Use the freshly-built binaries to recompute the checksums in the
post-install hook. This allows us to drop the build-time dependencies
on hmaccalc (i.e. itself) and fipscheck.
This patch also fixes the computation of self-check .hmac files.
Before, fipshmac was used for all binaries but since the hmaccalc tools
use different parameters (SHA-512 instead of SHA-256 and a different
key, this would lead to self-check failures for hmaccalc. The new
post-install script calculates the hmaccalc files using sha512hmac and
other .hmac files using fipshmac.
The parameters for the self-check of the library were also consolidated
upstream to use a single parameter set across tools (the fipscheck
parameters) so that the library is checked correctly by all tools.
I also dropped the kcapi-hasher binary and the hasher subpackage as it
is really useless on its own (and the other hasher tools are always
created as hard links). It would also be impossible to add a universally
correct .hmac file since different tools would check against it with
different parameters.
Let the build fail, if the minimum kernel version cannot be met
Conditionalize the sysctl.d tweak on version of the kernel
Conditionalize the name of README.distro on the distro
