diff options
| -rw-r--r-- | doc/ChangeLog | 5 | ||||
| -rw-r--r-- | doc/gpg.texi | 8 | ||||
| -rw-r--r-- | g10/ChangeLog | 6 | ||||
| -rw-r--r-- | g10/keygen.c | 14 |
4 files changed, 17 insertions, 16 deletions
diff --git a/doc/ChangeLog b/doc/ChangeLog index a697c12f4..a876b6bb0 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,8 @@ +2009-05-20 Werner Koch <[email protected]> + + * gpg.texi (GPG Configuration Options): Explain new meaning of + --enable-dsa2. + 2009-03-16 David Shaw <[email protected]> * gpg.texi (GPG Configuration Options): Document keyserver-options diff --git a/doc/gpg.texi b/doc/gpg.texi index 9e40e74c1..5540ba2b3 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1093,10 +1093,10 @@ validation. This option is only meaningful if pka-lookups is set. @item --enable-dsa2 @itemx --disable-dsa2 -Enables new-style DSA keys which (unlike the old style) may be larger -than 1024 bit and use hashes other than SHA-1 and RIPEMD/160. Note -that very few programs currently support these keys and signatures -from them. +Enable hash truncation for all DSA keys even for old DSA Keys up to +1024 bit. This is also the default with @option{--openpgp}. Note +that older versions of GnuPG also required this flag to allow the +generation of DSA larger than 1024 bit. @item --photo-viewer @code{string} This is the command line that should be run to view a photo ID. "%i" diff --git a/g10/ChangeLog b/g10/ChangeLog index c45f2d1b4..67a49f9e9 100644 --- a/g10/ChangeLog +++ b/g10/ChangeLog @@ -1,8 +1,12 @@ 2009-05-20 Werner Koch <[email protected]> + * keygen.c (ask_keysize): Allow selection of DSA key size even + without --enable-dsa2. + (gen_dsa): Remove size check. + * keygen.c (ask_key_flags): Fix bug in the translation check. Fixes bug#1056. - + 2009-05-18 Daiki Ueno <[email protected]> (wk) * encode.c (encode_simple): Tell passphrase_to_dek to cache diff --git a/g10/keygen.c b/g10/keygen.c index baacd75cc..3b5bb44b5 100644 --- a/g10/keygen.c +++ b/g10/keygen.c @@ -1263,7 +1263,7 @@ gen_dsa (unsigned int nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek, gcry_sexp_t misc_key_info; unsigned int qbits; - if ( nbits < 512 || (!opt.flags.dsa2 && nbits > 1024)) + if ( nbits < 512) { nbits = 1024; log_info(_("keysize invalid; using %u bits\n"), nbits ); @@ -1768,16 +1768,8 @@ ask_keysize (int algo, unsigned int primary_keysize) switch(algo) { case PUBKEY_ALGO_DSA: - if(opt.flags.dsa2) - { - def=2048; - max=3072; - } - else - { - tty_printf(_("DSA keypair will have %u bits.\n"),1024); - return 1024; - } + def=2048; + max=3072; break; case PUBKEY_ALGO_RSA: |