Marc Kaufman created PDFBOX-4155:
------------------------------------
Summary: Password Security with Unicode needs SASLprep
Key: PDFBOX-4155
URL: https://issues.apache.org/jira/browse/PDFBOX-4155
Project: PDFBox
Issue Type: Bug
Components: Crypto
Affects Versions: 2.0.8
Reporter: Marc Kaufman
Fix For: 2.0.9
Standard Security handler for Version 6 (AES256) handles Unicode passwords.
However the current handler is missing this part:
"The UTF-8 password string shall be generated from Unicode input by processing
the input string with the SASLprep (RFC 4013) profile of stringprep (RFC 3454)
using the Normalize and BiDi options, and then converting to a UTF-8
representation."
SASLprep is required to normalize equivalent codings for complex glyphs (such
as those using umlauts, etc).
pdmodel/encryption/StandardSecurityHandler.java
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org
For additional commands, e-mail: dev-h...@pdfbox.apache.org
