Questions about key generation and RNG

Christoph Anton Mitterer calestyo at scientia.net
Wed Aug 11 16:26:40 CEST 2010


Hi.

I can only give you some hint for (A).... but your other questions sound
interesting,... so maybe some expert here (Werner, David?) finds some time
to shine some light upon them.

Regarding A:
I once played a bit around with signature subpackets,... and the following
patch (on 1.4.10) should help you:
diff -u -r old/g10/build-packet.c new/g10/build-packet.c
--- old/g10/build-packet.c	2008-12-11 17:40:05.000000000 +0100
+++ new/g10/build-packet.c	2010-08-11 16:22:00.194301418 +0200
@@ -642,6 +642,11 @@
     critical = (type & SIGSUBPKT_FLAG_CRITICAL);
     type &= ~SIGSUBPKT_FLAG_CRITICAL;
 
+    /* SIGSUBPKTs are defined in .../g10/packet.h */
+    /* Select the types you want to set critical... */
+    if(type = SIGSUBPKT_SIG_CREATED)
+      critical = 1;
+
     /* Sanity check buffer sizes */
     if(parse_one_sig_subpkt(buffer,buflen,type)<0)
       BUG();

If you need this for more than just playing around... PLEASE ask one of
the developers (e.g. Werner Koch or David Shaw) for a short confirmation,
whether this is really secure.


Happy hacking,
Chris.



More information about the Gnupg-devel mailing list