michael@0: /* michael@0: *************************************************************************** michael@0: * Copyright (C) 2008-2013, International Business Machines Corporation michael@0: * and others. All Rights Reserved. michael@0: *************************************************************************** michael@0: * file name: uspoof.h michael@0: * encoding: US-ASCII michael@0: * tab size: 8 (not used) michael@0: * indentation:4 michael@0: * michael@0: * created on: 2008Feb13 michael@0: * created by: Andy Heninger michael@0: * michael@0: * Unicode Spoof Detection michael@0: */ michael@0: michael@0: #ifndef USPOOF_H michael@0: #define USPOOF_H michael@0: michael@0: #include "unicode/utypes.h" michael@0: #include "unicode/uset.h" michael@0: #include "unicode/parseerr.h" michael@0: #include "unicode/localpointer.h" michael@0: michael@0: #if !UCONFIG_NO_NORMALIZATION michael@0: michael@0: michael@0: #if U_SHOW_CPLUSPLUS_API michael@0: #include "unicode/unistr.h" michael@0: #include "unicode/uniset.h" michael@0: #endif michael@0: michael@0: michael@0: /** michael@0: * \file michael@0: * \brief Unicode Security and Spoofing Detection, C API. michael@0: * michael@0: * These functions are intended to check strings, typically michael@0: * identifiers of some type, such as URLs, for the presence of michael@0: * characters that are likely to be visually confusing - michael@0: * for cases where the displayed form of an identifier may michael@0: * not be what it appears to be. michael@0: * michael@0: * Unicode Technical Report #36, http://unicode.org/reports/tr36, and michael@0: * Unicode Technical Standard #39, http://unicode.org/reports/tr39 michael@0: * "Unicode security considerations", give more background on michael@0: * security an spoofing issues with Unicode identifiers. michael@0: * The tests and checks provided by this module implement the recommendations michael@0: * from those Unicode documents. michael@0: * michael@0: * The tests available on identifiers fall into two general categories: michael@0: * -# Single identifier tests. Check whether an identifier is michael@0: * potentially confusable with any other string, or is suspicious michael@0: * for other reasons. michael@0: * -# Two identifier tests. Check whether two specific identifiers are confusable. michael@0: * This does not consider whether either of strings is potentially michael@0: * confusable with any string other than the exact one specified. michael@0: * michael@0: * The steps to perform confusability testing are michael@0: * -# Open a USpoofChecker. michael@0: * -# Configure the USPoofChecker for the desired set of tests. The tests that will michael@0: * be performed are specified by a set of USpoofChecks flags. michael@0: * -# Perform the checks using the pre-configured USpoofChecker. The results indicate michael@0: * which (if any) of the selected tests have identified possible problems with the identifier. michael@0: * Results are reported as a set of USpoofChecks flags; this mirrors the form in which michael@0: * the set of tests to perform was originally specified to the USpoofChecker. michael@0: * michael@0: * A USpoofChecker may be used repeatedly to perform checks on any number of identifiers. michael@0: * michael@0: * Thread Safety: The test functions for checking a single identifier, or for testing michael@0: * whether two identifiers are possible confusable, are thread safe. michael@0: * They may called concurrently, from multiple threads, using the same USpoofChecker instance. michael@0: * michael@0: * More generally, the standard ICU thread safety rules apply: functions that take a michael@0: * const USpoofChecker parameter are thread safe. Those that take a non-const michael@0: * USpoofChecier are not thread safe. michael@0: * michael@0: * michael@0: * Descriptions of the available checks. michael@0: * michael@0: * When testing whether pairs of identifiers are confusable, with the uspoof_areConfusable() michael@0: * family of functions, the relevant tests are michael@0: * michael@0: * -# USPOOF_SINGLE_SCRIPT_CONFUSABLE: All of the characters from the two identifiers are michael@0: * from a single script, and the two identifiers are visually confusable. michael@0: * -# USPOOF_MIXED_SCRIPT_CONFUSABLE: At least one of the identifiers contains characters michael@0: * from more than one script, and the two identifiers are visually confusable. michael@0: * -# USPOOF_WHOLE_SCRIPT_CONFUSABLE: Each of the two identifiers is of a single script, but michael@0: * the two identifiers are from different scripts, and they are visually confusable. michael@0: * michael@0: * The safest approach is to enable all three of these checks as a group. michael@0: * michael@0: * USPOOF_ANY_CASE is a modifier for the above tests. If the identifiers being checked can michael@0: * be of mixed case and are used in a case-sensitive manner, this option should be specified. michael@0: * michael@0: * If the identifiers being checked are used in a case-insensitive manner, and if they are michael@0: * displayed to users in lower-case form only, the USPOOF_ANY_CASE option should not be michael@0: * specified. Confusabality issues involving upper case letters will not be reported. michael@0: * michael@0: * When performing tests on a single identifier, with the uspoof_check() family of functions, michael@0: * the relevant tests are: michael@0: * michael@0: * -# USPOOF_MIXED_SCRIPT_CONFUSABLE: the identifier contains characters from multiple michael@0: * scripts, and there exists an identifier of a single script that is visually confusable. michael@0: * -# USPOOF_WHOLE_SCRIPT_CONFUSABLE: the identifier consists of characters from a single michael@0: * script, and there exists a visually confusable identifier. michael@0: * The visually confusable identifier also consists of characters from a single script. michael@0: * but not the same script as the identifier being checked. michael@0: * -# USPOOF_ANY_CASE: modifies the mixed script and whole script confusables tests. If michael@0: * specified, the checks will consider confusable characters of any case. If this flag is not michael@0: * set, the test is performed assuming case folded identifiers. michael@0: * -# USPOOF_SINGLE_SCRIPT: check that the identifier contains only characters from a michael@0: * single script. (Characters from the 'common' and 'inherited' scripts are ignored.) michael@0: * This is not