Password length limit for certificates in Kleopatra
Ingo Klöcker
kloecker at kde.org
Fri Dec 12 17:33:21 GMT 2025
On Freitag, 12. Dezember 2025 10:09:51 Mitteleuropäische Normalzeit Vojtěch
Zeisek wrote:
> Hi,
> I need to use personal PKCS#12 certificates for signing mails in KMail, and
> I found one "funny" issue. Kleopatra has hard-coded limit of maximal
> password length of 31 characters, well it's hard-coded in gpgsm from GnuPG
> [1], which is the only tool to work with these certificates available for
> KDE PIM. I usually work with longer passwords, so this limit is bi
> annoying, and seems outdated as IDK any other recent tool with such a
> limit. Of course, I know I can "repack" the certificate and shorten the
> password using OpenSSL, but still, I wonder if there is any chance to get
> rid of this limit, either by updating the GnuPG, or if KDE PIM would use
> (also) another library to work with certificates (GnuTLS)...?
> Yours,
> V.
>
> [1] <https://github.com/gpg/gnupg/blob/master/sm/minip12.c#L340>
Thanks for the analysis of the problem! Please file a ticket at dev.gnupg.org.
Unfortunately, due to spammers it's a bit complicated to get an account there,
but it's the correct place for reporting issues in GnuPG.
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 265 bytes
Desc: This is a digitally signed message part.
URL: <http://mail.kde.org/pipermail/kdepim-users/attachments/20251212/a8bc4091/attachment.sig>
More information about the kdepim-users
mailing list