libgcrypt-1.12.1-160000.1.1

- Update to 1.12.1 (jsc#PED-15059)
  * Various fixes
  - Drop libgcrypt-1.12.0-ec_regression.patch as it's upstreamed

- Update to 1.12.0 (jsc#PED-15059)
  * New and extended interfaces:
  - Allow access to the FIPS service indicator via the new
    GCRYCTL_FIPS_SERVICE_INDICATOR control code.
  - Make SHA-1 non-FIPS internally for the 1.12 API
  - Add Dilithium (ML-DSA) support
  - Support optional random-override and support byte string data
  * Bug fixes:
  - Use secure MPI in _gcry_mpi_assign_limb_space.
  - Use CSIDL_COMMON_APPDATA instead of /etc on Windows.
  - Apply a Kyber patch from upstream.
  - Fix an edge case in Jent initialization.
  - mceliece6688128f: Fix stack overflow crash on win64/wine
  * Performance:
  - Many performance improvements, new AVX512 implementations for modern CPUs.
  - Add RISC-V Zbb+Zbc implementation of CRC.
  - Add RISC-V vector cryptography implementation of GHASH, AES, SHA256 and SHA512
  - Add AVX2 and AVX512 code paths to improve CRC.
  For a full changelog, see:
  https://dev.gnupg.org/source/libgcrypt/history/master/;libgcrypt-1.12.0
  * Dropped libgcrypt-1.11.1-public-SLI-API.patch - applied upstream
  * Rebased libgcrypt-CVE-2024-2236.patch
  * Rebased libgcrypt-FIPS-SLI-hash-mac.patch
  * Rebased libgcrypt-FIPS-SLI-kdf-leylength.patch
  * Rebased libgcrypt-FIPS-SLI-pk.patch
  * Rebased libgcrypt-FIPS-jitter-standalone.patch
  * Rebased libgcrypt-FIPS-rndjent_poll.patch
  * Rebased libgcrypt-nobetasuffix.patch
  * Rebased libgcrypt-rol64-redefinition.patch
  * Added libgcrypt-1.12.0-ec_regression.patch
  * libgcrypt 1.12.0: gcry_mpi_ec_curve_point corrupts point

- Security fix [bsc#1221107, CVE-2024-2236]
  * Add --enable-marvin-workaround to spec to enable workaround
  * Fix  timing based side-channel in RSA implementation ( Marvin attack )
  * Add libgcrypt-CVE-2024-2236.patch

