Page MenuHome GnuPG
Feed Advanced Search

Feb 1 2016

strange added a comment to T2238: When generating a DSA or Elgamal key with --expert GPG claims that keys smaller than 1024 bits are supported when they are not..

I have tested this bug in Debian and Windows.

When running "gpg --gen-key --expert" GPG displays:

     DSA keys may be between 512 and 3072 bits long.

and

     ELG-E keys may be between 512 and 4096 bits long.

however entering 512 will result in

     gpg: keysize invalid; using 2048 bits

     gpg --gen-key --expert
     gpg (GnuPG) 1.4.20; Copyright (C) 2015 Free Software Foundation, Inc.
     This is free software: you are free to change and redistribute it.
     There is NO WARRANTY, to the extent permitted by law.

     Please select what kind of key you want:
        (1) RSA and RSA (default)
        (2) DSA and Elgamal
        (3) DSA (sign only)
        (4) RSA (sign only)
        (7) DSA (set your own capabilities)
        (8) RSA (set your own capabilities)
     Your selection? 2

--> DSA keys may be between 512 and 3072 bits long.

What keysize do you want? (2048) 512
Requested keysize is 512 bits

--> ELG-E keys may be between 512 and 4096 bits long.

     What keysize do you want for the subkey? (2048) 512
     Requested keysize is 512 bits
     Please specify how long the key should be valid.
              0 = key does not expire
           <n>  = key expires in n days
           <n>w = key expires in n weeks
           <n>m = key expires in n months
           <n>y = key expires in n years
     Key is valid for? (0) 0
     Key does not expire at all
     Is this correct? (y/N) y

     You need a user ID to identify your key; the software constructs the user ID
     from the Real Name, Comment and Email Address in this form:
         "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"

     Real name: user_id
     Email address:
     Comment:
     You selected this USER-ID:
         "user_id"

     Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
     You need a Passphrase to protect your secret key.

     You don't want a passphrase - this is probably a *bad* idea!
     I will do it anyway.  You can change your passphrase at any time,
     using this program with the option "--edit-key".

     We need to generate a lot of random bytes. It is a good idea to perform
     some other action (type on the keyboard, move the mouse, utilize the
     disks) during the prime generation; this gives the random number
     generator a better chance to gain enough entropy.

--> gpg: keysize invalid; using 2048 bits

gpg: WARNING: some OpenPGP programs can't handle a DSA key with this digest

size

...[truncated]...
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.

--> gpg: keysize invalid; using 2048 bits

     ...[truncated]...

     gpg: key F0E7A41B marked as ultimately trusted
     public and secret key created and signed.

     gpg: checking the trustdb
     gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
     gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
     pub   2048D/F0E7A41B 2016-02-01
           Key fingerprint = C789 E572 4A8B BC1B 3108  F34E 36F4 D0CC F0E7 A41B
     uid                  user_id
     sub   2048g/977768CF 2016-02-01
Feb 1 2016, 10:50 AM · gnupg (gpg20), Unreleased, gnupg (gpg14), Bug Report, gnupg
strange set Version to 1.4.20 on T2238: When generating a DSA or Elgamal key with --expert GPG claims that keys smaller than 1024 bits are supported when they are not..
Feb 1 2016, 7:12 AM · gnupg (gpg20), Unreleased, gnupg (gpg14), Bug Report, gnupg
strange added projects to T2238: When generating a DSA or Elgamal key with --expert GPG claims that keys smaller than 1024 bits are supported when they are not.: gnupg, Bug Report.
Feb 1 2016, 7:12 AM · gnupg (gpg20), Unreleased, gnupg (gpg14), Bug Report, gnupg