a test for confusable identifiers michael@0: * -# USPOOF_INVISIBLE: check an identifier for the presence of invisible characters, michael@0: * such as zero-width spaces, or character sequences that are michael@0: * likely not to display, such as multiple occurrences of the same michael@0: * non-spacing mark. This check does not test the input string as a whole michael@0: * for conformance to any particular syntax for identifiers. michael@0: * -# USPOOF_CHAR_LIMIT: check that an identifier contains only characters from a specified set michael@0: * of acceptable characters. See uspoof_setAllowedChars() and michael@0: * uspoof_setAllowedLocales(). michael@0: * michael@0: * Note on Scripts: michael@0: * Characters from the Unicode Scripts "Common" and "Inherited" are ignored when considering michael@0: * the script of an identifier. Common characters include digits and symbols that michael@0: * are normally used with text from more than one script. michael@0: * michael@0: * Identifier Skeletons: A skeleton is a transformation of an identifier, such that michael@0: * all identifiers that are confusable with each other have the same skeleton. michael@0: * Using skeletons, it is possible to build a dictionary data structure for michael@0: * a set of identifiers, and then quickly test whether a new identifier is michael@0: * confusable with an identifier already in the set. The uspoof_getSkeleton() michael@0: * family of functions will produce the skeleton from an identifier. michael@0: * michael@0: * Note that skeletons are not guaranteed to be stable between versions michael@0: * of Unicode or ICU, so an applications should not rely on creating a permanent, michael@0: * or difficult to update, database of skeletons. Instabilities result from michael@0: * identifying new pairs or sequences of characters that are visually michael@0: * confusable, and thus must be mapped to the same skeleton character(s). michael@0: * michael@0: */ michael@0: michael@0: struct USpoofChecker; michael@0: typedef struct USpoofChecker USpoofChecker; /**< typedef for C of USpoofChecker */ michael@0: michael@0: /** michael@0: * Enum for the kinds of checks that USpoofChecker can perform. michael@0: * These enum values are used both to select the set of checks that michael@0: * will be performed, and to report results from the check function. michael@0: * michael@0: * @stable ICU 4.2 michael@0: */ michael@0: typedef enum USpoofChecks { michael@0: /** Single script confusable test. michael@0: * When testing whether two identifiers are confusable, report that they are if michael@0: * both are from the same script and they are visually confusable. michael@0: * Note: this test is not applicable to a check of a single identifier. michael@0: */ michael@0: USPOOF_SINGLE_SCRIPT_CONFUSABLE = 1, michael@0: michael@0: /** Mixed script confusable test. michael@0: * When checking a single identifier, report a problem if michael@0: * the identifier contains multiple scripts, and michael@0: * is confusable with some other identifier in a single script michael@0: * When testing whether two identifiers are confusable, report that they are if michael@0: * the two IDs are visually confusable, michael@0: * and at least one contains characters from more than one script. michael@0: */ michael@0: USPOOF_MIXED_SCRIPT_CONFUSABLE = 2, michael@0: michael@0: /** Whole script confusable test. michael@0: * When checking a single identifier, report a problem if michael@0: * The identifier is of a single script, and michael@0: * there exists a confusable identifier in another script. michael@0: * When testing whether two identifiers are confusable, report that they are if michael@0: * each is of a single script, michael@0: * the scripts of the two identifiers are different, and michael@0: * the identifiers are visually confusable. michael@0: */ michael@0: USPOOF_WHOLE_SCRIPT_CONFUSABLE = 4, michael@0: michael@0: /** Any Case Modifier for confusable identifier tests. michael@0: If specified, consider all characters, of any case, when looking for confusables. michael@0: If USPOOF_ANY_CASE is not specified, identifiers being checked are assumed to have been michael@0: case folded. Upper case confusable characters will not be checked. michael@0: Selects between Lower Case Confusable and michael@0: Any Case Confusable. */ michael@0: USPOOF_ANY_CASE = 8, michael@0: michael@0: /** michael@0: * Check that an identifier is no looser than the specified RestrictionLevel. michael@0: * The default if uspoof_setRestrctionLevel() is not called is HIGHLY_RESTRICTIVE. michael@0: * michael@0: * If USPOOF_AUX_INFO is enabled the actual restriction level of the michael@0: * identifier being tested will also be returned by uspoof_check(). michael@0: * michael@0: * @see URestrictionLevel michael@0: * @see uspoof_setRestrictionLevel michael@0: * @see USPOOF_AUX_INFO michael@0: * michael@0: * @stable ICU 51 michael@0: */ michael@0: USPOOF_RESTRICTION_LEVEL = 16, michael@0: michael@0: #ifndef U_HIDE_DEPRECATED_API michael@0: /** Check that an identifier contains only characters from a michael@0: * single script (plus chars from the common and inherited scripts.) michael@0: * Applies to checks of a single identifier check only. michael@0: * @deprecated ICU 51 Use RESTRICTION_LEVEL instead. michael@0: */ michael@0: USPOOF_SINGLE_SCRIPT = USPOOF_RESTRICTION_LEVEL, michael@0: #endif /* U_HIDE_DEPRECATED_API */ michael@0: michael@0: /** Check an identifier for the presence of invisible characters, michael@0: * such as zero-width spaces, or character sequences that are michael@0: * likely not to display, such as multiple occurrences of the same michael@0: * non-spacing mark. This check does not test the input string as a whole michael@0: * for conformance to any particular syntax for identifiers. michael@0: */ michael@0: USPOOF_INVISIBLE = 32, michael@0: michael@0: /** Check that an identifier contains only characters from a specified set michael@0: * of acceptable characters. See uspoof_setAllowedChars() and michael@0: * uspoof_setAllowedLocales(). michael@0: */ michael@0: USPOOF_CHAR_LIMIT = 64, michael@0: michael@0: #ifndef U_HIDE_DRAFT_API michael@0: /** michael@0: * Check that an identifier does not include decimal digits from michael@0: * more than one numbering system. michael@0: * michael@0: * @draft ICU 51 michael@0: */ michael@0: USPOOF_MIXED_NUMBERS = 128, michael@0: #endif /* U_HIDE_DRAFT_API */ michael@0: michael@0: /** michael@0: * Enable all spoof checks. michael@0: * michael@0: * @stable ICU 4.6 michael@0: */ michael@0: USPOOF_ALL_CHECKS = 0xFFFF, michael@0: michael@0: #ifndef U_HIDE_DRAFT_API michael@0: /** michael@0: * Enable the return of auxillary (non-error) information in the michael@0: * upper bits of the check results value. michael@0: * michael@0: * If this "check" is not enabled, the results of uspoof_check() will be zero when an michael@0: * identifier passes all of the enabled checks. michael@0: * michael@0: * If this "check" is enabled, (uspoof_check() & USPOOF_ALL_CHECKS) will be zero michael@0: * when an identifier passes all checks. michael@0: * michael@0: * @draft ICU 51 michael@0: */ michael@0: USPOOF_AUX_INFO = 0x40000000 michael@0: #endif /* U_HIDE_DRAFT_API */ michael@0: michael@0: } USpoofChecks; michael@0: michael@0: michael@0: #ifndef U_HIDE_DRAFT_API michael@0: /** michael@0: * Constants from UAX #39 for use in setRestrictionLevel(), and michael@0: * for returned identifier restriction levels in check results. michael@0: * @draft ICU 51 michael@0: */ michael@0: typedef enum URestrictionLevel { michael@0: /** michael@0: * Only ASCII characters: U+0000..U+007F michael@0: * michael@0: * @draft ICU 51 michael@0: */ michael@0: USPOOF_ASCII = 0x10000000, michael@0: /** michael@0: * All characters in each identifier must be from a single script, or from the combinations: Latin + Han + michael@0: * Hiragana + Katakana; Latin + Han + Bopomofo; or Latin + Han + Hangul. Note that this level will satisfy the michael@0: * vast majority of Latin-script users; also that TR36 has ASCII instead of Latin. michael@0: * michael@0: * @draft ICU 51 michael@0: */ michael@0: USPOOF_HIGHLY_RESTRICTIVE = 0x20000000, michael@0: /** michael@0: * Allow Latin with other scripts except Cyrillic, Greek, Cherokee Otherwise, the same as Highly Restrictive michael@0: * michael@0: * @draft ICU 51 michael@0: */ michael@0: USPOOF_MODERATELY_RESTRICTIVE = 0x30000000, michael@0: /** michael@0: * Allow arbitrary mixtures of scripts. Otherwise, the same as Moderately Restrictive. michael@0: * michael@0: * @draft ICU 51 michael@0: */ michael@0: USPOOF_MINIMALLY_RESTRICTIVE = 0x40000000, michael@0: /** michael@0: * Any valid identifiers, including characters outside of the Identifier Profile. michael@0: * michael@0: * @draft ICU 51 michael@0: */ michael@0: USPOOF_UNRESTRICTIVE = 0x50000000 michael@0: } URestrictionLevel; michael@0: #endif /* U_HIDE_DRAFT_API */ michael@0: michael@0: /** michael@0: * Create a Unicode Spoof Checker, configured to perform all michael@0: * checks except for USPOOF_LOCALE_LIMIT and USPOOF_CHAR_LIMIT. michael@0: * Note that additional checks may be added in the future, michael@0: * resulting in the changes to the default checking behavior. michael@0: * michael@0: * @param status The error code, set if this function encounters a problem. michael@0: * @return the newly created Spoof Checker michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE USpoofChecker * U_EXPORT2 michael@0: uspoof_open(UErrorCode *status); michael@0: michael@0: michael@0: /** michael@0: * Open a Spoof checker from its serialized from, stored in 32-bit-aligned memory. michael@0: * Inverse of uspoof_serialize(). michael@0: * The memory containing the serialized data must remain valid and unchanged michael@0: * as long as the spoof checker, or any cloned copies of the spoof checker, michael@0: * are in use. Ownership of the memory remains with the caller. michael@0: * The spoof checker (and any clones) must be closed prior to deleting the michael@0: * serialized data. michael@0: * michael@0: * @param data a pointer to 32-bit-aligned memory containing the serialized form of spoof data michael@0: * @param length the number of bytes available at data; michael@0: * can be more than necessary michael@0: * @param pActualLength receives the actual number of bytes at data taken up by the data; michael@0: * can be NULL michael@0: * @param pErrorCode ICU error code michael@0: * @return the spoof checker. michael@0: * michael@0: * @see uspoof_open michael@0: * @see uspoof_serialize michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE USpoofChecker * U_EXPORT2 michael@0: uspoof_openFromSerialized(const void *data, int32_t length, int32_t *pActualLength, michael@0: UErrorCode *pErrorCode); michael@0: michael@0: /** michael@0: * Open a Spoof Checker from the source form of the spoof data. michael@0: * The Three inputs correspond to the Unicode data files confusables.txt michael@0: * confusablesWholeScript.txt and xidmdifications.txt as described in michael@0: * Unicode UAX #39. The syntax of the source data is as described in UAX #39 for michael@0: * these files, and the content of these files is acceptable input. michael@0: * michael@0: * The character encoding of the (char *) input text is UTF-8. michael@0: * michael@0: * @param confusables a pointer to the confusable characters definitions, michael@0: * as found in file confusables.txt from unicode.org. michael@0: * @param confusablesLen The length of the confusables text, or -1 if the michael@0: * input string is zero terminated. michael@0: * @param confusablesWholeScript michael@0: * a pointer to the whole script confusables definitions, michael@0: * as found in the file confusablesWholeScript.txt from unicode.org. michael@0: * @param confusablesWholeScriptLen The length of the whole script confusables text, or michael@0: * -1 if the input string is zero terminated. michael@0: * @param errType In the event of an error in the input, indicates michael@0: * which of the input files contains the error. michael@0: * The value is one of USPOOF_SINGLE_SCRIPT_CONFUSABLE or michael@0: * USPOOF_WHOLE_SCRIPT_CONFUSABLE, or michael@0: * zero if no errors are found. michael@0: * @param pe In the event of an error in the input, receives the position michael@0: * in the input text (line, offset) of the error. michael@0: * @param status an in/out ICU UErrorCode. Among the possible errors is michael@0: * U_PARSE_ERROR, which is used to report syntax errors michael@0: * in the input. michael@0: * @return A spoof checker that uses the rules from the input files. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE USpoofChecker * U_EXPORT2 michael@0: uspoof_openFromSource(const char *confusables, int32_t confusablesLen, michael@0: const char *confusablesWholeScript, int32_t confusablesWholeScriptLen, michael@0: int32_t *errType, UParseError *pe, UErrorCode *status); michael@0: michael@0: michael@0: /** michael@0: * Close a Spoof Checker, freeing any memory that was being held by michael@0: * its implementation. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE void U_EXPORT2 michael@0: uspoof_close(USpoofChecker *sc); michael@0: michael@0: #if U_SHOW_CPLUSPLUS_API michael@0: michael@0: U_NAMESPACE_BEGIN michael@0: michael@0: /** michael@0: * \class LocalUSpoofCheckerPointer michael@0: * "Smart pointer" class, closes a USpoofChecker via uspoof_close(). michael@0: * For most methods see the LocalPointerBase base class. michael@0: * michael@0: * @see LocalPointerBase michael@0: * @see LocalPointer michael@0: * @stable ICU 4.4 michael@0: */ michael@0: U_DEFINE_LOCAL_OPEN_POINTER(LocalUSpoofCheckerPointer, USpoofChecker, uspoof_close); michael@0: michael@0: U_NAMESPACE_END michael@0: michael@0: #endif michael@0: michael@0: /** michael@0: * Clone a Spoof Checker. The clone will be set to perform the same checks michael@0: * as the original source. michael@0: * michael@0: * @param sc The source USpoofChecker michael@0: * @param status The error code, set if this function encounters a problem. michael@0: * @return michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE USpoofChecker * U_EXPORT2 michael@0: uspoof_clone(const USpoofChecker *sc, UErrorCode *status); michael@0: michael@0: michael@0: /** michael@0: * Specify the set of checks that will be performed by the check michael@0: * functions of this Spoof Checker. michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param checks The set of checks that this spoof checker will perform. michael@0: * The value is a bit set, obtained by OR-ing together michael@0: * values from enum USpoofChecks. michael@0: * @param status The error code, set if this function encounters a problem. michael@0: * @stable ICU 4.2 michael@0: * michael@0: */ michael@0: U_STABLE void U_EXPORT2 michael@0: uspoof_setChecks(USpoofChecker *sc, int32_t checks, UErrorCode *status); michael@0: michael@0: /** michael@0: * Get the set of checks that this Spoof Checker has been configured to perform. michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param status The error code, set if this function encounters a problem. michael@0: * @return The set of checks that this spoof checker will perform. michael@0: * The value is a bit set, obtained by OR-ing together michael@0: * values from enum USpoofChecks. michael@0: * @stable ICU 4.2 michael@0: * michael@0: */ michael@0: U_STABLE int32_t U_EXPORT2 michael@0: uspoof_getChecks(const USpoofChecker *sc, UErrorCode *status); michael@0: michael@0: #ifndef U_HIDE_DRAFT_API michael@0: /** michael@0: * Set the loosest restriction level allowed. The default if this function michael@0: * is not called is HIGHLY_RESTRICTIVE. michael@0: * Calling this function also enables the RESTRICTION_LEVEL check. michael@0: * @param restrictionLevel The loosest restriction level allowed. michael@0: * @see URestrictionLevel michael@0: * @draft ICU 51 michael@0: */ michael@0: U_DRAFT void U_EXPORT2 michael@0: uspoof_setRestrictionLevel(USpoofChecker *sc, URestrictionLevel restrictionLevel); michael@0: michael@0: michael@0: /** michael@0: * Get the Restriction Level that will be tested if the checks include RESTRICTION_LEVEL. michael@0: * michael@0: * @return The restriction level michael@0: * @see URestrictionLevel michael@0: * @draft ICU 51 michael@0: */ michael@0: U_DRAFT URestrictionLevel U_EXPORT2 michael@0: uspoof_getRestrictionLevel(const USpoofChecker *sc); michael@0: #endif /* U_HIDE_DRAFT_API */ michael@0: michael@0: /** michael@0: * Limit characters that are acceptable in identifiers being checked to those michael@0: * normally used with the languages associated with the specified locales. michael@0: * Any previously specified list of locales is replaced by the new settings. michael@0: * michael@0: * A set of languages is determined from the locale(s), and michael@0: * from those a set of acceptable Unicode scripts is determined. michael@0: * Characters from this set of scripts, along with characters from michael@0: * the "common" and "inherited" Unicode Script categories michael@0: * will be permitted. michael@0: * michael@0: * Supplying an empty string removes all restrictions; michael@0: * characters from any script will be allowed. michael@0: * michael@0: * The USPOOF_CHAR_LIMIT test is automatically enabled for this michael@0: * USpoofChecker when calling this function with a non-empty list michael@0: * of locales. michael@0: * michael@0: * The Unicode Set of characters that will be allowed is accessible michael@0: * via the uspoof_getAllowedChars() function. uspoof_setAllowedLocales() michael@0: * will replace any previously applied set of allowed characters. michael@0: * michael@0: * Adjustments, such as additions or deletions of certain classes of characters, michael@0: * can be made to the result of uspoof_setAllowedLocales() by michael@0: * fetching the resulting set with uspoof_getAllowedChars(), michael@0: * manipulating it with the Unicode Set API, then resetting the michael@0: * spoof detectors limits with uspoof_setAllowedChars() michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param localesList A list list of locales, from which the language michael@0: * and associated script are extracted. The locales michael@0: * are comma-separated if there is more than one. michael@0: * White space may not appear within an individual locale, michael@0: * but is ignored otherwise. michael@0: * The locales are syntactically like those from the michael@0: * HTTP Accept-Language header. michael@0: * If the localesList is empty, no restrictions will be placed on michael@0: * the allowed characters. michael@0: * michael@0: * @param status The error code, set if this function encounters a problem. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE void U_EXPORT2 michael@0: uspoof_setAllowedLocales(USpoofChecker *sc, const char *localesList, UErrorCode *status); michael@0: michael@0: /** michael@0: * Get a list of locales for the scripts that are acceptable in strings michael@0: * to be checked. If no limitations on scripts have been specified, michael@0: * an empty string will be returned. michael@0: * michael@0: * uspoof_setAllowedChars() will reset the list of allowed to be empty. michael@0: * michael@0: * The format of the returned list is the same as that supplied to michael@0: * uspoof_setAllowedLocales(), but returned list may not be identical michael@0: * to the originally specified string; the string may be reformatted, michael@0: * and information other than languages from michael@0: * the originally specified locales may be omitted. michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param status The error code, set if this function encounters a problem. michael@0: * @return A string containing a list of locales corresponding michael@0: * to the acceptable scripts, formatted like an michael@0: * HTTP Accept Language value. michael@0: * michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE const char * U_EXPORT2 michael@0: uspoof_getAllowedLocales(USpoofChecker *sc, UErrorCode *status); michael@0: michael@0: michael@0: /** michael@0: * Limit the acceptable characters to those specified by a Unicode Set. michael@0: * Any previously specified character limit is michael@0: * is replaced by the new settings. This includes limits on michael@0: * characters that were set with the uspoof_setAllowedLocales() function. michael@0: * michael@0: * The USPOOF_CHAR_LIMIT test is automatically enabled for this michael@0: * USpoofChecker by this function. michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param chars A Unicode Set containing the list of michael@0: * characters that are permitted. Ownership of the set michael@0: * remains with the caller. The incoming set is cloned by michael@0: * this function, so there are no restrictions on modifying michael@0: * or deleting the USet after calling this function. michael@0: * @param status The error code, set if this function encounters a problem. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE void U_EXPORT2 michael@0: uspoof_setAllowedChars(USpoofChecker *sc, const USet *chars, UErrorCode *status); michael@0: michael@0: michael@0: /** michael@0: * Get a USet for the characters permitted in an identifier. michael@0: * This corresponds to the limits imposed by the Set Allowed Characters michael@0: * functions. Limitations imposed by other checks will not be michael@0: * reflected in the set returned by this function. michael@0: * michael@0: * The returned set will be frozen, meaning that it cannot be modified michael@0: * by the caller. michael@0: * michael@0: * Ownership of the returned set remains with the Spoof Detector. The michael@0: * returned set will become invalid if the spoof detector is closed, michael@0: * or if a new set of allowed characters is specified. michael@0: * michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param status The error code, set if this function encounters a problem. michael@0: * @return A USet containing the characters that are permitted by michael@0: * the USPOOF_CHAR_LIMIT test. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE const USet * U_EXPORT2 michael@0: uspoof_getAllowedChars(const USpoofChecker *sc, UErrorCode *status); michael@0: michael@0: michael@0: #if U_SHOW_CPLUSPLUS_API michael@0: /** michael@0: * Limit the acceptable characters to those specified by a Unicode Set. michael@0: * Any previously specified character limit is michael@0: * is replaced by the new settings. This includes limits on michael@0: * characters that were set with the uspoof_setAllowedLocales() function. michael@0: * michael@0: * The USPOOF_CHAR_LIMIT test is automatically enabled for this michael@0: * USoofChecker by this function. michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param chars A Unicode Set containing the list of michael@0: * characters that are permitted. Ownership of the set michael@0: * remains with the caller. The incoming set is cloned by michael@0: * this function, so there are no restrictions on modifying michael@0: * or deleting the UnicodeSet after calling this function. michael@0: * @param status The error code, set if this function encounters a problem. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE void U_EXPORT2 michael@0: uspoof_setAllowedUnicodeSet(USpoofChecker *sc, const icu::UnicodeSet *chars, UErrorCode *status); michael@0: michael@0: michael@0: /** michael@0: * Get a UnicodeSet for the characters permitted in an identifier. michael@0: * This corresponds to the limits imposed by the Set Allowed Characters / michael@0: * UnicodeSet functions. Limitations imposed by other checks will not be michael@0: * reflected in the set returned by this function. michael@0: * michael@0: * The returned set will be frozen, meaning that it cannot be modified michael@0: * by the caller. michael@0: * michael@0: * Ownership of the returned set remains with the Spoof Detector. The michael@0: * returned set will become invalid if the spoof detector is closed, michael@0: * or if a new set of allowed characters is specified. michael@0: * michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param status The error code, set if this function encounters a problem. michael@0: * @return A UnicodeSet containing the characters that are permitted by michael@0: * the USPOOF_CHAR_LIMIT test. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE const icu::UnicodeSet * U_EXPORT2 michael@0: uspoof_getAllowedUnicodeSet(const USpoofChecker *sc, UErrorCode *status); michael@0: #endif michael@0: michael@0: michael@0: /** michael@0: * Check the specified string for possible security issues. michael@0: * The text to be checked will typically be an identifier of some sort. michael@0: * The set of checks to be performed is specified with uspoof_setChecks(). michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param id The identifier to be checked for possible security issues, michael@0: * in UTF-16 format. michael@0: * @param length the length of the string to be checked, expressed in michael@0: * 16 bit UTF-16 code units, or -1 if the string is michael@0: * zero terminated. michael@0: * @param position An out parameter. michael@0: * Originally, the index of the first string position that failed a check. michael@0: * Now, always returns zero. michael@0: * This parameter may be null. michael@0: * @param status The error code, set if an error occurred while attempting to michael@0: * perform the check. michael@0: * Spoofing or security issues detected with the input string are michael@0: * not reported here, but through the function's return value. michael@0: * @return An integer value with bits set for any potential security michael@0: * or spoofing issues detected. The bits are defined by michael@0: * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS) michael@0: * will be zero if the input string passes all of the michael@0: * enabled checks. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE int32_t U_EXPORT2 michael@0: uspoof_check(const USpoofChecker *sc, michael@0: const UChar *id, int32_t length, michael@0: int32_t *position, michael@0: UErrorCode *status); michael@0: michael@0: michael@0: /** michael@0: * Check the specified string for possible security issues. michael@0: * The text to be checked will typically be an identifier of some sort. michael@0: * The set of checks to be performed is specified with uspoof_setChecks(). michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param id A identifier to be checked for possible security issues, in UTF8 format. michael@0: * @param length the length of the string to be checked, or -1 if the string is michael@0: * zero terminated. michael@0: * @param position An out parameter. michael@0: * Originally, the index of the first string position that failed a check. michael@0: * Now, always returns zero. michael@0: * This parameter may be null. michael@0: * @deprecated ICU 51 michael@0: * @param status The error code, set if an error occurred while attempting to michael@0: * perform the check. michael@0: * Spoofing or security issues detected with the input string are michael@0: * not reported here, but through the function's return value. michael@0: * If the input contains invalid UTF-8 sequences, michael@0: * a status of U_INVALID_CHAR_FOUND will be returned. michael@0: * @return An integer value with bits set for any potential security michael@0: * or spoofing issues detected. The bits are defined by michael@0: * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS) michael@0: * will be zero if the input string passes all of the michael@0: * enabled checks. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE int32_t U_EXPORT2 michael@0: uspoof_checkUTF8(const USpoofChecker *sc, michael@0: const char *id, int32_t length, michael@0: int32_t *position, michael@0: UErrorCode *status); michael@0: michael@0: michael@0: #if U_SHOW_CPLUSPLUS_API michael@0: /** michael@0: * Check the specified string for possible security issues. michael@0: * The text to be checked will typically be an identifier of some sort. michael@0: * The set of checks to be performed is specified with uspoof_setChecks(). michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param id A identifier to be checked for possible security issues. michael@0: * @param position An out parameter. michael@0: * Originally, the index of the first string position that failed a check. michael@0: * Now, always returns zero. michael@0: * This parameter may be null. michael@0: * @deprecated ICU 51 michael@0: * @param status The error code, set if an error occurred while attempting to michael@0: * perform the check. michael@0: * Spoofing or security issues detected with the input string are michael@0: * not reported here, but through the function's return value. michael@0: * @return An integer value with bits set for any potential security michael@0: * or spoofing issues detected. The bits are defined by michael@0: * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS) michael@0: * will be zero if the input string passes all of the michael@0: * enabled checks. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE int32_t U_EXPORT2 michael@0: uspoof_checkUnicodeString(const USpoofChecker *sc, michael@0: const icu::UnicodeString &id, michael@0: int32_t *position, michael@0: UErrorCode *status); michael@0: michael@0: #endif michael@0: michael@0: michael@0: /** michael@0: * Check the whether two specified strings are visually confusable. michael@0: * The types of confusability to be tested - single script, mixed script, michael@0: * or whole script - are determined by the check options set for the michael@0: * USpoofChecker. michael@0: * michael@0: * The tests to be performed are controlled by the flags michael@0: * USPOOF_SINGLE_SCRIPT_CONFUSABLE michael@0: * USPOOF_MIXED_SCRIPT_CONFUSABLE michael@0: * USPOOF_WHOLE_SCRIPT_CONFUSABLE michael@0: * At least one of these tests must be selected. michael@0: * michael@0: * USPOOF_ANY_CASE is a modifier for the tests. Select it if the identifiers michael@0: * may be of mixed case. michael@0: * If identifiers are case folded for comparison and michael@0: * display to the user, do not select the USPOOF_ANY_CASE option. michael@0: * michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param id1 The first of the two identifiers to be compared for michael@0: * confusability. The strings are in UTF-16 format. michael@0: * @param length1 the length of the first identifer, expressed in michael@0: * 16 bit UTF-16 code units, or -1 if the string is michael@0: * nul terminated. michael@0: * @param id2 The second of the two identifiers to be compared for michael@0: * confusability. The identifiers are in UTF-16 format. michael@0: * @param length2 The length of the second identifiers, expressed in michael@0: * 16 bit UTF-16 code units, or -1 if the string is michael@0: * nul terminated. michael@0: * @param status The error code, set if an error occurred while attempting to michael@0: * perform the check. michael@0: * Confusability of the identifiers is not reported here, michael@0: * but through this function's return value. michael@0: * @return An integer value with bit(s) set corresponding to michael@0: * the type of confusability found, as defined by michael@0: * enum USpoofChecks. Zero is returned if the identifiers michael@0: * are not confusable. