From 3396308b992d15d7a463f2ff50dddf721164ee9c Mon Sep 17 00:00:00 2001
From: Morgan Kleene <mkleene@virtru.com>
Date: Tue, 23 Jun 2026 09:33:25 -0400
Subject: [PATCH 1/7] manage from root pom

---
 pom.xml                       | 61 +++++++++++++++++++++++++++++++++++
 sdk-fips-bouncycastle/pom.xml | 20 ++++++++++++
 sdk/pom.xml                   | 46 --------------------------
 3 files changed, 81 insertions(+), 46 deletions(-)

diff --git a/pom.xml b/pom.xml
index c15307a7..35e843b6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -218,6 +218,67 @@
                     <artifactId>maven-deploy-plugin</artifactId>
                     <version>3.1.2</version>
                 </plugin>
+                <!-- Plugin to create source JAR -->
+                <plugin>
+                    <groupId>org.apache.maven.plugins</groupId>
+                    <artifactId>maven-source-plugin</artifactId>
+                    <version>3.3.1</version>
+                    <executions>
+                        <execution>
+                            <id>attach-sources</id>
+                            <goals>
+                                <goal>jar</goal>
+                            </goals>
+                        </execution>
+                    </executions>
+                </plugin>
+                <!-- Plugin to create Javadoc JAR -->
+                <plugin>
+                    <groupId>org.jetbrains.dokka</groupId>
+                    <artifactId>dokka-maven-plugin</artifactId>
+                    <version>2.0.0</version>
+                    <executions>
+                        <execution>
+                            <id>javadoc</id>
+                            <phase>package</phase>
+                            <goals>
+                                <goal>javadocJar</goal>
+                            </goals>
+                        </execution>
+                    </executions>
+                </plugin>
+                <!-- Plugin to generate checksum files -->
+                <plugin>
+                    <groupId>net.nicoulaj.maven.plugins</groupId>
+                    <artifactId>checksum-maven-plugin</artifactId>
+                    <version>1.11</version>
+                    <executions>
+                        <execution>
+                            <id>create-checksums</id>
+                            <phase>package</phase>
+                            <goals>
+                                <goal>files</goal>
+                            </goals>
+                            <configuration>
+                                <algorithms>
+                                    <algorithm>MD5</algorithm>
+                                    <algorithm>SHA-1</algorithm>
+                                    <algorithm>SHA-256</algorithm>
+                                    <algorithm>SHA-512</algorithm>
+                                </algorithms>
+                                <failOnError>true</failOnError>
+                                <fileSets>
+                                    <fileSet>
+                                        <directory>${project.build.directory}</directory>
+                                        <includes>
+                                            <include>*.jar</include>
+                                        </includes>
+                                    </fileSet>
+                                </fileSets>
+                            </configuration>
+                        </execution>
+                    </executions>
+                </plugin>
             </plugins>
         </pluginManagement>
         <plugins>
diff --git a/sdk-fips-bouncycastle/pom.xml b/sdk-fips-bouncycastle/pom.xml
index 6c1f08b8..b46dbd37 100644
--- a/sdk-fips-bouncycastle/pom.xml
+++ b/sdk-fips-bouncycastle/pom.xml
@@ -38,4 +38,24 @@
             <scope>test</scope>
         </dependency>
     </dependencies>
+    <build>
+        <plugins>
+            <!-- Plugin to create source JAR -->
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-source-plugin</artifactId>
+            </plugin>
+            <!-- Plugin to create Javadoc JAR -->
+            <plugin>
+                <groupId>org.jetbrains.dokka</groupId>
+                <artifactId>dokka-maven-plugin</artifactId>
+            </plugin>
+            <!-- Plugin to generate checksum files -->
+            <plugin>
+                <groupId>net.nicoulaj.maven.plugins</groupId>
+                <artifactId>checksum-maven-plugin</artifactId>
+            </plugin>
+
+        </plugins>
+    </build>
 </project>
diff --git a/sdk/pom.xml b/sdk/pom.xml
index 1ef48063..f834c029 100644
--- a/sdk/pom.xml
+++ b/sdk/pom.xml
@@ -286,15 +286,6 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-source-plugin</artifactId>
-                <version>3.3.1</version>
-                <executions>
-                    <execution>
-                        <id>attach-sources</id>
-                        <goals>
-                            <goal>jar</goal>
-                        </goals>
-                    </execution>
-                </executions>
             </plugin>
             <!-- Test-jar for shared test fixtures (FakeServicesBuilder, etc.)
                  consumed by sibling modules like sdk-pqc-bc. -->
@@ -314,48 +305,11 @@
             <plugin>
                 <groupId>org.jetbrains.dokka</groupId>
                 <artifactId>dokka-maven-plugin</artifactId>
-                <version>2.0.0</version>
-                <executions>
-                    <execution>
-                        <id>javadoc</id>
-                        <phase>package</phase>
-                        <goals>
-                            <goal>javadocJar</goal>
-                        </goals>
-                    </execution>
-                </executions>
             </plugin>
             <!-- Plugin to generate checksum files -->
             <plugin>
                 <groupId>net.nicoulaj.maven.plugins</groupId>
                 <artifactId>checksum-maven-plugin</artifactId>
-                <version>1.11</version>
-                <executions>
-                    <execution>
-                        <id>create-checksums</id>
-                        <phase>package</phase>
-                        <goals>
-                            <goal>files</goal>
-                        </goals>
-                        <configuration>
-                            <algorithms>
-                                <algorithm>MD5</algorithm>
-                                <algorithm>SHA-1</algorithm>
-                                <algorithm>SHA-256</algorithm>
-                                <algorithm>SHA-512</algorithm>
-                            </algorithms>
-                            <failOnError>true</failOnError>
-                            <fileSets>
-                                <fileSet>
-                                    <directory>${project.build.directory}</directory>
-                                    <includes>
-                                        <include>*.jar</include>
-                                    </includes>
-                                </fileSet>
-                            </fileSets>
-                        </configuration>
-                    </execution>
-                </executions>
             </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>

