1 // © 2016 and later: Unicode, Inc. and others.
2 // License & terms of use: http://www.unicode.org/copyright.html
4 ***************************************************************************
5 * Copyright (C) 2008-2016, International Business Machines Corporation
6 * and others. All Rights Reserved.
7 ***************************************************************************
10 * tab size: 8 (not used)
13 * created on: 2008Feb13
14 * created by: Andy Heninger
16 * Unicode Spoof Detection
22 #include "unicode/utypes.h"
23 #include "unicode/uset.h"
24 #include "unicode/parseerr.h"
25 #include "unicode/localpointer.h"
27 #if !UCONFIG_NO_NORMALIZATION
30 #if U_SHOW_CPLUSPLUS_API
31 #include "unicode/unistr.h"
32 #include "unicode/uniset.h"
33 #endif // U_SHOW_CPLUSPLUS_API
38 * \brief Unicode Security and Spoofing Detection, C API.
41 * This class, based on <a href="http://unicode.org/reports/tr36">Unicode Technical Report #36</a> and
42 * <a href="http://unicode.org/reports/tr39">Unicode Technical Standard #39</a>, has two main functions:
45 * <li>Checking whether two strings are visually <em>confusable</em> with each other, such as "Harvest" and
46 * "Ηarvest", where the second string starts with the Greek capital letter Eta.</li>
47 * <li>Checking whether an individual string is likely to be an attempt at confusing the reader (<em>spoof
48 * detection</em>), such as "paypal" with some Latin characters substituted with Cyrillic look-alikes.</li>
52 * Although originally designed as a method for flagging suspicious identifier strings such as URLs,
53 * <code>USpoofChecker</code> has a number of other practical use cases, such as preventing attempts to evade bad-word
57 * The functions of this class are exposed as C API, with a handful of syntactical conveniences for C++.
59 * <h2>Confusables</h2>
62 * The following example shows how to use <code>USpoofChecker</code> to check for confusability between two strings:
65 * UErrorCode status = U_ZERO_ERROR;
66 * UChar* str1 = (UChar*) u"Harvest";
67 * UChar* str2 = (UChar*) u"\u0397arvest"; // with U+0397 GREEK CAPITAL LETTER ETA
69 * USpoofChecker* sc = uspoof_open(&status);
70 * uspoof_setChecks(sc, USPOOF_CONFUSABLE, &status);
72 * int32_t bitmask = uspoof_areConfusable(sc, str1, -1, str2, -1, &status);
73 * UBool result = bitmask != 0;
74 * // areConfusable: 1 (status: U_ZERO_ERROR)
75 * printf("areConfusable: %d (status: %s)\n", result, u_errorName(status));
80 * The call to {@link uspoof_open} creates a <code>USpoofChecker</code> object; the call to {@link uspoof_setChecks}
81 * enables confusable checking and disables all other checks; the call to {@link uspoof_areConfusable} performs the
82 * confusability test; and the following line extracts the result out of the return value. For best performance,
83 * the instance should be created once (e.g., upon application startup), and the efficient
84 * {@link uspoof_areConfusable} method can be used at runtime.
87 * The type {@link LocalUSpoofCheckerPointer} is exposed for C++ programmers. It will automatically call
88 * {@link uspoof_close} when the object goes out of scope:
91 * UErrorCode status = U_ZERO_ERROR;
92 * LocalUSpoofCheckerPointer sc(uspoof_open(&status));
93 * uspoof_setChecks(sc.getAlias(), USPOOF_CONFUSABLE, &status);
98 * UTS 39 defines two strings to be <em>confusable</em> if they map to the same <em>skeleton string</em>. A skeleton can
99 * be thought of as a "hash code". {@link uspoof_getSkeleton} computes the skeleton for a particular string, so
100 * the following snippet is equivalent to the example above:
103 * UErrorCode status = U_ZERO_ERROR;
104 * UChar* str1 = (UChar*) u"Harvest";
105 * UChar* str2 = (UChar*) u"\u0397arvest"; // with U+0397 GREEK CAPITAL LETTER ETA
107 * USpoofChecker* sc = uspoof_open(&status);
108 * uspoof_setChecks(sc, USPOOF_CONFUSABLE, &status);
111 * int32_t skel1Len = uspoof_getSkeleton(sc, 0, str1, -1, NULL, 0, &status);
112 * UChar* skel1 = (UChar*) malloc(++skel1Len * sizeof(UChar));
113 * status = U_ZERO_ERROR;
114 * uspoof_getSkeleton(sc, 0, str1, -1, skel1, skel1Len, &status);
117 * int32_t skel2Len = uspoof_getSkeleton(sc, 0, str2, -1, NULL, 0, &status);
118 * UChar* skel2 = (UChar*) malloc(++skel2Len * sizeof(UChar));
119 * status = U_ZERO_ERROR;
120 * uspoof_getSkeleton(sc, 0, str2, -1, skel2, skel2Len, &status);
122 * // Are the skeletons the same?
123 * UBool result = u_strcmp(skel1, skel2) == 0;
124 * // areConfusable: 1 (status: U_ZERO_ERROR)
125 * printf("areConfusable: %d (status: %s)\n", result, u_errorName(status));
132 * If you need to check if a string is confusable with any string in a dictionary of many strings, rather than calling
133 * {@link uspoof_areConfusable} many times in a loop, {@link uspoof_getSkeleton} can be used instead, as shown below:
136 * UErrorCode status = U_ZERO_ERROR;
137 * #define DICTIONARY_LENGTH 2
138 * UChar* dictionary[DICTIONARY_LENGTH] = { (UChar*) u"lorem", (UChar*) u"ipsum" };
139 * UChar* skeletons[DICTIONARY_LENGTH];
140 * UChar* str = (UChar*) u"1orern";
143 * USpoofChecker* sc = uspoof_open(&status);
144 * uspoof_setChecks(sc, USPOOF_CONFUSABLE, &status);
145 * for (size_t i=0; i<DICTIONARY_LENGTH; i++) {
146 * UChar* word = dictionary[i];
147 * int32_t len = uspoof_getSkeleton(sc, 0, word, -1, NULL, 0, &status);
148 * skeletons[i] = (UChar*) malloc(++len * sizeof(UChar));
149 * status = U_ZERO_ERROR;
150 * uspoof_getSkeleton(sc, 0, word, -1, skeletons[i], len, &status);
155 * int32_t len = uspoof_getSkeleton(sc, 0, str, -1, NULL, 0, &status);
156 * UChar* skel = (UChar*) malloc(++len * sizeof(UChar));
157 * status = U_ZERO_ERROR;
158 * uspoof_getSkeleton(sc, 0, str, -1, skel, len, &status);
159 * UBool result = FALSE;
160 * for (size_t i=0; i<DICTIONARY_LENGTH; i++) {
161 * result = u_strcmp(skel, skeletons[i]) == 0;
162 * if (result == TRUE) { break; }
164 * // Has confusable in dictionary: 1 (status: U_ZERO_ERROR)
165 * printf("Has confusable in dictionary: %d (status: %s)\n", result, u_errorName(status));
169 * for (size_t i=0; i<DICTIONARY_LENGTH; i++) {
170 * free(skeletons[i]);
176 * <b>Note:</b> Since the Unicode confusables mapping table is frequently updated, confusable skeletons are <em>not</em>
177 * guaranteed to be the same between ICU releases. We therefore recommend that you always compute confusable skeletons
178 * at runtime and do not rely on creating a permanent, or difficult to update, database of skeletons.
