/src/openssl/crypto/punycode.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved. |
3 | | * |
4 | | * Licensed under the Apache License 2.0 (the "License"). You may not use |
5 | | * this file except in compliance with the License. You can obtain a copy |
6 | | * in the file LICENSE in the source distribution or at |
7 | | * https://www.openssl.org/source/license.html |
8 | | */ |
9 | | |
10 | | #include <stddef.h> |
11 | | #include <stdio.h> |
12 | | #include <openssl/e_os2.h> |
13 | | #include "crypto/punycode.h" |
14 | | #include "internal/common.h" /* for HAS_PREFIX */ |
15 | | #include "internal/packet.h" /* for WPACKET */ |
16 | | |
17 | | static const unsigned int base = 36; |
18 | | static const unsigned int tmin = 1; |
19 | | static const unsigned int tmax = 26; |
20 | | static const unsigned int skew = 38; |
21 | | static const unsigned int damp = 700; |
22 | | static const unsigned int initial_bias = 72; |
23 | | static const unsigned int initial_n = 0x80; |
24 | | static const unsigned int maxint = 0xFFFFFFFF; |
25 | | static const char delimiter = '-'; |
26 | | |
27 | 0 | #define LABEL_BUF_SIZE 512 |
28 | | |
29 | | /*- |
30 | | * Pseudocode: |
31 | | * |
32 | | * function adapt(delta,numpoints,firsttime): |
33 | | * if firsttime then let delta = delta div damp |
34 | | * else let delta = delta div 2 |
35 | | * let delta = delta + (delta div numpoints) |
36 | | * let k = 0 |
37 | | * while delta > ((base - tmin) * tmax) div 2 do begin |
38 | | * let delta = delta div (base - tmin) |
39 | | * let k = k + base |
40 | | * end |
41 | | * return k + (((base - tmin + 1) * delta) div (delta + skew)) |
42 | | */ |
43 | | |
44 | | static int adapt(unsigned int delta, unsigned int numpoints, |
45 | | unsigned int firsttime) |
46 | 0 | { |
47 | 0 | unsigned int k = 0; |
48 | |
|
49 | 0 | delta = (firsttime) ? delta / damp : delta / 2; |
50 | 0 | delta = delta + delta / numpoints; |
51 | |
|
52 | 0 | while (delta > ((base - tmin) * tmax) / 2) { |
53 | 0 | delta = delta / (base - tmin); |
54 | 0 | k = k + base; |
55 | 0 | } |
56 | |
|
57 | 0 | return k + (((base - tmin + 1) * delta) / (delta + skew)); |
58 | 0 | } |
59 | | |
60 | | static ossl_inline int is_basic(unsigned int a) |
61 | 0 | { |
62 | 0 | return (a < 0x80) ? 1 : 0; |
63 | 0 | } |
64 | | |
65 | | /*- |
66 | | * code points digit-values |
67 | | * ------------ ---------------------- |
68 | | * 41..5A (A-Z) = 0 to 25, respectively |
69 | | * 61..7A (a-z) = 0 to 25, respectively |
70 | | * 30..39 (0-9) = 26 to 35, respectively |
71 | | */ |
72 | | static ossl_inline int digit_decoded(const unsigned char a) |
73 | 0 | { |
74 | 0 | if (a >= 0x41 && a <= 0x5A) |
75 | 0 | return a - 0x41; |
76 | | |
77 | 0 | if (a >= 0x61 && a <= 0x7A) |
78 | 0 | return a - 0x61; |
79 | | |
80 | 0 | if (a >= 0x30 && a <= 0x39) |
81 | 0 | return a - 0x30 + 26; |
82 | | |
83 | 0 | return -1; |
84 | 0 | } |
85 | | |
86 | | /*- |
87 | | * Pseudocode: |
88 | | * |
89 | | * function ossl_punycode_decode |
90 | | * let n = initial_n |
91 | | * let i = 0 |
92 | | * let bias = initial_bias |
93 | | * let output = an empty string indexed from 0 |
94 | | * consume all code points before the last delimiter (if there is one) |
95 | | * and copy them to output, fail on any non-basic code point |
96 | | * if more than zero code points were consumed then consume one more |
97 | | * (which will be the last delimiter) |
98 | | * while the input is not exhausted do begin |
99 | | * let oldi = i |
100 | | * let w = 1 |
101 | | * for k = base to infinity in steps of base do begin |
