Simplify the PCT for RSA and ECDSA

gcrypt.h: Fix function name in comment.

fips: Disable RSA-OAEP padding in FIPS mode.

tests: Expect the OEAP tests to fail in FIPS mode.

Fix _gcry_err_code_to_errno.

build: Fix configure script.

fips: Skip PCT if RSA keygen test-parms specified

build: Skip PK-specific tests if algo is disabled

keccak: Use size_t to avoid integer overflow

kdf:pkdf2: Check minimum allowed key size when running in FIPS mode.

kdf:pkdf2: Require longer input when FIPS mode.

random: Get maximum 32B of entropy at once in FIPS Mode

random: Extend the comment about FIPS specifics

tests: Reproducer for short dklen in FIPS mode

build: Update gpg-error.m4.

hmac,hkdf: Check the HMAC key length in FIPS mode.

build: Prefer gpgrt-config when available.

Revert "kdf:pkdf2: Require longer input when FIPS mode."

doc: Update document for pkg-config and libgcrypt.m4.

pkdf2: Add checks for FIPS.

fips: Mark AES key wrapping as approved.

rsa: Prevent usage of long salt in FIPS mode

fips,rsa: Prevent usage of X9.31 keygen in FIPS mode.

t-rsa-testparm: fix 'function declaration isn’t a prototype' warning

doc: Minor fix up.

build: Fix configure.ac for strict C99.

build: Fix m4 macros for strict C compiler.

fips: Remove GCM mode from the allowed FIPS indicators.

ecc: Do not allow skipping tests in FIPS Mode.

ecc: Make the PCT recoverable in FIPS mode and consistent with RSA.

visibility: Check FIPS operational status for MD+Sign operation.

kdf: Update tests in regards to the allowed parameters in FIPS mode.

fips: Check return value from ftell

random: Remove unused SHA384 DRBGs.

fips: Add explicit indicators for md and mac algorithms.

fips: Unblock MD5 in fips mode but mark non-approved in indicator.

fips: Fix fips indicator function.

fips: Explicitly allow only some PK flags.

doc: Document the new FIPS indicators.

fips: Mark gcry_pk_encrypt/decrypt function non-approved.

fips: Explicitly disable overriding random in FIPS mode.

tests: Improve test coverage for FIPS service indicators.

build: Update gpg-error.m4.

fips: More elaborate way of getting FIPS pk flags indicators.

m4: Update gpg-error.m4.

cipher: Enable the fast path to ChaCha20 only when supported.

build: Allow build with -Oz.

random: Use getrandom only when it's appropriate.

cipher:ecc: Fix public key computation for EdDSA.

cipher:ecc: Fix an error-path to release the KEY correctly.

cipher:pubkey: Fix non-use of flexible array member.

Remove out of core handler setting message in FIPS mode.

cipher:kdf: Move FIPS mode check to _gcry_kdf_derive.

build: Fix the notice in configure.ac.

tests: Allow KDF measurement in FIPS mode.

cipher:pubkey: Check digest size which should not be zero.

sexp: String with \0 is considered "binary".

build: Change the default for --with-libtool-modification.

build: New configure option --with-libtool-modification.

rsa: Fix decoding of PKCS#1 v1.5 and OAEP padding.

const-time: Use ct_not_memequal, instead. Tested with AVR.

build: Check if arch is VAX or compiler is MSVC.

cipher: Fix ElGamal decryption.

rsa: Use memmov_independently when unpadding.

const-time: Add ct_memmov_cond, fix _gcry_mpih_set_cond.

Use single constant-time memory comparison implementation

const-time: always avoid comparison operator for byte comparison

rsa, elgamal: avoid logical not operator in constant-time code

const-time: prefix global symbols with _gcry_

mpih_set_cond: restore EM leakage mitigation

const-time: ct_memmov_cond: switch to use dual mask approach

mpih-const-time: use global vzero/vone variable

mpiutil: use global vone and vzero

ec-nist: use global vone and vzero

ec-nist: avoid unintentional conditional branch by comparison

mpih_cmp_ui: avoid unintentional conditional branch

ec: avoid unintentional condition branches for 25519, 448 and 256k1

const-time: add functions for generating masks from 0/1 input

mpih-const-time: use constant-time comparisons conditional add/sub/abs

mpih_mod: avoid unintentional conditional branch

mpi: Fix ECC computation on hppa.

random:jent: Fix for jent_rng_is_initialized.

random:jent: Fix build with address sanitizer.

cipher:kyber: No change ABI/API for gcry_kem_genkey.

mpi: Use secure MPI in _gcry_mpi_assign_limb_space.

secmem: Handle HAVE_BROKEN_MLOCK for the case with ASAN.

Merge branch 'master' into LIBGCRYPT-1.11-BRANCH

Merge commit '4876a1a4' into LIBGCRYPT-1.11-BRANCH

cipher:kem:ecc: Support secp256k1 by KEM API.

cipher:kem: Provide each enum constant as macro.

build: Allow build with no Kyber.

build: More changes to allow build with no Kyber.

cipher:ecc: Silence GCC 15 warning.

cipher:rsa: Fix missing initialization in generate_fips.

mpi: Provide the function prototype of __udiv_qrnnd.

Add missing abiversion tag for PowerPC assembly

Add missing machine tags for PowerPC assembly

poly1305-p10le: use '.rodata' section for read-only data

Mark nonstring use cases with __nonstring__ attribute.