This patch is based on the following Fedora patch:
https://src.fedoraproject.org/rpms/libgcrypt/blob/rawhide/f/libgcrypt-1.8.3-fips-ctor.patch
It will probably require some tweaks to make it working/ignore this on platforms that do not support constructors or conditionalized it based on a configuration option if this could not be allowed universally.
{F2685574}
Edit: Updated the patch with more relevant information that I gathered from the other scattered patches like the following:
* https://src.fedoraproject.org/rpms/libgcrypt/blob/rawhide/f/libgcrypt-1.8.5-getrandom.patch
* https://src.fedoraproject.org/rpms/libgcrypt/blob/rawhide/f/libgcrypt-1.8.5-fips-module.patch
Unfortunately, there were quite interconnected and using only one of these does not make sense.
There are still some outstanding issues of this approach. I am not sure how much relevant is FIPS for you on Windows or other places that do not use dynamic library constructor. Similarly in the commit message, there is described one more issue with the secure memory, that will probably require some cleanup.
This is mostly first version to start discussion if something like this can go in