context_get_fsi (void);
- #define fips_service_indicator_init() do \
-   {                                      \
-     if (fips_mode ())                    \
-      _gcry_thread_context_set_fsi (1);  \
-  } while (0)
-#define fips_service_indicator_mark_success(is_compliant) do \
-  {                                                          \
-    if (is_compliant && fips_mode ())                        \
-      _gcry_thread_context_set_fsi (0);                      \
-+      _gcry_thread_context_set_fsi (0);  \
-   } while (0)
-+/* Should be used only when fips_mode()==TRUE.  */
-+#define fips_service_indicator_mark_non_compliant() _gcry_thread_context_set_fsi (1)
- 
- /* Return a pointer to a string containing a description of the error
-    code in the error value ERR.  */
-- 
-2.49.0
-
--- a/libgcrypt-fips-Fix-GCRY_FIPS_FLAG_REJECT_MD.patch
+++ b/libgcrypt-fips-Fix-GCRY_FIPS_FLAG_REJECT_MD.patch
@@ -1,42 +0,0 @@
-From b9eb8f4cb81801d68580627ad2188607a8c5f2ec Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 13 Mar 2025 15:01:21 +0900
-Subject: [PATCH 12/14] fips: Fix GCRY_FIPS_FLAG_REJECT_MD.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/gcrypt.h.in (GCRY_FIPS_FLAG_REJECT_MD): Include SHA1.
-
--
-
-Fixes-commit: 4ee91a94bcdad32aed4364d09e3daf8841fa579f
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- src/gcrypt.h.in | 8 +++++---
- 1 file changed, 5 insertions(+), 3 deletions(-)
-
-diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
-index b2b8853f..a9c36aa6 100644
--- a/src/gcrypt.h.in
-+++ b/src/gcrypt.h.in
-@@ -1994,10 +1994,12 @@ char *gcry_get_config (int mode, const char *what);
- #define GCRY_FIPS_FLAG_REJECT_PK_ECC_K      (1 << 10)
- #define GCRY_FIPS_FLAG_REJECT_PK_FLAGS      (1 << 11)
- 
-#define GCRY_FIPS_FLAG_REJECT_MD \
-  (GCRY_FIPS_FLAG_REJECT_MD_MD5 | GCRY_FIPS_FLAG_REJECT_MD_OTHERS)
-+#define GCRY_FIPS_FLAG_REJECT_MD                                \
-+  (GCRY_FIPS_FLAG_REJECT_MD_MD5 | GCRY_FIPS_FLAG_REJECT_MD_SHA1 \
-+   | GCRY_FIPS_FLAG_REJECT_MD_OTHERS)
- 
-/* Note: Don't reject MD5, PK MD, PK GOST, PK SM2, PK ECC K, and PK FLAGS */
-+/* Note: Don't reject MD5, PK MD, PK GOST, PK SM2,
-+                      SHA1, PK ECC K, and PK FLAGS */
- #define GCRY_FIPS_FLAG_REJECT_COMPAT110 \
-   (GCRY_FIPS_FLAG_REJECT_MD_OTHERS      \
-    | GCRY_FIPS_FLAG_REJECT_MAC          \
-- 
-2.49.0
-
--- a/libgcrypt-fips-Introduce-GCRYCTL_FIPS_REJECT_NON_FIPS.patch
+++ b/libgcrypt-fips-Introduce-GCRYCTL_FIPS_REJECT_NON_FIPS.patch
@@ -1,261 +0,0 @@
-From e52adf0948c60b2e9accd7996fcece0f9b443763 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 19 Dec 2024 11:30:28 +0900
-Subject: [PATCH 12/19] fips: Introduce GCRYCTL_FIPS_REJECT_NON_FIPS.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/gcrypt.h.in (GCRYCTL_FIPS_REJECT_NON_FIPS): New.
-(GCRY_FIPS_FLAG_REJECT_*): New.
-* src/fips.c (struct gcry_thread_context): Add flags_reject_non_fips.
-(the_tc): Add initial value.
-(_gcry_thread_context_set_reject): New.
-(_gcry_thread_context_check_rejection): New.
-* src/gcrypt-int.h (fips_check_rejection): New.
-* src/global.c (_gcry_vcontrol): Handle GCRYCTL_FIPS_REJECT_NON_FIPS.
-* tests/t-fips-service-ind.c (main): Use GCRYCTL_FIPS_REJECT_NON_FIPS.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/ecc-curves.c        |  7 ++++++-
- cipher/pubkey.c            | 34 ++++++++++++++++++++++++++--------
- src/fips.c                 | 17 ++++++++++++++++-
- src/gcrypt-int.h           |  9 ++++++++-
- src/gcrypt.h.in            | 28 ++++++++++++++++++++++++++--
- src/global.c               |  7 +++++++
- tests/t-fips-service-ind.c |  2 ++
- 7 files changed, 91 insertions(+), 13 deletions(-)
-
-Index: libgcrypt-1.11.0/cipher/ecc-curves.c
-===================================================================
--- libgcrypt-1.11.0.orig/cipher/ecc-curves.c
-+++ libgcrypt-1.11.0/cipher/ecc-curves.c
-@@ -645,7 +645,12 @@ _gcry_ecc_fill_in_curve (unsigned int nb
-      possible to bypass this check by specifying the curve parameters
-      directly.  */
-   if (fips_mode () && !domain_parms[idx].fips )
-    fips_service_indicator_mark_non_compliant ();
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        return GPG_ERR_NOT_SUPPORTED;
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
- 
-   switch (domain_parms[idx].model)
-     {
-Index: libgcrypt-1.11.0/cipher/pubkey.c
-===================================================================
--- libgcrypt-1.11.0.orig/cipher/pubkey.c
-+++ libgcrypt-1.11.0/cipher/pubkey.c
-@@ -510,7 +510,12 @@ prepare_datasexp_to_be_signed (const cha
-       algo = _gcry_md_get_algo (hd);
- 
-       if (fips_mode () && algo == GCRY_MD_SHA1)
-        fips_service_indicator_mark_non_compliant ();
-+        {
-+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+            return GPG_ERR_DIGEST_ALGO;
-+          else
-+            fips_service_indicator_mark_non_compliant ();
-+        }
- 
-       digest_name = _gcry_md_algo_name (algo);
-       digest_size = (int)_gcry_md_get_algo_dlen (algo);
-@@ -538,7 +543,12 @@ prepare_datasexp_to_be_signed (const cha
- 	  return GPG_ERR_DIGEST_ALGO;
- 	}
-       else if (fips_mode () && algo == GCRY_MD_SHA1)
-        fips_service_indicator_mark_non_compliant ();
-+        {
-+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+            return GPG_ERR_DIGEST_ALGO;
-+          else
-+            fips_service_indicator_mark_non_compliant ();
-+        }
- 
-       digest_size = (int)_gcry_md_get_algo_dlen (algo);
-       digest = _gcry_md_read (hd, algo);
-@@ -611,11 +621,15 @@ _gcry_pk_sign_md (gcry_sexp_t *r_sig, co
-   if (rc)
-     goto leave;
- 
-  if (!spec->flags.fips && fips_mode ())
-    fips_service_indicator_mark_non_compliant ();
-
-   if (spec->flags.disabled)
-     rc = GPG_ERR_PUBKEY_ALGO;
-+  else if (!spec->flags.fips && fips_mode ())
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        return GPG_ERR_PUBKEY_ALGO;
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-   else if (spec->sign)
-     rc = spec->sign (r_sig, s_data, keyparms);
-   else
-@@ -689,11 +703,15 @@ _gcry_pk_verify_md (gcry_sexp_t s_sig, c
-   if (rc)
-     goto leave;
- 
-  if (!spec->flags.fips && fips_mode ())
-    fips_service_indicator_mark_non_compliant ();
-
-   if (spec->flags.disabled)
-     rc = GPG_ERR_PUBKEY_ALGO;
-+  else if (!spec->flags.fips && fips_mode ())
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        return GPG_ERR_PUBKEY_ALGO;
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-   else if (spec->verify)
-     rc = spec->verify (s_sig, s_data, keyparms);
-   else
-Index: libgcrypt-1.11.0/src/fips.c
-===================================================================
--- libgcrypt-1.11.0.orig/src/fips.c
-+++ libgcrypt-1.11.0/src/fips.c
-@@ -70,15 +70,30 @@ static enum module_states current_state;
- 
- struct gcry_thread_context {
-   unsigned long fips_service_indicator;
-+  unsigned int flags_reject_non_fips;
- };
- 
- #ifdef HAVE_GCC_STORAGE_CLASS__THREAD
-static __thread struct gcry_thread_context the_tc;
-+static __thread struct gcry_thread_context the_tc = {
-+  0, GCRY_FIPS_FLAG_REJECT_DEFAULT
-+};
- #else
- #error libgcrypt requires thread-local storage to support FIPS mode
- #endif
- 
- void
-+_gcry_thread_context_set_reject (unsigned int flags)
-+{
-+  the_tc.flags_reject_non_fips = flags;
-+}
-+
-+int
-+_gcry_thread_context_check_rejection (unsigned int flag)
-+{
-+  return !!(the_tc.flags_reject_non_fips & flag);
-+}
-+
-+void
- _gcry_thread_context_set_fsi (unsigned long fsi)
- {
-   the_tc.fips_service_indicator = fsi;
-Index: libgcrypt-1.11.0/src/gcrypt-int.h
-===================================================================
--- libgcrypt-1.11.0.orig/src/gcrypt-int.h
-+++ libgcrypt-1.11.0/src/gcrypt-int.h
-@@ -297,6 +297,12 @@ void _gcry_set_log_handler (gcry_handler
- void _gcry_set_gettext_handler (const char *(*f)(const char*));
- void _gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data);
- 
-+void _gcry_thread_context_set_reject (unsigned int flags);
-+int _gcry_thread_context_check_rejection (unsigned int flag);
-+
-+#define fips_check_rejection(flag) \
-+  _gcry_thread_context_check_rejection (flag)
-+
- void _gcry_thread_context_set_fsi (unsigned long fsi);
- unsigned long _gcry_thread_context_get_fsi (void);
- #define fips_service_indicator_init() do \
-@@ -305,7 +311,8 @@ unsigned long _gcry_thread_context_get_f
-       _gcry_thread_context_set_fsi (0);  \
-   } while (0)
- /* Should be used only when fips_mode()==TRUE.  */
-#define fips_service_indicator_mark_non_compliant() _gcry_thread_context_set_fsi (1)
-+#define fips_service_indicator_mark_non_compliant() \
-+  _gcry_thread_context_set_fsi (1)
- 
- /* Return a pointer to a string containing a description of the error
-    code in the error value ERR.  */
-Index: libgcrypt-1.11.0/src/gcrypt.h.in
-===================================================================
--- libgcrypt-1.11.0.orig/src/gcrypt.h.in
-+++ libgcrypt-1.11.0/src/gcrypt.h.in
-@@ -338,7 +338,8 @@ enum gcry_ctl_cmds
-     GCRYCTL_MD_CUSTOMIZE = 88,
-     GCRYCTL_FIPS_SERVICE_INDICATOR_PK = 89,
-     GCRYCTL_FIPS_SERVICE_INDICATOR_HASH = 90,
-    GCRYCTL_FIPS_SERVICE_INDICATOR = 91
-+    GCRYCTL_FIPS_SERVICE_INDICATOR = 91,
-+    GCRYCTL_FIPS_REJECT_NON_FIPS = 92
-   };
- 
- /* Perform various operations defined by CMD. */
-@@ -1971,7 +1972,30 @@ void gcry_log_debugsxp (const char *text
- char *gcry_get_config (int mode, const char *what);
- 
- /* Convinience macro to access the FIPS service indicator.  */
-#define gcry_get_fips_service_indicator() gcry_control (GCRYCTL_FIPS_SERVICE_INDICATOR)
-+#define gcry_get_fips_service_indicator()       \
-+  gcry_control (GCRYCTL_FIPS_SERVICE_INDICATOR)
-+
-+#define GCRY_FIPS_FLAG_REJECT_KDF           (1 << 0)
-+#define GCRY_FIPS_FLAG_REJECT_MD_MD5        (1 << 1)
-+#define GCRY_FIPS_FLAG_REJECT_MD_OTHERS     (1 << 2)
-+#define GCRY_FIPS_FLAG_REJECT_MAC           (1 << 3)
-+#define GCRY_FIPS_FLAG_REJECT_CIPHER        (1 << 4)
-+#define GCRY_FIPS_FLAG_REJECT_PK            (1 << 5)
-+
-+#define GCRY_FIPS_FLAG_REJECT_MD \
-+  (GCRY_FIPS_FLAG_REJECT_MD_MD5 | GCRY_FIPS_FLAG_REJECT_MD_OTHERS)
-+
-+/* Note: Don't reject MD5 */
-+#define GCRY_FIPS_FLAG_REJECT_COMPAT110 \
-+  (GCRY_FIPS_FLAG_REJECT_MD_OTHERS      \
-+   | GCRY_FIPS_FLAG_REJECT_MAC          \
-+   | GCRY_FIPS_FLAG_REJECT_CIPHER       \
-+   | GCRY_FIPS_FLAG_REJECT_KDF          \
-+   | GCRY_FIPS_FLAG_REJECT_PK)
-+
-+#define GCRY_FIPS_FLAG_REJECT_DEFAULT \
-+  GCRY_FIPS_FLAG_REJECT_COMPAT110
-+
- 
- /* Log levels used by the internal logging facility. */
- enum gcry_log_levels
-Index: libgcrypt-1.11.0/src/global.c
-===================================================================
--- libgcrypt-1.11.0.orig/src/global.c
-+++ libgcrypt-1.11.0/src/global.c
-@@ -791,6 +791,13 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd,
-       rc = _gcry_fips_indicator ();
-       break;
- 
-+    case GCRYCTL_FIPS_REJECT_NON_FIPS:
-+      {
-+        unsigned int flags = va_arg (arg_ptr, unsigned int);
-+        _gcry_thread_context_set_reject (flags);
-+      }
-+      break;
-+
-     case GCRYCTL_FIPS_SERVICE_INDICATOR_CIPHER:
-       /* Get FIPS Service Indicator for a given symmetric algorithm and
-        * optional mode. Returns GPG_ERR_NO_ERROR if algorithm is allowed or
-Index: libgcrypt-1.11.0/tests/t-fips-service-ind.c
-===================================================================
--- libgcrypt-1.11.0.orig/tests/t-fips-service-ind.c
-+++ libgcrypt-1.11.0/tests/t-fips-service-ind.c
-@@ -1007,6 +1007,8 @@ main (int argc, char **argv)
-   if (debug)
-     xgcry_control ((GCRYCTL_SET_DEBUG_FLAGS, 1u , 0));
- 
-+  xgcry_control ((GCRYCTL_FIPS_REJECT_NON_FIPS, 0));
-+
-   check_digests ();
-   check_kdf_derive ();
-   check_md_o_w_r_c ();
--- a/libgcrypt-fips-Introduce-GCRYCTL_FIPS_SERVICE_INDICATOR-and-the-macro.patch
+++ b/libgcrypt-fips-Introduce-GCRYCTL_FIPS_SERVICE_INDICATOR-and-the-macro.patch
@@ -1,101 +0,0 @@
-From f51f4e98930e6b2175e85fe8a95b8b6a15ad5efa Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 5 Dec 2024 11:34:32 +0900
-Subject: [PATCH 2/5] fips: Introduce GCRYCTL_FIPS_SERVICE_INDICATOR and the
- macro.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/fips.c (_gcry_fips_indicator): New.
-* src/g10lib.h (_gcry_fips_indicator): New.
-* src/gcrypt.h.in (GCRYCTL_FIPS_SERVICE_INDICATOR): New.
-(gcry_get_fips_service_indicator): New.
-* src/global.c (_gcry_vcontrol): Handle GCRYCTL_FIPS_SERVICE_INDICATOR.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- src/fips.c      | 11 +++++++++++
- src/g10lib.h    |  2 ++
- src/gcrypt.h.in |  6 +++++-
- src/global.c    |  4 ++++
- 4 files changed, 22 insertions(+), 1 deletion(-)
-
-Index: libgcrypt-1.11.0/src/fips.c
-===================================================================
--- libgcrypt-1.11.0.orig/src/fips.c
-+++ libgcrypt-1.11.0/src/fips.c
-@@ -364,6 +364,17 @@ _gcry_fips_test_operational (void)
-   return result;
- }
- 
-+gpg_err_code_t
-+_gcry_fips_indicator (void)
-+{
-+  /* If anything recorded, it means that the operation is not
-+     supported under FIPS mode.  */
-+  if (_gcry_thread_context_get_fsi ())
-+    return GPG_ERR_NOT_SUPPORTED;
-+
-+  return 0;
-+}
-+
- int
- _gcry_fips_indicator_cipher (va_list arg_ptr)
- {
-Index: libgcrypt-1.11.0/src/g10lib.h
-===================================================================
--- libgcrypt-1.11.0.orig/src/g10lib.h
-+++ libgcrypt-1.11.0/src/g10lib.h
-@@ -468,6 +468,8 @@ void _gcry_fips_signal_error (const char
-            _gcry_fips_signal_error (__FILE__, __LINE__, NULL, 1, (a))
- #endif
- 
-+gpg_err_code_t _gcry_fips_indicator (void);
-+
- int _gcry_fips_indicator_cipher (va_list arg_ptr);
- int _gcry_fips_indicator_hash (va_list arg_ptr);
- int _gcry_fips_indicator_mac (va_list arg_ptr);
-Index: libgcrypt-1.11.0/src/gcrypt.h.in
-===================================================================
--- libgcrypt-1.11.0.orig/src/gcrypt.h.in
-+++ libgcrypt-1.11.0/src/gcrypt.h.in
-@@ -337,7 +337,8 @@ enum gcry_ctl_cmds
-     GCRYCTL_FIPS_SERVICE_INDICATOR_PK_FLAGS = 87,
-     GCRYCTL_MD_CUSTOMIZE = 88,
-     GCRYCTL_FIPS_SERVICE_INDICATOR_PK = 89,
-    GCRYCTL_FIPS_SERVICE_INDICATOR_HASH = 90
-+    GCRYCTL_FIPS_SERVICE_INDICATOR_HASH = 90,
-+    GCRYCTL_FIPS_SERVICE_INDICATOR = 91
-   };
- 
- /* Perform various operations defined by CMD. */
-@@ -1966,6 +1967,9 @@ void gcry_log_debugsxp (const char *text
- 
- char *gcry_get_config (int mode, const char *what);
- 
-+/* Convinience macro to access the FIPS service indicator.  */
-+#define gcry_get_fips_service_indicator() gcry_control (GCRYCTL_FIPS_SERVICE_INDICATOR)
-+
- /* Log levels used by the internal logging facility. */
- enum gcry_log_levels
-   {
-Index: libgcrypt-1.11.0/src/global.c
-===================================================================
--- libgcrypt-1.11.0.orig/src/global.c
-+++ libgcrypt-1.11.0/src/global.c
-@@ -787,6 +787,10 @@ _gcry_vcontrol (enum gcry_ctl_cmds cmd,
-       rc = _gcry_fips_run_selftests (1);
-       break;
- 
-+    case GCRYCTL_FIPS_SERVICE_INDICATOR:
-+      rc = _gcry_fips_indicator ();
-+      break;
-+
-     case GCRYCTL_FIPS_SERVICE_INDICATOR_CIPHER:
-       /* Get FIPS Service Indicator for a given symmetric algorithm and
-        * optional mode. Returns GPG_ERR_NO_ERROR if algorithm is allowed or
--- a/libgcrypt-fips-Introduce-an-internal-API-for-FIPS-service-indicator.patch
+++ b/libgcrypt-fips-Introduce-an-internal-API-for-FIPS-service-indicator.patch
@@ -1,332 +0,0 @@
-From e1cf3123282525693b646499eb7efe4f2be4010a Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 5 Dec 2024 11:06:37 +0900
-Subject: [PATCH 1/5] fips: Introduce an internal API for FIPS service
- indicator.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* configure.ac (HAVE_GCC_STORAGE_CLASS__THREAD): New.
-* src/fips.c (struct gcry_thread_context): New.
-(_gcry_thread_context_set_fsi, _gcry_thread_context_get_fsi): New.
-* src/gcrypt-int.h (fips_service_indicator_init): New macro.
-(fips_service_indicator_mark_success): New macro.
-* tests/Makefile.am (tests_bin): Add t-thread-local.
-* tests/t-thread-local.c: New.
-
--
-
-GnuPG-bug-id: 7340
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- configure.ac           |  14 +++
- src/fips.c             |  21 ++++-
- src/gcrypt-int.h       |  12 +++
- tests/Makefile.am      |   2 +-
- tests/t-thread-local.c | 196 +++++++++++++++++++++++++++++++++++++++++
- 5 files changed, 243 insertions(+), 2 deletions(-)
- create mode 100644 tests/t-thread-local.c
-
-diff --git a/configure.ac b/configure.ac
-index a7f922b1..d708f89a 100644
--- a/configure.ac
-+++ b/configure.ac
-@@ -1489,6 +1489,20 @@ if test "$gcry_cv_gcc_attribute_sysv_abi" = "yes" ; then
-    fi
- fi
- 
-+#
-+# Check whether compiler support '__thread' storage class specifier.
-+#
-+AC_CACHE_CHECK([whether compiler supports '__thread' storage class specifier],
-+       [gcry_cv_gcc_storage_class__thread],
-+       [gcry_cv_gcc_storage_class__thread=no
-+        AC_COMPILE_IFELSE([AC_LANG_PROGRAM([#include <stdlib.h>],
-+          [static  __thread  int bar;]
-+          )],
-+          [gcry_cv_gcc_storage_class__thread=yes])])
-+if test "$gcry_cv_gcc_storage_class__thread" = "yes" ; then
-+   AC_DEFINE(HAVE_GCC_STORAGE_CLASS__THREAD,1,
-+     [Defined if compiler supports "__thread" storage class specifier])
-+fi
- 
- # Restore flags.
- CFLAGS=$_gcc_cflags_save;
-diff --git a/src/fips.c b/src/fips.c
-index cf91baa8..58fb69df 100644
--- a/src/fips.c
-+++ b/src/fips.c
-@@ -67,10 +67,29 @@ GPGRT_LOCK_DEFINE (fsm_lock);
-    used while in fips mode. Change this only while holding fsm_lock. */
- static enum module_states current_state;
- 
-+struct gcry_thread_context {
-+  unsigned long fips_service_indicator;
-+};
-+
-+#ifdef HAVE_GCC_STORAGE_CLASS__THREAD
-+static __thread struct gcry_thread_context the_tc;
-+#else
-+#error libgcrypt requires thread-local storage to support FIPS mode
-+#endif
-+
-+void
-+_gcry_thread_context_set_fsi (unsigned long fsi)
-+{
-+  the_tc.fips_service_indicator = fsi;
-+}
- 
-+unsigned long
-+_gcry_thread_context_get_fsi (void)
-+{
-+  return the_tc.fips_service_indicator;
-+}
- 
- 
-
- static void fips_new_state (enum module_states new_state);
- 
- 
-diff --git a/src/gcrypt-int.h b/src/gcrypt-int.h
-index 074ea071..7f894737 100644
--- a/src/gcrypt-int.h
-+++ b/src/gcrypt-int.h
-@@ -298,6 +298,18 @@ void _gcry_set_log_handler (gcry_handler_log_t f, void *opaque);
- void _gcry_set_gettext_handler (const char *(*f)(const char*));
- void _gcry_set_progress_handler (gcry_handler_progress_t cb, void *cb_data);
- 
-+void _gcry_thread_context_set_fsi (unsigned long fsi);
-+unsigned long _gcry_thread_context_get_fsi (void);
-+#define fips_service_indicator_init() do \
-+  {                                      \
-+    if (fips_mode ())                    \
-+      _gcry_thread_context_set_fsi (1);  \
-+  } while (0)
-+#define fips_service_indicator_mark_success(is_compliant) do \
-+  {                                                          \
-+    if (is_compliant && fips_mode ())                        \
-+      _gcry_thread_context_set_fsi (0);                      \
-+  } while (0)
- 
- /* Return a pointer to a string containing a description of the error
-    code in the error value ERR.  */
-diff --git a/tests/Makefile.am b/tests/Makefile.am
-index 423bc1cd..52f7dd61 100644
--- a/tests/Makefile.am
-+++ b/tests/Makefile.am
-@@ -25,7 +25,7 @@ tests_bin = \
-         version t-secmem mpitests t-sexp t-convert \
- 	t-mpi-bit t-mpi-point t-lock \
- 	prime basic keygen pubkey hmac hashtest t-kdf keygrip \
-	aeswrap random t-kem t-mlkem
-+	aeswrap random t-kem t-mlkem t-thread-local
- 
- if USE_RSA
- tests_bin += pkcs1v2 t-rsa-pss t-rsa-15 t-rsa-testparm
-diff --git a/tests/t-thread-local.c b/tests/t-thread-local.c
-new file mode 100644
-index 00000000..285f197f
--- /dev/null
-+++ b/tests/t-thread-local.c
-@@ -0,0 +1,196 @@
-+/* t-mlkem.c - Check the thread local storage
-+ * Copyright (C) 2024 g10 Code GmbH
-+ *
-+ * This file is part of Libgcrypt.
-+ *
-+ * Libgcrypt is free software; you can redistribute it and/or modify
-+ * it under the terms of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation; either version 2.1 of
-+ * the License, or (at your option) any later version.
-+ *
-+ * Libgcrypt is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-+ * GNU Lesser General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
-+ * SPDX-License-Identifier: LGPL-2.1+
-+ */
-+
-+/* For now, this program simply test __thread storage class specifier.
-+ * After we implement thread local context for libgcrypt, we will
-+ * modity to test the feature.  */
-+
-+#ifdef HAVE_CONFIG_H
-+#include <config.h>
-+#endif
-+#include <stdarg.h>
-+#include <stdio.h>
-+#include <ctype.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <errno.h>
-+#if HAVE_PTHREAD
-+# include <pthread.h>
-+#endif
-+
-+#define PGM "t-thread-local"
-+
-+#include "t-common.h"
-+#include "../src/gcrypt-testapi.h"
-+
-+/* Mingw requires us to include windows.h after winsock2.h which is
-+   included by gcrypt.h.  */
-+#ifdef _WIN32
-+# include <windows.h>
-+#endif
-+
-+#ifdef _WIN32
-+# define THREAD_RET_TYPE  DWORD WINAPI
-+# define THREAD_RET_VALUE 0
-+#else
-+# define THREAD_RET_TYPE  void *
-+# define THREAD_RET_VALUE NULL
-+#endif
-+
-+#define N_TESTS 1
-+
-+#define N_THREADS 19
-+
-+static __thread unsigned long t;
-+
-+struct thread_arg_s
-+{
-+  int no;
-+};
-+
-+#if defined(HAVE_PTHREAD) || defined(_WIN32)
-+/* Checking the local storage thread.  */
-+static THREAD_RET_TYPE
-+check_ls_thread (void *argarg)
-+{
-+  struct thread_arg_s *arg = argarg;
-+
-+  t = arg->no;
-+  info ("a thread update the local storage: %lu", t);
-+
-+  gcry_free (arg);
-+  return THREAD_RET_VALUE;
-+}
-+#endif
-+
-+static void
-+check_thread_local (void)
-+{
-+  struct thread_arg_s *arg;
-+
-+#ifdef _WIN32
-+  HANDLE threads[N_THREADS];
-+  int i;
-+  int rc;
-+
-+  t = N_THREADS;
-+  for (i=0; i < N_THREADS; i++)
-+    {
-+      arg = gcry_xmalloc (sizeof *arg);
-+      arg->no = i;
-+      threads[i] = CreateThread (NULL, 0, check_ls_thread, arg, 0, NULL);
-+      if (!threads[i])
-+        die ("error creating a thread %d: rc=%d",
-+             i, (int)GetLastError ());
-+    }
-+
-+  for (i=0; i < N_THREADS; i++)
-+    {
-+      rc = WaitForSingleObject (threads[i], INFINITE);
-+      if (rc == WAIT_OBJECT_0)
-+        info ("a thread %d has terminated", i);
-+      else
-+        fail ("waiting for a thread %d failed: %d",
-+              i, (int)GetLastError ());
-+      CloseHandle (threads[i]);
-+    }
-+
-+#elif HAVE_PTHREAD
-+  pthread_t threads[N_THREADS];
-+  int rc, i;
-+
-+  t = N_THREADS;
-+  for (i=0; i < N_THREADS; i++)
-+    {
-+      arg = gcry_xmalloc (sizeof *arg);
-+      arg->no = i;
-+      pthread_create (&threads[i], NULL, check_ls_thread, arg);
-+    }
-+
-+  for (i=0; i < N_THREADS; i++)
-+    {
-+      rc = pthread_join (threads[i], NULL);
-+      if (rc)
-+        fail ("pthread_join failed for a thread %d: %s",
-+              i, strerror (errno));
-+      else
-+        info ("a thread %d has terminated", i);
-+    }
-+#else
-+  (void)arg;
-+#endif /*!_WIN32*/
-+  if (t != N_THREADS)
-+    fail ("failed t=%lu\n", t);
-+  else
-+    info ("success");
-+}
-+
-+int
-+main (int argc, char **argv)
-+{
-+  int last_argc = -1;
-+
-+  if (argc)
-+    { argc--; argv++; }
-+
-+  while (argc && last_argc != argc)
-+    {
-+      last_argc = argc;
-+      if (!strcmp (*argv, "--"))
-+        {
-+          argc--; argv++;
-+          break;
-+        }
-+      else if (!strcmp (*argv, "--help"))
-+        {
-+          fputs ("usage: " PGM " [options]\n"
-+                 "Options:\n"
-+                 "  --verbose       print timings etc.\n"
-+                 "  --debug         flyswatter\n",
-+                 stdout);
-+          exit (0);
-+        }
-+      else if (!strcmp (*argv, "--verbose"))
-+        {
-+          verbose++;
-+          argc--; argv++;
-+        }
-+      else if (!strcmp (*argv, "--debug"))
-+        {
-+          verbose += 2;
-+          debug++;
-+          argc--; argv++;
-+        }
-+      else if (!strncmp (*argv, "--", 2))
-+        die ("unknown option '%s'", *argv);
-+    }
-+
-+  xgcry_control ((GCRYCTL_DISABLE_SECMEM, 0));
-+  if (!gcry_check_version (GCRYPT_VERSION))
-+    die ("version mismatch\n");
-+  if (debug)
-+    xgcry_control ((GCRYCTL_SET_DEBUG_FLAGS, 1u , 0));
-+  xgcry_control ((GCRYCTL_ENABLE_QUICK_RANDOM, 0));
-+  xgcry_control ((GCRYCTL_INITIALIZATION_FINISHED, 0));
-+
-+  check_thread_local ();
-+
-+  return !!error_count;
-+}
-- 
-2.49.0
-
--- a/libgcrypt-fips-Rejection-by-GCRYCTL_FIPS_REJECT_NON_FIPS-not-by-open-flags.patch
+++ b/libgcrypt-fips-Rejection-by-GCRYCTL_FIPS_REJECT_NON_FIPS-not-by-open-flags.patch
@@ -1,498 +0,0 @@
-From d060dd58b82882dec0d8bfcc593536bc0083b4b1 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Fri, 20 Dec 2024 09:38:13 +0900
-Subject: [PATCH 14/19] fips: Rejection by GCRYCTL_FIPS_REJECT_NON_FIPS, not by
- open flags.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/gcrypt.h.in (GCRY_CIPHER_FLAG_REJECT_NON_FIPS): Remove.
-(GCRY_MD_FLAG_REJECT_NON_FIPS): Remove.
-(GCRY_MAC_FLAG_REJECT_NON_FIPS): Remove.
-* tests/t-fips-service-ind.c: Update tests with
-GCRYCTL_FIPS_REJECT_NON_FIPS.
-* cipher/cipher.c (_gcry_cipher_open_internal, cipher_setkey): Use
-fips_check_rejection.
-* cipher/mac.c (mac_open): Likewise.
-* cipher/md.c (struct gcry_md_context): Remove reject_non_fips.
-(md_open, md_enable): Use fips_check_rejection.
