diff --git a/.cryptsetup.metadata b/.cryptsetup.metadata
new file mode 100644
index 0000000..f0f9c04
--- /dev/null
+++ b/.cryptsetup.metadata
@@ -0,0 +1,2 @@
+1597b4642a9ef6b73ad191516f26bd2292055680 SOURCES/cryptsetup-2.4.3.tar.xz
+23cea5fef57d512c9e80c01c9ff76c641cb356b0 SOURCES/tests.tar.xz
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..e48f09c
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,2 @@
+SOURCES/cryptsetup-2.4.3.tar.xz
+SOURCES/tests.tar.xz
diff --git a/SOURCES/cryptsetup-2.5.0-Add-more-tests-for-test-passphrase-parameter.patch b/SOURCES/cryptsetup-2.5.0-Add-more-tests-for-test-passphrase-parameter.patch
new file mode 100644
index 0000000..fa075eb
--- /dev/null
+++ b/SOURCES/cryptsetup-2.5.0-Add-more-tests-for-test-passphrase-parameter.patch
@@ -0,0 +1,56 @@
+From f671febe64d8f40cdcb1677a08436a8907ccbb7e Mon Sep 17 00:00:00 2001
+From: Ondrej Kozina <okozina@redhat.com>
+Date: Wed, 23 Feb 2022 12:27:57 +0100
+Subject: [PATCH 2/3] Add more tests for --test-passphrase parameter.
+
+---
+ tests/compat-test-args        |  4 ++++
+ tests/luks2-reencryption-test | 18 ++++++++++++++++++
+ 2 files changed, 22 insertions(+)
+
+diff --git a/tests/compat-test-args b/tests/compat-test-args
+index faeddd00..8bbe5563 100755
+--- a/tests/compat-test-args
++++ b/tests/compat-test-args
+@@ -258,6 +258,10 @@ exp_fail luksAddKey DEV --unbound --key-size 0
+ exp_pass luksAddKey DEV --unbound --key-size 8
+ exp_pass luksDump DEV --unbound -S5
+ exp_fail luksDump DEV --unbound
++exp_pass open DEV --unbound --test-passphrase
++exp_pass open DEV --unbound --test-passphrase -S5
++exp_fail open DEV --unbound NAME
++exp_fail open DEV --unbound -S5 NAME
+ 
+ exp_fail resize NAME --refresh
+ exp_fail open DEV NAME --test-passphrase --refresh
+diff --git a/tests/luks2-reencryption-test b/tests/luks2-reencryption-test
+index 6f156016..73818b5d 100755
+--- a/tests/luks2-reencryption-test
++++ b/tests/luks2-reencryption-test
+@@ -1606,5 +1606,23 @@ if [ -n "$DM_SECTOR_SIZE" ]; then
+ 	reencrypt_recover_online 4096 journal $HASH1
+ fi
+ 
++echo "[27] Verify test passphrase mode works with reencryption metadata"
++echo $PWD1 | $CRYPTSETUP -S5 -q luksFormat --type luks2 $FAST_PBKDF_ARGON $DEV || fail
++echo -e "$PWD1\n$PWD1" | $CRYPTSETUP luksAddKey --unbound -s80 -S0 $FAST_PBKDF_ARGON $DEV || fail
++echo $PWD1 | $CRYPTSETUP reencrypt --init-only $DEV || fail
++echo $PWD1 | $CRYPTSETUP open --test-passphrase $DEV || fail
++
++echo $PWD1 | $CRYPTSETUP -q luksFormat -S5 --header $IMG_HDR --type luks2 $FAST_PBKDF_ARGON $DEV || fail
++echo -e "$PWD1\n$PWD1" | $CRYPTSETUP luksAddKey --unbound -s80 -S0 $FAST_PBKDF_ARGON $IMG_HDR || fail
++echo $PWD1 | $CRYPTSETUP reencrypt --decrypt --init-only --header $IMG_HDR $DEV || fail
++echo $PWD1 | $CRYPTSETUP open --test-passphrase $IMG_HDR || fail
++
++echo $PWD1 | $CRYPTSETUP reencrypt -q --encrypt --init-only --header $IMG_HDR $FAST_PBKDF_ARGON $DEV || fail
++echo $PWD1 | $CRYPTSETUP open --test-passphrase $IMG_HDR || fail
++
++wipe_dev_head $DEV 1
++echo $PWD1 | $CRYPTSETUP reencrypt --encrypt --init-only --reduce-device-size 8M $FAST_PBKDF_ARGON $DEV || fail
++echo $PWD1 | $CRYPTSETUP open --test-passphrase $DEV || fail
++
+ remove_mapping
+ exit 0
+-- 
+2.27.0
+
diff --git a/SOURCES/cryptsetup-2.5.0-Do-not-use-too-small-key-in-tests.patch b/SOURCES/cryptsetup-2.5.0-Do-not-use-too-small-key-in-tests.patch
new file mode 100644
index 0000000..40f7269
--- /dev/null
+++ b/SOURCES/cryptsetup-2.5.0-Do-not-use-too-small-key-in-tests.patch
@@ -0,0 +1,45 @@
+From 34f033b2549d95833270d657cf099ee4f6faff37 Mon Sep 17 00:00:00 2001
+From: Milan Broz <gmazyland@gmail.com>
+Date: Fri, 21 Jan 2022 09:55:34 +0100
+Subject: [PATCH 3/3] Do not use too small key in tests.
+
+Apparently FIPS mode enforces somewhere minimal key size.
+As 64bit key is no longer useful anyway, just remove it.
+
+Apparently cipher_null is now more safer with the longer key,
+isn't? :-)
+---
+ tests/align-test | 10 ----------
+ 1 file changed, 10 deletions(-)
+
+diff --git a/tests/align-test b/tests/align-test
+index 9ae606ca..a00103c2 100755
+--- a/tests/align-test
++++ b/tests/align-test
+@@ -262,11 +262,6 @@ cleanup
+ echo "# Offset check: 512B sector drive"
+ add_device dev_size_mb=16 sector_size=512 num_tgts=1
+ #           |k| expO reqO expected slot offsets
+-format_null  64 2048    0 8:72:136:200:264:328:392:456
+-format_null  64  520    1
+-format_null  64  520    8
+-format_null  64  640  128
+-format_null  64 2048 2048
+ format_null 128 2048    0 8:136:264:392:520:648:776:904
+ format_null 128 1032    1
+ format_null 128 1032    8
+@@ -286,11 +281,6 @@ cleanup
+ 
+ echo "# Offset check: 4096B sector drive"
+ add_device dev_size_mb=16 sector_size=4096 num_tgts=1 opt_blks=64
+-format_null  64 2048    0 8:72:136:200:264:328:392:456
+-format_null  64  520    1
+-format_null  64  520    8
+-format_null  64  640  128
+-format_null  64 2048 2048
+ format_null 128 2048    0 8:136:264:392:520:648:776:904
+ format_null 128 1032    1
+ format_null 128 1032    8
+-- 
+2.27.0
+
diff --git a/SOURCES/cryptsetup-2.5.0-Fix-PBKDF-benchmark-in-OpenSSL3-FIPS-mode.patch b/SOURCES/cryptsetup-2.5.0-Fix-PBKDF-benchmark-in-OpenSSL3-FIPS-mode.patch
new file mode 100644
index 0000000..aebf06e
--- /dev/null
+++ b/SOURCES/cryptsetup-2.5.0-Fix-PBKDF-benchmark-in-OpenSSL3-FIPS-mode.patch
@@ -0,0 +1,47 @@
+From 05a237be2a6c7a342fb5aba4433aec487a08317f Mon Sep 17 00:00:00 2001
+From: Milan Broz <gmazyland@gmail.com>
+Date: Fri, 21 Jan 2022 09:47:13 +0100
+Subject: [PATCH 1/3] Fix PBKDF benchmark in OpenSSL3 FIPS mode.
