Groups | Search | Server Info | Login | Register
Groups > comp.security.pgp.tech > #3
| Path | csiph.com!x330-a1.tempe.blueboxinc.net!feeder1.hal-mli.net!feeder.news-service.com!feeder.news-service.com!85.214.198.2.MISMATCH!eternal-september.org!feeder.eternal-september.org!.POSTED!not-for-mail |
|---|---|
| From | 1PW <1PW@INVALID.net> |
| Newsgroups | comp.security.pgp.tech, alt.security.pgp |
| Subject | Re: gnupg2 modified to generate 16384 bits RSA key |
| Date | Thu, 19 May 2011 12:31:19 -0700 |
| Organization | Little or none. |
| Lines | 38 |
| Message-ID | <ir3r6a$ehs$1@dont-email.me> (permalink) |
| References | <14e417f17b3cb247f87eb7c943e9800c@rip.ax.lt> |
| Mime-Version | 1.0 |
| Content-Type | text/plain; charset=ISO-8859-1 |
| Content-Transfer-Encoding | 7bit |
| Injection-Date | Thu, 19 May 2011 19:31:22 +0000 (UTC) |
| Injection-Info | mx04.eternal-september.org; posting-host="DK36JYexHIPkG/QNU/uDSw"; logging-data="14908"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1/faFoFXmnHrsBdud+NrYxY" |
| User-Agent | Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.17) Gecko/20110414 Thunderbird/3.1.10 |
| In-Reply-To | <14e417f17b3cb247f87eb7c943e9800c@rip.ax.lt> |
| Cancel-Lock | sha1:2iXeYZUxhIDBO39uoj5cFyDILgU= |
| Xref | x330-a1.tempe.blueboxinc.net comp.security.pgp.tech:3 |
Cross-posted to 2 groups.
Show key headers only | View raw
On 5/18/2011 3:29 PM, Anne Onime wrote:
> I wanted to generate the RSA gnupg key with length of 16384 bits.
> Previously it was sufficient to increase the maximum key length:
>
> --- gnupg2-2.0.17.orig/g10/keygen.c
> +++ gnupg2-2.0.17/g10/keygen.c
> @@ -1774,7 +1774,7 @@ ask_algo (int addmode, int *r_subkey_alg
> static unsigned
> ask_keysize (int algo, unsigned int primary_keysize)
> {
> - unsigned int nbits, min, def = DEFAULT_STD_KEYSIZE, max=4096;
> + unsigned int nbits, min, def = DEFAULT_STD_KEYSIZE, max=16384;
> int for_subkey = !!primary_keysize;
> int autocomp = 0;
>
> Now it appears, that the above modification is not sufficient.
> Generation of key ends with out of memory error.
> To succesfully generate the 16k bit RSA key one needs to increase
> amount of allocated "secure memory":
>
> --- gnupg2-2.0.17.orig/g10/gpg.c
> +++ gnupg2-2.0.17/g10/gpg.c
> @@ -2050,7 +2050,7 @@ main (int argc, char **argv)
> #endif
>
> /* Initialize the secure memory. */
> - if (!gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0))
> + if (!gcry_control (GCRYCTL_INIT_SECMEM, 65536, 0))
> got_secmem = 1;
> #if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
> /* There should be no way to get to this spot while still carrying
>
> After above modifications I was able to successfully generate 16384 bits RSA
> key.
As this has all the outward appearances of a friendly enhancement, I
hope you have considered requesting this be included in future
official updates by "The GnuPG Team".
Back to comp.security.pgp.tech | Previous | Next — Previous in thread | Next in thread | Find similar
gnupg2 modified to generate 16384 bits RSA key Anne Onime <anonymous@rip.ax.lt> - 2011-05-19 00:29 +0200
Re: gnupg2 modified to generate 16384 bits RSA key 1PW <1PW@INVALID.net> - 2011-05-19 12:31 -0700
Re: gnupg2 modified to generate 16384 bits RSA key Lucian Solaris <luciansolaris@gmail.com> - 2011-05-20 08:27 -0700
Re: gnupg2 modified to generate 16384 bits RSA key wzab01@gmail.com - 2014-11-01 08:38 -0700
csiph-web