Page MenuHome GnuPG

Pinentry's max password length is too short
Closed, ResolvedPublic

Description

I used to use gnupg version 1.4.11 in combination with enigmail and thunderbird
to send encrypted emails. Recently I decided to format my computer and
automatically I installed the new version of gnupg after that, but when I tried
to enter my passphrase I got an pinentry popup that asked for my password
instead of an openpgp popup I used to get before that.
I tried to copy my password in, but it wouldn't work, although it seemed to work
if I entered a shorter text.

It seems that pinentry doesn't support the same key length as openpgp did. Could
you look into this?

I use thunderbird 24/engimail 1.6 on windows 7.

Thanks!

Details

Version
2.2.1

Event Timeline

What do you mean by "openpgp popup"?

Which installation options did you used whethn installing gpg4win? Depending on
the version you get a different pinentry version - we have a qt based one, a GTK
based base, and a very simple native windows pinentry.

Hello, Thank you for your reply.

I used the gpg4win-2.2.1.exe binary which I downloaded from gpg4win.org

The popup I mentioned is the screen that asks me for my password when I try to
open an encrypted mail in my mailbox via thunderbird/enigmail. See the
screenshot. In the newer gpg version this popup is replaced by a prompt screen
that says pinentry and will allow only for shorter passwords.

I understand that my password is exceptional long, as I still was (and maybe
still am) a beginner on the encrypted mail part. But backwards compatibility
seems pretty important in the case of encrypted mails and passwords to decrypt them.

With GnuPG 1.x, Enigmail takes care of presenting the passphrase dialog.
With GnuPG 2.x GnuPG does it of its own. For that it spawns a small tool
called pinentry which asks for the passphrase. We actually have several
versions of that pinentry. The one you are using is based on Qt (a toolkit) and
has a limit of 256 bytes for the passphrase. The limit may actually be lower if
you are using non-ascii characters, but I can't see how that value is not
sufficient.

How long is your passphrase and does it contain many non-ascii characters (e.g.
Umlauts)?

Sorry for the delay, the passphrase is 512 characters long (now I should change
it after publishing that here ;-)) and just ascii characters.

werner claimed this task.
werner added a project: Not A Bug.