+
+OpenSSL now enforces minimal parameters for PBKDF2 according to SP 800-132
+key length (112 bits), minimal salt length (128 bits) and minimal number
+of iterations (1000).
+
+Our benchmark violates this, causeing cryptsetup misbehave for luksFormat.
+
+Just inrease tet salt to 16 bytes here, it will little bit influence benchmark,
+but there is no way back.
+---
+ lib/utils_benchmark.c | 2 +-
+ src/cryptsetup.c      | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/lib/utils_benchmark.c b/lib/utils_benchmark.c
+index 7a9736d8..24e7bccc 100644
+--- a/lib/utils_benchmark.c
++++ b/lib/utils_benchmark.c
+@@ -184,7 +184,7 @@ int crypt_benchmark_pbkdf_internal(struct crypt_device *cd,
+ 		pbkdf->parallel_threads = 0; /* N/A in PBKDF2 */
+ 		pbkdf->max_memory_kb = 0; /* N/A in PBKDF2 */
+ 
+-		r = crypt_benchmark_pbkdf(cd, pbkdf, "foo", 3, "bar", 3,
++		r = crypt_benchmark_pbkdf(cd, pbkdf, "foo", 3, "01234567890abcdef", 16,
+ 					volume_key_size, &benchmark_callback, &u);
+ 		pbkdf->time_ms = ms_tmp;
+ 		if (r < 0) {
+diff --git a/src/cryptsetup.c b/src/cryptsetup.c
+index e529b7ac..37d35c92 100644
+--- a/src/cryptsetup.c
++++ b/src/cryptsetup.c
+@@ -860,7 +860,7 @@ static int action_benchmark_kdf(const char *kdf, const char *hash, size_t key_si
+ 			.time_ms = 1000,
+ 		};
+ 
+-		r = crypt_benchmark_pbkdf(NULL, &pbkdf, "foo", 3, "bar", 3, key_size,
++		r = crypt_benchmark_pbkdf(NULL, &pbkdf, "foo", 3, "0123456789abcdef", 16, key_size,
+ 					&benchmark_callback, &pbkdf);
+ 		if (r < 0)
+ 			log_std(_("PBKDF2-%-9s     N/A\n"), hash);
+-- 
+2.27.0
+
diff --git a/SOURCES/cryptsetup-2.5.0-Fix-test-passphrase-when-device-in-reencryption.patch b/SOURCES/cryptsetup-2.5.0-Fix-test-passphrase-when-device-in-reencryption.patch
new file mode 100644
index 0000000..4aaa5a4
--- /dev/null
+++ b/SOURCES/cryptsetup-2.5.0-Fix-test-passphrase-when-device-in-reencryption.patch
@@ -0,0 +1,106 @@
+diff -rupN cryptsetup-2.4.3.old/man/cryptsetup.8 cryptsetup-2.4.3/man/cryptsetup.8
+--- cryptsetup-2.4.3.old/man/cryptsetup.8	2022-02-23 16:33:42.449525744 +0100
++++ cryptsetup-2.4.3/man/cryptsetup.8	2022-02-24 08:57:43.036396289 +0100
+@@ -321,7 +321,8 @@ the command prompts for it interactively
+ \-\-keyfile\-size, \-\-readonly, \-\-test\-passphrase,
+ \-\-allow\-discards, \-\-header, \-\-key-slot, \-\-master\-key\-file, \-\-token\-id,
+ \-\-token\-only, \-\-token-type, \-\-disable\-external\-tokens, \-\-disable\-keyring,
+-\-\-disable\-locks, \-\-type, \-\-refresh, \-\-serialize\-memory\-hard\-pbkdf].
++\-\-disable\-locks, \-\-type, \-\-refresh, \-\-serialize\-memory\-hard\-pbkdf,
++\-\-unbound].
+ .PP
+ \fIluksSuspend\fR <name>
+ .IP
+@@ -1465,10 +1466,14 @@ aligned to page size and page-cache init
+ integrity tag.
+ .TP
+ .B "\-\-unbound"
+-
+ Creates new or dumps existing LUKS2 unbound keyslot. See \fIluksAddKey\fR or
+ \fIluksDump\fR actions for more details.
+ 
++When used in \fIluksOpen\fR action (allowed only together with
++\-\-test\-passphrase parameter), it allows to test passphrase for unbound LUKS2
++keyslot. Otherwise, unbound keyslot passphrase can be tested only when specific
++keyslot is selected via \-\-key\-slot parameter.
++
+ .TP
+ .B "\-\-tcrypt\-hidden"
+ .B "\-\-tcrypt\-system"
+diff -rupN cryptsetup-2.4.3.old/src/cryptsetup_args.h cryptsetup-2.4.3/src/cryptsetup_args.h
+--- cryptsetup-2.4.3.old/src/cryptsetup_args.h	2022-02-23 16:33:42.450525749 +0100
++++ cryptsetup-2.4.3/src/cryptsetup_args.h	2022-02-24 08:57:43.036396289 +0100
+@@ -75,7 +75,7 @@
+ #define OPT_TCRYPT_HIDDEN_ACTIONS		{ OPEN_ACTION, TCRYPTDUMP_ACTION }
+ #define OPT_TCRYPT_SYSTEM_ACTIONS		{ OPEN_ACTION, TCRYPTDUMP_ACTION }
+ #define OPT_TEST_PASSPHRASE_ACTIONS		{ OPEN_ACTION }
+-#define OPT_UNBOUND_ACTIONS			{ ADDKEY_ACTION, LUKSDUMP_ACTION }
++#define OPT_UNBOUND_ACTIONS			{ ADDKEY_ACTION, LUKSDUMP_ACTION, OPEN_ACTION }
+ #define OPT_USE_RANDOM_ACTIONS			{ FORMAT_ACTION }
+ #define OPT_USE_URANDOM_ACTIONS			{ FORMAT_ACTION }
+ #define OPT_UUID_ACTIONS			{ FORMAT_ACTION, UUID_ACTION }
+diff -rupN cryptsetup-2.4.3.old/src/cryptsetup.c cryptsetup-2.4.3/src/cryptsetup.c
+--- cryptsetup-2.4.3.old/src/cryptsetup.c	2022-02-23 16:33:42.450525749 +0100
++++ cryptsetup-2.4.3/src/cryptsetup.c	2022-02-24 08:57:43.036396289 +0100
+@@ -140,7 +140,8 @@ static void _set_activation_flags(uint32
+ 		*flags |= CRYPT_ACTIVATE_IGNORE_PERSISTENT;
+ 
+ 	/* Only for LUKS2 but ignored elsewhere */
+-	if (ARG_SET(OPT_TEST_PASSPHRASE_ID))
++	if (ARG_SET(OPT_TEST_PASSPHRASE_ID) &&
++	    (ARG_SET(OPT_KEY_SLOT_ID) || ARG_SET(OPT_UNBOUND_ID)))
+ 		*flags |= CRYPT_ACTIVATE_ALLOW_UNBOUND_KEY;
+ 
+ 	if (ARG_SET(OPT_SERIALIZE_MEMORY_HARD_PBKDF_ID))
+@@ -3982,6 +3983,18 @@ int main(int argc, const char **argv)
+ 		_("Option --tcrypt-hidden, --tcrypt-system or --tcrypt-backup is supported only for TCRYPT device."),
+ 		poptGetInvocationName(popt_context));
+ 
++	if (ARG_SET(OPT_UNBOUND_ID) && !strcmp(aname, OPEN_ACTION) && device_type &&
++	    strncmp(device_type, "luks", 4))
++		usage(popt_context, EXIT_FAILURE,
++		_("Option --unbound is allowed only for open of luks device."),
++		poptGetInvocationName(popt_context));
++
++	if (ARG_SET(OPT_UNBOUND_ID) && !ARG_SET(OPT_TEST_PASSPHRASE_ID) &&
++	    !strcmp(aname, OPEN_ACTION))
++		usage(popt_context, EXIT_FAILURE,
++		_("Option --unbound cannot be used without --test-passphrase."),
++		poptGetInvocationName(popt_context));
