1 // © 2016 and later: Unicode, Inc. and others. 2 // License & terms of use: http://www.unicode.org/copyright.html 3 /* 4 *************************************************************************** 5 * Copyright (C) 2008-2016, International Business Machines Corporation 6 * and others. All Rights Reserved. 7 *************************************************************************** 8 * file name: uspoof.h 9 * encoding: UTF-8 10 * tab size: 8 (not used) 11 * indentation:4 12 * 13 * created on: 2008Feb13 14 * created by: Andy Heninger 15 * 16 * Unicode Spoof Detection 17 */ 18 19 #ifndef USPOOF_H 20 #define USPOOF_H 21 22 #include "unicode/utypes.h" 23 #include "unicode/uset.h" 24 #include "unicode/parseerr.h" 25 26 #if !UCONFIG_NO_NORMALIZATION 27 28 29 #if U_SHOW_CPLUSPLUS_API 30 #include "unicode/localpointer.h" 31 #include "unicode/unistr.h" 32 #include "unicode/uniset.h" 33 #endif 34 35 36 /** 37 * \file 38 * \brief C API: Unicode Security and Spoofing Detection 39 * 40 * <p> 41 * This class, based on <a href="http://unicode.org/reports/tr36">Unicode Technical Report #36</a> and 42 * <a href="http://unicode.org/reports/tr39">Unicode Technical Standard #39</a>, has two main functions: 43 * 44 * <ol> 45 * <li>Checking whether two strings are visually <em>confusable</em> with each other, such as "Harvest" and 46 * "Ηarvest", where the second string starts with the Greek capital letter Eta.</li> 47 * <li>Checking whether an individual string is likely to be an attempt at confusing the reader (<em>spoof 48 * detection</em>), such as "paypal" with some Latin characters substituted with Cyrillic look-alikes.</li> 49 * </ol> 50 * 51 * <p> 52 * Although originally designed as a method for flagging suspicious identifier strings such as URLs, 53 * <code>USpoofChecker</code> has a number of other practical use cases, such as preventing attempts to evade bad-word 54 * content filters. 55 * 56 * <p> 57 * The functions of this class are exposed as C API, with a handful of syntactical conveniences for C++. 58 * 59 * <h2>Confusables</h2> 60 * 61 * <p> 62 * The following example shows how to use <code>USpoofChecker</code> to check for confusability between two strings: 63 * 64 * \code{.c} 65 * UErrorCode status = U_ZERO_ERROR; 66 * UChar* str1 = (UChar*) u"Harvest"; 67 * UChar* str2 = (UChar*) u"\u0397arvest"; // with U+0397 GREEK CAPITAL LETTER ETA 68 * 69 * USpoofChecker* sc = uspoof_open(&status); 70 * uspoof_setChecks(sc, USPOOF_CONFUSABLE, &status); 71 * 72 * int32_t bitmask = uspoof_areConfusable(sc, str1, -1, str2, -1, &status); 73 * UBool result = bitmask != 0; 74 * // areConfusable: 1 (status: U_ZERO_ERROR) 75 * printf("areConfusable: %d (status: %s)\n", result, u_errorName(status)); 76 * uspoof_close(sc); 77 * \endcode 78 * 79 * <p> 80 * The call to {@link uspoof_open} creates a <code>USpoofChecker</code> object; the call to {@link uspoof_setChecks} 81 * enables confusable checking and disables all other checks; the call to {@link uspoof_areConfusable} performs the 82 * confusability test; and the following line extracts the result out of the return value. For best performance, 83 * the instance should be created once (e.g., upon application startup), and the efficient 84 * {@link uspoof_areConfusable} method can be used at runtime. 85 * 86 * <p> 87 * The type {@link LocalUSpoofCheckerPointer} is exposed for C++ programmers. It will automatically call 88 * {@link uspoof_close} when the object goes out of scope: 89 * 90 * \code{.cpp} 91 * UErrorCode status = U_ZERO_ERROR; 92 * LocalUSpoofCheckerPointer sc(uspoof_open(&status)); 93 * uspoof_setChecks(sc.getAlias(), USPOOF_CONFUSABLE, &status); 94 * // ... 95 * \endcode 96 * 97 * UTS 39 defines two strings to be <em>confusable</em> if they map to the same <em>skeleton string</em>. A skeleton can 98 * be thought of as a "hash code". {@link uspoof_getSkeleton} computes the skeleton for a particular string, so 99 * the following snippet is equivalent to the example above: 100 * 101 * \code{.c} 102 * UErrorCode status = U_ZERO_ERROR; 103 * UChar* str1 = (UChar*) u"Harvest"; 104 * UChar* str2 = (UChar*) u"\u0397arvest"; // with U+0397 GREEK CAPITAL LETTER ETA 105 * 106 * USpoofChecker* sc = uspoof_open(&status); 107 * uspoof_setChecks(sc, USPOOF_CONFUSABLE, &status); 108 * 109 * // Get skeleton 1 110 * int32_t skel1Len = uspoof_getSkeleton(sc, 0, str1, -1, NULL, 0, &status); 111 * UChar* skel1 = (UChar*) malloc(++skel1Len * sizeof(UChar)); 112 * status = U_ZERO_ERROR; 113 * uspoof_getSkeleton(sc, 0, str1, -1, skel1, skel1Len, &status); 114 * 115 * // Get skeleton 2 116 * int32_t skel2Len = uspoof_getSkeleton(sc, 0, str2, -1, NULL, 0, &status); 117 * UChar* skel2 = (UChar*) malloc(++skel2Len * sizeof(UChar)); 118 * status = U_ZERO_ERROR; 119 * uspoof_getSkeleton(sc, 0, str2, -1, skel2, skel2Len, &status); 120 * 121 * // Are the skeletons the same? 122 * UBool result = u_strcmp(skel1, skel2) == 0; 123 * // areConfusable: 1 (status: U_ZERO_ERROR) 124 * printf("areConfusable: %d (status: %s)\n", result, u_errorName(status)); 125 * uspoof_close(sc); 126 * free(skel1); 127 * free(skel2); 128 * \endcode 129 * 130 * If you need to check if a string is confusable with any string in a dictionary of many strings, rather than calling 131 * {@link uspoof_areConfusable} many times in a loop, {@link uspoof_getSkeleton} can be used instead, as shown below: 132 * 133 * \code{.c} 134 * UErrorCode status = U_ZERO_ERROR; 135 * #define DICTIONARY_LENGTH 2 136 * UChar* dictionary[DICTIONARY_LENGTH] = { (UChar*) u"lorem", (UChar*) u"ipsum" }; 137 * UChar* skeletons[DICTIONARY_LENGTH]; 138 * UChar* str = (UChar*) u"1orern"; 139 * 140 * // Setup: 141 * USpoofChecker* sc = uspoof_open(&status); 142 * uspoof_setChecks(sc, USPOOF_CONFUSABLE, &status); 143 * for (size_t i=0; i<DICTIONARY_LENGTH; i++) { 144 * UChar* word = dictionary[i]; 145 * int32_t len = uspoof_getSkeleton(sc, 0, word, -1, NULL, 0, &status); 146 * skeletons[i] = (UChar*) malloc(++len * sizeof(UChar)); 147 * status = U_ZERO_ERROR; 148 * uspoof_getSkeleton(sc, 0, word, -1, skeletons[i], len, &status); 149 * } 150 * 151 * // Live Check: 152 * { 153 * int32_t len = uspoof_getSkeleton(sc, 0, str, -1, NULL, 0, &status); 154 * UChar* skel = (UChar*) malloc(++len * sizeof(UChar)); 155 * status = U_ZERO_ERROR; 156 * uspoof_getSkeleton(sc, 0, str, -1, skel, len, &status); 157 * UBool result = false; 158 * for (size_t i=0; i<DICTIONARY_LENGTH; i++) { 159 * result = u_strcmp(skel, skeletons[i]) == 0; 160 * if (result == true) { break; } 161 * } 162 * // Has confusable in dictionary: 1 (status: U_ZERO_ERROR) 163 * printf("Has confusable in dictionary: %d (status: %s)\n", result, u_errorName(status)); 164 * free(skel); 165 * } 166 * 167 * for (size_t i=0; i<DICTIONARY_LENGTH; i++) { 168 * free(skeletons[i]); 169 * } 170 * uspoof_close(sc); 171 * \endcode 172 * 173 * <b>Note:</b> Since the Unicode confusables mapping table is frequently updated, confusable skeletons are <em>not</em> 174 * guaranteed to be the same between ICU releases. We therefore recommend that you always compute confusable skeletons 175 * at runtime and do not rely on creating a permanent, or difficult to update, database of skeletons. 176 * 177 * <h2>Spoof Detection</h2> 178 * 179 * The following snippet shows a minimal example of using <code>USpoofChecker</code> to perform spoof detection on a 180 * string: 181 * 182 * \code{.c} 183 * UErrorCode status = U_ZERO_ERROR; 184 * UChar* str = (UChar*) u"p\u0430ypal"; // with U+0430 CYRILLIC SMALL LETTER A 185 * 186 * // Get the default set of allowable characters: 187 * USet* allowed = uset_openEmpty(); 188 * uset_addAll(allowed, uspoof_getRecommendedSet(&status)); 189 * uset_addAll(allowed, uspoof_getInclusionSet(&status)); 190 * 191 * USpoofChecker* sc = uspoof_open(&status); 192 * uspoof_setAllowedChars(sc, allowed, &status); 193 * uspoof_setRestrictionLevel(sc, USPOOF_MODERATELY_RESTRICTIVE); 194 * 195 * int32_t bitmask = uspoof_check(sc, str, -1, NULL, &status); 196 * UBool result = bitmask != 0; 197 * // fails checks: 1 (status: U_ZERO_ERROR) 198 * printf("fails checks: %d (status: %s)\n", result, u_errorName(status)); 199 * uspoof_close(sc); 200 * uset_close(allowed); 201 * \endcode 202 * 203 * As in the case for confusability checking, it is good practice to create one <code>USpoofChecker</code> instance at 204 * startup, and call the cheaper {@link uspoof_check} online. We specify the set of 205 * allowed characters to be those with type RECOMMENDED or INCLUSION, according to the recommendation in UTS 39. 