Description
Problem:
Coming from opensearch-project/flow-framework#233 (comment)
The code in JceMasterKey.getInstance() does an uppercase conversion without locale information:
When operating in some locales, the case check fails. For example, locale tr-TR converts the "i" in padding to this unicode character.
This is noted here:
For instance with the Turkish language, when converting the small letter 'i' to upper case, the result is capital letter 'I' with a dot over it.
Solution:
The toUppercase() call in the above code (and everywhere, really) should specify Locale.ROOT.
String WRAPPING_ALGORITHM = "AES/GCM/NoPadding";
String t1 = WRAPPING_ALGORITHM.toUpperCase();
String t2 = WRAPPING_ALGORITHM.toUpperCase(Locale.ROOT);t1 in hex: 41 45 53 2F 47 43 4D 2F 4E 4F 50 41 44 44 C4 B0 4E 47
t2 in hex: 41 45 53 2F 47 43 4D 2F 4E 4F 50 41 44 44 49 4E 47