MSCHAPv2 Question on maximum password size

Soh Kam Yung sohkamyung
Mon Aug 31 19:50:05 PDT 2009

On Sat, Aug 29, 2009 at 2:00 PM, Alan DeKok<aland at> wrote:
> Jouni Malinen wrote:
>> wpa_supplicant processes the password as binary data and assumes it is
>> using 8-bit characters, i.e., not 16-bit unicode that RFC 2759 is using.
>> Anyway, the maximum length of the password is 256 octets which will be
>> internally be converted into 16-bit unicode characters by adding 0x00
>> octets.
> ?Which is probably the best solution, even if the input is UTF-8.
> Converting the UTF-8 to Microsofts version of UCS2 is awkward, to say
> the least.
> ?I've talked with Microsoft about this (at IETF), and their conclusion
> was that the simple conversion was probably the best. ?They weren't even
> sure if different versions of Windows acted consistently. ?Apparently
> there are multiple implementations of the MSCHAP code, even inside of
> Microsoft.
> ?Alan DeKok.

Jouni, Alan,

Thanks for the feedback.

So, wpa_supplicant is expecting at most 256 octets (bytes) for the
password. I will use this at the limit for the entry field in my
application also.

I just checked the wpa_supplicant configuration options.  Both
identity and password fields are expected to be C-strings.  Does this
mean that the NULL character cannot be part of both fields?  Could
this be a problem?

Soh Kam Yung
my Google Reader Shared links:
my Google Reader Shared SFAS links:

More information about the Hostap mailing list