/src/openssl/crypto/punycode.c

Source (jump to first uncovered line)
/*
 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
 *
 * Licensed under the Apache License 2.0 (the "License").  You may not use
 * this file except in compliance with the License.  You can obtain a copy
 * in the file LICENSE in the source distribution or at
 * https://www.openssl.org/source/license.html
 */

#include <stddef.h>
#include <stdio.h>
#include <openssl/e_os2.h>
#include "crypto/punycode.h"
#include "internal/common.h" /* for HAS_PREFIX */
#include "internal/packet.h" /* for WPACKET */

static const unsigned int base = 36;
static const unsigned int tmin = 1;
static const unsigned int tmax = 26;
static const unsigned int skew = 38;
static const unsigned int damp = 700;
static const unsigned int initial_bias = 72;
static const unsigned int initial_n = 0x80;
static const unsigned int maxint = 0xFFFFFFFF;
static const char delimiter = '-';

#define LABEL_BUF_SIZE 512

/*-
 * Pseudocode:
 *
 * function adapt(delta,numpoints,firsttime):
 *  if firsttime then let delta = delta div damp
 *  else let delta = delta div 2
 *  let delta = delta + (delta div numpoints)
 *  let k = 0
 *  while delta > ((base - tmin) * tmax) div 2 do begin
 *    let delta = delta div (base - tmin)
 *    let k = k + base
 *  end
 *  return k + (((base - tmin + 1) * delta) div (delta + skew))
 */

static int adapt(unsigned int delta, unsigned int numpoints,
                 unsigned int firsttime)
{
    unsigned int k = 0;

    delta = (firsttime) ? delta / damp : delta / 2;
    delta = delta + delta / numpoints;

    while (delta > ((base - tmin) * tmax) / 2) {
        delta = delta / (base - tmin);
        k = k + base;
    }

    return k + (((base - tmin + 1) * delta) / (delta + skew));
}

static ossl_inline int is_basic(unsigned int a)
{
    return (a < 0x80) ? 1 : 0;
}

/*-
 * code points    digit-values
 * ------------   ----------------------
 * 41..5A (A-Z) =  0 to 25, respectively
 * 61..7A (a-z) =  0 to 25, respectively
 * 30..39 (0-9) = 26 to 35, respectively
 */
static ossl_inline int digit_decoded(const unsigned char a)
{
    if (a >= 0x41 && a <= 0x5A)
        return a - 0x41;

    if (a >= 0x61 && a <= 0x7A)
        return a - 0x61;

    if (a >= 0x30 && a <= 0x39)
        return a - 0x30 + 26;

    return -1;
}

/*-
 * Pseudocode:
 *
 * function ossl_punycode_decode
 *  let n = initial_n
 *  let i = 0
 *  let bias = initial_bias
 *  let output = an empty string indexed from 0
 *  consume all code points before the last delimiter (if there is one)
 *    and copy them to output, fail on any non-basic code point
 *  if more than zero code points were consumed then consume one more
 *    (which will be the last delimiter)
 *  while the input is not exhausted do begin
 *    let oldi = i
 *    let w = 1
 *    for k = base to infinity in steps of base do begin
 *      consume a code point, or fail if there was none to consume
 *      let digit = the code point's digit-value, fail if it has none
 *      let i = i + digit * w, fail on overflow
 *      let t = tmin if k <= bias {+ tmin}, or
 *              tmax if k >= bias + tmax, or k - bias otherwise
 *      if digit < t then break
 *      let w = w * (base - t), fail on overflow
 *    end
 *    let bias = adapt(i - oldi, length(output) + 1, test oldi is 0?)
 *    let n = n + i div (length(output) + 1), fail on overflow
 *    let i = i mod (length(output) + 1)
 *    {if n is a basic code point then fail}
 *    insert n into output at position i
 *    increment i
 *  end
 */

int ossl_punycode_decode(const char *pEncoded, const size_t enc_len,
                         unsigned int *pDecoded, unsigned int *pout_length)
{
    unsigned int n = initial_n;
    unsigned int i = 0;
    unsigned int bias = initial_bias;
    size_t processed_in = 0, written_out = 0;
    unsigned int max_out = *pout_length;
    unsigned int basic_count = 0;
    unsigned int loop;

