gpgsm (GnuPG) 2.2.6
I've switched from Thunderbird to Kontact and therefore also migrated my SMIME certificates. However when attempting to import them I constantly ran into an error message. Kleopatra reported "invalid object".
Checking the logs revealed that gpgsm thinks the password is too long:
gpgsm: password too long
I've set a 64 character password for each of my certificate passphrases, however never ran into issues until now. It seems like there's a hardcoded 31 character limit in the code.
The offending line can be found here:
NIST's guidelines of allowing a maximum password length of at least 64 characters seems like a good start. Since the password is hashed anyway one could also argue that this limit is unnecessary as well.
Regardless this seems like it's worth looking into.