summaryrefslogtreecommitdiff
path: root/thirdparty/mbedtls/library/rsa_internal.c
diff options
context:
space:
mode:
Diffstat (limited to 'thirdparty/mbedtls/library/rsa_internal.c')
-rw-r--r--thirdparty/mbedtls/library/rsa_internal.c9
1 files changed, 7 insertions, 2 deletions
diff --git a/thirdparty/mbedtls/library/rsa_internal.c b/thirdparty/mbedtls/library/rsa_internal.c
index 507009f131..9a42d47ceb 100644
--- a/thirdparty/mbedtls/library/rsa_internal.c
+++ b/thirdparty/mbedtls/library/rsa_internal.c
@@ -351,15 +351,20 @@ int mbedtls_rsa_validate_params( const mbedtls_mpi *N, const mbedtls_mpi *P,
*/
#if defined(MBEDTLS_GENPRIME)
+ /*
+ * When generating keys, the strongest security we support aims for an error
+ * rate of at most 2^-100 and we are aiming for the same certainty here as
+ * well.
+ */
if( f_rng != NULL && P != NULL &&
- ( ret = mbedtls_mpi_is_prime( P, f_rng, p_rng ) ) != 0 )
+ ( ret = mbedtls_mpi_is_prime_ext( P, 50, f_rng, p_rng ) ) != 0 )
{
ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
goto cleanup;
}
if( f_rng != NULL && Q != NULL &&
- ( ret = mbedtls_mpi_is_prime( Q, f_rng, p_rng ) ) != 0 )
+ ( ret = mbedtls_mpi_is_prime_ext( Q, 50, f_rng, p_rng ) ) != 0 )
{
ret = MBEDTLS_ERR_RSA_KEY_CHECK_FAILED;
goto cleanup;
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-07 16:16:39 +0000