- Update to 1.11.1: [jsc#PED-12227]
  * Bug fixes:
  - Fix Kyber secret-dependent branch introduced by recent versions of Clang. [rCf765778e82]
  - Fix build regression due to the use of AVX512 in Blake. [T7184]
  - Do not build i386 asm on amd64 and vice versa. [T7220]
  - Fix build regression on armhf with gcc-14. [T7226]
  - Return the proper error code on malloc failure in hex2buffer. [rCc51151f5b0]
  - Fix long standing bug for PRIME % 2 == 0. [rC639b0fca15]
  * Performance:
  - Add AES Vector Permute intrinsics implementation for AArch64. [rC94a63aedbb]
  - Add GHASH AArch64/SIMD intrinsics implementation. [rCfec871fd18]
  - Add RISC-V vector permute AES. [rCb24ebd6163]
  - Add GHASH RISC-V Zbb+Zbc implementation. [rC0f1fec12b0]
  - Add ChaCha20 RISC-V vector intrinsics implementation. [rC8dbee93ac2]
  - Add SHA3 acceleration for RISC-V Zbb extension. [rC1a660068ba]
  * Other:
  - Add CET support for i386 and amd64 assembly. [T7220]
  - Add PAC/BTI support for AArch64 asm. [T7220]
  - Apply changes to Kyber from upstream for final FIPS 203. [rCcc95c36e7f]
  - Introduce an internal API for a revampled FIPS service indicator. [T7340]
  - Several improvements for constant time operation by the introduction of
    Least Leak Intended (LLI) variants of internal functions. [T7519,T7490]
  * Add libgcrypt-1.11.1-public-SLI-API.patch
  * Rebase patches:
  - libgcrypt-FIPS-SLI-hash-mac.patch
  - libgcrypt-FIPS-SLI-pk.patch
  - libgcrypt-FIPS-jitter-standalone.patch
  * Remove patches:
  - libgcrypt-fips-Introduce-an-internal-API-for-FIPS-service-indicator.patch
  - libgcrypt-fips-Introduce-GCRYCTL_FIPS_SERVICE_INDICATOR-and-the-macro.patch
  - libgcrypt-fips-kdf-Implement-new-FIPS-service-indicator-for-gcry_kdf_derive.patch
  - libgcrypt-fips-md-Implement-new-FIPS-service-indicator-for-gcry_md_hash_.patch
  - libgcrypt-fips-tests-Add-t-digest.patch
  - libgcrypt-fips-Change-the-internal-API-for-new-FIPS-service-indicator.patch
  - libgcrypt-fips-md-Implement-new-FIPS-service-indicator-for-gcry_md_open-API.patch
  - libgcrypt-fips-tests-Add-tests-for-md_open-write-read-close-for-t-digest.patch
  - libgcrypt-fips-mac-Implement-new-FIPS-service-indicator-for-gcry_mac_open.patch
  - libgcrypt-fips-cipher-Implement-new-FIPS-service-indicator-for-cipher_open.patch
  - libgcrypt-tests-fips-Add-gcry_mac_open-tests.patch
  - libgcrypt-tests-fips-Rename-t-fips-service-ind.patch
