v3.0.2 passphrase too long

Gpg4win help-en
1

Hello! I’ve just updated from gpg4win v2.3.4 and found that I can’ decrypt my emails anymore, because when the pin entry window arrives and I paste my 256 chars long password from a password manager, I’m getting the error - “passphrase too long”. I tried truncating my passphrase to 128 chars (wild guess), but no wonder it does not work. So basically v3 is totally useless for me, unless I revert to 2.x.x, change the passphrase to a shorter one and update again.

Three questions:

  1. Why was this limit lowered compared to v2?
  2. How long is this limit exactly?
  3. Why such a breaking change was not mentioned anywhere in changelogs?

Thank you.

p.s. I recognize that my pwd manager master password is shorter than my keyring’s 256 chars, effectively rendering the latter excessive, and maybe even v2 didn’t use the whole 256 chars, discarding them past the limit, but the problem is that such a breaking change has to be STATED IN ALL CAPS SOMEWHERE IN CHANGELOG, or better right at the download page.

2

Hi F4,

I guess it will be clear to you that using a long passphrase is an unusual use case it may assume a very low entropy use of the characters. :slight_smile:

Not being entirely sure, I believe that the limit of the passphrase was actually shorter in earlier versions, but now it reports the limit. There are a number of reports on dev.gnupg.org,
some of them may be of interest to you, so you can inquire further.

The mailinglist gnupg-devel@ may also be of help.

https://dev.gnupg.org/T2758
https://dev.gnupg.org/T2038

Sorry for the hassle, if we had expected this to be a problem for our users, we would indeed have marked this more prominently.

Best Regards,
Bernhard