Normalize all string inputs according to a particular Unicode rule

[cipriancraciun]

At the moment, any user-provided string inputs (i.e. passwords, additional data, etc.) is used as is, without any form of Unicode normalization.

In order to ensure security and portability, all input strings (that are a superset of ASCII) should be normalized according to a canonical rule.

See the following two issues which stemmed this issue:

• Compatibility between devices (Apple and Microsoft have incompatible encodings) FiloSottile/age#601
• Compatibility between devices (Apple and Microsoft have incompatible encodings) samuel-lucas6/Kryptor#78

[cipriancraciun]

• https://datatracker.ietf.org/doc/html/rfc8265 specifies NFC;
• https://pages.nist.gov/800-63-3/sp800-63b.html specifies NFKC or NFKD;
• use https://crates.io/crates/unicode-normalization;

[hakavlad]

Please see samuel-lucas6/Kryptor#78 (reply in thread)

Not only normalization, but also disallowing prohibited output allows you to use Unicode safely