OLD | NEW |
| (Empty) |
1 /* | |
2 *************************************************************************** | |
3 * Copyright (C) 2008-2010, International Business Machines Corporation | |
4 * and others. All Rights Reserved. | |
5 *************************************************************************** | |
6 * file name: uspoof.h | |
7 * encoding: US-ASCII | |
8 * tab size: 8 (not used) | |
9 * indentation:4 | |
10 * | |
11 * created on: 2008Feb13 | |
12 * created by: Andy Heninger | |
13 * | |
14 * Unicode Spoof Detection | |
15 */ | |
16 | |
17 #ifndef USPOOF_H | |
18 #define USPOOF_H | |
19 | |
20 #include "unicode/utypes.h" | |
21 #include "unicode/uset.h" | |
22 #include "unicode/parseerr.h" | |
23 #include "unicode/localpointer.h" | |
24 | |
25 #if !UCONFIG_NO_NORMALIZATION | |
26 | |
27 | |
28 #if U_SHOW_CPLUSPLUS_API | |
29 #include "unicode/unistr.h" | |
30 #include "unicode/uniset.h" | |
31 | |
32 U_NAMESPACE_USE | |
33 #endif | |
34 | |
35 | |
36 /** | |
37 * \file | |
38 * \brief Unicode Security and Spoofing Detection, C API. | |
39 * | |
40 * These functions are intended to check strings, typically | |
41 * identifiers of some type, such as URLs, for the presence of | |
42 * characters that are likely to be visually confusing - | |
43 * for cases where the displayed form of an identifier may | |
44 * not be what it appears to be. | |
45 * | |
46 * Unicode Technical Report #36, http://unicode.org/reports/tr36, and | |
47 * Unicode Technical Standard #39, http://unicode.org/reports/tr39 | |
48 * "Unicode security considerations", give more background on | |
49 * security an spoofing issues with Unicode identifiers. | |
50 * The tests and checks provided by this module implement the recommendations | |
51 * from those Unicode documents. | |
52 * | |
53 * The tests available on identifiers fall into two general categories: | |
54 * -# Single identifier tests. Check whether an identifier is | |
55 * potentially confusable with any other string, or is suspicious | |
56 * for other reasons. | |
57 * -# Two identifier tests. Check whether two specific identifiers are confu
sable. | |
58 * This does not consider whether either of strings is potentially | |
59 * confusable with any string other than the exact one specified. | |
60 * | |
61 * The steps to perform confusability testing are | |
62 * -# Open a USpoofChecker. | |
63 * -# Configure the USPoofChecker for the desired set of tests. The tests th
at will | |
64 * be performed are specified by a set of USpoofChecks flags. | |
65 * -# Perform the checks using the pre-configured USpoofChecker. The results
indicate | |
66 * which (if any) of the selected tests have identified possible problems
with the identifier. | |
67 * Results are reported as a set of USpoofChecks flags; this mirrors the
form in which | |
68 * the set of tests to perform was originally specified to the USpoofCheck
er. | |
69 * | |
70 * A USpoofChecker may be used repeatedly to perform checks on any number of ide
ntifiers. | |
71 * | |
72 * Thread Safety: The test functions for checking a single identifier, or for te
sting | |
73 * whether two identifiers are possible confusable, are thread safe. | |
74 * They may called concurrently, from multiple threads, using the same USpoofChe
cker instance. | |
75 * | |
76 * More generally, the standard ICU thread safety rules apply: functions that t
ake a | |
77 * const USpoofChecker parameter are thread safe. Those that take a non-const | |
78 * USpoofChecier are not thread safe. | |
79 * | |
80 * | |
81 * Descriptions of the available checks. | |
82 * | |
83 * When testing whether pairs of identifiers are confusable, with the uspoof_are
Confusable() | |
84 * family of functions, the relevant tests are | |
85 * | |
86 * -# USPOOF_SINGLE_SCRIPT_CONFUSABLE: All of the characters from the two ide
ntifiers are | |
87 * from a single script, and the two identifiers are visually confusable. | |
88 * -# USPOOF_MIXED_SCRIPT_CONFUSABLE: At least one of the identifiers contain
s characters | |
89 * from more than one script, and the two identifiers are visually confusab
le. | |
90 * -# USPOOF_WHOLE_SCRIPT_CONFUSABLE: Each of the two identifiers is of a sing
le script, but | |
91 * the two identifiers are from different scripts, and they are visually co
nfusable. | |
92 * | |
93 * The safest approach is to enable all three of these checks as a group. | |
94 * | |
95 * USPOOF_ANY_CASE is a modifier for the above tests. If the identifiers being
checked can | |
96 * be of mixed case and are used in a case-sensitive manner, this option should
be specified. | |
97 * | |
98 * If the identifiers being checked are used in a case-insensitive manner, and i
f they are | |
99 * displayed to users in lower-case form only, the USPOOF_ANY_CASE option should
not be | |
100 * specified. Confusabality issues involving upper case letters will not be rep
orted. | |
101 * | |
102 * When performing tests on a single identifier, with the uspoof_check() family
of functions, | |
103 * the relevant tests are: | |
104 * | |
105 * -# USPOOF_MIXED_SCRIPT_CONFUSABLE: the identifier contains characters from
multiple | |
106 * scripts, and there exists an identifier of a single script that is visu
ally confusable. | |
107 * -# USPOOF_WHOLE_SCRIPT_CONFUSABLE: the identifier consists of characters f
rom a single | |
108 * script, and there exists a visually confusable identifier. | |
109 * The visually confusable identifier also consists of characters from a s
ingle script. | |
110 * but not the same script as the identifier being checked. | |
111 * -# USPOOF_ANY_CASE: modifies the mixed script and whole script confusables
tests. If | |
112 * specified, the checks will consider confusable characters of any case.