-(_gcry_md_enable, md_copy): Likewise.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/cipher.c            |  8 ++--
- cipher/mac.c               |  5 +--
- cipher/md.c                | 81 ++++++++++++++++++++++++++++++--------
- src/gcrypt.h.in            |  7 +---
- tests/t-fips-service-ind.c | 59 +++++++++++----------------
- 5 files changed, 94 insertions(+), 66 deletions(-)
-
-Index: libgcrypt-1.11.0/cipher/cipher.c
-===================================================================
--- libgcrypt-1.11.0.orig/cipher/cipher.c
-+++ libgcrypt-1.11.0/cipher/cipher.c
-@@ -510,7 +510,6 @@ _gcry_cipher_open_internal (gcry_cipher_
- 			    int algo, int mode, unsigned int flags)
- {
-   int secure = !!(flags & GCRY_CIPHER_SECURE);
-  int reject_non_fips = !!(flags & GCRY_CIPHER_FLAG_REJECT_NON_FIPS);
-   gcry_cipher_spec_t *spec;
-   gcry_cipher_hd_t h = NULL;
-   gcry_err_code_t err;
-@@ -526,7 +525,7 @@ _gcry_cipher_open_internal (gcry_cipher_
-     err = GPG_ERR_CIPHER_ALGO;
-   else if (!spec->flags.fips && fips_mode ())
-     {
-      if (reject_non_fips)
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_CIPHER))
-         err = GPG_ERR_CIPHER_ALGO;
-       else
-         {
-@@ -544,8 +543,7 @@ _gcry_cipher_open_internal (gcry_cipher_
- 		     | GCRY_CIPHER_ENABLE_SYNC
- 		     | GCRY_CIPHER_CBC_CTS
- 		     | GCRY_CIPHER_CBC_MAC
-                     | GCRY_CIPHER_EXTENDED
-                     | GCRY_CIPHER_FLAG_REJECT_NON_FIPS))
-+                     | GCRY_CIPHER_EXTENDED))
- 	  || ((flags & GCRY_CIPHER_CBC_CTS) && (flags & GCRY_CIPHER_CBC_MAC))))
-     err = GPG_ERR_CIPHER_ALGO;
- 
-@@ -776,7 +774,7 @@ cipher_setkey (gcry_cipher_hd_t c, byte
- 	     Key Generation Requirements" for details.  */
- 	  if (buf_eq_const (key, key + keylen, keylen))
-             {
-              if ((c->flags & GCRY_CIPHER_FLAG_REJECT_NON_FIPS))
-+              if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_CIPHER))
-                 return GPG_ERR_WEAK_KEY;
-               else
-                 fips_service_indicator_mark_non_compliant ();
-Index: libgcrypt-1.11.0/cipher/mac.c
-===================================================================
--- libgcrypt-1.11.0.orig/cipher/mac.c
-+++ libgcrypt-1.11.0/cipher/mac.c
-@@ -519,7 +519,6 @@ mac_open (gcry_mac_hd_t * hd, int algo,
-   gcry_err_code_t err;
-   gcry_mac_hd_t h;
-   int secure = !!(flags & GCRY_MAC_FLAG_SECURE);
-  int reject_non_fips = !!(flags & GCRY_MAC_FLAG_REJECT_NON_FIPS);
- 
-   spec = spec_from_algo (algo);
-   if (!spec)
-@@ -528,7 +527,7 @@ mac_open (gcry_mac_hd_t * hd, int algo,
-     return GPG_ERR_MAC_ALGO;
-   else if (!spec->flags.fips && fips_mode ())
-     {
-      if (reject_non_fips)
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MAC))
-         return GPG_ERR_MAC_ALGO;
-       else
-         fips_service_indicator_mark_non_compliant ();
-@@ -650,7 +649,7 @@ _gcry_mac_open (gcry_mac_hd_t * h, int a
-   gcry_err_code_t rc;
-   gcry_mac_hd_t hd = NULL;
- 
-  if ((flags & ~(GCRY_MAC_FLAG_SECURE | GCRY_MAC_FLAG_REJECT_NON_FIPS)))
-+  if ((flags & ~GCRY_MAC_FLAG_SECURE))
-     rc = GPG_ERR_INV_ARG;
-   else
-     rc = mac_open (&hd, algo, flags, ctx);
-Index: libgcrypt-1.11.0/cipher/md.c
-===================================================================
--- libgcrypt-1.11.0.orig/cipher/md.c
-+++ libgcrypt-1.11.0/cipher/md.c
-@@ -275,7 +275,6 @@ struct gcry_md_context
-     unsigned int finalized:1;
-     unsigned int bugemu1:1;
-     unsigned int hmac:1;
-    unsigned int reject_non_fips:1;
-   } flags;
-   size_t actual_handle_size;     /* Allocated size of this handle. */
-   FILE  *debug;
-@@ -509,7 +508,6 @@ md_open (gcry_md_hd_t *h, int algo, unsi
-       ctx->flags.secure = secure;
-       ctx->flags.hmac = hmac;
-       ctx->flags.bugemu1 = !!(flags & GCRY_MD_FLAG_BUGEMU1);
-      ctx->flags.reject_non_fips = !!(flags & GCRY_MD_FLAG_REJECT_NON_FIPS);
-     }
- 
-   if (! err)
-@@ -544,14 +542,11 @@ _gcry_md_open (gcry_md_hd_t *h, int algo
- 
-   if ((flags & ~(GCRY_MD_FLAG_SECURE
-                  | GCRY_MD_FLAG_HMAC
-                 | GCRY_MD_FLAG_REJECT_NON_FIPS
-                  | GCRY_MD_FLAG_BUGEMU1)))
-     rc = GPG_ERR_INV_ARG;
-   else
-     rc = md_open (&hd, algo, flags);
- 
-  *h = rc? NULL : hd;
-
-   if (!rc && fips_mode ())
-     {
-       GcryDigestEntry *entry = hd->ctx->list;
-@@ -566,9 +561,26 @@ _gcry_md_open (gcry_md_hd_t *h, int algo
-         }
- 
-       if (!is_compliant_algo)
-        fips_service_indicator_mark_non_compliant ();
-+        {
-+          int reject = 0;
-+
-+          if (algo == GCRY_MD_MD5)
-+            reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
-+          else
-+            reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
-+
-+          if (reject)
-+            {
-+              md_close (hd);
-+              hd = NULL;
-+              rc = GPG_ERR_DIGEST_ALGO;
-+            }
-+          else
-+            fips_service_indicator_mark_non_compliant ();
-+        }
-     }
- 
-+  *h = rc? NULL : hd;
-   return rc;
- }
- 
-@@ -581,12 +593,17 @@ md_enable (gcry_md_hd_t hd, int algorith
-   const gcry_md_spec_t *spec;
-   GcryDigestEntry *entry;
-   gcry_err_code_t err = 0;
-  int reject_non_fips = h->flags.reject_non_fips;
-+  int reject;
- 
-   for (entry = h->list; entry; entry = entry->next)
-     if (entry->spec->algo == algorithm)
-       return 0; /* Already enabled */
- 
-+  if (algorithm == GCRY_MD_MD5)
-+    reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
-+  else
-+    reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
-+
-   spec = spec_from_algo (algorithm);
-   if (!spec)
-     {
-@@ -598,7 +615,7 @@ md_enable (gcry_md_hd_t hd, int algorith
-     err = GPG_ERR_DIGEST_ALGO;
- 
-   /* Any non-FIPS algorithm should go this way */
-  if (!err && reject_non_fips && !spec->flags.fips && fips_mode ())
-+  if (!err && reject && !spec->flags.fips && fips_mode ())
-     err = GPG_ERR_DIGEST_ALGO;
- 
-   if (!err && h->flags.hmac && spec->read == NULL)
-@@ -657,7 +674,19 @@ _gcry_md_enable (gcry_md_hd_t hd, int al
-         }
- 
-       if (!is_compliant_algo)
-        fips_service_indicator_mark_non_compliant ();
-+        {
-+          int reject = 0;
-+
-+          if (algorithm == GCRY_MD_MD5)
-+            reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
-+          else
-+            reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
-+
-+          if (reject)
-+            rc = GPG_ERR_DIGEST_ALGO;
-+          else
-+            fips_service_indicator_mark_non_compliant ();
-+        }
-     }
- 
-   return rc;
-@@ -667,13 +696,14 @@ _gcry_md_enable (gcry_md_hd_t hd, int al
- static gcry_err_code_t
- md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
- {
-  gcry_err_code_t err = 0;
-+  gcry_err_code_t rc = 0;
-   struct gcry_md_context *a = ahd->ctx;
-   struct gcry_md_context *b;
-   GcryDigestEntry *ar, *br;
-   gcry_md_hd_t bhd;
-   size_t n;
-   int is_compliant_algo = 1;
-+  int reject = 0;
- 
-   if (ahd->bufpos)
-     md_write (ahd, NULL, 0);
-@@ -686,7 +716,7 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t
- 
-   if (!bhd)
-     {
-      err = gpg_err_code_from_syserror ();
-+      rc = gpg_err_code_from_syserror ();
-       goto leave;
-     }
- 
-@@ -715,12 +745,20 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t
-         br = xtrymalloc (ar->actual_struct_size);
-       if (!br)
-         {
-          err = gpg_err_code_from_syserror ();
-+          rc = gpg_err_code_from_syserror ();
-           md_close (bhd);
-           goto leave;
-         }
- 
-      is_compliant_algo &= spec->flags.fips;
-+      if (!spec->flags.fips)
-+        {
-+          is_compliant_algo = 0;
-+
-+          if (spec->algo == GCRY_MD_MD5)
-+            reject |= fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
-+          else
-+            reject |= fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
-+        }
- 
-       memcpy (br, ar, ar->actual_struct_size);
-       br->next = b->list;
-@@ -730,13 +768,22 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t
-   if (a->debug)
-     md_start_debug (bhd, "unknown");
- 
-  *b_hd = bhd;
-+  if (!is_compliant_algo && fips_mode ())
-+    {
-+      if (reject)
-+        {
-+          rc = GPG_ERR_DIGEST_ALGO;
-+          md_close (bhd);
-+        }
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
- 
-  if (!is_compliant_algo)
-    fips_service_indicator_mark_non_compliant ();
-+  if (!rc)
-+    *b_hd = bhd;
- 
-  leave:
-  return err;
-+  return rc;
- }
- 
- 
-Index: libgcrypt-1.11.0/src/gcrypt.h.in
-===================================================================
--- libgcrypt-1.11.0.orig/src/gcrypt.h.in
-+++ libgcrypt-1.11.0/src/gcrypt.h.in
-@@ -995,8 +995,7 @@ enum gcry_cipher_flags
-     GCRY_CIPHER_ENABLE_SYNC = 2,  /* Enable CFB sync mode. */
-     GCRY_CIPHER_CBC_CTS     = 4,  /* Enable CBC cipher text stealing (CTS). */
-     GCRY_CIPHER_CBC_MAC     = 8,  /* Enable CBC message auth. code (MAC).  */
-    GCRY_CIPHER_EXTENDED    = 16, /* Enable extended AES-WRAP.  */
-    GCRY_CIPHER_FLAG_REJECT_NON_FIPS = 32 /* Reject non-FIPS-compliant algo.  */
-+    GCRY_CIPHER_EXTENDED    = 16  /* Enable extended AES-WRAP.  */
-   };
- 
- /* Methods used for AEAD IV generation. */
-@@ -1322,7 +1321,6 @@ enum gcry_md_flags
-   {
-     GCRY_MD_FLAG_SECURE = 1,  /* Allocate all buffers in "secure" memory.  */
-     GCRY_MD_FLAG_HMAC   = 2,  /* Make an HMAC out of this algorithm.  */
-    GCRY_MD_FLAG_REJECT_NON_FIPS = 4,  /* Reject non-FIPS-compliant algo.  */
-     GCRY_MD_FLAG_BUGEMU1 = 0x0100
-   };
- 
-@@ -1564,8 +1562,7 @@ enum gcry_mac_algos
- /* Flags used with the open function.  */
- enum gcry_mac_flags
-   {
-    GCRY_MAC_FLAG_SECURE = 1,  /* Allocate all buffers in "secure" memory.  */
-    GCRY_MAC_FLAG_REJECT_NON_FIPS = 2   /* Reject non-FIPS-compliant algo.  */
-+    GCRY_MAC_FLAG_SECURE = 1  /* Allocate all buffers in "secure" memory.  */
-   };
- 
- /* Create a MAC handle for algorithm ALGO.  FLAGS may be given as an bitwise OR
-Index: libgcrypt-1.11.0/tests/t-fips-service-ind.c
-===================================================================
--- libgcrypt-1.11.0.orig/tests/t-fips-service-ind.c
-+++ libgcrypt-1.11.0/tests/t-fips-service-ind.c
-@@ -250,7 +250,7 @@ check_pk_hash_sign_verify (void)
- /* Check gcry_cipher_open, gcry_cipher_setkey, gcry_cipher_encrypt,
-    gcry_cipher_decrypt, gcry_cipher_close API.  */
- static void
-check_cipher_o_s_e_d_c (void)
-+check_cipher_o_s_e_d_c (int reject)
- {
-   static struct {
-     int algo;
-@@ -258,18 +258,12 @@ check_cipher_o_s_e_d_c (void)
-     int keylen;
-     const char *expect;
-     int expect_failure;
-    unsigned int flags;
-   } tv[] = {
- #if USE_DES
-       { GCRY_CIPHER_3DES,
- 	"\xe3\x34\x7a\x6b\x0b\xc1\x15\x2c\x64\x2a\x25\xcb\xd3\xbc\x31\xab"
- 	"\xfb\xa1\x62\xa8\x1f\x19\x7c\x15", 24,
-         "\x3f\x1a\xb8\x83\x18\x8b\xb5\x97", 1 },
-      { GCRY_CIPHER_3DES,
-	"\xe3\x34\x7a\x6b\x0b\xc1\x15\x2c\x64\x2a\x25\xcb\xd3\xbc\x31\xab"
-	"\xfb\xa1\x62\xa8\x1f\x19\x7c\x15", 24,
-        "\x3f\x1a\xb8\x83\x18\x8b\xb5\x97",
-        1, GCRY_CIPHER_FLAG_REJECT_NON_FIPS },
- #endif
-       { GCRY_CIPHER_AES,
- 	"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16,
-@@ -297,12 +291,10 @@ check_cipher_o_s_e_d_c (void)
-       assert (blklen != 0);
-       assert (blklen <= ptlen);
-       assert (blklen <= DIM (out));
-      err = gcry_cipher_open (&h, tv[tvidx].algo, GCRY_CIPHER_MODE_ECB,
-                              tv[tvidx].flags);
-+      err = gcry_cipher_open (&h, tv[tvidx].algo, GCRY_CIPHER_MODE_ECB, 0);
-       if (err)
-         {
-          if (in_fips_mode && (tv[tvidx].flags & GCRY_CIPHER_FLAG_REJECT_NON_FIPS)
-              && tv[tvidx].expect_failure)
-+          if (in_fips_mode && reject && tv[tvidx].expect_failure)
-             /* Here, an error is expected */
-             ;
-           else
-@@ -312,8 +304,7 @@ check_cipher_o_s_e_d_c (void)
-         }
-       else
-         {
-          if (in_fips_mode && (tv[tvidx].flags & GCRY_CIPHER_FLAG_REJECT_NON_FIPS)
-              && tv[tvidx].expect_failure)
-+          if (in_fips_mode && reject && tv[tvidx].expect_failure)
-             /* This case, an error is expected, but we observed success */
-             fail ("gcry_cipher_open test %d unexpectedly succeeded\n", tvidx);
-         }
-@@ -398,7 +389,7 @@ check_cipher_o_s_e_d_c (void)
- /* Check gcry_mac_open, gcry_mac_write, gcry_mac_write, gcry_mac_read,
-    gcry_mac_close API.  */
- static void
-check_mac_o_w_r_c (void)
-+check_mac_o_w_r_c (int reject)
- {
-   static struct {
-     int algo;
-@@ -408,14 +399,10 @@ check_mac_o_w_r_c (void)
-     int keylen;
-     const char *expect;
-     int expect_failure;
-    unsigned int flags;
-   } tv[] = {
- #if USE_MD5
-     { GCRY_MAC_HMAC_MD5, "hmac input abc", 14, "hmac key input", 14,
-       "\x0d\x72\xd0\x60\xaf\x34\xf2\xca\x33\x58\xa9\xcc\xd3\x5a\xac\xb5", 1 },
-    { GCRY_MAC_HMAC_MD5, "hmac input abc", 14, "hmac key input", 14,
-      "\x0d\x72\xd0\x60\xaf\x34\xf2\xca\x33\x58\xa9\xcc\xd3\x5a\xac\xb5", 1,
-      GCRY_MAC_FLAG_REJECT_NON_FIPS },
- #endif
- #if USE_SHA1
-     { GCRY_MAC_HMAC_SHA1, "hmac input abc", 14, "hmac key input", 14,
-@@ -471,11 +458,10 @@ check_mac_o_w_r_c (void)
-       expectlen = gcry_mac_get_algo_maclen (tv[tvidx].algo);
-       assert (expectlen != 0);
-       assert (expectlen <= DIM (mac));
-      err = gcry_mac_open (&h, tv[tvidx].algo, tv[tvidx].flags, NULL);
-+      err = gcry_mac_open (&h, tv[tvidx].algo, 0, NULL);
-       if (err)
-         {
-          if (in_fips_mode && (tv[tvidx].flags & GCRY_MAC_FLAG_REJECT_NON_FIPS)
-              && tv[tvidx].expect_failure)
-+          if (in_fips_mode && reject && tv[tvidx].expect_failure)
-             /* Here, an error is expected */
-             ;
-           else
-@@ -485,8 +471,7 @@ check_mac_o_w_r_c (void)
-         }
-       else
-         {
-          if (in_fips_mode && (tv[tvidx].flags & GCRY_MAC_FLAG_REJECT_NON_FIPS)
-              && tv[tvidx].expect_failure)
-+          if (in_fips_mode && reject && tv[tvidx].expect_failure)
-             /* This case, an error is expected, but we observed success */
-             fail ("gcry_mac_open test %d unexpectedly succeeded\n", tvidx);
-         }
-@@ -563,7 +548,7 @@ check_mac_o_w_r_c (void)
- /* Check gcry_md_open, gcry_md_write, gcry_md_write, gcry_md_read,
-    gcry_md_close API.  */
- static void
-check_md_o_w_r_c (void)
-+check_md_o_w_r_c (int reject)
- {
-   static struct {
-     int algo;
-@@ -571,14 +556,10 @@ check_md_o_w_r_c (void)
-     int datalen;
-     const char *expect;
-     int expect_failure;
-    unsigned int flags;
-   } tv[] = {
- #if USE_MD5
-     { GCRY_MD_MD5, "abc", 3,
-       "\x90\x01\x50\x98\x3C\xD2\x4F\xB0\xD6\x96\x3F\x7D\x28\xE1\x7F\x72", 1 },
-    { GCRY_MD_MD5, "abc", 3,
-      "\x90\x01\x50\x98\x3C\xD2\x4F\xB0\xD6\x96\x3F\x7D\x28\xE1\x7F\x72", 1,
-      GCRY_MD_FLAG_REJECT_NON_FIPS },
- #endif
- #if USE_SHA1
-     { GCRY_MD_SHA1, "abc", 3,
-@@ -632,11 +613,10 @@ check_md_o_w_r_c (void)
- 
-       expectlen = gcry_md_get_algo_dlen (tv[tvidx].algo);
-       assert (expectlen != 0);
-      err = gcry_md_open (&h, tv[tvidx].algo, tv[tvidx].flags);
-+      err = gcry_md_open (&h, tv[tvidx].algo, 0);
-       if (err)
-         {
-          if (in_fips_mode && (tv[tvidx].flags & GCRY_MD_FLAG_REJECT_NON_FIPS)
-              && tv[tvidx].expect_failure)
-+          if (in_fips_mode && reject && tv[tvidx].expect_failure)
-             /* Here, an error is expected */
-             ;
-           else
-@@ -646,8 +626,7 @@ check_md_o_w_r_c (void)
-         }
-       else
-         {
-          if (in_fips_mode && (tv[tvidx].flags & GCRY_MD_FLAG_REJECT_NON_FIPS)
-              && tv[tvidx].expect_failure)
-+          if (in_fips_mode && reject && tv[tvidx].expect_failure)
-             /* This case, an error is expected, but we observed success */
-             fail ("gcry_md_open test %d unexpectedly succeeded\n", tvidx);
-         }
-@@ -1011,10 +990,18 @@ main (int argc, char **argv)
- 
-   check_digests ();
-   check_kdf_derive ();
-  check_md_o_w_r_c ();
-  check_mac_o_w_r_c ();
-  check_cipher_o_s_e_d_c ();
-+  check_md_o_w_r_c (0);
-+  check_mac_o_w_r_c (0);
-+  check_cipher_o_s_e_d_c (0);
-   check_pk_hash_sign_verify ();
- 
-+  xgcry_control ((GCRYCTL_FIPS_REJECT_NON_FIPS,
-+                  (GCRY_FIPS_FLAG_REJECT_MD_MD5
-+                   | GCRY_FIPS_FLAG_REJECT_COMPAT110)));
-+
-+  check_md_o_w_r_c (1);
-+  check_mac_o_w_r_c (1);
-+  check_cipher_o_s_e_d_c (1);
-+
-   return !!error_count;
- }
--- a/libgcrypt-fips-cipher-Add-GCRY_FIPS_FLAG_REJECT_PK_FLAGS.patch
+++ b/libgcrypt-fips-cipher-Add-GCRY_FIPS_FLAG_REJECT_PK_FLAGS.patch
@@ -1,80 +0,0 @@
-From 0414e126b939f0b11ecf441908d923e87c1caf02 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 6 Mar 2025 08:57:51 +0900
-Subject: [PATCH 06/14] fips,cipher: Add GCRY_FIPS_FLAG_REJECT_PK_FLAGS.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/gcrypt.h.in (GCRY_FIPS_FLAG_REJECT_PK_FLAGS): New.
-* cipher/pubkey-util.c (_gcry_pk_util_parse_flaglist): Keep the
-behavior of 1.10.
-* cipher/rsa.c (rsa_decrypt, rsa_sign): Likewise.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/pubkey-util.c | 2 +-
- cipher/rsa.c         | 4 ++--
- src/gcrypt.h.in      | 3 ++-
- 3 files changed, 5 insertions(+), 4 deletions(-)
-
-diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c
-index 9c927638..e7355569 100644
--- a/cipher/pubkey-util.c
-+++ b/cipher/pubkey-util.c
-@@ -202,7 +202,7 @@ _gcry_pk_util_parse_flaglist (gcry_sexp_t list,
- 
-   if (fips_mode () && igninvflag)
-     {
-      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_FLAGS))
-         rc = GPG_ERR_INV_FLAG;
-       else
-         fips_service_indicator_mark_non_compliant ();
-diff --git a/cipher/rsa.c b/cipher/rsa.c
-index dce76414..7e086df4 100644
--- a/cipher/rsa.c
-+++ b/cipher/rsa.c
-@@ -1504,7 +1504,7 @@ rsa_decrypt (gcry_sexp_t *r_plain, gcry_sexp_t s_data, gcry_sexp_t keyparms)
-     {
-       if (fips_mode ())
-         {
-          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_FLAGS))
-             {
-               rc = GPG_ERR_INV_FLAG;
-               goto leave;
-@@ -1649,7 +1649,7 @@ rsa_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
-     {
-       if (fips_mode ())
-         {
-          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_FLAGS))
-             {
-               rc = GPG_ERR_INV_FLAG;
-               goto leave;
-diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
-index fe3db16a..a282268d 100644
--- a/src/gcrypt.h.in
-+++ b/src/gcrypt.h.in
-@@ -1991,11 +1991,12 @@ char *gcry_get_config (int mode, const char *what);
- #define GCRY_FIPS_FLAG_REJECT_CIPHER_MODE   (1 << 8)
- /**/
- #define GCRY_FIPS_FLAG_REJECT_PK_ECC_K      (1 << 10)
-+#define GCRY_FIPS_FLAG_REJECT_PK_FLAGS      (1 << 11)
- 
- #define GCRY_FIPS_FLAG_REJECT_MD \
-   (GCRY_FIPS_FLAG_REJECT_MD_MD5 | GCRY_FIPS_FLAG_REJECT_MD_OTHERS)
- 
-/* Note: Don't reject MD5, PK MD, PK GOST and PK SM2 */
-+/* Note: Don't reject MD5, PK MD, PK GOST, PK SM2, PK ECC K, and PK FLAGS */
- #define GCRY_FIPS_FLAG_REJECT_COMPAT110 \
-   (GCRY_FIPS_FLAG_REJECT_MD_OTHERS      \
-    | GCRY_FIPS_FLAG_REJECT_MAC          \
-- 
-2.49.0
-
--- a/libgcrypt-fips-cipher-Add-behavior-not-to-reject-but-mark-non-compliant.patch
+++ b/libgcrypt-fips-cipher-Add-behavior-not-to-reject-but-mark-non-compliant.patch
@@ -1,300 +0,0 @@
-From a776b692669af7a6c089779989b626c4795e30b0 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Fri, 20 Dec 2024 13:36:12 +0900
-Subject: [PATCH 15/19] fips,cipher: Add behavior not to reject but mark
- non-compliant.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/dsa.c (dsa_check_keysize): Check reject flag for rejection,
-or mark non-comliant in FIPS mode.
-* cipher/ecc-ecdsa.c (_gcry_ecc_ecdsa_sign): Likewise.
-* cipher/ecc.c (ecc_sign, ecc_verify): Likewise.
-* cipher/pubkey.c (_gcry_pk_encrypt, _gcry_pk_sign): Likewise.
-(_gcry_pk_verify, _gcry_pk_testkey, _gcry_pk_genkey): Likewise.
-(_gcry_pk_get_nbits, _gcry_pk_get_curve): Likewise.
-* src/visibility.c (gcry_pk_encrypt): Initialize the indicator.
-(gcry_pk_decrypt, gcry_pk_sign, gcry_pk_verify): Likewise.
-(gcry_pk_testkey, gcry_pk_genkey), gcry_pk_get_nbits)
-(gcry_pk_get_curve): Likewise.
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/dsa.c       |  7 ++++-
- cipher/ecc-ecdsa.c |  5 +++-
- cipher/ecc.c       | 10 +++++--
- cipher/pubkey.c    | 74 ++++++++++++++++++++++++++++++++++++++--------
- src/visibility.c   |  9 +++++-
- 5 files changed, 87 insertions(+), 18 deletions(-)
-
-diff --git a/cipher/dsa.c b/cipher/dsa.c
-index e559f9f5..564edf8d 100644
--- a/cipher/dsa.c
-+++ b/cipher/dsa.c
-@@ -150,7 +150,12 @@ static gpg_err_code_t
- dsa_check_keysize (unsigned int nbits)
- {
-   if (fips_mode () && nbits < 2048)
-    return GPG_ERR_INV_VALUE;
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        return GPG_ERR_INV_VALUE;
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
- 
-   return 0;
- }
-diff --git a/cipher/ecc-ecdsa.c b/cipher/ecc-ecdsa.c
-index 871b0371..cb9a001c 100644
--- a/cipher/ecc-ecdsa.c
-+++ b/cipher/ecc-ecdsa.c
-@@ -110,7 +110,10 @@ _gcry_ecc_ecdsa_sign (gcry_mpi_t input, gcry_mpi_t k_supplied, mpi_ec_t ec,
-                       (hashalgo == GCRY_MD_SHAKE128
-                        || hashalgo == GCRY_MD_SHAKE256))
-                     {
-                      rc = GPG_ERR_DIGEST_ALGO;
-+                      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+                        rc = GPG_ERR_DIGEST_ALGO;
-+                      else
-+                        fips_service_indicator_mark_non_compliant ();
-                       goto leave;
-                     }
- 
-diff --git a/cipher/ecc.c b/cipher/ecc.c
-index 65525207..8896afd0 100644
--- a/cipher/ecc.c
-+++ b/cipher/ecc.c
-@@ -952,7 +952,10 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
-                   || (ec->dialect == ECC_DIALECT_SAFECURVE
-                       && ctx.hash_algo != GCRY_MD_SHAKE256)))
-             {
-              rc = GPG_ERR_DIGEST_ALGO;
-+              if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+                rc = GPG_ERR_DIGEST_ALGO;
-+              else
-+                fips_service_indicator_mark_non_compliant ();
-               goto leave;
-             }
-         }
-@@ -1074,7 +1077,10 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
-                   || (ec->dialect == ECC_DIALECT_SAFECURVE
-                       && ctx.hash_algo != GCRY_MD_SHAKE256)))
-             {
-              rc = GPG_ERR_DIGEST_ALGO;
-+              if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+                rc = GPG_ERR_DIGEST_ALGO;
-+              else
-+                fips_service_indicator_mark_non_compliant ();
-               goto leave;
-             }
-         }
-diff --git a/cipher/pubkey.c b/cipher/pubkey.c
-index 4d7743cc..aacf9f5a 100644
--- a/cipher/pubkey.c
-+++ b/cipher/pubkey.c
-@@ -328,7 +328,12 @@ _gcry_pk_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t s_pkey)
-   if (spec->flags.disabled)
-     rc = GPG_ERR_PUBKEY_ALGO;
-   else if (!spec->flags.fips && fips_mode ())
-    rc = GPG_ERR_PUBKEY_ALGO;
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        rc = GPG_ERR_PUBKEY_ALGO;
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-   else if (spec->encrypt)
-     rc = spec->encrypt (r_ciph, s_data, keyparms);
-   else
-@@ -441,7 +446,12 @@ _gcry_pk_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_hash, gcry_sexp_t s_skey)
-   if (spec->flags.disabled)
-     rc = GPG_ERR_PUBKEY_ALGO;
-   else if (!spec->flags.fips && fips_mode ())
-    rc = GPG_ERR_PUBKEY_ALGO;
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        rc = GPG_ERR_PUBKEY_ALGO;
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-   else if (spec->sign)
-     rc = spec->sign (r_sig, s_hash, keyparms);
-   else
-@@ -663,7 +673,12 @@ _gcry_pk_verify (gcry_sexp_t s_sig, gcry_sexp_t s_hash, gcry_sexp_t s_pkey)
-   if (spec->flags.disabled)
-     rc = GPG_ERR_PUBKEY_ALGO;
-   else if (!spec->flags.fips && fips_mode ())
-    rc = GPG_ERR_PUBKEY_ALGO;
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        rc = GPG_ERR_PUBKEY_ALGO;
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-   else if (spec->verify)
-     rc = spec->verify (s_sig, s_hash, keyparms);
-   else
-@@ -747,7 +762,12 @@ _gcry_pk_testkey (gcry_sexp_t s_key)
-   if (spec->flags.disabled)
-     rc = GPG_ERR_PUBKEY_ALGO;
-   else if (!spec->flags.fips && fips_mode ())
-    rc = GPG_ERR_PUBKEY_ALGO;
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        rc = GPG_ERR_PUBKEY_ALGO;
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-   else if (spec->check_secret_key)
-     rc = spec->check_secret_key (keyparms);
-   else
-@@ -826,11 +846,21 @@ _gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms)
-   spec = spec_from_name (name);
-   xfree (name);
-   name = NULL;
-  if (!spec || spec->flags.disabled || (!spec->flags.fips && fips_mode ()))
-+  if (!spec || spec->flags.disabled)
-     {
-       rc = GPG_ERR_PUBKEY_ALGO; /* Unknown algorithm.  */
-       goto leave;
-     }
-+  else if (!spec->flags.fips && fips_mode ())
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        {
-+          rc = GPG_ERR_PUBKEY_ALGO;
-+          goto leave;
-+        }
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
- 
-   if (spec->generate)
-     rc = spec->generate (list, r_key);
-@@ -866,12 +896,22 @@ _gcry_pk_get_nbits (gcry_sexp_t key)
- 
-   if (spec_from_sexp (key, 0, &spec, &parms))
-     return 0; /* Error - 0 is a suitable indication for that.  */
-+
-   if (spec->flags.disabled)
-    return 0;
-  if (!spec->flags.fips && fips_mode ())
-    return 0;
-+    nbits = 0;                  /* Error */
-+  else if (!spec->flags.fips && fips_mode ())
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        nbits = 0;              /* Error */
-+      else
-+        {
-+          fips_service_indicator_mark_non_compliant ();
-+          nbits = spec->get_nbits (parms);
-+        }
-+    }
-+  else
-+    nbits = spec->get_nbits (parms);
- 
-  nbits = spec->get_nbits (parms);
-   sexp_release (parms);
-   return nbits;
- }
-@@ -1004,10 +1044,18 @@ _gcry_pk_get_curve (gcry_sexp_t key, int iterator, unsigned int *r_nbits)
-     }
- 
-   if (spec->flags.disabled)
-    return NULL;
-  if (!spec->flags.fips && fips_mode ())
-    return NULL;
-  if (spec->get_curve)
-+    result = NULL;
-+  else if (!spec->flags.fips && fips_mode ())
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+        result = NULL;
-+      else
-+        {
-+          fips_service_indicator_mark_non_compliant ();
-+          result = spec->get_curve (keyparms, iterator, r_nbits);
-+        }
-+    }
-+  else if (spec->get_curve)
-     result = spec->get_curve (keyparms, iterator, r_nbits);
- 
-   sexp_release (keyparms);
-diff --git a/src/visibility.c b/src/visibility.c
-index d22c8b59..e02d6cfe 100644
--- a/src/visibility.c
-+++ b/src/visibility.c
-@@ -1022,6 +1022,7 @@ gcry_pk_encrypt (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t pkey)
-       *result = NULL;
-       return gpg_error (fips_not_operational ());
-     }
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_pk_encrypt (result, data, pkey));
- }
- 
-@@ -1033,6 +1034,7 @@ gcry_pk_decrypt (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t skey)
-       *result = NULL;
-       return gpg_error (fips_not_operational ());
-     }
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_pk_decrypt (result, data, skey));
- }
- 
-@@ -1044,6 +1046,7 @@ gcry_pk_sign (gcry_sexp_t *result, gcry_sexp_t data, gcry_sexp_t skey)
-       *result = NULL;
-       return gpg_error (fips_not_operational ());
-     }
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_pk_sign (result, data, skey));
- }
- 
-@@ -1065,6 +1068,7 @@ gcry_pk_verify (gcry_sexp_t sigval, gcry_sexp_t data, gcry_sexp_t pkey)
- {
-   if (!fips_is_operational ())
-     return gpg_error (fips_not_operational ());
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_pk_verify (sigval, data, pkey));
- }
- 
-@@ -1089,6 +1093,7 @@ gcry_pk_testkey (gcry_sexp_t key)
- {
-   if (!fips_is_operational ())
-     return gpg_error (fips_not_operational ());
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_pk_testkey (key));
- }
- 
-@@ -1100,6 +1105,7 @@ gcry_pk_genkey (gcry_sexp_t *r_key, gcry_sexp_t s_parms)
-       *r_key = NULL;
-       return gpg_error (fips_not_operational ());
-     }
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_pk_genkey (r_key, s_parms));
- }
- 
-@@ -1138,7 +1144,7 @@ gcry_pk_get_nbits (gcry_sexp_t key)
-       (void)fips_not_operational ();
-       return 0;
-     }
-
-+  fips_service_indicator_init ();
-   return _gcry_pk_get_nbits (key);
- }
- 
-@@ -1161,6 +1167,7 @@ gcry_pk_get_curve (gcry_sexp_t key, int iterator, unsigned int *r_nbits)
-       (void)fips_not_operational ();
-       return NULL;
-     }
-+  fips_service_indicator_init ();
-   return _gcry_pk_get_curve (key, iterator, r_nbits);
- }
- 
-- 
-2.49.0
-
--- a/libgcrypt-fips-cipher-Do-the-computation-when-marking-non-compliant.patch
+++ b/libgcrypt-fips-cipher-Do-the-computation-when-marking-non-compliant.patch
@@ -1,160 +0,0 @@
-From 54a6617b3679cfeb6d986ddf3c9c73641929f02c Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Tue, 4 Mar 2025 10:32:49 +0900
-Subject: [PATCH 4/4] fips,cipher: Do the computation when marking
- non-compliant.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/ecc-ecdsa.c (_gcry_ecc_ecdsa_sign): Continue the computation
-when marking non-compliant.