180 * <h2>Spoof Detection</h2>
183 * The following snippet shows a minimal example of using <code>USpoofChecker</code> to perform spoof detection on a
187 * UErrorCode status = U_ZERO_ERROR;
188 * UChar* str = (UChar*) u"p\u0430ypal"; // with U+0430 CYRILLIC SMALL LETTER A
190 * // Get the default set of allowable characters:
191 * USet* allowed = uset_openEmpty();
192 * uset_addAll(allowed, uspoof_getRecommendedSet(&status));
193 * uset_addAll(allowed, uspoof_getInclusionSet(&status));
195 * USpoofChecker* sc = uspoof_open(&status);
196 * uspoof_setAllowedChars(sc, allowed, &status);
197 * uspoof_setRestrictionLevel(sc, USPOOF_MODERATELY_RESTRICTIVE);
199 * int32_t bitmask = uspoof_check(sc, str, -1, NULL, &status);
200 * UBool result = bitmask != 0;
201 * // fails checks: 1 (status: U_ZERO_ERROR)
202 * printf("fails checks: %d (status: %s)\n", result, u_errorName(status));
204 * uset_close(allowed);
208 * As in the case for confusability checking, it is good practice to create one <code>USpoofChecker</code> instance at
209 * startup, and call the cheaper {@link uspoof_check} online. We specify the set of
210 * allowed characters to be those with type RECOMMENDED or INCLUSION, according to the recommendation in UTS 39.
213 * In addition to {@link uspoof_check}, the function {@link uspoof_checkUTF8} is exposed for UTF8-encoded char* strings,
214 * and {@link uspoof_checkUnicodeString} is exposed for C++ programmers.
217 * If the {@link USPOOF_AUX_INFO} check is enabled, a limited amount of information on why a string failed the checks
218 * is available in the returned bitmask. For complete information, use the {@link uspoof_check2} class of functions
219 * with a {@link USpoofCheckResult} parameter:
222 * UErrorCode status = U_ZERO_ERROR;
223 * UChar* str = (UChar*) u"p\u0430ypal"; // with U+0430 CYRILLIC SMALL LETTER A
225 * // Get the default set of allowable characters:
226 * USet* allowed = uset_openEmpty();
227 * uset_addAll(allowed, uspoof_getRecommendedSet(&status));
228 * uset_addAll(allowed, uspoof_getInclusionSet(&status));
230 * USpoofChecker* sc = uspoof_open(&status);
231 * uspoof_setAllowedChars(sc, allowed, &status);
232 * uspoof_setRestrictionLevel(sc, USPOOF_MODERATELY_RESTRICTIVE);
234 * USpoofCheckResult* checkResult = uspoof_openCheckResult(&status);
235 * int32_t bitmask = uspoof_check2(sc, str, -1, checkResult, &status);
237 * int32_t failures1 = bitmask;
238 * int32_t failures2 = uspoof_getCheckResultChecks(checkResult, &status);
239 * assert(failures1 == failures2);
240 * // checks that failed: 0x00000010 (status: U_ZERO_ERROR)
241 * printf("checks that failed: %#010x (status: %s)\n", failures1, u_errorName(status));
245 * uset_close(allowed);
246 * uspoof_closeCheckResult(checkResult);
249 * C++ users can take advantage of a few syntactical conveniences. The following snippet is functionally
250 * equivalent to the one above:
253 * UErrorCode status = U_ZERO_ERROR;
254 * UnicodeString str((UChar*) u"p\u0430ypal"); // with U+0430 CYRILLIC SMALL LETTER A
256 * // Get the default set of allowable characters:
257 * UnicodeSet allowed;
258 * allowed.addAll(*uspoof_getRecommendedUnicodeSet(&status));
259 * allowed.addAll(*uspoof_getInclusionUnicodeSet(&status));
261 * LocalUSpoofCheckerPointer sc(uspoof_open(&status));
262 * uspoof_setAllowedChars(sc.getAlias(), allowed.toUSet(), &status);
263 * uspoof_setRestrictionLevel(sc.getAlias(), USPOOF_MODERATELY_RESTRICTIVE);
265 * LocalUSpoofCheckResultPointer checkResult(uspoof_openCheckResult(&status));
266 * int32_t bitmask = uspoof_check2UnicodeString(sc.getAlias(), str, checkResult.getAlias(), &status);
268 * int32_t failures1 = bitmask;
269 * int32_t failures2 = uspoof_getCheckResultChecks(checkResult.getAlias(), &status);
270 * assert(failures1 == failures2);
271 * // checks that failed: 0x00000010 (status: U_ZERO_ERROR)
272 * printf("checks that failed: %#010x (status: %s)\n", failures1, u_errorName(status));
274 * // Explicit cleanup not necessary.
278 * The return value is a bitmask of the checks that failed. In this case, there was one check that failed:
279 * {@link USPOOF_RESTRICTION_LEVEL}, corresponding to the fifth bit (16). The possible checks are:
282 * <li><code>RESTRICTION_LEVEL</code>: flags strings that violate the
283 * <a href="http://unicode.org/reports/tr39/#Restriction_Level_Detection">Restriction Level</a> test as specified in UTS
284 * 39; in most cases, this means flagging strings that contain characters from multiple different scripts.</li>
285 * <li><code>INVISIBLE</code>: flags strings that contain invisible characters, such as zero-width spaces, or character
286 * sequences that are likely not to display, such as multiple occurrences of the same non-spacing mark.</li>
287 * <li><code>CHAR_LIMIT</code>: flags strings that contain characters outside of a specified set of acceptable
288 * characters. See {@link uspoof_setAllowedChars} and {@link uspoof_setAllowedLocales}.</li>
289 * <li><code>MIXED_NUMBERS</code>: flags strings that contain digits from multiple different numbering systems.</li>
293 * These checks can be enabled independently of each other. For example, if you were interested in checking for only the
294 * INVISIBLE and MIXED_NUMBERS conditions, you could do:
297 * UErrorCode status = U_ZERO_ERROR;
298 * UChar* str = (UChar*) u"8\u09EA"; // 8 mixed with U+09EA BENGALI DIGIT FOUR
300 * USpoofChecker* sc = uspoof_open(&status);
301 * uspoof_setChecks(sc, USPOOF_INVISIBLE | USPOOF_MIXED_NUMBERS, &status);
303 * int32_t bitmask = uspoof_check2(sc, str, -1, NULL, &status);
304 * UBool result = bitmask != 0;
305 * // fails checks: 1 (status: U_ZERO_ERROR)
306 * printf("fails checks: %d (status: %s)\n", result, u_errorName(status));
311 * Here is an example in C++ showing how to compute the restriction level of a string:
314 * UErrorCode status = U_ZERO_ERROR;
315 * UnicodeString str((UChar*) u"p\u0430ypal"); // with U+0430 CYRILLIC SMALL LETTER A
317 * // Get the default set of allowable characters:
318 * UnicodeSet allowed;
319 * allowed.addAll(*uspoof_getRecommendedUnicodeSet(&status));
320 * allowed.addAll(*uspoof_getInclusionUnicodeSet(&status));
322 * LocalUSpoofCheckerPointer sc(uspoof_open(&status));
323 * uspoof_setAllowedChars(sc.getAlias(), allowed.toUSet(), &status);
324 * uspoof_setRestrictionLevel(sc.getAlias(), USPOOF_MODERATELY_RESTRICTIVE);
325 * uspoof_setChecks(sc.getAlias(), USPOOF_RESTRICTION_LEVEL | USPOOF_AUX_INFO, &status);
327 * LocalUSpoofCheckResultPointer checkResult(uspoof_openCheckResult(&status));
328 * int32_t bitmask = uspoof_check2UnicodeString(sc.getAlias(), str, checkResult.getAlias(), &status);
330 * URestrictionLevel restrictionLevel = uspoof_getCheckResultRestrictionLevel(checkResult.getAlias(), &status);
331 * // Since USPOOF_AUX_INFO was enabled, the restriction level is also available in the upper bits of the bitmask:
332 * assert((restrictionLevel & bitmask) == restrictionLevel);
333 * // Restriction level: 0x50000000 (status: U_ZERO_ERROR)
334 * printf("Restriction level: %#010x (status: %s)\n", restrictionLevel, u_errorName(status));
338 * The code '0x50000000' corresponds to the restriction level USPOOF_MINIMALLY_RESTRICTIVE. Since
339 * USPOOF_MINIMALLY_RESTRICTIVE is weaker than USPOOF_MODERATELY_RESTRICTIVE, the string fails the check.
