Change Details

Red Hat's patch of libgcrypt-1.8.3-md-fips-enforce.patch: https://dev.gnupg.org/rCd508f7358d9e842f062e820dad7fb84f181622f0 I'd understand the intention of this change (as the title of patch suggests), but we need to make sure if it works well. * With the patch, for MD5, when fips_mode() returns 1 but it's not enforced, it just go through with no errors. * I wonder if the check of _gcry_enforced_fips_mode () should be also removed. * We also have such checks and relaxing in `gcry_md_hash_buffer` and `gcry_md_hash_buffers`, don't we need to change too? The original commit which add relaxing is: {rC3f204a1533f15446f3579e648f0cf70639c4bc49}

Red Hat's patch of libgcrypt-1.8.3-md-fips-enforce.patch: https://dev.gnupg.org/rCd508f7358d9e842f062e820dad7fb84f181622f0 I'd understand the intention of this change (as the title of patch suggests), but we need to make sure if it works well. * With the patch, for MD5, when fips_mode() returns 1 but it's not enforced, it just go through with no errors. * I wonder if the check of _gcry_enforced_fips_mode () should be also removed. * We also have such checks and relaxing in `gcry_md_hash_buffer` and `gcry_md_hash_buffers`, don't we need to change too? The original commit which add relaxing is: {rC3f204a1533f15446f3579e648f0cf70639c4bc49} I wonder if the intention of the patch is reverting rC3f204a15.

Red Hat's patch of libgcrypt-1.8.3-md-fips-enforce.patch: https://dev.gnupg.org/rCd508f7358d9e842f062e820dad7fb84f181622f0 I'd understand the intention of this change (as the title of patch suggests), but we need to make sure if it works well. * With the patch, for MD5, when fips_mode() returns 1 but it's not enforced, it just go through with no errors. * I wonder if the check of _gcry_enforced_fips_mode () should be also removed. * We also have such checks and relaxing in `gcry_md_hash_buffer` and `gcry_md_hash_buffers`, don't we need to change too? The original commit which add relaxing is: {rC3f204a1533f15446f3579e648f0cf70639c4bc49} I wonder if the intention of the patch is reverting rC3f204a15.