206 * 207 * In addition to {@link uspoof_check}, the function {@link uspoof_checkUTF8} is exposed for UTF8-encoded char* strings, 208 * and {@link uspoof_checkUnicodeString} is exposed for C++ programmers. 209 * 210 * If the {@link USPOOF_AUX_INFO} check is enabled, a limited amount of information on why a string failed the checks 211 * is available in the returned bitmask. For complete information, use the {@link uspoof_check2} class of functions 212 * with a {@link USpoofCheckResult} parameter: 213 * 214 * \code{.c} 215 * UErrorCode status = U_ZERO_ERROR; 216 * UChar* str = (UChar*) u"p\u0430ypal"; // with U+0430 CYRILLIC SMALL LETTER A 217 * 218 * // Get the default set of allowable characters: 219 * USet* allowed = uset_openEmpty(); 220 * uset_addAll(allowed, uspoof_getRecommendedSet(&status)); 221 * uset_addAll(allowed, uspoof_getInclusionSet(&status)); 222 * 223 * USpoofChecker* sc = uspoof_open(&status); 224 * uspoof_setAllowedChars(sc, allowed, &status); 225 * uspoof_setRestrictionLevel(sc, USPOOF_MODERATELY_RESTRICTIVE); 226 * 227 * USpoofCheckResult* checkResult = uspoof_openCheckResult(&status); 228 * int32_t bitmask = uspoof_check2(sc, str, -1, checkResult, &status); 229 * 230 * int32_t failures1 = bitmask; 231 * int32_t failures2 = uspoof_getCheckResultChecks(checkResult, &status); 232 * assert(failures1 == failures2); 233 * // checks that failed: 0x00000010 (status: U_ZERO_ERROR) 234 * printf("checks that failed: %#010x (status: %s)\n", failures1, u_errorName(status)); 235 * 236 * // Cleanup: 237 * uspoof_close(sc); 238 * uset_close(allowed); 239 * uspoof_closeCheckResult(checkResult); 240 * \endcode 241 * 242 * C++ users can take advantage of a few syntactical conveniences. The following snippet is functionally 243 * equivalent to the one above: 244 * 245 * \code{.cpp} 246 * UErrorCode status = U_ZERO_ERROR; 247 * UnicodeString str((UChar*) u"p\u0430ypal"); // with U+0430 CYRILLIC SMALL LETTER A 248 * 249 * // Get the default set of allowable characters: 250 * UnicodeSet allowed; 251 * allowed.addAll(*uspoof_getRecommendedUnicodeSet(&status)); 252 * allowed.addAll(*uspoof_getInclusionUnicodeSet(&status)); 253 * 254 * LocalUSpoofCheckerPointer sc(uspoof_open(&status)); 255 * uspoof_setAllowedChars(sc.getAlias(), allowed.toUSet(), &status); 256 * uspoof_setRestrictionLevel(sc.getAlias(), USPOOF_MODERATELY_RESTRICTIVE); 257 * 258 * LocalUSpoofCheckResultPointer checkResult(uspoof_openCheckResult(&status)); 259 * int32_t bitmask = uspoof_check2UnicodeString(sc.getAlias(), str, checkResult.getAlias(), &status); 260 * 261 * int32_t failures1 = bitmask; 262 * int32_t failures2 = uspoof_getCheckResultChecks(checkResult.getAlias(), &status); 263 * assert(failures1 == failures2); 264 * // checks that failed: 0x00000010 (status: U_ZERO_ERROR) 265 * printf("checks that failed: %#010x (status: %s)\n", failures1, u_errorName(status)); 266 * 267 * // Explicit cleanup not necessary. 268 * \endcode 269 * 270 * The return value is a bitmask of the checks that failed. In this case, there was one check that failed: 271 * {@link USPOOF_RESTRICTION_LEVEL}, corresponding to the fifth bit (16). The possible checks are: 272 * 273 * <ul> 274 * <li><code>RESTRICTION_LEVEL</code>: flags strings that violate the 275 * <a href="http://unicode.org/reports/tr39/#Restriction_Level_Detection">Restriction Level</a> test as specified in UTS 276 * 39; in most cases, this means flagging strings that contain characters from multiple different scripts.</li> 277 * <li><code>INVISIBLE</code>: flags strings that contain invisible characters, such as zero-width spaces, or character 278 * sequences that are likely not to display, such as multiple occurrences of the same non-spacing mark.</li> 279 * <li><code>CHAR_LIMIT</code>: flags strings that contain characters outside of a specified set of acceptable 280 * characters. See {@link uspoof_setAllowedChars} and {@link uspoof_setAllowedLocales}.</li> 281 * <li><code>MIXED_NUMBERS</code>: flags strings that contain digits from multiple different numbering systems.</li> 282 * </ul> 283 * 284 * <p> 285 * These checks can be enabled independently of each other. For example, if you were interested in checking for only the 286 * INVISIBLE and MIXED_NUMBERS conditions, you could do: 287 * 288 * \code{.c} 289 * UErrorCode status = U_ZERO_ERROR; 290 * UChar* str = (UChar*) u"8\u09EA"; // 8 mixed with U+09EA BENGALI DIGIT FOUR 291 * 292 * USpoofChecker* sc = uspoof_open(&status); 293 * uspoof_setChecks(sc, USPOOF_INVISIBLE | USPOOF_MIXED_NUMBERS, &status); 294 * 295 * int32_t bitmask = uspoof_check2(sc, str, -1, NULL, &status); 296 * UBool result = bitmask != 0; 297 * // fails checks: 1 (status: U_ZERO_ERROR) 298 * printf("fails checks: %d (status: %s)\n", result, u_errorName(status)); 299 * uspoof_close(sc); 300 * \endcode 301 * 302 * Here is an example in C++ showing how to compute the restriction level of a string: 303 * 304 * \code{.cpp} 305 * UErrorCode status = U_ZERO_ERROR; 306 * UnicodeString str((UChar*) u"p\u0430ypal"); // with U+0430 CYRILLIC SMALL LETTER A 307 * 308 * // Get the default set of allowable characters: 309 * UnicodeSet allowed; 310 * allowed.addAll(*uspoof_getRecommendedUnicodeSet(&status)); 311 * allowed.addAll(*uspoof_getInclusionUnicodeSet(&status)); 312 * 313 * LocalUSpoofCheckerPointer sc(uspoof_open(&status)); 314 * uspoof_setAllowedChars(sc.getAlias(), allowed.toUSet(), &status); 315 * uspoof_setRestrictionLevel(sc.getAlias(), USPOOF_MODERATELY_RESTRICTIVE); 316 * uspoof_setChecks(sc.getAlias(), USPOOF_RESTRICTION_LEVEL | USPOOF_AUX_INFO, &status); 317 * 318 * LocalUSpoofCheckResultPointer checkResult(uspoof_openCheckResult(&status)); 319 * int32_t bitmask = uspoof_check2UnicodeString(sc.getAlias(), str, checkResult.getAlias(), &status); 320 * 321 * URestrictionLevel restrictionLevel = uspoof_getCheckResultRestrictionLevel(checkResult.getAlias(), &status); 322 * // Since USPOOF_AUX_INFO was enabled, the restriction level is also available in the upper bits of the bitmask: 323 * assert((restrictionLevel & bitmask) == restrictionLevel); 324 * // Restriction level: 0x50000000 (status: U_ZERO_ERROR) 325 * printf("Restriction level: %#010x (status: %s)\n", restrictionLevel, u_errorName(status)); 326 * \endcode 327 * 328 * The code '0x50000000' corresponds to the restriction level USPOOF_MINIMALLY_RESTRICTIVE. Since 329 * USPOOF_MINIMALLY_RESTRICTIVE is weaker than USPOOF_MODERATELY_RESTRICTIVE, the string fails the check. 330 * 331 * <b>Note:</b> The Restriction Level is the most powerful of the checks. The full logic is documented in 332 * <a href="http://unicode.org/reports/tr39/#Restriction_Level_Detection">UTS 39</a>, but the basic idea is that strings 333 * are restricted to contain characters from only a single script, <em>except</em> that most scripts are allowed to have 334 * Latin characters interspersed. Although the default restriction level is <code>HIGHLY_RESTRICTIVE</code>, it is 335 * recommended that users set their restriction level to <code>MODERATELY_RESTRICTIVE</code>, which allows Latin mixed 336 * with all other scripts except Cyrillic, Greek, and Cherokee, with which it is often confusable. For more details on 337 * the levels, see UTS 39 or {@link URestrictionLevel}. The Restriction Level test is aware of the set of 338 * allowed characters set in {@link uspoof_setAllowedChars}. Note that characters which have script code 339 * COMMON or INHERITED, such as numbers and punctuation, are ignored when computing whether a string has multiple 340 * scripts. 341 * 342 * <h2>Additional Information</h2> 343 * 344 * A <code>USpoofChecker</code> instance may be used repeatedly to perform checks on any number of identifiers. 345 * 346 * <b>Thread Safety:</b> The test functions for checking a single identifier, or for testing whether 347 * two identifiers are possible confusable, are thread safe. They may called concurrently, from multiple threads, 348 * using the same USpoofChecker instance. 