Enforce minimum key size when generating RSA key size

Add configuration to enforce minimum size when generating a RSA key, it's default value is 1024 bits since this the minimum secure value currently but it can be any value greater than or equal 128 bits. Tests were modifed to accommodate for this change. Signed-off-by: Waleed Elmelegy <waleed.elmelegy@arm.com>
2025-08-08 17:42:09 +03:00 · 2023-06-30 16:48:19 +01:00
parent 51ed3139d1
commit 76336c3e4d
6 changed files with 40 additions and 19 deletions
--- a/include/mbedtls/mbedtls_config.h
+++ b/include/mbedtls/mbedtls_config.h
@@ -1335,6 +1335,15 @@
 */
 //#define MBEDTLS_RSA_NO_CRT

+/**
+ * \def MBEDTLS_RSA_MIN_KEY_SIZE
+ *
+ * Minimum RSA key size allowed in bits.
+ *
+ * Minimum possible value is 128 bits.
+ */
+#define MBEDTLS_RSA_MIN_KEY_SIZE 1024
+
 /**
 * \def MBEDTLS_SELF_TEST
 *