---
-- Library methods for handling IDNA domains.
--
-- Internationalized Domain Names (IDNs) follow a mechanism to process
-- Internationalizing Domain Names in Applications (IDNA) for handling
-- characters outside the ASCII repertoire in a standard fashion. IDNs use
-- characters drawn from a large repertoire (Unicode), but IDNA allows the
-- non-ASCII characters to be represented using only the ASCII characters
-- already allowed in so-called host names today. This backward-compatible
-- representation is required in existing protocols like DNS, so that IDNs can be
-- introduced with no changes to the existing infrastructure. IDNA is
-- only meant for processing domain names, not free text.
--
-- Client software, such as browsers and emailers, faces a difficult transition
-- from the version of international domain names approved in 2003 (IDNA2003),
-- to the revision approved in 2010 (IDNA2008). The following functions allows
-- the developer and end user to access domains that are valid under either
-- system but the default conversion is set to IDNA2008.
--
-- IDNA specification solves the problem of extending the repertoire
-- of characters that can be used in domain names to include the Unicode
-- repertoire (with some restrictions).
--
-- Applications can use IDNA to support internationalized domain names
-- anywhere that ASCII domain names are already supported, including DNS
-- master files and resolver interfaces. The IDNA protocol is contained
-- completely within applications. It is not a client-server or peer-to-peer
-- protocol: everything is done inside the application itself. When used with
-- a DNS resolver library, IDNA is inserted as a "shim" between the application
-- and the resolver library. When used for writing names into a DNS zone, IDNA
-- is used just before the name is committed to the zone.
--
-- References:
-- * http://ietf.org/rfc/rfc3490.txt
-- * http://tools.ietf.org/html/rfc5890
-- * https://tools.ietf.org/html/rfc5891
-- * http://tools.ietf.org/html/rfc5892
-- * http://www.unicode.org/reports/tr46/
--
-- TODO:
-- Add support for mapping right to left scripts for IDNA library.
-- References:
-- * http://tools.ietf.org/html/rfc5893
-- * http://www.unicode.org/reports/tr9/
-- * http://www.unicode.org/reports/tr46/#Right_to_Left_Scripts
--
-- @author Rewanth Cool
-- @copyright Same as Nmap--See https://nmap.org/book/man-legal.html
local stdnse = require "stdnse"
local string = require "string"
local math = require "math"
local table = require "table"
local unicode = require "unicode"
local unittest = require "unittest"
local punycode = require "punycode"
local idnaMappings = require "data.idnaMappings".tbl
_ENV = stdnse.module("idna", stdnse.seeall)
-- Localize few functions for a tiny speed boost, since these will be
-- used frequently.
local floor = math.floor
local byte = string.byte
local char = string.char
local find = string.find
local match = string.match
local reverse = string.reverse
local sub = string.sub
-- Concatenates the strings and tables (depth = 1) in a given table.
--
-- @param tbl A table is given as an input which contains values as string
-- or table (depth = 1).
-- @return Returns table after concatinating all the values.
local function concat_table_in_tables(tbl)
local t = {}
for _, v in ipairs(tbl) do
if type(v) == "table" then
for _, q in ipairs(v) do
table.insert(t, q)
end
else
table.insert(t, v)
end
end
return t
end
--- Maps the codepoints of the input to their respective
-- codepoints based on the latest IDNA version mapping.
--
-- @param decoded_tbl Table of Unicode decoded codepoints.
-- @param useSTD3ASCIIRules Boolean value to set the mapping according to IDNA2003 rules.
-- useSTD3ASCIIRules=true refers to IDNA2008.
-- useSTD3ASCIIRules=false refers to IDNA2003.
-- @param transitionalProcessing Processing option to handle deviation codepoints.
-- transitionalProcessing=true maps deviation codepoints to the input.
-- transitionalProcessing=false maintains original input.
-- @param viewDisallowedCodePoints Boolean value to see the list of disallowed codepoints.
-- @return Returns table with the list of mapped codepoints.
function map(decoded_tbl, useSTD3ASCIIRules, transitionalProcessing, viewDisallowedCodePoints)
-- Assigns default values if not specified.
-- According to IDNA2008, transitionalProcessing=true (default).
if transitionalProcessing == nil then
transitionalProcessing = true
end
if useSTD3ASCIIRules == nil then
useSTD3ASCIIRules = true
end
if viewDisallowedCodePoints == nil then
viewDisallowedCodePoints = false
end
local disallowedCodePoints = {}
-- Mapping codepoints based on latest IDNA mapping list.
for index, cp in ipairs(decoded_tbl) do
local lookup = idnaMappings[cp]
if type(lookup) == "number" then
decoded_tbl[index] = lookup
-- Handles the IDNA deviated set of codepoints.
elseif transitionalProcessing and lookup.status == "deviation" then
decoded_tbl[index] = lookup[1]
-- Removes the IDNA ignored set of codepoints.
elseif lookup.status == "ignored" then
decoded_tbl[index] = {}
end
end
decoded_tbl = concat_table_in_tables(decoded_tbl)
--TODO:
-- Map bidi characters.
