1 files changed, 20 insertions, 0 deletions

diff --git a/g10/encrypt.c b/g10/encrypt.c
index 4b21a6178..c63ec8838 100644
--- a/g10/encrypt.c
+++ b/g10/encrypt.c
@@ -185,6 +185,16 @@ encrypt_simple (const char *filename, int mode, int use_seskey)
   progress_filter_context_t *pfx;
   int do_compress = !!default_compress_algo();
 
+  if (!gnupg_rng_is_compliant (opt.compliance))
+    {
+      rc = gpg_error (GPG_ERR_FORBIDDEN);
+      log_error (_("%s is not compliant with %s mode\n"),
+                 "RNG",
+                 gnupg_compliance_option_string (opt.compliance));
+      write_status_error ("random-compliance", rc);
+      return rc;
+    }
+
   pfx = new_progress_context ();
   memset( &cfx, 0, sizeof cfx);
   memset( &zfx, 0, sizeof zfx);
@@ -626,6 +636,16 @@ encrypt_crypt (ctrl_t ctrl, int filefd, const char *filename,
       goto leave;
     }
 
+  if (!gnupg_rng_is_compliant (opt.compliance))
+    {
+      rc = gpg_error (GPG_ERR_FORBIDDEN);
+      log_error (_("%s is not compliant with %s mode\n"),
+                 "RNG",
+                 gnupg_compliance_option_string (opt.compliance));
+      write_status_error ("random-compliance", rc);
+      goto leave;
+    }
+
   compliant = gnupg_cipher_is_compliant (CO_DE_VS, cfx.dek->algo,
                                          GCRY_CIPHER_MODE_CFB);