    for (loop = 0; loop < enc_len; loop++) {
        if (pEncoded[loop] == delimiter)
            basic_count = loop;
    }

    if (basic_count > 0) {
        if (basic_count > max_out)
            return 0;

        for (loop = 0; loop < basic_count; loop++) {
            if (is_basic(pEncoded[loop]) == 0)
                return 0;

            pDecoded[loop] = pEncoded[loop];
            written_out++;
        }
        processed_in = basic_count + 1;
    }

    for (loop = processed_in; loop < enc_len;) {
        unsigned int oldi = i;
        unsigned int w = 1;
        unsigned int k, t;
        int digit;

        for (k = base;; k += base) {
            if (loop >= enc_len)
                return 0;

            digit = digit_decoded(pEncoded[loop]);
            loop++;

            if (digit < 0)
                return 0;
            if ((unsigned int)digit > (maxint - i) / w)
                return 0;

            i = i + digit * w;
            t = (k <= bias) ? tmin : (k >= bias + tmax) ? tmax : k - bias;

            if ((unsigned int)digit < t)
                break;

            if (w > maxint / (base - t))
                return 0;
            w = w * (base - t);
        }

        bias = adapt(i - oldi, written_out + 1, (oldi == 0));
        if (i / (written_out + 1) > maxint - n)
            return 0;
        n = n + i / (written_out + 1);
        i %= (written_out + 1);

        if (written_out >= max_out)
            return 0;

        memmove(pDecoded + i + 1, pDecoded + i,
                (written_out - i) * sizeof(*pDecoded));
        pDecoded[i] = n;
        i++;
        written_out++;
    }

    *pout_length = written_out;
    return 1;
}

/*
 * Encode a code point using UTF-8
 * return number of bytes on success, 0 on failure
 * (also produces U+FFFD, which uses 3 bytes on failure)
 */
static int codepoint2utf8(unsigned char *out, unsigned long utf)
{
    if (utf <= 0x7F) {
        /* Plain ASCII */
        out[0] = (unsigned char)utf;
        out[1] = 0;
        return 1;
    } else if (utf <= 0x07FF) {
        /* 2-byte unicode */
        out[0] = (unsigned char)(((utf >> 6) & 0x1F) | 0xC0);
        out[1] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80);
        out[2] = 0;
        return 2;
    } else if (utf <= 0xFFFF) {
        /* 3-byte unicode */
        out[0] = (unsigned char)(((utf >> 12) & 0x0F) | 0xE0);
        out[1] = (unsigned char)(((utf >> 6) & 0x3F) | 0x80);
        out[2] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80);
        out[3] = 0;
        return 3;
    } else if (utf <= 0x10FFFF) {
        /* 4-byte unicode */
        out[0] = (unsigned char)(((utf >> 18) & 0x07) | 0xF0);
        out[1] = (unsigned char)(((utf >> 12) & 0x3F) | 0x80);
        out[2] = (unsigned char)(((utf >> 6) & 0x3F) | 0x80);
        out[3] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80);
        out[4] = 0;
        return 4;
    } else {
        /* error - use replacement character */
        out[0] = (unsigned char)0xEF;
        out[1] = (unsigned char)0xBF;
        out[2] = (unsigned char)0xBD;
        out[3] = 0;
        return 0;
    }
}

/*-
 * Return values:
 * 1 - ok
 * 0 - ok but buf was too short
 * -1 - bad string passed or other error
 */

int ossl_a2ulabel(const char *in, char *out, size_t outlen)
{
    /*-
     * Domain name has some parts consisting of ASCII chars joined with dot.
     * If a part is shorter than 5 chars, it becomes U-label as is.
     * If it does not start with xn--,    it becomes U-label as is.
     * Otherwise we try to decode it.
     */
    const char *inptr = in;
    int result = 1;
    unsigned int i;
    unsigned int buf[LABEL_BUF_SIZE];      /* It's a hostname */
    WPACKET pkt;