-* cipher/pubkey.c (_gcry_pk_encrypt, _gcry_pk_sign): Likewise.
-(_gcry_pk_sign_md, _gcry_pk_verify, _gcry_pk_verify_md): Likewise.
-(_gcry_pk_testkey): Likewise.
-
--
-
-Fixes-commit: a776b692669af7a6c089779989b626c4795e30b0
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/ecc-ecdsa.c |  6 ++++--
- cipher/pubkey.c    | 48 ++++++++++++++++++++++++++++++++++------------
- 2 files changed, 40 insertions(+), 14 deletions(-)
-
-diff --git a/cipher/ecc-ecdsa.c b/cipher/ecc-ecdsa.c
-index cb9a001c..9da8e6dc 100644
--- a/cipher/ecc-ecdsa.c
-+++ b/cipher/ecc-ecdsa.c
-@@ -111,10 +111,12 @@ _gcry_ecc_ecdsa_sign (gcry_mpi_t input, gcry_mpi_t k_supplied, mpi_ec_t ec,
-                        || hashalgo == GCRY_MD_SHAKE256))
-                     {
-                       if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-                        rc = GPG_ERR_DIGEST_ALGO;
-+                        {
-+                          rc = GPG_ERR_DIGEST_ALGO;
-+                          goto leave;
-+                        }
-                       else
-                         fips_service_indicator_mark_non_compliant ();
-                      goto leave;
-                     }
- 
-                   /* Use Pornin's method for deterministic DSA.  If this
-diff --git a/cipher/pubkey.c b/cipher/pubkey.c
-index c28ec124..3778f482 100644
--- a/cipher/pubkey.c
-+++ b/cipher/pubkey.c
-@@ -330,11 +330,15 @@ _gcry_pk_encrypt (gcry_sexp_t *r_ciph, gcry_sexp_t s_data, gcry_sexp_t s_pkey)
-   else if (!spec->flags.fips && fips_mode ())
-     {
-       if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-        rc = GPG_ERR_PUBKEY_ALGO;
-+        {
-+          rc = GPG_ERR_PUBKEY_ALGO;
-+          goto leave;
-+        }
-       else
-         fips_service_indicator_mark_non_compliant ();
-     }
-  else if (spec->encrypt)
-+
-+  if (spec->encrypt)
-     rc = spec->encrypt (r_ciph, s_data, keyparms);
-   else
-     rc = GPG_ERR_NOT_IMPLEMENTED;
-@@ -448,11 +452,15 @@ _gcry_pk_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_hash, gcry_sexp_t s_skey)
-   else if (!spec->flags.fips && fips_mode ())
-     {
-       if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-        rc = GPG_ERR_PUBKEY_ALGO;
-+        {
-+          rc = GPG_ERR_PUBKEY_ALGO;
-+          goto leave;
-+        }
-       else
-         fips_service_indicator_mark_non_compliant ();
-     }
-  else if (spec->sign)
-+
-+  if (spec->sign)
-     rc = spec->sign (r_sig, s_hash, keyparms);
-   else
-     rc = GPG_ERR_NOT_IMPLEMENTED;
-@@ -649,11 +657,15 @@ _gcry_pk_sign_md (gcry_sexp_t *r_sig, const char *tmpl, gcry_md_hd_t hd_orig,
-   else if (!spec->flags.fips && fips_mode ())
-     {
-       if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-        rc = GPG_ERR_PUBKEY_ALGO;
-+        {
-+          rc = GPG_ERR_PUBKEY_ALGO;
-+          goto leave;
-+        }
-       else
-         fips_service_indicator_mark_non_compliant ();
-     }
-  else if (spec->sign)
-+
-+  if (spec->sign)
-     rc = spec->sign (r_sig, s_data, keyparms);
-   else
-     rc = GPG_ERR_NOT_IMPLEMENTED;
-@@ -688,11 +700,15 @@ _gcry_pk_verify (gcry_sexp_t s_sig, gcry_sexp_t s_hash, gcry_sexp_t s_pkey)
-   else if (!spec->flags.fips && fips_mode ())
-     {
-       if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-        rc = GPG_ERR_PUBKEY_ALGO;
-+        {
-+          rc = GPG_ERR_PUBKEY_ALGO;
-+          goto leave;
-+        }
-       else
-         fips_service_indicator_mark_non_compliant ();
-     }
-  else if (spec->verify)
-+
-+  if (spec->verify)
-     rc = spec->verify (s_sig, s_hash, keyparms);
-   else
-     rc = GPG_ERR_NOT_IMPLEMENTED;
-@@ -736,11 +752,15 @@ _gcry_pk_verify_md (gcry_sexp_t s_sig, const char *tmpl, gcry_md_hd_t hd_orig,
-   else if (!spec->flags.fips && fips_mode ())
-     {
-       if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-        rc = GPG_ERR_PUBKEY_ALGO;
-+        {
-+          rc = GPG_ERR_PUBKEY_ALGO;
-+          goto leave;
-+        }
-       else
-         fips_service_indicator_mark_non_compliant ();
-     }
-  else if (spec->verify)
-+
-+  if (spec->verify)
-     rc = spec->verify (s_sig, s_data, keyparms);
-   else
-     rc = GPG_ERR_NOT_IMPLEMENTED;
-@@ -777,11 +797,15 @@ _gcry_pk_testkey (gcry_sexp_t s_key)
-   else if (!spec->flags.fips && fips_mode ())
-     {
-       if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-        rc = GPG_ERR_PUBKEY_ALGO;
-+        {
-+          rc = GPG_ERR_PUBKEY_ALGO;
-+          goto leave;
-+        }
-       else
-         fips_service_indicator_mark_non_compliant ();
-     }
-  else if (spec->check_secret_key)
-+
-+  if (spec->check_secret_key)
-     rc = spec->check_secret_key (keyparms);
-   else
-     rc = GPG_ERR_NOT_IMPLEMENTED;
-- 
-2.49.0
-
--- a/libgcrypt-fips-cipher-Fix-memory-leak-for-gcry_pk_hash_sign.patch
+++ b/libgcrypt-fips-cipher-Fix-memory-leak-for-gcry_pk_hash_sign.patch
@@ -1,76 +0,0 @@
-From 5e925e6c348450bf80b4560abac9a035903bff59 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Mon, 6 Jan 2025 12:01:56 +0900
-Subject: [PATCH 19/19] fips,cipher: Fix memory leak for gcry_pk_hash_sign.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/pubkey.c (prepare_datasexp_to_be_signed): Release
-copied HD when error.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/pubkey.c | 21 +++++++++++++++++----
- 1 file changed, 17 insertions(+), 4 deletions(-)
-
-diff --git a/cipher/pubkey.c b/cipher/pubkey.c
-index aacf9f5a..c28ec124 100644
--- a/cipher/pubkey.c
-+++ b/cipher/pubkey.c
-@@ -512,7 +512,10 @@ prepare_datasexp_to_be_signed (const char *tmpl, gcry_md_hd_t hd,
-   /* Check if it has fixed hash name or %s */
-   s = strstr (tmpl, "(hash ");
-   if (s == NULL)
-    return GPG_ERR_DIGEST_ALGO;
-+    {
-+      _gcry_md_close (hd);
-+      return GPG_ERR_DIGEST_ALGO;
-+    }
- 
-   s += 6;
-   if (!strncmp (s, "%s", 2))
-@@ -522,7 +525,10 @@ prepare_datasexp_to_be_signed (const char *tmpl, gcry_md_hd_t hd,
-       if (fips_mode () && algo == GCRY_MD_SHA1)
-         {
-           if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-            return GPG_ERR_DIGEST_ALGO;
-+            {
-+              _gcry_md_close (hd);
-+              return GPG_ERR_DIGEST_ALGO;
-+            }
-           else
-             fips_service_indicator_mark_non_compliant ();
-         }
-@@ -541,7 +547,11 @@ prepare_datasexp_to_be_signed (const char *tmpl, gcry_md_hd_t hd,
- 
-       digest_name_supplied = xtrymalloc (p - s + 1);
-       if (!digest_name_supplied)
-	return gpg_error_from_syserror ();
-+        {
-+          rc = gpg_err_code_from_syserror ();
-+          _gcry_md_close (hd);
-+          return rc;
-+        }
-       memcpy (digest_name_supplied, s, p - s);
-       digest_name_supplied[p - s] = 0;
- 
-@@ -555,7 +565,10 @@ prepare_datasexp_to_be_signed (const char *tmpl, gcry_md_hd_t hd,
-       else if (fips_mode () && algo == GCRY_MD_SHA1)
-         {
-           if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-            return GPG_ERR_DIGEST_ALGO;
-+            {
-+              _gcry_md_close (hd);
-+              return GPG_ERR_DIGEST_ALGO;
-+            }
-           else
-             fips_service_indicator_mark_non_compliant ();
-         }
-- 
-2.49.0
-
--- a/libgcrypt-fips-cipher-Implement-FIPS-service-indicator-for-gcry_pk_hash_-API.patch
+++ b/libgcrypt-fips-cipher-Implement-FIPS-service-indicator-for-gcry_pk_hash_-API.patch
@@ -1,360 +0,0 @@
-From edb43bc290046bd22548bf69ae2fbeb453112e44 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Wed, 18 Dec 2024 14:18:26 +0900
-Subject: [PATCH 11/19] fips,cipher: Implement FIPS service indicator for
- gcry_pk_hash_ API.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/visibility.c (gcry_pk_hash_sign): Initialize the indicator.
-(gcry_pk_hash_verify): Likewise.
-* tests/t-fips-service-ind.c (check_pk_hash_sign_verify): New.
-(main): Call check_pk_hash_sign_verify.
-* cipher/ecc-curves.c (_gcry_ecc_fill_in_curve): Don't reject, but
-mark non-compliance.
-* cipher/pubkey.c (prepare_datasexp_to_be_signed): Likewise.
-(_gcry_pk_sign_md, _gcry_pk_verify_md): Likewise.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/ecc-curves.c        |   2 +-
- cipher/pubkey.c            |  20 ++--
- src/visibility.c           |   2 +
- tests/t-fips-service-ind.c | 209 +++++++++++++++++++++++++++++++++++++
- 4 files changed, 222 insertions(+), 11 deletions(-)
-
-diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c
-index 17fa5505..ddf9cbe1 100644
--- a/cipher/ecc-curves.c
-+++ b/cipher/ecc-curves.c
-@@ -645,7 +645,7 @@ _gcry_ecc_fill_in_curve (unsigned int nbits, const char *name,
-      possible to bypass this check by specifying the curve parameters
-      directly.  */
-   if (fips_mode () && !domain_parms[idx].fips )
-    return GPG_ERR_NOT_SUPPORTED;
-+    fips_service_indicator_mark_non_compliant ();
- 
-   switch (domain_parms[idx].model)
-     {
-diff --git a/cipher/pubkey.c b/cipher/pubkey.c
-index 214bd611..e2e54199 100644
--- a/cipher/pubkey.c
-+++ b/cipher/pubkey.c
-@@ -510,10 +510,7 @@ prepare_datasexp_to_be_signed (const char *tmpl, gcry_md_hd_t hd,
-       algo = _gcry_md_get_algo (hd);
- 
-       if (fips_mode () && algo == GCRY_MD_SHA1)
-        {
-          _gcry_md_close (hd);
-          return GPG_ERR_DIGEST_ALGO;
-        }
-+        fips_service_indicator_mark_non_compliant ();
- 
-       digest_name = _gcry_md_algo_name (algo);
-       digest_size = (int)_gcry_md_get_algo_dlen (algo);
-@@ -535,12 +532,13 @@ prepare_datasexp_to_be_signed (const char *tmpl, gcry_md_hd_t hd,
- 
-       algo = _gcry_md_map_name (digest_name_supplied);
-       xfree (digest_name_supplied);
-      if (algo == 0
-          || (fips_mode () && algo == GCRY_MD_SHA1))
-+      if (algo == 0)
- 	{
- 	  _gcry_md_close (hd);
- 	  return GPG_ERR_DIGEST_ALGO;
- 	}
-+      else if (fips_mode () && algo == GCRY_MD_SHA1)
-+        fips_service_indicator_mark_non_compliant ();
- 
-       digest_size = (int)_gcry_md_get_algo_dlen (algo);
-       digest = _gcry_md_read (hd, algo);
-@@ -613,10 +611,11 @@ _gcry_pk_sign_md (gcry_sexp_t *r_sig, const char *tmpl, gcry_md_hd_t hd_orig,
-   if (rc)
-     goto leave;
- 
-+  if (!spec->flags.fips && fips_mode ())
-+    fips_service_indicator_mark_non_compliant ();
-+
-   if (spec->flags.disabled)
-     rc = GPG_ERR_PUBKEY_ALGO;
-  else if (!spec->flags.fips && fips_mode ())
-    rc = GPG_ERR_PUBKEY_ALGO;
-   else if (spec->sign)
-     rc = spec->sign (r_sig, s_data, keyparms);
-   else
-@@ -690,10 +689,11 @@ _gcry_pk_verify_md (gcry_sexp_t s_sig, const char *tmpl, gcry_md_hd_t hd_orig,
-   if (rc)
-     goto leave;
- 
-+  if (!spec->flags.fips && fips_mode ())
-+    fips_service_indicator_mark_non_compliant ();
-+
-   if (spec->flags.disabled)
-     rc = GPG_ERR_PUBKEY_ALGO;
-  else if (!spec->flags.fips && fips_mode ())
-    rc = GPG_ERR_PUBKEY_ALGO;
-   else if (spec->verify)
-     rc = spec->verify (s_sig, s_data, keyparms);
-   else
-diff --git a/src/visibility.c b/src/visibility.c
-index c9d07f0b..d22c8b59 100644
--- a/src/visibility.c
-+++ b/src/visibility.c
-@@ -1056,6 +1056,7 @@ gcry_pk_hash_sign (gcry_sexp_t *result, const char *data_tmpl, gcry_sexp_t skey,
-       *result = NULL;
-       return gpg_error (fips_not_operational ());
-     }
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_pk_sign_md (result, data_tmpl, hd, skey, ctx));
- }
- 
-@@ -1073,6 +1074,7 @@ gcry_pk_hash_verify (gcry_sexp_t sigval, const char *data_tmpl, gcry_sexp_t pkey
- {
-   if (!fips_is_operational ())
-     return gpg_error (fips_not_operational ());
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_pk_verify_md (sigval, data_tmpl, hd, pkey, ctx));
- }
- 
-diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
-index 4b13436f..9a22d696 100644
--- a/tests/t-fips-service-ind.c
-+++ b/tests/t-fips-service-ind.c
-@@ -29,6 +29,7 @@
- 
- #define PGM "t-fips-service-ind"
- 
-+#define NEED_HEX2BUFFER
- #include "t-common.h"
- static int in_fips_mode;
- #define MAX_DATA_LEN 1040
-@@ -39,6 +40,213 @@ static int in_fips_mode;
- # include <windows.h>
- #endif
- 
-+/* Check gcry_pk_hash_sign, gcry_pk_hash_verify API.  */
-+static void
-+check_pk_hash_sign_verify (void)
-+{
-+  static struct {
-+    int md_algo;
-+    const char *prvkey;
-+    const char *pubkey;
-+    const char *data_tmpl;
-+    const char *k;
-+    int expect_failure;
-+    int expect_failure_hash;
-+  } tv[] = {
-+    {                           /* non-compliant hash */
-+      GCRY_MD_BLAKE2B_512,
-+      "(private-key (ecc (curve nistp256)"
-+      " (d #519b423d715f8b581f4fa8ee59f4771a5b44c8130b4e3eacca54a56dda72b464#)))",
-+      "(public-key (ecc (curve nistp256)"
-+      " (q #041ccbe91c075fc7f4f033bfa248db8fccd3565de94bbfb12f3c59ff46c271bf83"
-+      "ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9#)))",
-+      "(data(flags raw)(hash %s %b)(label %b))",
-+      "94a1bbb14b906a61a280f245f9e93c7f3b4a6247824f5d33b9670787642a68de",
-+      1, 1
-+    },
-+    {                           /* non-compliant curve */
-+      GCRY_MD_SHA256,
-+      "(private-key (ecc (curve secp256k1)"
-+      " (d #c2cdf0a8b0a83b35ace53f097b5e6e6a0a1f2d40535eff1cf434f52a43d59d8f#)))",
-+
-+      "(public-key (ecc (curve secp256k1)"
-+      " (q #046fcc37ea5e9e09fec6c83e5fbd7a745e3eee81d16ebd861c9e66f55518c19798"
-+      "4e9f113c07f875691df8afc1029496fc4cb9509b39dcd38f251a83359cc8b4f7#)))",
-+      "(data(flags raw)(hash %s %b)(label %b))",
-+      "94a1bbb14b906a61a280f245f9e93c7f3b4a6247824f5d33b9670787642a68de",
-+      1, 0
-+    },
-+    {
-+      GCRY_MD_SHA256,
-+      "(private-key (ecc (curve nistp256)"
-+      " (d #519b423d715f8b581f4fa8ee59f4771a5b44c8130b4e3eacca54a56dda72b464#)))",
-+      "(public-key (ecc (curve nistp256)"
-+      " (q #041ccbe91c075fc7f4f033bfa248db8fccd3565de94bbfb12f3c59ff46c271bf83"
-+      "ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9#)))",
-+      "(data(flags raw)(hash %s %b)(label %b))",
-+      "94a1bbb14b906a61a280f245f9e93c7f3b4a6247824f5d33b9670787642a68de",
-+      0, 0
-+    }
-+  };
-+  int tvidx;
-+  gpg_error_t err;
-+  gpg_err_code_t ec;
-+  const char *msg = "Takerufuji Mikiya, who won the championship in March 2024";
-+  int msglen;
-+
-+  msglen = strlen (msg);
-+  for (tvidx=0; tvidx < DIM(tv); tvidx++)
-+    {
-+      gcry_md_hd_t hd = NULL;
-+      gcry_sexp_t s_sk = NULL;
-+      gcry_sexp_t s_pk = NULL;
-+      void *buffer = NULL;
-+      size_t buflen;
-+      gcry_ctx_t ctx = NULL;
-+      gcry_sexp_t s_sig= NULL;
-+
-+      if (verbose)
-+        info ("checking gcry_pk_hash_ test %d\n", tvidx);
-+
-+      err = gcry_md_open (&hd, tv[tvidx].md_algo, 0);
-+      if (err)
-+        {
-+          fail ("algo %d, gcry_md_open failed: %s\n", tv[tvidx].md_algo,
-+                gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_pk_hash test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure_hash && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_pk_hash test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure_hash && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_pk_hash test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      err = gcry_sexp_build (&s_sk, NULL, tv[tvidx].prvkey);
-+      if (err)
-+        {
-+          fail ("error building SEXP for test, %s: %s",
-+                "sk", gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      err = gcry_sexp_build (&s_pk, NULL, tv[tvidx].pubkey);
-+      if (err)
-+        {
-+          fail ("error building SEXP for test, %s: %s",
-+                "pk", gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      if (!(buffer = hex2buffer (tv[tvidx].k, &buflen)))
-+        {
-+          fail ("error parsing for test, %s: %s",
-+                "msg", "invalid hex string");
-+          goto next;
-+        }
-+
-+      err = gcry_pk_random_override_new (&ctx, buffer, buflen);
-+      if (err)
-+        {
-+          fail ("error setting 'k' for test: %s",
-+                gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      gcry_md_write (hd, msg, msglen);
-+
-+      err = gcry_pk_hash_sign (&s_sig, tv[tvidx].data_tmpl, s_sk, hd, ctx);
-+      if (err)
-+        {
-+          fail ("gcry_pk_hash_sign failed: %s", gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_pk_hash test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_pk_hash test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_pk_hash_sign test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      err = gcry_pk_hash_verify (s_sig, tv[tvidx].data_tmpl, s_pk, hd, ctx);
-+      if (err)
-+        {
-+          fail ("gcry_pk_hash_verify failed for test: %s",
-+                gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_pk_hash test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_pk_hash test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_pk_hash_verify test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+    next:
-+      gcry_sexp_release (s_sig);
-+      xfree (buffer);
-+      gcry_ctx_release (ctx);
-+      gcry_sexp_release (s_pk);
-+      gcry_sexp_release (s_sk);
-+      if (hd)
-+        gcry_md_close (hd);
-+    }
-+}
-+
- /* Check gcry_cipher_open, gcry_cipher_setkey, gcry_cipher_encrypt,
-    gcry_cipher_decrypt, gcry_cipher_close API.  */
- static void
-@@ -936,6 +1144,7 @@ main (int argc, char **argv)
-   check_md_o_w_r_c ();
-   check_mac_o_w_r_c ();
-   check_cipher_o_s_e_d_c ();
-+  check_pk_hash_sign_verify ();
- 
-   return !!error_count;
- }
-- 
-2.49.0
-
--- a/libgcrypt-fips-cipher-Implement-new-FIPS-service-indicator-for-cipher_open.patch
+++ b/libgcrypt-fips-cipher-Implement-new-FIPS-service-indicator-for-cipher_open.patch
@@ -1,122 +0,0 @@
-From 69a5d0ed18a3ddc6f297de783c7cef5ad2257df0 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Fri, 13 Dec 2024 14:40:53 +0900
-Subject: [PATCH 05/19] fips,cipher: Implement new FIPS service indicator for
- cipher_open.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/gcrypt.h.in (GCRY_CIPHER_FLAG_REJECT_NON_FIPS): New.
-* cipher/cipher.c (_gcry_cipher_open_internal): Don't reject
-but mark the service indicator in FIPS mode.
-(cipher_setkey): Likewise.
-* src/visibility.c (gcry_cipher_open): Initialize the service
-indicator.
-(gcry_cipher_setkey): Likewise.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/cipher.c  | 23 +++++++++++++++++++----
- src/gcrypt.h.in  |  3 ++-
- src/visibility.c |  4 ++--
- 3 files changed, 23 insertions(+), 7 deletions(-)
-
-diff --git a/cipher/cipher.c b/cipher/cipher.c
-index 898bb58f..7ffacf05 100644
--- a/cipher/cipher.c
-+++ b/cipher/cipher.c
-@@ -509,7 +509,8 @@ gcry_err_code_t
- _gcry_cipher_open_internal (gcry_cipher_hd_t *handle,
- 			    int algo, int mode, unsigned int flags)
- {
-  int secure = (flags & GCRY_CIPHER_SECURE);
-+  int secure = !!(flags & GCRY_CIPHER_SECURE);
-+  int reject_non_fips = !!(flags & GCRY_CIPHER_FLAG_REJECT_NON_FIPS);
-   gcry_cipher_spec_t *spec;
-   gcry_cipher_hd_t h = NULL;
-   gcry_err_code_t err;
-@@ -524,7 +525,15 @@ _gcry_cipher_open_internal (gcry_cipher_hd_t *handle,
-   else if (spec->flags.disabled)
-     err = GPG_ERR_CIPHER_ALGO;
-   else if (!spec->flags.fips && fips_mode ())
-    err = GPG_ERR_CIPHER_ALGO;
-+    {
-+      if (reject_non_fips)
-+        err = GPG_ERR_CIPHER_ALGO;
-+      else
-+        {
-+          fips_service_indicator_mark_non_compliant ();
-+          err = 0;
-+        }
-+    }
-   else
-     err = 0;
- 
-@@ -535,7 +544,8 @@ _gcry_cipher_open_internal (gcry_cipher_hd_t *handle,
- 		     | GCRY_CIPHER_ENABLE_SYNC
- 		     | GCRY_CIPHER_CBC_CTS
- 		     | GCRY_CIPHER_CBC_MAC
-                     | GCRY_CIPHER_EXTENDED))
-+                     | GCRY_CIPHER_EXTENDED
-+                     | GCRY_CIPHER_FLAG_REJECT_NON_FIPS))
- 	  || ((flags & GCRY_CIPHER_CBC_CTS) && (flags & GCRY_CIPHER_CBC_MAC))))
-     err = GPG_ERR_CIPHER_ALGO;
- 
-@@ -765,7 +775,12 @@ cipher_setkey (gcry_cipher_hd_t c, byte *key, size_t keylen)
- 	     See "Implementation Guidance for FIPS 140-2, A.9 XTS-AES
- 	     Key Generation Requirements" for details.  */
- 	  if (buf_eq_const (key, key + keylen, keylen))
-	    return GPG_ERR_WEAK_KEY;
-+            {
-+              if ((c->flags & GCRY_CIPHER_FLAG_REJECT_NON_FIPS))
-+                return GPG_ERR_WEAK_KEY;
-+              else
-+                fips_service_indicator_mark_non_compliant ();
-+            }
- 	}
-     }
-   else if (c->mode == GCRY_CIPHER_MODE_SIV)
-diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
-index 2a378639..2ed9914b 100644
--- a/src/gcrypt.h.in
-+++ b/src/gcrypt.h.in
-@@ -992,7 +992,8 @@ enum gcry_cipher_flags
-     GCRY_CIPHER_ENABLE_SYNC = 2,  /* Enable CFB sync mode. */
-     GCRY_CIPHER_CBC_CTS     = 4,  /* Enable CBC cipher text stealing (CTS). */
-     GCRY_CIPHER_CBC_MAC     = 8,  /* Enable CBC message auth. code (MAC).  */
-    GCRY_CIPHER_EXTENDED    = 16  /* Enable extended AES-WRAP.  */
-+    GCRY_CIPHER_EXTENDED    = 16, /* Enable extended AES-WRAP.  */
-+    GCRY_CIPHER_FLAG_REJECT_NON_FIPS = 32 /* Reject non-FIPS-compliant algo.  */
-   };
- 
- /* Methods used for AEAD IV generation. */
-diff --git a/src/visibility.c b/src/visibility.c
-index 7699f14f..d219f1a6 100644
--- a/src/visibility.c
-+++ b/src/visibility.c
-@@ -736,7 +736,7 @@ gcry_cipher_open (gcry_cipher_hd_t *handle,
-       *handle = NULL;
-       return gpg_error (fips_not_operational ());
-     }
-
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_cipher_open (handle, algo, mode, flags));
- }
- 
-@@ -751,7 +751,7 @@ gcry_cipher_setkey (gcry_cipher_hd_t hd, const void *key, size_t keylen)
- {
-   if (!fips_is_operational ())
-     return gpg_error (fips_not_operational ());
-
-+  fips_service_indicator_init ();
-   return gcry_error (_gcry_cipher_setkey (hd, key, keylen));
- }
- 
-- 
-2.49.0
-
--- a/libgcrypt-fips-ecc-Add-rejecting-or-marking-for-gcry_pk_get_curve.patch
+++ b/libgcrypt-fips-ecc-Add-rejecting-or-marking-for-gcry_pk_get_curve.patch
@@ -1,43 +0,0 @@
-From c6a092abbe7bea315394b15f28fd231dae0e4d7c Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Tue, 24 Dec 2024 17:01:45 +0900
-Subject: [PATCH 16/19] fips,ecc: Add rejecting or marking for
- gcry_pk_get_curve.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/ecc-curves.c (_gcry_ecc_get_curve): Check under FIPS mode.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/ecc-curves.c | 9 +++++++++
- 1 file changed, 9 insertions(+)
-
-diff --git a/cipher/ecc-curves.c b/cipher/ecc-curves.c
-index fe0a1eb2..975f6a07 100644
--- a/cipher/ecc-curves.c
-+++ b/cipher/ecc-curves.c
-@@ -844,6 +844,15 @@ _gcry_ecc_get_curve (gcry_sexp_t keyparms, int iterator, unsigned int *r_nbits)
-           if (r_nbits)
-             *r_nbits = domain_parms[idx].nbits;
-         }
-+
-+      if (fips_mode () && !domain_parms[idx].fips)
-+        {
-+          if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-+            return NULL;
-+          else
-+            fips_service_indicator_mark_non_compliant ();
-+        }
-+
-       return result;
-     }
- 
-- 
-2.49.0
-
--- a/libgcrypt-fips-ecc-Check-DATA-in-gcry_pk_sign-verify-in-FIPS-mode.patch
+++ b/libgcrypt-fips-ecc-Check-DATA-in-gcry_pk_sign-verify-in-FIPS-mode.patch
@@ -1,282 +0,0 @@
-From 53c97483b17fee280e24f595bc0d82d9b362ffde Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 26 Dec 2024 11:12:48 +0900
-Subject: [PATCH 18/19] fips,ecc: Check DATA in gcry_pk_sign/verify in FIPS
- mode.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/gcrypt.h.in (GCRY_FIPS_FLAG_REJECT_PK_MD): New.
-(GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2): New.
-
-* cipher/ecc.c (ecc_sign): Check if GOST or SM2.  Check if hash is
-compliant.
-(ecc_verify): Likewise.