From 362b9e9eb738ef80f5a435c49138cf74854346b8 Mon Sep 17 00:00:00 2001
From: Morgan Kleene <mkleene@virtru.com>
Date: Tue, 23 Jun 2026 09:52:26 -0400
Subject: [PATCH 2/7] add sdk-pqc-bc to list of modules we publish

---
 pom.xml                       |  1 +
 sdk-fips-bouncycastle/pom.xml |  1 -
 sdk-pqc-bc/pom.xml            | 19 +++++++++++++++++++
 3 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 35e843b6..1ebdfbf1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -406,6 +406,7 @@
             <id>release</id>
             <modules>
                 <module>sdk</module>
+                <module>sdk-pqc-bc</module>
                 <module>sdk-fips-bouncycastle</module>
             </modules>
             <activation>
diff --git a/sdk-fips-bouncycastle/pom.xml b/sdk-fips-bouncycastle/pom.xml
index b46dbd37..3527c7b4 100644
--- a/sdk-fips-bouncycastle/pom.xml
+++ b/sdk-fips-bouncycastle/pom.xml
@@ -55,7 +55,6 @@
                 <groupId>net.nicoulaj.maven.plugins</groupId>
                 <artifactId>checksum-maven-plugin</artifactId>
             </plugin>
-
         </plugins>
     </build>
 </project>
diff --git a/sdk-pqc-bc/pom.xml b/sdk-pqc-bc/pom.xml
index cfbb4130..c647bc55 100644
--- a/sdk-pqc-bc/pom.xml
+++ b/sdk-pqc-bc/pom.xml
@@ -79,4 +79,23 @@
             <scope>test</scope>
         </dependency>
     </dependencies>
+    <build>
+        <plugins>
+            <!-- Plugin to create source JAR -->
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-source-plugin</artifactId>
+            </plugin>
+            <!-- Plugin to create Javadoc JAR -->
+            <plugin>
+                <groupId>org.jetbrains.dokka</groupId>
+                <artifactId>dokka-maven-plugin</artifactId>
+            </plugin>
+            <!-- Plugin to generate checksum files -->
+            <plugin>
+                <groupId>net.nicoulaj.maven.plugins</groupId>
+                <artifactId>checksum-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
 </project>

