The following patches will allow PGP 2.6.3ia to generate and process RSA keys up to 4,096 bits in length. The old warning about PGP 2.6.3ia not being for use in the USA has also been removed, now that the RSA patent has expired. These changes are effective ONLY if the source is NOT compiled with the "-DUSA" option. I believe these patches are bug-free, but I accept no liability; use the patched version at your own risk. The PGP 2.6.3ia source can be found on www.pgpi.org (the "International PGP" site run by Ståle Schumacher in Norway). It's called "2.6.3i" on this site, but it includes a set of bug fixes from March 1996 which are described at: http://www.pgpi.org/files/pgp263ia-patch.shtml Rich Wales richw@richw.org http://www.richw.org PGP 2.6+ key generated 2000-08-26; all previous encryption keys REVOKED. RSA, 2048 bits, ID 0xFDF8FC65, print 2A67F410 0C740867 3EF13F41 528512FA ######################################################################## --- src/mpilib.h.orig Tue Aug 29 05:03:30 1995 +++ src/mpilib.h Fri Oct 6 09:08:35 2000 @@ -321,7 +321,15 @@ #endif /* mp_smul */ #define MIN_KEY_BITS 384 +#ifdef USA #define MAX_KEY_BITS 2048 +#else /* USA */ +/* + * MAX_KEY_BITS changed from 2048 to 4096 + * by Rich Wales , 06oct2000 + */ +#define MAX_KEY_BITS 4096 +#endif /* USA */ /* MAX_BIT_PRECISION is upper limit that assembly primitives can handle. It must be less than 32704 bits, or 4088 bytes. It should be an --- src/randpool.h.orig Fri Jul 15 05:59:32 1994 +++ src/randpool.h Fri Oct 6 09:08:38 2000 @@ -1,7 +1,15 @@ #include "usuals.h" /* Set this to whatever you need (must be > 512) */ +#ifdef USA #define RANDPOOLBITS 3072 +#else /* USA */ +/* + * RANDPOOLBITS changed from 3072 to 10240 + * by Rich Wales , 06oct2000 + */ +#define RANDPOOLBITS 10240 +#endif /* USA */ void randPoolStir(void); void randPoolAddBytes(byte const *buf, unsigned len); --- src/pgp.c.orig Wed Apr 24 10:34:19 1996 +++ src/pgp.c Fri Oct 6 09:09:59 2000 @@ -101,6 +101,7 @@ Version 2.6.2i - 7 May 95 Version 2.6.3(i) - 18 Jan 96 Version 2.6.3(i)a - 4 Mar 96 + Version 2.6.3(i)a+4K - 6 Oct 00 - richw@webcom.com */ @@ -193,7 +194,7 @@ " Amiga 68000 version by Rob Knop "; # endif #else -static const char __DOSVer[] = "$VER: PGP 2.6.3ia (04.03.96)" +static const char __DOSVer[] = "$VER: PGP 2.6.3ia+4K (06.10.00)" # ifdef _M68020 " Amiga 68020 version by Peter Simons "; # else @@ -205,10 +206,11 @@ /* Global filenames and system-wide file extensions... */ #ifdef USA char rel_version[] = _LANG("2.6.3a"); /* release version */ -#else -char rel_version[] = _LANG("2.6.3ia"); /* release version */ -#endif char rel_date[] = "1996-03-04"; /* release date */ +#else /* USA */ +char rel_version[] = _LANG("2.6.3ia+4K"); /* release version */ +char rel_date[] = "2000-10-06"; /* release date */ +#endif /* USA */ char PGP_EXTENSION[] = ".pgp"; char ASC_EXTENSION[] = ".asc"; char SIG_EXTENSION[] = ".sig"; @@ -390,13 +392,15 @@ #ifdef USA fputs(LANG(signon_legalese), stderr); #endif - fputs( #ifdef USA + fputs( LANG("Export of this software may be restricted by the U.S. government.\n"), -#else -LANG("International version - not for use in the USA. Does not use RSAREF.\n"), -#endif + /* + * Non-RSAREF warning removed (now that RSA patent has expired) + * by Rich Wales , 06oct2000 + */ stderr); +#endif get_timestamp((byte *) & tstamp); /* timestamp points to tstamp */ fprintf(pgpout, LANG("Current time: %s\n"), ctdate(&tstamp));