Package: gnupg / 1.4.18-7+deb8u5

Add-build-and-runtime-support-for-larger-RSA-key.patch Patch series | download
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
From 534e2876acc05f9f8d9b54c18511fe768d77dfb5 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date: Fri, 3 Oct 2014 12:01:11 -0400
Subject: [PATCH] gpg: Add build and runtime support for larger RSA keys

* configure.ac: Added --enable-large-secmem option.
* g10/options.h: Add opt.flags.large_rsa.
* g10/gpg.c: Contingent on configure option: adjust secmem size,
add gpg --enable-large-rsa, bound to opt.flags.large_rsa.
* g10/keygen.c: Adjust max RSA size based on opt.flags.large_rsa
* doc/gpg.texi: Document --enable-large-rsa.

--

Some older implementations built and used RSA keys up to 16Kib, but
the larger secret keys now fail when used by more recent GnuPG, due to
secure memory limitations.

Building with ./configure --enable-large-secmem will make gpg
capable of working with those secret keys, as well as permitting the
use of a new gpg option --enable-large-rsa, which let gpg generate RSA
keys up to 8Kib when used with --batch --gen-key.

Debian-bug-id: 739424

Minor edits by wk.

GnuPG-bug-id: 1732
---
 configure.ac  | 16 ++++++++++++++++
 doc/gpg.texi  |  9 +++++++++
 g10/gpg.c     | 22 +++++++++++++++++++++-
 g10/keygen.c  |  5 +++--
 g10/options.h |  1 +
 5 files changed, 50 insertions(+), 3 deletions(-)

diff --git a/configure.ac b/configure.ac
index ae63a4a..1fd6253 100644
--- a/configure.ac
+++ b/configure.ac
@@ -158,6 +158,7 @@ use_exec=yes
 card_support=yes
 agent_support=yes
 disable_keyserver_path=no
+large_secmem=no
 
 AC_ARG_ENABLE(minimal,
    AC_HELP_STRING([--enable-minimal],[build the smallest gpg binary possible]),
@@ -177,6 +178,21 @@ AC_ARG_ENABLE(minimal,
    agent_support=no)
 
 
+AC_MSG_CHECKING([whether to allocate extra secure memory])
+AC_ARG_ENABLE(large-secmem,
+              AC_HELP_STRING([--enable-large-secmem],
+                             [allocate extra secure memory]),
+              large_secmem=$enableval, large_secmem=no)
+AC_MSG_RESULT($large_secmem)
+if test "$large_secmem" = yes ; then
+   SECMEM_BUFFER_SIZE=65536
+else
+   SECMEM_BUFFER_SIZE=32768
+fi
+AC_DEFINE_UNQUOTED(SECMEM_BUFFER_SIZE,$SECMEM_BUFFER_SIZE,
+                   [Size of secure memory buffer])
+
+
 AC_MSG_CHECKING([whether OpenPGP card support is requested])
 AC_ARG_ENABLE(card-support,
               AC_HELP_STRING([--disable-card-support],
diff --git a/doc/gpg.texi b/doc/gpg.texi
index ded69ce..ae86809 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -1104,6 +1104,15 @@ the opposite meaning. The options are:
   validation. This option is only meaningful if pka-lookups is set.
 @end table
 
+@item --enable-large-rsa
+@itemx --disable-large-rsa
+@opindex enable-large-rsa
+@opindex disable-large-rsa
+With --gen-key and --batch, enable the creation of larger RSA secret
+keys than is generally recommended (up to 8192 bits).  These large
+keys are more expensive to use, and their signatures and
+certifications are also larger.
+
 @item --enable-dsa2
 @itemx --disable-dsa2
 @opindex enable-dsa2
diff --git a/g10/gpg.c b/g10/gpg.c
index 1b0a364..6dc15fa 100644
--- a/g10/gpg.c
+++ b/g10/gpg.c
@@ -372,6 +372,8 @@ enum cmd_and_opt_values
     oAutoKeyLocate,
     oNoAutoKeyLocate,
     oAllowMultisigVerification,
+    oEnableLargeRSA,
+    oDisableLargeRSA,
     oEnableDSA2,
     oDisableDSA2,
     oAllowMultipleMessages,
@@ -719,6 +721,8 @@ static ARGPARSE_OPTS opts[] = {
     { oDebugCCIDDriver, "debug-ccid-driver", 0, "@"},
 #endif
     { oAllowMultisigVerification, "allow-multisig-verification", 0, "@"},
+    { oEnableLargeRSA, "enable-large-rsa", 0, "@"},
+    { oDisableLargeRSA, "disable-large-rsa", 0, "@"},
     { oEnableDSA2, "enable-dsa2", 0, "@"},
     { oDisableDSA2, "disable-dsa2", 0, "@"},
     { oAllowMultipleMessages, "allow-multiple-messages", 0, "@"},
@@ -1995,7 +1999,7 @@ main (int argc, char **argv )
     }
 #endif
     /* initialize the secure memory. */
-    got_secmem=secmem_init( 32768 );
+    got_secmem=secmem_init( SECMEM_BUFFER_SIZE );
     maybe_setuid = 0;
     /* Okay, we are now working under our real uid */
 