From 8083768e0b1cf5a2083c785cc42485dd2c4782b4 Mon Sep 17 00:00:00 2001
From: Morgan Kleene <mkleene@virtru.com>
Date: Tue, 23 Jun 2026 11:10:07 -0400
Subject: [PATCH 3/7] rename module

---
 pom.xml                                                       | 4 ++--
 {sdk-fips-bouncycastle => sdk-fips-bc}/pom.xml                | 2 +-
 .../sdk/fips/bouncycastle/BouncyCastleFipsHkdfProvider.java   | 0
 .../META-INF/services/io.opentdf.platform.sdk.HkdfProvider    | 0
 .../fips/bouncycastle/BouncyCastleFipsHkdfProviderTest.java   | 0
 5 files changed, 3 insertions(+), 3 deletions(-)
 rename {sdk-fips-bouncycastle => sdk-fips-bc}/pom.xml (97%)
 rename {sdk-fips-bouncycastle => sdk-fips-bc}/src/main/java/io/opentdf/platform/sdk/fips/bouncycastle/BouncyCastleFipsHkdfProvider.java (100%)
 rename {sdk-fips-bouncycastle => sdk-fips-bc}/src/main/resources/META-INF/services/io.opentdf.platform.sdk.HkdfProvider (100%)
 rename {sdk-fips-bouncycastle => sdk-fips-bc}/src/test/java/io/opentdf/platform/sdk/fips/bouncycastle/BouncyCastleFipsHkdfProviderTest.java (100%)

diff --git a/pom.xml b/pom.xml
index 1ebdfbf1..00e1c3d8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -348,7 +348,7 @@
             <id>develop</id>
             <modules>
                 <module>sdk</module>
-                <module>sdk-fips-bouncycastle</module>
+                <module>sdk-fips-bc</module>
                 <module>cmdline</module>
                 <module>examples</module>
             </modules>
@@ -407,7 +407,7 @@
             <modules>
                 <module>sdk</module>
                 <module>sdk-pqc-bc</module>
-                <module>sdk-fips-bouncycastle</module>
+                <module>sdk-fips-bc</module>
             </modules>
             <activation>
                 <activeByDefault>false</activeByDefault>
diff --git a/sdk-fips-bouncycastle/pom.xml b/sdk-fips-bc/pom.xml
similarity index 97%
rename from sdk-fips-bouncycastle/pom.xml
rename to sdk-fips-bc/pom.xml
index 3527c7b4..36ed4ded 100644
--- a/sdk-fips-bouncycastle/pom.xml
+++ b/sdk-fips-bc/pom.xml
@@ -6,7 +6,7 @@
         <artifactId>sdk-pom</artifactId>
         <version>0.17.0</version>
     </parent>
-    <artifactId>sdk-fips-bouncycastle</artifactId>
+    <artifactId>sdk-fips-bc</artifactId>
     <name>io.opentdf.platform:sdk-fips-bouncycastle</name>
     <description>BouncyCastle FIPS-backed HkdfProvider SPI implementation (FIPS 140-approved HKDF via bc-fips).</description>
     <packaging>jar</packaging>
diff --git a/sdk-fips-bouncycastle/src/main/java/io/opentdf/platform/sdk/fips/bouncycastle/BouncyCastleFipsHkdfProvider.java b/sdk-fips-bc/src/main/java/io/opentdf/platform/sdk/fips/bouncycastle/BouncyCastleFipsHkdfProvider.java
similarity index 100%
rename from sdk-fips-bouncycastle/src/main/java/io/opentdf/platform/sdk/fips/bouncycastle/BouncyCastleFipsHkdfProvider.java
rename to sdk-fips-bc/src/main/java/io/opentdf/platform/sdk/fips/bouncycastle/BouncyCastleFipsHkdfProvider.java
diff --git a/sdk-fips-bouncycastle/src/main/resources/META-INF/services/io.opentdf.platform.sdk.HkdfProvider b/sdk-fips-bc/src/main/resources/META-INF/services/io.opentdf.platform.sdk.HkdfProvider
similarity index 100%
rename from sdk-fips-bouncycastle/src/main/resources/META-INF/services/io.opentdf.platform.sdk.HkdfProvider
rename to sdk-fips-bc/src/main/resources/META-INF/services/io.opentdf.platform.sdk.HkdfProvider
diff --git a/sdk-fips-bouncycastle/src/test/java/io/opentdf/platform/sdk/fips/bouncycastle/BouncyCastleFipsHkdfProviderTest.java b/sdk-fips-bc/src/test/java/io/opentdf/platform/sdk/fips/bouncycastle/BouncyCastleFipsHkdfProviderTest.java
similarity index 100%
rename from sdk-fips-bouncycastle/src/test/java/io/opentdf/platform/sdk/fips/bouncycastle/BouncyCastleFipsHkdfProviderTest.java
rename to sdk-fips-bc/src/test/java/io/opentdf/platform/sdk/fips/bouncycastle/BouncyCastleFipsHkdfProviderTest.java

