generating RSA key sizes > 4096

Ido Rosen ido at
Fri Nov 29 03:24:18 CET 2013

Currently, several downstream distributions of GnuPG patch the GPG code in
their packages to support generating RSA keys larger than 4096 bits large.
Mac OS X GPGTools, for example, patched to support generating 8192 bit RSA
keys back in October (23rd?), 2010.

I've opened a bug issue/ticket #1573 with a patch which addresses this need.
Specifically, rather than changing the maximum RSA key size outright, I've
created a compile-time flag --enable-max-rsa-key-size=SIZE. [1] 

When the feature is not used, the current behavior (4096 bit maximum, 32768
byte secmem init size) are retained.  When the feature is set to greater than
4096 bit key size, secmem init and the key size in ask_keysize (g10/keygen.c)
are modified accordingly.

I apologize in advance if I made any mistakes in terms of following the
project's coding style or patch submission procedures.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: </pipermail/attachments/20131128/75abdd90/attachment-0001.sig>

More information about the Gnupg-devel mailing list