-* tests/t-fips-service-ind.c (check_pk_s_v): Modify tests including
-hash compliance.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/ecc.c               | 70 +++++++++++++++++++++++++++++++++++---
- src/gcrypt.h.in            |  4 ++-
- tests/t-fips-service-ind.c | 52 ++++++++++++++++++++--------
- 3 files changed, 107 insertions(+), 19 deletions(-)
-
-diff --git a/cipher/ecc.c b/cipher/ecc.c
-index 8896afd0..525523ed 100644
--- a/cipher/ecc.c
-+++ b/cipher/ecc.c
-@@ -941,6 +941,18 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
-   if (rc)
-     goto leave;
- 
-+  if (fips_mode ()
-+      && ((ctx.flags & PUBKEY_FLAG_GOST) || (ctx.flags & PUBKEY_FLAG_SM2)))
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2))
-+        {
-+          rc = GPG_ERR_INV_DATA;
-+          goto leave;
-+        }
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-+
-   /* Hash algo is determined by curve in EdDSA.  */
-   if ((ctx.flags & PUBKEY_FLAG_EDDSA))
-     {
-@@ -953,10 +965,12 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
-                       && ctx.hash_algo != GCRY_MD_SHAKE256)))
-             {
-               if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-                rc = GPG_ERR_DIGEST_ALGO;
-+                {
-+                  rc = GPG_ERR_DIGEST_ALGO;
-+                  goto leave;
-+                }
-               else
-                 fips_service_indicator_mark_non_compliant ();
-              goto leave;
-             }
-         }
-       else
-@@ -967,6 +981,23 @@ ecc_sign (gcry_sexp_t *r_sig, gcry_sexp_t s_data, gcry_sexp_t keyparms)
-             ctx.hash_algo = GCRY_MD_SHAKE256;
-         }
-     }
-+  else
-+    {
-+      if (fips_mode ())
-+        {
-+          if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL)
-+              || ctx.hash_algo == GCRY_MD_SHA1)
-+            {
-+              if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_MD))
-+                {
-+                  rc = GPG_ERR_DIGEST_ALGO;
-+                  goto leave;
-+                }
-+              else
-+                fips_service_indicator_mark_non_compliant ();
-+            }
-+        }
-+    }
- 
-   sig_r = mpi_new (0);
-   sig_s = mpi_new (0);
-@@ -1066,6 +1097,18 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
-   if (DBG_CIPHER)
-     log_mpidump ("ecc_verify data", data);
- 
-+  if (fips_mode ()
-+      && ((ctx.flags & PUBKEY_FLAG_GOST) || (ctx.flags & PUBKEY_FLAG_SM2)))
-+    {
-+      if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2))
-+        {
-+          rc = GPG_ERR_INV_DATA;
-+          goto leave;
-+        }
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-+
-   /* Hash algo is determined by curve in EdDSA.  */
-   if ((ctx.flags & PUBKEY_FLAG_EDDSA))
-     {
-@@ -1078,10 +1121,12 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
-                       && ctx.hash_algo != GCRY_MD_SHAKE256)))
-             {
-               if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK))
-                rc = GPG_ERR_DIGEST_ALGO;
-+                {
-+                  rc = GPG_ERR_DIGEST_ALGO;
-+                  goto leave;
-+                }
-               else
-                 fips_service_indicator_mark_non_compliant ();
-              goto leave;
-             }
-         }
-       else
-@@ -1092,6 +1137,23 @@ ecc_verify (gcry_sexp_t s_sig, gcry_sexp_t s_data, gcry_sexp_t s_keyparms)
-             ctx.hash_algo = GCRY_MD_SHAKE256;
-         }
-     }
-+  else
-+    {
-+      if (fips_mode ())
-+        {
-+          if (_gcry_md_algo_info (ctx.hash_algo, GCRYCTL_TEST_ALGO, NULL, NULL)
-+              || ctx.hash_algo == GCRY_MD_SHA1)
-+            {
-+              if (fips_check_rejection (GCRY_FIPS_FLAG_REJECT_PK_MD))
-+                {
-+                  rc = GPG_ERR_DIGEST_ALGO;
-+                  goto leave;
-+                }
-+              else
-+                fips_service_indicator_mark_non_compliant ();
-+            }
-+        }
-+    }
- 
-   /*
-    * Extract the signature value.
-diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
-index 7bee45e9..fcb6a327 100644
--- a/src/gcrypt.h.in
-+++ b/src/gcrypt.h.in
-@@ -1986,11 +1986,13 @@ char *gcry_get_config (int mode, const char *what);
- #define GCRY_FIPS_FLAG_REJECT_MAC           (1 << 3)
- #define GCRY_FIPS_FLAG_REJECT_CIPHER        (1 << 4)
- #define GCRY_FIPS_FLAG_REJECT_PK            (1 << 5)
-+#define GCRY_FIPS_FLAG_REJECT_PK_MD         (1 << 6)
-+#define GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2   (1 << 7)
- 
- #define GCRY_FIPS_FLAG_REJECT_MD \
-   (GCRY_FIPS_FLAG_REJECT_MD_MD5 | GCRY_FIPS_FLAG_REJECT_MD_OTHERS)
- 
-/* Note: Don't reject MD5 */
-+/* Note: Don't reject MD5, PK MD, PK GOST and PK SM2 */
- #define GCRY_FIPS_FLAG_REJECT_COMPAT110 \
-   (GCRY_FIPS_FLAG_REJECT_MD_OTHERS      \
-    | GCRY_FIPS_FLAG_REJECT_MAC          \
-diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
-index 90d92c70..fe963fa5 100644
--- a/tests/t-fips-service-ind.c
-+++ b/tests/t-fips-service-ind.c
-@@ -228,6 +228,7 @@ check_pk_s_v (int reject)
-   static struct {
-     const char *prvkey;
-     const char *pubkey;
-+    const char *data;
-     int expect_failure;
-   } tv[] = {
-     {
-@@ -236,6 +237,8 @@ check_pk_s_v (int reject)
-       "(public-key (ecc (curve nistp256)"
-       " (q #041ccbe91c075fc7f4f033bfa248db8fccd3565de94bbfb12f3c59ff46c271bf83"
-       "ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9#)))",
-+      "(data (flags raw)(hash sha256 "
-+      "#00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F#))",
-       0
-     },
-     {                           /* non-compliant curve */
-@@ -244,28 +247,40 @@ check_pk_s_v (int reject)
-       "(public-key (ecc (curve secp256k1)"
-       " (q #046fcc37ea5e9e09fec6c83e5fbd7a745e3eee81d16ebd861c9e66f55518c19798"
-       "4e9f113c07f875691df8afc1029496fc4cb9509b39dcd38f251a83359cc8b4f7#)))",
-+      "(data (flags raw)(hash sha256 "
-+      "#00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F#))",
-       1
-    }
-+    },
-+    {                           /* non-compliant hash */
-+      "(private-key (ecc (curve nistp256)"
-+      " (d #519b423d715f8b581f4fa8ee59f4771a5b44c8130b4e3eacca54a56dda72b464#)))",
-+      "(public-key (ecc (curve nistp256)"
-+      " (q #041ccbe91c075fc7f4f033bfa248db8fccd3565de94bbfb12f3c59ff46c271bf83"
-+      "ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9#)))",
-+      "(data (flags raw)(hash ripemd160 "
-+      "#00112233445566778899AABBCCDDEEFF00010203#))",
-+      1
-+    },
-+    {                           /* non-compliant hash for signing */
-+      "(private-key (ecc (curve nistp256)"
-+      " (d #519b423d715f8b581f4fa8ee59f4771a5b44c8130b4e3eacca54a56dda72b464#)))",
-+      "(public-key (ecc (curve nistp256)"
-+      " (q #041ccbe91c075fc7f4f033bfa248db8fccd3565de94bbfb12f3c59ff46c271bf83"
-+      "ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9#)))",
-+      "(data (flags raw)(hash sha1 "
-+      "#00112233445566778899AABBCCDDEEFF00010203#))",
-+      1
-+    },
-   };
-   int tvidx;
-   gpg_error_t err;
-   gpg_err_code_t ec;
-  const char *data = "(data (flags raw)"
-    "(hash sha256 #00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F#))";
-  gcry_sexp_t s_data = NULL;
-
-  err = gcry_sexp_build (&s_data, NULL, data);
-  if (err)
-    {
-      fail ("error building SEXP for test, %s: %s",
-            "data", gpg_strerror (err));
-      return;
-    }
- 
-   for (tvidx=0; tvidx < DIM(tv); tvidx++)
-     {
-       gcry_sexp_t s_pk = NULL;
-       gcry_sexp_t s_sk = NULL;
-+      gcry_sexp_t s_data = NULL;
-       gcry_sexp_t s_sig= NULL;
- 
-       if (verbose)
-@@ -287,6 +302,14 @@ check_pk_s_v (int reject)
-           goto next;
-         }
- 
-+      err = gcry_sexp_build (&s_data, NULL, tv[tvidx].data);
-+      if (err)
-+        {
-+          fail ("error building SEXP for test, %s: %s",
-+                "data", gpg_strerror (err));
-+          goto next;
-+        }
-+
-       err = gcry_pk_sign (&s_sig, s_data, s_sk);
-       if (err)
-         {
-@@ -363,11 +386,10 @@ check_pk_s_v (int reject)
- 
-     next:
-       gcry_sexp_release (s_sig);
-+      gcry_sexp_release (s_data);
-       gcry_sexp_release (s_pk);
-       gcry_sexp_release (s_sk);
-     }
-
-  gcry_sexp_release (s_data);
- }
- 
- /* Check gcry_pk_hash_sign, gcry_pk_hash_verify API.  */
-@@ -1461,6 +1483,8 @@ main (int argc, char **argv)
- 
-   xgcry_control ((GCRYCTL_FIPS_REJECT_NON_FIPS,
-                   (GCRY_FIPS_FLAG_REJECT_MD_MD5
-+                   | GCRY_FIPS_FLAG_REJECT_PK_MD
-+                   | GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2
-                    | GCRY_FIPS_FLAG_REJECT_COMPAT110)));
- 
-   check_md_o_w_r_c (1);
-- 
-2.49.0
-
--- a/libgcrypt-fips-kdf-Implement-new-FIPS-service-indicator-for-gcry_kdf_derive.patch
+++ b/libgcrypt-fips-kdf-Implement-new-FIPS-service-indicator-for-gcry_kdf_derive.patch
@@ -1,265 +0,0 @@
-From 5cfa1aee5b98baf0d66333344e0fa45b79cca28b Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 5 Dec 2024 14:52:17 +0900
-Subject: [PATCH 3/5] fips,kdf: Implement new FIPS service indicator for
- gcry_kdf_derive.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/kdf.c (_gcry_kdf_derive): Don't reject by GPG_ERR_INV_VALUE
-but continue the computation, clearing IS_COMPLIANT.  After successful
-computation, call fips_service_indicator_mark_success with
-IS_COMPLIANT.
-* src/visibility.c (gcry_kdf_derive): Call fips_service_indicator_init.
-* tests/t-kdf.c (check_fips_gcry_kdf_derive): New.
-(main): Call check_fips_gcry_kdf_derive.
-
--
-
-GnuPG-bug-id: 7338
-Co-authored-by: David Sugar <david@atsec.com>
-Suggested-by: Stephan Mueller <smueller@chronox.de>
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/kdf.c     |  33 ++++++-----
- src/visibility.c |   1 +
- tests/t-kdf.c    | 149 ++++++++++++++++++++++++++++++++++++++++++++++-
- 3 files changed, 169 insertions(+), 14 deletions(-)
-
-diff --git a/cipher/kdf.c b/cipher/kdf.c
-index b4c5f83a..52e6a9ba 100644
--- a/cipher/kdf.c
-+++ b/cipher/kdf.c
-@@ -279,28 +279,35 @@ _gcry_kdf_derive (const void *passphrase, size_t passphraselen,
-       break;
- 
-     case GCRY_KDF_PBKDF2:
-      if (!saltlen)
-+      if (!saltlen || !iterations)
-         ec = GPG_ERR_INV_VALUE;
-       else
-         {
-          /* FIPS requires minimum passphrase length, see FIPS 140-3 IG D.N */
-          if (fips_mode () && passphraselen < 8)
-            return GPG_ERR_INV_VALUE;
-+          int is_compliant = 1;
-+
-+          if (fips_mode ())
-+            {
-+              /* FIPS requires minimum passphrase length, see FIPS 140-3 IG D.N */
-+              if (passphraselen < 8)
-+                is_compliant &= 0;
- 
-          /* FIPS requires minimum salt length of 128 b (SP 800-132 sec. 5.1, p.6) */
-          if (fips_mode () && saltlen < 16)
-            return GPG_ERR_INV_VALUE;
-+              /* FIPS requires minimum salt length of 128 b (SP 800-132 sec. 5.1, p.6) */
-+              if (saltlen < 16)
-+                is_compliant &= 0;
- 
-          /* FIPS requires minimum iterations bound (SP 800-132 sec 5.2, p.6) */
-          if (fips_mode () && iterations < 1000)
-            return GPG_ERR_INV_VALUE;
-+              /* FIPS requires minimum iterations bound (SP 800-132 sec 5.2, p.6) */
-+              if (iterations < 1000)
-+                is_compliant &= 0;
- 
-          /* Check minimum key size */
-          if (fips_mode () && keysize < 14)
-            return GPG_ERR_INV_VALUE;
-+              /* Check minimum key size */
-+              if (keysize < 14)
-+                is_compliant &= 0;
-+            }
- 
-           ec = _gcry_kdf_pkdf2 (passphrase, passphraselen, subalgo,
-                                 salt, saltlen, iterations, keysize, keybuffer);
-+          if (!ec)
-+            fips_service_indicator_mark_success (is_compliant);
-         }
-       break;
- 
-diff --git a/src/visibility.c b/src/visibility.c
-index 006e8f80..8f76b854 100644
--- a/src/visibility.c
-+++ b/src/visibility.c
-@@ -1400,6 +1400,7 @@ gcry_kdf_derive (const void *passphrase, size_t passphraselen,
- {
-   if (!fips_is_operational ())
-     return gpg_error (fips_not_operational ());
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_kdf_derive (passphrase, passphraselen, algo, hashalgo,
-                                       salt, saltlen, iterations,
-                                       keysize, keybuffer));
-diff --git a/tests/t-kdf.c b/tests/t-kdf.c
-index 10f64a7c..4b92bd30 100644
--- a/tests/t-kdf.c
-+++ b/tests/t-kdf.c
-@@ -1927,6 +1927,151 @@ check_fips_indicators (void)
- }
- 
- 
-+static void
-+check_fips_gcry_kdf_derive (void)
-+{
-+  static struct {
-+    const char *p;   /* Passphrase.  */
-+    size_t plen;     /* Length of P. */
-+    int algo;
-+    int subalgo;
-+    const char *salt;
-+    size_t saltlen;
-+    unsigned long iterations;
-+    int dklen;       /* Requested key length.  */
-+    const char *dk;  /* Derived key.  */
-+    int expect_failure;
-+  } tv[] = {
-+    {
-+      "passwordPASSWORDpassword", 24,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-+      4096,
-+      25,
-+      "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8"
-+      "\xd8\x36\x62\xc0\xe4\x4a\x8b\x29\x1a\x96"
-+      "\x4c\xf2\xf0\x70\x38",
-+      0
-+    },
-+    {
-+      "pleaseletmein", 13,
-+      GCRY_KDF_SCRYPT, 16384,
-+      "SodiumChloride", 14,
-+      1,
-+      64,
-+      "\x70\x23\xbd\xcb\x3a\xfd\x73\x48\x46\x1c\x06\xcd\x81\xfd\x38\xeb"
-+      "\xfd\xa8\xfb\xba\x90\x4f\x8e\x3e\xa9\xb5\x43\xf6\x54\x5d\xa1\xf2"
-+      "\xd5\x43\x29\x55\x61\x3f\x0f\xcf\x62\xd4\x97\x05\x24\x2a\x9a\xf9"
-+      "\xe6\x1e\x85\xdc\x0d\x65\x1e\x40\xdf\xcf\x01\x7b\x45\x57\x58\x87",
-+      1 /* not-compliant because unallowed algo */
-+    },
-+    {
-+      "passwor", 7,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-+      4096,
-+      25,
-+      "\xf4\x93\xee\x2b\xbf\x44\x0b\x9e\x64\x53"
-+      "\xc2\xb3\x87\xdc\x73\xf8\xfd\xe6\x97\xda"
-+      "\xb8\x24\xa0\x26\x50",
-+      1 /* not-compliant because passphrase len is too small */
-+    },
-+    {
-+      "passwordPASSWORDpassword", 24,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      "saltSALTsaltSAL", 15,
-+      4096,
-+      25,
-+      "\x14\x05\xa4\x2a\xf4\xa8\x12\x14\x7b\x65"
-+      "\x8f\xaa\xf0\x7f\x25\xe5\x0f\x0b\x2b\xb7"
-+      "\xcf\x8d\x29\x23\x4b",
-+      1 /* not-compliant because salt len is too small */
-+    },
-+    {
-+      "passwordPASSWORDpassword", 24,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-+      999,
-+      25,
-+      "\xac\xf8\xb4\x67\x41\xc7\xf3\xd1\xa0\xc0"
-+      "\x08\xbe\x9b\x23\x96\x78\xbd\x93\xda\x4a"
-+      "\x30\xd4\xfb\xf0\x33",
-+      1 /* not-compliant because too few iterations */
-+    },
-+    {
-+      "passwordPASSWORDpassword", 24,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-+      4096,
-+      13,
-+      "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8"
-+      "\xd8\x36\x62",
-+      1 /* not-compliant because key size too small */
-+    },
-+  };
-+
-+  int tvidx;
-+  gpg_error_t err;
-+  unsigned char outbuf[100];
-+  int i;
-+
-+  for (tvidx=0; tvidx < DIM(tv); tvidx++)
-+    {
-+      if (verbose)
-+        fprintf (stderr, "checking gcry_kdf_derive test vector %d algo %d for FIPS\n",
-+                 tvidx, tv[tvidx].algo);
-+      assert (tv[tvidx].dklen <= sizeof outbuf);
-+      err = gcry_kdf_derive (tv[tvidx].p, tv[tvidx].plen,
-+                             tv[tvidx].algo, tv[tvidx].subalgo,
-+                             tv[tvidx].salt, tv[tvidx].saltlen,
-+                             tv[tvidx].iterations, tv[tvidx].dklen, outbuf);
-+
-+      if (err)
-+        {
-+          fail ("gcry_kdf_derive test %d unexpectedly returned an error in FIPS mode: %s\n",
-+                tvidx, gpg_strerror (err));
-+        }
-+      else
-+        {
-+          gpg_err_code_t ec;
-+
-+          ec = gcry_get_fips_service_indicator ();
-+          if (ec == GPG_ERR_INV_OP)
-+            {
-+              /* libgcrypt is old, no support of the FIPS service indicator.  */
-+              fail ("gcry_kdf_derive test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                    tvidx);
-+              continue;
-+            }
-+
-+          if (!tv[tvidx].expect_failure && ec)
-+            {
-+              /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+              fail ("gcry_kdf_derive test %d unexpectedly set the indicator in FIPS mode.\n",
-+                    tvidx);
-+              continue;
-+            }
-+          else if (tv[tvidx].expect_failure && !ec)
-+            {
-+              /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+              fail ("gcry_kdf_derive test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                    tvidx);
-+              continue;
-+            }
-+
-+          if (memcmp (outbuf, tv[tvidx].dk, tv[tvidx].dklen))
-+            {
-+              fail ("gcry_kdf_derive test %d failed: mismatch\n", tvidx);
-+              fputs ("got:", stderr);
-+              for (i=0; i < tv[tvidx].dklen; i++)
-+                fprintf (stderr, " %02x", outbuf[i]);
-+              putc ('\n', stderr);
-+            }
-+        }
-+    }
-+}
-+
-+
- int
- main (int argc, char **argv)
- {
-@@ -2008,7 +2153,9 @@ main (int argc, char **argv)
-       check_onestep_kdf ();
-       check_hkdf ();
-       if (in_fips_mode)
-        check_fips_indicators();
-+        check_fips_indicators ();
-+      if (in_fips_mode)
-+        check_fips_gcry_kdf_derive ();
-     }
- 
-   return error_count ? 1 : 0;
-- 
-2.49.0
-
--- a/libgcrypt-fips-mac-Implement-new-FIPS-service-indicator-for-gcry_mac_open.patch
+++ b/libgcrypt-fips-mac-Implement-new-FIPS-service-indicator-for-gcry_mac_open.patch
@@ -1,115 +0,0 @@
-From fcb0c7004b0b6b318fdcced2bf61d9acb1e28cfc Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Fri, 13 Dec 2024 14:25:02 +0900
-Subject: [PATCH 04/19] fips,mac: Implement new FIPS service indicator for
- gcry_mac_open.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/gcrypt.h.in (GCRY_MAC_FLAG_REJECT_NON_FIPS): New.
-* cipher/mac.c (mac_open): Have FLAGS, instead of SECURE.  Reject when
-GCRY_MAC_FLAG_REJECT_NON_FIPS, otherwise, mark non compliant.
-(_gcry_mac_open): Follow the change.
-* src/visibility.c (gcry_mac_open): Add initialization for FIPS
-service indicator.
-(gcry_mac_setkey): Likewise.  Don't reject but mark.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/mac.c     | 15 +++++++++++----
- src/gcrypt.h.in  |  3 ++-
- src/visibility.c |  5 +++--
- 3 files changed, 16 insertions(+), 7 deletions(-)
-
-diff --git a/cipher/mac.c b/cipher/mac.c
-index 128ac53d..0df48fd7 100644
--- a/cipher/mac.c
-+++ b/cipher/mac.c
-@@ -513,11 +513,13 @@ check_mac_algo (int algorithm)
-  * Open a message digest handle for use with algorithm ALGO.
-  */
- static gcry_err_code_t
-mac_open (gcry_mac_hd_t * hd, int algo, int secure, gcry_ctx_t ctx)
-+mac_open (gcry_mac_hd_t * hd, int algo, unsigned int flags, gcry_ctx_t ctx)
- {
-   const gcry_mac_spec_t *spec;
-   gcry_err_code_t err;
-   gcry_mac_hd_t h;
-+  int secure = !!(flags & GCRY_MAC_FLAG_SECURE);
-+  int reject_non_fips = !!(flags & GCRY_MAC_FLAG_REJECT_NON_FIPS);
- 
-   spec = spec_from_algo (algo);
-   if (!spec)
-@@ -525,7 +527,12 @@ mac_open (gcry_mac_hd_t * hd, int algo, int secure, gcry_ctx_t ctx)
-   else if (spec->flags.disabled)
-     return GPG_ERR_MAC_ALGO;
-   else if (!spec->flags.fips && fips_mode ())
-    return GPG_ERR_MAC_ALGO;
-+    {
-+      if (reject_non_fips)
-+        return GPG_ERR_MAC_ALGO;
-+      else
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-   else if (!spec->ops)
-     return GPG_ERR_MAC_ALGO;
-   else if (!spec->ops->open || !spec->ops->write || !spec->ops->setkey ||
-@@ -643,10 +650,10 @@ _gcry_mac_open (gcry_mac_hd_t * h, int algo, unsigned int flags,
-   gcry_err_code_t rc;
-   gcry_mac_hd_t hd = NULL;
- 
-  if ((flags & ~GCRY_MAC_FLAG_SECURE))
-+  if ((flags & ~(GCRY_MAC_FLAG_SECURE | GCRY_MAC_FLAG_REJECT_NON_FIPS)))
-     rc = GPG_ERR_INV_ARG;
-   else
-    rc = mac_open (&hd, algo, !!(flags & GCRY_MAC_FLAG_SECURE), ctx);
-+    rc = mac_open (&hd, algo, flags, ctx);
- 
-   *h = rc ? NULL : hd;
-   return rc;
-diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
-index 96bf88f6..2a378639 100644
--- a/src/gcrypt.h.in
-+++ b/src/gcrypt.h.in
-@@ -1560,7 +1560,8 @@ enum gcry_mac_algos
- /* Flags used with the open function.  */
- enum gcry_mac_flags
-   {
-    GCRY_MAC_FLAG_SECURE = 1   /* Allocate all buffers in "secure" memory.  */
-+    GCRY_MAC_FLAG_SECURE = 1,  /* Allocate all buffers in "secure" memory.  */
-+    GCRY_MAC_FLAG_REJECT_NON_FIPS = 2   /* Reject non-FIPS-compliant algo.  */
-   };
- 
- /* Create a MAC handle for algorithm ALGO.  FLAGS may be given as an bitwise OR
-diff --git a/src/visibility.c b/src/visibility.c
-index 44b05eb2..7699f14f 100644
--- a/src/visibility.c
-+++ b/src/visibility.c
-@@ -946,7 +946,7 @@ gcry_mac_open (gcry_mac_hd_t *handle, int algo, unsigned int flags,
-       *handle = NULL;
-       return gpg_error (fips_not_operational ());
-     }
-
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_mac_open (handle, algo, flags, ctx));
- }
- 
-@@ -962,8 +962,9 @@ gcry_mac_setkey (gcry_mac_hd_t hd, const void *key, size_t keylen)
-   if (!fips_is_operational ())
-     return gpg_error (fips_not_operational ());
- 
-+  fips_service_indicator_init ();
-   if (fips_mode () && keylen < 14)
-    return GPG_ERR_INV_VALUE;
-+    fips_service_indicator_mark_non_compliant ();
- 
-   return gpg_error (_gcry_mac_setkey (hd, key, keylen));
- }
-- 
-2.49.0
-
--- a/libgcrypt-fips-md-Implement-new-FIPS-service-indicator-for-gcry_md_hash_.patch
+++ b/libgcrypt-fips-md-Implement-new-FIPS-service-indicator-for-gcry_md_hash_.patch
@@ -1,188 +0,0 @@
-From 3478caac62c712547f7c0e07f4cf9602bc317997 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Fri, 6 Dec 2024 14:33:58 +0900
-Subject: [PATCH 4/5] fips,md: Implement new FIPS service indicator for
- gcry_md_hash_*.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/md.c (md_enable): Add an NO_REJECT argument.
-(md_open): Check flags against GCRY_MD_FLAG_FIPS_NO_REJECTION to
-call md_enable.
-(_gcry_md_enable): Follow the change.
-(_gcry_md_hash_buffer): Don't reject but keep the computation.
-Call fips_service_indicator_mark_success.
-(_gcry_md_hash_buffers_extract): Likewise.
-* src/gcrypt.h.in (GCRY_MD_FLAG_FIPS_NO_REJECTION): New.
-* src/visibility.c (gcry_md_hash_buffer, gcry_md_hash_buffers): Call
-fips_service_indicator_init.
-(gcry_md_hash_buffers_ext): Likewise.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/md.c      | 32 +++++++++++++++++++++++---------
- src/gcrypt.h.in  |  1 +
- src/visibility.c |  3 +++
- 3 files changed, 27 insertions(+), 9 deletions(-)
-
-diff --git a/cipher/md.c b/cipher/md.c
-index 1991c331..c2bd18c6 100644
--- a/cipher/md.c
-+++ b/cipher/md.c
-@@ -285,7 +285,7 @@ struct gcry_md_context
- #define CTX_MAGIC_NORMAL 0x11071961
- #define CTX_MAGIC_SECURE 0x16917011
- 
-static gcry_err_code_t md_enable (gcry_md_hd_t hd, int algo);
-+static gcry_err_code_t md_enable (gcry_md_hd_t hd, int algo, int no_reject);
- static void md_close (gcry_md_hd_t a);
- static void md_write (gcry_md_hd_t a, const void *inbuf, size_t inlen);
- static byte *md_read( gcry_md_hd_t a, int algo );
-@@ -517,7 +517,8 @@ md_open (gcry_md_hd_t *h, int algo, unsigned int flags)
- 
-       if (algo)
- 	{
-	  err = md_enable (hd, algo);
-+	  err = md_enable (hd, algo,
-+                           !!(flags & GCRY_MD_FLAG_FIPS_NO_REJECTION));
- 	  if (err)
- 	    md_close (hd);
- 	}
-@@ -554,7 +555,7 @@ _gcry_md_open (gcry_md_hd_t *h, int algo, unsigned int flags)
- 
- 
- static gcry_err_code_t
-md_enable (gcry_md_hd_t hd, int algorithm)
-+md_enable (gcry_md_hd_t hd, int algorithm, int no_reject)
- {
-   struct gcry_md_context *h = hd->ctx;
-   const gcry_md_spec_t *spec;
-@@ -576,7 +577,7 @@ md_enable (gcry_md_hd_t hd, int algorithm)
-     err = GPG_ERR_DIGEST_ALGO;
- 
-   /* Any non-FIPS algorithm should go this way */
-  if (!err && !spec->flags.fips && fips_mode ())
-+  if (!err && !no_reject && !spec->flags.fips && fips_mode ())
-     err = GPG_ERR_DIGEST_ALGO;
- 
-   if (!err && h->flags.hmac && spec->read == NULL)
-@@ -619,7 +620,7 @@ md_enable (gcry_md_hd_t hd, int algorithm)
- gcry_err_code_t
- _gcry_md_enable (gcry_md_hd_t hd, int algorithm)
- {
-  return md_enable (hd, algorithm);
-+  return md_enable (hd, algorithm, 0);
- }
- 
- 
-@@ -1260,7 +1261,7 @@ _gcry_md_hash_buffer (int algo, void *digest,
-       iov.off = 0;
-       iov.len = length;
- 
-      if (spec->flags.disabled || (!spec->flags.fips && fips_mode ()))
-+      if (spec->flags.disabled)
-         log_bug ("gcry_md_hash_buffer failed for algo %d: %s",
-                 algo, gpg_strerror (gcry_error (GPG_ERR_DIGEST_ALGO)));
- 
-@@ -1273,7 +1274,7 @@ _gcry_md_hash_buffer (int algo, void *digest,
-       gcry_md_hd_t h;
-       gpg_err_code_t err;
- 
-      err = md_open (&h, algo, 0);
-+      err = md_open (&h, algo, GCRY_MD_FLAG_FIPS_NO_REJECTION);
-       if (err)
-         log_bug ("gcry_md_open failed for algo %d: %s",
-                 algo, gpg_strerror (gcry_error(err)));
-@@ -1282,6 +1283,12 @@ _gcry_md_hash_buffer (int algo, void *digest,
-       memcpy (digest, md_read (h, algo), md_digest_length (algo));
-       md_close (h);
-     }
-+
-+  if (fips_mode ())
-+    {
-+      int is_compliant = spec->flags.fips;
-+      fips_service_indicator_mark_success (is_compliant);
-+    }
- }
- 
- 
-@@ -1336,7 +1343,7 @@ _gcry_md_hash_buffers_extract (int algo, unsigned int flags, void *digest,
- 
-   if (!hmac && spec->hash_buffers)
-     {
-      if (spec->flags.disabled || (!spec->flags.fips && fips_mode ()))
-+      if (spec->flags.disabled)
-         return GPG_ERR_DIGEST_ALGO;
- 
-       spec->hash_buffers (digest, digestlen, iov, iovcnt);
-@@ -1348,7 +1355,8 @@ _gcry_md_hash_buffers_extract (int algo, unsigned int flags, void *digest,
-       gcry_md_hd_t h;
-       gpg_err_code_t rc;
- 
-      rc = md_open (&h, algo, (hmac? GCRY_MD_FLAG_HMAC:0));
-+      rc = md_open (&h, algo, ((hmac? GCRY_MD_FLAG_HMAC:0)
-+                               | GCRY_MD_FLAG_FIPS_NO_REJECTION));
-       if (rc)
-         return rc;
- 
-@@ -1374,6 +1382,12 @@ _gcry_md_hash_buffers_extract (int algo, unsigned int flags, void *digest,
-       md_close (h);
-     }
- 
-+  if (fips_mode ())
-+    {
-+      int is_compliant = spec->flags.fips;
-+      fips_service_indicator_mark_success (is_compliant);
-+    }
-+
-   return 0;
- }
- 
-diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in
-index 2f61a0bc..18d04a38 100644
--- a/src/gcrypt.h.in
-+++ b/src/gcrypt.h.in
-@@ -1318,6 +1318,7 @@ enum gcry_md_flags
-   {
-     GCRY_MD_FLAG_SECURE = 1,  /* Allocate all buffers in "secure" memory.  */
-     GCRY_MD_FLAG_HMAC   = 2,  /* Make an HMAC out of this algorithm.  */
-+    GCRY_MD_FLAG_FIPS_NO_REJECTION = 4,  /* Don't reject for FIPS.  */
-     GCRY_MD_FLAG_BUGEMU1 = 0x0100
-   };
- 
-diff --git a/src/visibility.c b/src/visibility.c
-index 8f76b854..be5deda1 100644
--- a/src/visibility.c
-+++ b/src/visibility.c
-@@ -1281,6 +1281,7 @@ gcry_md_hash_buffer (int algo, void *digest,
-       (void)fips_not_operational ();
-       fips_signal_error ("called in non-operational state");
-     }
-+  fips_service_indicator_init ();
-   _gcry_md_hash_buffer (algo, digest, buffer, length);
- }
- 
-@@ -1293,6 +1294,7 @@ gcry_md_hash_buffers (int algo, unsigned int flags, void *digest,
-       (void)fips_not_operational ();
-       fips_signal_error ("called in non-operational state");
-     }
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_md_hash_buffers (algo, flags, digest, iov, iovcnt));
- }
- 
-@@ -1306,6 +1308,7 @@ gcry_md_hash_buffers_ext (int algo, unsigned int flags, void *digest,
-       (void)fips_not_operational ();
-       fips_signal_error ("called in non-operational state");
-     }
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_md_hash_buffers_extract (algo, flags, digest,
-                                                    digestlen, iov, iovcnt));
- }
-- 
-2.49.0
-
--- a/libgcrypt-fips-md-Implement-new-FIPS-service-indicator-for-gcry_md_open-API.patch
+++ b/libgcrypt-fips-md-Implement-new-FIPS-service-indicator-for-gcry_md_open-API.patch
@@ -1,298 +0,0 @@
-From 9757e280794f537efc82c4eaa9a2944ece6a068a Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Thu, 12 Dec 2024 11:40:31 +0900
-Subject: [PATCH] fips,md: Implement new FIPS service indicator for
- gcry_md_open API.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/gcrypt.h.in (GCRY_MD_FLAG_FIPS_NO_REJECTION): Remove.