342 * <b>Note:</b> The Restriction Level is the most powerful of the checks. The full logic is documented in
343 * <a href="http://unicode.org/reports/tr39/#Restriction_Level_Detection">UTS 39</a>, but the basic idea is that strings
344 * are restricted to contain characters from only a single script, <em>except</em> that most scripts are allowed to have
345 * Latin characters interspersed. Although the default restriction level is <code>HIGHLY_RESTRICTIVE</code>, it is
346 * recommended that users set their restriction level to <code>MODERATELY_RESTRICTIVE</code>, which allows Latin mixed
347 * with all other scripts except Cyrillic, Greek, and Cherokee, with which it is often confusable. For more details on
348 * the levels, see UTS 39 or {@link URestrictionLevel}. The Restriction Level test is aware of the set of
349 * allowed characters set in {@link uspoof_setAllowedChars}. Note that characters which have script code
350 * COMMON or INHERITED, such as numbers and punctuation, are ignored when computing whether a string has multiple
353 * <h2>Additional Information</h2>
356 * A <code>USpoofChecker</code> instance may be used repeatedly to perform checks on any number of identifiers.
359 * <b>Thread Safety:</b> The test functions for checking a single identifier, or for testing whether
360 * two identifiers are possible confusable, are thread safe. They may called concurrently, from multiple threads,
361 * using the same USpoofChecker instance.
364 * More generally, the standard ICU thread safety rules apply: functions that take a const USpoofChecker parameter are
365 * thread safe. Those that take a non-const USpoofChecker are not thread safe..
370 struct USpoofChecker
;
374 typedef struct USpoofChecker USpoofChecker
; /**< typedef for C of USpoofChecker */
376 struct USpoofCheckResult
;
378 * @see uspoof_openCheckResult
381 typedef struct USpoofCheckResult USpoofCheckResult
;
384 * Enum for the kinds of checks that USpoofChecker can perform.
385 * These enum values are used both to select the set of checks that
386 * will be performed, and to report results from the check function.
390 typedef enum USpoofChecks
{
392 * When performing the two-string {@link uspoof_areConfusable} test, this flag in the return value indicates
393 * that the two strings are visually confusable and that they are from the same script, according to UTS 39 section
396 * @see uspoof_areConfusable
399 USPOOF_SINGLE_SCRIPT_CONFUSABLE
= 1,
402 * When performing the two-string {@link uspoof_areConfusable} test, this flag in the return value indicates
403 * that the two strings are visually confusable and that they are <b>not</b> from the same script, according to UTS
406 * @see uspoof_areConfusable
409 USPOOF_MIXED_SCRIPT_CONFUSABLE
= 2,
412 * When performing the two-string {@link uspoof_areConfusable} test, this flag in the return value indicates
413 * that the two strings are visually confusable and that they are not from the same script but both of them are
414 * single-script strings, according to UTS 39 section 4.
416 * @see uspoof_areConfusable
419 USPOOF_WHOLE_SCRIPT_CONFUSABLE
= 4,
422 * Enable this flag in {@link uspoof_setChecks} to turn on all types of confusables. You may set
423 * the checks to some subset of SINGLE_SCRIPT_CONFUSABLE, MIXED_SCRIPT_CONFUSABLE, or WHOLE_SCRIPT_CONFUSABLE to
424 * make {@link uspoof_areConfusable} return only those types of confusables.
426 * @see uspoof_areConfusable
427 * @see uspoof_getSkeleton
430 USPOOF_CONFUSABLE
= USPOOF_SINGLE_SCRIPT_CONFUSABLE
| USPOOF_MIXED_SCRIPT_CONFUSABLE
| USPOOF_WHOLE_SCRIPT_CONFUSABLE
,
432 #ifndef U_HIDE_DEPRECATED_API
434 * This flag is deprecated and no longer affects the behavior of SpoofChecker.
436 * @deprecated ICU 58 Any case confusable mappings were removed from UTS 39; the corresponding ICU API was deprecated.
439 #endif /* U_HIDE_DEPRECATED_API */
442 * Check that an identifier is no looser than the specified RestrictionLevel.
443 * The default if {@link uspoof_setRestrictionLevel} is not called is HIGHLY_RESTRICTIVE.
445 * If USPOOF_AUX_INFO is enabled the actual restriction level of the
446 * identifier being tested will also be returned by uspoof_check().
448 * @see URestrictionLevel
449 * @see uspoof_setRestrictionLevel
450 * @see USPOOF_AUX_INFO
454 USPOOF_RESTRICTION_LEVEL
= 16,
456 #ifndef U_HIDE_DEPRECATED_API
457 /** Check that an identifier contains only characters from a
458 * single script (plus chars from the common and inherited scripts.)
459 * Applies to checks of a single identifier check only.
460 * @deprecated ICU 51 Use RESTRICTION_LEVEL instead.
462 USPOOF_SINGLE_SCRIPT
= USPOOF_RESTRICTION_LEVEL
,
463 #endif /* U_HIDE_DEPRECATED_API */
465 /** Check an identifier for the presence of invisible characters,
466 * such as zero-width spaces, or character sequences that are
467 * likely not to display, such as multiple occurrences of the same
468 * non-spacing mark. This check does not test the input string as a whole
469 * for conformance to any particular syntax for identifiers.
471 USPOOF_INVISIBLE
= 32,
473 /** Check that an identifier contains only characters from a specified set
474 * of acceptable characters. See {@link uspoof_setAllowedChars} and
475 * {@link uspoof_setAllowedLocales}. Note that a string that fails this check
476 * will also fail the {@link USPOOF_RESTRICTION_LEVEL} check.
478 USPOOF_CHAR_LIMIT
= 64,
481 * Check that an identifier does not mix numbers from different numbering systems.
482 * For more information, see UTS 39 section 5.3.
486 USPOOF_MIXED_NUMBERS
= 128,
488 #ifndef U_HIDE_DRAFT_API
490 * Check that an identifier does not have a combining character following a character in which that
491 * combining character would be hidden; for example 'i' followed by a U+0307 combining dot.
493 * More specifically, the following characters are forbidden from preceding a U+0307:
495 * <li>Those with the Soft_Dotted Unicode property (which includes 'i' and 'j')</li>
496 * <li>Latin lowercase letter 'l'</li>
497 * <li>Dotless 'i' and 'j' ('ı' and 'ȷ', U+0131 and U+0237)</li>
498 * <li>Any character whose confusable prototype ends with such a character
499 * (Soft_Dotted, 'l', 'ı', or 'ȷ')</li>
501 * In addition, combining characters are allowed between the above characters and U+0307 except those
502 * with combining class 0 or combining class "Above" (230, same class as U+0307).
504 * This list and the number of combing characters considered by this check may grow over time.
508 USPOOF_HIDDEN_OVERLAY
= 256,
509 #endif /* U_HIDE_DRAFT_API */
512 * Enable all spoof checks.
516 USPOOF_ALL_CHECKS
= 0xFFFF,
519 * Enable the return of auxillary (non-error) information in the
520 * upper bits of the check results value.
522 * If this "check" is not enabled, the results of {@link uspoof_check} will be
523 * zero when an identifier passes all of the enabled checks.
525 * If this "check" is enabled, (uspoof_check() & {@link USPOOF_ALL_CHECKS}) will
526 * be zero when an identifier passes all checks.
530 USPOOF_AUX_INFO
= 0x40000000
536 * Constants from UAX #39 for use in {@link uspoof_setRestrictionLevel}, and
537 * for returned identifier restriction levels in check results.
541 * @see uspoof_setRestrictionLevel
544 typedef enum URestrictionLevel
{
546 * All characters in the string are in the identifier profile and all characters in the string are in the
551 USPOOF_ASCII
= 0x10000000,
553 * The string classifies as ASCII-Only, or all characters in the string are in the identifier profile and
554 * the string is single-script, according to the definition in UTS 39 section 5.1.
