libsolv-0.7.29-4.el10 fails CoreOS/libsolv/Regression/bz1630300-Change-libsolv-to-use-RHEL-accepted-crypto test that assures that OpenSSL is used instead of bundled implementation of MD5, SHA1, SHA-224, SHA-256, SHA-384, and SHA-512.

The use of OpenSSL was a RHEL-only patch https://gitlab.com/redhat/centos-stream/rpms/libsolv/-/raw/c9s/0001-Add-support-for-computing-hashes-using-OpenSSL.patch?ref_type=heads requested in https://bugzilla.redhat.com/show_bug.cgi?id=1630300. RHEL 10 build, libsolv-0.7.29-4.el10, misses this patch. The patch is missing from Fedora as well as from the origin upstream.

Do we want to reapply the patch to RHEL 10? The patch is needed if the digests are used for cryptographic purposes. One of them is PGP signature verification in ext/repo_pubkey.c (see solv_chksum_get() calls in pgpsig_makesigdata()).

(Please note that there is an RSA implementation in solv_pgpvrfy() in ext/solv_pgpvrfy.c that the missing patch does not solve.)

If we apply the patch, we need to make sure that libsolv works when the system is in FIPS mode where MD5 and SHA1 are not available for cryptographic purposes.