-(GCRY_MD_FLAG_REJECT_NON_FIPS): New.
-* cipher/md.c (struct gcry_md_context): Add reject_non_fips.
-(md_enable): Remove NO_REJECT argument.
-(md_open): Change the FLAGS handling.
-(_gcry_md_open): Add checking of FIPS compliance against ALGO.
-(_gcry_md_enable): Likewise.
-(_gcry_md_hash_buffer): Follow the change of md_open change
-which now defaults to no rejection.
-(_gcry_md_hash_buffers_extract): Likewise.
-* src/visibility.c (gcry_md_open): Add fips_service_indicator_init.
-(gcry_md_enable): Likewise.
-(gcry_md_setkey): Don't reject but mark non-compliance.
-* tests/t-kdf.c (check_fips_gcry_kdf_derive): Add a test with
-non-compliant hash function.
-* cipher/mac-hmac.c (_gcry_mac_type_spec_hmac_md5): It's not
-compliant.
-* cipher/md5.c (gcry_md_oid_spec_t oid_spec_md5): It's not compliant.
-* tests/t-digest.c (check_hash_buffer, check_hash_buffers): MD5
-tests enabled.
-
--
-
-See 6376 for the MD5 compliance change in the past.  This commit
-reverts the change in:
-	dc4a60e2d70bc52ba2955f8e676341d675ab89a0
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/mac-hmac.c |  2 +-
- cipher/md.c       | 57 +++++++++++++++++++++++++++++++++++++++--------
- cipher/md5.c      |  2 +-
- src/gcrypt.h.in   |  2 +-
- src/visibility.c  |  6 +++--
- tests/t-digest.c  |  6 ++---
- tests/t-kdf.c     | 12 ++++++++++
- 7 files changed, 69 insertions(+), 18 deletions(-)
-
-Index: libgcrypt-1.11.0/cipher/mac-hmac.c
-===================================================================
--- libgcrypt-1.11.0.orig/cipher/mac-hmac.c
-+++ libgcrypt-1.11.0/cipher/mac-hmac.c
-@@ -1413,7 +1413,7 @@ const gcry_mac_spec_t _gcry_mac_type_spe
- #endif
- #if USE_MD5
- const gcry_mac_spec_t _gcry_mac_type_spec_hmac_md5 = {
-  GCRY_MAC_HMAC_MD5, {0, 1}, "HMAC_MD5",
-+  GCRY_MAC_HMAC_MD5, {0, 0}, "HMAC_MD5",
-   &hmac_ops
- };
- #endif
-Index: libgcrypt-1.11.0/cipher/md.c
-===================================================================
--- libgcrypt-1.11.0.orig/cipher/md.c
-+++ libgcrypt-1.11.0/cipher/md.c
-@@ -275,6 +275,7 @@ struct gcry_md_context
-     unsigned int finalized:1;
-     unsigned int bugemu1:1;
-     unsigned int hmac:1;
-+    unsigned int reject_non_fips:1;
-   } flags;
-   size_t actual_handle_size;     /* Allocated size of this handle. */
-   FILE  *debug;
-@@ -285,7 +286,7 @@ struct gcry_md_context
- #define CTX_MAGIC_NORMAL 0x11071961
- #define CTX_MAGIC_SECURE 0x16917011
- 
-static gcry_err_code_t md_enable (gcry_md_hd_t hd, int algo, int no_reject);
-+static gcry_err_code_t md_enable (gcry_md_hd_t hd, int algo);
- static void md_close (gcry_md_hd_t a);
- static void md_write (gcry_md_hd_t a, const void *inbuf, size_t inlen);
- static byte *md_read( gcry_md_hd_t a, int algo );
-@@ -508,6 +509,7 @@ md_open (gcry_md_hd_t *h, int algo, unsi
-       ctx->flags.secure = secure;
-       ctx->flags.hmac = hmac;
-       ctx->flags.bugemu1 = !!(flags & GCRY_MD_FLAG_BUGEMU1);
-+      ctx->flags.reject_non_fips = !!(flags & GCRY_MD_FLAG_REJECT_NON_FIPS);
-     }
- 
-   if (! err)
-@@ -517,8 +519,7 @@ md_open (gcry_md_hd_t *h, int algo, unsi
- 
-       if (algo)
- 	{
-	  err = md_enable (hd, algo,
-                           !!(flags & GCRY_MD_FLAG_FIPS_NO_REJECTION));
-+	  err = md_enable (hd, algo);
- 	  if (err)
- 	    md_close (hd);
- 	}
-@@ -543,24 +544,44 @@ _gcry_md_open (gcry_md_hd_t *h, int algo
- 
-   if ((flags & ~(GCRY_MD_FLAG_SECURE
-                  | GCRY_MD_FLAG_HMAC
-+                 | GCRY_MD_FLAG_REJECT_NON_FIPS
-                  | GCRY_MD_FLAG_BUGEMU1)))
-     rc = GPG_ERR_INV_ARG;
-   else
-     rc = md_open (&hd, algo, flags);
- 
-   *h = rc? NULL : hd;
-+
-+  if (!rc && fips_mode ())
-+    {
-+      GcryDigestEntry *entry = hd->ctx->list;
-+      /* No ENTRY means that ALGO==0.
-+         It's not yet known, if it's FIPS compliant or not.  */
-+      int is_compliant_algo = 1;
-+
-+      if (entry)
-+        {
-+          const gcry_md_spec_t *spec = entry->spec;
-+          is_compliant_algo = spec->flags.fips;
-+        }
-+
-+      if (!is_compliant_algo)
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-+
-   return rc;
- }
- 
- 
- 
- static gcry_err_code_t
-md_enable (gcry_md_hd_t hd, int algorithm, int no_reject)
-+md_enable (gcry_md_hd_t hd, int algorithm)
- {
-   struct gcry_md_context *h = hd->ctx;
-   const gcry_md_spec_t *spec;
-   GcryDigestEntry *entry;
-   gcry_err_code_t err = 0;
-+  int reject_non_fips = h->flags.reject_non_fips;
- 
-   for (entry = h->list; entry; entry = entry->next)
-     if (entry->spec->algo == algorithm)
-@@ -577,7 +598,7 @@ md_enable (gcry_md_hd_t hd, int algorith
-     err = GPG_ERR_DIGEST_ALGO;
- 
-   /* Any non-FIPS algorithm should go this way */
-  if (!err && !no_reject && !spec->flags.fips && fips_mode ())
-+  if (!err && reject_non_fips && !spec->flags.fips && fips_mode ())
-     err = GPG_ERR_DIGEST_ALGO;
- 
-   if (!err && h->flags.hmac && spec->read == NULL)
-@@ -620,7 +641,26 @@ md_enable (gcry_md_hd_t hd, int algorith
- gcry_err_code_t
- _gcry_md_enable (gcry_md_hd_t hd, int algorithm)
- {
-  return md_enable (hd, algorithm, 0);
-+  gcry_err_code_t rc;
-+
-+  rc = md_enable (hd, algorithm);
-+  if (!rc && fips_mode ())
-+    {
-+      GcryDigestEntry *entry = hd->ctx->list;
-+      /* No ENTRY means, something goes wrong.  */
-+      int is_compliant_algo = 0;
-+
-+      if (entry)
-+        {
-+          const gcry_md_spec_t *spec = entry->spec;
-+          is_compliant_algo = spec->flags.fips;
-+        }
-+
-+      if (!is_compliant_algo)
-+        fips_service_indicator_mark_non_compliant ();
-+    }
-+
-+  return rc;
- }
- 
- 
-@@ -1274,7 +1314,7 @@ _gcry_md_hash_buffer (int algo, void *di
-       gcry_md_hd_t h;
-       gpg_err_code_t err;
- 
-      err = md_open (&h, algo, GCRY_MD_FLAG_FIPS_NO_REJECTION);
-+      err = md_open (&h, algo, 0);
-       if (err)
-         log_bug ("gcry_md_open failed for algo %d: %s",
-                 algo, gpg_strerror (gcry_error(err)));
-@@ -1355,8 +1395,7 @@ _gcry_md_hash_buffers_extract (int algo,
-       gcry_md_hd_t h;
-       gpg_err_code_t rc;
- 
-      rc = md_open (&h, algo, ((hmac? GCRY_MD_FLAG_HMAC:0)
-                               | GCRY_MD_FLAG_FIPS_NO_REJECTION));
-+      rc = md_open (&h, algo, (hmac? GCRY_MD_FLAG_HMAC:0));
-       if (rc)
-         return rc;
- 
-Index: libgcrypt-1.11.0/cipher/md5.c
-===================================================================
--- libgcrypt-1.11.0.orig/cipher/md5.c
-+++ libgcrypt-1.11.0/cipher/md5.c
-@@ -314,7 +314,7 @@ static const gcry_md_oid_spec_t oid_spec
- 
- const gcry_md_spec_t _gcry_digest_spec_md5 =
-   {
-    GCRY_MD_MD5, {0, 1},
-+    GCRY_MD_MD5, {0, 0},
-     "MD5", asn, DIM (asn), oid_spec_md5, 16,
-     md5_init, _gcry_md_block_write, md5_final, md5_read, NULL,
-     NULL,
-Index: libgcrypt-1.11.0/src/gcrypt.h.in
-===================================================================
--- libgcrypt-1.11.0.orig/src/gcrypt.h.in
-+++ libgcrypt-1.11.0/src/gcrypt.h.in
-@@ -1320,7 +1320,7 @@ enum gcry_md_flags
-   {
-     GCRY_MD_FLAG_SECURE = 1,  /* Allocate all buffers in "secure" memory.  */
-     GCRY_MD_FLAG_HMAC   = 2,  /* Make an HMAC out of this algorithm.  */
-    GCRY_MD_FLAG_FIPS_NO_REJECTION = 4,  /* Don't reject for FIPS.  */
-+    GCRY_MD_FLAG_REJECT_NON_FIPS = 4,  /* Reject non-FIPS-compliant algo.  */
-     GCRY_MD_FLAG_BUGEMU1 = 0x0100
-   };
- 
-Index: libgcrypt-1.11.0/src/visibility.c
-===================================================================
--- libgcrypt-1.11.0.orig/src/visibility.c
-+++ libgcrypt-1.11.0/src/visibility.c
-@@ -1204,7 +1204,7 @@ gcry_md_open (gcry_md_hd_t *h, int algo,
-       *h = NULL;
-       return gpg_error (fips_not_operational ());
-     }
-
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_md_open (h, algo, flags));
- }
- 
-@@ -1219,6 +1219,7 @@ gcry_md_enable (gcry_md_hd_t hd, int alg
- {
-   if (!fips_is_operational ())
-     return gpg_error (fips_not_operational ());
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_md_enable (hd, algo));
- }
- 
-@@ -1382,8 +1383,9 @@ gcry_md_setkey (gcry_md_hd_t hd, const v
-   if (!fips_is_operational ())
-     return gpg_error (fips_not_operational ());
- 
-+  fips_service_indicator_init ();
-   if (fips_mode () && keylen < 14)
-    return GPG_ERR_INV_VALUE;
-+    fips_service_indicator_mark_non_compliant ();
- 
-   return gpg_error (_gcry_md_setkey (hd, key, keylen));
- }
-Index: libgcrypt-1.11.0/tests/t-digest.c
-===================================================================
--- libgcrypt-1.11.0.orig/tests/t-digest.c
-+++ libgcrypt-1.11.0/tests/t-digest.c
-@@ -48,8 +48,7 @@ check_digests (void)
-     const char *expect;
-     int expect_failure;
-   } tv[] = {
-#undef ENABLE_THIS_AFTER_T6376_CHANGE_REVISED
-#ifdef ENABLE_THIS_AFTER_T6376_CHANGE_REVISED
-+#if USE_MD5
-     { GCRY_MD_MD5, "abc", 3,
-       "\x90\x01\x50\x98\x3C\xD2\x4F\xB0\xD6\x96\x3F\x7D\x28\xE1\x7F\x72", 1 },
- #endif
-Index: libgcrypt-1.11.0/tests/t-kdf.c
-===================================================================
--- libgcrypt-1.11.0.orig/tests/t-kdf.c
-+++ libgcrypt-1.11.0/tests/t-kdf.c
-@@ -2008,6 +2008,18 @@ check_fips_gcry_kdf_derive (void)
-       "\xd8\x36\x62",
-       1 /* not-compliant because key size too small */
-     },
-+    {
-+      "passwordPASSWORDpassword", 24,
-+      GCRY_KDF_PBKDF2, GCRY_MD_BLAKE2B_512,
-+      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-+      4096,
-+      60,
-+      "\xa4\x6b\x53\x35\xdb\xdd\xa3\xd2\x5d\x19\xbb\x11\xfe\xdd\xd9\x9e"
-+      "\x45\x2a\x7c\x34\x47\x41\x98\xca\x31\x74\xb6\x34\x22\xac\x83\xb0"
-+      "\x38\x6e\xf5\x93\x0f\xf5\x16\x46\x0b\x97\xdc\x6c\x27\x5b\xe7\x25"
-+      "\xc2\xcb\xec\x50\x02\xc6\x52\x8b\x34\x68\x53\x65",
-+      1 /* not-compliant because subalgo is not the one of approved */
-+    }
-   };
- 
-   int tvidx;
--- a/libgcrypt-fips-md-gcry_md_copy-should-care-about-FIPS-service-indicator.patch
+++ b/libgcrypt-fips-md-gcry_md_copy-should-care-about-FIPS-service-indicator.patch
@@ -1,85 +0,0 @@
-From 60db2a175d120aba6818de49638b36006878abf7 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Wed, 18 Dec 2024 14:14:37 +0900
-Subject: [PATCH 10/19] fips,md: gcry_md_copy should care about FIPS service
- indicator.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/md.c (md_copy): In a case of non-compliant, mark with
-fips_service_indicator_mark_non_compliant.
-* src/visibility.c (gcry_md_copy): Initialize the indicator.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/md.c      | 11 +++++++++++
- src/visibility.c |  1 +
- 2 files changed, 12 insertions(+)
-
-diff --git a/cipher/md.c b/cipher/md.c
-index 666e1dfa..08a564ad 100644
--- a/cipher/md.c
-+++ b/cipher/md.c
-@@ -673,6 +673,7 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
-   GcryDigestEntry *ar, *br;
-   gcry_md_hd_t bhd;
-   size_t n;
-+  int is_compliant_algo = 1;
- 
-   if (ahd->bufpos)
-     md_write (ahd, NULL, 0);
-@@ -699,10 +700,15 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
-   b->list = NULL;
-   b->debug = NULL;
- 
-+  if (!a->list)
-+    is_compliant_algo = 0;
-+
-   /* Copy the complete list of algorithms.  The copied list is
-      reversed, but that doesn't matter. */
-   for (ar = a->list; ar; ar = ar->next)
-     {
-+      const gcry_md_spec_t *spec = ar->spec;
-+
-       if (a->flags.secure)
-         br = xtrymalloc_secure (ar->actual_struct_size);
-       else
-@@ -714,6 +720,8 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
-           goto leave;
-         }
- 
-+      is_compliant_algo &= spec->flags.fips;
-+
-       memcpy (br, ar, ar->actual_struct_size);
-       br->next = b->list;
-       b->list = br;
-@@ -724,6 +732,9 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t *b_hd)
- 
-   *b_hd = bhd;
- 
-+  if (!is_compliant_algo)
-+    fips_service_indicator_mark_non_compliant ();
-+
-  leave:
-   return err;
- }
-diff --git a/src/visibility.c b/src/visibility.c
-index d219f1a6..c9d07f0b 100644
--- a/src/visibility.c
-+++ b/src/visibility.c
-@@ -1232,6 +1232,7 @@ gcry_md_copy (gcry_md_hd_t *bhd, gcry_md_hd_t ahd)
-       *bhd = NULL;
-       return gpg_error (fips_not_operational ());
-     }
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_md_copy (bhd, ahd));
- }
- 
-- 
-2.49.0
-
--- a/libgcrypt-fips-tests-Add-t-digest.patch
+++ b/libgcrypt-fips-tests-Add-t-digest.patch
@@ -1,243 +0,0 @@
-From 7faf542f157330f3b247fa2542182ac805f06737 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Mon, 9 Dec 2024 14:05:59 +0900
-Subject: [PATCH 5/5] fips,tests: Add t-digest.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* tests/Makefile.am (tests_bin): Add t-digest.
-* tests/t-digest.c: New.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- tests/Makefile.am |   2 +-
- tests/t-digest.c  | 199 ++++++++++++++++++++++++++++++++++++++++++++++
- 2 files changed, 200 insertions(+), 1 deletion(-)
- create mode 100644 tests/t-digest.c
-
-diff --git a/tests/Makefile.am b/tests/Makefile.am
-index 52f7dd61..93774fe9 100644
--- a/tests/Makefile.am
-+++ b/tests/Makefile.am
-@@ -25,7 +25,7 @@ tests_bin = \
-         version t-secmem mpitests t-sexp t-convert \
- 	t-mpi-bit t-mpi-point t-lock \
- 	prime basic keygen pubkey hmac hashtest t-kdf keygrip \
-	aeswrap random t-kem t-mlkem t-thread-local
-+	aeswrap random t-kem t-mlkem t-thread-local t-digest
- 
- if USE_RSA
- tests_bin += pkcs1v2 t-rsa-pss t-rsa-15 t-rsa-testparm
-diff --git a/tests/t-digest.c b/tests/t-digest.c
-new file mode 100644
-index 00000000..3a94fa69
--- /dev/null
-+++ b/tests/t-digest.c
-@@ -0,0 +1,199 @@
-+/* t-digest.c - MD regression tests
-+ * Copyright (C) 2024 g10 Code GmbH
-+ *
-+ * This file is part of Libgcrypt.
-+ *
-+ * Libgcrypt is free software; you can redistribute it and/or modify
-+ * it under the terms of the GNU Lesser General Public License as
-+ * published by the Free Software Foundation; either version 2.1 of
-+ * the License, or (at your option) any later version.
-+ *
-+ * Libgcrypt is distributed in the hope that it will be useful,
-+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
-+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-+ * GNU Lesser General Public License for more details.
-+ *
-+ * You should have received a copy of the GNU Lesser General Public License
-+ * along with this program; if not, see <https://www.gnu.org/licenses/>.
-+ * SPDX-License-Identifier: LGPL-2.1+
-+ */
-+
-+#ifdef HAVE_CONFIG_H
-+#include <config.h>
-+#endif
-+#include <stdarg.h>
-+#include <stdio.h>
-+#include <stdlib.h>
-+#include <string.h>
-+#include <assert.h>
-+
-+#define PGM "t-digest"
-+
-+#include "t-common.h"
-+static int in_fips_mode;
-+
-+/* Mingw requires us to include windows.h after winsock2.h which is
-+   included by gcrypt.h.  */
-+#ifdef _WIN32
-+# include <windows.h>
-+#endif
-+
-+static void
-+check_digests (void)
-+{
-+  static struct {
-+    int algo;
-+    const char *data;
-+    int datalen;
-+    const char *expect;
-+    int expect_failure;
-+  } tv[] = {
-+#undef ENABLE_THIS_AFTER_T6376_CHANGE_REVISED
-+#ifdef ENABLE_THIS_AFTER_T6376_CHANGE_REVISED
-+    { GCRY_MD_MD5, "abc", 3,
-+      "\x90\x01\x50\x98\x3C\xD2\x4F\xB0\xD6\x96\x3F\x7D\x28\xE1\x7F\x72", 1 },
-+#endif
-+    { GCRY_MD_SHA1, "abc", 3,
-+      "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
-+      "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" },
-+    { GCRY_MD_SHA256, "abc", 3,
-+      "\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23"
-+      "\xb0\x03\x61\xa3\x96\x17\x7a\x9c\xb4\x10\xff\x61\xf2\x00\x15\xad" },
-+    { GCRY_MD_SHA384, "abc", 3,
-+      "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50\x07"
-+      "\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff\x5b\xed"
-+      "\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34\xc8\x25\xa7" },
-+    { GCRY_MD_SHA512, "abc", 3,
-+      "\xDD\xAF\x35\xA1\x93\x61\x7A\xBA\xCC\x41\x73\x49\xAE\x20\x41\x31"
-+      "\x12\xE6\xFA\x4E\x89\xA9\x7E\xA2\x0A\x9E\xEE\xE6\x4B\x55\xD3\x9A"
-+      "\x21\x92\x99\x2A\x27\x4F\xC1\xA8\x36\xBA\x3C\x23\xA3\xFE\xEB\xBD"
-+      "\x45\x4D\x44\x23\x64\x3C\xE8\x0E\x2A\x9A\xC9\x4F\xA5\x4C\xA4\x9F" },
-+    { GCRY_MD_SHA3_256, "abc", 3,
-+      "\x3a\x98\x5d\xa7\x4f\xe2\x25\xb2\x04\x5c\x17\x2d\x6b\xd3\x90\xbd"
-+      "\x85\x5f\x08\x6e\x3e\x9d\x52\x5b\x46\xbf\xe2\x45\x11\x43\x15\x32" },
-+    { GCRY_MD_SHA3_384, "abc", 3,
-+      "\xec\x01\x49\x82\x88\x51\x6f\xc9\x26\x45\x9f\x58\xe2\xc6\xad\x8d"
-+      "\xf9\xb4\x73\xcb\x0f\xc0\x8c\x25\x96\xda\x7c\xf0\xe4\x9b\xe4\xb2"
-+      "\x98\xd8\x8c\xea\x92\x7a\xc7\xf5\x39\xf1\xed\xf2\x28\x37\x6d\x25" },
-+    { GCRY_MD_SHA3_512, "abc", 3,
-+      "\xb7\x51\x85\x0b\x1a\x57\x16\x8a\x56\x93\xcd\x92\x4b\x6b\x09\x6e"
-+      "\x08\xf6\x21\x82\x74\x44\xf7\x0d\x88\x4f\x5d\x02\x40\xd2\x71\x2e"
-+      "\x10\xe1\x16\xe9\x19\x2a\xf3\xc9\x1a\x7e\xc5\x76\x47\xe3\x93\x40"
-+      "\x57\x34\x0b\x4c\xf4\x08\xd5\xa5\x65\x92\xf8\x27\x4e\xec\x53\xf0" },
-+    { GCRY_MD_RMD160, "abc", 3,
-+      "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04"
-+      "\x4a\x8e\x98\xc6\xb0\x87\xf1\x5a\x0b\xfc", 1 },
-+  };
-+  int tvidx;
-+  unsigned char hash[64];
-+  int expectlen;
-+
-+  for (tvidx=0; tvidx < DIM(tv); tvidx++)
-+    {
-+      gpg_err_code_t ec;
-+
-+      if (verbose)
-+        fprintf (stderr, "checking gcry_md_hash_buffer test %d\n",
-+                 tvidx);
-+
-+      expectlen = gcry_md_get_algo_dlen (tv[tvidx].algo);
-+      assert (expectlen != 0);
-+      assert (expectlen <= sizeof hash);
-+      gcry_md_hash_buffer (tv[tvidx].algo, hash,
-+                           tv[tvidx].data, tv[tvidx].datalen);
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_md_hash_buffer test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          continue;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_md_hash_buffer test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          continue;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_md_hash_buffer test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          continue;
-+        }
-+
-+      if (memcmp (hash, tv[tvidx].expect, expectlen))
-+        {
-+          int i;
-+
-+          fail ("gcry_md_hash_buffer test %d failed: mismatch\n", tvidx);
-+          fputs ("got:", stderr);
-+          for (i=0; i < expectlen; i++)
-+            fprintf (stderr, " %02x", hash[i]);
-+          putc ('\n', stderr);
-+        }
-+    }
-+}
-+
-+
-+int
-+main (int argc, char **argv)
-+{
-+  int last_argc = -1;
-+
-+  if (argc)
-+    { argc--; argv++; }
-+
-+  while (argc && last_argc != argc)
-+    {
-+      last_argc = argc;
-+      if (!strcmp (*argv, "--"))
-+        {
-+          argc--; argv++;
-+          break;
-+        }
-+      else if (!strcmp (*argv, "--help"))
-+        {
-+          fputs ("usage: " PGM " [options]\n"
-+                 "Options:\n"
-+                 "  --verbose       print timings etc.\n"
-+                 "  --debug         flyswatter\n",
-+                 stdout);
-+          exit (0);
-+        }
-+      else if (!strcmp (*argv, "--verbose"))
-+        {
-+          verbose++;
-+          argc--; argv++;
-+        }
-+      else if (!strcmp (*argv, "--debug"))
-+        {
-+          verbose += 2;
-+          debug++;
-+          argc--; argv++;
-+        }
-+      else if (!strncmp (*argv, "--", 2))
-+        die ("unknown option '%s'", *argv);
-+    }
-+
-+  if (!gcry_check_version (GCRYPT_VERSION))
-+    die ("version mismatch\n");
-+
-+  if (gcry_fips_mode_active ())
-+    in_fips_mode = 1;
-+
-+  if (!in_fips_mode)
-+    xgcry_control ((GCRYCTL_DISABLE_SECMEM, 0));
-+
-+  xgcry_control ((GCRYCTL_INITIALIZATION_FINISHED, 0));
-+  if (debug)
-+    xgcry_control ((GCRYCTL_SET_DEBUG_FLAGS, 1u , 0));
-+
-+  check_digests ();
-+
-+  return !!error_count;
-+}
-- 
-2.49.0
-
--- a/libgcrypt-fips-tests-Add-tests-for-md_open-write-read-close-for-t-digest.patch
+++ b/libgcrypt-fips-tests-Add-tests-for-md_open-write-read-close-for-t-digest.patch
@@ -1,172 +0,0 @@
-From 917fc6000dfebd8854f0d1c220b85dec0dbf4676 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Fri, 13 Dec 2024 11:54:31 +0900
-Subject: [PATCH 03/19] fips,tests: Add tests for md_open/write/read/close for
- t-digest.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* tests/t-digest.c (check_md_o_w_r_c): New.
-(main): Call check_md_o_w_r_c.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- tests/t-digest.c | 133 +++++++++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 133 insertions(+)
-
-Index: libgcrypt-1.11.0/tests/t-digest.c
-===================================================================
--- libgcrypt-1.11.0.orig/tests/t-digest.c
-+++ libgcrypt-1.11.0/tests/t-digest.c
-@@ -39,6 +39,138 @@ static int in_fips_mode;
- #endif
- 
- static void
-+check_md_o_w_r_c (void)
-+{
-+  static struct {
-+    int algo;
-+    const char *data;
-+    int datalen;
-+    const char *expect;
-+    int expect_failure;
-+    unsigned int flags;
-+  } tv[] = {
-+#if USE_MD5
-+    { GCRY_MD_MD5, "abc", 3,
-+      "\x90\x01\x50\x98\x3C\xD2\x4F\xB0\xD6\x96\x3F\x7D\x28\xE1\x7F\x72", 1 },
-+    { GCRY_MD_MD5, "abc", 3,
-+      "\x90\x01\x50\x98\x3C\xD2\x4F\xB0\xD6\x96\x3F\x7D\x28\xE1\x7F\x72", 1,
-+      GCRY_MD_FLAG_REJECT_NON_FIPS },
-+#endif
-+#if USE_SHA1
-+    { GCRY_MD_SHA1, "abc", 3,
-+      "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
-+      "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" },
-+#endif
-+    { GCRY_MD_SHA256, "abc", 3,
-+      "\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23"
-+      "\xb0\x03\x61\xa3\x96\x17\x7a\x9c\xb4\x10\xff\x61\xf2\x00\x15\xad" },
-+    { GCRY_MD_SHA384, "abc", 3,
-+      "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50\x07"
-+      "\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff\x5b\xed"
-+      "\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34\xc8\x25\xa7" },
-+    { GCRY_MD_SHA512, "abc", 3,
-+      "\xDD\xAF\x35\xA1\x93\x61\x7A\xBA\xCC\x41\x73\x49\xAE\x20\x41\x31"
-+      "\x12\xE6\xFA\x4E\x89\xA9\x7E\xA2\x0A\x9E\xEE\xE6\x4B\x55\xD3\x9A"
-+      "\x21\x92\x99\x2A\x27\x4F\xC1\xA8\x36\xBA\x3C\x23\xA3\xFE\xEB\xBD"
-+      "\x45\x4D\x44\x23\x64\x3C\xE8\x0E\x2A\x9A\xC9\x4F\xA5\x4C\xA4\x9F" },
-+    { GCRY_MD_SHA3_256, "abc", 3,
-+      "\x3a\x98\x5d\xa7\x4f\xe2\x25\xb2\x04\x5c\x17\x2d\x6b\xd3\x90\xbd"
-+      "\x85\x5f\x08\x6e\x3e\x9d\x52\x5b\x46\xbf\xe2\x45\x11\x43\x15\x32" },
-+    { GCRY_MD_SHA3_384, "abc", 3,
-+      "\xec\x01\x49\x82\x88\x51\x6f\xc9\x26\x45\x9f\x58\xe2\xc6\xad\x8d"
-+      "\xf9\xb4\x73\xcb\x0f\xc0\x8c\x25\x96\xda\x7c\xf0\xe4\x9b\xe4\xb2"
-+      "\x98\xd8\x8c\xea\x92\x7a\xc7\xf5\x39\xf1\xed\xf2\x28\x37\x6d\x25" },
-+    { GCRY_MD_SHA3_512, "abc", 3,
-+      "\xb7\x51\x85\x0b\x1a\x57\x16\x8a\x56\x93\xcd\x92\x4b\x6b\x09\x6e"
-+      "\x08\xf6\x21\x82\x74\x44\xf7\x0d\x88\x4f\x5d\x02\x40\xd2\x71\x2e"
-+      "\x10\xe1\x16\xe9\x19\x2a\xf3\xc9\x1a\x7e\xc5\x76\x47\xe3\x93\x40"
-+      "\x57\x34\x0b\x4c\xf4\x08\xd5\xa5\x65\x92\xf8\x27\x4e\xec\x53\xf0" }
-+#if USE_RMD160
-+    ,
-+    { GCRY_MD_RMD160, "abc", 3,
-+      "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04"
-+      "\x4a\x8e\x98\xc6\xb0\x87\xf1\x5a\x0b\xfc", 1 }
-+#endif
-+  };
-+  int tvidx;
-+  unsigned char *hash;
-+  int expectlen;
-+  gpg_error_t err;
-+
-+  for (tvidx=0; tvidx < DIM(tv); tvidx++)
-+    {
-+      gpg_err_code_t ec;
-+      gcry_md_hd_t h;
-+
-+      if (verbose)
-+        fprintf (stderr, "checking gcry_md_open test %d\n",
-+                 tvidx);
-+
-+      expectlen = gcry_md_get_algo_dlen (tv[tvidx].algo);
-+      assert (expectlen != 0);
-+      err = gcry_md_open (&h, tv[tvidx].algo, tv[tvidx].flags);
-+      if (err)
-+        {
-+          if (in_fips_mode && (tv[tvidx].flags & GCRY_MD_FLAG_REJECT_NON_FIPS)
-+              && tv[tvidx].expect_failure)
-+            /* Here, an error is expected */
-+            ;
-+          else
-+            fail ("gcry_md_open test %d unexpectedly failed: %s\n",
-+                  tvidx, gpg_strerror (err));
-+          continue;
-+        }
-+      else
-+        {
-+          if (in_fips_mode && (tv[tvidx].flags & GCRY_MD_FLAG_REJECT_NON_FIPS)
-+              && tv[tvidx].expect_failure)
-+            /* This case, an error is expected, but we observed success */
-+            fail ("gcry_md_open test %d unexpectedly succeeded\n", tvidx);
-+        }
-+
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_md_open test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          continue;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_md_open test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          continue;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_md_open test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          continue;
-+        }
-+
-+      gcry_md_write (h, tv[tvidx].data, tv[tvidx].datalen);
-+      hash = gcry_md_read (h, tv[tvidx].algo);
-+      if (memcmp (hash, tv[tvidx].expect, expectlen))
-+        {
-+          int i;
-+
-+          fail ("gcry_md_open test %d failed: mismatch\n", tvidx);
-+          fputs ("got:", stderr);
-+          for (i=0; i < expectlen; i++)
-+            fprintf (stderr, " %02x", hash[i]);
-+          putc ('\n', stderr);
-+        }
-+
-+      gcry_md_close (h);
-+    }
-+}
-+
-+static void
- check_digests (void)
- {
-   static struct {
-@@ -194,6 +326,7 @@ main (int argc, char **argv)
-     xgcry_control ((GCRYCTL_SET_DEBUG_FLAGS, 1u , 0));
- 
-   check_digests ();
-+  check_md_o_w_r_c ();
- 
-   return !!error_count;
- }
--- a/libgcrypt-jitterentropy-3.4.0.patch
+++ b/libgcrypt-jitterentropy-3.4.0.patch
@@ -1,618 +0,0 @@
-Index: libgcrypt-1.10.0/random/jitterentropy-base.c
-===================================================================
--- libgcrypt-1.10.0.orig/random/jitterentropy-base.c
-+++ libgcrypt-1.10.0/random/jitterentropy-base.c
-@@ -42,7 +42,7 @@
- 		      * require consumer to be updated (as long as this number
- 		      * is zero, the API is not considered stable and can
- 		      * change without a bump of the major version) */
-#define MINVERSION 3 /* API compatible, ABI may change, functional
-+#define MINVERSION 4 /* API compatible, ABI may change, functional
- 		      * enhancements only, consumer can be left unchanged if
- 		      * enhancements are not considered */
- #define PATCHLEVEL 0 /* API / ABI compatible, no functional changes, no
-@@ -200,29 +200,38 @@ ssize_t jent_read_entropy(struct rand_da
- 			tocopy = (DATA_SIZE_BITS / 8);
- 		else
- 			tocopy = len;
-		memcpy(p, &ec->data, tocopy);
-+
-+		jent_read_random_block(ec, p, tocopy);
- 
- 		len -= tocopy;
- 		p += tocopy;
- 	}
- 
- 	/*
-	 * To be on the safe side, we generate one more round of entropy
-	 * which we do not give out to the caller. That round shall ensure
-	 * that in case the calling application crashes, memory dumps, pages
-	 * out, or due to the CPU Jitter RNG lingering in memory for long
-	 * time without being moved and an attacker cracks the application,
-	 * all he reads in the entropy pool is a value that is NEVER EVER
-	 * being used for anything. Thus, he does NOT see the previous value
-	 * that was returned to the caller for cryptographic purposes.