349 * 350 * More generally, the standard ICU thread safety rules apply: functions that take a const USpoofChecker parameter are 351 * thread safe. Those that take a non-const USpoofChecker are not thread safe.. 352 * 353 * @stable ICU 4.6 354 */ 355 356 U_CDECL_BEGIN 357 358 struct USpoofChecker; 359 /** 360 * @stable ICU 4.2 361 */ 362 typedef struct USpoofChecker USpoofChecker; /**< typedef for C of USpoofChecker */ 363 364 struct USpoofCheckResult; 365 /** 366 * @see uspoof_openCheckResult 367 * @stable ICU 58 368 */ 369 typedef struct USpoofCheckResult USpoofCheckResult; 370 371 /** 372 * Enum for the kinds of checks that USpoofChecker can perform. 373 * These enum values are used both to select the set of checks that 374 * will be performed, and to report results from the check function. 375 * 376 * @stable ICU 4.2 377 */ 378 typedef enum USpoofChecks { 379 /** 380 * When performing the two-string {@link uspoof_areConfusable} test, this flag in the return value indicates 381 * that the two strings are visually confusable and that they are from the same script, according to UTS 39 section 382 * 4. 383 * 384 * @see uspoof_areConfusable 385 * @stable ICU 4.2 386 */ 387 USPOOF_SINGLE_SCRIPT_CONFUSABLE = 1, 388 389 /** 390 * When performing the two-string {@link uspoof_areConfusable} test, this flag in the return value indicates 391 * that the two strings are visually confusable and that they are <b>not</b> from the same script, according to UTS 392 * 39 section 4. 393 * 394 * @see uspoof_areConfusable 395 * @stable ICU 4.2 396 */ 397 USPOOF_MIXED_SCRIPT_CONFUSABLE = 2, 398 399 /** 400 * When performing the two-string {@link uspoof_areConfusable} test, this flag in the return value indicates 401 * that the two strings are visually confusable and that they are not from the same script but both of them are 402 * single-script strings, according to UTS 39 section 4. 403 * 404 * @see uspoof_areConfusable 405 * @stable ICU 4.2 406 */ 407 USPOOF_WHOLE_SCRIPT_CONFUSABLE = 4, 408 409 /** 410 * Enable this flag in {@link uspoof_setChecks} to turn on all types of confusables. You may set 411 * the checks to some subset of SINGLE_SCRIPT_CONFUSABLE, MIXED_SCRIPT_CONFUSABLE, or WHOLE_SCRIPT_CONFUSABLE to 412 * make {@link uspoof_areConfusable} return only those types of confusables. 413 * 414 * @see uspoof_areConfusable 415 * @see uspoof_getSkeleton 416 * @stable ICU 58 417 */ 418 USPOOF_CONFUSABLE = USPOOF_SINGLE_SCRIPT_CONFUSABLE | USPOOF_MIXED_SCRIPT_CONFUSABLE | USPOOF_WHOLE_SCRIPT_CONFUSABLE, 419 420 #ifndef U_HIDE_DEPRECATED_API 421 /** 422 * This flag is deprecated and no longer affects the behavior of SpoofChecker. 423 * 424 * @deprecated ICU 58 Any case confusable mappings were removed from UTS 39; the corresponding ICU API was deprecated. 425 */ 426 USPOOF_ANY_CASE = 8, 427 #endif /* U_HIDE_DEPRECATED_API */ 428 429 /** 430 * Check that an identifier is no looser than the specified RestrictionLevel. 431 * The default if {@link uspoof_setRestrictionLevel} is not called is HIGHLY_RESTRICTIVE. 432 * 433 * If USPOOF_AUX_INFO is enabled the actual restriction level of the 434 * identifier being tested will also be returned by uspoof_check(). 435 * 436 * @see URestrictionLevel 437 * @see uspoof_setRestrictionLevel 438 * @see USPOOF_AUX_INFO 439 * 440 * @stable ICU 51 441 */ 442 USPOOF_RESTRICTION_LEVEL = 16, 443 444 #ifndef U_HIDE_DEPRECATED_API 445 /** Check that an identifier contains only characters from a 446 * single script (plus chars from the common and inherited scripts.) 447 * Applies to checks of a single identifier check only. 448 * @deprecated ICU 51 Use RESTRICTION_LEVEL instead. 449 */ 450 USPOOF_SINGLE_SCRIPT = USPOOF_RESTRICTION_LEVEL, 451 #endif /* U_HIDE_DEPRECATED_API */ 452 453 /** Check an identifier for the presence of invisible characters, 454 * such as zero-width spaces, or character sequences that are 455 * likely not to display, such as multiple occurrences of the same 456 * non-spacing mark. This check does not test the input string as a whole 457 * for conformance to any particular syntax for identifiers. 458 */ 459 USPOOF_INVISIBLE = 32, 460 461 /** Check that an identifier contains only characters from a specified set 462 * of acceptable characters. See {@link uspoof_setAllowedChars} and 463 * {@link uspoof_setAllowedLocales}. Note that a string that fails this check 464 * will also fail the {@link USPOOF_RESTRICTION_LEVEL} check. 465 */ 466 USPOOF_CHAR_LIMIT = 64, 467 468 /** 469 * Check that an identifier does not mix numbers from different numbering systems. 470 * For more information, see UTS 39 section 5.3. 471 * 472 * @stable ICU 51 473 */ 474 USPOOF_MIXED_NUMBERS = 128, 475 476 /** 477 * Check that an identifier does not have a combining character following a character in which that 478 * combining character would be hidden; for example 'i' followed by a U+0307 combining dot. 479 * 480 * More specifically, the following characters are forbidden from preceding a U+0307: 481 * <ul> 482 * <li>Those with the Soft_Dotted Unicode property (which includes 'i' and 'j')</li> 483 * <li>Latin lowercase letter 'l'</li> 484 * <li>Dotless 'i' and 'j' ('ı' and 'ȷ', U+0131 and U+0237)</li> 485 * <li>Any character whose confusable prototype ends with such a character 486 * (Soft_Dotted, 'l', 'ı', or 'ȷ')</li> 487 * </ul> 488 * In addition, combining characters are allowed between the above characters and U+0307 except those 489 * with combining class 0 or combining class "Above" (230, same class as U+0307). 490 * 491 * This list and the number of combing characters considered by this check may grow over time. 492 * 493 * @stable ICU 62 494 */ 495 USPOOF_HIDDEN_OVERLAY = 256, 496 497 /** 498 * Enable all spoof checks. 499 * 500 * @stable ICU 4.6 501 */ 502 USPOOF_ALL_CHECKS = 0xFFFF, 503 504 /** 505 * Enable the return of auxiliary (non-error) information in the 506 * upper bits of the check results value. 507 * 508 * If this "check" is not enabled, the results of {@link uspoof_check} will be 509 * zero when an identifier passes all of the enabled checks. 510 * 511 * If this "check" is enabled, (uspoof_check() & {@link USPOOF_ALL_CHECKS}) will 512 * be zero when an identifier passes all checks. 513 * 514 * @stable ICU 51 515 */ 516 USPOOF_AUX_INFO = 0x40000000 517 518 } USpoofChecks; 519 520 521 /** 522 * Constants from UAX #39 for use in {@link uspoof_setRestrictionLevel}, and 523 * for returned identifier restriction levels in check results. 524 * 525 * @stable ICU 51 526 * 527 * @see uspoof_setRestrictionLevel 528 * @see uspoof_check 529 */ 530 typedef enum URestrictionLevel { 531 /** 532 * All characters in the string are in the identifier profile and all characters in the string are in the 533 * ASCII range. 534 * 535 * @stable ICU 51 536 */ 537 USPOOF_ASCII = 0x10000000, 538 /** 539 * The string classifies as ASCII-Only, or all characters in the string are in the identifier profile and 540 * the string is single-script, according to the definition in UTS 39 section 5.1. 541 * 542 * @stable ICU 53 543 */ 544 USPOOF_SINGLE_SCRIPT_RESTRICTIVE = 0x20000000, 545 /** 546 * The string classifies as Single Script, or all characters in the string are in the identifier profile and 547 * the string is covered by any of the following sets of scripts, according to the definition in UTS 39 548 * section 5.1: 549 * <ul> 550 * <li>Latin + Han + Bopomofo (or equivalently: Latn + Hanb)</li> 551 * <li>Latin + Han + Hiragana + Katakana (or equivalently: Latn + Jpan)</li> 552 * <li>Latin + Han + Hangul (or equivalently: Latn +Kore)</li> 553 * </ul> 554 * This is the default restriction in ICU. 555 * 556 * @stable ICU 51 557 */ 558 USPOOF_HIGHLY_RESTRICTIVE = 0x30000000, 559 /** 560 * The string classifies as Highly Restrictive, or all characters in the string are in the identifier profile 561 * and the string is covered by Latin and any one other Recommended or Aspirational script, except Cyrillic, 562 * Greek, and Cherokee. 563 * 564 * @stable ICU 51 565 */ 566 USPOOF_MODERATELY_RESTRICTIVE = 0x40000000, 567 /** 568 * All characters in the string are in the identifier profile. Allow arbitrary mixtures of scripts. 569 * 570 * @stable ICU 51 571 */ 572 USPOOF_MINIMALLY_RESTRICTIVE = 0x50000000, 573 /** 574 * Any valid identifiers, including characters outside of the Identifier Profile. 575 * 576 * @stable ICU 51 577 */ 578 USPOOF_UNRESTRICTIVE = 0x60000000, 579 /** 580 * Mask for selecting the Restriction Level bits from the return value of {@link uspoof_check}. 581 * 582 * @stable ICU 53 583 */ 584 USPOOF_RESTRICTION_LEVEL_MASK = 0x7F000000, 585 #ifndef U_HIDE_INTERNAL_API 586 /** 587 * An undefined restriction level. 