++
+ 	if (ARG_SET(OPT_TCRYPT_HIDDEN_ID) && ARG_SET(OPT_ALLOW_DISCARDS_ID))
+ 		usage(popt_context, EXIT_FAILURE,
+ 		_("Option --tcrypt-hidden cannot be combined with --allow-discards."),
+diff -rupN cryptsetup-2.4.3.old/tests/compat-test2 cryptsetup-2.4.3/tests/compat-test2
+--- cryptsetup-2.4.3.old/tests/compat-test2	2022-02-23 16:33:42.444525716 +0100
++++ cryptsetup-2.4.3/tests/compat-test2	2022-02-24 09:05:38.716422307 +0100
+@@ -699,7 +699,7 @@ $CRYPTSETUP luksOpen -S 5 -d $KEY1 $LOOP
+ # otoh it should be allowed to test for proper passphrase
+ prepare "" new
+ echo $PWD1 | $CRYPTSETUP open -S1 --test-passphrase $HEADER_KEYU || fail
+-echo $PWD1 | $CRYPTSETUP open --test-passphrase $HEADER_KEYU || fail
++echo $PWD1 | $CRYPTSETUP open --unbound --test-passphrase $HEADER_KEYU || fail
+ echo $PWD1 | $CRYPTSETUP open -S1 $HEADER_KEYU $DEV_NAME 2>/dev/null && fail
+ [ -b /dev/mapper/$DEV_NAME ] && fail
+ echo $PWD1 | $CRYPTSETUP open $HEADER_KEYU $DEV_NAME 2>/dev/null && fail
+@@ -708,7 +708,7 @@ echo $PWD0 | $CRYPTSETUP open -S1 --test
+ $CRYPTSETUP luksKillSlot -q $HEADER_KEYU 0
+ $CRYPTSETUP luksDump $HEADER_KEYU | grep -q "0: luks2" && fail
+ echo $PWD1 | $CRYPTSETUP open -S1 --test-passphrase $HEADER_KEYU || fail
+-echo $PWD1 | $CRYPTSETUP open --test-passphrase $HEADER_KEYU || fail
++echo $PWD1 | $CRYPTSETUP open --unbound --test-passphrase $HEADER_KEYU || fail
+ echo $PWD1 | $CRYPTSETUP open -S1 $HEADER_KEYU $DEV_NAME 2>/dev/null && fail
+ 
+ prepare "[28] Detached LUKS header" wipe
+@@ -967,11 +967,9 @@ echo $PWD3 | $CRYPTSETUP -q luksAddKey -
+ # do not allow to replace keyslot by unbound slot
+ echo $PWD1 | $CRYPTSETUP -q luksAddKey -S5 --unbound -s 32 $LOOPDEV 2>/dev/null && fail
+ echo $PWD2 | $CRYPTSETUP -q open $LOOPDEV $DEV_NAME 2> /dev/null && fail
+-echo $PWD2 | $CRYPTSETUP -q open $LOOPDEV --test-passphrase || fail
+ echo $PWD2 | $CRYPTSETUP -q open -S2 $LOOPDEV $DEV_NAME 2> /dev/null && fail
+ echo $PWD2 | $CRYPTSETUP -q open -S2 $LOOPDEV --test-passphrase || fail
+ echo $PWD1 | $CRYPTSETUP -q open $LOOPDEV $DEV_NAME 2> /dev/null && fail
+-echo $PWD1 | $CRYPTSETUP -q open $LOOPDEV --test-passphrase || fail
+ # check we're able to change passphrase for unbound keyslot
+ echo -e "$PWD2\n$PWD3" | $CRYPTSETUP luksChangeKey $FAST_PBKDF_OPT -S 2 $LOOPDEV || fail
+ echo $PWD3 | $CRYPTSETUP open --test-passphrase $FAST_PBKDF_OPT -S 2 $LOOPDEV || fail
diff --git a/SOURCES/cryptsetup-2.5.0-Fix-typo-in-repair-prompt.patch b/SOURCES/cryptsetup-2.5.0-Fix-typo-in-repair-prompt.patch
new file mode 100644
index 0000000..5bf54fb
--- /dev/null
+++ b/SOURCES/cryptsetup-2.5.0-Fix-typo-in-repair-prompt.patch
@@ -0,0 +1,12 @@
+diff -rupN cryptsetup-2.4.3.old/src/cryptsetup.c cryptsetup-2.4.3/src/cryptsetup.c
+--- cryptsetup-2.4.3.old/src/cryptsetup.c	2022-01-21 13:14:56.864817351 +0100
++++ cryptsetup-2.4.3/src/cryptsetup.c	2022-01-21 13:15:15.579947027 +0100
+@@ -1188,7 +1188,7 @@ static int reencrypt_metadata_repair(str
+ 		       _("Operation aborted.\n")))
+ 		return -EINVAL;
+ 
+-	r = tools_get_key(_("Enter passphrase to protect and uppgrade reencryption metadata: "),
++	r = tools_get_key(_("Enter passphrase to protect and upgrade reencryption metadata: "),
+ 			  &password, &passwordLen, ARG_UINT64(OPT_KEYFILE_OFFSET_ID),
+ 			  ARG_UINT32(OPT_KEYFILE_SIZE_ID), ARG_STR(OPT_KEY_FILE_ID), ARG_UINT32(OPT_TIMEOUT_ID),
+ 			  _verify_passphrase(0), 0, cd);
diff --git a/SOURCES/cryptsetup-2.5.0-Get-rid-of-SHA1-in-tests.patch b/SOURCES/cryptsetup-2.5.0-Get-rid-of-SHA1-in-tests.patch
new file mode 100644
index 0000000..4708329
--- /dev/null
+++ b/SOURCES/cryptsetup-2.5.0-Get-rid-of-SHA1-in-tests.patch
@@ -0,0 +1,441 @@
+diff -rupN cryptsetup-2.4.3.old/tests/api-test.c cryptsetup-2.4.3/tests/api-test.c
+--- cryptsetup-2.4.3.old/tests/api-test.c	2022-02-17 16:37:09.535345938 +0100
++++ cryptsetup-2.4.3/tests/api-test.c	2022-02-17 16:37:29.156459763 +0100
+@@ -312,7 +312,7 @@ static int _setup(void)
+ static void AddDevicePlain(void)
+ {
+ 	struct crypt_params_plain params = {
+-		.hash = "sha1",
++		.hash = "sha256",
+ 		.skip = 0,
+ 		.offset = 0,
+ 		.size = 0
+@@ -322,7 +322,7 @@ static void AddDevicePlain(void)
+ 
+ 	const char *passphrase = PASSPHRASE;
+ 	// hashed hex version of PASSPHRASE
+-	const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
++	const char *mk_hex = "ccadd99b16cd3d200c22d6db45d8b6630ef3d936767127347ec8a76ab992c2ea";
+ 	size_t key_size = strlen(mk_hex) / 2;
+ 	const char *cipher = "aes";
+ 	const char *cipher_mode = "cbc-essiv:sha256";
+@@ -438,7 +438,7 @@ static void AddDevicePlain(void)
+ 	OK_(crypt_deactivate(cd,CDEVICE_1));
+ 
+ 	CRYPT_FREE(cd);
+-	params.hash = "sha1";
++	params.hash = "sha256";
+ 	params.offset = 0;
+ 	params.size = 0;
+ 	params.skip = 0;
+@@ -620,7 +620,7 @@ static void new_log(int level, const cha
+ static void CallbacksTest(void)
+ {
+ 	struct crypt_params_plain params = {
+-		.hash = "sha1",
++		.hash = "sha256",
+ 		.skip = 0,
+ 		.offset = 0,
+ 	};
+@@ -1116,7 +1116,7 @@ static void LuksHeaderRestore(void)
+ 		.data_alignment = 2048, // 4M, data offset will be 4096
+ 	};
+ 	struct crypt_params_plain pl_params = {
+-		.hash = "sha1",
++		.hash = "sha256",
+ 		.skip = 0,
+ 		.offset = 0,
+ 		.size = 0
+@@ -1203,7 +1203,7 @@ static void LuksHeaderLoad(void)
+ 		.data_alignment = 2048,
+ 	};
+ 	struct crypt_params_plain pl_params = {
