From: slontis <shane.lontis@oracle.com>
Date: Fri, 19 Jul 2024 02:11:05 +0000 (+1000)
Subject: Remove check for RSA encryption allowing X9.31 padding.
X-Git-Tag: openssl-3.4.0-alpha1~308
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=53b0527dd7f15350ed80fdcffa15e34e1ef0b9eb;p=thirdparty%2Fopenssl.git

Remove check for RSA encryption allowing X9.31 padding.

X9.31 is a Signature Standard, and should not apply to encryption.

rsa_ossl_public_encrypt() does not allow this padding mode.
The openssl rsautil command line tool already failed if the
-x931 option was used with -encrypt

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Tom Cosgrove <tom.cosgrove@arm.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24938)
---

diff --git a/providers/implementations/asymciphers/rsa_enc.c b/providers/implementations/asymciphers/rsa_enc.c
index f88cc96a75f..8181b4fbc44 100644
--- a/providers/implementations/asymciphers/rsa_enc.c
+++ b/providers/implementations/asymciphers/rsa_enc.c
@@ -51,7 +51,6 @@ static OSSL_ITEM padding_item[] = {
     { RSA_NO_PADDING,           OSSL_PKEY_RSA_PAD_MODE_NONE },
     { RSA_PKCS1_OAEP_PADDING,   OSSL_PKEY_RSA_PAD_MODE_OAEP }, /* Correct spelling first */
     { RSA_PKCS1_OAEP_PADDING,   "oeap"   },
-    { RSA_X931_PADDING,         OSSL_PKEY_RSA_PAD_MODE_X931 },
     { 0,                        NULL     }
 };