Page MenuHome GnuPG
Create Task
Maniphest T1573

Optional support for larger RSA key sizes
Closed, ResolvedPublic
Actions

Description

See attached. Added compile-time flag to support generating RSA key sizes larger than 4096.

Currently, several downstream distributions of GPG patch the GPG code in packages to support
generating RSA keys larger than 4096 bits. Mac OS X GPGTools, for example, patched to support
generating 8192 bit RSA keys.

The patch file I've submitted here adds a ./configure options called --enable-max-rsa-key-
size=SIZE.

When set to a value > 4096 and <= 65535, values above 16384 warn about incompatibility for RSA
keys larger than 16384. Values between 4096-65535 set secmem initial size to 128kB and the max
RSA key size in ask_keysize to whatever that value was.

When --enable-max-rsa-key-size is unset, set to 4096, or --disable'ed, GPG builds the same as it
does without this patch. (Same secmem init size of 32768, same max RSA key size of 4096.)

Details

Version
2.1

Related Objects

Event Timeline

ido set Version to 2.1.Nov 28 2013, 11:41 PM
ido added projects: Feature Request, gnupg.
ido added a subscriber: ido.

D183: 407_0001-gpg-Compile-time-flag-for-RSA-key-sizes-4096.patch

ido added a comment.Nov 28 2013, 11:42 PM

408_0001-gpg-Compile-time-flag-for-RSA-key-sizes-4096.patch.sig543 BDownload

ido added a project: gnupg (gpg21).Nov 28 2013, 11:42 PM
ido added a comment.Nov 29 2013, 4:37 PM

D182: 410_0001-gpg-Compile-time-flag-for-RSA-key-sizes-4096.patch

ido added a comment.Nov 29 2013, 4:37 PM

Uploaded a new patch file - I missed a semicolon.

ido added a comment.Nov 29 2013, 4:37 PM

411_0001-gpg-Compile-time-flag-for-RSA-key-sizes-4096.patch.sig543 BDownload

werner added a subscriber: werner.Nov 29 2013, 6:47 PM

This has been discussed ad nauseam. Thus this will not be included.

werner closed this task as Resolved.Nov 29 2013, 6:47 PM
werner claimed this task.
werner added a project: Won't Fix.