+-		.hash = "sha1",
++		.hash = "sha256",
+ 		.skip = 0,
+ 		.offset = 0,
+ 		.size = 0
+diff -rupN cryptsetup-2.4.3.old/tests/api-test-2.c cryptsetup-2.4.3/tests/api-test-2.c
+--- cryptsetup-2.4.3.old/tests/api-test-2.c	2022-02-17 16:37:09.535345938 +0100
++++ cryptsetup-2.4.3/tests/api-test-2.c	2022-02-17 16:37:29.155459758 +0100
+@@ -1232,7 +1232,7 @@ static void Luks2HeaderRestore(void)
+ 		.sector_size = 512
+ 	};
+ 	struct crypt_params_plain pl_params = {
+-		.hash = "sha1",
++		.hash = "sha256",
+ 		.skip = 0,
+ 		.offset = 0,
+ 		.size = 0
+@@ -1242,7 +1242,7 @@ static void Luks2HeaderRestore(void)
+ 	};
+ 	uint32_t flags = 0;
+ 
+-	const char *mk_hex = "bb21158c733229347bd4e681891e213d94c685be6a5b84818afe7a78a6de7a1a";
++	const char *mk_hex = "ccadd99b16cd3d200c22d6db45d8b6630ef3d936767127347ec8a76ab992c2ea";
+ 	size_t key_size = strlen(mk_hex) / 2;
+ 	const char *cipher = "aes";
+ 	const char *cipher_mode = "cbc-essiv:sha256";
+@@ -1337,7 +1337,7 @@ static void Luks2HeaderLoad(void)
+ 		.sector_size = 512
+ 	};
+ 	struct crypt_params_plain pl_params = {
+-		.hash = "sha1",
++		.hash = "sha256",
+ 		.skip = 0,
+ 		.offset = 0,
+ 		.size = 0
+@@ -2142,7 +2142,7 @@ static void LuksConvert(void)
+ 		.parallel_threads = 1
+ 	}, pbkdf2 = {
+ 		.type = CRYPT_KDF_PBKDF2,
+-		.hash = "sha1",
++		.hash = "sha256",
+ 		.time_ms = 1
+ 	};
+ 
+@@ -2675,7 +2675,7 @@ static void Pbkdf(void)
+ 		.hash = default_luks1_hash
+ 	};
+ 	struct crypt_params_plain params = {
+-		.hash = "sha1",
++		.hash = "sha256",
+ 		.skip = 0,
+ 		.offset = 0,
+ 		.size = 0
+@@ -2874,11 +2874,11 @@ static void Pbkdf(void)
+ 	pbkdf2.time_ms = 9;
+ 	pbkdf2.hash = NULL;
+ 	FAIL_(crypt_set_pbkdf_type(cd, &pbkdf2), "Hash is mandatory for pbkdf2");
+-	pbkdf2.hash = "sha1";
++	pbkdf2.hash = "sha256";
+ 	OK_(crypt_set_pbkdf_type(cd, &pbkdf2));
+ 
+ 	argon2.time_ms = 9;
+-	argon2.hash = "sha1"; // will be ignored
++	argon2.hash = "sha256"; // will be ignored
+ 	OK_(crypt_set_pbkdf_type(cd, &argon2));
+ 	argon2.hash = NULL;
+ 	OK_(crypt_set_pbkdf_type(cd, &argon2));
+@@ -3839,7 +3839,7 @@ static void Luks2Reencryption(void)
+ 	struct crypt_params_reencrypt retparams = {}, rparams = {
+ 		.direction = CRYPT_REENCRYPT_FORWARD,
+ 		.resilience = "checksum",
+-		.hash = "sha1",
++		.hash = "sha256",
+ 		.luks2 = &params2,
+ 	};
+ 	dev_t devno;
+@@ -3983,7 +3983,7 @@ static void Luks2Reencryption(void)
+ 	rparams.hash = "hamSter";
+ 	FAIL_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams), "Invalid resilience hash.");
+ 
+-	rparams.hash = "sha1";
++	rparams.hash = "sha256";
+ 	OK_(crypt_reencrypt_init_by_passphrase(cd, NULL, PASSPHRASE, strlen(PASSPHRASE), 21, 9, "aes", "xts-plain64", &rparams));
+ 	OK_(crypt_reencrypt_run(cd, NULL, NULL));
+ 
+diff -rupN cryptsetup-2.4.3.old/tests/compat-test cryptsetup-2.4.3/tests/compat-test
+--- cryptsetup-2.4.3.old/tests/compat-test	2022-02-17 16:37:09.541345973 +0100
++++ cryptsetup-2.4.3/tests/compat-test	2022-02-17 16:37:29.157459769 +0100
+@@ -302,8 +302,8 @@ $CRYPTSETUP -q luksUUID $IMG | grep -q $
+ prepare	"[1] open - compat image - acceptance check" new
+ echo $PWD0 | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME || fail
+ check_exists
+-ORG_SHA1=$(sha1sum -b /dev/mapper/$DEV_NAME | cut -f 1 -d' ')
+-[ "$ORG_SHA1" = 676062b66ebf36669dab705442ea0762dfc091b0 ] || fail
++ORG_SHA256=$(sha256sum -b /dev/mapper/$DEV_NAME | cut -f 1 -d' ')
++[ "$ORG_SHA256" = 7428e8f2436882a07eb32765086f5c899474c08b5576f556b573d2aabdf923e8 ] || fail
+ $CRYPTSETUP -q luksClose  $DEV_NAME || fail
+ 
+ # Check it can be opened from header backup as well
+@@ -315,6 +315,7 @@ $CRYPTSETUP -q luksClose  $DEV_NAME || f
+ $CRYPTSETUP luksHeaderRestore -q $IMG --header-backup-file $HEADER_IMG || fail
+ 
+ # Repeat for V1.0 header - not aligned first keyslot
++if [ ! fips_mode ] ; then
+ echo $PWD0 | $CRYPTSETUP luksOpen $IMG10 $DEV_NAME || fail
+ check_exists
+ ORG_SHA1=$(sha1sum -b /dev/mapper/$DEV_NAME | cut -f 1 -d' ')
+@@ -326,6 +327,7 @@ $CRYPTSETUP luksHeaderBackup $IMG10 --he
+ echo $PWD0 | $CRYPTSETUP luksOpen $IMG10 $DEV_NAME --header $HEADER_IMG || fail
+ check_exists
+ $CRYPTSETUP -q luksClose  $DEV_NAME || fail
++fi
+ 
+ prepare "[2] open - compat image - denial check" new
+ echo $PWDW | $CRYPTSETUP luksOpen $LOOPDEV $DEV_NAME 2>/dev/null && fail
+@@ -526,7 +528,7 @@ $CRYPTSETUP luksDump $LOOPDEV | grep -q
+ 
+ prepare "[19] create & status & resize" wipe
+ echo $PWD1 | $CRYPTSETUP create $DEV_NAME $LOOPDEV --hash xxx 2>/dev/null && fail
+-echo $PWD1 | $CRYPTSETUP create $DEV_NAME $LOOPDEV --hash sha1 --cipher aes-cbc-essiv:sha256 --offset 3 --skip 4 --readonly || fail
++echo $PWD1 | $CRYPTSETUP create $DEV_NAME $LOOPDEV --hash sha256 --cipher aes-cbc-essiv:sha256 --offset 3 --skip 4 --readonly || fail
+ $CRYPTSETUP -q status  $DEV_NAME | grep "offset:" | grep -q "3 sectors" || fail
+ $CRYPTSETUP -q status  $DEV_NAME | grep "skipped:" | grep -q "4 sectors" || fail
+ $CRYPTSETUP -q status  $DEV_NAME | grep "mode:" | grep -q "readonly" || fail
+@@ -546,15 +548,15 @@ $CRYPTSETUP -q resize  $DEV_NAME || fail
+ $CRYPTSETUP -q status  $DEV_NAME | grep "size:" | grep -q "32765 sectors" || fail
+ $CRYPTSETUP -q remove  $DEV_NAME || fail
+ $CRYPTSETUP -q status  $DEV_NAME >/dev/null && fail
+-echo $PWD1 | $CRYPTSETUP create $DEV_NAME --hash sha1 $LOOPDEV || fail
++echo $PWD1 | $CRYPTSETUP create $DEV_NAME --hash sha256 $LOOPDEV || fail