  - libgcrypt-tests-fips-Move-KDF-tests-to-t-fips-service-ind.patch
  - libgcrypt-tests-fips-Add-gcry_cipher_open-tests.patch
  - libgcrypt-fips-md-gcry_md_copy-should-care-about-FIPS-service-indicator.patch
  - libgcrypt-fips-cipher-Implement-FIPS-service-indicator-for-gcry_pk_hash_-API.patch
  - libgcrypt-fips-Introduce-GCRYCTL_FIPS_REJECT_NON_FIPS.patch
  - libgcrypt-Fix-the-previous-change.patch
  - libgcrypt-fips-Rejection-by-GCRYCTL_FIPS_REJECT_NON_FIPS-not-by-open-flags.patch
  - libgcrypt-fips-cipher-Add-behavior-not-to-reject-but-mark-non-compliant.patch
  - libgcrypt-fips-ecc-Add-rejecting-or-marking-for-gcry_pk_get_curve.patch
  - libgcrypt-tests-Add-more-tests-to-tests-t-fips-service-ind.patch
  - libgcrypt-fips-ecc-Check-DATA-in-gcry_pk_sign-verify-in-FIPS-mode.patch
  - libgcrypt-fips-cipher-Fix-memory-leak-for-gcry_pk_hash_sign.patch
  - libgcrypt-build-Improve-__thread-specifier-check.patch
  - libgcrypt-cipher-Check-and-mark-non-compliant-cipher-modes-in-the-SLI.patch
  - libgcrypt-cipher-Rename-_gcry_cipher_is_mode_fips_compliant.patch
  - libgcrypt-cipher-Don-t-differentiate-GCRY_CIPHER_MODE_CMAC-in-FIPS-mode.patch
  - libgcrypt-cipher-rsa-Mark-reject-SHA1-unknown-with-RSA-signature-generation.patch
  - libgcrypt-md-Fix-gcry_md_algo_info-to-mark-reject-under-FIPS-mode.patch
  - libgcrypt-md-Use-check_digest_algo_spec-in-_gcry_md_selftest.patch
  - libgcrypt-tests-Update-t-fips-service-ind-using-GCRY_MD_SHA256-for-KDF-tests.patch
  - libgcrypt-fips-cipher-Do-the-computation-when-marking-non-compliant.patch
  - libgcrypt-tests-Allow-tests-with-USE_RSA.patch
  - libgcrypt-cipher-Add-KAT-for-non-rfc6979-ECDSA-with-fixed-k.patch
  - libgcrypt-cipher-Differentiate-use-of-label-K-in-the-SLI.patch
  - libgcrypt-cipher-Differentiate-igninvflag-in-the-SLI.patch
  - libgcrypt-cipher-Differentiate-no-blinding-flag-in-the-SLI.patch
  - libgcrypt-fips-cipher-Add-GCRY_FIPS_FLAG_REJECT_PK_FLAGS.patch
  - libgcrypt-cipher-ecc-Fix-for-supplied-K.patch
  - libgcrypt-cipher-visibility-Differentiate-use-of-random-override-in-the-SLI.patch
  - libgcrypt-cipher-fips-Fix-for-random-override.patch
  - libgcrypt-md-Make-SHA-1-non-FIPS-internally-for-1.12-API.patch
  - libgcrypt-fips-Fix-GCRY_FIPS_FLAG_REJECT_MD.patch
  - libgcrypt-doc-Add-about-GCRYCTL_FIPS_SERVICE_INDICATOR.patch
  - libgcrypt-doc-Fix-syntax-error.patch
  - libgcrypt-Disable-SHA3-s390x-acceleration-for-CSHAKE.patch