If this flag is not | |
113 * set, the test is performed assuming case folded identifiers. | |
114 * -# USPOOF_SINGLE_SCRIPT: check that the identifier contains only character
s from a | |
115 * single script. (Characters from the 'common' and 'inherited' scripts a
re ignored.) | |
116 * This is not a test for confusable identifiers | |
117 * -# USPOOF_INVISIBLE: check an identifier for the presence of invisible cha
racters, | |
118 * such as zero-width spaces, or character sequences that are | |
119 * likely not to display, such as multiple occurrences of the same | |
120 * non-spacing mark. This check does not test the input string as a whole | |
121 * for conformance to any particular syntax for identifiers. | |
122 * -# USPOOF_CHAR_LIMIT: check that an identifier contains only characters fr
om a specified set | |
123 * of acceptable characters. See uspoof_setAllowedChars() and | |
124 * uspoof_setAllowedLocales(). | |
125 * | |
126 * Note on Scripts: | |
127 * Characters from the Unicode Scripts "Common" and "Inherited" are ignored
when considering | |
128 * the script of an identifier. Common characters include digits and symbols
that | |
129 * are normally used with text from more than one script. | |
130 * | |
131 * Identifier Skeletons: A skeleton is a transformation of an identifier, such
that | |
132 * all identifiers that are confusable with each other have the same skeleton. | |
133 * Using skeletons, it is possible to build a dictionary data structure for | |
134 * a set of identifiers, and then quickly test whether a new identifier is | |
135 * confusable with an identifier already in the set. The uspoof_getSkeleton() | |
136 * family of functions will produce the skeleton from an identifier. | |
137 * | |
138 * Note that skeletons are not guaranteed to be stable between versions | |
139 * of Unicode or ICU, so an applications should not rely on creating a permanen
t, | |
140 * or difficult to update, database of skeletons. Instabilities result from | |
141 * identifying new pairs or sequences of characters that are visually | |
142 * confusable, and thus must be mapped to the same skeleton character(s). | |
143 * | |
144 */ | |
145 | |
146 struct USpoofChecker; | |
147 typedef struct USpoofChecker USpoofChecker; /**< typedef for C of USpoofChecker
*/ | |
148 | |
149 /** | |
150 * Enum for the kinds of checks that USpoofChecker can perform. | |
151 * These enum values are used both to select the set of checks that | |
152 * will be performed, and to report results from the check function. | |
153 * | |
154 * @stable ICU 4.2 | |
155 */ | |
156 typedef enum USpoofChecks { | |
157 /** Single script confusable test. | |
158 * When testing whether two identifiers are confusable, report that they
are if | |
159 * both are from the same script and they are visually confusable. | |
160 * Note: this test is not applicable to a check of a single identifier. | |
161 */ | |
162 USPOOF_SINGLE_SCRIPT_CONFUSABLE = 1, | |
163 | |
164 /** Mixed script confusable test. | |
165 * When checking a single identifier, report a problem if | |
166 * the identifier contains multiple scripts, and | |
167 * is confusable with some other identifier in a single script | |
168 * When testing whether two identifiers are confusable, report that they ar
e if | |
169 * the two IDs are visually confusable, | |
170 * and at least one contains characters from more than one script. | |
171 */ | |
172 USPOOF_MIXED_SCRIPT_CONFUSABLE = 2, | |
173 | |
174 /** Whole script confusable test. | |
175 * When checking a single identifier, report a problem if | |
176 * The identifier is of a single script, and | |
177 * there exists a confusable identifier in another script. | |
178 * When testing whether two identifiers are confusable, report that they ar
e if | |
179 * each is of a single script, | |
180 * the scripts of the two identifiers are different, and | |
181 * the identifiers are visually confusable. | |
182 */ | |
183 USPOOF_WHOLE_SCRIPT_CONFUSABLE = 4, | |
184 | |
185 /** Any Case Modifier for confusable identifier tests. | |
186 If specified, consider all characters, of any case, when looking for con
fusables. | |
187 If USPOOF_ANY_CASE is not specified, identifiers being checked are assum
ed to have been | |
188 case folded. Upper case confusable characters will not be checked. | |
189 Selects between Lower Case Confusable and | |
190 Any Case Confusable. */ | |
191 USPOOF_ANY_CASE = 8, | |
192 | |
193 /** Check that an identifier contains only characters from a | |
194 * single script (plus chars from the common and inherited scripts.) | |
195 * Applies to checks of a single identifier check only. | |
196 */ | |
197 USPOOF_SINGLE_SCRIPT = 16, | |
198 | |
199 /** Check an identifier for the presence of invisible characters, | |
200 * such as zero-width spaces, or character sequences that are | |
201 * likely not to display, such as multiple occurrences of the same | |
202 * non-spacing mark. This check does not test the input string as a whole | |
203 * for conformance to any particular syntax for identifiers. | |
204 */ | |
205 USPOOF_INVISIBLE = 32, | |
206 | |