558 USPOOF_SINGLE_SCRIPT_RESTRICTIVE
= 0x20000000,
560 * The string classifies as Single Script, or all characters in the string are in the identifier profile and
561 * the string is covered by any of the following sets of scripts, according to the definition in UTS 39
564 * <li>Latin + Han + Bopomofo (or equivalently: Latn + Hanb)</li>
565 * <li>Latin + Han + Hiragana + Katakana (or equivalently: Latn + Jpan)</li>
566 * <li>Latin + Han + Hangul (or equivalently: Latn +Kore)</li>
568 * This is the default restriction in ICU.
572 USPOOF_HIGHLY_RESTRICTIVE
= 0x30000000,
574 * The string classifies as Highly Restrictive, or all characters in the string are in the identifier profile
575 * and the string is covered by Latin and any one other Recommended or Aspirational script, except Cyrillic,
576 * Greek, and Cherokee.
580 USPOOF_MODERATELY_RESTRICTIVE
= 0x40000000,
582 * All characters in the string are in the identifier profile. Allow arbitrary mixtures of scripts.
586 USPOOF_MINIMALLY_RESTRICTIVE
= 0x50000000,
588 * Any valid identifiers, including characters outside of the Identifier Profile.
592 USPOOF_UNRESTRICTIVE
= 0x60000000,
594 * Mask for selecting the Restriction Level bits from the return value of {@link uspoof_check}.
598 USPOOF_RESTRICTION_LEVEL_MASK
= 0x7F000000,
599 #ifndef U_HIDE_INTERNAL_API
601 * An undefined restriction level.
604 USPOOF_UNDEFINED_RESTRICTIVE
= -1
605 #endif /* U_HIDE_INTERNAL_API */
609 * Create a Unicode Spoof Checker, configured to perform all
610 * checks except for USPOOF_LOCALE_LIMIT and USPOOF_CHAR_LIMIT.
611 * Note that additional checks may be added in the future,
612 * resulting in the changes to the default checking behavior.
614 * @param status The error code, set if this function encounters a problem.
615 * @return the newly created Spoof Checker
618 U_STABLE USpoofChecker
* U_EXPORT2
619 uspoof_open(UErrorCode
*status
);
623 * Open a Spoof checker from its serialized form, stored in 32-bit-aligned memory.
624 * Inverse of uspoof_serialize().
625 * The memory containing the serialized data must remain valid and unchanged
626 * as long as the spoof checker, or any cloned copies of the spoof checker,
627 * are in use. Ownership of the memory remains with the caller.
628 * The spoof checker (and any clones) must be closed prior to deleting the
631 * @param data a pointer to 32-bit-aligned memory containing the serialized form of spoof data
632 * @param length the number of bytes available at data;
633 * can be more than necessary
634 * @param pActualLength receives the actual number of bytes at data taken up by the data;
636 * @param pErrorCode ICU error code
637 * @return the spoof checker.
640 * @see uspoof_serialize
643 U_STABLE USpoofChecker
* U_EXPORT2
644 uspoof_openFromSerialized(const void *data
, int32_t length
, int32_t *pActualLength
,
645 UErrorCode
*pErrorCode
);
648 * Open a Spoof Checker from the source form of the spoof data.
649 * The input corresponds to the Unicode data file confusables.txt
650 * as described in Unicode UAX #39. The syntax of the source data
651 * is as described in UAX #39 for this file, and the content of
652 * this file is acceptable input.
654 * The character encoding of the (char *) input text is UTF-8.
656 * @param confusables a pointer to the confusable characters definitions,
657 * as found in file confusables.txt from unicode.org.
658 * @param confusablesLen The length of the confusables text, or -1 if the
659 * input string is zero terminated.
660 * @param confusablesWholeScript
661 * Deprecated in ICU 58. No longer used.
662 * @param confusablesWholeScriptLen
663 * Deprecated in ICU 58. No longer used.
664 * @param errType In the event of an error in the input, indicates
665 * which of the input files contains the error.
666 * The value is one of USPOOF_SINGLE_SCRIPT_CONFUSABLE or
667 * USPOOF_WHOLE_SCRIPT_CONFUSABLE, or
668 * zero if no errors are found.
669 * @param pe In the event of an error in the input, receives the position
670 * in the input text (line, offset) of the error.
671 * @param status an in/out ICU UErrorCode. Among the possible errors is
672 * U_PARSE_ERROR, which is used to report syntax errors
674 * @return A spoof checker that uses the rules from the input files.
677 U_STABLE USpoofChecker
* U_EXPORT2
678 uspoof_openFromSource(const char *confusables
, int32_t confusablesLen
,
679 const char *confusablesWholeScript
, int32_t confusablesWholeScriptLen
,
680 int32_t *errType
, UParseError
*pe
, UErrorCode
*status
);
684 * Close a Spoof Checker, freeing any memory that was being held by
685 * its implementation.
688 U_STABLE
void U_EXPORT2
689 uspoof_close(USpoofChecker
*sc
);
691 #if U_SHOW_CPLUSPLUS_API
696 * \class LocalUSpoofCheckerPointer
697 * "Smart pointer" class, closes a USpoofChecker via uspoof_close().
698 * For most methods see the LocalPointerBase base class.
700 * @see LocalPointerBase
704 U_DEFINE_LOCAL_OPEN_POINTER(LocalUSpoofCheckerPointer
, USpoofChecker
, uspoof_close
);
708 #endif // U_SHOW_CPLUSPLUS_API
711 * Clone a Spoof Checker. The clone will be set to perform the same checks
712 * as the original source.
714 * @param sc The source USpoofChecker
715 * @param status The error code, set if this function encounters a problem.
719 U_STABLE USpoofChecker
* U_EXPORT2
720 uspoof_clone(const USpoofChecker
*sc
, UErrorCode
*status
);
724 * Specify the bitmask of checks that will be performed by {@link uspoof_check}. Calling this method
725 * overwrites any checks that may have already been enabled. By default, all checks are enabled.
727 * To enable specific checks and disable all others, the "whitelisted" checks should be ORed together. For
728 * example, to fail strings containing characters outside of the set specified by {@link uspoof_setAllowedChars} and
729 * also strings that contain digits from mixed numbering systems:
733 * uspoof_setChecks(USPOOF_CHAR_LIMIT | USPOOF_MIXED_NUMBERS);
737 * To disable specific checks and enable all others, the "blacklisted" checks should be ANDed away from
738 * ALL_CHECKS. For example, if you are not planning to use the {@link uspoof_areConfusable} functionality,
739 * it is good practice to disable the CONFUSABLE check:
743 * uspoof_setChecks(USPOOF_ALL_CHECKS & ~USPOOF_CONFUSABLE);
747 * Note that methods such as {@link uspoof_setAllowedChars}, {@link uspoof_setAllowedLocales}, and
748 * {@link uspoof_setRestrictionLevel} will enable certain checks when called. Those methods will OR the check they
749 * enable onto the existing bitmask specified by this method. For more details, see the documentation of those
752 * @param sc The USpoofChecker
753 * @param checks The set of checks that this spoof checker will perform.
754 * The value is a bit set, obtained by OR-ing together
755 * values from enum USpoofChecks.
756 * @param status The error code, set if this function encounters a problem.
760 U_STABLE
void U_EXPORT2
761 uspoof_setChecks(USpoofChecker
*sc
, int32_t checks
, UErrorCode
*status
);
764 * Get the set of checks that this Spoof Checker has been configured to perform.
766 * @param sc The USpoofChecker
767 * @param status The error code, set if this function encounters a problem.
768 * @return The set of checks that this spoof checker will perform.
769 * The value is a bit set, obtained by OR-ing together
770 * values from enum USpoofChecks.
774 U_STABLE
int32_t U_EXPORT2
775 uspoof_getChecks(const USpoofChecker
*sc
, UErrorCode
*status
);
778 * Set the loosest restriction level allowed for strings. The default if this is not called is
779 * {@link USPOOF_HIGHLY_RESTRICTIVE}. Calling this method enables the {@link USPOOF_RESTRICTION_LEVEL} and
780 * {@link USPOOF_MIXED_NUMBERS} checks, corresponding to Sections 5.1 and 5.2 of UTS 39. To customize which checks are
781 * to be performed by {@link uspoof_check}, see {@link uspoof_setChecks}.
