CR fixes, removed seed from KAT files, removed FIPS ind for derand me…

…thods

crypto/evp_extra/evp_extra_test.cc

@@ -2651,11 +2651,10 @@ TEST_P(PerKEMTest, KAT) {
 
   FileTestGTest(kat_filepath.c_str(), [&](FileTest *t) {
     std::string count;
-    std::vector<uint8_t> seed, keypair_coins, encap_coins, pk_expected,
+    std::vector<uint8_t> keypair_coins, encap_coins, pk_expected,
         sk_expected, ct_expected, ss_expected;
 
     ASSERT_TRUE(t->GetAttribute(&count, "count"));
-    ASSERT_TRUE(t->GetBytes(&seed, "seed"));
     ASSERT_TRUE(t->GetBytes(&keypair_coins, "keypair_coins"));
     ASSERT_TRUE(t->GetBytes(&pk_expected, "pk"));
     ASSERT_TRUE(t->GetBytes(&sk_expected, "sk"));

crypto/evp_extra/p_kem.c

@@ -104,7 +104,9 @@ static int pkey_kem_encapsulate_deterministic(EVP_PKEY_CTX *ctx,
                                               size_t  *shared_secret_len,
                                               const uint8_t *seed,
                                               size_t *seed_len) {
+  GUARD_PTR(ctx);
   KEM_PKEY_CTX *dctx = ctx->data;
+  GUARD_PTR(dctx);
   const KEM *kem = dctx->kem;
   if (kem == NULL) {
     if (ctx->pkey == NULL) {

crypto/fipsmodule/evp/evp_ctx.c

@@ -443,9 +443,6 @@ int EVP_PKEY_keygen_deterministic(EVP_PKEY_CTX *ctx,
                                   EVP_PKEY **out_pkey,
                                   const uint8_t *seed,
                                   size_t *seed_len) {
-  // We have to avoid potential underlying services updating the indicator state,
-  // so we lock the state here.
-  FIPS_service_indicator_lock_state();
   int ret = 0;
   if (!ctx || !ctx->pmeth || !ctx->pmeth->keygen_deterministic) {
     OPENSSL_PUT_ERROR(EVP, EVP_R_OPERATION_NOT_SUPPORTED_FOR_THIS_KEYTYPE);
@@ -476,10 +473,6 @@ int EVP_PKEY_keygen_deterministic(EVP_PKEY_CTX *ctx,
 
   ret = 1;
 end:
-  FIPS_service_indicator_unlock_state();
-  if(ret) {
-    EVP_PKEY_keygen_verify_service_indicator(*out_pkey);
-  }
   return ret;
 }