1 /*
2 * Copyright 2019-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License"). You may not use
5 * this file except in compliance with the License. You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10 #include <stddef.h>
11 #include <stdio.h>
12 #include <openssl/e_os2.h>
13 #include "crypto/punycode.h"
14 #include "internal/common.h" /* for HAS_PREFIX */
15 #include "internal/packet.h" /* for WPACKET */
16
17 static const unsigned int base = 36;
18 static const unsigned int tmin = 1;
19 static const unsigned int tmax = 26;
20 static const unsigned int skew = 38;
21 static const unsigned int damp = 700;
22 static const unsigned int initial_bias = 72;
23 static const unsigned int initial_n = 0x80;
24 static const unsigned int maxint = 0xFFFFFFFF;
25 static const char delimiter = '-';
26
27 #define LABEL_BUF_SIZE 512
28
29 /*-
30 * Pseudocode:
31 *
32 * function adapt(delta,numpoints,firsttime):
33 * if firsttime then let delta = delta div damp
34 * else let delta = delta div 2
35 * let delta = delta + (delta div numpoints)
36 * let k = 0
37 * while delta > ((base - tmin) * tmax) div 2 do begin
38 * let delta = delta div (base - tmin)
39 * let k = k + base
40 * end
41 * return k + (((base - tmin + 1) * delta) div (delta + skew))
42 */
43
adapt(unsigned int delta,unsigned int numpoints,unsigned int firsttime)44 static int adapt(unsigned int delta, unsigned int numpoints,
45 unsigned int firsttime)
46 {
47 unsigned int k = 0;
48
49 delta = (firsttime) ? delta / damp : delta / 2;
50 delta = delta + delta / numpoints;
51
52 while (delta > ((base - tmin) * tmax) / 2) {
53 delta = delta / (base - tmin);
54 k = k + base;
55 }
56
57 return k + (((base - tmin + 1) * delta) / (delta + skew));
58 }
59
is_basic(unsigned int a)60 static ossl_inline int is_basic(unsigned int a)
61 {
62 return (a < 0x80) ? 1 : 0;
63 }
64
65 /*-
66 * code points digit-values
67 * ------------ ----------------------
68 * 41..5A (A-Z) = 0 to 25, respectively
69 * 61..7A (a-z) = 0 to 25, respectively
70 * 30..39 (0-9) = 26 to 35, respectively
71 */
digit_decoded(const unsigned char a)72 static ossl_inline int digit_decoded(const unsigned char a)
73 {
74 if (a >= 0x41 && a <= 0x5A)
75 return a - 0x41;
76
77 if (a >= 0x61 && a <= 0x7A)
78 return a - 0x61;
79
80 if (a >= 0x30 && a <= 0x39)
81 return a - 0x30 + 26;
82
83 return -1;
84 }
85
86 /*-
87 * Pseudocode:
88 *
89 * function ossl_punycode_decode
90 * let n = initial_n
91 * let i = 0
92 * let bias = initial_bias
93 * let output = an empty string indexed from 0
94 * consume all code points before the last delimiter (if there is one)
95 * and copy them to output, fail on any non-basic code point
96 * if more than zero code points were consumed then consume one more
97 * (which will be the last delimiter)
98 * while the input is not exhausted do begin
99 * let oldi = i
100 * let w = 1
101 * for k = base to infinity in steps of base do begin
102 * consume a code point, or fail if there was none to consume
103 * let digit = the code point's digit-value, fail if it has none
104 * let i = i + digit * w, fail on overflow
105 * let t = tmin if k <= bias {+ tmin}, or
106 * tmax if k >= bias + tmax, or k - bias otherwise
107 * if digit < t then break
108 * let w = w * (base - t), fail on overflow
109 * end
110 * let bias = adapt(i - oldi, length(output) + 1, test oldi is 0?)