+ $CRYPTSETUP -q remove  $DEV_NAME || fail
+-echo $PWD1 | $CRYPTSETUP -q create $DEV_NAME --hash sha1 $LOOPDEV || fail
++echo $PWD1 | $CRYPTSETUP -q create $DEV_NAME --hash sha256 $LOOPDEV || fail
+ $CRYPTSETUP -q remove  $DEV_NAME || fail
+-echo $PWD1 | $CRYPTSETUP -q create $DEV_NAME --hash sha1 --size 100 $LOOPDEV || fail
++echo $PWD1 | $CRYPTSETUP -q create $DEV_NAME --hash sha256 --size 100 $LOOPDEV || fail
+ $CRYPTSETUP -q status  $DEV_NAME | grep "size:" | grep -q "100 sectors" || fail
+ $CRYPTSETUP -q remove  $DEV_NAME || fail
+ # 4k sector resize (if kernel supports it)
+-echo $PWD1 | $CRYPTSETUP -q open --type plain $LOOPDEV $DEV_NAME --sector-size 4096 --size 8  >/dev/null 2>&1
++echo $PWD1 | $CRYPTSETUP -q open --type plain --hash sha256 $LOOPDEV $DEV_NAME --sector-size 4096 --size 8  >/dev/null 2>&1
+ if [ $? -eq 0 ] ; then
+ 	$CRYPTSETUP -q status  $DEV_NAME | grep "size:" | grep -q "8 sectors" || fail
+ 	$CRYPTSETUP -q resize  $DEV_NAME --size 16 || fail
+@@ -567,7 +569,7 @@ if [ $? -eq 0 ] ; then
+ fi
+ # Resize not aligned to logical block size
+ add_scsi_device dev_size_mb=32 sector_size=4096
+-echo $PWD1 | $CRYPTSETUP create $DEV_NAME --hash sha1 $DEV || fail
++echo $PWD1 | $CRYPTSETUP create $DEV_NAME --hash sha256 $DEV || fail
+ OLD_SIZE=$($CRYPTSETUP status $DEV_NAME | grep "^ \+size:" | sed 's/.* \([0-9]\+\) .*/\1/')
+ $CRYPTSETUP resize $DEV_NAME -b 7 2> /dev/null && fail
+ dmsetup info $DEV_NAME | grep -q SUSPENDED && fail
+@@ -575,10 +577,10 @@ NEW_SIZE=$($CRYPTSETUP status $DEV_NAME
+ test $OLD_SIZE -eq $NEW_SIZE || fail
+ $CRYPTSETUP close $DEV_NAME || fail
+ # Add check for unaligned plain crypt activation
+-echo $PWD1 | $CRYPTSETUP create $DEV_NAME --hash sha1 $DEV -b 7 2>/dev/null && fail
++echo $PWD1 | $CRYPTSETUP create $DEV_NAME --hash sha256 $DEV -b 7 2>/dev/null && fail
+ $CRYPTSETUP status $DEV_NAME >/dev/null 2>&1 && fail
+ # verify is ignored on non-tty input
+-echo $PWD1 | $CRYPTSETUP create $DEV_NAME $LOOPDEV --hash sha1 --verify-passphrase 2>/dev/null || fail
++echo $PWD1 | $CRYPTSETUP create $DEV_NAME $LOOPDEV --hash sha256 --verify-passphrase 2>/dev/null || fail
+ $CRYPTSETUP -q remove  $DEV_NAME || fail
+ $CRYPTSETUP create $DEV_NAME $LOOPDEV -d $KEY1 --key-size 255 2>/dev/null && fail
+ $CRYPTSETUP create $DEV_NAME $LOOPDEV -d $KEY1 --key-size -1 2>/dev/null && fail
+@@ -695,15 +697,15 @@ $CRYPTSETUP luksChangeKey $LOOPDEV $FAST
+ dmsetup remove --retry $DEV_NAME2
+ 
+ prepare "[25] Create shared segments" wipe
+-echo $PWD1 | $CRYPTSETUP create $DEV_NAME $LOOPDEV  --hash sha1 --offset   0 --size 256 || fail
+-echo $PWD1 | $CRYPTSETUP create $DEV_NAME2 $LOOPDEV --hash sha1 --offset 512 --size 256 2>/dev/null && fail
+-echo $PWD1 | $CRYPTSETUP create $DEV_NAME2 $LOOPDEV --hash sha1 --offset 512 --size 256 --shared || fail
++echo $PWD1 | $CRYPTSETUP create $DEV_NAME $LOOPDEV  --hash sha256 --offset   0 --size 256 || fail
++echo $PWD1 | $CRYPTSETUP create $DEV_NAME2 $LOOPDEV --hash sha256 --offset 512 --size 256 2>/dev/null && fail
++echo $PWD1 | $CRYPTSETUP create $DEV_NAME2 $LOOPDEV --hash sha256 --offset 512 --size 256 --shared || fail
+ $CRYPTSETUP -q remove  $DEV_NAME2 || fail
+ $CRYPTSETUP -q remove  $DEV_NAME || fail
+ 
+ prepare "[26] Suspend/Resume" wipe
+ # only LUKS is supported
+-echo $PWD1 | $CRYPTSETUP create $DEV_NAME --hash sha1 $LOOPDEV || fail
++echo $PWD1 | $CRYPTSETUP create $DEV_NAME --hash sha256 $LOOPDEV || fail
+ $CRYPTSETUP luksSuspend $DEV_NAME 2>/dev/null && fail
+ $CRYPTSETUP luksResume $DEV_NAME 2>/dev/null && fail
+ $CRYPTSETUP -q remove  $DEV_NAME || fail
+diff -rupN cryptsetup-2.4.3.old/tests/compat-test2 cryptsetup-2.4.3/tests/compat-test2
+--- cryptsetup-2.4.3.old/tests/compat-test2	2022-02-17 16:37:09.541345973 +0100
++++ cryptsetup-2.4.3/tests/compat-test2	2022-02-17 16:37:29.158459775 +0100
+@@ -774,7 +774,7 @@ $CRYPTSETUP luksDump $LOOPDEV | grep -q
+ $CRYPTSETUP luksDump $LOOPDEV | grep -q "5: luks2" || fail
+ $CRYPTSETUP -q convert --type luks1 $LOOPDEV || fail
+ # hash test
+-$CRYPTSETUP -q luksFormat $FAST_PBKDF_OPT --type luks2 --sector-size 512 $LOOPDEV $KEY5 -S 0 --hash sha1 || fail
++$CRYPTSETUP -q luksFormat $FAST_PBKDF_OPT --type luks2 --sector-size 512 $LOOPDEV $KEY5 -S 0 --hash sha512 || fail
+ $CRYPTSETUP luksAddKey $FAST_PBKDF_OPT -S 1 -d $KEY5 $LOOPDEV $KEY1 --hash sha256 || fail
+ $CRYPTSETUP -q convert --type luks1 $LOOPDEV >/dev/null 2>&1 && fail
+ $CRYPTSETUP -q luksKillSlot $LOOPDEV 1 || fail
+diff -rupN cryptsetup-2.4.3.old/tests/discards-test cryptsetup-2.4.3/tests/discards-test
+--- cryptsetup-2.4.3.old/tests/discards-test	2022-02-17 16:37:09.541345973 +0100
++++ cryptsetup-2.4.3/tests/discards-test	2022-02-17 16:37:29.158459775 +0100
+@@ -80,7 +80,7 @@ dmsetup table $DEV_NAME | grep allow_dis
+ $CRYPTSETUP luksClose $DEV_NAME || fail
+ 
+ echo "[2] Allowing discards for plain device"
+-echo $PWD1 | $CRYPTSETUP create -q $DEV_NAME $DEV --hash sha1 --allow-discards || fail
++echo $PWD1 | $CRYPTSETUP create -q $DEV_NAME $DEV --hash sha256 --allow-discards || fail
+ $CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail
+ $CRYPTSETUP resize $DEV_NAME --size 100 || fail
+ $CRYPTSETUP status $DEV_NAME | grep flags | grep discards >/dev/null || fail
+diff -rupN cryptsetup-2.4.3.old/tests/integrity-compat-test cryptsetup-2.4.3/tests/integrity-compat-test
