Key derivation with non-ASCII characters
Frank Taylor
FrankSTaylor at gmail.com
Tue Aug 31 05:53:13 EDT 2004
Apologies if this is covered in an obvious place, but I have not found
the solution to this problem.
I am using a Microsoft Active Directory as a Kerberos server with a
Java-based client. On the server, the target account has a password
that contains a pound sterling sign (Unicode 0x00A3). This password
works fine within the Microsoft world, however I cannot get my Java
client to generate the right key from password. The Java code has the
correct password as a String (Java is fully Unicode internally).
What I think I am missing is understanding how to convert the password
string into the array of bytes that is then manipulated by
string_to_key(). It seems that rfc1510 assumes a one character to one
byte mapping.
I have tried simple ASCII, UTF-8, UTF-16LE and ISO-8559-1 character
encodings to generate the bytes for the key algorithm and none seem to
work.
What am I missing? Is this specified anywhere? Is this an MS-specific
capability (i.e. allowing non 7-bit ASCII in passwords)?
Thanks for any help.
Frank.
More information about the Kerberos
mailing list