111 * let n = n + i div (length(output) + 1), fail on overflow
112 * let i = i mod (length(output) + 1)
113 * {if n is a basic code point then fail}
114 * insert n into output at position i
115 * increment i
116 * end
117 */
118
ossl_punycode_decode(const char * pEncoded,const size_t enc_len,unsigned int * pDecoded,unsigned int * pout_length)119 int ossl_punycode_decode(const char *pEncoded, const size_t enc_len,
120 unsigned int *pDecoded, unsigned int *pout_length)
121 {
122 unsigned int n = initial_n;
123 unsigned int i = 0;
124 unsigned int bias = initial_bias;
125 unsigned int processed_in = 0;
126 unsigned int written_out = 0;
127 unsigned int max_out = *pout_length;
128 unsigned int basic_count = 0;
129 unsigned int loop;
130
131 if (enc_len >= UINT_MAX)
132 return 0;
133 for (loop = 0; loop < (unsigned int)enc_len; loop++) {
134 if (pEncoded[loop] == delimiter)
135 basic_count = loop;
136 }
137
138 if (basic_count > 0) {
139 if (basic_count > max_out)
140 return 0;
141
142 for (loop = 0; loop < basic_count; loop++) {
143 if (is_basic(pEncoded[loop]) == 0)
144 return 0;
145
146 pDecoded[loop] = pEncoded[loop];
147 written_out++;
148 }
149 processed_in = basic_count + 1;
150 }
151
152 for (loop = processed_in; loop < (unsigned int)enc_len;) {
153 unsigned int oldi = i;
154 unsigned int w = 1;
155 unsigned int k, t;
156 int digit;
157
158 for (k = base;; k += base) {
159 if (loop >= enc_len)
160 return 0;
161
162 digit = digit_decoded(pEncoded[loop]);
163 loop++;
164
165 if (digit < 0)
166 return 0;
167 if ((unsigned int)digit > (maxint - i) / w)
168 return 0;
169
170 i = i + digit * w;
171 t = (k <= bias) ? tmin : (k >= bias + tmax) ? tmax : k - bias;
172
173 if ((unsigned int)digit < t)
174 break;
175
176 if (w > maxint / (base - t))
177 return 0;
178 w = w * (base - t);
179 }
180
181 bias = adapt(i - oldi, written_out + 1, (oldi == 0));
182 if (i / (written_out + 1) > maxint - n)
183 return 0;
184 n = n + i / (written_out + 1);
185 i %= (written_out + 1);
186
187 if (written_out >= max_out)
188 return 0;
189
190 memmove(pDecoded + i + 1, pDecoded + i,
191 (written_out - i) * sizeof(*pDecoded));
192 pDecoded[i] = n;
193 i++;
194 written_out++;
195 }
196
197 *pout_length = written_out;
198 return 1;
199 }
200
201 /*
202 * Encode a code point using UTF-8
203 * return number of bytes on success, 0 on failure
204 * (also produces U+FFFD, which uses 3 bytes on failure)
205 */
codepoint2utf8(unsigned char * out,unsigned long utf)206 static int codepoint2utf8(unsigned char *out, unsigned long utf)
207 {
208 if (utf <= 0x7F) {
209 /* Plain ASCII */
210 out[0] = (unsigned char)utf;
211 out[1] = 0;
212 return 1;
213 } else if (utf <= 0x07FF) {
214 /* 2-byte unicode */
215 out[0] = (unsigned char)(((utf >> 6) & 0x1F) | 0xC0);
216 out[1] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80);
217 out[2] = 0;
218 return 2;
219 } else if (utf <= 0xFFFF) {
220 /* 3-byte unicode */
221 out[0] = (unsigned char)(((utf >> 12) & 0x0F) | 0xE0);
222 out[1] = (unsigned char)(((utf >> 6) & 0x3F) | 0x80);
223 out[2] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80);
224 out[3] = 0;
225 return 3;
226 } else if (utf <= 0x10FFFF) {
227 /* 4-byte unicode */
228 out[0] = (unsigned char)(((utf >> 18) & 0x07) | 0xF0);
229 out[1] = (unsigned char)(((utf >> 12) & 0x3F) | 0x80);
230 out[2] = (unsigned char)(((utf >> 6) & 0x3F) | 0x80);
231 out[3] = (unsigned char)(((utf >> 0) & 0x3F) | 0x80);
232 out[4] = 0;
233 return 4;
234 } else {
235 /* error - use replacement character */
236 out[0] = (unsigned char)0xEF;
237 out[1] = (unsigned char)0xBF;
238 out[2] = (unsigned char)0xBD;
239 out[3] = 0;
240 return 0;
241 }
242 }
243
244 /*-
245 * Return values:
246 * 1 - ok
247 * 0 - ok but buf was too short
248 * -1 - bad string passed or other error
249 */
250
ossl_a2ulabel(const char * in,char * out,size_t outlen)251 int ossl_a2ulabel(const char *in, char *out, size_t outlen)
252 {
253 /*-
254 * Domain name has some parts consisting of ASCII chars joined with dot.
255 * If a part is shorter than 5 chars, it becomes U-label as is.
256 * If it does not start with xn--, it becomes U-label as is.
257 * Otherwise we try to decode it.
258 */
259 const char *inptr = in;
260 int result = 1;
261 unsigned int i;
262 unsigned int buf[LABEL_BUF_SIZE]; /* It's a hostname */
263 WPACKET pkt;
264
265 /* Internal API, so should not fail */
266 if (!ossl_assert(out != NULL))
267 return -1;
268
269 if (!WPACKET_init_static_len(&pkt, (unsigned char *)out, outlen, 0))
270 return -1;
271
272 while (1) {
273 char *tmpptr = strchr(inptr, '.');
274 size_t delta = tmpptr != NULL ? (size_t)(tmpptr - inptr) : strlen(inptr);
275
276 if (!HAS_PREFIX(inptr, "xn--")) {
277 if (!WPACKET_memcpy(&pkt, inptr, delta))
278 result = 0;
279 } else {
280 unsigned int bufsize = LABEL_BUF_SIZE;
281
282 if (ossl_punycode_decode(inptr + 4, delta - 4, buf, &bufsize) <= 0) {
283 result = -1;
284 goto end;
285 }
286
287 for (i = 0; i < bufsize; i++) {
288 unsigned char seed[6];
289 size_t utfsize = codepoint2utf8(seed, buf[i]);
290
291 if (utfsize == 0) {
292 result = -1;
293 goto end;
294 }
295
296 if (!WPACKET_memcpy(&pkt, seed, utfsize))
297 result = 0;
298 }
299 }
300
301 if (tmpptr == NULL)
302 break;
303
304 if (!WPACKET_put_bytes_u8(&pkt, '.'))
305 result = 0;
306
307 inptr = tmpptr + 1;
308 }
309
310 if (!WPACKET_put_bytes_u8(&pkt, '\0'))
311 result = 0;
312 end:
313 WPACKET_cleanup(&pkt);
314 return result;
315 }
316