207 /** Check that an identifier contains only characters from a specified set | |
208 * of acceptable characters. See uspoof_setAllowedChars() and | |
209 * uspoof_setAllowedLocales(). | |
210 */ | |
211 USPOOF_CHAR_LIMIT = 64, | |
212 | |
213 USPOOF_ALL_CHECKS = 0x7f | |
214 } USpoofChecks; | |
215 | |
216 | |
217 /** | |
218 * Create a Unicode Spoof Checker, configured to perform all | |
219 * checks except for USPOOF_LOCALE_LIMIT and USPOOF_CHAR_LIMIT. | |
220 * Note that additional checks may be added in the future, | |
221 * resulting in the changes to the default checking behavior. | |
222 * | |
223 * @param status The error code, set if this function encounters a problem. | |
224 * @return the newly created Spoof Checker | |
225 * @stable ICU 4.2 | |
226 */ | |
227 U_STABLE USpoofChecker * U_EXPORT2 | |
228 uspoof_open(UErrorCode *status); | |
229 | |
230 | |
231 /** | |
232 * Open a Spoof checker from its serialized from, stored in 32-bit-aligned memor
y. | |
233 * Inverse of uspoof_serialize(). | |
234 * The memory containing the serialized data must remain valid and unchanged | |
235 * as long as the spoof checker, or any cloned copies of the spoof checker, | |
236 * are in use. Ownership of the memory remains with the caller. | |
237 * The spoof checker (and any clones) must be closed prior to deleting the | |
238 * serialized data. | |
239 * | |
240 * @param data a pointer to 32-bit-aligned memory containing the serialized form
of spoof data | |
241 * @param length the number of bytes available at data; | |
242 * can be more than necessary | |
243 * @param pActualLength receives the actual number of bytes at data taken up by
the data; | |
244 * can be NULL | |
245 * @param pErrorCode ICU error code | |
246 * @return the spoof checker. | |
247 * | |
248 * @see uspoof_open | |
249 * @see uspoof_serialize | |
250 * @stable ICU 4.2 | |
251 */ | |
252 U_STABLE USpoofChecker * U_EXPORT2 | |
253 uspoof_openFromSerialized(const void *data, int32_t length, int32_t *pActualLeng
th, | |
254 UErrorCode *pErrorCode); | |
255 | |
256 /** | |
257 * Open a Spoof Checker from the source form of the spoof data. | |
258 * The Three inputs correspond to the Unicode data files confusables.txt | |
259 * confusablesWholeScript.txt and xidmdifications.txt as described in | |
260 * Unicode UAX 39. The syntax of the source data is as described in UAX 39 for | |
261 * these files, and the content of these files is acceptable input. | |
262 * | |
263 * The character encoding of the (char *) input text is UTF-8. | |
264 * | |
265 * @param confusables a pointer to the confusable characters definitions, | |
266 * as found in file confusables.txt from unicode.org. | |
267 * @param confusablesLen The length of the confusables text, or -1 if the | |
268 * input string is zero terminated. | |
269 * @param confusablesWholeScript | |
270 * a pointer to the whole script confusables definitions, | |
271 * as found in the file confusablesWholeScript.txt from unic
ode.org. | |
272 * @param confusablesWholeScriptLen The length of the whole script confusables
text, or | |
273 * -1 if the input string is zero terminated. | |
274 * @param errType In the event of an error in the input, indicates | |
275 * which of the input files contains the error. | |
276 * The value is one of USPOOF_SINGLE_SCRIPT_CONFUSABLE or | |
277 * USPOOF_WHOLE_SCRIPT_CONFUSABLE, or | |
278 * zero if no errors are found. | |
279 * @param pe In the event of an error in the input, receives the posit
ion | |
280 * in the input text (line, offset) of the error. | |
281 * @param status an in/out ICU UErrorCode. Among the possible errors is | |
282 * U_PARSE_ERROR, which is used to report syntax errors | |
283 * in the input. | |
284 * @return A spoof checker that uses the rules from the input files. | |
285 * @stable ICU 4.2 | |
286 */ | |
287 U_STABLE USpoofChecker * U_EXPORT2 | |
288 uspoof_openFromSource(const char *confusables, int32_t confusablesLen, | |
289 const char *confusablesWholeScript, int32_t confusablesWho
leScriptLen, | |
290 int32_t *errType, UParseError *pe, UErrorCode *status); | |
291 | |
292 | |
293 /** | |
294 * Close a Spoof Checker, freeing any memory that was being held by | |
295 * its implementation. | |
296 * @stable ICU 4.2 | |
297 */ | |
298 U_STABLE void U_EXPORT2 | |
299 uspoof_close(USpoofChecker *sc); | |
300 | |
301 #if U_SHOW_CPLUSPLUS_API | |
302 | |
303 U_NAMESPACE_BEGIN | |
304 | |
305 /** | |
306 * \class LocalUSpoofCheckerPointer | |
307 * "Smart pointer" class, closes a USpoofChecker via uspoof_close(). | |
308 * For most methods see the LocalPointerBase base class. | |
309 * | |
310 * @see LocalPointerBase | |
311 * @see LocalPointer | |
312 * @stable ICU 4.4 | |
313 */ | |
314 U_DEFINE_LOCAL_OPEN_POINTER(LocalUSpoofCheckerPointer, USpoofChecker, uspoof_clo
se); | |
315 | |
316 U_NAMESPACE_END | |
317 | |
318 #endif | |
319 | |
320 /** | |
321 * Clone a Spoof Checker. The clone will be set to perform the same checks | |
322 * as the original source. | |
323 * | |
324 * @param sc The source USpoofChecker | |
325 * @param status The error code, set if this function encounters a problem. | |
326 * @return | |
327 * @stable ICU 4.2 | |