+--- cryptsetup-2.4.3.old/tests/integrity-compat-test	2022-02-17 16:37:09.542345979 +0100
++++ cryptsetup-2.4.3/tests/integrity-compat-test	2022-02-17 16:37:29.159459781 +0100
+@@ -168,7 +168,7 @@ intformat() # alg alg_out tagsize outtag
+ 	echo -n "[FORMAT]"
+ 	$INTSETUP format --integrity-legacy-padding -q --integrity $1 $TAG_PARAMS --sector-size $5 $KEY_PARAMS $DEV >/dev/null 2>&1
+ 	if [ $? -ne 0 ] ; then
+-		if [[ $1 =~ "sha" || $1 =~ "crc" ]] ; then
++		if [[ $1 =~ "sha2" || $1 =~ "crc" ]] ; then
+ 			fail "Cannot format device."
+ 		fi
+ 		echo "[N/A]"
+@@ -214,7 +214,14 @@ int_error_detection() # mode alg tagsize
+ 
+ 	echo -n "[INTEGRITY:$1:$2:$4:$5]"
+ 	echo -n "[FORMAT]"
+-	$INTSETUP format -q --integrity $2 $TAG_PARAMS --sector-size $5 $KEY_PARAMS $DEV $INT_MODE >/dev/null || fail "Cannot format device."
++	$INTSETUP format -q --integrity $2 $TAG_PARAMS --sector-size $5 $KEY_PARAMS $DEV $INT_MODE >/dev/null 2>&1
++	if [ $? -ne 0 ] ; then
++		if [[ $2 =~ "sha2" || $2 =~ "crc" ]] ; then
++			fail "Cannot format device."
++		fi
++		echo "[N/A]"
++		return
++	fi
+ 	echo -n "[ACTIVATE]"
+ 	$INTSETUP open $DEV $DEV_NAME --integrity $2 --integrity-no-journal $KEY_PARAMS $INT_MODE || fail "Cannot activate device."
+ 
+diff -rupN cryptsetup-2.4.3.old/tests/keyring-compat-test cryptsetup-2.4.3/tests/keyring-compat-test
+--- cryptsetup-2.4.3.old/tests/keyring-compat-test	2022-02-17 16:37:09.542345979 +0100
++++ cryptsetup-2.4.3/tests/keyring-compat-test	2022-02-17 16:39:07.132028140 +0100
+@@ -119,7 +119,7 @@ add_device() {
+ which dmsetup >/dev/null 2>&1 || skip "Cannot find dmsetup, test skipped"
+ which keyctl >/dev/null 2>&1 || skip "Cannot find keyctl, test skipped"
+ which xxd >/dev/null 2>&1 || skip "Cannot find xxd, test skipped"
+-which sha1sum > /dev/null 2>&1 || skip "Cannot find sha1sum, test skipped"
++which sha256sum >/dev/null 2>&1 || skip "Cannot find sha256sum, test skipped"
+ modprobe dm-crypt >/dev/null 2>&1 || fail "dm-crypt failed to load"
+ dm_crypt_keyring_support || skip "dm-crypt doesn't support kernel keyring, test skipped."
+ 
+@@ -132,23 +132,23 @@ dd if=/dev/urandom of=$DEV bs=1M count=$
+ #test aes cipher with xts mode, plain IV
+ echo -n "Testing $CIPHER_XTS_PLAIN..."
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_XTS_PLAIN $HEXKEY_32 0 $DEV 0" || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
++sha256sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
+ dmsetup remove --retry $NAME || fail
+ load_key "$HEXKEY_32" logon  $LOGON_KEY_32_OK "$TEST_KEYRING" || fail "Cannot load 32 byte logon key type"
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_XTS_PLAIN :32:logon:$LOGON_KEY_32_OK 0 $DEV 0" || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
++sha256sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
+ dmsetup remove --retry $NAME || fail
+ diff $CHKS_DMCRYPT $CHKS_KEYRING || fail "Plaintext checksums mismatch (corruption)"
+ # same test using message
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_XTS_PLAIN $HEXKEY_32 0 $DEV 0" || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
++sha256sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
+ dmsetup remove --retry $NAME || fail
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_XTS_PLAIN $HEXKEY_32 0 $DEV 0" || fail
+ dmsetup suspend $NAME || fail
+ dmsetup message $NAME 0 key wipe || fail
+ dmsetup message $NAME 0 "key set :32:logon:$LOGON_KEY_32_OK" || fail
+ dmsetup resume $NAME || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
++sha256sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
+ dmsetup remove --retry $NAME || fail
+ diff $CHKS_DMCRYPT $CHKS_KEYRING || fail "Plaintext checksums mismatch (corruption)"
+ echo "OK"
+@@ -156,23 +156,23 @@ echo "OK"
+ #test aes cipher, xts mode, essiv IV
+ echo -n "Testing $CIPHER_CBC_ESSIV..."
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_CBC_ESSIV $HEXKEY_16 0 $DEV 0" || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
++sha256sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
+ dmsetup remove --retry $NAME || fail
+ load_key "$HEXKEY_16" logon  $LOGON_KEY_16_OK "$TEST_KEYRING" || fail "Cannot load 16 byte logon key type"
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_CBC_ESSIV :16:logon:$LOGON_KEY_16_OK 0 $DEV 0" || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
++sha256sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
+ dmsetup remove --retry $NAME || fail
+ diff $CHKS_DMCRYPT $CHKS_KEYRING || fail "Plaintext checksums mismatch (corruption)"
+ # same test using message
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_CBC_ESSIV $HEXKEY_16 0 $DEV 0" || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
++sha256sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
+ dmsetup remove --retry $NAME || fail
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_CBC_ESSIV $HEXKEY_16 0 $DEV 0" || fail
+ dmsetup suspend $NAME || fail
+ dmsetup message $NAME 0 key wipe || fail
+ dmsetup message $NAME 0 "key set :16:logon:$LOGON_KEY_16_OK" || fail
+ dmsetup resume $NAME || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
++sha256sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
+ dmsetup remove --retry $NAME || fail
+ diff $CHKS_DMCRYPT $CHKS_KEYRING || fail "Plaintext checksums mismatch (corruption)"
+ echo "OK"
+@@ -181,23 +181,23 @@ echo "OK"
+ fips_mode || {
+ echo -n "Testing $CIPHER_CBC_TCW..."
