MSCHAPv2 Question on maximum password size

Soh Kam Yung sohkamyung
Mon Aug 31 19:50:05 PDT 2009


On Sat, Aug 29, 2009 at 2:00 PM, Alan DeKok<aland at deployingradius.com> wrote:
> Jouni Malinen wrote:
>> wpa_supplicant processes the password as binary data and assumes it is
>> using 8-bit characters, i.e., not 16-bit unicode that RFC 2759 is using.
>> Anyway, the maximum length of the password is 256 octets which will be
>> internally be converted into 16-bit unicode characters by adding 0x00
>> octets.
>
> ?Which is probably the best solution, even if the input is UTF-8.
> Converting the UTF-8 to Microsofts version of UCS2 is awkward, to say
> the least.
>
> ?I've talked with Microsoft about this (at IETF), and their conclusion
> was that the simple conversion was probably the best. ?They weren't even
> sure if different versions of Windows acted consistently. ?Apparently
> there are multiple implementations of the MSCHAP code, even inside of
> Microsoft.
>
> ?Alan DeKok.

Jouni, Alan,

Thanks for the feedback.

So, wpa_supplicant is expecting at most 256 octets (bytes) for the
password. I will use this at the limit for the entry field in my
application also.

I just checked the wpa_supplicant configuration options.  Both
identity and password fields are expected to be C-strings.  Does this
mean that the NULL character cannot be part of both fields?  Could
this be a problem?

Regards,
Kam-Yung
-- 
Soh Kam Yung
my Google Reader Shared links:
(http://www.google.com/reader/shared/16851815156817689753)
my Google Reader Shared SFAS links:
(http://www.google.com/reader/shared/user/16851815156817689753/label/sfas)



More information about the Hostap mailing list