328 */ | |
329 U_STABLE USpoofChecker * U_EXPORT2 | |
330 uspoof_clone(const USpoofChecker *sc, UErrorCode *status); | |
331 | |
332 | |
333 /** | |
334 * Specify the set of checks that will be performed by the check | |
335 * functions of this Spoof Checker. | |
336 * | |
337 * @param sc The USpoofChecker | |
338 * @param checks The set of checks that this spoof checker will perform. | |
339 * The value is a bit set, obtained by OR-ing together | |
340 * values from enum USpoofChecks. | |
341 * @param status The error code, set if this function encounters a problem. | |
342 * @stable ICU 4.2 | |
343 * | |
344 */ | |
345 U_STABLE void U_EXPORT2 | |
346 uspoof_setChecks(USpoofChecker *sc, int32_t checks, UErrorCode *status); | |
347 | |
348 /** | |
349 * Get the set of checks that this Spoof Checker has been configured to perform. | |
350 * | |
351 * @param sc The USpoofChecker | |
352 * @param status The error code, set if this function encounters a problem. | |
353 * @return The set of checks that this spoof checker will perform. | |
354 * The value is a bit set, obtained by OR-ing together | |
355 * values from enum USpoofChecks. | |
356 * @stable ICU 4.2 | |
357 * | |
358 */ | |
359 U_STABLE int32_t U_EXPORT2 | |
360 uspoof_getChecks(const USpoofChecker *sc, UErrorCode *status); | |
361 | |
362 /** | |
363 * Limit characters that are acceptable in identifiers being checked to those | |
364 * normally used with the languages associated with the specified locales. | |
365 * Any previously specified list of locales is replaced by the new settings. | |
366 * | |
367 * A set of languages is determined from the locale(s), and | |
368 * from those a set of acceptable Unicode scripts is determined. | |
369 * Characters from this set of scripts, along with characters from | |
370 * the "common" and "inherited" Unicode Script categories | |
371 * will be permitted. | |
372 * | |
373 * Supplying an empty string removes all restrictions; | |
374 * characters from any script will be allowed. | |
375 * | |
376 * The USPOOF_CHAR_LIMIT test is automatically enabled for this | |
377 * USpoofChecker when calling this function with a non-empty list | |
378 * of locales. | |
379 * | |
380 * The Unicode Set of characters that will be allowed is accessible | |
381 * via the uspoof_getAllowedChars() function. uspoof_setAllowedLocales() | |
382 * will <i>replace</i> any previously applied set of allowed characters. | |
383 * | |
384 * Adjustments, such as additions or deletions of certain classes of characters, | |
385 * can be made to the result of uspoof_setAllowedLocales() by | |
386 * fetching the resulting set with uspoof_getAllowedChars(), | |
387 * manipulating it with the Unicode Set API, then resetting the | |
388 * spoof detectors limits with uspoof_setAllowedChars() | |
389 * | |
390 * @param sc The USpoofChecker | |
391 * @param localesList A list list of locales, from which the language | |
392 * and associated script are extracted. The locales | |
393 * are comma-separated if there is more than one. | |
394 * White space may not appear within an individual locale, | |
395 * but is ignored otherwise. | |
396 * The locales are syntactically like those from the | |
397 * HTTP Accept-Language header. | |
398 * If the localesList is empty, no restrictions will be plac
ed on | |
399 * the allowed characters. | |
400 * | |
401 * @param status The error code, set if this function encounters a problem
. | |
402 * @stable ICU 4.2 | |
403 */ | |
404 U_STABLE void U_EXPORT2 | |
405 uspoof_setAllowedLocales(USpoofChecker *sc, const char *localesList, UErrorCode
*status); | |
406 | |
407 /** | |
408 * Get a list of locales for the scripts that are acceptable in strings | |
409 * to be checked. If no limitations on scripts have been specified, | |
410 * an empty string will be returned. | |
411 * | |
412 * uspoof_setAllowedChars() will reset the list of allowed to be empty. | |
413 * | |
414 * The format of the returned list is the same as that supplied to | |
415 * uspoof_setAllowedLocales(), but returned list may not be identical | |
416 * to the originally specified string; the string may be reformatted, | |
417 * and information other than languages from | |
418 * the originally specified locales may be omitted. | |
419 * | |
420 * @param sc The USpoofChecker | |
421 * @param status The error code, set if this function encounters a problem
. | |
422 * @return A string containing a list of locales corresponding | |
423 * to the acceptable scripts, formatted like an | |
424 * HTTP Accept Language value. | |
425 * | |
426 * @stable ICU 4.2 | |
427 */ | |
428 U_STABLE const char * U_EXPORT2 | |
429 uspoof_getAllowedLocales(USpoofChecker *sc, UErrorCode *status); | |
430 | |
431 | |
432 /** | |
433 * Limit the acceptable characters to those specified by a Unicode Set. | |
434 * Any previously specified character limit is | |
435 * is replaced by the new settings. This includes limits on | |
436 * characters that were set with the uspoof_setAllowedLocales() function. | |
437 * | |
438 * The USPOOF_CHAR_LIMIT test is automatically enabled for this | |
439 * USpoofChecker by this function. | |
440 * | |