783 * @param sc The USpoofChecker
784 * @param restrictionLevel The loosest restriction level allowed.
785 * @see URestrictionLevel
788 U_STABLE
void U_EXPORT2
789 uspoof_setRestrictionLevel(USpoofChecker
*sc
, URestrictionLevel restrictionLevel
);
793 * Get the Restriction Level that will be tested if the checks include {@link USPOOF_RESTRICTION_LEVEL}.
795 * @return The restriction level
796 * @see URestrictionLevel
799 U_STABLE URestrictionLevel U_EXPORT2
800 uspoof_getRestrictionLevel(const USpoofChecker
*sc
);
803 * Limit characters that are acceptable in identifiers being checked to those
804 * normally used with the languages associated with the specified locales.
805 * Any previously specified list of locales is replaced by the new settings.
807 * A set of languages is determined from the locale(s), and
808 * from those a set of acceptable Unicode scripts is determined.
809 * Characters from this set of scripts, along with characters from
810 * the "common" and "inherited" Unicode Script categories
813 * Supplying an empty string removes all restrictions;
814 * characters from any script will be allowed.
816 * The {@link USPOOF_CHAR_LIMIT} test is automatically enabled for this
817 * USpoofChecker when calling this function with a non-empty list
820 * The Unicode Set of characters that will be allowed is accessible
821 * via the uspoof_getAllowedChars() function. uspoof_setAllowedLocales()
822 * will <i>replace</i> any previously applied set of allowed characters.
824 * Adjustments, such as additions or deletions of certain classes of characters,
825 * can be made to the result of uspoof_setAllowedLocales() by
826 * fetching the resulting set with uspoof_getAllowedChars(),
827 * manipulating it with the Unicode Set API, then resetting the
828 * spoof detectors limits with uspoof_setAllowedChars().
830 * @param sc The USpoofChecker
831 * @param localesList A list list of locales, from which the language
832 * and associated script are extracted. The locales
833 * are comma-separated if there is more than one.
834 * White space may not appear within an individual locale,
835 * but is ignored otherwise.
836 * The locales are syntactically like those from the
837 * HTTP Accept-Language header.
838 * If the localesList is empty, no restrictions will be placed on
839 * the allowed characters.
841 * @param status The error code, set if this function encounters a problem.
844 U_STABLE
void U_EXPORT2
845 uspoof_setAllowedLocales(USpoofChecker
*sc
, const char *localesList
, UErrorCode
*status
);
848 * Get a list of locales for the scripts that are acceptable in strings
849 * to be checked. If no limitations on scripts have been specified,
850 * an empty string will be returned.
852 * uspoof_setAllowedChars() will reset the list of allowed to be empty.
854 * The format of the returned list is the same as that supplied to
855 * uspoof_setAllowedLocales(), but returned list may not be identical
856 * to the originally specified string; the string may be reformatted,
857 * and information other than languages from
858 * the originally specified locales may be omitted.
860 * @param sc The USpoofChecker
861 * @param status The error code, set if this function encounters a problem.
862 * @return A string containing a list of locales corresponding
863 * to the acceptable scripts, formatted like an
864 * HTTP Accept Language value.
868 U_STABLE
const char * U_EXPORT2
869 uspoof_getAllowedLocales(USpoofChecker
*sc
, UErrorCode
*status
);
873 * Limit the acceptable characters to those specified by a Unicode Set.
874 * Any previously specified character limit is
875 * is replaced by the new settings. This includes limits on
876 * characters that were set with the uspoof_setAllowedLocales() function.
878 * The USPOOF_CHAR_LIMIT test is automatically enabled for this
879 * USpoofChecker by this function.
881 * @param sc The USpoofChecker
882 * @param chars A Unicode Set containing the list of
883 * characters that are permitted. Ownership of the set
884 * remains with the caller. The incoming set is cloned by
885 * this function, so there are no restrictions on modifying
886 * or deleting the USet after calling this function.
887 * @param status The error code, set if this function encounters a problem.
890 U_STABLE
void U_EXPORT2
891 uspoof_setAllowedChars(USpoofChecker
*sc
, const USet
*chars
, UErrorCode
*status
);
895 * Get a USet for the characters permitted in an identifier.
896 * This corresponds to the limits imposed by the Set Allowed Characters
897 * functions. Limitations imposed by other checks will not be
898 * reflected in the set returned by this function.
900 * The returned set will be frozen, meaning that it cannot be modified
903 * Ownership of the returned set remains with the Spoof Detector. The
904 * returned set will become invalid if the spoof detector is closed,
905 * or if a new set of allowed characters is specified.
908 * @param sc The USpoofChecker
909 * @param status The error code, set if this function encounters a problem.
910 * @return A USet containing the characters that are permitted by
911 * the USPOOF_CHAR_LIMIT test.
914 U_STABLE
const USet
* U_EXPORT2
915 uspoof_getAllowedChars(const USpoofChecker
*sc
, UErrorCode
*status
);
918 #if U_SHOW_CPLUSPLUS_API
920 * Limit the acceptable characters to those specified by a Unicode Set.
921 * Any previously specified character limit is
922 * is replaced by the new settings. This includes limits on
923 * characters that were set with the uspoof_setAllowedLocales() function.
925 * The USPOOF_CHAR_LIMIT test is automatically enabled for this
926 * USoofChecker by this function.
928 * @param sc The USpoofChecker
929 * @param chars A Unicode Set containing the list of
930 * characters that are permitted. Ownership of the set
931 * remains with the caller. The incoming set is cloned by
932 * this function, so there are no restrictions on modifying
933 * or deleting the UnicodeSet after calling this function.
934 * @param status The error code, set if this function encounters a problem.
937 U_STABLE
void U_EXPORT2
938 uspoof_setAllowedUnicodeSet(USpoofChecker
*sc
, const icu::UnicodeSet
*chars
, UErrorCode
*status
);
942 * Get a UnicodeSet for the characters permitted in an identifier.
943 * This corresponds to the limits imposed by the Set Allowed Characters /
944 * UnicodeSet functions. Limitations imposed by other checks will not be
945 * reflected in the set returned by this function.
947 * The returned set will be frozen, meaning that it cannot be modified
950 * Ownership of the returned set remains with the Spoof Detector. The
951 * returned set will become invalid if the spoof detector is closed,
952 * or if a new set of allowed characters is specified.
955 * @param sc The USpoofChecker
956 * @param status The error code, set if this function encounters a problem.
957 * @return A UnicodeSet containing the characters that are permitted by
958 * the USPOOF_CHAR_LIMIT test.
961 U_STABLE
const icu::UnicodeSet
* U_EXPORT2
962 uspoof_getAllowedUnicodeSet(const USpoofChecker
*sc
, UErrorCode
*status
);
963 #endif // U_SHOW_CPLUSPLUS_API
967 * Check the specified string for possible security issues.
968 * The text to be checked will typically be an identifier of some sort.
969 * The set of checks to be performed is specified with uspoof_setChecks().
972 * Consider using the newer API, {@link uspoof_check2}, instead.
973 * The newer API exposes additional information from the check procedure
974 * and is otherwise identical to this method.
976 * @param sc The USpoofChecker
977 * @param id The identifier to be checked for possible security issues,
979 * @param length the length of the string to be checked, expressed in
980 * 16 bit UTF-16 code units, or -1 if the string is
982 * @param position Deprecated in ICU 51. Always returns zero.
983 * Originally, an out parameter for the index of the first
984 * string position that failed a check.
985 * This parameter may be NULL.
986 * @param status The error code, set if an error occurred while attempting to
988 * Spoofing or security issues detected with the input string are
989 * not reported here, but through the function's return value.
