MSCHAPv2 Question on maximum password size

Alan DeKok aland
Fri Aug 28 23:00:40 PDT 2009


Jouni Malinen wrote:
> wpa_supplicant processes the password as binary data and assumes it is
> using 8-bit characters, i.e., not 16-bit unicode that RFC 2759 is using.
> Anyway, the maximum length of the password is 256 octets which will be
> internally be converted into 16-bit unicode characters by adding 0x00
> octets.

  Which is probably the best solution, even if the input is UTF-8.
Converting the UTF-8 to Microsofts version of UCS2 is awkward, to say
the least.

  I've talked with Microsoft about this (at IETF), and their conclusion
was that the simple conversion was probably the best.  They weren't even
sure if different versions of Windows acted consistently.  Apparently
there are multiple implementations of the MSCHAP code, even inside of
Microsoft.

  Alan DeKok.



More information about the Hostap mailing list