NFKC normalization in StringPrep is not in accordance with RFC -------------------------------------------------------------- Key: ELY-47 URL: https://issues.jboss.org/browse/ELY-47 Project: WildFly Elytron Issue Type: Bug Security Level: Public(Everyone can see) Reporter: Jan Kalina Assignee: Darran Lofthouse StringPrep from utils use java.text.Normalizer to NFKC normalization. But this normalization is not in accordance with RFC 3454 - see mapping table: http://tools.ietf.org/html/rfc3454#appendix-B.2 Relevant profile description: http://tools.ietf.org/html/rfc3454#section-3.2 Full test is part of [pull request 13|https://github.com/wildfly-security/wildfly-sasl/pull/13], but for basic testing can be used this simple test: {code:java} @Test public void testNormalizationWithNFKC(){ ByteStringBuilder b = new ByteStringBuilder(); String before = "\u0041\u0042\u0043\u0044\u0045\u0046\u0047"; String after = "\u0061\u0062\u0063\u0064\u0065\u0066\u0067"; StringPrep.encode(before, b, StringPrep.NORMALIZE_KC); assertEquals(after, new String(b.toArray())); } {code}