588 * @internal 589 */ 590 USPOOF_UNDEFINED_RESTRICTIVE = -1 591 #endif /* U_HIDE_INTERNAL_API */ 592 } URestrictionLevel; 593 594 /** 595 * Create a Unicode Spoof Checker, configured to perform all 596 * checks except for USPOOF_LOCALE_LIMIT and USPOOF_CHAR_LIMIT. 597 * Note that additional checks may be added in the future, 598 * resulting in the changes to the default checking behavior. 599 * 600 * @param status The error code, set if this function encounters a problem. 601 * @return the newly created Spoof Checker 602 * @stable ICU 4.2 603 */ 604 U_CAPI USpoofChecker * U_EXPORT2 605 uspoof_open(UErrorCode *status); 606 607 608 /** 609 * Open a Spoof checker from its serialized form, stored in 32-bit-aligned memory. 610 * Inverse of uspoof_serialize(). 611 * The memory containing the serialized data must remain valid and unchanged 612 * as long as the spoof checker, or any cloned copies of the spoof checker, 613 * are in use. Ownership of the memory remains with the caller. 614 * The spoof checker (and any clones) must be closed prior to deleting the 615 * serialized data. 616 * 617 * @param data a pointer to 32-bit-aligned memory containing the serialized form of spoof data 618 * @param length the number of bytes available at data; 619 * can be more than necessary 620 * @param pActualLength receives the actual number of bytes at data taken up by the data; 621 * can be NULL 622 * @param pErrorCode ICU error code 623 * @return the spoof checker. 624 * 625 * @see uspoof_open 626 * @see uspoof_serialize 627 * @stable ICU 4.2 628 */ 629 U_CAPI USpoofChecker * U_EXPORT2 630 uspoof_openFromSerialized(const void *data, int32_t length, int32_t *pActualLength, 631 UErrorCode *pErrorCode); 632 633 /** 634 * Open a Spoof Checker from the source form of the spoof data. 635 * The input corresponds to the Unicode data file confusables.txt 636 * as described in Unicode UAX #39. The syntax of the source data 637 * is as described in UAX #39 for this file, and the content of 638 * this file is acceptable input. 639 * 640 * The character encoding of the (char *) input text is UTF-8. 641 * 642 * @param confusables a pointer to the confusable characters definitions, 643 * as found in file confusables.txt from unicode.org. 644 * @param confusablesLen The length of the confusables text, or -1 if the 645 * input string is zero terminated. 646 * @param confusablesWholeScript 647 * Deprecated in ICU 58. No longer used. 648 * @param confusablesWholeScriptLen 649 * Deprecated in ICU 58. No longer used. 650 * @param errType In the event of an error in the input, indicates 651 * which of the input files contains the error. 652 * The value is one of USPOOF_SINGLE_SCRIPT_CONFUSABLE or 653 * USPOOF_WHOLE_SCRIPT_CONFUSABLE, or 654 * zero if no errors are found. 655 * @param pe In the event of an error in the input, receives the position 656 * in the input text (line, offset) of the error. 657 * @param status an in/out ICU UErrorCode. Among the possible errors is 658 * U_PARSE_ERROR, which is used to report syntax errors 659 * in the input. 660 * @return A spoof checker that uses the rules from the input files. 661 * @stable ICU 4.2 662 */ 663 U_CAPI USpoofChecker * U_EXPORT2 664 uspoof_openFromSource(const char *confusables, int32_t confusablesLen, 665 const char *confusablesWholeScript, int32_t confusablesWholeScriptLen, 666 int32_t *errType, UParseError *pe, UErrorCode *status); 667 668 669 /** 670 * Close a Spoof Checker, freeing any memory that was being held by 671 * its implementation. 672 * @stable ICU 4.2 673 */ 674 U_CAPI void U_EXPORT2 675 uspoof_close(USpoofChecker *sc); 676 677 /** 678 * Clone a Spoof Checker. The clone will be set to perform the same checks 679 * as the original source. 680 * 681 * @param sc The source USpoofChecker 682 * @param status The error code, set if this function encounters a problem. 683 * @return 684 * @stable ICU 4.2 685 */ 686 U_CAPI USpoofChecker * U_EXPORT2 687 uspoof_clone(const USpoofChecker *sc, UErrorCode *status); 688 689 690 /** 691 * Specify the bitmask of checks that will be performed by {@link uspoof_check}. Calling this method 692 * overwrites any checks that may have already been enabled. By default, all checks are enabled. 693 * 694 * To enable specific checks and disable all others, 695 * OR together only the bit constants for the desired checks. 696 * For example, to fail strings containing characters outside of 697 * the set specified by {@link uspoof_setAllowedChars} and 698 * also strings that contain digits from mixed numbering systems: 699 * 700 * <pre> 701 * {@code 702 * uspoof_setChecks(USPOOF_CHAR_LIMIT | USPOOF_MIXED_NUMBERS); 703 * } 704 * </pre> 705 * 706 * To disable specific checks and enable all others, 707 * start with ALL_CHECKS and "AND away" the not-desired checks. 708 * For example, if you are not planning to use the {@link uspoof_areConfusable} functionality, 709 * it is good practice to disable the CONFUSABLE check: 710 * 711 * <pre> 712 * {@code 713 * uspoof_setChecks(USPOOF_ALL_CHECKS & ~USPOOF_CONFUSABLE); 714 * } 715 * </pre> 716 * 717 * Note that methods such as {@link uspoof_setAllowedChars}, {@link uspoof_setAllowedLocales}, and 718 * {@link uspoof_setRestrictionLevel} will enable certain checks when called. Those methods will OR the check they 719 * enable onto the existing bitmask specified by this method. For more details, see the documentation of those 720 * methods. 721 * 722 * @param sc The USpoofChecker 723 * @param checks The set of checks that this spoof checker will perform. 724 * The value is a bit set, obtained by OR-ing together 725 * values from enum USpoofChecks. 726 * @param status The error code, set if this function encounters a problem. 727 * @stable ICU 4.2 728 * 729 */ 730 U_CAPI void U_EXPORT2 731 uspoof_setChecks(USpoofChecker *sc, int32_t checks, UErrorCode *status); 732 733 /** 734 * Get the set of checks that this Spoof Checker has been configured to perform. 735 * 736 * @param sc The USpoofChecker 737 * @param status The error code, set if this function encounters a problem. 738 * @return The set of checks that this spoof checker will perform. 739 * The value is a bit set, obtained by OR-ing together 740 * values from enum USpoofChecks. 741 * @stable ICU 4.2 742 * 743 */ 744 U_CAPI int32_t U_EXPORT2 745 uspoof_getChecks(const USpoofChecker *sc, UErrorCode *status); 746 747 /** 748 * Set the loosest restriction level allowed for strings. The default if this is not called is 749 * {@link USPOOF_HIGHLY_RESTRICTIVE}. Calling this method enables the {@link USPOOF_RESTRICTION_LEVEL} and 750 * {@link USPOOF_MIXED_NUMBERS} checks, corresponding to Sections 5.1 and 5.2 of UTS 39. To customize which checks are 751 * to be performed by {@link uspoof_check}, see {@link uspoof_setChecks}. 752 * 753 * @param sc The USpoofChecker 754 * @param restrictionLevel The loosest restriction level allowed. 755 * @see URestrictionLevel 756 * @stable ICU 51 757 */ 758 U_CAPI void U_EXPORT2 759 uspoof_setRestrictionLevel(USpoofChecker *sc, URestrictionLevel restrictionLevel); 760 761 762 /** 763 * Get the Restriction Level that will be tested if the checks include {@link USPOOF_RESTRICTION_LEVEL}. 764 * 765 * @return The restriction level 766 * @see URestrictionLevel 767 * @stable ICU 51 768 */ 769 U_CAPI URestrictionLevel U_EXPORT2 770 uspoof_getRestrictionLevel(const USpoofChecker *sc); 771 772 /** 773 * Limit characters that are acceptable in identifiers being checked to those 774 * normally used with the languages associated with the specified locales. 775 * Any previously specified list of locales is replaced by the new settings. 776 * 777 * A set of languages is determined from the locale(s), and 778 * from those a set of acceptable Unicode scripts is determined. 779 * Characters from this set of scripts, along with characters from 780 * the "common" and "inherited" Unicode Script categories 781 * will be permitted. 782 * 783 * Supplying an empty string removes all restrictions; 784 * characters from any script will be allowed. 785 * 786 * The {@link USPOOF_CHAR_LIMIT} test is automatically enabled for this 787 * USpoofChecker when calling this function with a non-empty list 788 * of locales. 789 * 790 * The Unicode Set of characters that will be allowed is accessible 791 * via the uspoof_getAllowedChars() function. uspoof_setAllowedLocales() 792 * will <i>replace</i> any previously applied set of allowed characters. 793 * 794 * Adjustments, such as additions or deletions of certain classes of characters, 795 * can be made to the result of uspoof_setAllowedLocales() by 796 * fetching the resulting set with uspoof_getAllowedChars(), 797 * manipulating it with the Unicode Set API, then resetting the 798 * spoof detectors limits with uspoof_setAllowedChars(). 799 * 800 * @param sc The USpoofChecker 801 * @param localesList A list list of locales, from which the language 802 * and associated script are extracted. The locales 803 * are comma-separated if there is more than one. 804 * White space may not appear within an individual locale, 805 * but is ignored otherwise. 806 * The locales are syntactically like those from the 807 * HTTP Accept-Language header. 808 * If the localesList is empty, no restrictions will be placed on 809 * the allowed characters. 810 * 811 * @param status The error code, set if this function encounters a problem. 812 * @stable ICU 4.2 813 */ 814 U_CAPI void U_EXPORT2 815 uspoof_setAllowedLocales(USpoofChecker *sc, const char *localesList, UErrorCode *status); 816 817 /** 818 * Get a list of locales for the scripts that are acceptable in strings 819 * to be checked. If no limitations on scripts have been specified, 820 * an empty string will be returned. 821 * 822 * uspoof_setAllowedChars() will reset the list of allowed to be empty. 823 * 824 * The format of the returned list is the same as that supplied to 825 * uspoof_setAllowedLocales(), but returned list may not be identical 826 * to the originally specified string; the string may be reformatted, 827 * and information other than languages from 828 * the originally specified locales may be omitted. 829 * 830 * @param sc The USpoofChecker 831 * @param status The error code, set if this function encounters a problem. 832 * @return A string containing a list of locales corresponding 833 * to the acceptable scripts, formatted like an 834 * HTTP Accept Language value. 835 * 836 * @stable ICU 4.2 837 */ 838 U_CAPI const char * U_EXPORT2 839 uspoof_getAllowedLocales(USpoofChecker *sc, UErrorCode *status); 840 841 842 /** 843 * Limit the acceptable characters to those specified by a Unicode Set. 844 * Any previously specified character limit is 845 * is replaced by the new settings. This includes limits on 846 * characters that were set with the uspoof_setAllowedLocales() function. 847 * 848 * The USPOOF_CHAR_LIMIT test is automatically enabled for this 849 * USpoofChecker by this function. 850 * 851 * @param sc The USpoofChecker 852 * @param chars A Unicode Set containing the list of 853 * characters that are permitted. Ownership of the set 854 * remains with the caller. The incoming set is cloned by 855 * this function, so there are no restrictions on modifying 856 * or deleting the USet after calling this function. 857 * @param status The error code, set if this function encounters a problem. 858 * @stable ICU 4.2 859 */ 860 U_CAPI void U_EXPORT2 861 uspoof_setAllowedChars(USpoofChecker *sc, const USet *chars, UErrorCode *status); 862 863 864 /** 865 * Get a USet for the characters permitted in an identifier. 866 * This corresponds to the limits imposed by the Set Allowed Characters 867 * functions. Limitations imposed by other checks will not be 868 * reflected in the set returned by this function. 869 * 870 * The returned set will be frozen, meaning that it cannot be modified 871 * by the caller. 872 * 873 * Ownership of the returned set remains with the Spoof Detector. The 874 * returned set will become invalid if the spoof detector is closed, 875 * or if a new set of allowed characters is specified. 876 * 877 * 878 * @param sc The USpoofChecker 879 * @param status The error code, set if this function encounters a problem. 880 * @return A USet containing the characters that are permitted by 881 * the USPOOF_CHAR_LIMIT test. 882 * @stable ICU 4.2 883 */ 884 U_CAPI const USet * U_EXPORT2 885 uspoof_getAllowedChars(const USpoofChecker *sc, UErrorCode *status); 886 887 888 /** 889 * Check the specified string for possible security issues. 890 * The text to be checked will typically be an identifier of some sort. 891 * The set of checks to be performed is specified with uspoof_setChecks(). 892 * 893 * \note 894 * Consider using the newer API, {@link uspoof_check2}, instead. 895 * The newer API exposes additional information from the check procedure 896 * and is otherwise identical to this method. 897 * 898 * @param sc The USpoofChecker 899 * @param id The identifier to be checked for possible security issues, 900 * in UTF-16 format. 901 * @param length the length of the string to be checked, expressed in 902 * 16 bit UTF-16 code units, or -1 if the string is 903 * zero terminated. 904 * @param position Deprecated in ICU 51. Always returns zero. 905 * Originally, an out parameter for the index of the first 906 * string position that failed a check. 907 * This parameter may be NULL. 908 * @param status The error code, set if an error occurred while attempting to 909 * perform the check. 910 * Spoofing or security issues detected with the input string are 911 * not reported here, but through the function's return value. 912 * @return An integer value with bits set for any potential security 913 * or spoofing issues detected. The bits are defined by 914 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS) 915 * will be zero if the input string passes all of the 916 * enabled checks. 917 * @see uspoof_check2 918 * @stable ICU 4.2 919 */ 920 U_CAPI int32_t U_EXPORT2 921 uspoof_check(const USpoofChecker *sc, 922 const UChar *id, int32_t length, 923 int32_t *position, 924 UErrorCode *status); 925 926 927 /** 928 * Check the specified string for possible security issues. 929 * The text to be checked will typically be an identifier of some sort. 930 * The set of checks to be performed is specified with uspoof_setChecks(). 931 * 932 * \note 933 * Consider using the newer API, {@link uspoof_check2UTF8}, instead. 934 * The newer API exposes additional information from the check procedure 935 * and is otherwise identical to this method. 936 * 937 * @param sc The USpoofChecker 938 * @param id A identifier to be checked for possible security issues, in UTF8 format. 939 * @param length the length of the string to be checked, or -1 if the string is 940 * zero terminated. 941 * @param position Deprecated in ICU 51. Always returns zero. 942 * Originally, an out parameter for the index of the first 943 * string position that failed a check. 944 * This parameter may be NULL. 945 * @param status The error code, set if an error occurred while attempting to 946 * perform the check. 947 * Spoofing or security issues detected with the input string are 948 * not reported here, but through the function's return value. 949 * If the input contains invalid UTF-8 sequences, 950 * a status of U_INVALID_CHAR_FOUND will be returned. 951 * @return An integer value with bits set for any potential security 952 * or spoofing issues detected. The bits are defined by 953 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS) 954 * will be zero if the input string passes all of the 955 * enabled checks. 956 * @see uspoof_check2UTF8 957 * @stable ICU 4.2 958 */ 959 U_CAPI int32_t U_EXPORT2 960 uspoof_checkUTF8(const USpoofChecker *sc, 961 const char *id, int32_t length, 962 int32_t *position, 963 UErrorCode *status); 964 965 966 /** 967 * Check the specified string for possible security issues. 968 * The text to be checked will typically be an identifier of some sort. 969 * The set of checks to be performed is specified with uspoof_setChecks(). 970 * 971 * @param sc The USpoofChecker 972 * @param id The identifier to be checked for possible security issues, 973 * in UTF-16 format. 974 * @param length the length of the string to be checked, or -1 if the string is 975 * zero terminated. 976 * @param checkResult An instance of USpoofCheckResult to be filled with 977 * details about the identifier. Can be NULL. 978 * @param status The error code, set if an error occurred while attempting to 979 * perform the check. 980 * Spoofing or security issues detected with the input string are 981 * not reported here, but through the function's return value. 982 * @return An integer value with bits set for any potential security 983 * or spoofing issues detected. The bits are defined by 984 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS) 985 * will be zero if the input string passes all of the 986 * enabled checks. Any information in this bitmask will be 987 * consistent with the information saved in the optional 988 * checkResult parameter. 989 * @see uspoof_openCheckResult 990 * @see uspoof_check2UTF8 991 * @see uspoof_check2UnicodeString 992 * @stable ICU 58 993 */ 994 U_CAPI int32_t U_EXPORT2 995 uspoof_check2(const USpoofChecker *sc, 996 const UChar* id, int32_t length, 997 USpoofCheckResult* checkResult, 998 UErrorCode *status); 999 1000 /** 1001 * Check the specified string for possible security issues. 1002 * The text to be checked will typically be an identifier of some sort. 1003 * The set of checks to be performed is specified with uspoof_setChecks(). 1004 * 1005 * This version of {@link uspoof_check} accepts a USpoofCheckResult, which 1006 * returns additional information about the identifier. For more 1007 * information, see {@link uspoof_openCheckResult}. 1008 * 1009 * @param sc The USpoofChecker 1010 * @param id A identifier to be checked for possible security issues, in UTF8 format. 1011 * @param length the length of the string to be checked, or -1 if the string is 1012 * zero terminated. 1013 * @param checkResult An instance of USpoofCheckResult to be filled with 1014 * details about the identifier. Can be NULL. 1015 * @param status The error code, set if an error occurred while attempting to 1016 * perform the check. 1017 * Spoofing or security issues detected with the input string are 1018 * not reported here, but through the function's return value. 1019 * @return An integer value with bits set for any potential security 1020 * or spoofing issues detected. The bits are defined by 1021 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS) 1022 * will be zero if the input string passes all of the 1023 * enabled checks. Any information in this bitmask will be 1024 * consistent with the information saved in the optional 1025 * checkResult parameter. 1026 * @see uspoof_openCheckResult 1027 * @see uspoof_check2 1028 * @see uspoof_check2UnicodeString 1029 * @stable ICU 58 1030 */ 1031 U_CAPI int32_t U_EXPORT2 1032 uspoof_check2UTF8(const USpoofChecker *sc, 1033 const char *id, int32_t length, 1034 USpoofCheckResult* checkResult, 1035 UErrorCode *status); 1036 1037 /** 1038 * Create a USpoofCheckResult, used by the {@link uspoof_check2} class of functions to return 1039 * information about the identifier. Information includes: 1040 * <ul> 1041 * <li>A bitmask of the checks that failed</li> 1042 * <li>The identifier's restriction level (UTS 39 section 5.2)</li> 1043 * <li>The set of numerics in the string (UTS 39 section 5.3)</li> 1044 * </ul> 1045 * The data held in a USpoofCheckResult is cleared whenever it is passed into a new call 1046 * of {@link uspoof_check2}. 1047 * 1048 * @param status The error code, set if this function encounters a problem. 1049 * @return the newly created USpoofCheckResult 1050 * @see uspoof_check2 1051 * @see uspoof_check2UTF8 1052 * @see uspoof_check2UnicodeString 1053 * @stable ICU 58 1054 */ 1055 U_CAPI USpoofCheckResult* U_EXPORT2 1056 uspoof_openCheckResult(UErrorCode *status); 1057 1058 /** 1059 * Close a USpoofCheckResult, freeing any memory that was being held by 1060 * its implementation. 1061 * 1062 * @param checkResult The instance of USpoofCheckResult to close 1063 * @stable ICU 58 1064 */ 1065 U_CAPI void U_EXPORT2 1066 uspoof_closeCheckResult(USpoofCheckResult *checkResult); 1067 1068 /** 1069 * Indicates which of the spoof check(s) have failed. The value is a bitwise OR of the constants for the tests 1070 * in question: USPOOF_RESTRICTION_LEVEL, USPOOF_CHAR_LIMIT, and so on. 1071 * 1072 * @param checkResult The instance of USpoofCheckResult created by {@link uspoof_openCheckResult} 1073 * @param status The error code, set if an error occurred. 1074 * @return An integer value with bits set for any potential security 1075 * or spoofing issues detected. The bits are defined by 1076 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS) 1077 * will be zero if the input string passes all of the 1078 * enabled checks. 1079 * @see uspoof_setChecks 1080 * @stable ICU 58 1081 */ 1082 U_CAPI int32_t U_EXPORT2 1083 uspoof_getCheckResultChecks(const USpoofCheckResult *checkResult, UErrorCode *status); 1084 1085 /** 1086 * Gets the restriction level that the text meets, if the USPOOF_RESTRICTION_LEVEL check 1087 * was enabled; otherwise, undefined. 1088 * 1089 * @param checkResult The instance of USpoofCheckResult created by {@link uspoof_openCheckResult} 1090 * @param status The error code, set if an error occurred. 1091 * @return The restriction level contained in the USpoofCheckResult 1092 * @see uspoof_setRestrictionLevel 1093 * @stable ICU 58 1094 */ 1095 U_CAPI URestrictionLevel U_EXPORT2 1096 uspoof_getCheckResultRestrictionLevel(const USpoofCheckResult *checkResult, UErrorCode *status); 1097 1098 /** 1099 * Gets the set of numerics found in the string, if the USPOOF_MIXED_NUMBERS check was enabled; 1100 * otherwise, undefined. The set will contain the zero digit from each decimal number system found 1101 * in the input string. Ownership of the returned USet remains with the USpoofCheckResult. 1102 * The USet will be free'd when {@link uspoof_closeCheckResult} is called. 1103 * 1104 * @param checkResult The instance of USpoofCheckResult created by {@link uspoof_openCheckResult} 1105 * @return The set of numerics contained in the USpoofCheckResult 1106 * @param status The error code, set if an error occurred. 1107 * @stable ICU 58 1108 */ 1109 U_CAPI const USet* U_EXPORT2 1110 uspoof_getCheckResultNumerics(const USpoofCheckResult *checkResult, UErrorCode *status); 1111 1112 1113 /** 1114 * Check the whether two specified strings are visually confusable. 1115 * 1116 * If the strings are confusable, the return value will be nonzero, as long as 1117 * {@link USPOOF_CONFUSABLE} was enabled in uspoof_setChecks(). 1118 * 1119 * The bits in the return value correspond to flags for each of the classes of 1120 * confusables applicable to the two input strings. According to UTS 39 1121 * section 4, the possible flags are: 1122 * 1123 * <ul> 1124 * <li>{@link USPOOF_SINGLE_SCRIPT_CONFUSABLE}</li> 1125 * <li>{@link USPOOF_MIXED_SCRIPT_CONFUSABLE}</li> 1126 * <li>{@link USPOOF_WHOLE_SCRIPT_CONFUSABLE}</li> 1127 * </ul> 1128 * 1129 * If one or more of the above flags were not listed in uspoof_setChecks(), this 1130 * function will never report that class of confusable. The check 1131 * {@link USPOOF_CONFUSABLE} enables all three flags. 1132 * 1133 * 1134 * @param sc The USpoofChecker 1135 * @param id1 The first of the two identifiers to be compared for 1136 * confusability. The strings are in UTF-16 format. 1137 * @param length1 the length of the first identifier, expressed in 1138 * 16 bit UTF-16 code units, or -1 if the string is 1139 * nul terminated. 1140 * @param id2 The second of the two identifiers to be compared for 1141 * confusability. The identifiers are in UTF-16 format. 1142 * @param length2 The length of the second identifiers, expressed in 1143 * 16 bit UTF-16 code units, or -1 if the string is 1144 * nul terminated. 1145 * @param status The error code, set if an error occurred while attempting to 1146 * perform the check. 1147 * Confusability of the identifiers is not reported here, 1148 * but through this function's return value. 1149 * @return An integer value with bit(s) set corresponding to 1150 * the type of confusability found, as defined by 1151 * enum USpoofChecks. Zero is returned if the identifiers 1152 * are not confusable. 1153 * 1154 * @stable ICU 4.2 1155 */ 1156 U_CAPI int32_t U_EXPORT2 1157 uspoof_areConfusable(const USpoofChecker *sc, 1158 const UChar *id1, int32_t length1, 1159 const UChar *id2, int32_t length2, 1160 UErrorCode *status); 1161 1162 1163 1164 /** 1165 * A version of {@link uspoof_areConfusable} accepting strings in UTF-8 format. 1166 * 1167 * @param sc The USpoofChecker 1168 * @param id1 The first of the two identifiers to be compared for 1169 * confusability. The strings are in UTF-8 format. 1170 * @param length1 the length of the first identifiers, in bytes, or -1 1171 * if the string is nul terminated. 1172 * @param id2 The second of the two identifiers to be compared for 1173 * confusability. The strings are in UTF-8 format. 1174 * @param length2 The length of the second string in bytes, or -1 1175 * if the string is nul terminated. 