@@ -2851,6 +2855,22 @@ main (int argc, char **argv )
 	    release_akl();
 	    break;
 
+	  case oEnableLargeRSA:
+#if SECMEM_BUFFER_SIZE >= 65536
+            opt.flags.large_rsa=1;
+#else
+            if (configname)
+              log_info("%s:%d: WARNING: gpg not built with large secure "
+                         "memory buffer.  Ignoring enable-large-rsa\n",
+                        configname,configlineno);
+            else
+              log_info("WARNING: gpg not built with large secure "
+                         "memory buffer.  Ignoring --enable-large-rsa\n");
+#endif /* SECMEM_BUFFER_SIZE >= 65536 */
+            break;
+	  case oDisableLargeRSA: opt.flags.large_rsa=0;
+            break;
+
 	  case oEnableDSA2: opt.flags.dsa2=1; break;
 	  case oDisableDSA2: opt.flags.dsa2=0; break;
 
diff --git a/g10/keygen.c b/g10/keygen.c
index 84f852f..9020908 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -1253,6 +1253,7 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
     PKT_public_key *pk;
     MPI skey[6];
     MPI *factors;
+    const unsigned maxsize = (opt.flags.large_rsa ? 8192 : 4096);
 
     assert( is_RSA(algo) );
 
@@ -1260,8 +1261,8 @@ gen_rsa(int algo, unsigned nbits, KBNODE pub_root, KBNODE sec_root, DEK *dek,
 	nbits = 2048;
 	log_info(_("keysize invalid; using %u bits\n"), nbits );
     }
-    else if (nbits > 4096) {
-        nbits = 4096;
+    else if (nbits > maxsize) {
+        nbits = maxsize;
         log_info(_("keysize invalid; using %u bits\n"), nbits );
     }
 
diff --git a/g10/options.h b/g10/options.h
index d6326d8..670cf64 100644
--- a/g10/options.h
+++ b/g10/options.h
@@ -231,6 +231,7 @@ struct
     unsigned int utf8_filename:1;
     unsigned int dsa2:1;
     unsigned int allow_multiple_messages:1;
+    unsigned int large_rsa:1;
   } flags;
 
   /* Linked list of ways to find a key if the key isn't on the local
-- 
2.1.1

diff --git a/config.h.in b/config.h.in
index 379ca1e..f21b779 100644
--- a/config.h.in
+++ b/config.h.in
@@ -690,6 +690,9 @@
 /* Define as the return type of signal handlers (`int' or `void'). */
 #undef RETSIGTYPE
 
+/* Size of secure memory buffer */
+#undef SECMEM_BUFFER_SIZE
+
 /* The size of `time_t', as computed by sizeof. */
 #undef SIZEOF_TIME_T
 
diff --git a/configure b/configure
index 203794c..07639ab 100755
--- a/configure
+++ b/configure
@@ -856,6 +856,7 @@ enable_asm
 enable_selinux_support
 enable_gnupg_iconv
 enable_minimal
+enable_large_secmem
 enable_card_support
 enable_agent_support
 enable_rsa
@@ -1548,6 +1549,7 @@ Optional Features:
                           enable SELinux support
   --disable-gnupg-iconv   disable the new iconv code
   --enable-minimal        build the smallest gpg binary possible
+  --enable-large-secmem   allocate extra secure memory
   --disable-card-support  disable OpenPGP card support
   --disable-agent-support disable gpg-agent support
   --disable-rsa           disable the RSA public key algorithm
@@ -4869,6 +4871,7 @@ use_exec=yes
 card_support=yes
 agent_support=yes
 disable_keyserver_path=no
+large_secmem=no
 
 # Check whether --enable-minimal was given.
 if test "${enable_minimal+set}" = set; then :
@@ -4890,6 +4893,29 @@ fi
 
 
 
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to allocate extra secure memory" >&5
+$as_echo_n "checking whether to allocate extra secure memory... " >&6; }
+# Check whether --enable-large-secmem was given.
+if test "${enable_large_secmem+set}" = set; then :
+  enableval=$enable_large_secmem; large_secmem=$enableval
+else
+  large_secmem=no
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $large_secmem" >&5
+$as_echo "$large_secmem" >&6; }
+if test "$large_secmem" = yes ; then
+   SECMEM_BUFFER_SIZE=65536
+else
+   SECMEM_BUFFER_SIZE=32768
+fi
+
+cat >>confdefs.h <<_ACEOF
+#define SECMEM_BUFFER_SIZE $SECMEM_BUFFER_SIZE
+_ACEOF
+
+
+
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether OpenPGP card support is requested" >&5
 $as_echo_n "checking whether OpenPGP card support is requested... " >&6; }
 # Check whether --enable-card-support was given.