From c5ab1dcd543f0e7861f230cd90421bf31a911773 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Tue, 14 Jul 2020 12:25:50 +0200
Subject: [PATCH] gpgsm: Make rsaPSS a compliant scheme in de-vs mode.

--

GnuPG-bug-id: 4538
Signed-off-by: Werner Koch <wk@gnupg.org>
Backported-from-master: 5fe3cdfc7646c2c88beb168ba34fc64f9dd2c156
---
 common/compliance.c | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/common/compliance.c b/common/compliance.c
index 7dbbbd399..e533dd4ba 100644
--- a/common/compliance.c
+++ b/common/compliance.c
@@ -149,10 +149,9 @@ gnupg_pk_is_compliant (enum gnupg_compliance_mode compliance, int algo,
           result = (keylength == 2048
                     || keylength == 3072
                     || keylength == 4096);
-          /* rsaPSS was not part of the evaluation and thus we don't
-           * claim compliance.  */
-          if ((algo_flags & PK_ALGO_FLAG_RSAPSS))
-            result = 0;
+          /* Although rsaPSS was not part of the original evaluation
+           * we got word that we can claim compliance.  */
+          (void)algo_flags;
           break;
 
 	case is_dsa:
@@ -234,10 +233,7 @@ gnupg_pk_is_allowed (enum gnupg_compliance_mode compliance,
 	    default:
 	      log_assert (!"reached");
 	    }
-          /* rsaPSS was not part of the evaluation and thus we don't
-           * claim compliance.  */
-          if ((algo_flags & PK_ALGO_FLAG_RSAPSS))
-            result = 0;
+          (void)algo_flags;
 	  break;
 
 	case PUBKEY_ALGO_DSA: