[ https://issues.apache.org/jira/browse/PDFBOX-4155?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Marc Kaufman updated PDFBOX-4155: --------------------------------- Attachment: SASLPrep example.pdf > Password Security with Unicode needs SASLprep > --------------------------------------------- > > Key: PDFBOX-4155 > URL: https://issues.apache.org/jira/browse/PDFBOX-4155 > Project: PDFBox > Issue Type: Bug > Components: Crypto > Affects Versions: 2.0.8 > Reporter: Marc Kaufman > Priority: Minor > Labels: security > Attachments: SASLPrep example.pdf > > > Standard Security handler for Version 6 (AES256) handles Unicode passwords. > However the current handler is missing this part: > "The UTF-8 password string shall be generated from Unicode input by > processing the input string with the SASLprep (RFC 4013) profile of > stringprep (RFC 3454) using the Normalize and BiDi options, and then > converting to a UTF-8 representation." > SASLprep is required to normalize equivalent codings for complex glyphs (such > as those using umlauts, etc). > pdmodel/encryption/StandardSecurityHandler.java -- This message was sent by Atlassian JIRA (v7.6.3#76005) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@pdfbox.apache.org For additional commands, e-mail: dev-h...@pdfbox.apache.org