441 * @param sc The USpoofChecker | |
442 * @param chars A Unicode Set containing the list of | |
443 * characters that are permitted. Ownership of the set | |
444 * remains with the caller. The incoming set is cloned by | |
445 * this function, so there are no restrictions on modifying | |
446 * or deleting the USet after calling this function. | |
447 * @param status The error code, set if this function encounters a problem. | |
448 * @stable ICU 4.2 | |
449 */ | |
450 U_STABLE void U_EXPORT2 | |
451 uspoof_setAllowedChars(USpoofChecker *sc, const USet *chars, UErrorCode *status)
; | |
452 | |
453 | |
454 /** | |
455 * Get a USet for the characters permitted in an identifier. | |
456 * This corresponds to the limits imposed by the Set Allowed Characters | |
457 * functions. Limitations imposed by other checks will not be | |
458 * reflected in the set returned by this function. | |
459 * | |
460 * The returned set will be frozen, meaning that it cannot be modified | |
461 * by the caller. | |
462 * | |
463 * Ownership of the returned set remains with the Spoof Detector. The | |
464 * returned set will become invalid if the spoof detector is closed, | |
465 * or if a new set of allowed characters is specified. | |
466 * | |
467 * | |
468 * @param sc The USpoofChecker | |
469 * @param status The error code, set if this function encounters a problem. | |
470 * @return A USet containing the characters that are permitted by | |
471 * the USPOOF_CHAR_LIMIT test. | |
472 * @stable ICU 4.2 | |
473 */ | |
474 U_STABLE const USet * U_EXPORT2 | |
475 uspoof_getAllowedChars(const USpoofChecker *sc, UErrorCode *status); | |
476 | |
477 | |
478 #if U_SHOW_CPLUSPLUS_API | |
479 /** | |
480 * Limit the acceptable characters to those specified by a Unicode Set. | |
481 * Any previously specified character limit is | |
482 * is replaced by the new settings. This includes limits on | |
483 * characters that were set with the uspoof_setAllowedLocales() function. | |
484 * | |
485 * The USPOOF_CHAR_LIMIT test is automatically enabled for this | |
486 * USoofChecker by this function. | |
487 * | |
488 * @param sc The USpoofChecker | |
489 * @param chars A Unicode Set containing the list of | |
490 * characters that are permitted. Ownership of the set | |
491 * remains with the caller. The incoming set is cloned by | |
492 * this function, so there are no restrictions on modifying | |
493 * or deleting the USet after calling this function. | |
494 * @param status The error code, set if this function encounters a problem. | |
495 * @stable ICU 4.2 | |
496 */ | |
497 U_STABLE void U_EXPORT2 | |
498 uspoof_setAllowedUnicodeSet(USpoofChecker *sc, const UnicodeSet *chars, UErrorCo
de *status); | |
499 | |
500 | |
501 /** | |
502 * Get a UnicodeSet for the characters permitted in an identifier. | |
503 * This corresponds to the limits imposed by the Set Allowed Characters / | |
504 * UnicodeSet functions. Limitations imposed by other checks will not be | |
505 * reflected in the set returned by this function. | |
506 * | |
507 * The returned set will be frozen, meaning that it cannot be modified | |
508 * by the caller. | |
509 * | |
510 * Ownership of the returned set remains with the Spoof Detector. The | |
511 * returned set will become invalid if the spoof detector is closed, | |
512 * or if a new set of allowed characters is specified. | |
513 * | |
514 * | |
515 * @param sc The USpoofChecker | |
516 * @param status The error code, set if this function encounters a problem. | |
517 * @return A UnicodeSet containing the characters that are permitted by | |
518 * the USPOOF_CHAR_LIMIT test. | |
519 * @stable ICU 4.2 | |
520 */ | |
521 U_STABLE const UnicodeSet * U_EXPORT2 | |
522 uspoof_getAllowedUnicodeSet(const USpoofChecker *sc, UErrorCode *status); | |
523 #endif | |
524 | |
525 | |
526 /** | |
527 * Check the specified string for possible security issues. | |
528 * The text to be checked will typically be an identifier of some sort. | |
529 * The set of checks to be performed is specified with uspoof_setChecks(). | |
530 * | |
531 * @param sc The USpoofChecker | |
532 * @param text The string to be checked for possible security issues, | |
533 * in UTF-16 format. | |
534 * @param length the length of the string to be checked, expressed in | |
535 * 16 bit UTF-16 code units, or -1 if the string is | |
536 * zero terminated. | |
537 * @param position An out parameter that receives the index of the | |
538 * first string position that fails the allowed character | |
539 * limitation checks. | |
540 * This parameter may be null if the position information | |
541 * is not needed. | |
542 * If the string passes the requested checks the | |
543 * parameter value will not be set. | |
544 * @param status The error code, set if an error occurred while attempting to | |
545 * perform the check. | |
546 * Spoofing or security issues detected with the input string are | |
547 * not reported here, but through the function's return value. | |
548 * @return An integer value with bits set for any potential security | |
549 * or spoofing issues detected. The bits are defined by | |
550 * enum USpoofChecks. Zero is returned if no issues | |
