Add patch for disable hybrid MLKEM in FIPS mode

Author: Akendo

upstream_patches/0046-disable-hybrid-MLKEM-in-FIPS-mode.patch

@@ -0,0 +1,19 @@
+:100644 100644 419878719e 0000000000 M	providers/fips/fipsprov.c
+
+diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
+index 419878719e..680d3dd56d 100644
+--- a/providers/fips/fipsprov.c
++++ b/providers/fips/fipsprov.c
+@@ -543,8 +542,8 @@ static const OSSL_ALGORITHM fips_asym_kem[] = {
+ #if !defined(OPENSSL_NO_ECX)
+-    { "X25519MLKEM768", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
+-    { "X448MLKEM1024", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
++    { "X25519MLKEM768", FIPS_UNAPPROVED_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
++    { "X448MLKEM1024", FIPS_UNAPPROVED_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
+ #endif
+ #if !defined(OPENSSL_NO_EC)
+-    { "SecP256r1MLKEM768", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
+-    { "SecP384r1MLKEM1024", FIPS_DEFAULT_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
++    { "SecP256r1MLKEM768", FIPS_UNAPPROVED_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
++    { "SecP384r1MLKEM1024", FIPS_UNAPPROVED_PROPERTIES, ossl_mlx_kem_asym_kem_functions },
+ #endif

upstream_patches/series

@@ -46,3 +46,4 @@ rsa_kem-test-RSA_public_encrypt-result-in-RSASVE.patch
 0043-FIPS-ECDSA-P192-verify-disallow.patch
 0044-FIPS-ML-KEM-encap-key-check.patch
 0045-FIPS-ML-KEM-decap-key-check.patch
+0046-disable-hybrid-MLKEM-in-FIPS-mode.patch