[aur-general] Fwd: gnupg-largekeys in AUR

[Jerome Leclanche]

On Thu, Nov 28, 2013 at 5:48 PM, Ido Rosen <ido at kernel.org> wrote:
> On Thu, Nov 28, 2013 at 10:49 AM, Jerome Leclanche <adys.wh at gmail.com>wrote:
>
>> What's the outcome on this? I'm interested in large keys in default gnupg.
>>
>> That said, is there a reason why the patch isnt upstream yet?
>> J. Leclanche
>>
>>
> It was rejected upstream previously a few times.
>
> If we want it, it has to be a patch on upstream in our gpg version.  I
> believe the reasoning that allowing larger key sizes are a performance
> issue for mobile does not really apply here.

That sounds like the kind of perfect use case for a compile-time option.

J. Leclanche



>
> Even gpg 2.1. dev is still limited to 4096:
> Line 1943, max=4096:
> http://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=g10/keygen.c;h=4bb8bbaed4b27a977b3c2b543dafd335acb538df;hb=refs/heads/master#l6
>
> Ido
>
>
>>
>> On Mon, Nov 4, 2013 at 3:12 AM, Ido Rosen <ido at kernel.org> wrote:
>> > Hi,
>> >   I've added gnupg-largekeys, which is the gnupg from Core, but patched
>> to
>> > extend the maximum key size to 65535 bits.  Please note that unpatched
>> > versions of gnupg can only import/encrypt to/verify signatures of key
>> sizes
>> > up to 16384 bits large, so you could keep your key sizes less than or
>> equal
>> > to that size for compatibility.
>> >
>> > https://aur.archlinux.org/packages/gnupg-largekeys
>> >
>> > I think gnupg2-large-keys.patch would be a great addition into the Arch
>> > Core gnupg package, if not in its current form then at least modifying it
>> > to increase the max key size to 16384 instead of 65535.  For some
>> > interesting numbers, take a look at
>> > http://www.ecrypt.eu.org/documents/D.SPA.20.pdf (especially Table 7.2,
>> see
>> > 15424 bit RSA keys).  Basically, it'd be nice for users to be able to
>> > create keys larger than 4096 bits.
>> >
>> > Cheers,
>> > Ido
>>