does gpg cope with very large key sizes
David Shaw
dshaw at jabberwocky.com
Sun Sep 13 20:13:03 CEST 2009
On Sep 13, 2009, at 1:07 PM, Philippe Cerfon wrote:
> Hi.
>
> For those wo are interested,... ;)
>
> I've aborted trying to create a 65536 bit RSA key. Took just too long
> and I don't know enough on key generation to make an estimation ;)
>
>
> Anyway,.. when trying to create 32768 bit RSA key I've got the
> following error:
> We need to generate a lot of random bytes. It is a good idea to
> perform
> some other action (type on the keyboard, move the mouse, utilize the
> disks) during the prime generation; this gives the random number
> generator a better chance to gain enough entropy.
> .......................+++++
> .........................................................................+
> ++++
> gpg: out of secure memory while allocating 4096 bytes
> gpg: (this may be caused by too many secret keys used simultaneously
> or due to excessive large key sizes)
>
> Is this a bug? Or is there anything I can do to get more "secure
> memory"?
No, it's not a bug. You're hacking the code to get it to do something
the developers explicitly don't permit doing. You can't file a bug
against a car for not driving straight after you removed a wheel. The
rules of this game are: if you break it, you get to keep the pieces.
You can get more secure memory by changing the call to secmem_init in
gpg.c.
David
More information about the Gnupg-devel
mailing list