551 * are found with the input string. | |
552 * @stable ICU 4.2 | |
553 */ | |
554 U_STABLE int32_t U_EXPORT2 | |
555 uspoof_check(const USpoofChecker *sc, | |
556 const UChar *text, int32_t length, | |
557 int32_t *position, | |
558 UErrorCode *status); | |
559 | |
560 | |
561 /** | |
562 * Check the specified string for possible security issues. | |
563 * The text to be checked will typically be an identifier of some sort. | |
564 * The set of checks to be performed is specified with uspoof_setChecks(). | |
565 * | |
566 * @param sc The USpoofChecker | |
567 * @param text A UTF-8 string to be checked for possible security issues. | |
568 * @param length the length of the string to be checked, or -1 if the string is
| |
569 * zero terminated. | |
570 * @param position An out parameter that receives the index of the | |
571 * first string position that fails the allowed character | |
572 * limitation checks. | |
573 * This parameter may be null if the position information | |
574 * is not needed. | |
575 * If the string passes the requested checks the | |
576 * parameter value will not be set. | |
577 * @param status The error code, set if an error occurred while attempting to | |
578 * perform the check. | |
579 * Spoofing or security issues detected with the input string are | |
580 * not reported here, but through the function's return value. | |
581 * If the input contains invalid UTF-8 sequences, | |
582 * a status of U_INVALID_CHAR_FOUND will be returned. | |
583 * @return An integer value with bits set for any potential security | |
584 * or spoofing issues detected. The bits are defined by | |
585 * enum USpoofChecks. Zero is returned if no issues | |
586 * are found with the input string. | |
587 * @stable ICU 4.2 | |
588 */ | |
589 U_STABLE int32_t U_EXPORT2 | |
590 uspoof_checkUTF8(const USpoofChecker *sc, | |
591 const char *text, int32_t length, | |
592 int32_t *position, | |
593 UErrorCode *status); | |
594 | |
595 | |
596 #if U_SHOW_CPLUSPLUS_API | |
597 /** | |
598 * Check the specified string for possible security issues. | |
599 * The text to be checked will typically be an identifier of some sort. | |
600 * The set of checks to be performed is specified with uspoof_setChecks(). | |
601 * | |
602 * @param sc The USpoofChecker | |
603 * @param text A UnicodeString to be checked for possible security issues. | |
604 * @position An out parameter that receives the index of the | |
605 * first string position that fails the allowed character | |
606 * limitation checks. | |
607 * This parameter may be null if the position information | |
608 * is not needed. | |
609 * If the string passes the requested checks the | |
610 * parameter value will not be set. | |
611 * @param status The error code, set if an error occurred while attempting to | |
612 * perform the check. | |
613 * Spoofing or security issues detected with the input string are | |
614 * not reported here, but through the function's return value. | |
615 | |
616 * @return An integer value with bits set for any potential security | |
617 * or spoofing issues detected. The bits are defined by | |
618 * enum USpoofChecks. Zero is returned if no issues | |
619 * are found with the input string. | |
620 * @stable ICU 4.2 | |
621 */ | |
622 U_STABLE int32_t U_EXPORT2 | |
623 uspoof_checkUnicodeString(const USpoofChecker *sc, | |
624 const U_NAMESPACE_QUALIFIER UnicodeString &text, | |
625 int32_t *position, | |
626 UErrorCode *status); | |
627 | |
628 #endif | |
629 | |
630 | |
631 /** | |
632 * Check the whether two specified strings are visually confusable. | |
633 * The types of confusability to be tested - single script, mixed script, | |
634 * or whole script - are determined by the check options set for the | |
635 * USpoofChecker. | |
636 * | |
637 * The tests to be performed are controlled by the flags | |
638 * USPOOF_SINGLE_SCRIPT_CONFUSABLE | |
639 * USPOOF_MIXED_SCRIPT_CONFUSABLE | |
640 * USPOOF_WHOLE_SCRIPT_CONFUSABLE | |
641 * At least one of these tests must be selected. | |
642 * | |
643 * USPOOF_ANY_CASE is a modifier for the tests. Select it if the identifiers | |
644 * may be of mixed case. | |
645 * If identifiers are case folded for comparison and | |
646 * display to the user, do not select the USPOOF_ANY_CASE option. | |
647 * | |
648 * | |
649 * @param sc The USpoofChecker | |
650 * @param s1 The first of the two strings to be compared for | |
651 * confusability. The strings are in UTF-16 format. | |
652 * @param length1 the length of the first string, expressed in | |
653 * 16 bit UTF-16 code units, or -1 if the string is | |
654 * zero terminated. | |
655 * @param s2 The second of the two strings to be compared for | |
656 * confusability. The strings are in UTF-16 format. | |
657 * @param length2 The length of the second string, expressed in | |
658 * 16 bit UTF-16 code units, or -1 if the string is | |
659 * zero terminated. | |
660 * @param status The error code, set if an error occurred while attempting to | |
661 * perform the check. | |
662 * Confusability of the strings is not reported here, | |
663 * but through this function's return value. | |