From f0a857054c82802831b2cb1bd1dfa89e528846c3 Mon Sep 17 00:00:00 2001
From: Morgan Kleene <mkleene@virtru.com>
Date: Tue, 23 Jun 2026 11:28:02 -0400
Subject: [PATCH 4/7] missed some

---
 .github/workflows/checks.yaml                                 | 4 ++--
 cmdline/pom.xml                                               | 2 +-
 sdk-fips-bc/pom.xml                                           | 2 +-
 sdk/pom.xml                                                   | 2 +-
 sdk/src/main/java/io/opentdf/platform/sdk/ECKeyPair.java      | 4 ++--
 sdk/src/main/java/io/opentdf/platform/sdk/HkdfProvider.java   | 2 +-
 sdk/src/test/java/io/opentdf/platform/sdk/ECKeyPairTest.java  | 2 +-
 .../io/opentdf/platform/sdk/FipsProviderVerificationTest.java | 2 +-
 8 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/checks.yaml b/.github/workflows/checks.yaml
index 36acfebd..7da2ff4b 100644
--- a/.github/workflows/checks.yaml
+++ b/.github/workflows/checks.yaml
@@ -93,8 +93,8 @@ jobs:
         run: mvn clean --batch-mode clean generate-sources
       - name: Tests and enforcer (fips)
         run: |
-          # install the sdk-fips-bouncycastle jar so that FIPS mode tests work
-          mvn --batch-mode install -pl sdk-fips-bouncycastle -am \
+          # install the sdk-fips-bc jar so that FIPS mode tests work
+          mvn --batch-mode install -pl sdk-fips-bc -am \
             -Dmaven.antrun.skip \
             -Dmaven.test.skip
           mvn --batch-mode test enforcer:enforce -P 'fips,!non-fips' \
diff --git a/cmdline/pom.xml b/cmdline/pom.xml
index 28a20b80..5f03ab27 100644
--- a/cmdline/pom.xml
+++ b/cmdline/pom.xml
@@ -88,7 +88,7 @@
             <dependencies>
                 <dependency>
                     <groupId>io.opentdf.platform</groupId>
-                    <artifactId>sdk-fips-bouncycastle</artifactId>
+                    <artifactId>sdk-fips-bc</artifactId>
                     <version>${project.version}</version>
                 </dependency>
             </dependencies>
diff --git a/sdk-fips-bc/pom.xml b/sdk-fips-bc/pom.xml
index 36ed4ded..f379bf73 100644
--- a/sdk-fips-bc/pom.xml
+++ b/sdk-fips-bc/pom.xml
@@ -7,7 +7,7 @@
         <version>0.17.0</version>
     </parent>
     <artifactId>sdk-fips-bc</artifactId>
-    <name>io.opentdf.platform:sdk-fips-bouncycastle</name>
+    <name>io.opentdf.platform:sdk-fips-bc</name>
     <description>BouncyCastle FIPS-backed HkdfProvider SPI implementation (FIPS 140-approved HKDF via bc-fips).</description>
     <packaging>jar</packaging>
     <properties>
diff --git a/sdk/pom.xml b/sdk/pom.xml
index f834c029..f8c536a7 100644
--- a/sdk/pom.xml
+++ b/sdk/pom.xml
@@ -479,7 +479,7 @@
                             <additionalClasspathDependencies>
                                 <dependency>
                                     <groupId>io.opentdf.platform</groupId>
-                                    <artifactId>sdk-fips-bouncycastle</artifactId>
+                                    <artifactId>sdk-fips-bc</artifactId>
                                     <version>${project.version}</version>
                                 </dependency>
                             </additionalClasspathDependencies>
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/ECKeyPair.java b/sdk/src/main/java/io/opentdf/platform/sdk/ECKeyPair.java
index ef906d06..bdf5674f 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/ECKeyPair.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/ECKeyPair.java
@@ -112,7 +112,7 @@ public static byte[] computeECDHKey(ECPublicKey publicKey, ECPrivateKey privateK
