mirror of
git://git.gnupg.org/gnupg.git
synced 2024-12-31 11:41:32 +01:00
gpg: Use 128 MiB as default AEAD chunk size.
* g10/gpg.c (oDebugAllowLargeChunks): New. (opts): New option --debug-allow-large-chunks. (main): Implement that option. -- Signed-off-by: Werner Koch <wk@gnupg.org>
This commit is contained in:
parent
1c9584dabb
commit
9aa1b368ef
14
doc/gpg.texi
14
doc/gpg.texi
@ -2258,9 +2258,8 @@ The AEAD encryption mode encrypts the data in chunks so that a
|
|||||||
receiving side can check for transmission errors or tampering at the
|
receiving side can check for transmission errors or tampering at the
|
||||||
end of each chunk and does not need to delay this until all data has
|
end of each chunk and does not need to delay this until all data has
|
||||||
been received. The used chunk size is 2^@var{n} byte. The lowest
|
been received. The used chunk size is 2^@var{n} byte. The lowest
|
||||||
allowed value for @var{n} is 6 (64 byte) and the largest is 62 (4
|
allowed value for @var{n} is 6 (64 byte) and the largest is the
|
||||||
EiB). The default value for @var{n} is 30 which creates chunks not
|
default of 27 which creates chunks not larger than 128 MiB.
|
||||||
larger than 1 GiB.
|
|
||||||
|
|
||||||
@item --input-size-hint @var{n}
|
@item --input-size-hint @var{n}
|
||||||
@opindex input-size-hint
|
@opindex input-size-hint
|
||||||
@ -2621,7 +2620,7 @@ to declare that a not yet standardized feature is used.
|
|||||||
@opindex disable-mdc
|
@opindex disable-mdc
|
||||||
These options are obsolete and have no effect since GnuPG 2.2.8. The
|
These options are obsolete and have no effect since GnuPG 2.2.8. The
|
||||||
MDC is always used unless the keys indicate that an AEAD algorithm can
|
MDC is always used unless the keys indicate that an AEAD algorithm can
|
||||||
be used in which case AEAD is used. But note: If the creation or of a
|
be used in which case AEAD is used. But note: If the creation of a
|
||||||
legacy non-MDC message is exceptionally required, the option
|
legacy non-MDC message is exceptionally required, the option
|
||||||
@option{--rfc2440} allows for this.
|
@option{--rfc2440} allows for this.
|
||||||
|
|
||||||
@ -2862,6 +2861,13 @@ Change the buffer size of the IOBUFs to @var{n} kilobyte. Using 0
|
|||||||
prints the current size. Note well: This is a maintainer only option
|
prints the current size. Note well: This is a maintainer only option
|
||||||
and may thus be changed or removed at any time without notice.
|
and may thus be changed or removed at any time without notice.
|
||||||
|
|
||||||
|
@item --debug-allow-large-chunks
|
||||||
|
@opindex debug-allow-large-chunks
|
||||||
|
To facilitate in-memory decryption on the receiving site, the largest
|
||||||
|
recommended chunk size is 128 MiB (@code{--chunk-size 27}). This
|
||||||
|
option allows to specify a limit of up to 4 EiB (@code{--chunk-size
|
||||||
|
62}) for experiments.
