Export (0) Print
Expand All Binary Document Password Verifier Derivation Method 2


The CreatePasswordVerifier_Method2 procedure specifies how a 32-bit password verifier is obtained from a string of single-byte characters that has been transformed from a Unicode string. The password verifier is used in XOR obfuscation.

Two different approaches exist for preprocessing the password string to convert it from Unicode to single-byte characters:

  • Using the current language code identifier (LCID), convert Unicode input into an ANSI string, as specified in [MS-UCODEREF]. Truncate the resulting string to 15 single-byte characters.

  • For each input Unicode character, copy the least significant byte into the single-byte string, unless the least significant byte is 0x00. If the least significant byte is 0x00, copy the most significant byte. Truncate the resulting string to 15 characters.

When writing files, the second approach MUST be used. When reading files, both methods MUST be tried, and the password MUST be considered correct if either approach results in a match.

The CreatePasswordVerifier_Method2 procedure takes the following parameter:

  • Password: A string of single-byte characters that specifies the password to be used to encrypt the data. Password MUST NOT be longer than 15 characters. Password MUST be transformed from Unicode to single-byte characters by using the method specified in this section.

     FUNCTION CreatePasswordVerifier_Method2
         PARAMETERS Password
         RETURNS 32-bit unsigned integer
         DECLARE Verifier as 32-bit unsigned integer
         DECLARE KeyHigh as 16-bit unsigned integer
         DECLARE KeyLow as 16-bit unsigned integer
         SET KeyHigh TO CreateXorKey_Method1(Password)
         SET KeyLow TO CreatePasswordVerifier_Method1(Password)
         SET most significant 16 bits of Verifier TO KeyHigh
         SET least significant 16 bits of Verifier TO KeyLow
         RETURN Verifier
© 2016 Microsoft