1 /*
2 * "streamable kanji code filter and converter"
3 * Copyright (c) 1998-2002 HappySize, Inc. All rights reserved.
4 *
5 * LICENSE NOTICES
6 *
7 * This file is part of "streamable kanji code filter and converter",
8 * which is distributed under the terms of GNU Lesser General Public
9 * License (version 2) as published by the Free Software Foundation.
10 *
11 * This software is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with "streamable kanji code filter and converter";
18 * if not, write to the Free Software Foundation, Inc., 59 Temple Place,
19 * Suite 330, Boston, MA 02111-1307 USA
20 *
21 * The author of this file:
22 *
23 */
24 /*
25 * The source code included in this files was separated from mbfilter.c
26 * by moriyoshi koizumi <moriyoshi@php.net> on 4 dec 2002.
27 *
28 */
29
30 /* Modified UTF-7 used for 'international mailbox names' in the IMAP protocol
31 * Also known as mUTF-7
32 * Defined in RFC 3501 5.1.3 (https://tools.ietf.org/html/rfc3501)
33 *
34 * Quoting from the RFC:
35 *
36 ***********************************************************************
37 * In modified UTF-7, printable US-ASCII characters, except for "&",
38 * represent themselves; that is, characters with octet values 0x20-0x25
39 * and 0x27-0x7e. The character "&" (0x26) is represented by the
40 * two-octet sequence "&-".
41 *
42 * All other characters (octet values 0x00-0x1f and 0x7f-0xff) are
43 * represented in modified BASE64, with a further modification from
44 * UTF-7 that "," is used instead of "/". Modified BASE64 MUST NOT be
45 * used to represent any printing US-ASCII character which can represent
46 * itself.
47 *
48 * "&" is used to shift to modified BASE64 and "-" to shift back to
49 * US-ASCII. There is no implicit shift from BASE64 to US-ASCII, and
50 * null shifts ("-&" while in BASE64; note that "&-" while in US-ASCII
51 * means "&") are not permitted. However, all names start in US-ASCII,
52 * and MUST end in US-ASCII; that is, a name that ends with a non-ASCII
53 * ISO-10646 character MUST end with a "-").
54 ***********************************************************************
55 *
56 * The purpose of all this is: 1) to keep all parts of IMAP messages 7-bit clean,
57 * 2) to avoid giving special treatment to +, /, \, and ~, since these are
58 * commonly used in mailbox names, and 3) to ensure there is only one
59 * representation of any mailbox name (vanilla UTF-7 does allow multiple
60 * representations of the same string, by Base64-encoding characters which
61 * could have been included as ASCII literals.)
62 *
63 * RFC 2152 also applies, since it defines vanilla UTF-7 (minus IMAP modifications)
64 * The following paragraph is notable:
65 *
66 ***********************************************************************
67 * Unicode is encoded using Modified Base64 by first converting Unicode
68 * 16-bit quantities to an octet stream (with the most significant octet first).
69 * Surrogate pairs (UTF-16) are converted by treating each half of the pair as
70 * a separate 16 bit quantity (i.e., no special treatment). Text with an odd
71 * number of octets is ill-formed. ISO 10646 characters outside the range
72 * addressable via surrogate pairs cannot be encoded.
