DSA keys limited to 3072 bits in GnuPG -- should have harder failure mode?

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Sep 28 19:23:42 CEST 2010


hi folks--

in writing up a little benchmarking script, i noticed that DSA keys are
limited to 3072 bits max.

i don't see a need to do more than that myself (i just wanted to have
some comparison figures), but i was surprised to find that gpg just went
ahead and created a smaller key than requested, instead of failing outright.

printf 'Key-Type: DSA\nKey-Length: 4096\nName-Real: test\n' | \
  gpg --batch --gen-key

produces the warning message:

gpg: keysize invalid; using 3072 bits

i understand gnupg needing to make things slightly stronger than the
user requested.  But it seems odd that GnuPG would go ahead in a weaker
mode than requested by the user.  shouldn't there be some sort of harder
failure?

The attached patch is a proposal to fail hard in this situation.

Hope this is useful!

	--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: hard-fail-on-unsupported-DSA-size.patch
Type: text/x-diff
Size: 470 bytes
Desc: not available
URL: </pipermail/attachments/20100928/b6c26e92/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20100928/b6c26e92/attachment.pgp>


More information about the Gnupg-devel mailing list