102 | | * consume a code point, or fail if there was none to consume |
103 | | * let digit = the code point's digit-value, fail if it has none |
104 | | * let i = i + digit * w, fail on overflow |
105 | | * let t = tmin if k <= bias {+ tmin}, or |
106 | | * tmax if k >= bias + tmax, or k - bias otherwise |
107 | | * if digit < t then break |
108 | | * let w = w * (base - t), fail on overflow |
109 | | * end |
110 | | * let bias = adapt(i - oldi, length(output) + 1, test oldi is 0?) |
111 | | * let n = n + i div (length(output) + 1), fail on overflow |
112 | | * let i = i mod (length(output) + 1) |
113 | | * {if n is a basic code point then fail} |
114 | | * insert n into output at position i |
115 | | * increment i |
116 | | * end |
117 | | */ |
118 | | |
119 | | int ossl_punycode_decode(const char *pEncoded, const size_t enc_len, |
120 | | unsigned int *pDecoded, unsigned int *pout_length) |
121 | 0 | { |
122 | 0 | unsigned int n = initial_n; |
123 | 0 | unsigned int i = 0; |
124 | 0 | unsigned int bias = initial_bias; |
125 | 0 | size_t processed_in = 0, written_out = 0; |
126 | 0 | unsigned int max_out = *pout_length; |
127 | 0 | unsigned int basic_count = 0; |
128 | 0 | unsigned int loop; |
129 | |
|
130 | 0 | for (loop = 0; loop < enc_len; loop++) { |
131 | 0 | if (pEncoded[loop] == delimiter) |
132 | 0 | basic_count = loop; |
133 | 0 | } |
134 | |
|
135 | 0 | if (basic_count > 0) { |
136 | 0 | if (basic_count > max_out) |
137 | 0 | return 0; |
138 | | |
139 | 0 | for (loop = 0; loop < basic_count; loop++) { |
140 | 0 | if (is_basic(pEncoded[loop]) == 0) |
141 | 0 | return 0; |
142 | | |
143 | 0 | pDecoded[loop] = pEncoded[loop]; |
144 | 0 | written_out++; |
145 | 0 | } |
146 | 0 | processed_in = basic_count + 1; |
147 | 0 | } |
148 | | |
149 | 0 | for (loop = processed_in; loop < enc_len;) { |
150 | 0 | unsigned int oldi = i; |
151 | 0 | unsigned int w = 1; |
152 | 0 | unsigned int k, t; |
153 | 0 | int digit; |
154 | |
|
155 | 0 | for (k = base;; k += base) { |
156 | 0 | if (loop >= enc_len) |
157 | 0 | return 0; |
158 | | |
159 | 0 | digit = digit_decoded(pEncoded[loop]); |
160 | 0 | loop++; |
161 | |
|
162 | 0 | if (digit < 0) |
163 | 0 | return 0; |
164 | 0 | if ((unsigned int)digit > (maxint - i) / w) |
165 | 0 | return 0; |
166 | | |
167 | 0 | i = i + digit * w; |
168 | 0 | t = (k <= bias) ? tmin : (k >= bias + tmax) ? tmax : k - bias; |
169 | |
|
170 | 0 | if ((unsigned int)digit < t) |
171 | 0 | break; |
172 | | |
173 | 0 | if (w > maxint / (base - t)) |
174 | 0 | return 0; |
175 | 0 | w = w * (base - t); |
176 | 0 | } |
177 | | |
178 | 0 | bias = adapt(i - oldi, written_out + 1, (oldi == 0)); |
179 | 0 | if (i / (written_out + 1) > maxint - n) |
180 | 0 | return 0; |
181 | 0 | n = n + i / (written_out + 1); |
182 | 0 | i %= (written_out + 1); |
183 | |
|
184 | 0 | if (written_out >= max_out) |
185 | 0 | return 0; |
186 | | |
187 | 0 | memmove(pDecoded + i + 1, pDecoded + i, |
188 | 0 | (written_out - i) * sizeof(*pDecoded)); |
189 | 0 | pDecoded[i] = n; |
190 | 0 | i++; |
191 | 0 | written_out++; |
192 | 0 | } |
193 | | |
194 | 0 | *pout_length = written_out; |
195 | 0 | return 1; |
196 | 0 | } |
197 | | |
198 | | /* |
199 | | * Encode a code point using UTF-8 |
200 | | * return number of bytes on success, 0 on failure |
201 | | * (also produces U+FFFD, which uses 3 bytes on failure) |
202 | | */ |
203 | | static int codepoint2utf8(unsigned char *out, unsigned long utf) |
204 | 0 | { |
205 | 0 | if (utf <= 0x7F) { |
206 | | /* Plain ASCII */ |
207 | 0 | out[0] = (unsigned char)utf; |
