Code Review Request, JDK-8146600 AVA Normalizer.Form issue
Xuelei Fan
xuelei.fan at oracle.com
Thu Sep 15 00:09:42 UTC 2016
Hi,
Please review this fix:
http://cr.openjdk.java.net/~xuelei/8146600/webrev.00/
The Normalizer.Form.NFKD is used to normalize attribute-value assertion
in X.509 certificate processing. The normalizer may convert some UTF-8
character into ASCII code. For example, ","(two bytes) will be
converted to ","(one byte), and "Hello, world!" is normalize to "Hello,
world!". However, "Hello, world!" and "Hello, world!" should be
different because of the comma code. This conversion may result in
unexpected weird behaviors for name comparing and conversions.
This fix will update to use "Normalizer.Form.NFD".
Thanks,
Xuelei
More information about the security-dev
mailing list