prevent unicode-confusion in password by applying PRECIS, and username/email address by applying unicode NFC normalization

an é (e with accent) can also be written as e+\u0301. the first form is NFC,
the second NFD. when logging in, we transform usernames (email addresses) to
NFC. so both forms will be accepted. if a client is using NFD, they can log
in too.

for passwords, we apply the PRECIS "opaquestring", which (despite the name)
transforms the value too: unicode spaces are replaced with ascii spaces. the
string is also normalized to NFC. PRECIS may reject confusing passwords when
you set a password.

scram/scram.go

@@ -22,6 +22,7 @@ import (
 	"strings"
 
 	"golang.org/x/crypto/pbkdf2"
+	"golang.org/x/text/secure/precis"
 	"golang.org/x/text/unicode/norm"
 )
 
@@ -84,9 +85,20 @@ func MakeRandom() []byte {
 	return buf
 }
 
+// Cleanup password with precis, like remote should have done. If the password
+// appears invalid, we'll return the original, there is a chance the server also
+// doesn't enforce requirements and accepts it. ../rfc/8265:679
+func precisPassword(password string) string {
+	pw, err := precis.OpaqueString.String(password)
+	if err != nil {
+		return password
+	}
+	return pw
+}
+
 // SaltPassword returns a salted password.
 func SaltPassword(h func() hash.Hash, password string, salt []byte, iterations int) []byte {
-	password = norm.NFC.String(password)
+	password = precisPassword(password)
 	return pbkdf2.Key([]byte(password), salt, iterations, h().Size(), h)
 }