PKCS#12 password length limit in sm/minip12.c
Rainer Perske
rainer.perske at uni-muenster.de
Sun Nov 7 14:10:11 CET 2021
Hello, everyone
Currently, GnuPG cannot import PKCS#12 files protected with passwords
longer than 31 bytes, giving a long series of error messages while
trying to interpret the given password with all implemented character
sets.
Before I file a bug report: Is there any good reason for limiting the
password length for PKCS#12 files to 63/2 = 31 bytes in line 354 of
"sm/minip12.c"?
Neither in the comments nor in the code below I can find any reason for
a limit smaller than 63 bytes, and other software like OpenSSL allows
for even longer passwords.
Should there be no such reason, I'd suggest to modify the limit in line
354 of "sm/minip12.c". I did not test it, but as far as I can see, the
rest of the code can handle up to 63 bytes, so this might be a
reasonable limit forced by the current implementation.
Best regards
--
Rainer Perske
Systemdienste + Leiter der Zertifizierungsstelle (WWUCA)
--
Westfälische Wilhelms-Universität (WWU) Münster
WWU IT
Rainer Perske, Systemdienste
Röntgenstraße 7-13, Raum 006
48149 Münster
Tel.: +49 251 83-31582
E-Mail: rainer.perske at uni-muenster.de
Website: www.uni-muenster.de/it
Zertifizierungsstelle (WWUCA):
Tel.: +49 251 83-31590
E-Mail: ca at uni-muenster.de
WWW: www.uni-muenster.de/wwuca
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5454 bytes
Desc: S/MIME cryptographic signature
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20211107/a6e61f7d/attachment.bin>
More information about the Gnupg-devel
mailing list