664 * @return An integer value with bit(s) set corresponding to | |
665 * the type of confusability found, as defined by | |
666 * enum USpoofChecks. Zero is returned if the strings | |
667 * are not confusable. | |
668 * @stable ICU 4.2 | |
669 */ | |
670 U_STABLE int32_t U_EXPORT2 | |
671 uspoof_areConfusable(const USpoofChecker *sc, | |
672 const UChar *s1, int32_t length1, | |
673 const UChar *s2, int32_t length2, | |
674 UErrorCode *status); | |
675 | |
676 | |
677 | |
678 /** | |
679 * Check the whether two specified strings are visually confusable. | |
680 * The types of confusability to be tested - single script, mixed script, | |
681 * or whole script - are determined by the check options set for the | |
682 * USpoofChecker. | |
683 * | |
684 * @param sc The USpoofChecker | |
685 * @param s1 The first of the two strings to be compared for | |
686 * confusability. The strings are in UTF-8 format. | |
687 * @param length1 the length of the first string, in bytes, or -1 | |
688 * if the string is zero terminated. | |
689 * @param s2 The second of the two strings to be compared for | |
690 * confusability. The strings are in UTF-18 format. | |
691 * @param length2 The length of the second string in bytes, or -1 | |
692 * if the string is zero terminated. | |
693 * @param status The error code, set if an error occurred while attempting to | |
694 * perform the check. | |
695 * Confusability of the strings is not reported here, | |
696 * but through this function's return value. | |
697 * @return An integer value with bit(s) set corresponding to | |
698 * the type of confusability found, as defined by | |
699 * enum USpoofChecks. Zero is returned if the strings | |
700 * are not confusable. | |
701 * @stable ICU 4.2 | |
702 */ | |
703 U_STABLE int32_t U_EXPORT2 | |
704 uspoof_areConfusableUTF8(const USpoofChecker *sc, | |
705 const char *s1, int32_t length1, | |
706 const char *s2, int32_t length2, | |
707 UErrorCode *status); | |
708 | |
709 | |
710 | |
711 | |
712 #if U_SHOW_CPLUSPLUS_API | |
713 /** | |
714 * Check the whether two specified strings are visually confusable. | |
715 * The types of confusability to be tested - single script, mixed script, | |
716 * or whole script - are determined by the check options set for the | |
717 * USpoofChecker. | |
718 * | |
719 * @param sc The USpoofChecker | |
720 * @param s1 The first of the two strings to be compared for | |
721 * confusability. The strings are in UTF-8 format. | |
722 * @param s2 The second of the two strings to be compared for | |
723 * confusability. The strings are in UTF-18 format. | |
724 * @param status The error code, set if an error occurred while attempting to | |
725 * perform the check. | |
726 * Confusability of the strings is not reported here, | |
727 * but through this function's return value. | |
728 * @return An integer value with bit(s) set corresponding to | |
729 * the type of confusability found, as defined by | |
730 * enum USpoofChecks. Zero is returned if the strings | |
731 * are not confusable. | |
732 * @stable ICU 4.2 | |
733 */ | |
734 U_STABLE int32_t U_EXPORT2 | |
735 uspoof_areConfusableUnicodeString(const USpoofChecker *sc, | |
736 const U_NAMESPACE_QUALIFIER UnicodeString &s1, | |
737 const U_NAMESPACE_QUALIFIER UnicodeString &s2, | |
738 UErrorCode *status); | |
739 #endif | |
740 | |
741 | |
742 /** | |
743 * Get the "skeleton" for an identifier string. | |
744 * Skeletons are a transformation of the input string; | |
745 * Two strings are confusable if their skeletons are identical. | |
746 * See Unicode UAX 39 for additional information. | |
747 * | |
748 * Using skeletons directly makes it possible to quickly check | |
749 * whether an identifier is confusable with any of some large | |
750 * set of existing identifiers, by creating an efficiently | |
751 * searchable collection of the skeletons. | |
752 * | |
753 * @param sc The USpoofChecker | |
754 * @param type The type of skeleton, corresponding to which | |
755 * of the Unicode confusable data tables to use. | |
756 * The default is Mixed-Script, Lowercase. | |
757 * Allowed options are USPOOF_SINGLE_SCRIPT_CONFUSABLE and | |
758 * USPOOF_ANY_CASE_CONFUSABLE. The two flags may be ORed. | |
759 * @param s The input string whose skeleton will be computed. | |
760 * @param length The length of the input string, expressed in 16 bit | |
761 * UTF-16 code units, or -1 if the string is zero terminated. | |
762 * @param dest The output buffer, to receive the skeleton string. | |
763 * @param destCapacity The length of the output buffer, in 16 bit units. | |
764 * The destCapacity may be zero, in which case the function will | |
765 * return the actual length of the skeleton. | |
766 * @param status The error code, set if an error occurred while attempting to | |
767 * perform the check. | |
768 * @return The length of the skeleton string. The returned length | |
769 * is always that of the complete skeleton, even when the | |
770 * supplied buffer is too small (or of zero length) | |
771 * | |
772 * @stable ICU 4.2 | |
773 */ | |
774 U_STABLE int32_t U_EXPORT2 | |
775 uspoof_getSkeleton(const USpoofChecker *sc, | |