|
||||||
|
|
||||||
@item --faked-system-time @var{epoch}
|
@item --faked-system-time @var{epoch}
|
||||||
@opindex faked-system-time
|
@opindex faked-system-time
|
||||||
This option is only useful for testing; it sets the system time back or
|
This option is only useful for testing; it sets the system time back or
|
||||||
|
13
g10/gpg.c
13
g10/gpg.c
@ -225,6 +225,7 @@ enum cmd_and_opt_values
|
|||||||
oDebugAll,
|
oDebugAll,
|
||||||
oDebugIOLBF,
|
oDebugIOLBF,
|
||||||
oDebugSetIobufSize,
|
oDebugSetIobufSize,
|
||||||
|
oDebugAllowLargeChunks,
|
||||||
oStatusFD,
|
oStatusFD,
|
||||||
oStatusFile,
|
oStatusFile,
|
||||||
oAttributeFD,
|
oAttributeFD,
|
||||||
@ -634,6 +635,7 @@ static ARGPARSE_OPTS opts[] = {
|
|||||||
ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
|
ARGPARSE_s_n (oDebugAll, "debug-all", "@"),
|
||||||
ARGPARSE_s_n (oDebugIOLBF, "debug-iolbf", "@"),
|
ARGPARSE_s_n (oDebugIOLBF, "debug-iolbf", "@"),
|
||||||
ARGPARSE_s_u (oDebugSetIobufSize, "debug-set-iobuf-size", "@"),
|
ARGPARSE_s_u (oDebugSetIobufSize, "debug-set-iobuf-size", "@"),
|
||||||
|
ARGPARSE_s_u (oDebugAllowLargeChunks, "debug-allow-large-chunks", "@"),
|
||||||
ARGPARSE_s_i (oStatusFD, "status-fd", "@"),
|
ARGPARSE_s_i (oStatusFD, "status-fd", "@"),
|
||||||
ARGPARSE_s_s (oStatusFile, "status-file", "@"),
|
ARGPARSE_s_s (oStatusFile, "status-file", "@"),
|
||||||
ARGPARSE_s_i (oAttributeFD, "attribute-fd", "@"),
|
ARGPARSE_s_i (oAttributeFD, "attribute-fd", "@"),
|
||||||
@ -2347,6 +2349,7 @@ main (int argc, char **argv)
|
|||||||
|
|
||||||
static int print_dane_records;
|
static int print_dane_records;
|
||||||
static int print_pka_records;
|
static int print_pka_records;
|
||||||
|
static int allow_large_chunks;
|
||||||
|
|
||||||
|
|
||||||
#ifdef __riscos__
|
#ifdef __riscos__
|
||||||
@ -2761,6 +2764,10 @@ main (int argc, char **argv)
|
|||||||
opt_set_iobuf_size_used = 1;
|
opt_set_iobuf_size_used = 1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case oDebugAllowLargeChunks:
|
||||||
|
allow_large_chunks = 1;
|
||||||
|
break;
|
||||||
|
|
||||||
case oStatusFD:
|
case oStatusFD:
|
||||||
set_status_fd ( translate_sys2libc_fd_int (pargs.r.ret_int, 1) );
|
set_status_fd ( translate_sys2libc_fd_int (pargs.r.ret_int, 1) );
|
||||||
break;
|
break;
|
||||||
@ -3884,15 +3891,15 @@ main (int argc, char **argv)
|
|||||||
/* Check chunk size. Please fix also the man page if you chnage
|
/* Check chunk size. Please fix also the man page if you chnage
|
||||||
* the default. The limits are given by the specs. */
|
* the default. The limits are given by the specs. */
|
||||||
if (!opt.chunk_size)
|
if (!opt.chunk_size)
|
||||||
opt.chunk_size = 30; /* Default to 1 GiB chunks. */
|
opt.chunk_size = 27; /* Default to the suggested max of 128 MiB. */
|
||||||
else if (opt.chunk_size < 6)
|
else if (opt.chunk_size < 6)
|
||||||
{
|
{
|
||||||
opt.chunk_size = 6;
|
opt.chunk_size = 6;
|
||||||
log_info (_("chunk size invalid - using %d\n"), opt.chunk_size);
|
log_info (_("chunk size invalid - using %d\n"), opt.chunk_size);
|
||||||
}
|
}
|
||||||
else if (opt.chunk_size > 62)
|
else if (opt.chunk_size > (allow_large_chunks? 62 : 27))
|
||||||
{
|
{
|
||||||
opt.chunk_size = 62;
|
opt.chunk_size = (allow_large_chunks? 62 : 27);
|
||||||
log_info (_("chunk size invalid - using %d\n"), opt.chunk_size);
|
log_info (_("chunk size invalid - using %d\n"), opt.chunk_size);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
x
Reference in New Issue
Block a user