bc-java icon indicating copy to clipboard operation
bc-java copied to clipboard
verified publisher icon bcgit

IETFUtils.canonitialize uses toLower with default locale, Locale.ROOT is a better choice.

Open jweu opened this issue 3 years ago • 1 comments

Turkey has a 'ı' without a dot on top as a lower 'I' and and upper case 'İ' with a dot. So the lowercase is dependent of a locale. the IETFUtils.canonicalize(String) should use Locale.ROOT or take a locale as a parameter.

https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/lang/String.html#toLowerCase(java.util.Locale) "To obtain correct results for locale insensitive strings, use toLowerCase(Locale.ROOT)"

For comparison of a country for "cn=Max,...,c=IT", "cn=Max,...,c=it" and "cn=Max,...,c=ıt", the locale is important. At the next step, bouncycastle may use the Locale.ROOT to canonitialize the country and every DERIa5String and PrintableString at X500Name.equals(...).

jweu avatar Feb 04 '22 16:02 jweu

Can you just point to exactly where this is happening?

dghgit avatar Feb 05 '22 07:02 dghgit