diff options
| author | Daniel Kahn Gillmor <[email protected]> | 2014-10-09 20:54:15 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2014-10-10 11:40:38 +0000 |
| commit | 6cabb7a2a18f871b8c3d5de58bcdc5aaa5b201af (patch) | |
| tree | 14299bcebf1e30e3b69e8f53adfe08afabdb0f65 /g10/options.h | |
| parent | gpg: Skip overlong keys and a print a warning. (diff) | |
| download | gnupg-6cabb7a2a18f871b8c3d5de58bcdc5aaa5b201af.tar.gz gnupg-6cabb7a2a18f871b8c3d5de58bcdc5aaa5b201af.zip | |
gpg: Add build and runtime support for larger RSA keys
* configure.ac: Added --enable-large-secmem option.
* g10/options.h: Add opt.flags.large_rsa.
* g10/gpg.c: Contingent on configure option: adjust secmem size,
add gpg --enable-large-rsa, bound to opt.flags.large_rsa.
* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa
* doc/gpg.texi: Document --enable-large-rsa.
--
This is a cherry-pick of 534e2876acc05f9f8d9b54c18511fe768d77dfb5 from
STABLE-BRANCH-1-4 against master
Some older implementations built and used RSA keys up to 16Kib, but
the larger secret keys now fail when used by more recent GnuPG, due to
secure memory limitations.
Building with ./configure --enable-large-secmem will make gpg
capable of working with those secret keys, as well as permitting the
use of a new gpg option --enable-large-rsa, which let gpg generate RSA
keys up to 8Kib when used with --batch --gen-key.
Debian-bug-id: 739424
Minor edits by wk.
GnuPG-bug-id: 1732
Diffstat (limited to '')
| -rw-r--r-- | g10/options.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/g10/options.h b/g10/options.h index 7efb3d6e6..edd31a9c2 100644 --- a/g10/options.h +++ b/g10/options.h @@ -229,6 +229,7 @@ struct unsigned int dsa2:1; unsigned int allow_multiple_messages:1; unsigned int allow_weak_digest_algos:1; + unsigned int large_rsa:1; } flags; /* Linked list of ways to find a key if the key isn't on the local |