diff --git a/ChangeLog b/ChangeLog
index dc14ca215906e5856a6802e61ef1a3fef9d1b6e1..410a792dbb2b98b7cdd8f62dac564237656dd063 100755
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+2010-08-13  Christian Kuhn  <lolli@schwarzbu.ch>
+
+	* Fixed bug #13662: rsaauth does not work with special characters (like ä ü ö § ) in password (Thanks to Steffen Ritter)
+
 2010-08-12  Christian Kuhn  <lolli@schwarzbu.ch>
 
 	* Follow-up to #15383: [Unit tests] Uncomment three tests which fail for php 5.3.0 on windows (Thanks to Steffen Kamper)
diff --git a/typo3/sysext/rsaauth/resources/jsbn/jsbn2.js b/typo3/sysext/rsaauth/resources/jsbn/jsbn2.js
index cad0d7bdb72ac0f1fc583b69056a160a082579e8..e53e00b49808a4afe2285369c2644dab30c269e4 100644
--- a/typo3/sysext/rsaauth/resources/jsbn/jsbn2.js
+++ b/typo3/sysext/rsaauth/resources/jsbn/jsbn2.js
@@ -1,9 +1,11 @@
-// Copyright (c) 2005  Tom Wu
+// Copyright (c) 2005-2009  Tom Wu
 // All Rights Reserved.
 // See "LICENSE" for details.
 
 // Extended JavaScript BN functions, required for RSA private ops.
 
+// Version 1.1: new BigInteger("0", 10) returns "proper" zero
+
 // (public)
 function bnClone() { var r = nbi(); this.copyTo(r); return r; }
 
@@ -310,6 +312,7 @@ function bnpDMultiply(n) {
 
 // (protected) this += n << w words, this >= 0
 function bnpDAddOffset(n,w) {
+  if(n == 0) return;
   while(this.t <= w) this[this.t++] = 0;
   this[w] += n;
   while(this[w] >= this.DV) {
diff --git a/typo3/sysext/rsaauth/resources/jsbn/rng.js b/typo3/sysext/rsaauth/resources/jsbn/rng.js
index 6347e5b9950c52115d34dd1e01e299bb0991b16d..03afc3a9fe75be37cfa45fa510bf31399496db2d 100644
--- a/typo3/sysext/rsaauth/resources/jsbn/rng.js
+++ b/typo3/sysext/rsaauth/resources/jsbn/rng.js
@@ -32,7 +32,7 @@ if(rng_pool == null) {
     var z = window.crypto.random(32);
     for(t = 0; t < z.length; ++t)
       rng_pool[rng_pptr++] = z.charCodeAt(t) & 255;
-  }
+  }  
   while(rng_pptr < rng_psize) {  // extract some randomness from Math.random()
     t = Math.floor(65536 * Math.random());
     rng_pool[rng_pptr++] = t >>> 8;
diff --git a/typo3/sysext/rsaauth/resources/jsbn/rsa.js b/typo3/sysext/rsaauth/resources/jsbn/rsa.js
index 4f22883518013974ac6889c2d89a6c8ec0115d87..9f8664037c4e499d250a7b93b8a726766836ad9f 100644
--- a/typo3/sysext/rsaauth/resources/jsbn/rsa.js
+++ b/typo3/sysext/rsaauth/resources/jsbn/rsa.js
@@ -1,5 +1,7 @@
 // Depends on jsbn.js and rng.js
 
+// Version 1.1: support utf-8 encoding in pkcs1pad2
+
 // convert a (hex) string to a bignum object
 function parseBigInt(str,r) {
   return new BigInteger(str,r);
@@ -24,13 +26,27 @@ function byte2Hex(b) {
 
 // PKCS#1 (type 2, random) pad input string s to n bytes, and return a bigint
 function pkcs1pad2(s,n) {
-  if(n < s.length + 11) {
+  if(n < s.length + 11) { // TODO: fix for utf-8
     alert("Message too long for RSA");
     return null;
   }
   var ba = new Array();
   var i = s.length - 1;
-  while(i >= 0 && n > 0) ba[--n] = s.charCodeAt(i--);
+  while(i >= 0 && n > 0) {
+    var c = s.charCodeAt(i--);
+    if(c < 128) { // encode using utf-8
+      ba[--n] = c;
+    }
+    else if((c > 127) && (c < 2048)) {
+      ba[--n] = (c & 63) | 128;
+      ba[--n] = (c >> 6) | 192;
+    }
+    else {
+      ba[--n] = (c & 63) | 128;
+      ba[--n] = ((c >> 6) & 63) | 128;
+      ba[--n] = (c >> 12) | 224;
+    }
+  }
   ba[--n] = 0;
   var rng = new SecureRandom();
   var x = new Array();
diff --git a/typo3/sysext/rsaauth/resources/jsbn/rsa2.js b/typo3/sysext/rsaauth/resources/jsbn/rsa2.js
index fa04b8613baf30f46a11448cc46e5ce7668b7e2b..1dfdb701f75d348630ff2e1e374f9ea2b032c35c 100644
--- a/typo3/sysext/rsaauth/resources/jsbn/rsa2.js
+++ b/typo3/sysext/rsaauth/resources/jsbn/rsa2.js
@@ -1,5 +1,7 @@
 // Depends on rsa.js and jsbn2.js
 
+// Version 1.1: support utf-8 decoding in pkcs1unpad2
+
 // Undo PKCS#1 (type 2, random) padding and, if valid, return the plaintext
 function pkcs1unpad2(d,n) {
   var b = d.toByteArray();
@@ -11,8 +13,20 @@ function pkcs1unpad2(d,n) {
   while(b[i] != 0)
     if(++i >= b.length) return null;
   var ret = "";
-  while(++i < b.length)
-    ret += String.fromCharCode(b[i]);
+  while(++i < b.length) {
+    var c = b[i] & 255;
+    if(c < 128) { // utf-8 decode
+      ret += String.fromCharCode(c);
+    }
+    else if((c > 191) && (c < 224)) {
+      ret += String.fromCharCode(((c & 31) << 6) | (b[i+1] & 63));
+      ++i;
+    }
+    else {
+      ret += String.fromCharCode(((c & 15) << 12) | ((b[i+1] & 63) << 6) | (b[i+2] & 63));
+      i += 2;
+    }
+  }
   return ret;
 }