Page MenuHome GnuPG

gnupg complies to CO_DE_VS when generating keys non-interactively only by accident
Closed, InvalidPublic

Description

$ g10/gpg --quick-gen-key susie.nist@example.org nistp256
[...]
gpg: writing self signature
gpg: key 52F5DB2F95434811 not suitable for signing while in --compliance=de-vs mode
gpg: signing failed: Invalid public key algorithm
gpg: make_keysig_packet failed: Invalid public key algorithm
Key generation failed: Invalid public key algorithm

Furthermore, the key size when generating an RSA key is silently increased to the minimum (2048 bits):

$ g10/gpg --quick-gen-key susie.rsa1024@example.org rsa1024
[...]
pub   rsa2048 2017-06-28 [SC] [expires: 2019-06-28]
      DAC5F9FD7E5A693922E7E21376E20ADEF6C11BA2
      DAC5F9FD7E5A693922E7E21376E20ADEF6C11BA2
uid                      susie.rsa1024@example.org

Event Timeline

werner lowered the priority of this task from Normal to Low.Oct 24 2017, 12:20 PM
werner added a subscriber: werner.

I would not all this an accident.