-+	 * Enhanced backtracking support: At this point, the hash state
-+	 * contains the digest of the previous Jitter RNG collection round
-+	 * which is inserted there by jent_read_random_block with the SHA
-+	 * update operation. At the current code location we completed
-+	 * one request for a caller and we do not know how long it will
-+	 * take until a new request is sent to us. To guarantee enhanced
-+	 * backtracking resistance at this point (i.e. ensure that an attacker
-+	 * cannot obtain information about prior random numbers we generated),
-+	 * but still stirring the hash state with old data the Jitter RNG
-+	 * obtains a new message digest from its state and re-inserts it.
-+	 * After this operation, the Jitter RNG state is still stirred with
-+	 * the old data, but an attacker who gets access to the memory after
-+	 * this point cannot deduce the random numbers produced by the
-+	 * Jitter RNG prior to this point.
- 	 */
- 	/*
-	 * If we use secured memory, do not use that precaution as the secure
-	 * memory protects the entropy pool. Moreover, note that using this
-	 * call reduces the speed of the RNG by up to half
-+	 * If we use secured memory, where backtracking support may not be
-+	 * needed because the state is protected in a different method,
-+	 * it is permissible to drop this support. But strongly weigh the
-+	 * pros and cons considering that the SHA3 operation is not that
-+	 * expensive.
- 	 */
- #ifndef JENT_CPU_JITTERENTROPY_SECURE_MEMORY
-	jent_random_data(ec);
-+	jent_read_random_block(ec, NULL, 0);
- #endif
- 
- err:
-@@ -379,6 +388,7 @@ static struct rand_data
- *jent_entropy_collector_alloc_internal(unsigned int osr, unsigned int flags)
- {
- 	struct rand_data *entropy_collector;
-+	uint32_t memsize = 0;
- 
- 	/*
- 	 * Requesting disabling and forcing of internal timer
-@@ -405,7 +415,7 @@ static struct rand_data
- 		return NULL;
- 
- 	if (!(flags & JENT_DISABLE_MEMORY_ACCESS)) {
-		uint32_t memsize = jent_memsize(flags);
-+		memsize = jent_memsize(flags);
- 
- 		entropy_collector->mem = _gcry_calloc (1, memsize);
- 
-@@ -431,13 +441,19 @@ static struct rand_data
- 		entropy_collector->memaccessloops = JENT_MEMORY_ACCESSLOOPS;
- 	}
- 
-+	if (sha3_alloc(&entropy_collector->hash_state))
-+		goto err;
-+
-+	/* Initialize the hash state */
-+	sha3_256_init(entropy_collector->hash_state);
-+
- 	/* verify and set the oversampling rate */
- 	if (osr < JENT_MIN_OSR)
- 		osr = JENT_MIN_OSR;
- 	entropy_collector->osr = osr;
- 	entropy_collector->flags = flags;
- 
-	if (jent_fips_enabled() || (flags & JENT_FORCE_FIPS))
-+	if ((flags & JENT_FORCE_FIPS) || jent_fips_enabled())
- 		entropy_collector->fips_enabled = 1;
- 
- 	/* Initialize the APT */
-@@ -469,7 +485,7 @@ static struct rand_data
- 
- err:
- 	if (entropy_collector->mem != NULL)
-		jent_zfree(entropy_collector->mem, JENT_MEMORY_SIZE);
-+		jent_zfree(entropy_collector->mem, memsize);
- 	jent_zfree(entropy_collector, sizeof(struct rand_data));
- 	return NULL;
- }
-@@ -511,6 +527,7 @@ JENT_PRIVATE_STATIC
- void jent_entropy_collector_free(struct rand_data *entropy_collector)
- {
- 	if (entropy_collector != NULL) {
-+		sha3_dealloc(entropy_collector->hash_state);
- 		jent_notime_disable(entropy_collector);
- 		if (entropy_collector->mem != NULL) {
- 			jent_zfree(entropy_collector->mem,
-@@ -664,6 +681,7 @@ static inline int jent_entropy_init_comm
- 	int ret;
- 
- 	jent_notime_block_switch();
-+	jent_health_cb_block_switch();
- 
- 	if (sha3_tester())
- 		return EHASH;
-@@ -710,6 +728,8 @@ int jent_entropy_init_ex(unsigned int os
- 	if (ret)
- 		return ret;
- 
-+	ret = ENOTIME;
-+
- 	/* Test without internal timer unless caller does not want it */
- 	if (!(flags & JENT_FORCE_INTERNAL_TIMER))
- 		ret = jent_time_entropy_init(osr,
-@@ -732,3 +752,9 @@ int jent_entropy_switch_notime_impl(stru
- 	return jent_notime_switch(new_thread);
- }
- #endif
-+
-+JENT_PRIVATE_STATIC
-+int jent_set_fips_failure_callback(jent_fips_failure_cb cb)
-+{
-+	return jent_set_fips_failure_callback_internal(cb);
-+}
-Index: libgcrypt-1.10.0/random/jitterentropy-gcd.c
-===================================================================
--- libgcrypt-1.10.0.orig/random/jitterentropy-gcd.c
-+++ libgcrypt-1.10.0/random/jitterentropy-gcd.c
-@@ -113,12 +113,8 @@ int jent_gcd_analyze(uint64_t *delta_his
- 		goto out;
- 	}
- 
-	/*
-	 * Ensure that we have variations in the time stamp below 100 for at
-	 * least 10% of all checks -- on some platforms, the counter increments
-	 * in multiples of 100, but not always
-	 */
-	if (running_gcd >= 100) {
-+	/* Set a sensible maximum value. */
-+	if (running_gcd >= UINT32_MAX / 2) {
- 		ret = ECOARSETIME;
- 		goto out;
- 	}
-Index: libgcrypt-1.10.0/random/jitterentropy-health.c
-===================================================================
--- libgcrypt-1.10.0.orig/random/jitterentropy-health.c
-+++ libgcrypt-1.10.0/random/jitterentropy-health.c
-@@ -19,9 +19,24 @@
-  * DAMAGE.
-  */
- 
-#include "jitterentropy.h"
- #include "jitterentropy-health.h"
- 
-+static jent_fips_failure_cb fips_cb = NULL;
-+static int jent_health_cb_switch_blocked = 0;
-+
-+void jent_health_cb_block_switch(void)
-+{
-+	jent_health_cb_switch_blocked = 1;
-+}
-+
-+int jent_set_fips_failure_callback_internal(jent_fips_failure_cb cb)
-+{
-+	if (jent_health_cb_switch_blocked)
-+		return -EAGAIN;
-+	fips_cb = cb;
-+	return 0;
-+}
-+
- /***************************************************************************
-  * Lag Predictor Test
-  *
-@@ -434,5 +449,9 @@ unsigned int jent_health_failure(struct
- 	if (!ec->fips_enabled)
- 		return 0;
- 
-+	if (fips_cb && ec->health_failure) {
-+		fips_cb(ec, ec->health_failure);
-+	}
-+
- 	return ec->health_failure;
- }
-Index: libgcrypt-1.10.0/random/jitterentropy-health.h
-===================================================================
--- libgcrypt-1.10.0.orig/random/jitterentropy-health.h
-+++ libgcrypt-1.10.0/random/jitterentropy-health.h
-@@ -20,11 +20,16 @@
- #ifndef JITTERENTROPY_HEALTH_H
- #define JITTERENTROPY_HEALTH_H
- 
-+#include "jitterentropy.h"
-+
- #ifdef __cplusplus
- extern "C"
- {
- #endif
- 
-+void jent_health_cb_block_switch(void);
-+int jent_set_fips_failure_callback_internal(jent_fips_failure_cb cb);
-+
- static inline uint64_t jent_delta(uint64_t prev, uint64_t next)
- {
- 	return (next - prev);
-Index: libgcrypt-1.10.0/random/jitterentropy-noise.c
-===================================================================
--- libgcrypt-1.10.0.orig/random/jitterentropy-noise.c
-+++ libgcrypt-1.10.0/random/jitterentropy-noise.c
-@@ -33,7 +33,7 @@
-  * Update of the loop count used for the next round of
-  * an entropy collection.
-  *
- * @ec [in] entropy collector struct -- may be NULL
-+ * @ec [in] entropy collector struct
-  * @bits [in] is the number of low bits of the timer to consider
-  * @min [in] is the number of bits we shift the timer value to the right at
-  *	     the end to make sure we have a guaranteed minimum value
-@@ -61,16 +61,13 @@ static uint64_t jent_loop_shuffle(struct
- 	 * Mix the current state of the random number into the shuffle
- 	 * calculation to balance that shuffle a bit more.
- 	 */
-	if (ec) {
-		jent_get_nstime_internal(ec, &time);
-		time ^= ec->data[0];
-	}
-+	jent_get_nstime_internal(ec, &time);
- 
- 	/*
- 	 * We fold the time value as much as possible to ensure that as many
- 	 * bits of the time stamp are included as possible.
- 	 */
-	for (i = 0; ((DATA_SIZE_BITS + bits - 1) / bits) > i; i++) {
-+	for (i = 0; (((sizeof(time) << 3) + bits - 1) / bits) > i; i++) {
- 		shuffle ^= time & mask;
- 		time = time >> bits;
- 	}
-@@ -91,11 +88,11 @@ static uint64_t jent_loop_shuffle(struct
-  * This function injects the individual bits of the time value into the
-  * entropy pool using a hash.
-  *
- * @ec [in] entropy collector struct -- may be NULL
- * @time [in] time stamp to be injected
-+ * @ec [in] entropy collector struct
-+ * @time [in] time delta to be injected
-  * @loop_cnt [in] if a value not equal to 0 is set, use the given value as
-  *		  number of loops to perform the hash operation
- * @stuck [in] Is the time stamp identified as stuck?
-+ * @stuck [in] Is the time delta identified as stuck?
-  *
-  * Output:
-  * updated hash context
-@@ -104,17 +101,19 @@ static void jent_hash_time(struct rand_d
- 			   uint64_t loop_cnt, unsigned int stuck)
- {
- 	HASH_CTX_ON_STACK(ctx);
-	uint8_t itermediary[SHA3_256_SIZE_DIGEST];
-+	uint8_t intermediary[SHA3_256_SIZE_DIGEST];
- 	uint64_t j = 0;
-	uint64_t hash_loop_cnt;
- #define MAX_HASH_LOOP 3
- #define MIN_HASH_LOOP 0
- 
- 	/* Ensure that macros cannot overflow jent_loop_shuffle() */
- 	BUILD_BUG_ON((MAX_HASH_LOOP + MIN_HASH_LOOP) > 63);
-	hash_loop_cnt =
-+	uint64_t hash_loop_cnt =
- 		jent_loop_shuffle(ec, MAX_HASH_LOOP, MIN_HASH_LOOP);
- 
-+	/* Use the memset to shut up valgrind */
-+	memset(intermediary, 0, sizeof(intermediary));
-+
- 	sha3_256_init(&ctx);
- 
- 	/*
-@@ -125,35 +124,54 @@ static void jent_hash_time(struct rand_d
- 		hash_loop_cnt = loop_cnt;
- 
- 	/*
-	 * This loop basically slows down the SHA-3 operation depending
-	 * on the hash_loop_cnt. Each iteration of the loop generates the
-	 * same result.
-+	 * This loop fills a buffer which is injected into the entropy pool.
-+	 * The main reason for this loop is to execute something over which we
-+	 * can perform a timing measurement. The injection of the resulting
-+	 * data into the pool is performed to ensure the result is used and
-+	 * the compiler cannot optimize the loop away in case the result is not
-+	 * used at all. Yet that data is considered "additional information"
-+	 * considering the terminology from SP800-90A without any entropy.
-+	 *
-+	 * Note, it does not matter which or how much data you inject, we are
-+	 * interested in one Keccack1600 compression operation performed with
-+	 * the sha3_final.
- 	 */
- 	for (j = 0; j < hash_loop_cnt; j++) {
-		sha3_update(&ctx, ec->data, SHA3_256_SIZE_DIGEST);
-		sha3_update(&ctx, (uint8_t *)&time, sizeof(uint64_t));
-+		sha3_update(&ctx, intermediary, sizeof(intermediary));
-+		sha3_update(&ctx, (uint8_t *)&ec->rct_count,
-+			    sizeof(ec->rct_count));
-+		sha3_update(&ctx, (uint8_t *)&ec->apt_cutoff,
-+			    sizeof(ec->apt_cutoff));
-+		sha3_update(&ctx, (uint8_t *)&ec->apt_observations,
-+			    sizeof(ec->apt_observations));
-+		sha3_update(&ctx, (uint8_t *)&ec->apt_count,
-+			    sizeof(ec->apt_count));
-+		sha3_update(&ctx,(uint8_t *) &ec->apt_base,
-+			    sizeof(ec->apt_base));
- 		sha3_update(&ctx, (uint8_t *)&j, sizeof(uint64_t));
-+		sha3_final(&ctx, intermediary);
-+	}
- 
-		/*
-		 * If the time stamp is stuck, do not finally insert the value
-		 * into the entropy pool. Although this operation should not do
-		 * any harm even when the time stamp has no entropy, SP800-90B
-		 * requires that any conditioning operation to have an identical
-		 * amount of input data according to section 3.1.5.
-		 */
-+	/*
-+	 * Inject the data from the previous loop into the pool. This data is
-+	 * not considered to contain any entropy, but it stirs the pool a bit.
-+	 */
-+	sha3_update(ec->hash_state, intermediary, sizeof(intermediary));
- 
-		/*
-		 * The sha3_final operations re-initialize the context for the
-		 * next loop iteration.
-		 */
-		if (stuck || (j < hash_loop_cnt - 1))
-			sha3_final(&ctx, itermediary);
-		else
-			sha3_final(&ctx, ec->data);
-	}
-+	/*
-+	 * Insert the time stamp into the hash context representing the pool.
-+	 *
-+	 * If the time stamp is stuck, do not finally insert the value into the
-+	 * entropy pool. Although this operation should not do any harm even
-+	 * when the time stamp has no entropy, SP800-90B requires that any
-+	 * conditioning operation to have an identical amount of input data
-+	 * according to section 3.1.5.
-+	 */
-+	if (!stuck)
-+		sha3_update(ec->hash_state, (uint8_t *)&time, sizeof(uint64_t));
- 
- 	jent_memset_secure(&ctx, SHA_MAX_CTX_SIZE);
-	jent_memset_secure(itermediary, sizeof(itermediary));
-+	jent_memset_secure(intermediary, sizeof(intermediary));
- }
- 
- #define MAX_ACC_LOOP_BIT 7
-@@ -184,13 +202,12 @@ static inline uint32_t xoshiro128starsta
- 
- static void jent_memaccess(struct rand_data *ec, uint64_t loop_cnt)
- {
-	uint64_t i = 0;
-+	uint64_t i = 0, time = 0;
- 	union {
- 		uint32_t u[4];
- 		uint8_t b[sizeof(uint32_t) * 4];
- 	} prngState = { .u = {0x8e93eec0, 0xce65608a, 0xa8d46b46, 0xe83cef69} };
- 	uint32_t addressMask;
-        uint64_t acc_loop_cnt;
- 
- 	if (NULL == ec || NULL == ec->mem)
- 		return;
-@@ -199,7 +216,7 @@ static void jent_memaccess(struct rand_d
- 
- 	/* Ensure that macros cannot overflow jent_loop_shuffle() */
- 	BUILD_BUG_ON((MAX_ACC_LOOP_BIT + MIN_ACC_LOOP_BIT) > 63);
-	acc_loop_cnt =
-+	uint64_t acc_loop_cnt =
- 		jent_loop_shuffle(ec, MAX_ACC_LOOP_BIT, MIN_ACC_LOOP_BIT);
- 
- 	/*
-@@ -213,8 +230,10 @@ static void jent_memaccess(struct rand_d
- 	 * "per-update: timing, it gets you mostly independent "per-update"
- 	 * timing, so we can now benefit from the Central Limit Theorem!
- 	 */
-	for (i = 0; i < sizeof(prngState); i++)
-		prngState.b[i] ^= ec->data[i];
-+	for (i = 0; i < sizeof(prngState); i++) {
-+		jent_get_nstime_internal(ec, &time);
-+		prngState.b[i] ^= (uint8_t)(time & 0xff);
-+	}
- 
- 	/*
- 	 * testing purposes -- allow test app to set the counter, not
-@@ -358,21 +377,21 @@ unsigned int jent_measure_jitter(struct
- 
- /**
-  * Generator of one 256 bit random number
- * Function fills rand_data->data
-+ * Function fills rand_data->hash_state
-  *
-  * @ec [in] Reference to entropy collector
-  */
- void jent_random_data(struct rand_data *ec)
- {
-	unsigned int k = 0, safety_factor = ENTROPY_SAFETY_FACTOR;
-+	unsigned int k = 0, safety_factor = 0;
- 
-	if (!ec->fips_enabled)
-		safety_factor = 0;
-+	if (ec->fips_enabled)
-+		safety_factor = ENTROPY_SAFETY_FACTOR;
- 
- 	/* priming of the ->prev_time value */
- 	jent_measure_jitter(ec, 0, NULL);
- 
-	while (1) {
-+	while (!jent_health_failure(ec)) {
- 		/* If a stuck measurement is received, repeat measurement */
- 		if (jent_measure_jitter(ec, 0, NULL))
- 			continue;
-@@ -385,3 +404,22 @@ void jent_random_data(struct rand_data *
- 			break;
- 	}
- }
-+
-+void jent_read_random_block(struct rand_data *ec, char *dst, size_t dst_len)
-+{
-+	uint8_t jent_block[SHA3_256_SIZE_DIGEST];
-+
-+	BUILD_BUG_ON(SHA3_256_SIZE_DIGEST != (DATA_SIZE_BITS / 8));
-+
-+	/* The final operation automatically re-initializes the ->hash_state */
-+	sha3_final(ec->hash_state, jent_block);
-+	if (dst_len)
-+		memcpy(dst, jent_block, dst_len);
-+
-+	/*
-+	 * Stir the new state with the data from the old state - the digest
-+	 * of the old data is not considered to have entropy.
-+	 */
-+	sha3_update(ec->hash_state, jent_block, sizeof(jent_block));
-+	jent_memset_secure(jent_block, sizeof(jent_block));
-+}
-Index: libgcrypt-1.10.0/random/jitterentropy-noise.h
-===================================================================
--- libgcrypt-1.10.0.orig/random/jitterentropy-noise.h
-+++ libgcrypt-1.10.0/random/jitterentropy-noise.h
-@@ -31,6 +31,7 @@ unsigned int jent_measure_jitter(struct
- 				 uint64_t loop_cnt,
- 				 uint64_t *ret_current_delta);
- void jent_random_data(struct rand_data *ec);
-+void jent_read_random_block(struct rand_data *ec, char *dst, size_t dst_len);
- 
- #ifdef __cplusplus
- }
-Index: libgcrypt-1.10.0/random/jitterentropy-sha3.c
-===================================================================
--- libgcrypt-1.10.0.orig/random/jitterentropy-sha3.c
-+++ libgcrypt-1.10.0/random/jitterentropy-sha3.c
-@@ -19,6 +19,7 @@
-  */
- 
- #include "jitterentropy-sha3.h"
-+#include "jitterentropy.h"
- 
- /***************************************************************************
-  * Message Digest Implementation
-@@ -380,3 +381,23 @@ int sha3_tester(void)
- 
- 	return 0;
- }
-+
-+int sha3_alloc(void **hash_state)
-+{
-+	struct sha_ctx *tmp;
-+
-+	tmp = jent_zalloc(SHA_MAX_CTX_SIZE);
-+	if (!tmp)
-+		return 1;
-+
-+	*hash_state = tmp;
-+
-+	return 0;
-+}
-+
-+void sha3_dealloc(void *hash_state)
-+{
-+	struct sha_ctx *ctx = (struct sha_ctx *)hash_state;
-+
-+	jent_zfree(ctx, SHA_MAX_CTX_SIZE);
-+}
-Index: libgcrypt-1.10.0/random/jitterentropy-sha3.h
-===================================================================
--- libgcrypt-1.10.0.orig/random/jitterentropy-sha3.h
-+++ libgcrypt-1.10.0/random/jitterentropy-sha3.h
-@@ -47,6 +47,8 @@ struct sha_ctx {
- void sha3_256_init(struct sha_ctx *ctx);
- void sha3_update(struct sha_ctx *ctx, const uint8_t *in, size_t inlen);
- void sha3_final(struct sha_ctx *ctx, uint8_t *digest);
-+int sha3_alloc(void **hash_state);
-+void sha3_dealloc(void *hash_state);
- int sha3_tester(void);
- 
- #ifdef __cplusplus
-Index: libgcrypt-1.10.0/random/jitterentropy-timer.c
-===================================================================
--- libgcrypt-1.10.0.orig/random/jitterentropy-timer.c
-+++ libgcrypt-1.10.0/random/jitterentropy-timer.c
-@@ -202,8 +202,8 @@ int jent_notime_enable(struct rand_data
- 	if (jent_force_internal_timer || (flags & JENT_FORCE_INTERNAL_TIMER)) {
- 		/* Self test not run yet */
- 		if (!jent_force_internal_timer &&
-		    jent_time_entropy_init(flags | JENT_FORCE_INTERNAL_TIMER,
-					   ec->osr))
-+		    jent_time_entropy_init(ec->osr,
-+					   flags | JENT_FORCE_INTERNAL_TIMER))
- 			return EHEALTH;
- 
- 		ec->enable_notime = 1;
-Index: libgcrypt-1.10.0/random/jitterentropy.h
-===================================================================
--- libgcrypt-1.10.0.orig/random/jitterentropy.h
-+++ libgcrypt-1.10.0/random/jitterentropy.h
-@@ -49,7 +49,7 @@
-  ***************************************************************************/
- 
- /*
- * Enable timer-less timer support
-+ * Enable timer-less timer support with JENT_CONF_ENABLE_INTERNAL_TIMER
-  *
-  * In case the hardware is identified to not provide a high-resolution time
-  * stamp, this option enables a built-in high-resolution time stamp mechanism.
-@@ -166,7 +166,7 @@ struct rand_data
- 	 * of the RNG are marked as SENSITIVE. A user must not
- 	 * access that information while the RNG executes its loops to
- 	 * calculate the next random value. */
-	uint8_t data[SHA3_256_SIZE_DIGEST]; /* SENSITIVE Actual random number */
-+	void *hash_state;		/* SENSITIVE hash state entropy pool */
- 	uint64_t prev_time;		/* SENSITIVE Previous time stamp */
- #define DATA_SIZE_BITS (SHA3_256_SIZE_DIGEST_BITS)
- 
-@@ -378,28 +378,34 @@ int jent_entropy_init(void);
- JENT_PRIVATE_STATIC
- int jent_entropy_init_ex(unsigned int osr, unsigned int flags);
- 
-+/*
-+ * Set a callback to run on health failure in FIPS mode.
-+ * This function will take an action determined by the caller.
-+ */
-+typedef void (*jent_fips_failure_cb)(struct rand_data *ec,
-+				     unsigned int health_failure);
-+JENT_PRIVATE_STATIC
-+int jent_set_fips_failure_callback(jent_fips_failure_cb cb);
-+
- /* return version number of core library */
- JENT_PRIVATE_STATIC
- unsigned int jent_version(void);
- 
-#ifdef JENT_CONF_ENABLE_INTERNAL_TIMER
- /* Set a different thread handling logic for the notimer support */
- JENT_PRIVATE_STATIC
- int jent_entropy_switch_notime_impl(struct jent_notime_thread *new_thread);
-#endif
- 
- /* -- END of Main interface functions -- */
- 
- /* -- BEGIN timer-less threading support functions to prevent code dupes -- */
- 
-struct jent_notime_ctx {
- #ifdef JENT_CONF_ENABLE_INTERNAL_TIMER
-+
-+struct jent_notime_ctx {
- 	pthread_attr_t notime_pthread_attr;	/* pthreads library */
- 	pthread_t notime_thread_id;		/* pthreads thread ID */
-#endif
- };
- 
-#ifdef JENT_CONF_ENABLE_INTERNAL_TIMER
- 
- JENT_PRIVATE_STATIC
- int jent_notime_init(void **ctx);
-Index: libgcrypt-1.10.0/random/jitterentropy-base-user.h
-===================================================================
--- libgcrypt-1.10.0.orig/random/jitterentropy-base-user.h
-+++ libgcrypt-1.10.0/random/jitterentropy-base-user.h
-@@ -213,12 +213,12 @@ static inline void jent_get_cachesize(lo
- 		ext = strstr(buf, "K");
- 		if (ext) {
- 			shift = 10;
-			ext = '\0';
-+			*ext = '\0';
- 		} else {
- 			ext = strstr(buf, "M");
- 			if (ext) {
- 				shift = 20;
-				ext = '\0';
-+				*ext = '\0';
- 			}
- 		}
- 
--- a/libgcrypt-md-Fix-gcry_md_algo_info-to-mark-reject-under-FIPS-mode.patch
+++ b/libgcrypt-md-Fix-gcry_md_algo_info-to-mark-reject-under-FIPS-mode.patch
@@ -1,82 +0,0 @@
-From 2f17a98a80b155e750ab77d4703e33612e545d58 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Tue, 25 Feb 2025 16:27:25 +0900
-Subject: [PATCH 1/4] md: Fix gcry_md_algo_info to mark/reject under FIPS mode.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/md.c (check_digest_algo): Fix for marking non-compliance.
-* src/visibility.c (gcry_md_algo_info): Add check with
-fips_is_operational.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/md.c      | 26 ++++++++++++++++++++++----
- src/visibility.c |  3 +++
- 2 files changed, 25 insertions(+), 4 deletions(-)
-
-diff --git a/cipher/md.c b/cipher/md.c
-index f600e7bb..caf33afc 100644
--- a/cipher/md.c
-+++ b/cipher/md.c
-@@ -436,16 +436,34 @@ _gcry_md_algo_name (int algorithm)
- 
- 
- static gcry_err_code_t
-check_digest_algo (int algorithm)
-+check_digest_algo (int algo)
- {
-   const gcry_md_spec_t *spec;
-+  int reject = 0;
- 
-  spec = spec_from_algo (algorithm);
-  if (spec && !spec->flags.disabled && (spec->flags.fips || !fips_mode ()))
-+  spec = spec_from_algo (algo);
-+  if (!spec)
-+    return GPG_ERR_DIGEST_ALGO;
-+
-+  if (spec->flags.disabled)
-+    return GPG_ERR_DIGEST_ALGO;
-+
-+  if (!fips_mode ())
-     return 0;
- 
-  return GPG_ERR_DIGEST_ALGO;
-+  if (spec->flags.fips)
-+    return 0;
-+
-+  if (algo == GCRY_MD_MD5)
-+    reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
-+  else
-+    reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
-+
-+  if (reject)
-+    return GPG_ERR_DIGEST_ALGO;
- 
-+  fips_service_indicator_mark_non_compliant ();
-+  return 0;
- }
- 
- 
-diff --git a/src/visibility.c b/src/visibility.c
-index e02d6cfe..4134446a 100644
--- a/src/visibility.c
-+++ b/src/visibility.c
-@@ -1373,6 +1373,9 @@ gcry_md_info (gcry_md_hd_t h, int what, void *buffer, size_t *nbytes)
- gcry_error_t
- gcry_md_algo_info (int algo, int what, void *buffer, size_t *nbytes)
- {
-+  if (!fips_is_operational ())
-+    return gpg_error (fips_not_operational ());
-+  fips_service_indicator_init ();
-   return gpg_error (_gcry_md_algo_info (algo, what, buffer, nbytes));
- }
- 
-- 
-2.49.0
-
--- a/libgcrypt-md-Make-SHA-1-non-FIPS-internally-for-1.12-API.patch
+++ b/libgcrypt-md-Make-SHA-1-non-FIPS-internally-for-1.12-API.patch
@@ -1,154 +0,0 @@
-From 4ee91a94bcdad32aed4364d09e3daf8841fa579f Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Tue, 11 Mar 2025 14:01:11 +0900
-Subject: [PATCH 11/14] md: Make SHA-1 non-FIPS internally for 1.12 API.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* src/gcrypt.h.in (GCRY_FIPS_FLAG_REJECT_MD_SHA1): New.
-* cipher/md.c (check_digest_algo_spec, _gcry_md_open, md_enable)
-(_gcry_md_enable, md_copy): Care about SHA1.
-* cipher/sha1.c (_gcry_digest_spec_sha1): Make SHA1 non-FIPS.
-* tests/t-fips-service-ind.c (check_mac_o_w_r_c): SHA1 is non-FIPS.
-(check_md_o_w_r_c, check_hash_buffer, check_hash_buffers): Likewise.
-(main): Add GCRY_FIPS_FLAG_REJECT_MD_SHA1 for gcry_control.
-
--
-
-For 1.10 ABI (which 1.11 keeps), SHA1 is an approved hash function
-(while its use in public key crypto is non-FIPS).
