[Pkg-gnupg-maint] Bug#739424: gnupg dies with "gpg: out of secure memory [...]" since 1.4.16-1
waldner+bug at waldner.priv.at
Thu Mar 20 17:48:09 UTC 2014
Werner Koch, <wk at gnupg.org>, wrote:
>On Tue, 18 Feb 2014 18:26, rak at debian.org said:
>> 10240-bit RSA key, ID 4A11C97A, created 2009-09-23
> ^^^^^^ !!!
>> gpg: (this may be caused by too many secret keys used simultaneously
>> or due to excessive large key sizes)
>There are reasons why upstream gpg does not allow the creation of such
>stupidly long keys.
The fix for being able to deal with such key-sizes seems rather
got_secmem=secmem_init( 32768 );
Changing that to, say, 262144 (*8) lets GnuPG deal with keys > ~5kBit. A
quick test shows that it can deal with 16kBit keys with that value, but
32kBit are still too much.
I do think that in Good Old Internet Tradition ("be liberal in what you
accept") it'd be fine to change that value. It still won't let you
*create* keys >4kBit anyway, just deal with situations where the user
(or a correspondent, in case of the user wanting to sign such a thing)
has created such large keys with something else.
-- A "militant agnostic" is someone who's credo is
-- "No, I don't know, and NEITHER DO YOU, DAMMIT!"
-- (partly) Kevin Martin, asr
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 173 bytes
Desc: Digital Signature
More information about the Pkg-gnupg-maint