    /* Internal API, so should not fail */
    if (!ossl_assert(out != NULL))
        return -1;

    if (!WPACKET_init_static_len(&pkt, (unsigned char *)out, outlen, 0))
        return -1;

    while (1) {
        char *tmpptr = strchr(inptr, '.');
        size_t delta = tmpptr != NULL ? (size_t)(tmpptr - inptr) : strlen(inptr);

        if (!HAS_PREFIX(inptr, "xn--")) {
            if (!WPACKET_memcpy(&pkt, inptr, delta))
                result = 0;
        } else {
            unsigned int bufsize = LABEL_BUF_SIZE;

            if (ossl_punycode_decode(inptr + 4, delta - 4, buf, &bufsize) <= 0) {
                result = -1;
                goto end;
            }

            for (i = 0; i < bufsize; i++) {
                unsigned char seed[6];
                size_t utfsize = codepoint2utf8(seed, buf[i]);

                if (utfsize == 0) {
                    result = -1;
                    goto end;
                }

                if (!WPACKET_memcpy(&pkt, seed, utfsize))
                    result = 0;
            }
        }

        if (tmpptr == NULL)
            break;

        if (!WPACKET_put_bytes_u8(&pkt, '.'))
            result = 0;

        inptr = tmpptr + 1;
    }

    if (!WPACKET_put_bytes_u8(&pkt, '\0'))
        result = 0;
 end:
    WPACKET_cleanup(&pkt);
    return result;
}