-
-For 1.12 API, the dynamic FIPS service indicator is going to be added.
-
-In 1.11.1 implementation, we are trying to support 1.12 dynamic FIPS
-service indicator in forward-compatible way.  For this purpose,
-internally, it's specified as non-FIPS in _gcry_digest_spec_sha1.
-
-Note that update for tests/basic.c and tests/pkcs1v2.c are needed to
-use SHA256 (or one of approved hash functions) in 1.12, so that test
-program can be a reference for programmers.
-
-Co-authored-by: Lucas Mulling <lucas.mulling@suse.com>
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/md.c                | 10 ++++++++++
- cipher/sha1.c              |  2 +-
- src/gcrypt.h.in            |  1 +
- tests/t-fips-service-ind.c |  9 +++++----
- 4 files changed, 17 insertions(+), 5 deletions(-)
-
-Index: libgcrypt-1.11.0/cipher/md.c
-===================================================================
--- libgcrypt-1.11.0.orig/cipher/md.c
-+++ libgcrypt-1.11.0/cipher/md.c
-@@ -451,6 +451,8 @@ check_digest_algo_spec (int algo, const
- 
-   if (algo == GCRY_MD_MD5)
-     reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
-+  else if (algo == GCRY_MD_SHA1)
-+    reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1);
-   else
-     reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
- 
-@@ -590,6 +592,8 @@ _gcry_md_open (gcry_md_hd_t *h, int algo
- 
-           if (algo == GCRY_MD_MD5)
-             reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
-+          else if (algo == GCRY_MD_SHA1)
-+            reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1);
-           else
-             reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
- 
-@@ -625,6 +629,8 @@ md_enable (gcry_md_hd_t hd, int algorith
- 
-   if (algorithm == GCRY_MD_MD5)
-     reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
-+  else if (algorithm == GCRY_MD_SHA1)
-+    reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1);
-   else
-     reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
- 
-@@ -703,6 +709,8 @@ _gcry_md_enable (gcry_md_hd_t hd, int al
- 
-           if (algorithm == GCRY_MD_MD5)
-             reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
-+          else if (algorithm == GCRY_MD_SHA1)
-+            reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1);
-           else
-             reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
- 
-@@ -780,6 +788,8 @@ md_copy (gcry_md_hd_t ahd, gcry_md_hd_t
- 
-           if (spec->algo == GCRY_MD_MD5)
-             reject |= fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_MD5);
-+          else if (spec->algo == GCRY_MD_SHA1)
-+            reject = fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_SHA1);
-           else
-             reject |= fips_check_rejection (GCRY_FIPS_FLAG_REJECT_MD_OTHERS);
-         }
-Index: libgcrypt-1.11.0/cipher/sha1.c
-===================================================================
--- libgcrypt-1.11.0.orig/cipher/sha1.c
-+++ libgcrypt-1.11.0/cipher/sha1.c
-@@ -759,7 +759,7 @@ static const gcry_md_oid_spec_t oid_spec
- 
- const gcry_md_spec_t _gcry_digest_spec_sha1 =
-   {
-    GCRY_MD_SHA1, {0, 1},
-+    GCRY_MD_SHA1, {0, 0},
-     "SHA1", asn, DIM (asn), oid_spec_sha1, 20,
-     sha1_init, _gcry_md_block_write, sha1_final, sha1_read, NULL,
-     _gcry_sha1_hash_buffers,
-Index: libgcrypt-1.11.0/src/gcrypt.h.in
-===================================================================
--- libgcrypt-1.11.0.orig/src/gcrypt.h.in
-+++ libgcrypt-1.11.0/src/gcrypt.h.in
-@@ -1982,6 +1982,7 @@ char *gcry_get_config (int mode, const c
- #define GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2   (1 << 7)
- #define GCRY_FIPS_FLAG_REJECT_CIPHER_MODE   (1 << 8)
- /**/
-+#define GCRY_FIPS_FLAG_REJECT_MD_SHA1       (1 << 9)
- #define GCRY_FIPS_FLAG_REJECT_PK_ECC_K      (1 << 10)
- #define GCRY_FIPS_FLAG_REJECT_PK_FLAGS      (1 << 11)
- 
-Index: libgcrypt-1.11.0/tests/t-fips-service-ind.c
-===================================================================
--- libgcrypt-1.11.0.orig/tests/t-fips-service-ind.c
-+++ libgcrypt-1.11.0/tests/t-fips-service-ind.c
-@@ -1107,7 +1107,7 @@ check_mac_o_w_r_c (int reject)
- #if USE_SHA1
-     { GCRY_MAC_HMAC_SHA1, "hmac input abc", 14, "hmac key input", 14,
-       "\xc9\x62\x9d\x16\x0f\xc2\xc4\xcd\x38\xac\x3a\x00\xdc\x29\x61\x03"
-      "\x69\x50\xd7\x3a" },
-+      "\x69\x50\xd7\x3a", 1 },
- #endif
-     { GCRY_MAC_HMAC_SHA256, "hmac input abc", 14, "hmac key input", 14,
-       "\x6a\xda\x4d\xd5\xf3\xa7\x32\x9d\xd2\x55\xc0\x7f\xe6\x0a\x93\xb8"
-@@ -1264,7 +1264,7 @@ check_md_o_w_r_c (int reject)
- #if USE_SHA1
-     { GCRY_MD_SHA1, "abc", 3,
-       "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
-      "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" },
-+      "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D", 1 },
- #endif
-     { GCRY_MD_SHA256, "abc", 3,
-       "\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23"
-@@ -1389,7 +1389,7 @@ check_digests (void)
- #endif
-     { GCRY_MD_SHA1, "abc", 3,
-       "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E"
-      "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D" },
-+      "\x25\x71\x78\x50\xC2\x6C\x9C\xD0\xD8\x9D", 1 },
-     { GCRY_MD_SHA256, "abc", 3,
-       "\xba\x78\x16\xbf\x8f\x01\xcf\xea\x41\x41\x40\xde\x5d\xae\x22\x23"
-       "\xb0\x03\x61\xa3\x96\x17\x7a\x9c\xb4\x10\xff\x61\xf2\x00\x15\xad" },
-@@ -1701,6 +1701,7 @@ main (int argc, char **argv)
-                    | GCRY_FIPS_FLAG_REJECT_CIPHER_MODE
-                    | GCRY_FIPS_FLAG_REJECT_PK_MD
-                    | GCRY_FIPS_FLAG_REJECT_PK_GOST_SM2
-+                   | GCRY_FIPS_FLAG_REJECT_MD_SHA1
-                    | GCRY_FIPS_FLAG_REJECT_PK_ECC_K
-                    | GCRY_FIPS_FLAG_REJECT_PK_FLAGS
-                    | GCRY_FIPS_FLAG_REJECT_COMPAT110)));
--- a/libgcrypt-md-Use-check_digest_algo_spec-in-_gcry_md_selftest.patch
+++ b/libgcrypt-md-Use-check_digest_algo_spec-in-_gcry_md_selftest.patch
@@ -1,74 +0,0 @@
-From ce4755d5c5500cede6d7d380fdab2d15f5d77796 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Wed, 26 Feb 2025 10:23:28 +0900
-Subject: [PATCH 2/4] md: Use check_digest_algo_spec in _gcry_md_selftest.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* cipher/md.c (check_digest_algo_spec): New.
-(check_digest_algo): Use check_digest_algo_spec.
-(_gcry_md_selftest): Likewise.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- cipher/md.c | 22 +++++++++++++---------
- 1 file changed, 13 insertions(+), 9 deletions(-)
-
-diff --git a/cipher/md.c b/cipher/md.c
-index caf33afc..a8027e9e 100644
--- a/cipher/md.c
-+++ b/cipher/md.c
-@@ -436,15 +436,10 @@ _gcry_md_algo_name (int algorithm)
- 
- 
- static gcry_err_code_t
-check_digest_algo (int algo)
-+check_digest_algo_spec (int algo, const gcry_md_spec_t *spec)
- {
-  const gcry_md_spec_t *spec;
-   int reject = 0;
- 
-  spec = spec_from_algo (algo);
-  if (!spec)
-    return GPG_ERR_DIGEST_ALGO;
-
-   if (spec->flags.disabled)
-     return GPG_ERR_DIGEST_ALGO;
- 
-@@ -466,6 +461,17 @@ check_digest_algo (int algo)
-   return 0;
- }
- 
-+static gcry_err_code_t
-+check_digest_algo (int algo)
-+{
-+  const gcry_md_spec_t *spec = spec_from_algo (algo);
-+
-+  if (!spec)
-+    return GPG_ERR_DIGEST_ALGO;
-+  else
-+    return check_digest_algo_spec (algo, spec);
-+}
-+
- 
- /****************
-  * Open a message digest handle for use with algorithm ALGO.
-@@ -1808,9 +1814,7 @@ _gcry_md_selftest (int algo, int extended, selftest_report_func_t report)
-   const gcry_md_spec_t *spec;
- 
-   spec = spec_from_algo (algo);
-  if (spec && !spec->flags.disabled
-      && (spec->flags.fips || !fips_mode ())
-      && spec->selftest)
-+  if (spec && !check_digest_algo_spec (algo, spec) && spec->selftest)
-     ec = spec->selftest (algo, extended, report);
-   else
-     {
-- 
-2.49.0
-
--- a/libgcrypt-no-deprecated-grep-alias.patch
+++ b/libgcrypt-no-deprecated-grep-alias.patch
@@ -1,35 +0,0 @@
--- libgcrypt-1.10.3.orig/acinclude.m4
-+++ libgcrypt-1.10.3/acinclude.m4
-@@ -130,10 +130,10 @@ EOF
-     ac_nlist=conftest.nm
-     if AC_TRY_EVAL(NM conftest.$ac_objext \| $lt_cv_sys_global_symbol_pipe \| cut -d \' \' -f 2 \> $ac_nlist) && test -s "$ac_nlist"; then
-       # See whether the symbols have a leading underscore.
-      if egrep '^_nm_test_func' "$ac_nlist" >/dev/null; then
-+      if grep -E '^_nm_test_func' "$ac_nlist" >/dev/null; then
-         ac_cv_sys_symbol_underscore=yes
-       else
-        if egrep '^nm_test_func ' "$ac_nlist" >/dev/null; then
-+        if grep -E '^nm_test_func ' "$ac_nlist" >/dev/null; then
-           :
-         else
-           echo "configure: cannot find nm_test_func in $ac_nlist" >&AS_MESSAGE_LOG_FD
--- libgcrypt-1.10.3.orig/src/libgcrypt-config.in
-+++ libgcrypt-1.10.3/src/libgcrypt-config.in
-@@ -154,7 +154,7 @@ if test "$echo_cflags" = "yes"; then
- 
-     tmp=""
-     for i in $includes $cflags_final; do
-       if echo "$tmp" | fgrep -v -- "$i" >/dev/null; then
-+       if echo "$tmp" | @GREP@ -F -v -- "$i" >/dev/null; then
-            tmp="$tmp $i"
-        fi
-     done
-@@ -175,7 +175,7 @@ if test "$echo_libs" = "yes"; then
- 
-     tmp=""
-     for i in $libdirs $libs_final; do
-       if echo "$tmp" | fgrep -v -- "$i" >/dev/null; then
-+       if echo "$tmp" | @GREP@ -F -v -- "$i" >/dev/null; then
-            tmp="$tmp $i"
-        fi
-     done
--- a/libgcrypt-ppc-enable-P10-assembly-with-ENABLE_FORCE_SOF.patch
+++ b/libgcrypt-ppc-enable-P10-assembly-with-ENABLE_FORCE_SOF.patch
@@ -1,76 +0,0 @@
-commit 2c5e5ab6843d747c4b877d2c6f47226f61e9ff14
-Author: Jussi Kivilinna <jussi.kivilinna@iki.fi>
-Date:   Sun Jun 12 21:51:34 2022 +0300
-
-    ppc enable P10 assembly with ENABLE_FORCE_SOFT_HWFEATURES on arch 3.00
-    
-    * cipher/chacha20.c (chacha20_do_setkey) [USE_PPC_VEC]: Enable
-    P10 assembly for HWF_PPC_ARCH_3_00 if ENABLE_FORCE_SOFT_HWFEATURES is
-    defined.
-    * cipher/poly1305.c (poly1305_init) [POLY1305_USE_PPC_VEC]: Likewise.
-    * cipher/rijndael.c (do_setkey) [USE_PPC_CRYPTO_WITH_PPC9LE]: Likewise.
-    ---
-    
-    This change allows testing P10 implementations with P9 and with QEMU-PPC.
-    
-    GnuPG-bug-id: 6006
-    Signed-off-by: Jussi Kivilinna <jussi.kivilinna@iki.fi>
-
-Index: libgcrypt-1.10.2/cipher/chacha20.c
-===================================================================
--- libgcrypt-1.10.2.orig/cipher/chacha20.c
-+++ libgcrypt-1.10.2/cipher/chacha20.c
-@@ -484,6 +484,11 @@ chacha20_do_setkey (CHACHA20_context_t *
-   ctx->use_ppc = (features & HWF_PPC_ARCH_2_07) != 0;
- # ifndef WORDS_BIGENDIAN
-   ctx->use_p10 = (features & HWF_PPC_ARCH_3_10) != 0;
-+#  ifdef ENABLE_FORCE_SOFT_HWFEATURES
-+  /* HWF_PPC_ARCH_3_10 above is used as soft HW-feature indicator for P10.
-+   * Actual implementation works with HWF_PPC_ARCH_3_00 also. */
-+  ctx->use_p10 |= (features & HWF_PPC_ARCH_3_00) != 0;
-+#  endif
- # endif
- #endif
- #ifdef USE_S390X_VX
-Index: libgcrypt-1.10.2/cipher/poly1305.c
-===================================================================
--- libgcrypt-1.10.2.orig/cipher/poly1305.c
-+++ libgcrypt-1.10.2/cipher/poly1305.c
-@@ -90,11 +90,19 @@ static void poly1305_init (poly1305_cont
- 			   const byte key[POLY1305_KEYLEN])
- {
-   POLY1305_STATE *st = &ctx->state;
-+  unsigned int features = _gcry_get_hw_features ();
- 
- #ifdef POLY1305_USE_PPC_VEC
-  ctx->use_p10 = (_gcry_get_hw_features () & HWF_PPC_ARCH_3_10) != 0;
-+  ctx->use_p10 = (features & HWF_PPC_ARCH_3_10) != 0;
-+# ifdef ENABLE_FORCE_SOFT_HWFEATURES
-+  /* HWF_PPC_ARCH_3_10 above is used as soft HW-feature indicator for P10.
-+   * Actual implementation works with HWF_PPC_ARCH_3_00 also. */
-+  ctx->use_p10 |= (features & HWF_PPC_ARCH_3_00) != 0;
-+# endif
- #endif
- 
-+  (void)features;
-+
-   ctx->leftover = 0;
- 
-   st->h[0] = 0;
-Index: libgcrypt-1.10.2/cipher/rijndael.c
-===================================================================
--- libgcrypt-1.10.2.orig/cipher/rijndael.c
-+++ libgcrypt-1.10.2/cipher/rijndael.c
-@@ -605,6 +605,12 @@ do_setkey (RIJNDAEL_context *ctx, const
-       bulk_ops->xts_crypt = _gcry_aes_ppc9le_xts_crypt;
-       if (hwfeatures & HWF_PPC_ARCH_3_10)  /* for P10 */
-         bulk_ops->gcm_crypt = _gcry_aes_p10le_gcm_crypt;
-+# ifdef ENABLE_FORCE_SOFT_HWFEATURES
-+      /* HWF_PPC_ARCH_3_10 above is used as soft HW-feature indicator for P10.
-+       * Actual implementation works with HWF_PPC_ARCH_3_00 also. */
-+      if (hwfeatures & HWF_PPC_ARCH_3_00)
-+        bulk_ops->gcm_crypt = _gcry_aes_p10le_gcm_crypt;
-+# endif
-     }
- #endif
- #ifdef USE_PPC_CRYPTO
--- a/libgcrypt-tests-Add-more-tests-to-tests-t-fips-service-ind.patch
+++ b/libgcrypt-tests-Add-more-tests-to-tests-t-fips-service-ind.patch
@@ -1,382 +0,0 @@
-From d71c88f78a4f1b72f92de90791fc6fe81a3cb861 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Tue, 24 Dec 2024 17:03:48 +0900
-Subject: [PATCH 17/19] tests: Add more tests to tests/t-fips-service-ind.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* tests/t-fips-service-ind.c (check_pk_g_t_n_c, check_pk_s_v): New.
-(main): Call check_pk_g_t_n_c and check_pk_s_v.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- tests/t-fips-service-ind.c | 334 +++++++++++++++++++++++++++++++++++++
- 1 file changed, 334 insertions(+)
-
-diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
-index 64e1e135..90d92c70 100644
--- a/tests/t-fips-service-ind.c
-+++ b/tests/t-fips-service-ind.c
-@@ -40,6 +40,336 @@ static int in_fips_mode;
- # include <windows.h>
- #endif
- 
-+/* Check gcry_pk_genkey, gcry_pk_testkey, gcry_pk_get_nbits, gcry_pk_get_curve API.  */
-+static void
-+check_pk_g_t_n_c (int reject)
-+{
-+  static struct {
-+    const char *keyparms;
-+    int expect_failure;
-+  } tv[] = {
-+    {
-+      "(genkey (ecc (curve nistp256)))",
-+      0
-+    },
-+    {                           /* non-compliant curve */
-+      "(genkey (ecc (curve secp256k1)))",
-+      1
-+    }
-+  };
-+  int tvidx;
-+  gpg_error_t err;
-+  gpg_err_code_t ec;
-+
-+  for (tvidx=0; tvidx < DIM(tv); tvidx++)
-+    {
-+      gcry_sexp_t s_kp = NULL;
-+      gcry_sexp_t s_sk = NULL;
-+      int nbits;
-+      const char *name;
-+
-+      if (verbose)
-+        info ("checking gcry_pk_{genkey,testkey,get_nbits,get_curve} test %d\n", tvidx);
-+
-+      err = gcry_sexp_build (&s_kp, NULL, tv[tvidx].keyparms);
-+      if (err)
-+        {
-+          fail ("error building SEXP for test, %s: %s",
-+                "keyparms", gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      err = gcry_pk_genkey (&s_sk, s_kp);
-+      if (err)
-+        {
-+          if (in_fips_mode && reject && tv[tvidx].expect_failure)
-+            /* Here, an error is expected */
-+            ;
-+          else
-+            fail ("gcry_pk_genkey failed: %s", gpg_strerror (err));
-+          goto next;
-+        }
-+      else
-+        {
-+          if (in_fips_mode && reject && tv[tvidx].expect_failure)
-+            {
-+              fail ("gcry_pk_genkey test %d unexpectedly succeeded", tvidx);
-+              goto next;
-+            }
-+        }
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_pk_genkey test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_pk_genkey test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_pk_genkey test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      err = gcry_pk_testkey (s_sk);
-+      if (err)
-+        {
-+          fail ("gcry_pk_testkey failed for test: %s", gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_pk_testkey test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_pk_testkey test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_pk_testkey test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      nbits = gcry_pk_get_nbits (s_sk);
-+      if (!nbits)
-+        {
-+          fail ("gcry_pk_get_nbits failed for test");
-+          goto next;
-+        }
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_pk_get_nbits test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_pk_get_nbits test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_pk_get_nbits test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      name = gcry_pk_get_curve (s_sk, 0, NULL);
-+      if (!name)
-+        {
-+          fail ("gcry_pk_get_curve failed for test: %s", gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_pk_get_curve test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_pk_get_curve test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_pk_get_curve test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+    next:
-+      gcry_sexp_release (s_kp);
-+      gcry_sexp_release (s_sk);
-+    }
-+}
-+
-+/* Check gcry_pk_sign, gcry_verify API.  */
-+static void
-+check_pk_s_v (int reject)
-+{
-+  static struct {
-+    const char *prvkey;
-+    const char *pubkey;
-+    int expect_failure;
-+  } tv[] = {
-+    {
-+      "(private-key (ecc (curve nistp256)"
-+      " (d #519b423d715f8b581f4fa8ee59f4771a5b44c8130b4e3eacca54a56dda72b464#)))",
-+      "(public-key (ecc (curve nistp256)"
-+      " (q #041ccbe91c075fc7f4f033bfa248db8fccd3565de94bbfb12f3c59ff46c271bf83"
-+      "ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9#)))",
-+      0
-+    },
-+    {                           /* non-compliant curve */
-+      "(private-key (ecc (curve secp256k1)"
-+      " (d #c2cdf0a8b0a83b35ace53f097b5e6e6a0a1f2d40535eff1cf434f52a43d59d8f#)))",
-+      "(public-key (ecc (curve secp256k1)"
-+      " (q #046fcc37ea5e9e09fec6c83e5fbd7a745e3eee81d16ebd861c9e66f55518c19798"
-+      "4e9f113c07f875691df8afc1029496fc4cb9509b39dcd38f251a83359cc8b4f7#)))",
-+      1
-+    }
-+  };
-+  int tvidx;
-+  gpg_error_t err;
-+  gpg_err_code_t ec;
-+  const char *data = "(data (flags raw)"
-+    "(hash sha256 #00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F#))";
-+  gcry_sexp_t s_data = NULL;
-+
-+  err = gcry_sexp_build (&s_data, NULL, data);
-+  if (err)
-+    {
-+      fail ("error building SEXP for test, %s: %s",
-+            "data", gpg_strerror (err));
-+      return;
-+    }
-+
-+  for (tvidx=0; tvidx < DIM(tv); tvidx++)
-+    {
-+      gcry_sexp_t s_pk = NULL;
-+      gcry_sexp_t s_sk = NULL;
-+      gcry_sexp_t s_sig= NULL;
-+
-+      if (verbose)
-+        info ("checking gcry_pk_{sign,verify} test %d\n", tvidx);
-+
-+      err = gcry_sexp_build (&s_sk, NULL, tv[tvidx].prvkey);
-+      if (err)
-+        {
-+          fail ("error building SEXP for test, %s: %s",
-+                "sk", gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      err = gcry_sexp_build (&s_pk, NULL, tv[tvidx].pubkey);
-+      if (err)
-+        {
-+          fail ("error building SEXP for test, %s: %s",
-+                "pk", gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      err = gcry_pk_sign (&s_sig, s_data, s_sk);
-+      if (err)
-+        {
-+          if (in_fips_mode && reject && tv[tvidx].expect_failure)
-+            /* Here, an error is expected */
-+            ;
-+          else
-+            fail ("gcry_pk_sign failed: %s", gpg_strerror (err));
-+          goto next;
-+        }
-+      else
-+        {
-+          if (in_fips_mode && reject && tv[tvidx].expect_failure)
-+            {
-+              fail ("gcry_pk_sign test %d unexpectedly succeeded", tvidx);
-+              goto next;
-+            }
-+        }
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_pk_sign test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_pk_sign test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_pk_sign test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      err = gcry_pk_verify (s_sig, s_data, s_pk);
-+      if (err)
-+        {
-+          fail ("gcry_pk_verify failed for test: %s", gpg_strerror (err));
-+          goto next;
-+        }
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_pk_verify test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_pk_verify test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_pk_verify test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          goto next;
-+        }
-+
-+    next:
-+      gcry_sexp_release (s_sig);
-+      gcry_sexp_release (s_pk);
-+      gcry_sexp_release (s_sk);
-+    }
-+
-+  gcry_sexp_release (s_data);
-+}
-+
- /* Check gcry_pk_hash_sign, gcry_pk_hash_verify API.  */
- static void
- check_pk_hash_sign_verify (void)
-@@ -1126,6 +1456,8 @@ main (int argc, char **argv)
-   check_mac_o_w_r_c (0);
-   check_cipher_o_s_e_d_c (0);
-   check_pk_hash_sign_verify ();
-+  check_pk_s_v (0);
-+  check_pk_g_t_n_c (0);
- 
-   xgcry_control ((GCRYCTL_FIPS_REJECT_NON_FIPS,
-                   (GCRY_FIPS_FLAG_REJECT_MD_MD5
-@@ -1134,6 +1466,8 @@ main (int argc, char **argv)
-   check_md_o_w_r_c (1);
-   check_mac_o_w_r_c (1);
-   check_cipher_o_s_e_d_c (1);
-+  check_pk_s_v (1);
-+  check_pk_g_t_n_c (1);
- 
-   return !!error_count;
- }
-- 
-2.49.0
-
--- a/libgcrypt-tests-Allow-tests-with-USE_RSA.patch
+++ b/libgcrypt-tests-Allow-tests-with-USE_RSA.patch
@@ -1,44 +0,0 @@
-From 8404a048b7c58eb903717e09cffaa7735f7d8520 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Tue, 4 Mar 2025 13:29:28 +0900
-Subject: [PATCH 01/14] tests: Allow tests with !USE_RSA.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* tests/t-fips-service-ind.c [USE_RSA] (check_pk_s_v): Ifdef-out.
-
--
-
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- tests/t-fips-service-ind.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
-index 99b84c8f..a082b258 100644
--- a/tests/t-fips-service-ind.c
-+++ b/tests/t-fips-service-ind.c
-@@ -290,7 +290,9 @@ check_pk_s_v (int reject)
-       " 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F"
-       " 00112233445566778899AABBCCDDEEFF000102030405060708090A0B0C0D0E0F#))",
-       0
-    },
-+    }
-+#if USE_RSA
-+    ,
-     {                           /* RSA with compliant hash for signing */
-       "(private-key"
-       " (rsa"
-@@ -559,6 +561,7 @@ check_pk_s_v (int reject)
-       " (hash sha1 #11223344556677889900AABBCCDDEEFF10203040#))\n",
-       1
-     }
-+#endif /* USE_RSA */
-   };
-   int tvidx;
-   gpg_error_t err;
-- 
-2.49.0
-
--- a/libgcrypt-tests-Update-t-fips-service-ind-using-GCRY_MD_SHA256-for-KDF-tests.patch
+++ b/libgcrypt-tests-Update-t-fips-service-ind-using-GCRY_MD_SHA256-for-KDF-tests.patch
@@ -1,106 +0,0 @@
-From e5989e08a556117ec3f19f098765963358b71051 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Wed, 26 Feb 2025 13:51:36 +0900
-Subject: [PATCH 3/4] tests: Update t-fips-service-ind using GCRY_MD_SHA256 for
- KDF tests.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* tests/t-fips-service-ind.c (check_kdf_derive): Use GCRY_MD_SHA256.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- tests/t-fips-service-ind.c | 38 +++++++++++++++++++-------------------
- 1 file changed, 19 insertions(+), 19 deletions(-)
-
-diff --git a/tests/t-fips-service-ind.c b/tests/t-fips-service-ind.c
-index bec6c27e..99b84c8f 100644
--- a/tests/t-fips-service-ind.c
-+++ b/tests/t-fips-service-ind.c
-@@ -1621,13 +1621,13 @@ check_kdf_derive (void)
-   } tv[] = {
-     {
-       "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA256,
-       "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-       4096,
-       25,
-      "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8"
-      "\xd8\x36\x62\xc0\xe4\x4a\x8b\x29\x1a\x96"
-      "\x4c\xf2\xf0\x70\x38",
-+      "\x34\x8c\x89\xdb\xcb\xd3\x2b\x2f\x32\xd8"
-+      "\x14\xb8\x11\x6e\x84\xcf\x2b\x17\x34\x7e"
-+      "\xbc\x18\x00\x18\x1c",
-       0
-     },
-     {
-@@ -1644,45 +1644,45 @@ check_kdf_derive (void)
-     },
-     {
-       "passwor", 7,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA256,
-       "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-       4096,
-       25,
-      "\xf4\x93\xee\x2b\xbf\x44\x0b\x9e\x64\x53"
-      "\xc2\xb3\x87\xdc\x73\xf8\xfd\xe6\x97\xda"
-      "\xb8\x24\xa0\x26\x50",
-+      "\x2d\x72\xa9\xe5\x4e\x2f\x37\x6e\xe5\xe4"
-+      "\xf5\x55\x76\xb5\xaa\x49\x73\x01\x97\x1c"
-+      "\xad\x3a\x7c\xc4\xde",
-       1 /* not-compliant because passphrase len is too small */
-     },
-     {
-       "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA256,
-       "saltSALTsaltSAL", 15,
-       4096,
-       25,
-      "\x14\x05\xa4\x2a\xf4\xa8\x12\x14\x7b\x65"
-      "\x8f\xaa\xf0\x7f\x25\xe5\x0f\x0b\x2b\xb7"
-      "\xcf\x8d\x29\x23\x4b",
-+      "\xf7\x55\xdd\x3c\x5e\xfb\x23\x06\xa7\x85"
-+      "\x94\xa7\x31\x12\x45\xcf\x5a\x4b\xdc\x09"
-+      "\xee\x65\x4b\x50\x3f",
-       1 /* not-compliant because salt len is too small */
-     },
-     {
-       "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA256,
-       "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-       999,
-       25,
-      "\xac\xf8\xb4\x67\x41\xc7\xf3\xd1\xa0\xc0"
-      "\x08\xbe\x9b\x23\x96\x78\xbd\x93\xda\x4a"
-      "\x30\xd4\xfb\xf0\x33",
-+      "\x09\x3e\x1a\xd8\x63\x30\x71\x9c\x17\xcf"
-+      "\xb0\x53\x3e\x1f\xc8\x51\x29\x71\x54\x28"
-+      "\x5d\xf7\x8e\x41\xaa",
-       1 /* not-compliant because too few iterations */
-     },
-     {
-       "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA256,
-       "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-       4096,
-       13,
-      "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8"
-      "\xd8\x36\x62",
-+      "\x34\x8c\x89\xdb\xcb\xd3\x2b\x2f\x32\xd8"
-+      "\x14\xb8\x11",
-       1 /* not-compliant because key size too small */
-     },
-     {
-- 
-2.49.0
-
--- a/libgcrypt-tests-fips-Add-gcry_cipher_open-tests.patch
+++ b/libgcrypt-tests-fips-Add-gcry_cipher_open-tests.patch
@@ -1,199 +0,0 @@
-From cfd2d2f41ad4aef40d83f8f7237d1da13c7e240c Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Tue, 17 Dec 2024 10:33:33 +0900
-Subject: [PATCH 09/19] tests,fips: Add gcry_cipher_open tests.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* tests/t-fips-service-ind.c (check_cipher_o_s_e_d_c): New.