1176 * @param status The error code, set if an error occurred while attempting to 1177 * perform the check. 1178 * Confusability of the strings is not reported here, 1179 * but through this function's return value. 1180 * @return An integer value with bit(s) set corresponding to 1181 * the type of confusability found, as defined by 1182 * enum USpoofChecks. Zero is returned if the strings 1183 * are not confusable. 1184 * 1185 * @stable ICU 4.2 1186 * 1187 * @see uspoof_areConfusable 1188 */ 1189 U_CAPI int32_t U_EXPORT2 1190 uspoof_areConfusableUTF8(const USpoofChecker *sc, 1191 const char *id1, int32_t length1, 1192 const char *id2, int32_t length2, 1193 UErrorCode *status); 1194 1195 1196 1197 1198 /** 1199 * Get the "skeleton" for an identifier. 1200 * Skeletons are a transformation of the input identifier; 1201 * Two identifiers are confusable if their skeletons are identical. 1202 * See Unicode UAX #39 for additional information. 1203 * 1204 * Using skeletons directly makes it possible to quickly check 1205 * whether an identifier is confusable with any of some large 1206 * set of existing identifiers, by creating an efficiently 1207 * searchable collection of the skeletons. 1208 * 1209 * @param sc The USpoofChecker 1210 * @param type Deprecated in ICU 58. You may pass any number. 1211 * Originally, controlled which of the Unicode confusable data 1212 * tables to use. 1213 * @param id The input identifier whose skeleton will be computed. 1214 * @param length The length of the input identifier, expressed in 16 bit 1215 * UTF-16 code units, or -1 if the string is zero terminated. 1216 * @param dest The output buffer, to receive the skeleton string. 1217 * @param destCapacity The length of the output buffer, in 16 bit units. 1218 * The destCapacity may be zero, in which case the function will 1219 * return the actual length of the skeleton. 1220 * @param status The error code, set if an error occurred while attempting to 1221 * perform the check. 1222 * @return The length of the skeleton string. The returned length 1223 * is always that of the complete skeleton, even when the 1224 * supplied buffer is too small (or of zero length) 1225 * 1226 * @stable ICU 4.2 1227 * @see uspoof_areConfusable 1228 */ 1229 U_CAPI int32_t U_EXPORT2 1230 uspoof_getSkeleton(const USpoofChecker *sc, 1231 uint32_t type, 1232 const UChar *id, int32_t length, 1233 UChar *dest, int32_t destCapacity, 1234 UErrorCode *status); 1235 1236 /** 1237 * Get the "skeleton" for an identifier. 1238 * Skeletons are a transformation of the input identifier; 1239 * Two identifiers are confusable if their skeletons are identical. 1240 * See Unicode UAX #39 for additional information. 1241 * 1242 * Using skeletons directly makes it possible to quickly check 1243 * whether an identifier is confusable with any of some large 1244 * set of existing identifiers, by creating an efficiently 1245 * searchable collection of the skeletons. 1246 * 1247 * @param sc The USpoofChecker 1248 * @param type Deprecated in ICU 58. You may pass any number. 1249 * Originally, controlled which of the Unicode confusable data 1250 * tables to use. 1251 * @param id The UTF-8 format identifier whose skeleton will be computed. 1252 * @param length The length of the input string, in bytes, 1253 * or -1 if the string is zero terminated. 1254 * @param dest The output buffer, to receive the skeleton string. 1255 * @param destCapacity The length of the output buffer, in bytes. 1256 * The destCapacity may be zero, in which case the function will 1257 * return the actual length of the skeleton. 1258 * @param status The error code, set if an error occurred while attempting to 1259 * perform the check. Possible Errors include U_INVALID_CHAR_FOUND 1260 * for invalid UTF-8 sequences, and 1261 * U_BUFFER_OVERFLOW_ERROR if the destination buffer is too small 1262 * to hold the complete skeleton. 1263 * @return The length of the skeleton string, in bytes. The returned length 1264 * is always that of the complete skeleton, even when the 1265 * supplied buffer is too small (or of zero length) 1266 * 1267 * @stable ICU 4.2 1268 */ 1269 U_CAPI int32_t U_EXPORT2 1270 uspoof_getSkeletonUTF8(const USpoofChecker *sc, 1271 uint32_t type, 1272 const char *id, int32_t length, 1273 char *dest, int32_t destCapacity, 1274 UErrorCode *status); 1275 1276 /** 1277 * Get the set of Candidate Characters for Inclusion in Identifiers, as defined 1278 * in http://unicode.org/Public/security/latest/xidmodifications.txt 1279 * and documented in http://www.unicode.org/reports/tr39/, Unicode Security Mechanisms. 1280 * 1281 * The returned set is frozen. Ownership of the set remains with the ICU library; it must not 1282 * be deleted by the caller. 1283 * 1284 * @param status The error code, set if a problem occurs while creating the set. 1285 * 1286 * @stable ICU 51 1287 */ 1288 U_CAPI const USet * U_EXPORT2 1289 uspoof_getInclusionSet(UErrorCode *status); 1290 1291 /** 1292 * Get the set of characters from Recommended Scripts for Inclusion in Identifiers, as defined 1293 * in http://unicode.org/Public/security/latest/xidmodifications.txt 1294 * and documented in http://www.unicode.org/reports/tr39/, Unicode Security Mechanisms. 1295 * 1296 * The returned set is frozen. Ownership of the set remains with the ICU library; it must not 1297 * be deleted by the caller. 1298 * 1299 * @param status The error code, set if a problem occurs while creating the set. 1300 * 1301 * @stable ICU 51 1302 */ 1303 U_CAPI const USet * U_EXPORT2 1304 uspoof_getRecommendedSet(UErrorCode *status); 1305 1306 /** 1307 * Serialize the data for a spoof detector into a chunk of memory. 1308 * The flattened spoof detection tables can later be used to efficiently 1309 * instantiate a new Spoof Detector. 1310 * 1311 * The serialized spoof checker includes only the data compiled from the 1312 * Unicode data tables by uspoof_openFromSource(); it does not include 1313 * include any other state or configuration that may have been set. 1314 * 1315 * @param sc the Spoof Detector whose data is to be serialized. 1316 * @param data a pointer to 32-bit-aligned memory to be filled with the data, 1317 * can be NULL if capacity==0 1318 * @param capacity the number of bytes available at data, 1319 * or 0 for preflighting 1320 * @param status an in/out ICU UErrorCode; possible errors include: 1321 * - U_BUFFER_OVERFLOW_ERROR if the data storage block is too small for serialization 1322 * - U_ILLEGAL_ARGUMENT_ERROR the data or capacity parameters are bad 1323 * @return the number of bytes written or needed for the spoof data 1324 * 1325 * @see utrie2_openFromSerialized() 1326 * @stable ICU 4.2 1327 */ 1328 U_CAPI int32_t U_EXPORT2 1329 uspoof_serialize(USpoofChecker *sc, 1330 void *data, int32_t capacity, 1331 UErrorCode *status); 1332 1333 U_CDECL_END 1334 1335 #if U_SHOW_CPLUSPLUS_API 1336 1337 U_NAMESPACE_BEGIN 1338 1339 /** 1340 * \class LocalUSpoofCheckerPointer 1341 * "Smart pointer" class, closes a USpoofChecker via uspoof_close(). 1342 * For most methods see the LocalPointerBase base class. 1343 * 1344 * @see LocalPointerBase 1345 * @see LocalPointer 1346 * @stable ICU 4.4 1347 */ 1348 /** 1349 * \cond 1350 * Note: Doxygen is giving a bogus warning on this U_DEFINE_LOCAL_OPEN_POINTER. 1351 * For now, suppress with a Doxygen cond 1352 */ 1353 U_DEFINE_LOCAL_OPEN_POINTER(LocalUSpoofCheckerPointer, USpoofChecker, uspoof_close); 1354 /** \endcond */ 1355 1356 /** 1357 * \class LocalUSpoofCheckResultPointer 1358 * "Smart pointer" class, closes a USpoofCheckResult via `uspoof_closeCheckResult()`. 1359 * For most methods see the LocalPointerBase base class. 1360 * 1361 * @see LocalPointerBase 1362 * @see LocalPointer 1363 * @stable ICU 58 1364 */ 1365 1366 /** 1367 * \cond 1368 * Note: Doxygen is giving a bogus warning on this U_DEFINE_LOCAL_OPEN_POINTER. 1369 * For now, suppress with a Doxygen cond 1370 */ 1371 U_DEFINE_LOCAL_OPEN_POINTER(LocalUSpoofCheckResultPointer, USpoofCheckResult, uspoof_closeCheckResult); 1372 /** \endcond */ 1373 1374 U_NAMESPACE_END 1375 1376 /** 1377 * Limit the acceptable characters to those specified by a Unicode Set. 1378 * Any previously specified character limit is 1379 * is replaced by the new settings. This includes limits on 1380 * characters that were set with the uspoof_setAllowedLocales() function. 