Coverage Report

Created: 2024-11-21 07:03

Line	Count	Source (jump to first uncovered line)
1		/*
2		* Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
3		*
4		* Licensed under the Apache License 2.0 (the "License"). You may not use
5		* this file except in compliance with the License. You can obtain a copy
6		* in the file LICENSE in the source distribution or at
7		* https://www.openssl.org/source/license.html
8		*/
9
10		#include <stddef.h>
11		#include <stdio.h>
12		#include <openssl/e_os2.h>
13		#include "crypto/punycode.h"
14		#include "internal/common.h" /* for HAS_PREFIX */
15		#include "internal/packet.h" /* for WPACKET */
16
17		static const unsigned int base = 36;
18		static const unsigned int tmin = 1;
19		static const unsigned int tmax = 26;
20		static const unsigned int skew = 38;
21		static const unsigned int damp = 700;
22		static const unsigned int initial_bias = 72;
23		static const unsigned int initial_n = 0x80;
24		static const unsigned int maxint = 0xFFFFFFFF;
25		static const char delimiter = '-';
26
27	0	#define LABEL_BUF_SIZE 512
28
29		/*-
30		* Pseudocode:
31		*
32		* function adapt(delta,numpoints,firsttime):
33		* if firsttime then let delta = delta div damp
34		* else let delta = delta div 2
35		* let delta = delta + (delta div numpoints)
36		* let k = 0
37		* while delta > ((base - tmin) * tmax) div 2 do begin
38		* let delta = delta div (base - tmin)
39		* let k = k + base
40		* end
41		* return k + (((base - tmin + 1) * delta) div (delta + skew))
42		*/
43
44		static int adapt(unsigned int delta, unsigned int numpoints,
45		unsigned int firsttime)
46	0	{
47	0	unsigned int k = 0;
48
49	0	delta = (firsttime) ? delta / damp : delta / 2;
50	0	delta = delta + delta / numpoints;
51
52	0	while (delta > ((base - tmin) * tmax) / 2) {
53	0	delta = delta / (base - tmin);
54	0	k = k + base;
55	0	}
56
57	0	return k + (((base - tmin + 1) * delta) / (delta + skew));
58	0	}
59
60		static ossl_inline int is_basic(unsigned int a)
61	0	{
62	0	return (a < 0x80) ? 1 : 0;
63	0	}
64
65		/*-
66		* code points digit-values
67		* ------------ ----------------------
68		* 41..5A (A-Z) = 0 to 25, respectively
69		* 61..7A (a-z) = 0 to 25, respectively
70		* 30..39 (0-9) = 26 to 35, respectively
71		*/
72		static ossl_inline int digit_decoded(const unsigned char a)
73	0	{
74	0	if (a >= 0x41 && a <= 0x5A)
75	0	return a - 0x41;
76
77	0	if (a >= 0x61 && a <= 0x7A)
78	0	return a - 0x61;
79
80	0	if (a >= 0x30 && a <= 0x39)
81	0	return a - 0x30 + 26;
82
83	0	return -1;
84	0	}
85
86		/*-
87		* Pseudocode:
88		*
89		* function ossl_punycode_decode
90		* let n = initial_n
91		* let i = 0
92		* let bias = initial_bias
93		* let output = an empty string indexed from 0
94		* consume all code points before the last delimiter (if there is one)
95		* and copy them to output, fail on any non-basic code point
96		* if more than zero code points were consumed then consume one more
97		* (which will be the last delimiter)
98		* while the input is not exhausted do begin
99		* let oldi = i
100		* let w = 1
101		* for k = base to infinity in steps of base do begin
102		* consume a code point, or fail if there was none to consume
103		* let digit = the code point's digit-value, fail if it has none
104		* let i = i + digit * w, fail on overflow
105		* let t = tmin if k <= bias {+ tmin}, or
106		* tmax if k >= bias + tmax, or k - bias otherwise
107		* if digit < t then break
108		* let w = w * (base - t), fail on overflow
109		* end
110		* let bias = adapt(i - oldi, length(output) + 1, test oldi is 0?)
111		* let n = n + i div (length(output) + 1), fail on overflow
112		* let i = i mod (length(output) + 1)
113		* {if n is a basic code point then fail}
114		* insert n into output at position i
115		* increment i
116		* end
117		*/
118
119		int ossl_punycode_decode(const char *pEncoded, const size_t enc_len,
120		unsigned int pDecoded, unsigned int pout_length)
121	0	{
122	0	unsigned int n = initial_n;
123	0	unsigned int i = 0;
124	0	unsigned int bias = initial_bias;
125	0	size_t processed_in = 0, written_out = 0;
126	0	unsigned int max_out = *pout_length;
127	0	unsigned int basic_count = 0;
128	0	unsigned int loop;
129
130	0	for (loop = 0; loop < enc_len; loop++) {
131	0	if (pEncoded[loop] == delimiter)
132	0	basic_count = loop;
133	0	}
134
135	0	if (basic_count > 0) {
136	0	if (basic_count > max_out)
137	0	return 0;
138
139	0	for (loop = 0; loop < basic_count; loop++) {
140	0	if (is_basic(pEncoded[loop]) == 0)
141	0	return 0;