73 ***********************************************************************
74 *
75 * So after reversing the modified Base64 encoding on an encoded section,
76 * the contents are interpreted as UTF-16BE. */
77
78 #include "mbfilter.h"
79 #include "mbfilter_utf7imap.h"
80 #include "utf7_helper.h"
81
82 static int mbfl_filt_conv_wchar_utf7imap_flush(mbfl_convert_filter *filter);
83 static int mbfl_filt_conv_utf7imap_wchar_flush(mbfl_convert_filter *filter);
84 static bool mb_check_utf7imap(unsigned char *in, size_t in_len);
85
86 static const char *mbfl_encoding_utf7imap_aliases[] = {"mUTF-7", NULL};
87
88 const mbfl_encoding mbfl_encoding_utf7imap = {
89 mbfl_no_encoding_utf7imap,
90 "UTF7-IMAP",
91 NULL,
92 mbfl_encoding_utf7imap_aliases,
93 NULL,
94 0,
95 &vtbl_utf7imap_wchar,
96 &vtbl_wchar_utf7imap,
97 mb_check_utf7imap
98 };
99
100 const struct mbfl_convert_vtbl vtbl_utf7imap_wchar = {
101 mbfl_no_encoding_utf7imap,
102 mbfl_no_encoding_wchar,
103 mbfl_filt_conv_common_ctor,
104 NULL,
105 mbfl_filt_conv_utf7imap_wchar,
106 mbfl_filt_conv_utf7imap_wchar_flush,
107 NULL,
108 };
109
110 const struct mbfl_convert_vtbl vtbl_wchar_utf7imap = {
111 mbfl_no_encoding_wchar,
112 mbfl_no_encoding_utf7imap,
113 mbfl_filt_conv_common_ctor,
114 NULL,
115 mbfl_filt_conv_wchar_utf7imap,
116 mbfl_filt_conv_wchar_utf7imap_flush,
117 NULL,
118 };
119
120 #define CK(statement) do { if ((statement) < 0) return (-1); } while (0)
121
mbfl_filt_conv_utf7imap_wchar(int c,mbfl_convert_filter * filter)122 int mbfl_filt_conv_utf7imap_wchar(int c, mbfl_convert_filter *filter)
123 {
124 int s, n = -1;
125
126 if (filter->status != 0) { /* Modified Base64 */
127 if (c >= 'A' && c <= 'Z') {
128 n = c - 65;
129 } else if (c >= 'a' && c <= 'z') {
130 n = c - 71;
131 } else if (c >= '0' && c <= '9') {
132 n = c + 4;
133 } else if (c == '+') {
134 n = 62;
135 } else if (c == ',') {
136 n = 63;
137 }
138
139 if (n < 0 || n > 63) {
140 if (c == '-') {
141 if (filter->status == 1) { /* "&-" -> "&" */
142 CK((*filter->output_function)('&', filter->data));
143 } else if (filter->cache) {
144 /* Base64-encoded section ended abruptly, with partially encoded characters,
145 * or it could be that it ended on the first half of a surrogate pair */
146 CK((*filter->output_function)(MBFL_BAD_INPUT, filter->data));
147 }
148 } else { /* illegal character */
149 CK((*filter->output_function)(MBFL_BAD_INPUT, filter->data));
150 }
151 filter->cache = filter->status = 0;
152 return 0;
153 }
154 }
155
156 switch (filter->status) {
157 /* directly encoded characters */
158 case 0:
159 if (c == '&') { /* shift character */
160 filter->status++;
161 } else if (c >= 0x20 && c <= 0x7E) { /* ASCII */
162 CK((*filter->output_function)(c, filter->data));
163 } else { /* illegal character */
164 CK((*filter->output_function)(MBFL_BAD_INPUT, filter->data));
165 }
166 break;
167
168 /* decode Modified Base64 */
169 case 1:
170 case 2:
171 filter->cache |= n << 10;
172 filter->status = 3;
173 break;
174 case 3:
175 filter->cache |= n << 4;
176 filter->status = 4;
177 break;
178 case 4:
179 s = ((n >> 2) & 0xf) | (filter->cache & 0xffff);
180 n = (n & 0x3) << 14;
181 filter->status = 5;
182 if (s >= 0xd800 && s < 0xdc00) {
183 /* 1st part of surrogate pair */
184 s = (((s & 0x3ff) << 16) + 0x400000) | n;
185 filter->cache = s;
186 } else if (s >= 0xdc00 && s < 0xe000) {
187 /* 2nd part of surrogate pair */
188 if (filter->cache & 0xfff0000) {
189 s &= 0x3ff;
190 s |= (filter->cache & 0xfff0000) >> 6;
191 filter->cache = n;
192 CK((*filter->output_function)(s, filter->data));
193 } else { /* illegal character */
194 CK((*filter->output_function)(MBFL_BAD_INPUT, filter->data));
195 }
196 } else {
197 filter->cache = n;
198 /* Characters which can be expressed as literal, ASCII characters
199 * should not be Base64-encoded */
200 if (s < 0x20 || s > 0x7E || s == '&') {
