[jboss-jira] [JBoss JIRA] (ELY-47) NFKC normalization in StringPrep is not in accordance with RFC
Jan Kalina (JIRA)
issues at jboss.org
Tue Aug 26 04:36:59 EDT 2014
[ https://issues.jboss.org/browse/ELY-47?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Kalina updated ELY-47:
--------------------------
Description:
StringPrep from utils use java.text.Normalizer to NFKC normalization. But this normalization is not in accordance with RFC 3454 - see mapping table:
http://tools.ietf.org/html/rfc3454#appendix-B.2
Relevant profile description:
http://tools.ietf.org/html/rfc3454#section-3.2
Full test is part of [pull request 13|https://github.com/wildfly-security/wildfly-sasl/pull/13], but for basic testing can be used this simple test:
{code:java}
@Test
public void testNormalizationWithNFKC(){
ByteStringBuilder b = new ByteStringBuilder();
String before = "\u0041\u0042\u0043\u0044\u0045\u0046\u0047";
String after = "\u0061\u0062\u0063\u0064\u0065\u0066\u0067";
StringPrep.encode(before, b, StringPrep.NORMALIZE_KC);
assertEquals(after, new String(b.toArray()));
}
{code}
was:
StringPrep from utils use java.text.Normalizer to NFKC normalization. But this normalization is not in accordance with RFC 3454 - see mapping table:
http://tools.ietf.org/html/rfc3454#appendix-B.2
Relevant profile description:
http://tools.ietf.org/html/rfc3454#section-3.2
Full test is part of [pull request 13|https://github.com/wildfly-security/wildfly-sasl/pull/13], but for basic testing and for reference can be used this simple test:
{code:java}
@Test
public void testNormalizationWithNFKC(){
ByteStringBuilder b = new ByteStringBuilder();
String before = "\u0041\u0042\u0043\u0044\u0045\u0046\u0047";
String after = "\u0061\u0062\u0063\u0064\u0065\u0066\u0067";
StringPrep.encode(before, b, StringPrep.NORMALIZE_KC);
assertEquals(after, new String(b.toArray()));
}
{code}
> NFKC normalization in StringPrep is not in accordance with RFC
> --------------------------------------------------------------
>
> Key: ELY-47
> URL: https://issues.jboss.org/browse/ELY-47
> Project: WildFly Elytron
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Reporter: Jan Kalina
> Assignee: Darran Lofthouse
>
> StringPrep from utils use java.text.Normalizer to NFKC normalization. But this normalization is not in accordance with RFC 3454 - see mapping table:
> http://tools.ietf.org/html/rfc3454#appendix-B.2
> Relevant profile description:
> http://tools.ietf.org/html/rfc3454#section-3.2
> Full test is part of [pull request 13|https://github.com/wildfly-security/wildfly-sasl/pull/13], but for basic testing can be used this simple test:
> {code:java}
> @Test
> public void testNormalizationWithNFKC(){
> ByteStringBuilder b = new ByteStringBuilder();
> String before = "\u0041\u0042\u0043\u0044\u0045\u0046\u0047";
> String after = "\u0061\u0062\u0063\u0064\u0065\u0066\u0067";
> StringPrep.encode(before, b, StringPrep.NORMALIZE_KC);
> assertEquals(after, new String(b.toArray()));
> }
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.1#6329)
More information about the jboss-jira
mailing list