projects / openssl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
rsa: Do not allow less than 512 bit RSA keys
[openssl.git] / crypto / rsa / rsa_gen.c
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
index eda23b548137a27be66180b6eb2b7f75f8afd7d5..4b9296e46c60cac34c13a03d3df189ae61c9edc5 100644 (file)
--- a/crypto/rsa/rsa_gen.c
+++ b/crypto/rsa/rsa_gen.c
@@ -72,11 +72,7 @@ static int rsa_builtin_keygen(RSA *rsa, int bits, int primes, BIGNUM *e_value,
     BN_CTX *ctx = NULL;
     BN_ULONG bitst = 0;
 
-    /*
-     * When generating ridiculously small keys, we can get stuck
-     * continually regenerating the same prime values.
-     */
-    if (bits < 16) {
+    if (bits < RSA_MIN_MODULUS_BITS) {
         ok = 0;             /* we set our own err */
         RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, RSA_R_KEY_SIZE_TOO_SMALL);
         goto err;
Unnamed repository; edit this file 'description' to name the repository.