776 uint32_t type, | |
777 const UChar *s, int32_t length, | |
778 UChar *dest, int32_t destCapacity, | |
779 UErrorCode *status); | |
780 | |
781 /** | |
782 * Get the "skeleton" for an identifier string. | |
783 * Skeletons are a transformation of the input string; | |
784 * Two strings are confusable if their skeletons are identical. | |
785 * See Unicode UAX 39 for additional information. | |
786 * | |
787 * Using skeletons directly makes it possible to quickly check | |
788 * whether an identifier is confusable with any of some large | |
789 * set of existing identifiers, by creating an efficiently | |
790 * searchable collection of the skeletons. | |
791 * | |
792 * @param sc The USpoofChecker | |
793 * @param type The type of skeleton, corresponding to which | |
794 * of the Unicode confusable data tables to use. | |
795 * The default is Mixed-Script, Lowercase. | |
796 * Allowed options are USPOOF_SINGLE_SCRIPT_CONFUSABLE and | |
797 * USPOOF_ANY_CASE. The two flags may be ORed. | |
798 * @param s The UTF-8 format input string whose skeleton will be computed
. | |
799 * @param length The length of the input string, in bytes, | |
800 * or -1 if the string is zero terminated. | |
801 * @param dest The output buffer, to receive the skeleton string. | |
802 * @param destCapacity The length of the output buffer, in bytes. | |
803 * The destCapacity may be zero, in which case the function will | |
804 * return the actual length of the skeleton. | |
805 * @param status The error code, set if an error occurred while attempting to | |
806 * perform the check. Possible Errors include U_INVALID_CHAR_FO
UND | |
807 * for invalid UTF-8 sequences, and | |
808 * U_BUFFER_OVERFLOW_ERROR if the destination buffer is too s
mall | |
809 * to hold the complete skeleton. | |
810 * @return The length of the skeleton string, in bytes. The returned le
ngth | |
811 * is always that of the complete skeleton, even when the | |
812 * supplied buffer is too small (or of zero length) | |
813 * | |
814 * @stable ICU 4.2 | |
815 */ | |
816 U_STABLE int32_t U_EXPORT2 | |
817 uspoof_getSkeletonUTF8(const USpoofChecker *sc, | |
818 uint32_t type, | |
819 const char *s, int32_t length, | |
820 char *dest, int32_t destCapacity, | |
821 UErrorCode *status); | |
822 | |
823 #if U_SHOW_CPLUSPLUS_API | |
824 /** | |
825 * Get the "skeleton" for an identifier string. | |
826 * Skeletons are a transformation of the input string; | |
827 * Two strings are confusable if their skeletons are identical. | |
828 * See Unicode UAX 39 for additional information. | |
829 * | |
830 * Using skeletons directly makes it possible to quickly check | |
831 * whether an identifier is confusable with any of some large | |
832 * set of existing identifiers, by creating an efficiently | |
833 * searchable collection of the skeletons. | |
834 * | |
835 * @param sc The USpoofChecker. | |
836 * @param type The type of skeleton, corresponding to which | |
837 * of the Unicode confusable data tables to use. | |
838 * The default is Mixed-Script, Lowercase. | |
839 * Allowed options are USPOOF_SINGLE_SCRIPT_CONFUSABLE and | |
840 * USPOOF_ANY_CASE_CONFUSABLE. The two flags may be ORed. | |
841 * @param s The input string whose skeleton will be computed. | |
842 * @param dest The output string, to receive the skeleton string. | |
843 * @param destCapacity The length of the output buffer, in bytes. | |
844 * The destCapacity may be zero, in which case the function will | |
845 * return the actual length of the skeleton. | |
846 * @param status The error code, set if an error occurred while attempting to | |
847 * perform the check. | |
848 * @return A reference to the destination (skeleton) string. | |
849 * | |
850 * @stable ICU 4.2 | |
851 */ | |
852 U_STABLE UnicodeString & U_EXPORT2 | |
853 uspoof_getSkeletonUnicodeString(const USpoofChecker *sc, | |
854 uint32_t type, | |
855 const UnicodeString &s, | |
856 UnicodeString &dest, | |
857 UErrorCode *status); | |
858 #endif /* U_SHOW_CPLUSPLUS_API */ | |
859 | |
860 | |
861 /** | |
862 * Serialize the data for a spoof detector into a chunk of memory. | |
863 * The flattened spoof detection tables can later be used to efficiently | |
864 * instantiate a new Spoof Detector. | |
865 * | |
866 * @param sc the Spoof Detector whose data is to be serialized. | |
867 * @param data a pointer to 32-bit-aligned memory to be filled with the data, | |
868 * can be NULL if capacity==0 | |
869 * @param capacity the number of bytes available at data, | |
870 * or 0 for preflighting | |
871 * @param status an in/out ICU UErrorCode; possible errors include: | |
872 * - U_BUFFER_OVERFLOW_ERROR if the data storage block is too small for serializ
ation | |
873 * - U_ILLEGAL_ARGUMENT_ERROR the data or capacity parameters are bad | |
874 * @return the number of bytes written or needed for the spoof data | |
875 * | |
876 * @see utrie2_openFromSerialized() | |
877 * @stable ICU 4.2 | |
878 */ | |
879 U_STABLE int32_t U_EXPORT2 | |
880 uspoof_serialize(USpoofChecker *sc, | |
881 void *data, int32_t capacity, | |
882 UErrorCode *status); | |
883 | |
884 | |
885 #endif | |
886 | |
887 #endif /* USPOOF_H */ | |
OLD | NEW |