Werner Koch, <w...@gnupg.org>, wrote: >On Tue, 18 Feb 2014 18:26, r...@debian.org said: > >> 10240-bit RSA key, ID 4A11C97A, created 2009-09-23 > ^^^^^^ !!! > >> gpg: (this may be caused by too many secret keys used simultaneously >> or due to excessive large key sizes) > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > >There are reasons why upstream gpg does not allow the creation of such >stupidly long keys.
The fix for being able to deal with such key-sizes seems rather
trivial, though.
gnupg-1.4.16/g10/gpg.c:1998
got_secmem=secmem_init( 32768 );
Changing that to, say, 262144 (*8) lets GnuPG deal with keys > ~5kBit. A
quick test shows that it can deal with 16kBit keys with that value, but
32kBit are still too much.
I do think that in Good Old Internet Tradition ("be liberal in what you
accept") it'd be fine to change that value. It still won't let you
*create* keys >4kBit anyway, just deal with situations where the user
(or a correspondent, in case of the user wanting to sign such a thing)
has created such large keys with something else.
Kind regards,
-robert
--
-- A "militant agnostic" is someone who's credo is
-- "No, I don't know, and NEITHER DO YOU, DAMMIT!"
-- (partly) Kevin Martin, asr
signature.asc
Description: Digital Signature
