(103 . 3)(103 . 47)

	return evidence;
}

/**
 * Generates a random number that has passed the Miller-Rabin test for primality (see function is_composite above).
 * NB: top 2 bits and bottom bit are ALWAYS 1! (i.e. a mask 11.....1 is applied)
 *    a prime of 8*noctets long will have only 8*noctets-3 bits that are randomly chosen
 * NB: this method does NOT allocate space for the requested MPI; it is the caller's responsibility to allocate it!
 * The source of randomness is ENTROPY_SOURCE in eucrypt/smg_rsa/include/knobs.h
 * The number of witnesses checked by Miller-Rabin is M_R_ITERATIONS in eucrypt/smg_rsa/include/knobs.h
 * Preconditions:
 *			noctets > 0 (at least one octet!)
 *			memory allocated for noctets in output MPI
 *			successful access to the entropy source
 */
void gen_random_prime( unsigned int noctets, MPI output )
{
	/* precondition: at least one octet long */
	assert(noctets > 0);

	/* precondition: enough memory allocated for the limbs corresponding to noctets */
	unsigned int nlimbs = mpi_nlimb_hint_from_nbytes(noctets);
	assert(mpi_get_alloced(output) >= nlimbs);

	/* precondition: access to the entropy source */
	int entropy_source = open_entropy_source(ENTROPY_SOURCE); /* source of random bits */
	assert(entropy_source >= 0);

	unsigned int nbits = 8*noctets;														/* length of MPI in bits */

	/*
   * loop until a prime is found: get noctets of random bits, trim and apply 110...01 mask, check if prime
	 */
	unsigned char *p = xmalloc( noctets );
	do {
		get_random_octets_from( noctets, p, entropy_source );
		mpi_set_buffer( output, p, noctets, 0);	/* convert to MPI representation */
		mpi_set_highbit( output, nbits - 1 );		/* trim at required size and set top bit */
		mpi_set_bit( output, nbits - 2);					/* set second top bit */
		mpi_set_bit( output, 0 );								/* set bottom bit to unsure odd number */
	}	while (is_composite(output, M_R_ITERATIONS, entropy_source));

	/* tidy up, a prime was found */
	xfree(p);
	close(entropy_source);
}