990 * @return An integer value with bits set for any potential security
991 * or spoofing issues detected. The bits are defined by
992 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS)
993 * will be zero if the input string passes all of the
998 U_STABLE
int32_t U_EXPORT2
999 uspoof_check(const USpoofChecker
*sc
,
1000 const UChar
*id
, int32_t length
,
1002 UErrorCode
*status
);
1006 * Check the specified string for possible security issues.
1007 * The text to be checked will typically be an identifier of some sort.
1008 * The set of checks to be performed is specified with uspoof_setChecks().
1011 * Consider using the newer API, {@link uspoof_check2UTF8}, instead.
1012 * The newer API exposes additional information from the check procedure
1013 * and is otherwise identical to this method.
1015 * @param sc The USpoofChecker
1016 * @param id A identifier to be checked for possible security issues, in UTF8 format.
1017 * @param length the length of the string to be checked, or -1 if the string is
1019 * @param position Deprecated in ICU 51. Always returns zero.
1020 * Originally, an out parameter for the index of the first
1021 * string position that failed a check.
1022 * This parameter may be NULL.
1023 * @param status The error code, set if an error occurred while attempting to
1024 * perform the check.
1025 * Spoofing or security issues detected with the input string are
1026 * not reported here, but through the function's return value.
1027 * If the input contains invalid UTF-8 sequences,
1028 * a status of U_INVALID_CHAR_FOUND will be returned.
1029 * @return An integer value with bits set for any potential security
1030 * or spoofing issues detected. The bits are defined by
1031 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS)
1032 * will be zero if the input string passes all of the
1034 * @see uspoof_check2UTF8
1037 U_STABLE
int32_t U_EXPORT2
1038 uspoof_checkUTF8(const USpoofChecker
*sc
,
1039 const char *id
, int32_t length
,
1041 UErrorCode
*status
);
1044 #if U_SHOW_CPLUSPLUS_API
1046 * Check the specified string for possible security issues.
1047 * The text to be checked will typically be an identifier of some sort.
1048 * The set of checks to be performed is specified with uspoof_setChecks().
1051 * Consider using the newer API, {@link uspoof_check2UnicodeString}, instead.
1052 * The newer API exposes additional information from the check procedure
1053 * and is otherwise identical to this method.
1055 * @param sc The USpoofChecker
1056 * @param id A identifier to be checked for possible security issues.
1057 * @param position Deprecated in ICU 51. Always returns zero.
1058 * Originally, an out parameter for the index of the first
1059 * string position that failed a check.
1060 * This parameter may be NULL.
1061 * @param status The error code, set if an error occurred while attempting to
1062 * perform the check.
1063 * Spoofing or security issues detected with the input string are
1064 * not reported here, but through the function's return value.
1065 * @return An integer value with bits set for any potential security
1066 * or spoofing issues detected. The bits are defined by
1067 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS)
1068 * will be zero if the input string passes all of the
1070 * @see uspoof_check2UnicodeString
1073 U_STABLE
int32_t U_EXPORT2
1074 uspoof_checkUnicodeString(const USpoofChecker
*sc
,
1075 const icu::UnicodeString
&id
,
1077 UErrorCode
*status
);
1078 #endif // U_SHOW_CPLUSPLUS_API
1082 * Check the specified string for possible security issues.
1083 * The text to be checked will typically be an identifier of some sort.
1084 * The set of checks to be performed is specified with uspoof_setChecks().
1086 * @param sc The USpoofChecker
1087 * @param id The identifier to be checked for possible security issues,
1089 * @param length the length of the string to be checked, or -1 if the string is
1091 * @param checkResult An instance of USpoofCheckResult to be filled with
1092 * details about the identifier. Can be NULL.
1093 * @param status The error code, set if an error occurred while attempting to
1094 * perform the check.
1095 * Spoofing or security issues detected with the input string are
1096 * not reported here, but through the function's return value.
1097 * @return An integer value with bits set for any potential security
1098 * or spoofing issues detected. The bits are defined by
1099 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS)
1100 * will be zero if the input string passes all of the
1101 * enabled checks. Any information in this bitmask will be
1102 * consistent with the information saved in the optional
1103 * checkResult parameter.
1104 * @see uspoof_openCheckResult
1105 * @see uspoof_check2UTF8
1106 * @see uspoof_check2UnicodeString
1109 U_STABLE
int32_t U_EXPORT2
1110 uspoof_check2(const USpoofChecker
*sc
,
1111 const UChar
* id
, int32_t length
,
1112 USpoofCheckResult
* checkResult
,
1113 UErrorCode
*status
);
1116 * Check the specified string for possible security issues.
1117 * The text to be checked will typically be an identifier of some sort.
1118 * The set of checks to be performed is specified with uspoof_setChecks().
1120 * This version of {@link uspoof_check} accepts a USpoofCheckResult, which
1121 * returns additional information about the identifier. For more
1122 * information, see {@link uspoof_openCheckResult}.
1124 * @param sc The USpoofChecker
1125 * @param id A identifier to be checked for possible security issues, in UTF8 format.
1126 * @param length the length of the string to be checked, or -1 if the string is
1128 * @param checkResult An instance of USpoofCheckResult to be filled with
1129 * details about the identifier. Can be NULL.
1130 * @param status The error code, set if an error occurred while attempting to
1131 * perform the check.
1132 * Spoofing or security issues detected with the input string are
1133 * not reported here, but through the function's return value.
1134 * @return An integer value with bits set for any potential security
1135 * or spoofing issues detected. The bits are defined by
1136 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS)
1137 * will be zero if the input string passes all of the
1138 * enabled checks. Any information in this bitmask will be
1139 * consistent with the information saved in the optional
1140 * checkResult parameter.
1141 * @see uspoof_openCheckResult
1142 * @see uspoof_check2
1143 * @see uspoof_check2UnicodeString
1146 U_STABLE
int32_t U_EXPORT2
1147 uspoof_check2UTF8(const USpoofChecker
*sc
,
1148 const char *id
, int32_t length
,
1149 USpoofCheckResult
* checkResult
,
1150 UErrorCode
*status
);
1152 #if U_SHOW_CPLUSPLUS_API
1154 * Check the specified string for possible security issues.
1155 * The text to be checked will typically be an identifier of some sort.
1156 * The set of checks to be performed is specified with uspoof_setChecks().
1158 * @param sc The USpoofChecker
1159 * @param id A identifier to be checked for possible security issues.
1160 * @param checkResult An instance of USpoofCheckResult to be filled with
1161 * details about the identifier. Can be NULL.
1162 * @param status The error code, set if an error occurred while attempting to
1163 * perform the check.
1164 * Spoofing or security issues detected with the input string are
1165 * not reported here, but through the function's return value.
1166 * @return An integer value with bits set for any potential security
1167 * or spoofing issues detected. The bits are defined by
1168 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS)
1169 * will be zero if the input string passes all of the
1170 * enabled checks. Any information in this bitmask will be
1171 * consistent with the information saved in the optional
1172 * checkResult parameter.
1173 * @see uspoof_openCheckResult
1174 * @see uspoof_check2
1175 * @see uspoof_check2UTF8
1178 U_STABLE
int32_t U_EXPORT2
1179 uspoof_check2UnicodeString(const USpoofChecker
*sc
,
1180 const icu::UnicodeString
&id
,
1181 USpoofCheckResult
* checkResult
,
1182 UErrorCode
*status
);
1183 #endif // U_SHOW_CPLUSPLUS_API
1186 * Create a USpoofCheckResult, used by the {@link uspoof_check2} class of functions to return
1187 * information about the identifier. Information includes:
1189 * <li>A bitmask of the checks that failed</li>
1190 * <li>The identifier's restriction level (UTS 39 section 5.2)</li>
1191 * <li>The set of numerics in the string (UTS 39 section 5.3)</li>
1193 * The data held in a USpoofCheckResult is cleared whenever it is passed into a new call
1194 * of {@link uspoof_check2}.
1196 * @param status The error code, set if this function encounters a problem.