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_CBC_TCW $HEXKEY_64 0 $DEV 0" || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
++sha256sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
+ dmsetup remove --retry $NAME || fail
+ load_key "$HEXKEY_64" logon  $LOGON_KEY_64_OK "$TEST_KEYRING" || fail "Cannot load 16 byte logon key type"
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_CBC_TCW :64:logon:$LOGON_KEY_64_OK 0 $DEV 0" || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
++sha256sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
+ dmsetup remove --retry $NAME || fail
+ diff $CHKS_DMCRYPT $CHKS_KEYRING || fail "Plaintext checksum mismatch (corruption)"
+ # same test using message
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_CBC_TCW $HEXKEY_64 0 $DEV 0" || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
++sha256sum /dev/mapper/$NAME > $CHKS_DMCRYPT || fail
+ dmsetup remove --retry $NAME || fail
+ dmsetup create $NAME --table "0 $DEVSECTORS crypt $CIPHER_CBC_TCW $HEXKEY_64 0 $DEV 0" || fail
+ dmsetup suspend $NAME || fail
+ dmsetup message $NAME 0 key wipe || fail
+ dmsetup message $NAME 0 "key set :64:logon:$LOGON_KEY_64_OK" || fail
+ dmsetup resume $NAME || fail
+-sha1sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
++sha256sum /dev/mapper/$NAME > $CHKS_KEYRING || fail
+ dmsetup remove --retry $NAME || fail
+ diff $CHKS_DMCRYPT $CHKS_KEYRING || fail "Plaintext checksums mismatch (corruption)"
+ echo "OK"
+@@ -207,10 +207,10 @@ echo -n "Test LUKS2 key refresh..."
+ echo $PWD | $CRYPTSETUP luksFormat --type luks2 --luks2-metadata-size 16k --luks2-keyslots-size 4064k --pbkdf pbkdf2 --pbkdf-force-iterations 1000 --force-password $DEV || fail
+ echo $PWD | $CRYPTSETUP open $DEV $NAME || fail
+ $CRYPTSETUP status $NAME | grep -q -i "location:.*keyring" || skip "LUKS2 can't use keyring. Test skipped."
+-dd if=/dev/mapper/$NAME bs=1M iflag=direct status=none | sha1sum > $CHKS_KEYRING || fail
++dd if=/dev/mapper/$NAME bs=1M iflag=direct status=none | sha256sum > $CHKS_KEYRING || fail
+ echo $PWD | $CRYPTSETUP refresh $NAME --disable-keyring || fail
+ $CRYPTSETUP status $NAME | grep -q -i "location:.*keyring" && fail "Key is still in keyring"
+-dd if=/dev/mapper/$NAME bs=1M iflag=direct status=none | sha1sum > $CHKS_DMCRYPT || fail
++dd if=/dev/mapper/$NAME bs=1M iflag=direct status=none | sha256sum > $CHKS_DMCRYPT || fail
+ diff $CHKS_DMCRYPT $CHKS_KEYRING || fail "Plaintext checksum mismatch (corruption)"
+ echo "OK"
+ 
+diff -rupN cryptsetup-2.4.3.old/tests/password-hash-test cryptsetup-2.4.3/tests/password-hash-test
+--- cryptsetup-2.4.3.old/tests/password-hash-test	2022-02-17 16:37:09.541345973 +0100
++++ cryptsetup-2.4.3/tests/password-hash-test	2022-02-17 16:37:29.160459787 +0100
+@@ -75,7 +75,7 @@ crypt_key() # hash keysize pwd/file name
+ 	esac
+ 
+ 	# ignore these cases, not all libs/kernel supports it
+-	if [ "$1" != "sha1" -a "$1" != "sha256" ] || [ $2 -gt 256 ] ; then
++	if [ "$1" != "sha256" ] || [ $2 -gt 256 ] ; then
+ 		if [ $ret -ne 0 ] ; then
+ 			echo " [N/A] ($ret, SKIPPED)"
+ 			return
+diff -rupN cryptsetup-2.4.3.old/tests/reencryption-compat-test cryptsetup-2.4.3/tests/reencryption-compat-test
+--- cryptsetup-2.4.3.old/tests/reencryption-compat-test	2022-02-17 16:37:09.541345973 +0100
++++ cryptsetup-2.4.3/tests/reencryption-compat-test	2022-02-17 16:37:29.160459787 +0100
+@@ -338,7 +338,7 @@ simple_scsi_reenc "[4096/512 sector]"
+ echo "[OK]"
+ 
+ echo "[8] Header only reencryption (hash and iteration time)"
+-echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks1 --hash sha1 $FAST_PBKDF $LOOPDEV1 || fail
++echo $PWD1 | $CRYPTSETUP -q luksFormat --type luks1 --hash sha512 $FAST_PBKDF $LOOPDEV1 || fail
+ wipe $PWD1
+ check_hash $PWD1 $HASH1
+ echo $PWD1 | $REENC $LOOPDEV1 -q --keep-key || fail
+diff -rupN cryptsetup-2.4.3.old/tests/verity-compat-test cryptsetup-2.4.3/tests/verity-compat-test
+--- cryptsetup-2.4.3.old/tests/verity-compat-test	2022-02-17 16:37:09.541345973 +0100
++++ cryptsetup-2.4.3/tests/verity-compat-test	2022-02-17 16:37:29.161459793 +0100
+@@ -148,7 +148,13 @@ function check_root_hash() # $1 size, $2
+ 	for fail in data hash; do
+ 	wipe
+ 	echo -n "V$4(sb=$sb root_hash_as_file=$root_hash_as_file) $5 block size $1: "
+-	$VERITYSETUP format $DEV_PARAMS $FORMAT_PARAMS >$DEV_OUT || fail
++	$VERITYSETUP format $DEV_PARAMS $FORMAT_PARAMS >$DEV_OUT
++	if [ $? -ne 0 ] ; then
++		if [[ $1 =~ "sha2" ]] ; then
++			fail "Cannot format device."
++		fi
++		return
++	fi
+ 
+ 	echo -n "[root hash]"
+ 	compare_out "root hash" $2
diff --git a/SOURCES/cryptsetup-add-system-library-paths.patch b/SOURCES/cryptsetup-add-system-library-paths.patch
new file mode 100644
index 0000000..0a5d753
--- /dev/null
+++ b/SOURCES/cryptsetup-add-system-library-paths.patch
@@ -0,0 +1,22 @@
+diff -rupN cryptsetup-2.2.0.old/configure cryptsetup-2.2.0/configure
+--- cryptsetup-2.2.0.old/configure	2019-08-14 20:45:07.000000000 +0200
++++ cryptsetup-2.2.0/configure	2019-08-15 09:11:14.775184005 +0200
+@@ -12294,6 +12294,9 @@ fi
+   # before this can be enabled.
+   hardcode_into_libs=yes
+ 
++  # Add ABI-specific directories to the system library path.
++  sys_lib_dlsearch_path_spec="/lib64 /usr/lib64 /lib /usr/lib"
++
+   # Ideally, we could use ldconfig to report *all* directores which are
+   # searched for libraries, however this is still not possible.  Aside from not
+   # being certain /sbin/ldconfig is available, command
+@@ -12302,7 +12305,7 @@ fi
+   # appending ld.so.conf contents (and includes) to the search path.