- CSHAKE basic regression test failure in s390x [bsc#1242419]
  * Disable SHA3 s390x acceleration for CSHAKE [rC2486d9b5ae01]
  * Add libgcrypt-Disable-SHA3-s390x-acceleration-for-CSHAKE.patch

- Differentiate use of SHA1 in the service level indicator [jsc#PED-12227]
  * Include upstream SLI revamp and fips certification fixes
  * Add patches:
  - libgcrypt-fips-Introduce-an-internal-API-for-FIPS-service-indicator.patch
  - libgcrypt-fips-Introduce-GCRYCTL_FIPS_SERVICE_INDICATOR-and-the-macro.patch
  - libgcrypt-fips-kdf-Implement-new-FIPS-service-indicator-for-gcry_kdf_derive.patch
  - libgcrypt-fips-md-Implement-new-FIPS-service-indicator-for-gcry_md_hash_.patch
  - libgcrypt-fips-tests-Add-t-digest.patch
  - libgcrypt-fips-Change-the-internal-API-for-new-FIPS-service-indicator.patch
  - libgcrypt-fips-md-Implement-new-FIPS-service-indicator-for-gcry_md_open-API.patch
  - libgcrypt-fips-tests-Add-tests-for-md_open-write-read-close-for-t-digest.patch
  - libgcrypt-fips-mac-Implement-new-FIPS-service-indicator-for-gcry_mac_open.patch
  - libgcrypt-fips-cipher-Implement-new-FIPS-service-indicator-for-cipher_open.patch
  - libgcrypt-tests-fips-Add-gcry_mac_open-tests.patch
  - libgcrypt-tests-fips-Rename-t-fips-service-ind.patch
  - libgcrypt-tests-fips-Move-KDF-tests-to-t-fips-service-ind.patch
  - libgcrypt-tests-fips-Add-gcry_cipher_open-tests.patch
  - libgcrypt-fips-md-gcry_md_copy-should-care-about-FIPS-service-indicator.patch
  - libgcrypt-fips-cipher-Implement-FIPS-service-indicator-for-gcry_pk_hash_-API.patch
  - libgcrypt-fips-Introduce-GCRYCTL_FIPS_REJECT_NON_FIPS.patch
  - libgcrypt-Fix-the-previous-change.patch
  - libgcrypt-fips-Rejection-by-GCRYCTL_FIPS_REJECT_NON_FIPS-not-by-open-flags.patch
  - libgcrypt-fips-cipher-Add-behavior-not-to-reject-but-mark-non-compliant.patch
  - libgcrypt-fips-ecc-Add-rejecting-or-marking-for-gcry_pk_get_curve.patch
  - libgcrypt-tests-Add-more-tests-to-tests-t-fips-service-ind.patch
  - libgcrypt-fips-ecc-Check-DATA-in-gcry_pk_sign-verify-in-FIPS-mode.patch
  - libgcrypt-fips-cipher-Fix-memory-leak-for-gcry_pk_hash_sign.patch
  - libgcrypt-build-Improve-__thread-specifier-check.patch
  - libgcrypt-cipher-Check-and-mark-non-compliant-cipher-modes-in-the-SLI.patch
  - libgcrypt-cipher-Rename-_gcry_cipher_is_mode_fips_compliant.patch
  - libgcrypt-cipher-Don-t-differentiate-GCRY_CIPHER_MODE_CMAC-in-FIPS-mode.patch
  - libgcrypt-cipher-rsa-Mark-reject-SHA1-unknown-with-RSA-signature-generation.patch
  - libgcrypt-md-Fix-gcry_md_algo_info-to-mark-reject-under-FIPS-mode.patch
  - libgcrypt-md-Use-check_digest_algo_spec-in-_gcry_md_selftest.patch
  - libgcrypt-tests-Update-t-fips-service-ind-using-GCRY_MD_SHA256-for-KDF-tests.patch
  - libgcrypt-fips-cipher-Do-the-computation-when-marking-non-compliant.patch
  - libgcrypt-tests-Allow-tests-with-USE_RSA.patch
  - libgcrypt-cipher-Add-KAT-for-non-rfc6979-ECDSA-with-fixed-k.patch
  - libgcrypt-cipher-Differentiate-use-of-label-K-in-the-SLI.patch
  - libgcrypt-cipher-Differentiate-igninvflag-in-the-SLI.patch
  - libgcrypt-cipher-Differentiate-no-blinding-flag-in-the-SLI.patch
  - libgcrypt-fips-cipher-Add-GCRY_FIPS_FLAG_REJECT_PK_FLAGS.patch
  - libgcrypt-cipher-ecc-Fix-for-supplied-K.patch
  - libgcrypt-cipher-visibility-Differentiate-use-of-random-override-in-the-SLI.patch
  - libgcrypt-cipher-fips-Fix-for-random-override.patch
  - libgcrypt-md-Make-SHA-1-non-FIPS-internally-for-1.12-API.patch
  - libgcrypt-fips-Fix-GCRY_FIPS_FLAG_REJECT_MD.patch
  - libgcrypt-doc-Add-about-GCRYCTL_FIPS_SERVICE_INDICATOR.patch
  - libgcrypt-doc-Fix-syntax-error.patch
  * Rebase patches:
  - libgcrypt-FIPS-SLI-kdf-leylength.patch

- Fix redefinition error of 'rol64'. Remove not used rol64()
  definition after removing the built-in jitter rng.
  * Add libgcrypt-rol64-redefinition.patch