208 | 0 | out[1] = 0; |
209 | 0 | return 1; |
210 | 0 | } else if (utf <= 0x07FF) { |
211 | | /* 2-byte unicode */ |
212 | 0 | out[0] = (unsigned char)(((utf >> 6) & 0x1F) | 0xC0); |
213 | 0 | out[1] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80); |
214 | 0 | out[2] = 0; |
215 | 0 | return 2; |
216 | 0 | } else if (utf <= 0xFFFF) { |
217 | | /* 3-byte unicode */ |
218 | 0 | out[0] = (unsigned char)(((utf >> 12) & 0x0F) | 0xE0); |
219 | 0 | out[1] = (unsigned char)(((utf >> 6) & 0x3F) | 0x80); |
220 | 0 | out[2] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80); |
221 | 0 | out[3] = 0; |
222 | 0 | return 3; |
223 | 0 | } else if (utf <= 0x10FFFF) { |
224 | | /* 4-byte unicode */ |
225 | 0 | out[0] = (unsigned char)(((utf >> 18) & 0x07) | 0xF0); |
226 | 0 | out[1] = (unsigned char)(((utf >> 12) & 0x3F) | 0x80); |
227 | 0 | out[2] = (unsigned char)(((utf >> 6) & 0x3F) | 0x80); |
228 | 0 | out[3] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80); |
229 | 0 | out[4] = 0; |
230 | 0 | return 4; |
231 | 0 | } else { |
232 | | /* error - use replacement character */ |
233 | 0 | out[0] = (unsigned char)0xEF; |
234 | 0 | out[1] = (unsigned char)0xBF; |
235 | 0 | out[2] = (unsigned char)0xBD; |
236 | 0 | out[3] = 0; |
237 | 0 | return 0; |
238 | 0 | } |
239 | 0 | } |
240 | | |
241 | | /*- |
242 | | * Return values: |
243 | | * 1 - ok |
244 | | * 0 - ok but buf was too short |
245 | | * -1 - bad string passed or other error |
246 | | */ |
247 | | |
248 | | int ossl_a2ulabel(const char *in, char *out, size_t outlen) |
249 | 0 | { |
250 | | /*- |
251 | | * Domain name has some parts consisting of ASCII chars joined with dot. |
252 | | * If a part is shorter than 5 chars, it becomes U-label as is. |
253 | | * If it does not start with xn--, it becomes U-label as is. |
254 | | * Otherwise we try to decode it. |
255 | | */ |
256 | 0 | const char *inptr = in; |
257 | 0 | int result = 1; |
258 | 0 | unsigned int i; |
259 | 0 | unsigned int buf[LABEL_BUF_SIZE]; /* It's a hostname */ |
260 | 0 | WPACKET pkt; |
261 | | |
262 | | /* Internal API, so should not fail */ |
263 | 0 | if (!ossl_assert(out != NULL)) |
264 | 0 | return -1; |
265 | | |
266 | 0 | if (!WPACKET_init_static_len(&pkt, (unsigned char *)out, outlen, 0)) |
267 | 0 | return -1; |
268 | | |
269 | 0 | while (1) { |
270 | 0 | char *tmpptr = strchr(inptr, '.'); |
271 | 0 | size_t delta = tmpptr != NULL ? (size_t)(tmpptr - inptr) : strlen(inptr); |
272 | |
|
273 | 0 | if (!HAS_PREFIX(inptr, "xn--")) { |
274 | 0 | if (!WPACKET_memcpy(&pkt, inptr, delta)) |
275 | 0 | result = 0; |
276 | 0 | } else { |
277 | 0 | unsigned int bufsize = LABEL_BUF_SIZE; |
278 | |
|
279 | 0 | if (ossl_punycode_decode(inptr + 4, delta - 4, buf, &bufsize) <= 0) { |
280 | 0 | result = -1; |
281 | 0 | goto end; |
282 | 0 | } |
283 | | |
284 | 0 | for (i = 0; i < bufsize; i++) { |
285 | 0 | unsigned char seed[6]; |
286 | 0 | size_t utfsize = codepoint2utf8(seed, buf[i]); |
287 | |
|
288 | 0 | if (utfsize == 0) { |
289 | 0 | result = -1; |
290 | 0 | goto end; |
291 | 0 | } |
292 | | |
293 | 0 | if (!WPACKET_memcpy(&pkt, seed, utfsize)) |
294 | 0 | result = 0; |
295 | 0 | } |
296 | 0 | } |
297 | | |
298 | 0 | if (tmpptr == NULL) |
299 | 0 | break; |
300 | | |
301 | 0 | if (!WPACKET_put_bytes_u8(&pkt, '.')) |
302 | 0 | result = 0; |
303 | |
|
304 | 0 | inptr = tmpptr + 1; |
305 | 0 | } |
306 | | |
307 | 0 | if (!WPACKET_put_bytes_u8(&pkt, '\0')) |
308 | 0 | result = 0; |
309 | 0 | end: |
310 | 0 | WPACKET_cleanup(&pkt); |
311 | 0 | return result; |
312 | 0 | } |