Code Review Request, JDK-8146600 AVA Normalizer.Form issue

Xuelei Fan xuelei.fan at oracle.com
Thu Sep 15 00:09:42 UTC 2016


Hi,

Please review this fix:
     http://cr.openjdk.java.net/~xuelei/8146600/webrev.00/

The Normalizer.Form.NFKD is used to normalize attribute-value assertion 
in X.509 certificate processing.  The normalizer may convert some UTF-8 
character into ASCII code.  For example, ","(two bytes) will be 
converted to ","(one byte), and "Hello, world!" is normalize to "Hello, 
world!".  However, "Hello, world!" and "Hello, world!" should be 
different because of the comma code.  This conversion may result in 
unexpected weird behaviors for name comparing and conversions.

This fix will update to use "Normalizer.Form.NFD".

Thanks,
Xuelei


More information about the security-dev mailing list