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE int32_t U_EXPORT2 michael@0: uspoof_areConfusable(const USpoofChecker *sc, michael@0: const UChar *id1, int32_t length1, michael@0: const UChar *id2, int32_t length2, michael@0: UErrorCode *status); michael@0: michael@0: michael@0: michael@0: /** michael@0: * Check the whether two specified strings are visually confusable. michael@0: * The types of confusability to be tested - single script, mixed script, michael@0: * or whole script - are determined by the check options set for the michael@0: * USpoofChecker. michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param id1 The first of the two identifiers to be compared for michael@0: * confusability. The strings are in UTF-8 format. michael@0: * @param length1 the length of the first identifiers, in bytes, or -1 michael@0: * if the string is nul terminated. michael@0: * @param id2 The second of the two identifiers to be compared for michael@0: * confusability. The strings are in UTF-8 format. michael@0: * @param length2 The length of the second string in bytes, or -1 michael@0: * if the string is nul terminated. michael@0: * @param status The error code, set if an error occurred while attempting to michael@0: * perform the check. michael@0: * Confusability of the strings is not reported here, michael@0: * but through this function's return value. michael@0: * @return An integer value with bit(s) set corresponding to michael@0: * the type of confusability found, as defined by michael@0: * enum USpoofChecks. Zero is returned if the strings michael@0: * are not confusable. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE int32_t U_EXPORT2 michael@0: uspoof_areConfusableUTF8(const USpoofChecker *sc, michael@0: const char *id1, int32_t length1, michael@0: const char *id2, int32_t length2, michael@0: UErrorCode *status); michael@0: michael@0: michael@0: michael@0: michael@0: #if U_SHOW_CPLUSPLUS_API michael@0: /** michael@0: * Check the whether two specified strings are visually confusable. michael@0: * The types of confusability to be tested - single script, mixed script, michael@0: * or whole script - are determined by the check options set for the michael@0: * USpoofChecker. michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param s1 The first of the two identifiers to be compared for michael@0: * confusability. The strings are in UTF-8 format. michael@0: * @param s2 The second of the two identifiers to be compared for michael@0: * confusability. The strings are in UTF-8 format. michael@0: * @param status The error code, set if an error occurred while attempting to michael@0: * perform the check. michael@0: * Confusability of the identifiers is not reported here, michael@0: * but through this function's return value. michael@0: * @return An integer value with bit(s) set corresponding to michael@0: * the type of confusability found, as defined by michael@0: * enum USpoofChecks. Zero is returned if the identifiers michael@0: * are not confusable. michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE int32_t U_EXPORT2 michael@0: uspoof_areConfusableUnicodeString(const USpoofChecker *sc, michael@0: const icu::UnicodeString &s1, michael@0: const icu::UnicodeString &s2, michael@0: UErrorCode *status); michael@0: #endif michael@0: michael@0: michael@0: /** michael@0: * Get the "skeleton" for an identifier. michael@0: * Skeletons are a transformation of the input identifier; michael@0: * Two identifiers are confusable if their skeletons are identical. michael@0: * See Unicode UAX #39 for additional information. michael@0: * michael@0: * Using skeletons directly makes it possible to quickly check michael@0: * whether an identifier is confusable with any of some large michael@0: * set of existing identifiers, by creating an efficiently michael@0: * searchable collection of the skeletons. michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param type The type of skeleton, corresponding to which michael@0: * of the Unicode confusable data tables to use. michael@0: * The default is Mixed-Script, Lowercase. michael@0: * Allowed options are USPOOF_SINGLE_SCRIPT_CONFUSABLE and michael@0: * USPOOF_ANY_CASE_CONFUSABLE. The two flags may be ORed. michael@0: * @param id The input identifier whose skeleton will be computed. michael@0: * @param length The length of the input identifier, expressed in 16 bit michael@0: * UTF-16 code units, or -1 if the string is zero terminated. michael@0: * @param dest The output buffer, to receive the skeleton string. michael@0: * @param destCapacity The length of the output buffer, in 16 bit units. michael@0: * The destCapacity may be zero, in which case the function will michael@0: * return the actual length of the skeleton. michael@0: * @param status The error code, set if an error occurred while attempting to michael@0: * perform the check. michael@0: * @return The length of the skeleton string. The returned length michael@0: * is always that of the complete skeleton, even when the michael@0: * supplied buffer is too small (or of zero length) michael@0: * michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE int32_t U_EXPORT2 michael@0: uspoof_getSkeleton(const USpoofChecker *sc, michael@0: uint32_t type, michael@0: const UChar *id, int32_t length, michael@0: UChar *dest, int32_t destCapacity, michael@0: UErrorCode *status); michael@0: michael@0: /** michael@0: * Get the "skeleton" for an identifier. michael@0: * Skeletons are a transformation of the input identifier; michael@0: * Two identifiers are confusable if their skeletons are identical. michael@0: * See Unicode UAX #39 for additional information. michael@0: * michael@0: * Using skeletons directly makes it possible to quickly check michael@0: * whether an identifier is confusable with any of some large michael@0: * set of existing identifiers, by creating an efficiently michael@0: * searchable collection of the skeletons. michael@0: * michael@0: * @param sc The USpoofChecker michael@0: * @param type The type of skeleton, corresponding to which michael@0: * of the Unicode confusable data tables to use. michael@0: * The default is Mixed-Script, Lowercase. michael@0: * Allowed options are USPOOF_SINGLE_SCRIPT_CONFUSABLE and michael@0: * USPOOF_ANY_CASE. The two flags may be ORed. michael@0: * @param id The UTF-8 format identifier whose skeleton will be computed. michael@0: * @param length The length of the input string, in bytes, michael@0: * or -1 if the string is zero terminated. michael@0: * @param dest The output buffer, to receive the skeleton string. michael@0: * @param destCapacity The length of the output buffer, in bytes. michael@0: * The destCapacity may be zero, in which case the function will michael@0: * return the actual length of the skeleton. michael@0: * @param status The error code, set if an error occurred while attempting to michael@0: * perform the check. Possible Errors include U_INVALID_CHAR_FOUND michael@0: * for invalid UTF-8 sequences, and michael@0: * U_BUFFER_OVERFLOW_ERROR if the destination buffer is too small michael@0: * to hold the complete skeleton. michael@0: * @return The length of the skeleton string, in