TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / mirror / mbed-tls / 76336c3e4d0396508f6f5e23f54bc13d854fd863^! / . / include / mbedtls / mbedtls_config.h
commit76336c3e4d0396508f6f5e23f54bc13d854fd863[log] [tgz]
authorWaleed Elmelegy <waleed.elmelegy@arm.com>Fri Jun 30 16:48:19 2023 +0100
committerWaleed Elmelegy <waleed.elmelegy@arm.com>Thu Jul 27 10:58:25 2023 +0000
treeb5b7b1fad18d6bf184628d5ec9685d05c523d92a
parent51ed3139d1f833c0698c834e1869747f97bcd432 [diff] [blame]
Enforce minimum key size when generating RSA key size

Add configuration to enforce minimum size when
generating a RSA key, it's default value is 1024
bits since this the minimum secure value currently
but it can be any value greater than or equal 128
bits. Tests were modifed to accommodate for this
change.

Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>

diff --git a/include/mbedtls/mbedtls_config.h b/include/mbedtls/mbedtls_config.h
index 30e4d13..dcd28e9 100644
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h

@@ -1336,6 +1336,15 @@
 //#define MBEDTLS_RSA_NO_CRT
 
 /**
+ * \def MBEDTLS_RSA_MIN_KEY_SIZE
+ *
+ * Minimum RSA key size allowed in bits.
+ *
+ * Minimum possible value is 128 bits.
+ */
+#define MBEDTLS_RSA_MIN_KEY_SIZE 1024
+
+/**
  * \def MBEDTLS_SELF_TEST
  *
  * Enable the checkup functions (*_self_test).