I ran across some code in an app I work on that allows users to upgrade to RSA keysizes of 15360. I know there's a defined limit on putting keysizes of 4096 into keychain, but they are modifying a preference (/Library/Preferences/com.apple.crypto) and setting RSAMaxKeySize to 15360. Apparently a header contains information that you can edit the keysize: http://www.opensource.apple.com/source/libsecurity_apple_csp/libsecurity_apple_csp-36859/lib/RSA_DSA_keys.h
They told me that it has problems on OS X. That the Mail.app will crash after this change.
What are the limits of changing this default variable? Is changing the keysize not supported or recommended at all?
Is changing the keysize not supported or recommended at all?
Correct. Changing global system preferences based on information you find in the Darwin open source project is not the path to long-term binary compatibility and is most definitely not supported.
Share and Enjoy
—
Quinn "The Eskimo!"
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"