201 CK((*filter->output_function)(s, filter->data));
202 } else {
203 CK((*filter->output_function)(MBFL_BAD_INPUT, filter->data));
204 }
205 }
206 break;
207
208 case 5:
209 filter->cache |= n << 8;
210 filter->status = 6;
211 break;
212 case 6:
213 filter->cache |= n << 2;
214 filter->status = 7;
215 break;
216 case 7:
217 s = ((n >> 4) & 0x3) | (filter->cache & 0xffff);
218 n = (n & 0xf) << 12;
219 filter->status = 8;
220 if (s >= 0xd800 && s < 0xdc00) {
221 s = (((s & 0x3ff) << 16) + 0x400000) | n;
222 filter->cache = s;
223 } else if (s >= 0xdc00 && s < 0xe000) {
224 if (filter->cache & 0xfff0000) {
225 s &= 0x3ff;
226 s |= (filter->cache & 0xfff0000) >> 6;
227 filter->cache = n;
228 CK((*filter->output_function)(s, filter->data));
229 } else { /* illegal character */
230 CK((*filter->output_function)(MBFL_BAD_INPUT, filter->data));
231 }
232 } else {
233 filter->cache = n;
234 /* Characters which can be expressed as literal, ASCII characters
235 * should not be Base64-encoded */
236 if (s < 0x20 || s > 0x7E || s == '&') {
237 CK((*filter->output_function)(s, filter->data));
238 } else {
239 CK((*filter->output_function)(MBFL_BAD_INPUT, filter->data));
240 }
241 }
242 break;
243
244 case 8:
245 filter->cache |= n << 6;
246 filter->status = 9;
247 break;
248 case 9:
249 s = n | (filter->cache & 0xffff);
250 filter->status = 2;
251 if (s >= 0xd800 && s < 0xdc00) {
252 s = (((s & 0x3ff) << 16) + 0x400000);
253 filter->cache = s;
254 } else if (s >= 0xdc00 && s < 0xe000) {
255 if (filter->cache & 0xfff0000) {
256 s &= 0x3ff;
257 s |= (filter->cache & 0xfff0000) >> 6;
258 filter->cache = 0;
259 CK((*filter->output_function)(s, filter->data));
260 } else { /* illegal character */
261 CK((*filter->output_function)(MBFL_BAD_INPUT, filter->data));
262 }
263 } else {
264 filter->cache = 0;
265 /* Characters which can be expressed as literal, ASCII characters
266 * should not be Base64-encoded */
267 if (s < 0x20 || s > 0x7E || s == '&') {
268 CK((*filter->output_function)(s, filter->data));
269 } else {
270 CK((*filter->output_function)(MBFL_BAD_INPUT, filter->data));
271 }
272 }
273 break;
274
275 default:
276 filter->status = 0;
277 break;
278 }
279
280 return 0;
281 }
282
mbfl_filt_conv_utf7imap_wchar_flush(mbfl_convert_filter * filter)283 static int mbfl_filt_conv_utf7imap_wchar_flush(mbfl_convert_filter *filter)
284 {
285 if (filter->status) {
286 /* It is illegal for a UTF-7 IMAP string to end in a Base-64 encoded
287 * section. It should always change back to ASCII before the end. */
288 (*filter->output_function)(MBFL_BAD_INPUT, filter->data);
289 filter->status = 0;
290 }
291
292 if (filter->flush_function) {
293 (*filter->flush_function)(filter->data);
294 }
295
296 return 0;
297 }
298
299 static const unsigned char mbfl_utf7imap_base64_table[] =
300 {
301 /* 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', */
302 0x41,0x42,0x43,0x44,0x45,0x46,0x47,0x48,0x49,0x4a,0x4b,0x4c,0x4d,
303 /* 'N', 'O', 'P', 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', */
304 0x4e,0x4f,0x50,0x51,0x52,0x53,0x54,0x55,0x56,0x57,0x58,0x59,0x5a,
305 /* 'a', 'b', 'c', 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', */
306 0x61,0x62,0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6a,0x6b,0x6c,0x6d,
307 /* 'n', 'o', 'p', 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', */
308 0x6e,0x6f,0x70,0x71,0x72,0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7a,
309 /* '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', '+', ',', '\0' */
310 0x30,0x31,0x32,0x33,0x34,0x35,0x36,0x37,0x38,0x39,0x2b,0x2c,0x00
311 };
312
mbfl_filt_conv_wchar_utf7imap(int c,mbfl_convert_filter * filter)313 int mbfl_filt_conv_wchar_utf7imap(int c, mbfl_convert_filter *filter)
314 {
315 int n = 0, s;
316
317 if (c == '&') {
318 n = 1;
319 } else if ((c >= 0x20 && c <= 0x7e) || c == 0) {
320 n = 2;
321 } else if (c >= 0 && c < MBFL_WCSPLANE_UCS2MAX) {
322 ;