- Remove unrecognized option: --enable-m-guard

- Update to 1.11.0:
  * New and extended interfaces:
  - Add an API for Key Encapsulation Mechanism (KEM). [T6755]
  - Add Streamlined NTRU Prime sntrup761 algorithm. [rCcf9923e1a5]
  - Add Kyber algorithm according to FIPS 203 ipd 2023-08-24. [rC18e5c0d268]
  - Add Classic McEliece algorithm. [rC003367b912]
  - Add One-Step KDF with hash and MAC. [T5964]
  - Add KDF algorithm HKDF of RFC-5869. [T5964]
  - Add KDF algorithm X963KDF for use in CMS. [rC3abac420b3]
  - Add GMAC-SM4 and Poly1305-SM4. [rCd1ccc409d4]
  - Add ARIA block cipher algorithm. [rC316c6d7715]
  - Add explicit FIPS indicators for MD and MAC algorithms. [T6376]
  - Add support for SHAKE as MGF in RSA. [T6557]
  - Add gcry_md_read support for SHAKE algorithms. [T6539]
  - Add gcry_md_hash_buffers_ext function. [T7035]
  - Add cSHAKE hash algorithm. [rC065b3f4e02]
  - Support internal generation of IV for AEAD cipher mode. [T4873]
  * Performance:
  - Add SM3 ARMv8/AArch64/CE assembly implementation. [rCfe891ff4a3]
  - Add SM4 ARMv8/AArch64 assembly implementation. [rCd8825601f1]
  - Add SM4 GFNI/AVX2 and GFI/AVX512 implementation. [rC5095d60af4,rCeaed633c16]
  - Add SM4 ARMv9 SVE CE assembly implementation. [rC2dc2654006]
  - Add PowerPC vector implementation of SM4. [rC0b2da804ee]
  - Optimize ChaCha20 and Poly1305 for PPC P10 LE. [T6006]
  - Add CTR32LE bulk acceleration for AES on PPC. [rC84f2e2d0b5]
  - Add generic bulk acceleration for CTR32LE mode (GCM-SIV) for SM4
    and Camellia. [rCcf956793af]
  - Add GFNI/AVX2 implementation of Camellia. [rC4e6896eb9f]
  - Add AVX2 and AVX512 accelerated implementations for GHASH (GCM)
    and POLYVAL (GCM-SIV). [rCd857e85cb4, rCe6f3600193]
  - Add AVX512 implementation for SHA512. [rC089223aa3b]
  - Add AVX512 implementation for Serpent. [rCce95b6ec35]
  - Add AVX512 implementation for Poly1305 and ChaCha20. [rCcd3ed49770, rC9a63cfd617]
  - Add AVX512 accelerated implementation for SHA3 and Blake2. [rCbeaad75f46,rC909daa700e]
  - Add VAES/AVX2 accelerated i386 implementation for AES. [rC4a42a042bc]
  - Add bulk processing for XTS mode of Camellia and SM4. [rC32b18cdb87, rCaad3381e93]
  - Accelerate XTS and ECB modes for Twofish and Serpent. [rCd078a928f5,rC8a1fe5f78f]
  - Add AArch64 crypto/SHA512 extension implementation for SHA512. [rCe51d3b8330]
  - Add AArch64 crypto-extension implementation for Camellia. [rC898c857206]
  - Accelerate OCB authentication on AMD with AVX2. [rC6b47e85d65]
  * Bug fixes:
  - For PowerPC check for missing optimization level for vector register usage. [T5785]
  - Fix EdDSA secret key check. [T6511]
  - Fix decoding of PKCS#1-v1.5 and OAEP padding. [rC34c2042792]
  - Allow use of PKCS#1-v1.5 with SHA3 algorithms. [T6976]
  - Fix AESWRAP padding length check. [T7130]
  * Other:
  - Allow empty password for Argon2 KDF. [rCa20700c55f]
  - Various constant time operation imporvements.
  - Add "bp256", "bp384", "bp512" aliases for Brainpool curves.
  - Support for the random server has been removed. [T5811]
  - The control code GCRYCTL_ENABLE_M_GUARD is deprecated and not
    supported any more.  Please use valgrind or other tools. [T5822]
  - Logging is now done via the libgpg-error logging functions. [rCab0bdc72c7]
  * Remove patches fixed upstream:
  - libgcrypt-no-deprecated-grep-alias.patch
  - libgcrypt-Chacha20-poly1305-Optimized-chacha20-poly1305.patch
  - libgcrypt-ppc-enable-P10-assembly-with-ENABLE_FORCE_SOF.patch
  * Rebase patches:
  - libgcrypt-FIPS-jitter-errorcodes.patch
  - libgcrypt-FIPS-jitter-whole-entropy.patch

- FIPS: Make sure that Libgcrypt makes use of the built-in Jitter RNG
  for the whole length entropy buffer in FIPS mode. [bsc#1220893]
  * Add libgcrypt-FIPS-jitter-whole-entropy.patch