diff --git a/0060-FIPS-KAT-signature-tests.patch b/0060-FIPS-KAT-signature-tests.patch
index 47313dd..184b150 100644
--- a/0060-FIPS-KAT-signature-tests.patch
+++ b/0060-FIPS-KAT-signature-tests.patch
@@ -382,3 +382,39 @@ diff -up openssl-3.0.1/providers/fips/self_test_data.inc.kat openssl-3.0.1/provi
      },
  # ifndef OPENSSL_NO_EC2M
      {
+diff -up openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c.fipskat openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c
+--- openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c.fipskat	2022-05-30 14:48:53.180999124 +0200
++++ openssl-3.0.1/crypto/ec/ecp_s390x_nistp.c	2022-05-30 14:58:52.841286228 +0200
+@@ -44,6 +44,10 @@
+ #define S390X_OFF_RN(n)                 (4 * n)
+ #define S390X_OFF_Y(n)                  (4 * n)
+ 
++#ifdef FIPS_MODULE
++extern int REDHAT_FIPS_signature_st;
++#endif
++
+ static int ec_GFp_s390x_nistp_mul(const EC_GROUP *group, EC_POINT *r,
+                                   const BIGNUM *scalar,
+                                   size_t num, const EC_POINT *points[],
+@@ -183,11 +187,21 @@ static ECDSA_SIG *ecdsa_s390x_nistp_sign
+          * because kdsa instruction constructs an in-range, invertible nonce
+          * internally implementing counter-measures for RNG weakness.
+          */
++#ifdef FIPS_MODULE
++       if (REDHAT_FIPS_signature_st && eckey->sign_kat_k != NULL) {
++           BN_bn2binpad(eckey->sign_kat_k, param + S390X_OFF_RN(len), len);
++           /* Turns KDSA internal nonce-generation off. */
++           fc |= S390X_KDSA_D;
++       } else {
++#endif
+          if (RAND_priv_bytes_ex(eckey->libctx, param + S390X_OFF_RN(len),
+                                 (size_t)len, 0) != 1) {
+              ERR_raise(ERR_LIB_EC, EC_R_RANDOM_NUMBER_GENERATION_FAILED);
+              goto ret;
+          }
++#ifdef FIPS_MODULE
++        }
++#endif
+     } else {
+         /* Reconstruct k = (k^-1)^-1. */
+         if (ossl_ec_group_do_inverse_ord(group, k, kinv, NULL) == 0
diff --git a/openssl.spec b/openssl.spec
index cd48db8..76c96bb 100644
--- a/openssl.spec
+++ b/openssl.spec
@@ -466,6 +466,8 @@ install -m644 %{SOURCE9} \
 - Resolves: rhbz#2090362
 - Revert "Disable EVP_PKEY_sign/EVP_PKEY_verify in FIPS mode"
   Related: rhbz#2087147
+- Use KAT for ECDSA signature tests, s390 arch
+- Resolves: rhbz#2069235
 
 * Thu May 19 2022 Dmitry Belyavskiy <dbelyavs@redhat.com> - 1:3.0.1-32
 - `openssl ecparam -list_curves` lists only FIPS-approved curves in FIPS mode