diff --git a/lib/mbedtls b/lib/mbedtls
index f3a2ed06a..5962c69b2 160000
--- a/lib/mbedtls
+++ b/lib/mbedtls
@@ -1 +1 @@
-Subproject commit f3a2ed06abd98c99db6dc46c9eb400951186d9d4
+Subproject commit 5962c69b26dbfa1e5582a248c0774a8df7ef18f8
diff --git a/src/mbedTLS++/CryptoKey.cpp b/src/mbedTLS++/CryptoKey.cpp
index 742d9c73c..ea01bfc80 100644
--- a/src/mbedTLS++/CryptoKey.cpp
+++ b/src/mbedTLS++/CryptoKey.cpp
@@ -124,15 +124,18 @@ int cCryptoKey::ParsePrivate(const void * a_Data, size_t a_NumBytes, const AStri
 
 	if (a_Password.empty())
 	{
-		return mbedtls_pk_parse_key(&m_Pk, reinterpret_cast<const unsigned char *>(keyData.data()), a_NumBytes + 1, nullptr, 0, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal());
+		return mbedtls_pk_parse_key(
+			&m_Pk,
+			reinterpret_cast<const unsigned char *>(keyData.data()), a_NumBytes + 1,
+			nullptr, 0
+		);
 	}
 	else
 	{
 		return mbedtls_pk_parse_key(
 			&m_Pk,
 			reinterpret_cast<const unsigned char *>(keyData.data()), a_NumBytes + 1,
-			reinterpret_cast<const unsigned char *>(a_Password.c_str()), a_Password.size(),
-			mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal()
+			reinterpret_cast<const unsigned char *>(a_Password.c_str()), a_Password.size()
 		);
 	}
 }
diff --git a/src/mbedTLS++/RsaPrivateKey.cpp b/src/mbedTLS++/RsaPrivateKey.cpp
index d0c5b7c8b..81cd2db44 100644
--- a/src/mbedTLS++/RsaPrivateKey.cpp
+++ b/src/mbedTLS++/RsaPrivateKey.cpp
@@ -11,7 +11,7 @@
 
 cRsaPrivateKey::cRsaPrivateKey(void)
 {
-	mbedtls_rsa_init(&m_Rsa);
+	mbedtls_rsa_init(&m_Rsa, MBEDTLS_RSA_PKCS_V15, 0);
 	m_CtrDrbg.Initialize("RSA", 3);
 }
 
@@ -21,7 +21,7 @@ cRsaPrivateKey::cRsaPrivateKey(void)
 
 cRsaPrivateKey::cRsaPrivateKey(const cRsaPrivateKey & a_Other)
 {
-	mbedtls_rsa_init(&m_Rsa);
+	mbedtls_rsa_init(&m_Rsa, MBEDTLS_RSA_PKCS_V15, 0);
 	mbedtls_rsa_copy(&m_Rsa, &a_Other.m_Rsa);
 	m_CtrDrbg.Initialize("RSA", 3);
 }
@@ -122,7 +122,7 @@ int cRsaPrivateKey::Decrypt(const ContiguousByteBufferView a_EncryptedData, Byte
 	}
 	size_t DecryptedLength;
 	int res = mbedtls_rsa_pkcs1_decrypt(
-		&m_Rsa, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal(), &DecryptedLength,
+		&m_Rsa, mbedtls_ctr_drbg_random, m_CtrDrbg.GetInternal(), MBEDTLS_RSA_PRIVATE, &DecryptedLength,
 		reinterpret_cast<const unsigned char *>(a_EncryptedData.data()), a_DecryptedData, a_DecryptedMaxLength
 	);
 	if (res != 0)