323 } else if (c >= MBFL_WCSPLANE_SUPMIN && c < MBFL_WCSPLANE_SUPMAX) {
324 s = ((c >> 10) - 0x40) | 0xd800;
325 CK((*filter->filter_function)(s, filter));
326 s = (c & 0x3ff) | 0xdc00;
327 CK((*filter->filter_function)(s, filter));
328 return 0;
329 } else {
330 CK(mbfl_filt_conv_illegal_output(c, filter));
331 return 0;
332 }
333
334 switch (filter->status) {
335 case 0:
336 if (n != 0) { /* directly encode characters */
337 CK((*filter->output_function)(c, filter->data));
338 if (n == 1) {
339 CK((*filter->output_function)(0x2d, filter->data)); /* '-' */
340 }
341 } else { /* Modified Base64 */
342 CK((*filter->output_function)(0x26, filter->data)); /* '&' */
343 filter->status = 1;
344 filter->cache = c;
345 }
346 break;
347
348 /* encode Modified Base64 */
349 case 1:
350 s = filter->cache;
351 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(s >> 10) & 0x3f], filter->data));
352 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(s >> 4) & 0x3f], filter->data));
353 if (n != 0) {
354 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(s << 2) & 0x3c], filter->data));
355 CK((*filter->output_function)('-', filter->data));
356 CK((*filter->output_function)(c, filter->data));
357 if (n == 1) {
358 CK((*filter->output_function)('-', filter->data));
359 }
360 filter->status = 0;
361 } else {
362 filter->status = 2;
363 filter->cache = ((s & 0xf) << 16) | c;
364 }
365 break;
366
367 case 2:
368 s = filter->cache;
369 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(s >> 14) & 0x3f], filter->data));
370 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(s >> 8) & 0x3f], filter->data));
371 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(s >> 2) & 0x3f], filter->data));
372 if (n != 0) {
373 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(s << 4) & 0x30], filter->data));
374 CK((*filter->output_function)('-', filter->data));
375 CK((*filter->output_function)(c, filter->data));
376 if (n == 1) {
377 CK((*filter->output_function)('-', filter->data));
378 }
379 filter->status = 0;
380 } else {
381 filter->status = 3;
382 filter->cache = ((s & 0x3) << 16) | c;
383 }
384 break;
385
386 case 3:
387 s = filter->cache;
388 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(s >> 12) & 0x3f], filter->data));
389 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(s >> 6) & 0x3f], filter->data));
390 CK((*filter->output_function)(mbfl_utf7imap_base64_table[s & 0x3f], filter->data));
391 if (n != 0) {
392 CK((*filter->output_function)('-', filter->data));
393 CK((*filter->output_function)(c, filter->data));
394 if (n == 1) {
395 CK((*filter->output_function)('-', filter->data));
396 }
397 filter->status = 0;
398 } else {
399 filter->status = 1;
400 filter->cache = c;
401 }
402 break;
403
404 default:
405 filter->status = 0;
406 break;
407 }
408
409 return 0;
410 }
411
mbfl_filt_conv_wchar_utf7imap_flush(mbfl_convert_filter * filter)412 static int mbfl_filt_conv_wchar_utf7imap_flush(mbfl_convert_filter *filter)
413 {
414 int status = filter->status, cache = filter->cache;
415 filter->status = filter->cache = 0;
416
417 /* flush fragments */
418 switch (status) {
419 case 1:
420 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(cache >> 10) & 0x3f], filter->data));
421 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(cache >> 4) & 0x3f], filter->data));
422 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(cache << 2) & 0x3c], filter->data));
423 CK((*filter->output_function)('-', filter->data));
424 break;
425
426 case 2:
427 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(cache >> 14) & 0x3f], filter->data));
428 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(cache >> 8) & 0x3f], filter->data));
429 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(cache >> 2) & 0x3f], filter->data));
430 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(cache << 4) & 0x30], filter->data));
