Error when generating ECC keys

Andrey Jivsov openpgp at
Mon Feb 14 01:41:06 CET 2011

I was able to generate an ECC key with a build from "master". You need 
to be careful to make sure that you are running *your* version of 
libgcrypt, gpg-agent, and gpg2.

One suggestion I have is to uninstall any gpg package (such as RPM-based 
binaries on Fedora) you might have, then install all the binaries you 
build into a designated directory (e.g./usr/local/gpg2ecc) and set up 
the binary search path (in LD_LIBRARY_PATH) to point to this directory only.

Here are the general instructions that worked for me:

On 02/10/2011 01:08 PM, Alphazo wrote:
> I have compiled and installed gpg2 and libgcrypt from git but I get an 
> error when generating ECC keys:
> # gpg2 --version
> gpg (GnuPG) 2.1.0-gitcfbb576
> libgcrypt 1.5.0-git4f04851
> Copyright (C) 2011 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later 
> <>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
> Home: ~/.gnupg
> Supported algorithms:
> Cipher: 3DES, CAST5, BLOWFISH, AES128, AES192, AES256, TWOFISH, 
>         CAMELLIA192, CAMELLIA256
> Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
> Compression: Uncompressed, ZIP, ZLIB, BZIP2
> Here is what I get when I use gen-key:
> # gpg2 --expert --gen-key --debug 15
> gpg: reading options from `/home/alpha/.gnupg/gpg.conf'
> gpg: enabled debug flags: packet mpi cipher filter
> Please select what kind of key you want:
>    (1) RSA and RSA (default)
>    (2) DSA and Elgamal
>    (3) DSA (sign only)
>    (4) RSA (sign only)
>    (7) DSA (set your own capabilities)
>    (8) RSA (set your own capabilities)
>    (9) ECDSA and ECDH
>   (10) ECDSA (sign only)
>   (11) ECDSA (set your own capabilities)
> Your selection? 9
> ECDSA keys may be between 256 and 521 bits long.
> What keysize do you want? (256)
> Requested keysize is 256 bits
> ECDH keys may be between 256 and 521 bits long.
> What keysize do you want for the subkey? (256)
> Requested keysize is 256 bits
> Please specify how long the key should be valid.
>          0 = key does not expire
> <n>  = key expires in n days
> <n>w = key expires in n weeks
> <n>m = key expires in n months
> <n>y = key expires in n years
> Key is valid for? (0)
> Key does not expire at all
> Is this correct? (y/N) y
> GnuPG needs to construct a user ID to identify your key.
> Real name: ecc man
> Email address:
> Comment:
> You selected this USER-ID:
>     "ecc man"
> Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
> We need to generate a lot of random bytes. It is a good idea to perform
> some other action (type on the keyboard, move the mouse, utilize the
> disks) during the prime generation; this gives the random number
> generator a better chance to gain enough entropy.
> gpg: Fatal: out of core while allocating 17591649173513 bytes
> _______________________________________________
> Gnupg-devel mailing list
> Gnupg-devel at

-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110213/0333d2a7/attachment.htm>

More information about the Gnupg-devel mailing list