Secret key storage question

David Shaw dshaw at
Tue Jun 18 22:58:01 CEST 2002

On Tue, Jun 18, 2002 at 12:40:47PM -0500, Robert J. Hansen wrote:
> > Also, can the passphrase be any string of bits (lumped into bytes before 
> > giving it to GnuPG), or are there some limitations?
> GnuPG is written in C, and C's string-handling routines are quite
> fragile.  Even if GnuPG handles arbitrary binary input, there's no
> guarantee that the standard C library on whatever system it's running on
> will be as well-behaved.
> As an obvious example, consider throwing in a zero-byte.  Zero-byte has
> two meanings: one is ASCII 0 (NULL), and the other is C "end of
> string".  So if your passphrase were to be 128 bits, but in bits 8-15
> you had eight binary 0s, GnuPG would stop reading the input and truncate
> your passphrase at bit 8--leaving you with only eight bits of entropy in
> your passphrase.

This is one of the things that --passphrase-fd handles.  Using
--passphrase-fd bypasses all string handling and reads the raw
passphrase directly from a file descriptor.  All characters except for
\n (newline) are permitted, which includes control characters, NULLs,
etc.  Putting that numerically, you can use characters 0-9 and 11-255.

Note that if you depart too far from regular alphanumeric characters
then you can make a passphrase that isn't typable via a keyboard
(which may be a good thing, if that's what you want).


   David Shaw  |  dshaw at  |  WWW
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson

More information about the Gnupg-devel mailing list