      * that is 32 bytes (256 bits) long.
      *
      * Delegates to a registered {@link HkdfProvider} when one is available on the
-     * classpath (e.g. {@code sdk-fips-bouncycastle}); otherwise falls back to the
+     * classpath (e.g. {@code sdk-fips-bc}); otherwise falls back to the
      * JDK-native HmacSHA256 implementation.
      */
     public static byte[] calculateHKDF(byte[] salt, byte[] secret) {
@@ -141,7 +141,7 @@ public static byte[] calculateHKDF(byte[] salt, byte[] secret) {
         } catch (Exception e) {
             String className = e.getClass().getName();
             if (className.contains("bouncycastle") && className.endsWith("IllegalKeyException")) {
-                throw new SDKException("if running bouncycastle FIPS in approved_only mode include the sdk-fips-bouncycastle jar to use HKDF", e);
+                throw new SDKException("if running bouncycastle FIPS in approved_only mode include the sdk-fips-bc jar to use HKDF", e);
             }
             throw new SDKException("error computing HKDF", e);
         }
diff --git a/sdk/src/main/java/io/opentdf/platform/sdk/HkdfProvider.java b/sdk/src/main/java/io/opentdf/platform/sdk/HkdfProvider.java
index 57581619..bee23dae 100644
--- a/sdk/src/main/java/io/opentdf/platform/sdk/HkdfProvider.java
+++ b/sdk/src/main/java/io/opentdf/platform/sdk/HkdfProvider.java
@@ -6,7 +6,7 @@
  * When no implementation is on the classpath, {@link ECKeyPair#calculateHKDF} falls
  * back to the JDK-native HmacSHA256 implementation.
  *
- * The FIPS-approved implementation is {@code io.opentdf.platform:sdk-fips-bouncycastle},
+ * The FIPS-approved implementation is {@code io.opentdf.platform:sdk-fips-bc},
  * which uses the BouncyCastle FIPS KDF API directly.
  */
 public interface HkdfProvider {
diff --git a/sdk/src/test/java/io/opentdf/platform/sdk/ECKeyPairTest.java b/sdk/src/test/java/io/opentdf/platform/sdk/ECKeyPairTest.java
index 537e2f8f..13d83bd2 100644
--- a/sdk/src/test/java/io/opentdf/platform/sdk/ECKeyPairTest.java
+++ b/sdk/src/test/java/io/opentdf/platform/sdk/ECKeyPairTest.java
@@ -183,6 +183,6 @@ void testECDSA() {
     @EnabledIfSystemProperty(named = "org.bouncycastle.fips.approved_only", matches = "true")
     void testInformativeException() {
         var thrown = assertThrows(SDKException.class, () -> ECKeyPair.calculateHKDF(new byte[]{0}, new byte[]{1,2,3}));
-        assertThat(thrown).hasMessage("if running bouncycastle FIPS in approved_only mode include the sdk-fips-bouncycastle jar to use HKDF");
+        assertThat(thrown).hasMessage("if running bouncycastle FIPS in approved_only mode include the sdk-fips-bc jar to use HKDF");
     }
 }
diff --git a/sdk/src/test/java/io/opentdf/platform/sdk/FipsProviderVerificationTest.java b/sdk/src/test/java/io/opentdf/platform/sdk/FipsProviderVerificationTest.java
index c86a6082..13aa76d4 100644
--- a/sdk/src/test/java/io/opentdf/platform/sdk/FipsProviderVerificationTest.java
+++ b/sdk/src/test/java/io/opentdf/platform/sdk/FipsProviderVerificationTest.java
@@ -52,7 +52,7 @@ void keyManagerFactoryAlgorithmIsPkix() {
     @Test
     void providerResolves() {
         assertThat(HkdfResolver.get())
-                .as("the sdk-fips-bouncycastle library must be on the path so that the Hkdf provider resolves. this is configured in the surefire plugin and the sdk-fips-bouncycastle project must be packaged")
+                .as("the sdk-fips-bc library must be on the path so that the Hkdf provider resolves. this is configured in the surefire plugin and the sdk-fips-bc project must be packaged")
                 .isNotNull();
     }
 }

