Revert "Do not allow PKCS #1.5 padding for encryption in FIPS"

This reverts commit c7709f7b23848abf4ba65cb99cb2a9e9c7ebdefc. The pubkey encryption has already separate explicit FIPS service indicator.
author: Jakub Jelen <jjelen@redhat.com> 2022-10-05 17:34:18 +0200
committer: NIIBE Yutaka <gniibe@fsij.org> 2022-10-19 10:36:52 +0900
commit: e83280b36be3be3775427c5842f4274d01992763 (patch)
tree: 4ba42ea63c30799cbc1e8de9eff6fd9a6ca09669 /cipher/pubkey-util.c
parent: 9d56af04dce0795d30374fd575a8500fcf0ae158 (diff)
download: libgcrypt-e83280b36be3be3775427c5842f4274d01992763.tar.gz
1 files changed, 1 insertions, 4 deletions
diff --git a/cipher/pubkey-util.c b/cipher/pubkey-util.c
index 4953caf3..68defea6 100644
--- a/cipher/pubkey-util.c
+++ b/cipher/pubkey-util.c
@@ -957,10 +957,7 @@ _gcry_pk_util_data_to_mpi (gcry_sexp_t input, gcry_mpi_t *ret_mpi,
       void *random_override = NULL;
       size_t random_override_len = 0;
 
-      /* The RSA PKCS#1.5 encryption is no longer supported by FIPS */
-      if (fips_mode ())
-        rc = GPG_ERR_INV_FLAG;
-      else if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen )
+      if ( !(value=sexp_nth_data (lvalue, 1, &valuelen)) || !valuelen )
         rc = GPG_ERR_INV_OBJ;
       else
         {
author	Jakub Jelen <jjelen@redhat.com>	2022-10-05 17:34:18 +0200
committer	NIIBE Yutaka <gniibe@fsij.org>	2022-10-19 10:36:52 +0900
commit	e83280b36be3be3775427c5842f4274d01992763 (patch)
tree	4ba42ea63c30799cbc1e8de9eff6fd9a6ca09669 /cipher/pubkey-util.c
parent	9d56af04dce0795d30374fd575a8500fcf0ae158 (diff)
download	libgcrypt-e83280b36be3be3775427c5842f4274d01992763.tar.gz