1197 * @return the newly created USpoofCheckResult
1198 * @see uspoof_check2
1199 * @see uspoof_check2UTF8
1200 * @see uspoof_check2UnicodeString
1203 U_STABLE USpoofCheckResult
* U_EXPORT2
1204 uspoof_openCheckResult(UErrorCode
*status
);
1207 * Close a USpoofCheckResult, freeing any memory that was being held by
1208 * its implementation.
1210 * @param checkResult The instance of USpoofCheckResult to close
1213 U_STABLE
void U_EXPORT2
1214 uspoof_closeCheckResult(USpoofCheckResult
*checkResult
);
1216 #if U_SHOW_CPLUSPLUS_API
1221 * \class LocalUSpoofCheckResultPointer
1222 * "Smart pointer" class, closes a USpoofCheckResult via {@link uspoof_closeCheckResult}.
1223 * For most methods see the LocalPointerBase base class.
1225 * @see LocalPointerBase
1229 U_DEFINE_LOCAL_OPEN_POINTER(LocalUSpoofCheckResultPointer
, USpoofCheckResult
, uspoof_closeCheckResult
);
1233 #endif // U_SHOW_CPLUSPLUS_API
1236 * Indicates which of the spoof check(s) have failed. The value is a bitwise OR of the constants for the tests
1237 * in question: USPOOF_RESTRICTION_LEVEL, USPOOF_CHAR_LIMIT, and so on.
1239 * @param checkResult The instance of USpoofCheckResult created by {@link uspoof_openCheckResult}
1240 * @param status The error code, set if an error occurred.
1241 * @return An integer value with bits set for any potential security
1242 * or spoofing issues detected. The bits are defined by
1243 * enum USpoofChecks. (returned_value & USPOOF_ALL_CHECKS)
1244 * will be zero if the input string passes all of the
1246 * @see uspoof_setChecks
1249 U_STABLE
int32_t U_EXPORT2
1250 uspoof_getCheckResultChecks(const USpoofCheckResult
*checkResult
, UErrorCode
*status
);
1253 * Gets the restriction level that the text meets, if the USPOOF_RESTRICTION_LEVEL check
1254 * was enabled; otherwise, undefined.
1256 * @param checkResult The instance of USpoofCheckResult created by {@link uspoof_openCheckResult}
1257 * @param status The error code, set if an error occurred.
1258 * @return The restriction level contained in the USpoofCheckResult
1259 * @see uspoof_setRestrictionLevel
1262 U_STABLE URestrictionLevel U_EXPORT2
1263 uspoof_getCheckResultRestrictionLevel(const USpoofCheckResult
*checkResult
, UErrorCode
*status
);
1266 * Gets the set of numerics found in the string, if the USPOOF_MIXED_NUMBERS check was enabled;
1267 * otherwise, undefined. The set will contain the zero digit from each decimal number system found
1268 * in the input string. Ownership of the returned USet remains with the USpoofCheckResult.
1269 * The USet will be free'd when {@link uspoof_closeCheckResult} is called.
1271 * @param checkResult The instance of USpoofCheckResult created by {@link uspoof_openCheckResult}
1272 * @return The set of numerics contained in the USpoofCheckResult
1273 * @param status The error code, set if an error occurred.
1276 U_STABLE
const USet
* U_EXPORT2
1277 uspoof_getCheckResultNumerics(const USpoofCheckResult
*checkResult
, UErrorCode
*status
);
1281 * Check the whether two specified strings are visually confusable.
1283 * If the strings are confusable, the return value will be nonzero, as long as
1284 * {@link USPOOF_CONFUSABLE} was enabled in uspoof_setChecks().
1286 * The bits in the return value correspond to flags for each of the classes of
1287 * confusables applicable to the two input strings. According to UTS 39
1288 * section 4, the possible flags are:
1291 * <li>{@link USPOOF_SINGLE_SCRIPT_CONFUSABLE}</li>
1292 * <li>{@link USPOOF_MIXED_SCRIPT_CONFUSABLE}</li>
1293 * <li>{@link USPOOF_WHOLE_SCRIPT_CONFUSABLE}</li>
1296 * If one or more of the above flags were not listed in uspoof_setChecks(), this
1297 * function will never report that class of confusable. The check
1298 * {@link USPOOF_CONFUSABLE} enables all three flags.
1301 * @param sc The USpoofChecker
1302 * @param id1 The first of the two identifiers to be compared for
1303 * confusability. The strings are in UTF-16 format.
1304 * @param length1 the length of the first identifer, expressed in
1305 * 16 bit UTF-16 code units, or -1 if the string is
1307 * @param id2 The second of the two identifiers to be compared for
1308 * confusability. The identifiers are in UTF-16 format.
1309 * @param length2 The length of the second identifiers, expressed in
1310 * 16 bit UTF-16 code units, or -1 if the string is
1312 * @param status The error code, set if an error occurred while attempting to
1313 * perform the check.
1314 * Confusability of the identifiers is not reported here,
1315 * but through this function's return value.
1316 * @return An integer value with bit(s) set corresponding to
1317 * the type of confusability found, as defined by
1318 * enum USpoofChecks. Zero is returned if the identifiers
1319 * are not confusable.
1323 U_STABLE
int32_t U_EXPORT2
1324 uspoof_areConfusable(const USpoofChecker
*sc
,
1325 const UChar
*id1
, int32_t length1
,
1326 const UChar
*id2
, int32_t length2
,
1327 UErrorCode
*status
);
1332 * A version of {@link uspoof_areConfusable} accepting strings in UTF-8 format.
1334 * @param sc The USpoofChecker
1335 * @param id1 The first of the two identifiers to be compared for
1336 * confusability. The strings are in UTF-8 format.
1337 * @param length1 the length of the first identifiers, in bytes, or -1
1338 * if the string is nul terminated.
1339 * @param id2 The second of the two identifiers to be compared for
1340 * confusability. The strings are in UTF-8 format.
1341 * @param length2 The length of the second string in bytes, or -1
1342 * if the string is nul terminated.
1343 * @param status The error code, set if an error occurred while attempting to
1344 * perform the check.
1345 * Confusability of the strings is not reported here,
1346 * but through this function's return value.
1347 * @return An integer value with bit(s) set corresponding to
1348 * the type of confusability found, as defined by
1349 * enum USpoofChecks. Zero is returned if the strings
1350 * are not confusable.
1354 * @see uspoof_areConfusable
1356 U_STABLE
int32_t U_EXPORT2
1357 uspoof_areConfusableUTF8(const USpoofChecker
*sc
,
1358 const char *id1
, int32_t length1
,
1359 const char *id2
, int32_t length2
,
1360 UErrorCode
*status
);
1365 #if U_SHOW_CPLUSPLUS_API
1367 * A version of {@link uspoof_areConfusable} accepting UnicodeStrings.
1369 * @param sc The USpoofChecker
1370 * @param s1 The first of the two identifiers to be compared for
1371 * confusability. The strings are in UTF-8 format.
1372 * @param s2 The second of the two identifiers to be compared for
1373 * confusability. The strings are in UTF-8 format.
1374 * @param status The error code, set if an error occurred while attempting to
1375 * perform the check.
1376 * Confusability of the identifiers is not reported here,
1377 * but through this function's return value.
1378 * @return An integer value with bit(s) set corresponding to
1379 * the type of confusability found, as defined by
1380 * enum USpoofChecks. Zero is returned if the identifiers
1381 * are not confusable.
1385 * @see uspoof_areConfusable
1387 U_STABLE
int32_t U_EXPORT2
1388 uspoof_areConfusableUnicodeString(const USpoofChecker
*sc
,
1389 const icu::UnicodeString
&s1
,
1390 const icu::UnicodeString
&s2
,
1391 UErrorCode
*status
);
1392 #endif // U_SHOW_CPLUSPLUS_API
1396 * Get the "skeleton" for an identifier.
1397 * Skeletons are a transformation of the input identifier;
1398 * Two identifiers are confusable if their skeletons are identical.
1399 * See Unicode UAX #39 for additional information.
1401 * Using skeletons directly makes it possible to quickly check
1402 * whether an identifier is confusable with any of some large
1403 * set of existing identifiers, by creating an efficiently
1404 * searchable collection of the skeletons.
