One more thing On Wed, Jan 28, 2009 at 5:10 PM, Werner Koch <w...@gnupg.org> wrote: >> It seems that it's quite easy to disable this limit in the gnupg >> source, all I have to do is set max=something in keygen.c, correct? > No, there is some limit in the RNG too. I've grep'ed through the sources and there are many other locations with hardcoded 4096 e.g. the following excerpt:
configure: --enable-key-cache=SIZE Set key cache to SIZE (default 4096) configure: enableval=4096 configure: enableval=4096 configure: pgsize = 4096; configure: pool = malloc( 4096 + pgsize ); configure: err = mlock( pool, 4096 ); configure.ac: AC_HELP_STRING([--enable-key-cache=SIZE],[Set key cache to SIZE (default 4096)]),,enableval=4096) configure.ac: enableval=4096 doc/samplekeys.asc: pub 4096R/99242560 2002-01-28 g10/app-openpgp.c: max_length = 4096; g10/parse-packet.c: if (pktlen > 4096) g10/apdu.c: size_t bufsize = 4096; g10/apdu.c: bufsize += resultlen > 4096? resultlen: 4096; g10/apdu.c: size_t bufsize = 4096; g10/apdu.c: bufsize += resultlen > 4096? resultlen: 4096; g10/status.c: if ( requested_shm_size > 2 * 4096 ) g10/status.c: shm_size = 4096 /* one page for us */ + requested_shm_size; g10/ChangeLog: (ask_keysize): Only allow keysizes up to 4096 g10/sign.c: byte copy_buffer[4096]; g10/sign.c: while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1) g10/sign.c: wipememory(copy_buffer,4096); /* burn buffer */ g10/encode.c: byte copy_buffer[4096]; g10/encode.c: while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1) g10/encode.c: wipememory(copy_buffer, 4096); /* burn buffer */ g10/encode.c: byte copy_buffer[4096]; g10/encode.c: while ((bytes_copied = iobuf_read(inp, copy_buffer, 4096)) != -1) g10/encode.c: wipememory(copy_buffer, 4096); /* burn buffer */ Does any of these have to do with key generation or usage? I mean if I just change that max= setting in keygen.c will everything be fine and will it produce fully valid secure keys or do I have to look at other locations, too? Cheers, Peter btw: I've already tried to create a 65563 bit RSA key, but it took me to long and my notebook ran out of battery *lol* _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
