RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

Found 2 records.

Status: Verified (2)

RFC 2759, "Microsoft PPP CHAP Extensions, Version 2", January 2000

Source of RFC: pppext (int)

Errata ID: 391

Status: Verified
Type: Technical

Reported By: Andrew Roughan
Date Reported: 2002-08-26

Section 9.3 says:

  0-to-256-unicode-char Password:
  4D 79 50 77

  16-octet PasswordHash:
  FC 15 6A F7 ED CD 6C 0E DD E3 33 7D 42 7F 4E AC

It should say:

  0-to-256-char Password:
  4D 79 50 77

  0-to-256-unicode-char NtPassword:
  4D 00 79 00 50 00 77 00

  16-octet NtPasswordHash:
  FC 15 6A F7 ED CD 6C 0E DD E3 33 7D 42 7F 4E AC

Errata ID: 1924

Status: Verified
Type: Technical

Reported By: Alexey Melnikov
Date Reported: 2009-10-22
Verifier Name: Brian Haberman
Date Verified: 2012-05-09

Section 8.3 says:

   NtPasswordHash(
   IN  0-to-256-unicode-char Password,
   OUT 16-octet              PasswordHash )
   {
      /*
       * Use the MD4 algorithm [5] to irreversibly hash Password
       * into PasswordHash.  Only the password is hashed without
       * including any terminating 0.
       */
   }

It should say:

   NtPasswordHash(
   IN  0-to-256-unicode-char Password,
   OUT 16-octet              PasswordHash )
   {
      /*
       * Use the MD4 algorithm [5] to irreversibly hash Password
       * encoded in UTF-16-LE into PasswordHash.
       * Only the password is hashed without
       * including any terminating 0.
       */
   }

Notes:

Section 8.3 is silent on Unicode encoding used for passwords.
Section 9.2 seem to imply that the Unicode encoding used in UTF-16-LE.

Report New Errata



Search RFCs
Advanced Search
×