We dont'want totally forbid RSA encryption.

Related: rhbz#2053289

0045-FIPS-services-minimize.patch

@@ -89,15 +89,6 @@ diff -up openssl-3.0.0/providers/fips/fipsprov.c.fipsmin openssl-3.0.0/providers
      { PROV_NAMES_ECDSA, FIPS_DEFAULT_PROPERTIES, ossl_ecdsa_signature_functions },
  #endif
      { PROV_NAMES_HMAC, FIPS_DEFAULT_PROPERTIES,
-@@ -407,7 +407,7 @@ static const OSSL_ALGORITHM fips_signatu
- };
- 
- static const OSSL_ALGORITHM fips_asym_cipher[] = {
--    { PROV_NAMES_RSA, FIPS_DEFAULT_PROPERTIES, ossl_rsa_asym_cipher_functions },
-+    { PROV_NAMES_RSA, FIPS_UNAPPROVED_PROPERTIES, ossl_rsa_asym_cipher_functions },
-     { NULL, NULL, NULL }
- };
- 
 @@ -421,7 +424,7 @@ static const OSSL_ALGORITHM fips_keymgmt
        PROV_DESCS_DHX },
  #endif
@@ -128,18 +119,6 @@ diff -up openssl-3.0.0/providers/fips/fipsprov.c.fipsmin openssl-3.0.0/providers
 diff -up openssl-3.0.0/test/acvp_test.c.fipsmin openssl-3.0.0/test/acvp_test.c
 --- openssl-3.0.0/test/acvp_test.c.fipsmin	2022-01-12 18:34:17.283654119 +0100
 +++ openssl-3.0.0/test/acvp_test.c	2022-01-12 18:35:46.270430676 +0100
-@@ -1466,8 +1466,9 @@ int setup_tests(void)
-     ADD_ALL_TESTS(rsa_keygen_test, OSSL_NELEM(rsa_keygen_data));
-     ADD_ALL_TESTS(rsa_siggen_test, OSSL_NELEM(rsa_siggen_data));
-     ADD_ALL_TESTS(rsa_sigver_test, OSSL_NELEM(rsa_sigver_data));
--    ADD_ALL_TESTS(rsa_decryption_primitive_test,
--                  OSSL_NELEM(rsa_decrypt_prim_data));
-+/* Red Hat FIPS provider doesn't have fips=yes property on RSA encryption */
-+/*    ADD_ALL_TESTS(rsa_decryption_primitive_test,
-+                  OSSL_NELEM(rsa_decrypt_prim_data)); */
- 
- #ifndef OPENSSL_NO_DH
-     ADD_ALL_TESTS(dh_safe_prime_keygen_test,
 @@ -1473,6 +1473,7 @@ int setup_tests(void)
                    OSSL_NELEM(dh_safe_prime_keyver_data));
  #endif /* OPENSSL_NO_DH */