From 8427a637ec2dad4106ccb847c0a962effe49cbd4 Mon Sep 17 00:00:00 2001
From: Morgan Kleene <mkleene@virtru.com>
Date: Tue, 23 Jun 2026 12:24:48 -0400
Subject: [PATCH 5/7] use the right scope

---
 cmdline/pom.xml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/cmdline/pom.xml b/cmdline/pom.xml
index 5f03ab27..0047db9e 100644
--- a/cmdline/pom.xml
+++ b/cmdline/pom.xml
@@ -90,6 +90,7 @@
                     <groupId>io.opentdf.platform</groupId>
                     <artifactId>sdk-fips-bc</artifactId>
                     <version>${project.version}</version>
+                    <scope>runtime</scope>
                 </dependency>
             </dependencies>
         </profile>

From 585cb16895b73cd246579a7e9612353fb8022447 Mon Sep 17 00:00:00 2001
From: Morgan Kleene <mkleene@virtru.com>
Date: Tue, 23 Jun 2026 12:27:12 -0400
Subject: [PATCH 6/7] be consistent in what we include

---
 pom.xml | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 00e1c3d8..f793b16a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -348,7 +348,6 @@
             <id>develop</id>
             <modules>
                 <module>sdk</module>
-                <module>sdk-fips-bc</module>
                 <module>cmdline</module>
                 <module>examples</module>
             </modules>
@@ -370,6 +369,16 @@
                 <module>sdk-pqc-bc</module>
             </modules>
         </profile>
+        <profile>
+            <!-- only include the FIPS implementations of things if using the FIPS profile -->
+            <id>fips</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <modules>
+                <module>sdk-fips-bc</module>
+            </modules>
+        </profile>
         <profile>
             <id>stage</id>
             <modules>

From c1930a0d1f4ec06954207bb5fcc984e0b116ad16 Mon Sep 17 00:00:00 2001
From: Morgan Kleene <mkleene@virtru.com>
Date: Tue, 23 Jun 2026 12:39:25 -0400
Subject: [PATCH 7/7] always include them

---
 pom.xml | 26 ++------------------------
 1 file changed, 2 insertions(+), 24 deletions(-)

diff --git a/pom.xml b/pom.xml
index f793b16a..21e750c5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -349,35 +349,13 @@
             <modules>
                 <module>sdk</module>
                 <module>cmdline</module>
-                <module>examples</module>
-            </modules>
-            <activation>
-                <activeByDefault>true</activeByDefault>
-            </activation>
-        </profile>
-        <profile>
-            <!-- sdk-pqc-bc is gated behind the non-fips profile because its
-                 BC compile dependency (bcprov-jdk18on) collides with bc-fips
-                 on the same package namespace. A FIPS build (mvn -P fips,!non-fips)
-                 must omit sdk-pqc-bc from the reactor entirely; consumers who
-                 want hybrid PQC opt in via the non-fips profile. -->
-            <id>non-fips</id>
-            <activation>
-                <activeByDefault>true</activeByDefault>
-            </activation>
-            <modules>
                 <module>sdk-pqc-bc</module>
+                <module>sdk-fips-bc</module>
+                <module>examples</module>
             </modules>
-        </profile>
-        <profile>
-            <!-- only include the FIPS implementations of things if using the FIPS profile -->
-            <id>fips</id>
             <activation>
                 <activeByDefault>true</activeByDefault>
             </activation>
-            <modules>
-                <module>sdk-fips-bc</module>
-            </modules>
         </profile>
         <profile>
             <id>stage</id>