SASLprep arrives: SCRAM-SHA-256 now Unicode-correct
Summary: SASLprep on SCRAM-SHA-256 — non-ASCII passwords now Unicode-normalised before PBKDF2 (v0.3.0a73).
v0.3.0a73 brings SecantusDB's SCRAM-SHA-256 authentication into line with RFC 4013 by running passwords through SASLprep before they reach PBKDF2. The full stringprep pipeline lands: B.1 mapping (zero-width and other "to-nothing" code points stripped), NFKC Unicode normalisation, the prohibit table (control / non-character / surrogate code points rejected), and the bidirectional check (mixed-direction strings rejected per Bidi(L) and Bidi(R/AL) rules). ASCII-only passwords short-circuit through the fast path unchanged, so existing test suites and credentials see zero behaviour change.
The practical effect: non-ASCII passwords sent by the mongo-java-driver and mongo-node-driver — both of which already SASLprep client-side — now derive the same PBKDF2 key SecantusDB derives, so SCRAM-SHA-256 handshakes succeed against SecantusDB exactly the way they succeed against a real mongod. Previously, any password containing a code point that NFKC reshapes (full-width Latin, compatibility characters, certain compatibility ligatures, etc.) would diverge silently and the auth conversation would fail with AuthenticationFailed. The pymongo driver also SASLpreps client-side; that path is now correct end-to-end too.