431 CK((*filter->output_function)('-', filter->data));
432 break;
433
434 case 3:
435 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(cache >> 12) & 0x3f], filter->data));
436 CK((*filter->output_function)(mbfl_utf7imap_base64_table[(cache >> 6) & 0x3f], filter->data));
437 CK((*filter->output_function)(mbfl_utf7imap_base64_table[cache & 0x3f], filter->data));
438 CK((*filter->output_function)('-', filter->data));
439 break;
440 }
441 return 0;
442 }
443
decode_base64(unsigned char c)444 static unsigned char decode_base64(unsigned char c)
445 {
446 if (c >= 'A' && c <= 'Z') {
447 return c - 65;
448 } else if (c >= 'a' && c <= 'z') {
449 return c - 71;
450 } else if (c >= '0' && c <= '9') {
451 return c + 4;
452 } else if (c == '+') {
453 return 62;
454 } else if (c == ',') {
455 return 63;
456 } else if (c == '-') {
457 return DASH;
458 }
459 return ILLEGAL;
460 }
461
is_utf16_cp_valid(uint16_t cp,bool is_surrogate)462 static bool is_utf16_cp_valid(uint16_t cp, bool is_surrogate)
463 {
464 if (is_surrogate) {
465 return cp >= 0xDC00 && cp <= 0xDFFF;
466 } else if (cp >= 0xDC00 && cp <= 0xDFFF) {
467 /* 2nd part of surrogate pair came unexpectedly */
468 return false;
469 } else if (cp >= 0x20 && cp <= 0x7E && cp != '&') {
470 return false;
471 }
472 return true;
473 }
474
mb_check_utf7imap(unsigned char * in,size_t in_len)475 static bool mb_check_utf7imap(unsigned char *in, size_t in_len)
476 {
477 unsigned char *p = in, *e = p + in_len;
478 bool base64 = false;
479 bool is_surrogate = false;
480
481 while (p < e) {
482 if (base64) {
483 /* Base64 section */
484 unsigned char n1 = decode_base64(*p++);
485 if (is_base64_end(n1)) {
486 if (!is_base64_end_valid(n1, false, is_surrogate)) {
487 return false;
488 }
489 base64 = false;
490 continue;
491 } else if (p == e) {
492 return false;
493 }
494 unsigned char n2 = decode_base64(*p++);
495 if (is_base64_end(n2) || p == e) {
496 return false;
497 }
498 unsigned char n3 = decode_base64(*p++);
499 if (is_base64_end(n3)) {
500 return false;
501 }
502 uint16_t cp1 = (n1 << 10) | (n2 << 4) | ((n3 & 0x3C) >> 2);
503 if (!is_utf16_cp_valid(cp1, is_surrogate)) {
504 return false;
505 }
506 is_surrogate = has_surrogate(cp1, is_surrogate);
507 if (p == e) {
508 return false;
509 }
510
511 unsigned char n4 = decode_base64(*p++);
512 if (is_base64_end(n4)) {
513 if (!is_base64_end_valid(n4, n3 & 0x3, is_surrogate)) {
514 return false;
515 }
516 base64 = false;
517 continue;
518 } else if (p == e) {
519 return false;
520 }
521 unsigned char n5 = decode_base64(*p++);
522 if (is_base64_end(n5) || p == e) {
523 return false;
524 }
525 unsigned char n6 = decode_base64(*p++);
526 if (is_base64_end(n6)) {
527 return false;
528 }
529 uint16_t cp2 = (n3 << 14) | (n4 << 8) | (n5 << 2) | ((n6 & 0x30) >> 4);
530 if (!is_utf16_cp_valid(cp2, is_surrogate)) {
531 return false;
532 }
533 is_surrogate = has_surrogate(cp2, is_surrogate);
534 if (p == e) {
535 return false;
536 }
537
538 unsigned char n7 = decode_base64(*p++);
539 if (is_base64_end(n7)) {
540 if (!is_base64_end_valid(n7, n6 & 0xF, is_surrogate)) {
541 return false;
542 }
543 base64 = false;
544 continue;
545 } else if (p == e) {
546 return false;
547 }
548 unsigned char n8 = decode_base64(*p++);
549 if (is_base64_end(n8)) {
550 return false;
551 }
552 uint16_t cp3 = (n6 << 12) | (n7 << 6) | n8;
553 if (!is_utf16_cp_valid(cp3, is_surrogate)) {
554 return false;
555 }
556 is_surrogate = has_surrogate(cp3, is_surrogate);
557 } else {
558 /* ASCII text section */
559 unsigned char c = *p++;
560
561 if (c == '&') {
562 if (p == e) {
563 return false;
564 }
565 unsigned char n = decode_base64(*p);
566 if (n == DASH) {
567 p++;
568 } else if (n == ILLEGAL) {
569 return false;
570 } else {
571 base64 = true;
572 }
573 } else if (c >= 0x20 && c <= 0x7E) {
574 continue;
575 } else {
576 return false;
577 }
578 }
579 }
580 return !base64;
581 }
582