bytes. The returned length michael@0: * is always that of the complete skeleton, even when the michael@0: * supplied buffer is too small (or of zero length) michael@0: * michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE int32_t U_EXPORT2 michael@0: uspoof_getSkeletonUTF8(const USpoofChecker *sc, michael@0: uint32_t type, michael@0: const char *id, int32_t length, michael@0: char *dest, int32_t destCapacity, michael@0: UErrorCode *status); michael@0: michael@0: #if U_SHOW_CPLUSPLUS_API michael@0: /** michael@0: * Get the "skeleton" for an identifier. michael@0: * Skeletons are a transformation of the input identifier; michael@0: * Two identifiers are confusable if their skeletons are identical. michael@0: * See Unicode UAX #39 for additional information. michael@0: * michael@0: * Using skeletons directly makes it possible to quickly check michael@0: * whether an identifier is confusable with any of some large michael@0: * set of existing identifiers, by creating an efficiently michael@0: * searchable collection of the skeletons. michael@0: * michael@0: * @param sc The USpoofChecker. michael@0: * @param type The type of skeleton, corresponding to which michael@0: * of the Unicode confusable data tables to use. michael@0: * The default is Mixed-Script, Lowercase. michael@0: * Allowed options are USPOOF_SINGLE_SCRIPT_CONFUSABLE and michael@0: * USPOOF_ANY_CASE_CONFUSABLE. The two flags may be ORed. michael@0: * @param id The input identifier whose skeleton will be computed. michael@0: * @param dest The output identifier, to receive the skeleton string. michael@0: * @param status The error code, set if an error occurred while attempting to michael@0: * perform the check. michael@0: * @return A reference to the destination (skeleton) string. michael@0: * michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_I18N_API icu::UnicodeString & U_EXPORT2 michael@0: uspoof_getSkeletonUnicodeString(const USpoofChecker *sc, michael@0: uint32_t type, michael@0: const icu::UnicodeString &id, michael@0: icu::UnicodeString &dest, michael@0: UErrorCode *status); michael@0: #endif /* U_SHOW_CPLUSPLUS_API */ michael@0: michael@0: michael@0: #ifndef U_HIDE_DRAFT_API michael@0: /** michael@0: * Get the set of Candidate Characters for Inclusion in Identifiers, as defined michael@0: * in Unicode UAX #31, http://www.unicode.org/reports/tr31/#Table_Candidate_Characters_for_Inclusion_in_Identifiers michael@0: * michael@0: * The returned set is frozen. Ownership of the set remains with the ICU library; it must not michael@0: * be deleted by the caller. michael@0: * michael@0: * @param status The error code, set if a problem occurs while creating the set. michael@0: * michael@0: * @draft ICU 51 michael@0: */ michael@0: U_DRAFT const USet * U_EXPORT2 michael@0: uspoof_getInclusionSet(UErrorCode *status); michael@0: michael@0: /** michael@0: * Get the set of characters from Recommended Scripts for Inclusion in Identifiers, as defined michael@0: * in Unicode UAX #31, http://www.unicode.org/reports/tr31/#Table_Recommended_Scripts michael@0: * michael@0: * The returned set is frozen. Ownership of the set remains with the ICU library; it must not michael@0: * be deleted by the caller. michael@0: * michael@0: * @param status The error code, set if a problem occurs while creating the set. michael@0: * michael@0: * @draft ICU 51 michael@0: */ michael@0: U_DRAFT const USet * U_EXPORT2 michael@0: uspoof_getRecommendedSet(UErrorCode *status); michael@0: michael@0: #if U_SHOW_CPLUSPLUS_API michael@0: michael@0: /** michael@0: * Get the set of Candidate Characters for Inclusion in Identifiers, as defined michael@0: * in Unicode UAX #31, http://www.unicode.org/reports/tr31/#Table_Candidate_Characters_for_Inclusion_in_Identifiers michael@0: * michael@0: * The returned set is frozen. Ownership of the set remains with the ICU library; it must not michael@0: * be deleted by the caller. michael@0: * michael@0: * @param status The error code, set if a problem occurs while creating the set. michael@0: * michael@0: * @draft ICU 51 michael@0: */ michael@0: U_DRAFT const icu::UnicodeSet * U_EXPORT2 michael@0: uspoof_getInclusionUnicodeSet(UErrorCode *status); michael@0: michael@0: /** michael@0: * Get the set of characters from Recommended Scripts for Inclusion in Identifiers, as defined michael@0: * in Unicode UAX #31, http://www.unicode.org/reports/tr31/#Table_Recommended_Scripts michael@0: * michael@0: * The returned set is frozen. Ownership of the set remains with the ICU library; it must not michael@0: * be deleted by the caller. michael@0: * michael@0: * @param status The error code, set if a problem occurs while creating the set. michael@0: * michael@0: * @draft ICU 51 michael@0: */ michael@0: U_DRAFT const icu::UnicodeSet * U_EXPORT2 michael@0: uspoof_getRecommendedUnicodeSet(UErrorCode *status); michael@0: michael@0: #endif /* U_SHOW_CPLUSPLUS_API */ michael@0: #endif /* U_HIDE_DRAFT_API */ michael@0: michael@0: /** michael@0: * Serialize the data for a spoof detector into a chunk of memory. michael@0: * The flattened spoof detection tables can later be used to efficiently michael@0: * instantiate a new Spoof Detector. michael@0: * michael@0: * The serialized spoof checker includes only the data compiled from the michael@0: * Unicode data tables by uspoof_openFromSource(); it does not include michael@0: * include any other state or configuration that may have been set. michael@0: * michael@0: * @param sc the Spoof Detector whose data is to be serialized. michael@0: * @param data a pointer to 32-bit-aligned memory to be filled with the data, michael@0: * can be NULL if capacity==0 michael@0: * @param capacity the number of bytes available at data, michael@0: * or 0 for preflighting michael@0: * @param status an in/out ICU UErrorCode; possible errors include: michael@0: * - U_BUFFER_OVERFLOW_ERROR if the data storage block is too small for serialization michael@0: * - U_ILLEGAL_ARGUMENT_ERROR the data or capacity parameters are bad michael@0: * @return the number of bytes written or needed for the spoof data michael@0: * michael@0: * @see utrie2_openFromSerialized() michael@0: * @stable ICU 4.2 michael@0: */ michael@0: U_STABLE int32_t U_EXPORT2 michael@0: uspoof_serialize(USpoofChecker *sc, michael@0: void *data, int32_t capacity, michael@0: UErrorCode *status); michael@0: michael@0: michael@0: #endif michael@0: michael@0: #endif /* USPOOF_H */