Optional support for larger RSA key sizes
Closed, ResolvedPublic


See attached. Added compile-time flag to support generating RSA key sizes larger than 4096.

Currently, several downstream distributions of GPG patch the GPG code in packages to support
generating RSA keys larger than 4096 bits. Mac OS X GPGTools, for example, patched to support
generating 8192 bit RSA keys.

The patch file I've submitted here adds a ./configure options called --enable-max-rsa-key-

When set to a value > 4096 and <= 65535, values above 16384 warn about incompatibility for RSA
keys larger than 16384. Values between 4096-65535 set secmem initial size to 128kB and the max
RSA key size in ask_keysize to whatever that value was.

When --enable-max-rsa-key-size is unset, set to 4096, or --disable'ed, GPG builds the same as it
does without this patch. (Same secmem init size of 32768, same max RSA key size of 4096.)


ido added a comment.Nov 28 2013, 11:42 PM

ido added a comment.Nov 29 2013, 4:37 PM

Uploaded a new patch file - I missed a semicolon.

ido added a comment.Nov 29 2013, 4:37 PM

werner added a subscriber: werner.Nov 29 2013, 6:47 PM

This has been discussed ad nauseam. Thus this will not be included.

werner closed this task as Resolved.
werner claimed this task.