gpg: Add build and runtime support for larger RSA keys

* configure.ac: Added --enable-large-secmem option. * g10/options.h: Add opt.flags.large_rsa. * g10/gpg.c: Contingent on configure option: adjust secmem size, add gpg --enable-large-rsa, bound to opt.flags.large_rsa. * g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa * doc/gpg.texi: Document --enable-large-rsa. -- This is a cherry-pick of 534e2876ac from STABLE-BRANCH-1-4 against STABLE-BRANCH-2-0 Some older implementations built and used RSA keys up to 16Kib, but the larger secret keys now fail when used by more recent GnuPG, due to secure memory limitations. Building with ./configure --enable-large-secmem will make gpg capable of working with those secret keys, as well as permitting the use of a new gpg option --enable-large-rsa, which let gpg generate RSA keys up to 8Kib when used with --batch --gen-key. Debian-bug-id: 739424 Minor edits by wk. GnuPG-bug-id: 1732
2025-07-03 22:56:33 +02:00 · 2014-10-03 13:59:34 -04:00 · 2014-10-03 13:59:34 -04:00 · f952fe8c6d
commit f952fe8c6d
parent 39c5d991a8
5 changed files with 51 additions and 3 deletions
--- a/g10/gpg.c
+++ b/g10/gpg.c
@ -367,6 +367,8 @@ enum cmd_and_opt_values
    oAutoKeyLocate,
    oNoAutoKeyLocate,
    oAllowMultisigVerification,
+    oEnableLargeRSA,
+    oDisableLargeRSA,
    oEnableDSA2,
    oDisableDSA2,
    oAllowMultipleMessages,
@ -736,6 +738,8 @@ static ARGPARSE_OPTS opts[] = {

  ARGPARSE_s_n (oAllowMultisigVerification,
                "allow-multisig-verification", "@"),
+  ARGPARSE_s_n (oEnableLargeRSA, "enable-large-rsa", "@"),
+  ARGPARSE_s_n (oDisableLargeRSA, "disable-large-rsa", "@"),
  ARGPARSE_s_n (oEnableDSA2, "enable-dsa2", "@"),
  ARGPARSE_s_n (oDisableDSA2, "disable-dsa2", "@"),
  ARGPARSE_s_n (oAllowMultipleMessages,      "allow-multiple-messages", "@"),
@ -2069,7 +2073,7 @@ main (int argc, char **argv)
 #endif

    /* Initialize the secure memory. */
-    if (!gcry_control (GCRYCTL_INIT_SECMEM, 32768, 0))
+    if (!gcry_control (GCRYCTL_INIT_SECMEM, SECMEM_BUFFER_SIZE, 0))
      got_secmem = 1;
 #if defined(HAVE_GETUID) && defined(HAVE_GETEUID)
    /* There should be no way to get to this spot while still carrying
@ -2964,6 +2968,22 @@ main (int argc, char **argv)
 	    release_akl();
 	    break;

+	  case oEnableLargeRSA:
+#if SECMEM_BUFFER_SIZE >= 65536
+            opt.flags.large_rsa=1;
+#else
+            if (configname)
+              log_info("%s:%d: WARNING: gpg not built with large secure "
+                         "memory buffer.  Ignoring enable-large-rsa\n",
+                        configname,configlineno);
+            else
+              log_info("WARNING: gpg not built with large secure "
+                         "memory buffer.  Ignoring --enable-large-rsa\n");
+#endif /* SECMEM_BUFFER_SIZE >= 65536 */
+            break;
+	  case oDisableLargeRSA: opt.flags.large_rsa=0;
+            break;
+
 	  case oEnableDSA2: opt.flags.dsa2=1; break;
 	  case oDisableDSA2: opt.flags.dsa2=0; break;

--- a/g10/keygen.c
+++ b/g10/keygen.c
@ -1431,6 +1431,7 @@ gen_rsa (int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
  PKT_secret_key *sk;
  PKT_public_key *pk;
  gcry_sexp_t s_parms, s_key;
+  const unsigned maxsize = (opt.flags.large_rsa ? 8192 : 4096);

  assert (is_RSA(algo));

@ -1442,9 +1443,9 @@ gen_rsa (int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
      nbits = 2048;
      log_info (_("keysize invalid; using %u bits\n"), nbits );
    }
-  else if (nbits > 4096)
+  else if (nbits > maxsize)
    {
-      nbits = 4096;
+      nbits = maxsize;
      log_info (_("keysize invalid; using %u bits\n"), nbits );
    }

--- a/g10/options.h
+++ b/g10/options.h
@ -232,6 +232,7 @@ struct
    unsigned int dsa2:1;
    unsigned int allow_multiple_messages:1;
    unsigned int allow_weak_digest_algos:1;
+    unsigned int large_rsa:1;
  } flags;

  /* Linked list of ways to find a key if the key isn't on the local