Groups | Search | Server Info | Login | Register

Groups > comp.security.pgp.tech > #2

gnupg2 modified to generate 16384 bits RSA key

Cross-posted to 2 groups.

Show all headers | View raw

I wanted to generate the RSA gnupg key with length of 16384 bits.
Previously it was sufficient to increase the maximum key length:

--- gnupg2-2.0.17.orig/g10/keygen.c
+++ gnupg2-2.0.17/g10/keygen.c
@@ -1774,7 +1774,7 @@ ask_algo (int addmode, int *r_subkey_alg
 static unsigned
 ask_keysize (int algo, unsigned int primary_keysize)
 {
-  unsigned int nbits, min, def = DEFAULT_STD_KEYSIZE, max=4096;
+  unsigned int nbits, min, def = DEFAULT_STD_KEYSIZE, max=16384;
   int for_subkey = !!primary_keysize;
   int autocomp = 0;

Now it appears, that the above modification is not sufficient.
Generation of key ends with out of memory error.
To succesfully generate the 16k bit RSA key one needs to increase
amount of allocated "secure memory":

--- gnupg2-2.0.17.orig/g10/gpg.c
+++ gnupg2-2.0.17/g10/gpg.c
@@ -2050,7 +2050,7 @@ main (int argc, char **argv)
 #endif

     /* Initialize the secure memory. */
-    if (!gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0))
+    if (!gcry_control (GCRYCTL_INIT_SECMEM, 65536, 0))
       got_secmem = 1;
 #if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
     /* There should be no way to get to this spot while still carrying

After above modifications I was able to successfully generate 16384 bits RSA
key.

Back to comp.security.pgp.tech | Next — Next in thread | Find similar

Thread

gnupg2 modified to generate 16384 bits RSA key Anne Onime <anonymous@rip.ax.lt> - 2011-05-19 00:29 +0200
  Re: gnupg2 modified to generate 16384 bits RSA key 1PW <1PW@INVALID.net> - 2011-05-19 12:31 -0700
    Re: gnupg2 modified to generate 16384 bits RSA key Lucian Solaris <luciansolaris@gmail.com> - 2011-05-20 08:27 -0700
  Re: gnupg2 modified to generate 16384 bits RSA key wzab01@gmail.com - 2014-11-01 08:38 -0700

csiph-web