1381 * 1382 * The USPOOF_CHAR_LIMIT test is automatically enabled for this 1383 * USoofChecker by this function. 1384 * 1385 * @param sc The USpoofChecker 1386 * @param chars A Unicode Set containing the list of 1387 * characters that are permitted. Ownership of the set 1388 * remains with the caller. The incoming set is cloned by 1389 * this function, so there are no restrictions on modifying 1390 * or deleting the UnicodeSet after calling this function. 1391 * @param status The error code, set if this function encounters a problem. 1392 * @stable ICU 4.2 1393 */ 1394 U_CAPI void U_EXPORT2 1395 uspoof_setAllowedUnicodeSet(USpoofChecker *sc, const icu::UnicodeSet *chars, UErrorCode *status); 1396 1397 1398 /** 1399 * Get a UnicodeSet for the characters permitted in an identifier. 1400 * This corresponds to the limits imposed by the Set Allowed Characters / 1401 * UnicodeSet functions. Limitations imposed by other checks will not be 1402 * reflected in the set returned by this function. 1403 * 1404 * The returned set will be frozen, meaning that it cannot be modified 1405 * by the caller. 1406 * 1407 * Ownership of the returned set remains with the Spoof Detector. The 1408 * returned set will become invalid if the spoof detector is closed, 1409 * or if a new set of allowed characters is specified. 1410 * 1411 * 1412 * @param sc The USpoofChecker 1413 * @param status The error code, set if this function encounters a problem. 1414 * @return A UnicodeSet containing the characters that are permitted by 1415 * the USPOOF_CHAR_LIMIT test. 1416 * @stable ICU 4.2 1417 */ 1418 U_CAPI const icu::UnicodeSet * U_EXPORT2 1419 uspoof_getAllowedUnicodeSet(const USpoofChecker *sc, UErrorCode *status); 1420 1421 /** 1422 * Check the specified string for possible security issues. 1423 * The text to be checked will typically be an identifier of some sort. 1424 * The set of checks to be performed is specified with uspoof_setChecks(). 1425 * 1426 * \note 1427 * Consider using the newer API, {@link uspoof_check2UnicodeString}, instead. 1428 * The newer API exposes additional information from the check procedure 1429 * and is otherwise identical to this method. 1430 * 1431 * @param sc The USpoofChecker 1432 * @param id A identifier to be checked for possible security issues. 1433 * @param position Deprecated in ICU 51. Always returns zero. 1434 * Originally, an out parameter for the index of the first 1435 * string position that failed a check. 1436 * This parameter may be NULL. 1437 * @param status The error code, set if an error occurred while attempting to 1438 * perform the check. 1439 * Spoofing or security issues detected with the input string are 1440 * not reported here, but through the function's return value. 1441 * @return An integer value with bits set for any potential security 1442 * or spoofing issues detected. The bits are defined by 1443 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS) 1444 * will be zero if the input string passes all of the 1445 * enabled checks. 1446 * @see uspoof_check2UnicodeString 1447 * @stable ICU 4.2 1448 */ 1449 U_CAPI int32_t U_EXPORT2 1450 uspoof_checkUnicodeString(const USpoofChecker *sc, 1451 const icu::UnicodeString &id, 1452 int32_t *position, 1453 UErrorCode *status); 1454 1455 /** 1456 * Check the specified string for possible security issues. 1457 * The text to be checked will typically be an identifier of some sort. 1458 * The set of checks to be performed is specified with uspoof_setChecks(). 1459 * 1460 * @param sc The USpoofChecker 1461 * @param id A identifier to be checked for possible security issues. 1462 * @param checkResult An instance of USpoofCheckResult to be filled with 1463 * details about the identifier. Can be NULL. 1464 * @param status The error code, set if an error occurred while attempting to 1465 * perform the check. 1466 * Spoofing or security issues detected with the input string are 1467 * not reported here, but through the function's return value. 1468 * @return An integer value with bits set for any potential security 1469 * or spoofing issues detected. The bits are defined by 1470 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS) 1471 * will be zero if the input string passes all of the 1472 * enabled checks. Any information in this bitmask will be 1473 * consistent with the information saved in the optional 1474 * checkResult parameter. 1475 * @see uspoof_openCheckResult 1476 * @see uspoof_check2 1477 * @see uspoof_check2UTF8 1478 * @stable ICU 58 1479 */ 1480 U_CAPI int32_t U_EXPORT2 1481 uspoof_check2UnicodeString(const USpoofChecker *sc, 1482 const icu::UnicodeString &id, 1483 USpoofCheckResult* checkResult, 1484 UErrorCode *status); 1485 1486 /** 1487 * A version of {@link uspoof_areConfusable} accepting UnicodeStrings. 1488 * 1489 * @param sc The USpoofChecker 1490 * @param s1 The first of the two identifiers to be compared for 1491 * confusability. The strings are in UTF-8 format. 1492 * @param s2 The second of the two identifiers to be compared for 1493 * confusability. The strings are in UTF-8 format. 1494 * @param status The error code, set if an error occurred while attempting to 1495 * perform the check. 1496 * Confusability of the identifiers is not reported here, 1497 * but through this function's return value. 1498 * @return An integer value with bit(s) set corresponding to 1499 * the type of confusability found, as defined by 1500 * enum USpoofChecks. Zero is returned if the identifiers 1501 * are not confusable. 1502 * 1503 * @stable ICU 4.2 1504 * 1505 * @see uspoof_areConfusable 1506 */ 1507 U_CAPI int32_t U_EXPORT2 1508 uspoof_areConfusableUnicodeString(const USpoofChecker *sc, 1509 const icu::UnicodeString &s1, 1510 const icu::UnicodeString &s2, 1511 UErrorCode *status); 1512 1513 /** 1514 * Get the "skeleton" for an identifier. 1515 * Skeletons are a transformation of the input identifier; 1516 * Two identifiers are confusable if their skeletons are identical. 1517 * See Unicode UAX #39 for additional information. 1518 * 1519 * Using skeletons directly makes it possible to quickly check 1520 * whether an identifier is confusable with any of some large 1521 * set of existing identifiers, by creating an efficiently 1522 * searchable collection of the skeletons. 1523 * 1524 * @param sc The USpoofChecker. 1525 * @param type Deprecated in ICU 58. You may pass any number. 1526 * Originally, controlled which of the Unicode confusable data 1527 * tables to use. 1528 * @param id The input identifier whose skeleton will be computed. 1529 * @param dest The output identifier, to receive the skeleton string. 1530 * @param status The error code, set if an error occurred while attempting to 1531 * perform the check. 1532 * @return A reference to the destination (skeleton) string. 1533 * 1534 * @stable ICU 4.2 1535 */ 1536 U_I18N_API icu::UnicodeString & U_EXPORT2 1537 uspoof_getSkeletonUnicodeString(const USpoofChecker *sc, 1538 uint32_t type, 1539 const icu::UnicodeString &id, 1540 icu::UnicodeString &dest, 1541 UErrorCode *status); 1542 1543 /** 1544 * Get the set of Candidate Characters for Inclusion in Identifiers, as defined 1545 * in http://unicode.org/Public/security/latest/xidmodifications.txt 1546 * and documented in http://www.unicode.org/reports/tr39/, Unicode Security Mechanisms. 1547 * 1548 * The returned set is frozen. Ownership of the set remains with the ICU library; it must not 1549 * be deleted by the caller. 1550 * 1551 * @param status The error code, set if a problem occurs while creating the set. 1552 * 1553 * @stable ICU 51 1554 */ 1555 U_CAPI const icu::UnicodeSet * U_EXPORT2 1556 uspoof_getInclusionUnicodeSet(UErrorCode *status); 1557 1558 /** 1559 * Get the set of characters from Recommended Scripts for Inclusion in Identifiers, as defined 1560 * in http://unicode.org/Public/security/latest/xidmodifications.txt 1561 * and documented in http://www.unicode.org/reports/tr39/, Unicode Security Mechanisms. 1562 * 1563 * The returned set is frozen. Ownership of the set remains with the ICU library; it must not 1564 * be deleted by the caller. 1565 * 1566 * @param status The error code, set if a problem occurs while creating the set. 1567 * 1568 * @stable ICU 51 1569 */ 1570 U_CAPI const icu::UnicodeSet * U_EXPORT2 1571 uspoof_getRecommendedUnicodeSet(UErrorCode *status); 1572 1573 #endif /* U_SHOW_CPLUSPLUS_API */ 1574 1575 #endif /* UCONFIG_NO_NORMALIZATION */ 1576 1577 #endif /* USPOOF_H */ 1578