Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1X7LLg-0001OT-Kh for bitcoin-development@lists.sourceforge.net; Wed, 16 Jul 2014 09:18:04 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of m.gmane.org designates 80.91.229.3 as permitted sender) client-ip=80.91.229.3; envelope-from=gcbd-bitcoin-development@m.gmane.org; helo=plane.gmane.org; Received: from plane.gmane.org ([80.91.229.3]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1X7LLe-000259-Os for bitcoin-development@lists.sourceforge.net; Wed, 16 Jul 2014 09:18:04 +0000 Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1X7LLX-0008AD-8C for bitcoin-development@lists.sourceforge.net; Wed, 16 Jul 2014 11:17:55 +0200 Received: from f052021167.adsl.alicedsl.de ([78.52.21.167]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 16 Jul 2014 11:17:55 +0200 Received: from andreas by f052021167.adsl.alicedsl.de with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Wed, 16 Jul 2014 11:17:55 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: bitcoin-development@lists.sourceforge.net From: Andreas Schildbach Date: Wed, 16 Jul 2014 11:17:44 +0200 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: f052021167.adsl.alicedsl.de User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 In-Reply-To: X-Enigmail-Version: 1.5.2 X-Spam-Score: -0.4 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [80.91.229.3 listed in list.dnswl.org] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 1.1 DKIM_ADSP_ALL No valid author signature, domain signs all mail -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain X-Headers-End: 1X7LLe-000259-Os Subject: Re: [Bitcoin-development] BIP 38 NFC normalisation issue X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 09:18:04 -0000 Guys, you are always talking about the Unicode astral plane, but in fact its a plain old (ASCII) control character where this problem starts and likely ends: \u0000. Let's ban/filter ISO control characters and be done with it. Most control characters will never be enterable by any keyboard into a password field. Of course I assume that Character.isISOControl() works consistently across platforms. http://docs.oracle.com/javase/7/docs/api/java/lang/Character.html#isISOControl%28char%29 On 07/16/2014 12:23 AM, Aaron Voisine wrote: > If the user creates a password on an iOS device with an astral > character and then can't enter that password on a JVM wallet, that > sucks. If JVMs really can't support unicode NFC then that's a strong > case to limit the spec to the subset of unicode that all popular > platforms can support, but it sounds like it might just be a JVM > string library bug that could hopefully be reported and fixed. I get > the same result as in the test case using apple's > CFStringNormalize(passphrase, kCFStringNormalizationFormC); > > Aaron Voisine > breadwallet.com > > > On Tue, Jul 15, 2014 at 11:20 AM, Mike Hearn wrote: >> Yes, we know, Andreas' code is indeed doing normalisation. >> >> However it appears the output bytes end up being different. What I get back >> is: >> >> cf930001303430300166346139 >> >> vs >> >> cf9300f0909080f09f92a9 >> >> from the spec. >> >> I'm not sure why. It appears this is due to the character from the astral >> planes. Java is old and uses 16 bit characters internally - it wouldn't >> surprise me if there's some weirdness that means it doesn't/won't support >> this kind of thing. >> >> I recommend instead that any implementation that wishes to be compatible >> with JVM based wallets (I suspect Android is the same) just refuse any >> passphrase that includes characters outside the BMP. At least unless someone >> can find a fix. I somehow doubt this will really hurt anyone. >> >> ------------------------------------------------------------------------------ >> Want fast and easy access to all the code in your enterprise? Index and >> search up to 200,000 lines of code with a free copy of Black Duck >> Code Sight - the same software that powers the world's largest code >> search on Ohloh, the Black Duck Open Hub! Try it now. >> http://p.sf.net/sfu/bds >> _______________________________________________ >> Bitcoin-development mailing list >> Bitcoin-development@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/bitcoin-development >> > > ------------------------------------------------------------------------------ > Want fast and easy access to all the code in your enterprise? Index and > search up to 200,000 lines of code with a free copy of Black Duck > Code Sight - the same software that powers the world's largest code > search on Ohloh, the Black Duck Open Hub! Try it now. > http://p.sf.net/sfu/bds >