+   if test -f /etc/ld.so.conf; then
+     lt_ld_extra=`awk '/^include / { system(sprintf("cd /etc; cat %s 2>/dev/null", \$2)); skip = 1; } { if (!skip) print \$0; skip = 0; }' < /etc/ld.so.conf | $SED -e 's/#.*//;/^[	 ]*hwcap[	 ]/d;s/[:,	]/ /g;s/=[^=]*$//;s/=[^= ]* / /g;s/"//g;/^$/d' | tr '\n' ' '`
+-    sys_lib_dlsearch_path_spec="/lib /usr/lib $lt_ld_extra"
++    sys_lib_dlsearch_path_spec="$sys_lib_dlsearch_path_spec $lt_ld_extra"
+   fi
+ 
+   # We used to test for /lib/ld.so.1 and disable shared libraries on
diff --git a/SPECS/cryptsetup.spec b/SPECS/cryptsetup.spec
new file mode 100644
index 0000000..1277cde
--- /dev/null
+++ b/SPECS/cryptsetup.spec
@@ -0,0 +1,181 @@
+Summary: Utility for setting up encrypted disks
+Name: cryptsetup
+Version: 2.4.3
+Release: 4%{?dist}
+License: GPLv2+ and LGPLv2+
+URL: https://gitlab.com/cryptsetup/cryptsetup
+BuildRequires: openssl-devel, popt-devel, device-mapper-devel
+BuildRequires: libuuid-devel, gcc, json-c-devel
+BuildRequires: libpwquality-devel, libblkid-devel
+BuildRequires: make
+Requires: cryptsetup-libs = %{version}-%{release}
+Requires: libpwquality >= 1.2.0
+
+%global upstream_version %{version}
+Source0: https://www.kernel.org/pub/linux/utils/cryptsetup/v2.4/cryptsetup-%{upstream_version}.tar.xz
+# binary archive with updated compatimage.img.xz for testing (can not be patched via rpmbuild)
+Source1: tests.tar.xz
+
+# Following patch has to applied last
+Patch0000: %{name}-2.5.0-Fix-typo-in-repair-prompt.patch
+Patch0001: %{name}-2.5.0-Fix-PBKDF-benchmark-in-OpenSSL3-FIPS-mode.patch
+Patch0002: %{name}-2.5.0-Get-rid-of-SHA1-in-tests.patch
+Patch0003: %{name}-2.5.0-Do-not-use-too-small-key-in-tests.patch
+Patch0004: %{name}-2.5.0-Fix-test-passphrase-when-device-in-reencryption.patch
+Patch0005: %{name}-2.5.0-Add-more-tests-for-test-passphrase-parameter.patch
+Patch9999: %{name}-add-system-library-paths.patch
+
+%description
+The cryptsetup package contains a utility for setting up
+disk encryption using dm-crypt kernel module.
+
+%package devel
+Requires: %{name}-libs%{?_isa} = %{version}-%{release}
+Requires: pkgconfig
+Summary: Headers and libraries for using encrypted file systems
+
+%description devel
+The cryptsetup-devel package contains libraries and header files
+used for writing code that makes use of disk encryption.
+
+%package libs
+Summary: Cryptsetup shared library
+
+%description libs
+This package contains the cryptsetup shared library, libcryptsetup.
+
+%package -n veritysetup
+Summary: A utility for setting up dm-verity volumes
+Requires: cryptsetup-libs = %{version}-%{release}
+
+%description -n veritysetup
+The veritysetup package contains a utility for setting up
+disk verification using dm-verity kernel module.
+
+%package -n integritysetup
+Summary: A utility for setting up dm-integrity volumes
+Requires: cryptsetup-libs = %{version}-%{release}
+
+%description -n integritysetup
+The integritysetup package contains a utility for setting up
+disk integrity protection using dm-integrity kernel module.
+
+%package reencrypt
+Summary: A utility for offline reencryption of LUKS encrypted disks
+Requires: cryptsetup-libs = %{version}-%{release}
+
+%description reencrypt
+This package contains cryptsetup-reencrypt utility which
+can be used for offline reencryption of disk in situ.
+
+%prep
+%autosetup -n cryptsetup-%{upstream_version} -p 1 -a 1
+chmod -x misc/dracut_90reencrypt/*
+
+%build
+%configure --enable-fips --enable-pwquality --enable-internal-sse-argon2 --disable-ssh-token
+%make_build
+
+%install
+%make_install
+rm -rf %{buildroot}%{_libdir}/*.la
+
+%find_lang cryptsetup
+
+%ldconfig_scriptlets -n cryptsetup-libs
+
+%files
+%license COPYING
+%doc AUTHORS FAQ docs/*ReleaseNotes
+%{_mandir}/man8/cryptsetup.8.gz
+%{_sbindir}/cryptsetup
+
+%files -n veritysetup
+%license COPYING
+%{_mandir}/man8/veritysetup.8.gz
+%{_sbindir}/veritysetup
+
+%files -n integritysetup
+%license COPYING
+%{_mandir}/man8/integritysetup.8.gz
+%{_sbindir}/integritysetup
+
+%files reencrypt
+%license COPYING
+%doc misc/dracut_90reencrypt
+%{_mandir}/man8/cryptsetup-reencrypt.8.gz
+%{_sbindir}/cryptsetup-reencrypt
+
+%files devel
+%doc docs/examples/*
+%{_includedir}/libcryptsetup.h
+%{_libdir}/libcryptsetup.so
+%{_libdir}/pkgconfig/libcryptsetup.pc
+
+%files libs -f cryptsetup.lang
+%license COPYING COPYING.LGPL
+%{_libdir}/libcryptsetup.so.*
+%dir %{_libdir}/%{name}/
+%{_tmpfilesdir}/cryptsetup.conf
+%ghost %attr(700, -, -) %dir /run/cryptsetup
+
+%changelog
+* Thu Feb 24 2022 Ondrej Kozina <okozina@redhat.com> - 2.4.3-4
+- patch: Fix broken upstream test.
+- Resolves: #2056439
+
+* Wed Feb 23 2022 Ondrej Kozina <okozina@redhat.com> - 2.4.3-3
+- patch: Fix cryptsetup --test-passphrase when device in
+  reencryption
+- Resolves: #2056439
+
+* Thu Feb 17 2022 Ondrej Kozina <okozina@redhat.com> - 2.4.3-2
+- Various FIPS related fixes.
+- Resolves: #2051630
+
+* Fri Jan 21 2022 Ondrej Kozina <okozina@redhat.com> - 2.4.3-1
+- Update to cryptsetup 2.4.3.
+- patch: Fix typo in repair command prompt.
+  Resolves: #2022309 #2023316 #2032782
+
+* Wed Sep 29 2021 Ondrej Kozina <okozina@redhat.com> - 2.4.1-1
+- Update to cryptsetup 2.4.1.
+  Resolves: #2005035 #2005877
+
+* Thu Aug 19 2021 Ondrej Kozina <okozina@redhat.com> - 2.4.0-1
+- Update to cryptsetup 2.4.0.
+  Resolves: #1869553 #1972722 #1974271 #1975799
+
+* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.6-3
+- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+  Related: rhbz#1991688
+
+* Thu Jun 17 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.6-2
+- Specbump for openssl 3.0
+  Related: rhbz#1971065
+
+* Wed Jun 16 2021 Ondrej Kozina <okozina@redhat.com> - 2.3.6-1
+- Update to cryptsetup 2.3.6.
+- Resolves: #1961291 #1970932
+
+* Tue Jun 15 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.5-5
+- Rebuilt for RHEL 9 BETA for openssl 3.0
+
+Related: rhbz#1971065
+
+* Tue Apr 27 2021 Ondrej Kozina <okozina@redhat.com> - 2.3.5-4
+- Drop dependency on libargon2
+- Resolves: #1936959
+
+* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 2.3.5-3
+- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+
+* Thu Mar 11 2021 Milan Broz <gmazyland@gmail.com> - 2.3.5-1
+- Update to cryptsetup 2.3.5.
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.3.4-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Thu Sep 03 2020 Milan Broz <gmazyland@gmail.com> - 2.3.4-1
+- Update to cryptsetup 2.3.4.
+- Fix for CVE-2020-14382 (#1874712)