1406 * @param sc The USpoofChecker
1407 * @param type Deprecated in ICU 58. You may pass any number.
1408 * Originally, controlled which of the Unicode confusable data
1410 * @param id The input identifier whose skeleton will be computed.
1411 * @param length The length of the input identifier, expressed in 16 bit
1412 * UTF-16 code units, or -1 if the string is zero terminated.
1413 * @param dest The output buffer, to receive the skeleton string.
1414 * @param destCapacity The length of the output buffer, in 16 bit units.
1415 * The destCapacity may be zero, in which case the function will
1416 * return the actual length of the skeleton.
1417 * @param status The error code, set if an error occurred while attempting to
1418 * perform the check.
1419 * @return The length of the skeleton string. The returned length
1420 * is always that of the complete skeleton, even when the
1421 * supplied buffer is too small (or of zero length)
1424 * @see uspoof_areConfusable
1426 U_STABLE
int32_t U_EXPORT2
1427 uspoof_getSkeleton(const USpoofChecker
*sc
,
1429 const UChar
*id
, int32_t length
,
1430 UChar
*dest
, int32_t destCapacity
,
1431 UErrorCode
*status
);
1434 * Get the "skeleton" for an identifier.
1435 * Skeletons are a transformation of the input identifier;
1436 * Two identifiers are confusable if their skeletons are identical.
1437 * See Unicode UAX #39 for additional information.
1439 * Using skeletons directly makes it possible to quickly check
1440 * whether an identifier is confusable with any of some large
1441 * set of existing identifiers, by creating an efficiently
1442 * searchable collection of the skeletons.
1444 * @param sc The USpoofChecker
1445 * @param type Deprecated in ICU 58. You may pass any number.
1446 * Originally, controlled which of the Unicode confusable data
1448 * @param id The UTF-8 format identifier whose skeleton will be computed.
1449 * @param length The length of the input string, in bytes,
1450 * or -1 if the string is zero terminated.
1451 * @param dest The output buffer, to receive the skeleton string.
1452 * @param destCapacity The length of the output buffer, in bytes.
1453 * The destCapacity may be zero, in which case the function will
1454 * return the actual length of the skeleton.
1455 * @param status The error code, set if an error occurred while attempting to
1456 * perform the check. Possible Errors include U_INVALID_CHAR_FOUND
1457 * for invalid UTF-8 sequences, and
1458 * U_BUFFER_OVERFLOW_ERROR if the destination buffer is too small
1459 * to hold the complete skeleton.
1460 * @return The length of the skeleton string, in bytes. The returned length
1461 * is always that of the complete skeleton, even when the
1462 * supplied buffer is too small (or of zero length)
1466 U_STABLE
int32_t U_EXPORT2
1467 uspoof_getSkeletonUTF8(const USpoofChecker
*sc
,
1469 const char *id
, int32_t length
,
1470 char *dest
, int32_t destCapacity
,
1471 UErrorCode
*status
);
1473 #if U_SHOW_CPLUSPLUS_API
1475 * Get the "skeleton" for an identifier.
1476 * Skeletons are a transformation of the input identifier;
1477 * Two identifiers are confusable if their skeletons are identical.
1478 * See Unicode UAX #39 for additional information.
1480 * Using skeletons directly makes it possible to quickly check
1481 * whether an identifier is confusable with any of some large
1482 * set of existing identifiers, by creating an efficiently
1483 * searchable collection of the skeletons.
1485 * @param sc The USpoofChecker.
1486 * @param type Deprecated in ICU 58. You may pass any number.
1487 * Originally, controlled which of the Unicode confusable data
1489 * @param id The input identifier whose skeleton will be computed.
1490 * @param dest The output identifier, to receive the skeleton string.
1491 * @param status The error code, set if an error occurred while attempting to
1492 * perform the check.
1493 * @return A reference to the destination (skeleton) string.
1497 U_I18N_API
icu::UnicodeString
& U_EXPORT2
1498 uspoof_getSkeletonUnicodeString(const USpoofChecker
*sc
,
1500 const icu::UnicodeString
&id
,
1501 icu::UnicodeString
&dest
,
1502 UErrorCode
*status
);
1503 #endif // U_SHOW_CPLUSPLUS_API
1506 * Get the set of Candidate Characters for Inclusion in Identifiers, as defined
1507 * in http://unicode.org/Public/security/latest/xidmodifications.txt
1508 * and documented in http://www.unicode.org/reports/tr39/, Unicode Security Mechanisms.
1510 * The returned set is frozen. Ownership of the set remains with the ICU library; it must not
1511 * be deleted by the caller.
1513 * @param status The error code, set if a problem occurs while creating the set.
1517 U_STABLE
const USet
* U_EXPORT2
1518 uspoof_getInclusionSet(UErrorCode
*status
);
1521 * Get the set of characters from Recommended Scripts for Inclusion in Identifiers, as defined
1522 * in http://unicode.org/Public/security/latest/xidmodifications.txt
1523 * and documented in http://www.unicode.org/reports/tr39/, Unicode Security Mechanisms.
1525 * The returned set is frozen. Ownership of the set remains with the ICU library; it must not
1526 * be deleted by the caller.
1528 * @param status The error code, set if a problem occurs while creating the set.
1532 U_STABLE
const USet
* U_EXPORT2
1533 uspoof_getRecommendedSet(UErrorCode
*status
);
1535 #if U_SHOW_CPLUSPLUS_API
1538 * Get the set of Candidate Characters for Inclusion in Identifiers, as defined
1539 * in http://unicode.org/Public/security/latest/xidmodifications.txt
1540 * and documented in http://www.unicode.org/reports/tr39/, Unicode Security Mechanisms.
1542 * The returned set is frozen. Ownership of the set remains with the ICU library; it must not
1543 * be deleted by the caller.
1545 * @param status The error code, set if a problem occurs while creating the set.
1549 U_STABLE
const icu::UnicodeSet
* U_EXPORT2
1550 uspoof_getInclusionUnicodeSet(UErrorCode
*status
);
1553 * Get the set of characters from Recommended Scripts for Inclusion in Identifiers, as defined
1554 * in http://unicode.org/Public/security/latest/xidmodifications.txt
1555 * and documented in http://www.unicode.org/reports/tr39/, Unicode Security Mechanisms.
1557 * The returned set is frozen. Ownership of the set remains with the ICU library; it must not
1558 * be deleted by the caller.
1560 * @param status The error code, set if a problem occurs while creating the set.
1564 U_STABLE
const icu::UnicodeSet
* U_EXPORT2
1565 uspoof_getRecommendedUnicodeSet(UErrorCode
*status
);
1567 #endif // U_SHOW_CPLUSPLUS_API
1570 * Serialize the data for a spoof detector into a chunk of memory.
1571 * The flattened spoof detection tables can later be used to efficiently
1572 * instantiate a new Spoof Detector.
1574 * The serialized spoof checker includes only the data compiled from the
1575 * Unicode data tables by uspoof_openFromSource(); it does not include
1576 * include any other state or configuration that may have been set.
1578 * @param sc the Spoof Detector whose data is to be serialized.
1579 * @param data a pointer to 32-bit-aligned memory to be filled with the data,
1580 * can be NULL if capacity==0
1581 * @param capacity the number of bytes available at data,
1582 * or 0 for preflighting
1583 * @param status an in/out ICU UErrorCode; possible errors include:
1584 * - U_BUFFER_OVERFLOW_ERROR if the data storage block is too small for serialization
1585 * - U_ILLEGAL_ARGUMENT_ERROR the data or capacity parameters are bad
1586 * @return the number of bytes written or needed for the spoof data
1588 * @see utrie2_openFromSerialized()
1591 U_STABLE
int32_t U_EXPORT2
1592 uspoof_serialize(USpoofChecker
*sc
,
1593 void *data
, int32_t capacity
,
1594 UErrorCode
*status
);
1599 #endif /* USPOOF_H */
projects / apple / icu.git / blob