-(main): Call check_cipher_o_s_e_d_c.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- tests/t-fips-service-ind.c | 152 ++++++++++++++++++++++++++++++++++++-
- 1 file changed, 151 insertions(+), 1 deletion(-)
-
-Index: libgcrypt-1.11.0/tests/t-fips-service-ind.c
-===================================================================
--- libgcrypt-1.11.0.orig/tests/t-fips-service-ind.c
-+++ libgcrypt-1.11.0/tests/t-fips-service-ind.c
-@@ -31,6 +31,7 @@
- 
- #include "t-common.h"
- static int in_fips_mode;
-+#define MAX_DATA_LEN 1040
- 
- /* Mingw requires us to include windows.h after winsock2.h which is
-    included by gcrypt.h.  */
-@@ -38,6 +39,154 @@ static int in_fips_mode;
- # include <windows.h>
- #endif
- 
-+/* Check gcry_cipher_open, gcry_cipher_setkey, gcry_cipher_encrypt,
-+   gcry_cipher_decrypt, gcry_cipher_close API.  */
-+static void
-+check_cipher_o_s_e_d_c (void)
-+{
-+  static struct {
-+    int algo;
-+    const char *key;
-+    int keylen;
-+    const char *expect;
-+    int expect_failure;
-+    unsigned int flags;
-+  } tv[] = {
-+#if USE_DES
-+      { GCRY_CIPHER_3DES,
-+	"\xe3\x34\x7a\x6b\x0b\xc1\x15\x2c\x64\x2a\x25\xcb\xd3\xbc\x31\xab"
-+	"\xfb\xa1\x62\xa8\x1f\x19\x7c\x15", 24,
-+        "\x3f\x1a\xb8\x83\x18\x8b\xb5\x97", 1 },
-+      { GCRY_CIPHER_3DES,
-+	"\xe3\x34\x7a\x6b\x0b\xc1\x15\x2c\x64\x2a\x25\xcb\xd3\xbc\x31\xab"
-+	"\xfb\xa1\x62\xa8\x1f\x19\x7c\x15", 24,
-+        "\x3f\x1a\xb8\x83\x18\x8b\xb5\x97",
-+        1, GCRY_CIPHER_FLAG_REJECT_NON_FIPS },
-+#endif
-+      { GCRY_CIPHER_AES,
-+	"\x2b\x7e\x15\x16\x28\xae\xd2\xa6\xab\xf7\x15\x88\x09\xcf\x4f\x3c", 16,
-+        "\x5c\x71\xd8\x5d\x26\x5e\xcd\xb5\x95\x40\x41\xab\xff\x25\x6f\xd1" }
-+  };
-+  const char *pt = "Shohei Ohtani 2024: 54 HR, 59 SB";
-+  int ptlen;
-+  int tvidx;
-+  unsigned char out[MAX_DATA_LEN];
-+  gpg_error_t err;
-+
-+  ptlen = strlen (pt);
-+  assert (ptlen == 32);
-+  for (tvidx=0; tvidx < DIM(tv); tvidx++)
-+    {
-+      gpg_err_code_t ec;
-+      gcry_cipher_hd_t h;
-+      size_t blklen;
-+
-+      if (verbose)
-+        fprintf (stderr, "checking gcry_cipher_open test %d\n",
-+                 tvidx);
-+
-+      blklen = gcry_cipher_get_algo_blklen (tv[tvidx].algo);
-+      assert (blklen != 0);
-+      assert (blklen <= ptlen);
-+      assert (blklen <= DIM (out));
-+      err = gcry_cipher_open (&h, tv[tvidx].algo, GCRY_CIPHER_MODE_ECB,
-+                              tv[tvidx].flags);
-+      if (err)
-+        {
-+          if (in_fips_mode && (tv[tvidx].flags & GCRY_CIPHER_FLAG_REJECT_NON_FIPS)
-+              && tv[tvidx].expect_failure)
-+            /* Here, an error is expected */
-+            ;
-+          else
-+            fail ("gcry_cipher_open test %d unexpectedly failed: %s\n",
-+                  tvidx, gpg_strerror (err));
-+          continue;
-+        }
-+      else
-+        {
-+          if (in_fips_mode && (tv[tvidx].flags & GCRY_CIPHER_FLAG_REJECT_NON_FIPS)
-+              && tv[tvidx].expect_failure)
-+            /* This case, an error is expected, but we observed success */
-+            fail ("gcry_cipher_open test %d unexpectedly succeeded\n", tvidx);
-+        }
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_cipher_open test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          continue;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_cipher_open test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          continue;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_cipher_open test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          continue;
-+        }
-+
-+      err = gcry_cipher_setkey (h, tv[tvidx].key, tv[tvidx].keylen);
-+      if (err)
-+        {
-+          fail ("gcry_cipher_setkey %d failed: %s\n", tvidx,
-+                gpg_strerror (err));
-+          gcry_cipher_close (h);
-+          continue;
-+        }
-+
-+      err = gcry_cipher_encrypt (h, out, MAX_DATA_LEN, pt, blklen);
-+      if (err)
-+        {
-+          fail ("gcry_cipher_encrypt %d failed: %s\n", tvidx,
-+                gpg_strerror (err));
-+          gcry_cipher_close (h);
-+          continue;
-+        }
-+
-+      if (memcmp (out, tv[tvidx].expect, blklen))
-+        {
-+          int i;
-+
-+          fail ("gcry_cipher_open test %d failed: encryption mismatch\n", tvidx);
-+          fputs ("got:", stderr);
-+          for (i=0; i < blklen; i++)
-+            fprintf (stderr, " %02x", out[i]);
-+          putc ('\n', stderr);
-+        }
-+
-+      err = gcry_cipher_decrypt (h, out, blklen, NULL, 0);
-+      if (err)
-+        {
-+          fail ("gcry_cipher_decrypt %d failed: %s\n", tvidx,
-+                gpg_strerror (err));
-+          gcry_cipher_close (h);
-+          continue;
-+        }
-+
-+      if (memcmp (out, pt, blklen))
-+        {
-+          int i;
-+
-+          fail ("gcry_cipher_open test %d failed: decryption mismatch\n", tvidx);
-+          fputs ("got:", stderr);
-+          for (i=0; i < blklen; i++)
-+            fprintf (stderr, " %02x", out[i]);
-+          putc ('\n', stderr);
-+        }
-+
-+      gcry_cipher_close (h);
-+    }
-+}
-+
- /* Check gcry_mac_open, gcry_mac_write, gcry_mac_write, gcry_mac_read,
-    gcry_mac_close API.  */
- static void
-@@ -651,9 +800,10 @@ main (int argc, char **argv)
-     xgcry_control ((GCRYCTL_SET_DEBUG_FLAGS, 1u , 0));
- 
-   check_digests ();
-+  check_kdf_derive ();
-   check_md_o_w_r_c ();
-   check_mac_o_w_r_c ();
-  check_kdf_derive ();
-+  check_cipher_o_s_e_d_c ();
- 
-   return !!error_count;
- }
--- a/libgcrypt-tests-fips-Add-gcry_mac_open-tests.patch
+++ b/libgcrypt-tests-fips-Add-gcry_mac_open-tests.patch
@@ -1,206 +0,0 @@
-From c4f75014cb8af732f87c02fe7c2e7a488fe71c6d Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Mon, 16 Dec 2024 14:09:10 +0900
-Subject: [PATCH 06/19] tests,fips: Add gcry_mac_open tests.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* tests/t-digest.c (check_mac_o_w_r_c): New.
-(main): Call check_mac_o_w_r_c.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- tests/t-digest.c | 168 +++++++++++++++++++++++++++++++++++++++++++++++
- 1 file changed, 168 insertions(+)
-
-Index: libgcrypt-1.11.0/tests/t-digest.c
-===================================================================
--- libgcrypt-1.11.0.orig/tests/t-digest.c
-+++ libgcrypt-1.11.0/tests/t-digest.c
-@@ -38,6 +38,173 @@ static int in_fips_mode;
- # include <windows.h>
- #endif
- 
-+/* Check gcry_mac_open, gcry_mac_write, gcry_mac_write, gcry_mac_read,
-+   gcry_mac_close API.  */
-+static void
-+check_mac_o_w_r_c (void)
-+{
-+  static struct {
-+    int algo;
-+    const char *data;
-+    int datalen;
-+    const char *key;
-+    int keylen;
-+    const char *expect;
-+    int expect_failure;
-+    unsigned int flags;
-+  } tv[] = {
-+#if USE_MD5
-+    { GCRY_MAC_HMAC_MD5, "hmac input abc", 14, "hmac key input", 14,
-+      "\x0d\x72\xd0\x60\xaf\x34\xf2\xca\x33\x58\xa9\xcc\xd3\x5a\xac\xb5", 1 },
-+    { GCRY_MAC_HMAC_MD5, "hmac input abc", 14, "hmac key input", 14,
-+      "\x0d\x72\xd0\x60\xaf\x34\xf2\xca\x33\x58\xa9\xcc\xd3\x5a\xac\xb5", 1,
-+      GCRY_MAC_FLAG_REJECT_NON_FIPS },
-+#endif
-+#if USE_SHA1
-+    { GCRY_MAC_HMAC_SHA1, "hmac input abc", 14, "hmac key input", 14,
-+      "\xc9\x62\x9d\x16\x0f\xc2\xc4\xcd\x38\xac\x3a\x00\xdc\x29\x61\x03"
-+      "\x69\x50\xd7\x3a" },
-+#endif
-+    { GCRY_MAC_HMAC_SHA256, "hmac input abc", 14, "hmac key input", 14,
-+      "\x6a\xda\x4d\xd5\xf3\xa7\x32\x9d\xd2\x55\xc0\x7f\xe6\x0a\x93\xb8"
-+      "\x7a\x6e\x76\x68\x46\x34\x67\xf9\xc2\x29\xb8\x24\x2e\xc8\xe3\xb4" },
-+    { GCRY_MAC_HMAC_SHA384, "hmac input abc", 14, "hmac key input", 14,
-+      "\xc6\x59\x14\x4a\xac\x4d\xd5\x62\x09\x2c\xbd\x5e\xbf\x41\x94\xf9"
-+      "\xa4\x78\x18\x46\xfa\xd6\xd1\x12\x90\x4f\x65\xd4\xe8\x44\xcc\xcc"
-+      "\x3d\xcc\xf3\xe4\x27\xd8\xf0\xff\x01\xe8\x70\xcd\xfb\xfa\x24\x45" },
-+    { GCRY_MAC_HMAC_SHA512, "hmac input abc", 14, "hmac key input", 14,
-+      "\xfa\x77\x49\x49\x24\x3d\x7e\x03\x1b\x0e\xd1\xfc\x20\x81\xcf\x95"
-+      "\x81\x21\xa4\x4f\x3b\xe5\x69\x9a\xe6\x67\x27\x10\xbc\x62\xc7\xb3"
-+      "\xb3\xcf\x2b\x1e\xda\x20\x48\x25\xc5\x6a\x52\xc7\xc9\xd9\x77\xf6"
-+      "\xf6\x49\x9d\x70\xe6\x04\x33\xab\x6a\xdf\x7e\x9f\xf4\xd1\x59\x6e" },
-+    { GCRY_MAC_HMAC_SHA3_256, "hmac input abc", 14, "hmac key input", 14,
-+      "\x2b\xe9\x02\x92\xc2\x37\xbe\x91\x06\xbf\x9c\x8e\x7b\xa3\xf2\xfc"
-+      "\x68\x10\x8a\x71\xd5\xc7\x84\x3c\x0b\xdd\x7d\x1e\xdf\xa5\xf6\xa7" },
-+    { GCRY_MAC_HMAC_SHA3_384, "hmac input abc", 14, "hmac key input", 14,
-+      "\x9f\x6b\x9f\x49\x95\x57\xed\x33\xb1\xe7\x22\x2f\xda\x40\x68\xb0"
-+      "\x28\xd2\xdb\x6f\x73\x3c\x2e\x2b\x29\x51\x64\x53\xc4\xc5\x63\x8a"
-+      "\x98\xca\x78\x1a\xe7\x1b\x7d\xf6\xbf\xf3\x6a\xf3\x2a\x0e\xa0\x5b" },
-+    { GCRY_MAC_HMAC_SHA3_512, "hmac input abc", 14, "hmac key input", 14,
-+      "\xf3\x19\x70\x54\x25\xdf\x0f\xde\x09\xe9\xea\x3b\x34\x67\x14\x32"
-+      "\xe6\xe2\x58\x9d\x76\x38\xa4\xbd\x90\x35\x4c\x07\x7c\xa3\xdb\x23"
-+      "\x3c\x78\x0c\x45\xee\x8e\x39\xd5\x81\xd8\x5c\x13\x20\x40\xba\x34"
-+      "\xd0\x0b\x75\x31\x38\x4b\xe7\x74\x87\xa9\xc5\x68\x7f\xbc\x19\xa1" }
-+#if USE_RMD160
-+    ,
-+    { GCRY_MAC_HMAC_RMD160, "hmac input abc", 14, "hmac key input", 14,
-+      "\xf2\x45\x5c\x7e\x48\x1a\xbb\xe5\xe8\xec\x40\xa4\x1b\x89\x26\x2b"
-+      "\xdc\xa1\x79\x59", 1 }
-+#endif
-+  };
-+  int tvidx;
-+  unsigned char mac[64];
-+  int expectlen;
-+  gpg_error_t err;
-+  size_t buflen;
-+
-+  for (tvidx=0; tvidx < DIM(tv); tvidx++)
-+    {
-+      gpg_err_code_t ec;
-+      gcry_mac_hd_t h;
-+
-+      if (verbose)
-+        fprintf (stderr, "checking gcry_mac_open test %d\n",
-+                 tvidx);
-+
-+      expectlen = gcry_mac_get_algo_maclen (tv[tvidx].algo);
-+      assert (expectlen != 0);
-+      assert (expectlen <= DIM (mac));
-+      err = gcry_mac_open (&h, tv[tvidx].algo, tv[tvidx].flags, NULL);
-+      if (err)
-+        {
-+          if (in_fips_mode && (tv[tvidx].flags & GCRY_MAC_FLAG_REJECT_NON_FIPS)
-+              && tv[tvidx].expect_failure)
-+            /* Here, an error is expected */
-+            ;
-+          else
-+            fail ("gcry_mac_open test %d unexpectedly failed: %s\n",
-+                  tvidx, gpg_strerror (err));
-+          continue;
-+        }
-+      else
-+        {
-+          if (in_fips_mode && (tv[tvidx].flags & GCRY_MAC_FLAG_REJECT_NON_FIPS)
-+              && tv[tvidx].expect_failure)
-+            /* This case, an error is expected, but we observed success */
-+            fail ("gcry_mac_open test %d unexpectedly succeeded\n", tvidx);
-+        }
-+
-+
-+      ec = gcry_get_fips_service_indicator ();
-+      if (ec == GPG_ERR_INV_OP)
-+        {
-+          /* libgcrypt is old, no support of the FIPS service indicator.  */
-+          fail ("gcry_mac_open test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                tvidx);
-+          continue;
-+        }
-+
-+      if (in_fips_mode && !tv[tvidx].expect_failure && ec)
-+        {
-+          /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+          fail ("gcry_mac_open test %d unexpectedly set the indicator in FIPS mode.\n",
-+                tvidx);
-+          continue;
-+        }
-+      else if (in_fips_mode && tv[tvidx].expect_failure && !ec)
-+        {
-+          /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+          fail ("gcry_mac_open test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                tvidx);
-+          continue;
-+        }
-+
-+      err = gcry_mac_setkey (h, tv[tvidx].key, tv[tvidx].keylen);
-+      if (err)
-+        {
-+          fail ("gcry_mac_setkey test %d unexpectedly failed: %s\n",
-+                tvidx, gpg_strerror (err));
-+          gcry_mac_close (h);
-+          continue;
-+        }
-+
-+      err = gcry_mac_write (h, tv[tvidx].data, tv[tvidx].datalen);
-+      if (err)
-+        {
-+          fail ("gcry_mac_write test %d unexpectedly failed: %s\n",
-+                tvidx, gpg_strerror (err));
-+          gcry_mac_close (h);
-+          continue;
-+        }
-+
-+      buflen = expectlen;
-+      err = gcry_mac_read (h, mac, &buflen);
-+      if (err || buflen != expectlen)
-+        {
-+          fail ("gcry_mac_read test %d unexpectedly failed: %s\n",
-+                tvidx, gpg_strerror (err));
-+          gcry_mac_close (h);
-+          continue;
-+        }
-+
-+      if (memcmp (mac, tv[tvidx].expect, expectlen))
-+        {
-+          int i;
-+
-+          fail ("gcry_mac_open test %d failed: mismatch\n", tvidx);
-+          fputs ("got:", stderr);
-+          for (i=0; i < expectlen; i++)
-+            fprintf (stderr, " %02x", mac[i]);
-+          putc ('\n', stderr);
-+        }
-+
-+      gcry_mac_close (h);
-+    }
-+}
-+
-+
-+/* Check gcry_md_open, gcry_md_write, gcry_md_write, gcry_md_read,
-+   gcry_md_close API.  */
- static void
- check_md_o_w_r_c (void)
- {
-@@ -327,6 +494,7 @@ main (int argc, char **argv)
- 
-   check_digests ();
-   check_md_o_w_r_c ();
-+  check_mac_o_w_r_c ();
- 
-   return !!error_count;
- }
--- a/libgcrypt-tests-fips-Move-KDF-tests-to-t-fips-service-ind.patch
+++ b/libgcrypt-tests-fips-Move-KDF-tests-to-t-fips-service-ind.patch
@@ -1,375 +0,0 @@
-From b59bde31ded9e829e2a53ddb8c533bf35a144972 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Mon, 16 Dec 2024 14:21:06 +0900
-Subject: [PATCH 08/19] tests,fips: Move KDF tests to t-fips-service-ind.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* tests/t-fips-service-ind.c (check_kdf_derive): Move from...
-* tests/t-kdf.c (check_fips_gcry_kdf_derive): ... here.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- tests/t-fips-service-ind.c | 159 +++++++++++++++++++++++++++++++++++++
- tests/t-kdf.c              | 159 -------------------------------------
- 2 files changed, 159 insertions(+), 159 deletions(-)
-
-Index: libgcrypt-1.11.0/tests/t-fips-service-ind.c
-===================================================================
--- libgcrypt-1.11.0.orig/tests/t-fips-service-ind.c
-+++ libgcrypt-1.11.0/tests/t-fips-service-ind.c
-@@ -439,6 +439,164 @@ check_digests (void)
- }
- 
- 
-+
-+static void
-+check_kdf_derive (void)
-+{
-+  static struct {
-+    const char *p;   /* Passphrase.  */
-+    size_t plen;     /* Length of P. */
-+    int algo;
-+    int subalgo;
-+    const char *salt;
-+    size_t saltlen;
-+    unsigned long iterations;
-+    int dklen;       /* Requested key length.  */
-+    const char *dk;  /* Derived key.  */
-+    int expect_failure;
-+  } tv[] = {
-+    {
-+      "passwordPASSWORDpassword", 24,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-+      4096,
-+      25,
-+      "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8"
-+      "\xd8\x36\x62\xc0\xe4\x4a\x8b\x29\x1a\x96"
-+      "\x4c\xf2\xf0\x70\x38",
-+      0
-+    },
-+    {
-+      "pleaseletmein", 13,
-+      GCRY_KDF_SCRYPT, 16384,
-+      "SodiumChloride", 14,
-+      1,
-+      64,
-+      "\x70\x23\xbd\xcb\x3a\xfd\x73\x48\x46\x1c\x06\xcd\x81\xfd\x38\xeb"
-+      "\xfd\xa8\xfb\xba\x90\x4f\x8e\x3e\xa9\xb5\x43\xf6\x54\x5d\xa1\xf2"
-+      "\xd5\x43\x29\x55\x61\x3f\x0f\xcf\x62\xd4\x97\x05\x24\x2a\x9a\xf9"
-+      "\xe6\x1e\x85\xdc\x0d\x65\x1e\x40\xdf\xcf\x01\x7b\x45\x57\x58\x87",
-+      1 /* not-compliant because unallowed algo */
-+    },
-+    {
-+      "passwor", 7,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-+      4096,
-+      25,
-+      "\xf4\x93\xee\x2b\xbf\x44\x0b\x9e\x64\x53"
-+      "\xc2\xb3\x87\xdc\x73\xf8\xfd\xe6\x97\xda"
-+      "\xb8\x24\xa0\x26\x50",
-+      1 /* not-compliant because passphrase len is too small */
-+    },
-+    {
-+      "passwordPASSWORDpassword", 24,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      "saltSALTsaltSAL", 15,
-+      4096,
-+      25,
-+      "\x14\x05\xa4\x2a\xf4\xa8\x12\x14\x7b\x65"
-+      "\x8f\xaa\xf0\x7f\x25\xe5\x0f\x0b\x2b\xb7"
-+      "\xcf\x8d\x29\x23\x4b",
-+      1 /* not-compliant because salt len is too small */
-+    },
-+    {
-+      "passwordPASSWORDpassword", 24,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-+      999,
-+      25,
-+      "\xac\xf8\xb4\x67\x41\xc7\xf3\xd1\xa0\xc0"
-+      "\x08\xbe\x9b\x23\x96\x78\xbd\x93\xda\x4a"
-+      "\x30\xd4\xfb\xf0\x33",
-+      1 /* not-compliant because too few iterations */
-+    },
-+    {
-+      "passwordPASSWORDpassword", 24,
-+      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-+      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-+      4096,
-+      13,
-+      "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8"
-+      "\xd8\x36\x62",
-+      1 /* not-compliant because key size too small */
-+    },
-+    {
-+      "passwordPASSWORDpassword", 24,
-+      GCRY_KDF_PBKDF2, GCRY_MD_BLAKE2B_512,
-+      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-+      4096,
-+      60,
-+      "\xa4\x6b\x53\x35\xdb\xdd\xa3\xd2\x5d\x19\xbb\x11\xfe\xdd\xd9\x9e"
-+      "\x45\x2a\x7c\x34\x47\x41\x98\xca\x31\x74\xb6\x34\x22\xac\x83\xb0"
-+      "\x38\x6e\xf5\x93\x0f\xf5\x16\x46\x0b\x97\xdc\x6c\x27\x5b\xe7\x25"
-+      "\xc2\xcb\xec\x50\x02\xc6\x52\x8b\x34\x68\x53\x65",
-+      1 /* not-compliant because subalgo is not the one of approved */
-+    }
-+  };
-+
-+  int tvidx;
-+  gpg_error_t err;
-+  unsigned char outbuf[100];
-+  int i;
-+
-+  for (tvidx=0; tvidx < DIM(tv); tvidx++)
-+    {
-+      if (verbose)
-+        fprintf (stderr, "checking gcry_kdf_derive test vector %d algo %d for FIPS\n",
-+                 tvidx, tv[tvidx].algo);
-+      assert (tv[tvidx].dklen <= sizeof outbuf);
-+      err = gcry_kdf_derive (tv[tvidx].p, tv[tvidx].plen,
-+                             tv[tvidx].algo, tv[tvidx].subalgo,
-+                             tv[tvidx].salt, tv[tvidx].saltlen,
-+                             tv[tvidx].iterations, tv[tvidx].dklen, outbuf);
-+
-+      if (err)
-+        {
-+          fail ("gcry_kdf_derive test %d unexpectedly returned an error in FIPS mode: %s\n",
-+                tvidx, gpg_strerror (err));
-+        }
-+      else
-+        {
-+          gpg_err_code_t ec;
-+
-+          ec = gcry_get_fips_service_indicator ();
-+          if (ec == GPG_ERR_INV_OP)
-+            {
-+              /* libgcrypt is old, no support of the FIPS service indicator.  */
-+              fail ("gcry_kdf_derive test %d unexpectedly failed to check the FIPS service indicator.\n",
-+                    tvidx);
-+              continue;
-+            }
-+
-+          if (!tv[tvidx].expect_failure && ec)
-+            {
-+              /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-+              fail ("gcry_kdf_derive test %d unexpectedly set the indicator in FIPS mode.\n",
-+                    tvidx);
-+              continue;
-+            }
-+          else if (tv[tvidx].expect_failure && !ec && in_fips_mode)
-+            {
-+              /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-+              fail ("gcry_kdf_derive test %d unexpectedly cleared the indicator in FIPS mode.\n",
-+                    tvidx);
-+              continue;
-+            }
-+
-+          if (memcmp (outbuf, tv[tvidx].dk, tv[tvidx].dklen))
-+            {
-+              fail ("gcry_kdf_derive test %d failed: mismatch\n", tvidx);
-+              fputs ("got:", stderr);
-+              for (i=0; i < tv[tvidx].dklen; i++)
-+                fprintf (stderr, " %02x", outbuf[i]);
-+              putc ('\n', stderr);
-+            }
-+        }
-+    }
-+}
-+
-+
- int
- main (int argc, char **argv)
- {
-@@ -495,6 +653,7 @@ main (int argc, char **argv)
-   check_digests ();
-   check_md_o_w_r_c ();
-   check_mac_o_w_r_c ();
-+  check_kdf_derive ();
- 
-   return !!error_count;
- }
-Index: libgcrypt-1.11.0/tests/t-kdf.c
-===================================================================
--- libgcrypt-1.11.0.orig/tests/t-kdf.c
-+++ libgcrypt-1.11.0/tests/t-kdf.c
-@@ -1927,163 +1927,6 @@ check_fips_indicators (void)
- }
- 
- 
-static void
-check_fips_gcry_kdf_derive (void)
-{
-  static struct {
-    const char *p;   /* Passphrase.  */
-    size_t plen;     /* Length of P. */
-    int algo;
-    int subalgo;
-    const char *salt;
-    size_t saltlen;
-    unsigned long iterations;
-    int dklen;       /* Requested key length.  */
-    const char *dk;  /* Derived key.  */
-    int expect_failure;
-  } tv[] = {
-    {
-      "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-      4096,
-      25,
-      "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8"
-      "\xd8\x36\x62\xc0\xe4\x4a\x8b\x29\x1a\x96"
-      "\x4c\xf2\xf0\x70\x38",
-      0
-    },
-    {
-      "pleaseletmein", 13,
-      GCRY_KDF_SCRYPT, 16384,
-      "SodiumChloride", 14,
-      1,
-      64,
-      "\x70\x23\xbd\xcb\x3a\xfd\x73\x48\x46\x1c\x06\xcd\x81\xfd\x38\xeb"
-      "\xfd\xa8\xfb\xba\x90\x4f\x8e\x3e\xa9\xb5\x43\xf6\x54\x5d\xa1\xf2"
-      "\xd5\x43\x29\x55\x61\x3f\x0f\xcf\x62\xd4\x97\x05\x24\x2a\x9a\xf9"
-      "\xe6\x1e\x85\xdc\x0d\x65\x1e\x40\xdf\xcf\x01\x7b\x45\x57\x58\x87",
-      1 /* not-compliant because unallowed algo */
-    },
-    {
-      "passwor", 7,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-      4096,
-      25,
-      "\xf4\x93\xee\x2b\xbf\x44\x0b\x9e\x64\x53"
-      "\xc2\xb3\x87\xdc\x73\xf8\xfd\xe6\x97\xda"
-      "\xb8\x24\xa0\x26\x50",
-      1 /* not-compliant because passphrase len is too small */
-    },
-    {
-      "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-      "saltSALTsaltSAL", 15,
-      4096,
-      25,
-      "\x14\x05\xa4\x2a\xf4\xa8\x12\x14\x7b\x65"
-      "\x8f\xaa\xf0\x7f\x25\xe5\x0f\x0b\x2b\xb7"
-      "\xcf\x8d\x29\x23\x4b",
-      1 /* not-compliant because salt len is too small */
-    },
-    {
-      "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-      999,
-      25,
-      "\xac\xf8\xb4\x67\x41\xc7\xf3\xd1\xa0\xc0"
-      "\x08\xbe\x9b\x23\x96\x78\xbd\x93\xda\x4a"
-      "\x30\xd4\xfb\xf0\x33",
-      1 /* not-compliant because too few iterations */
-    },
-    {
-      "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_SHA1,
-      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-      4096,
-      13,
-      "\x3d\x2e\xec\x4f\xe4\x1c\x84\x9b\x80\xc8"
-      "\xd8\x36\x62",
-      1 /* not-compliant because key size too small */
-    },
-    {
-      "passwordPASSWORDpassword", 24,
-      GCRY_KDF_PBKDF2, GCRY_MD_BLAKE2B_512,
-      "saltSALTsaltSALTsaltSALTsaltSALTsalt", 36,
-      4096,
-      60,
-      "\xa4\x6b\x53\x35\xdb\xdd\xa3\xd2\x5d\x19\xbb\x11\xfe\xdd\xd9\x9e"
-      "\x45\x2a\x7c\x34\x47\x41\x98\xca\x31\x74\xb6\x34\x22\xac\x83\xb0"
-      "\x38\x6e\xf5\x93\x0f\xf5\x16\x46\x0b\x97\xdc\x6c\x27\x5b\xe7\x25"
-      "\xc2\xcb\xec\x50\x02\xc6\x52\x8b\x34\x68\x53\x65",
-      1 /* not-compliant because subalgo is not the one of approved */
-    }
-  };
-
-  int tvidx;
-  gpg_error_t err;
-  unsigned char outbuf[100];
-  int i;
-
-  for (tvidx=0; tvidx < DIM(tv); tvidx++)
-    {
-      if (verbose)
-        fprintf (stderr, "checking gcry_kdf_derive test vector %d algo %d for FIPS\n",
-                 tvidx, tv[tvidx].algo);
-      assert (tv[tvidx].dklen <= sizeof outbuf);
-      err = gcry_kdf_derive (tv[tvidx].p, tv[tvidx].plen,
-                             tv[tvidx].algo, tv[tvidx].subalgo,
-                             tv[tvidx].salt, tv[tvidx].saltlen,
-                             tv[tvidx].iterations, tv[tvidx].dklen, outbuf);
-
-      if (err)
-        {
-          fail ("gcry_kdf_derive test %d unexpectedly returned an error in FIPS mode: %s\n",
-                tvidx, gpg_strerror (err));
-        }
-      else
-        {
-          gpg_err_code_t ec;
-
-          ec = gcry_get_fips_service_indicator ();
-          if (ec == GPG_ERR_INV_OP)
-            {
-              /* libgcrypt is old, no support of the FIPS service indicator.  */
-              fail ("gcry_kdf_derive test %d unexpectedly failed to check the FIPS service indicator.\n",
-                    tvidx);
-              continue;
-            }
-
-          if (!tv[tvidx].expect_failure && ec)
-            {
-              /* Success with the FIPS service indicator == 0 expected, but != 0.  */
-              fail ("gcry_kdf_derive test %d unexpectedly set the indicator in FIPS mode.\n",
-                    tvidx);
-              continue;
-            }
-          else if (tv[tvidx].expect_failure && !ec)
-            {
-              /* Success with the FIPS service indicator != 0 expected, but == 0.  */
-              fail ("gcry_kdf_derive test %d unexpectedly cleared the indicator in FIPS mode.\n",
-                    tvidx);
-              continue;
-            }
-
-          if (memcmp (outbuf, tv[tvidx].dk, tv[tvidx].dklen))
-            {
-              fail ("gcry_kdf_derive test %d failed: mismatch\n", tvidx);
-              fputs ("got:", stderr);
-              for (i=0; i < tv[tvidx].dklen; i++)
-                fprintf (stderr, " %02x", outbuf[i]);
-              putc ('\n', stderr);
-            }
-        }
-    }
-}
-
-
- int
- main (int argc, char **argv)
- {
-@@ -2166,8 +2009,6 @@ main (int argc, char **argv)
-       check_hkdf ();
-       if (in_fips_mode)
-         check_fips_indicators ();
-      if (in_fips_mode)
-        check_fips_gcry_kdf_derive ();
-     }
- 
-   return error_count ? 1 : 0;
--- a/libgcrypt-tests-fips-Rename-t-fips-service-ind.patch
+++ b/libgcrypt-tests-fips-Rename-t-fips-service-ind.patch
@@ -1,60 +0,0 @@
-From 132f346232b33fe41ffee3b3870ec189626676e7 Mon Sep 17 00:00:00 2001
-From: NIIBE Yutaka <gniibe@fsij.org>
-Date: Mon, 16 Dec 2024 14:14:24 +0900
-Subject: [PATCH 07/19] tests,fips: Rename t-fips-service-ind.
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-* tests/t-fips-service-ind.c: Rename from t-digest.c.
-* tests/Makefile.am (tests_bin): Follow the change.
-
--
-
-GnuPG-bug-id: 7338
-Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
-Signed-off-by: Lucas Mülling <lucas.mulling@suse.com>
---
- tests/Makefile.am                          | 2 +-
- tests/{t-digest.c => t-fips-service-ind.c} | 4 ++--
- 2 files changed, 3 insertions(+), 3 deletions(-)
- rename tests/{t-digest.c => t-fips-service-ind.c} (99%)
-
-diff --git a/tests/Makefile.am b/tests/Makefile.am
-index 93774fe9..3170a58e 100644
--- a/tests/Makefile.am
-+++ b/tests/Makefile.am
-@@ -25,7 +25,7 @@ tests_bin = \
-         version t-secmem mpitests t-sexp t-convert \
- 	t-mpi-bit t-mpi-point t-lock \
- 	prime basic keygen pubkey hmac hashtest t-kdf keygrip \
-	aeswrap random t-kem t-mlkem t-thread-local t-digest
-+	aeswrap random t-kem t-mlkem t-thread-local t-fips-service-ind
- 
- if USE_RSA
- tests_bin += pkcs1v2 t-rsa-pss t-rsa-15 t-rsa-testparm
-diff --git a/tests/t-digest.c b/tests/t-fips-service-ind.c
-similarity index 99%
-rename from tests/t-digest.c
-rename to tests/t-fips-service-ind.c
-index e2b1ce32..31c1fc72 100644
--- a/tests/t-digest.c
-+++ b/tests/t-fips-service-ind.c
-@@ -1,4 +1,4 @@
-/* t-digest.c - MD regression tests
-+/* t-fips-service-ind.c - FIPS service indicator regression tests
-  * Copyright (C) 2024 g10 Code GmbH
-  *
-  * This file is part of Libgcrypt.
-@@ -27,7 +27,7 @@
- #include <string.h>
- #include <assert.h>
- 
-#define PGM "t-digest"
-+#define PGM "t-fips-service-ind"
- 
- #include "t-common.h"
- static int in_fips_mode;
-- 
-2.49.0
-