CredentialProvider does not accept passwords with special (German) letters
-
01-07-2021 - |
Question
I wrote a CredentialProvider that allows to log in to Windows. But today I found out this strange error that GetSerialization()
seems not to accept passwords which contain the German 'umlaut' letters like 'ä' or 'ü'. Does anyone know the solution?
Thanks in advance
Solution
It'll depend on the details of the format in which GetSerialization()
returns the password.
If your CredentialProvider returns a serialized KERB_INTERACTIVE_UNLOCK_LOGON
structure, as the standard password provider does, then the username, password, and domain name values in the structure must all be passed as UNICODE_STRING
values. Note that UNICODE_STRING
is a structure that contains current length and maximum length values and a buffer of 16-bit Unicode (UTF-16LE) characters. As they're Unicode they can certainly hold letters with umlauts.
However, if your CredntialProvider handles the password in a narrow character buffer you may be handling your umlaut characters as 8-bit Windows CP1252 characters. You'll need to convert those to 16-bit Unicode before placing them in the KERB_INTERACTIVE_UNLOCK_LOGON
structure and serializing it.