Description of problem:
In xmlsec1-1.2.29/src/gcrypt/signatures.c, xmlsec1 uses gcry_pk_sign() and gcry_pk_verify() from libgcrypt. This API is not FIPS-compliant, because hash and signature are computed separately and not together inside of the boundary of the libgcrypt FIPS module. You should consider using the gcry_pk_hash_sign() and gcry_pk_hash_verify() functions introduced in libgcrypt-1.10 instead.

Version-Release number of selected component (if applicable):
1.2.29-9.el9

How reproducible:
grep -rE 'gcry_pk_(sign|verify)' .

Actual results:
gcry_pk_sign() and gcry_pk_verify() are used.

Expected results:
gcry_pk_hash_sign() and gcry_pk_hash_verify() are used to compute the digest to be signed inside of the FIPS module boundary.

Additional info:
See https://dev.gnupg.org/T4894, where this function was introduced. Unfortunately due to the way xmlsec1 structured its implementation, the computed digest is passed into the function that invokes gcry_pk_sign()/gcry_pk_verify(), so some refactoring of the API would be required to change to gcry_pk_hash_sign()/gcry_pk_hash_verify(). Note that versions of libgcrypt < 1.10 did not have the gcry_pk_hash_sign()/gcry_pk_hash_verify() API.

Additionally, xmlsec1 seems to support DSA signatures. Note that in RHEL-9 in FIPS mode, DSA will no longer be supported.