142
143	0	pDecoded[loop] = pEncoded[loop];
144	0	written_out++;
145	0	}
146	0	processed_in = basic_count + 1;
147	0	}
148
149	0	for (loop = processed_in; loop < enc_len;) {
150	0	unsigned int oldi = i;
151	0	unsigned int w = 1;
152	0	unsigned int k, t;
153	0	int digit;
154
155	0	for (k = base;; k += base) {
156	0	if (loop >= enc_len)
157	0	return 0;
158
159	0	digit = digit_decoded(pEncoded[loop]);
160	0	loop++;
161
162	0	if (digit < 0)
163	0	return 0;
164	0	if ((unsigned int)digit > (maxint - i) / w)
165	0	return 0;
166
167	0	i = i + digit * w;
168	0	t = (k <= bias) ? tmin : (k >= bias + tmax) ? tmax : k - bias;
169
170	0	if ((unsigned int)digit < t)
171	0	break;
172
173	0	if (w > maxint / (base - t))
174	0	return 0;
175	0	w = w * (base - t);
176	0	}
177
178	0	bias = adapt(i - oldi, written_out + 1, (oldi == 0));
179	0	if (i / (written_out + 1) > maxint - n)
180	0	return 0;
181	0	n = n + i / (written_out + 1);
182	0	i %= (written_out + 1);
183
184	0	if (written_out >= max_out)
185	0	return 0;
186
187	0	memmove(pDecoded + i + 1, pDecoded + i,
188	0	(written_out - i) * sizeof(*pDecoded));
189	0	pDecoded[i] = n;
190	0	i++;
191	0	written_out++;
192	0	}
193
194	0	*pout_length = written_out;
195	0	return 1;
196	0	}
197
198		/*
199		* Encode a code point using UTF-8
200		* return number of bytes on success, 0 on failure
201		* (also produces U+FFFD, which uses 3 bytes on failure)
202		*/
203		static int codepoint2utf8(unsigned char *out, unsigned long utf)
204	0	{
205	0	if (utf <= 0x7F) {
206		/* Plain ASCII */
207	0	out[0] = (unsigned char)utf;
208	0	out[1] = 0;
209	0	return 1;
210	0	} else if (utf <= 0x07FF) {
211		/* 2-byte unicode */
212	0	out[0] = (unsigned char)(((utf >> 6) & 0x1F) \| 0xC0);
213	0	out[1] = (unsigned char)(((utf >> 0) & 0x3F) \| 0x80);
214	0	out[2] = 0;
215	0	return 2;
216	0	} else if (utf <= 0xFFFF) {
217		/* 3-byte unicode */
218	0	out[0] = (unsigned char)(((utf >> 12) & 0x0F) \| 0xE0);
219	0	out[1] = (unsigned char)(((utf >> 6) & 0x3F) \| 0x80);
220	0	out[2] = (unsigned char)(((utf >> 0) & 0x3F) \| 0x80);
221	0	out[3] = 0;
222	0	return 3;
223	0	} else if (utf <= 0x10FFFF) {
224		/* 4-byte unicode */
225	0	out[0] = (unsigned char)(((utf >> 18) & 0x07) \| 0xF0);
226	0	out[1] = (unsigned char)(((utf >> 12) & 0x3F) \| 0x80);
227	0	out[2] = (unsigned char)(((utf >> 6) & 0x3F) \| 0x80);
228	0	out[3] = (unsigned char)(((utf >> 0) & 0x3F) \| 0x80);
229	0	out[4] = 0;
230	0	return 4;
231	0	} else {
232		/* error - use replacement character */
233	0	out[0] = (unsigned char)0xEF;
234	0	out[1] = (unsigned char)0xBF;
235	0	out[2] = (unsigned char)0xBD;
236	0	out[3] = 0;
237	0	return 0;
238	0	}
239	0	}
240
241		/*-
242		* Return values:
243		* 1 - ok
244		* 0 - ok but buf was too short
245		* -1 - bad string passed or other error
246		*/
247
248		int ossl_a2ulabel(const char in, char out, size_t outlen)
249	0	{
250		/*-
251		* Domain name has some parts consisting of ASCII chars joined with dot.
252		* If a part is shorter than 5 chars, it becomes U-label as is.
253		* If it does not start with xn--, it becomes U-label as is.
254		* Otherwise we try to decode it.
255		*/
256	0	const char *inptr = in;
257	0	int result = 1;
258	0	unsigned int i;
259	0	unsigned int buf[LABEL_BUF_SIZE]; /* It's a hostname */
260	0	WPACKET pkt;
261
262		/* Internal API, so should not fail */
263	0	if (!ossl_assert(out != NULL))
264	0	return -1;
265
266	0	if (!WPACKET_init_static_len(&pkt, (unsigned char *)out, outlen, 0))
267	0	return -1;
268
269	0	while (1) {
270	0	char *tmpptr = strchr(inptr, '.');
271	0	size_t delta = tmpptr != NULL ? (size_t)(tmpptr - inptr) : strlen(inptr);
272
273	0	if (!HAS_PREFIX(inptr, "xn--")) {
274	0	if (!WPACKET_memcpy(&pkt, inptr, delta))
275	0	result = 0;
276	0	} else {
277	0	unsigned int bufsize = LABEL_BUF_SIZE;
278
279	0	if (ossl_punycode_decode(inptr + 4, delta - 4, buf, &bufsize) <= 0) {
280	0	result = -1;
281	0	goto end;
282	0	}
283
284	0	for (i = 0; i < bufsize; i++) {
285	0	unsigned char seed[6];
286	0	size_t utfsize = codepoint2utf8(seed, buf[i]);
287
288	0	if (utfsize == 0) {
289	0	result = -1;
290	0	goto end;
291	0	}
292
293	0	if (!WPACKET_memcpy(&pkt, seed, utfsize))
294	0	result = 0;
295	0	}
296	0	}
297
298	0	if (tmpptr == NULL)
299	0	break;
300
301	0	if (!WPACKET_put_bytes_u8(&pkt, '.'))
302	0	result = 0;
303
304	0	inptr = tmpptr + 1;
305	0	}
306
307	0	if (!WPACKET_put_bytes_u8(&pkt, '\0'))
308	0	result = 0;
309	0	end:
310	0	WPACKET_cleanup(&pkt);
311	0	return result;
312	0	}