-- Right-to-left domain names.
-- References:
-- http://unicode.org/reports/tr9/
-- http://www.unicode.org/reports/tr46/#Right_to_Left_Scripts
-- http://tools.ietf.org/html/rfc5893
-- Saves the list of disallowed codepoints.
if viewDisallowedCodePoints then
for index, cp in ipairs(decoded_tbl) do
local lookup = idnaMappings[cp]
if type(lookup) == "table" then
if lookup.status == "disallowed" then
table.insert(disallowedCodePoints, cp)
end
end
-- If useSTD3ASCIIRules=true, both the disallowed_STD3_valid and
-- disallowed_STD3_mapped are considered as disallowed codepoints.
-- To use this part of code, add disallowed_STD3_mapped and disallowed_STD3_valid
-- codepoints to idnaMappings.lua. For now, we ignore these because idnaMappings.lua
-- is set to support only for the latest version of IDNA.
if useSTD3ASCIIRules then
if type(lookup) == "table" then
if lookup.status == "disallowed_STD3_valid" or lookup.status == "disallowed_STD3_mapped" then
table.insert(disallowedCodePoints, cp)
end
end
end
end
end
decoded_tbl = concat_table_in_tables(decoded_tbl)
-- If useSTD3ASCIIRules=false, then disallowed_STD3_mapped values are considered
-- as mapped codepoints and are mapped with the input.
-- To use this part of code, add disallowed_STD3_mapped and disallowed_STD3_valid
-- codepoints to idnaMappings.lua. For now, we ignore these because idnaMappings.lua
-- is set to support only for the latest version of IDNA.
if not useSTD3ASCIIRules then
for index, cp in ipairs(decoded_tbl) do
local lookup = idnaMappings[cp]
if type(lookup) == "table" then
if lookup.status == "disallowed_STD3_mapped" then
decoded_tbl[index] = lookup[1]
end
end
end
end
decoded_tbl = concat_table_in_tables(decoded_tbl)
return decoded_tbl, disallowedCodePoints
end
--- Validate the input based on IDNA codepoints validation rules.
--
-- @param tableOfTables Table of codepoints of the splitted input.
-- @param checkHyphens Boolean flag checks for 0x002D in unusual places.
function validate(tableOfTables, checkHyphens)
if checkHyphens == nil then
checkHyphens = true
end
-- Validates the list of input codepoints.
for _, tbl in ipairs(tableOfTables) do
if checkHyphens then
-- Checks the 3rd and 4th position of input.
if (tbl[3] and tbl[3] == 0x002D) or (tbl[4] and tbl[4] == 0x002D) then
return false
end
-- Checks for starting and ending of input.
if tbl[1] == 0x002D or tbl[#tbl] == 0x002D then
return false
end
end
for _, v in ipairs(tbl) do
if v == 0x002E then
return false
end
end
-- TODO:
-- 1. Add validation for checkBidi, checkJoiners (if required).
-- 2. The label must not begin with a combining mark, that is: General_Category=Mark.
end
return true
end
--- Breaks the tables of codepoints using a delimiter.
--
-- @param A table is given as an input which contains codepoints.
-- @param ASCII value of delimiter is provided.
-- @return Returns table of tables after breaking the give table using delimiter.
local function breakInput(codepoints, delimiter)
local tbl = {}
local output = {}
local delimiter = delimiter or 0x002E
for _, v in ipairs(codepoints) do
if v == delimiter then
table.insert(output, tbl)
tbl = {}
else
table.insert(tbl, v)
end
end
table.insert(output, tbl)
return output
end
--- Converts the input codepoints into ASCII text based on IDNA rules.
--
-- @param codepoints Table of codepoints of decoded input.
-- @param tbl Table of optional params.
-- @param transitionalProcessing Boolean value. Default: true.
-- @param checkHyphens Boolean flag for checking hyphens presence in input.
-- Default: true.
-- @param checkBidi Boolean flag to represent if the input is of Bidi type.
-- Default: false.
-- @param checkJoiners Boolean flag to check for ContextJ rules in input.
-- Default: false.
-- @param useSTD3ASCIIRules Boolean value to represent ASCII rules. Default: true.
-- @return Returns the IDNA ASCII format of the input.
-- @return Throws nil, if there is any error in conversion.
function toASCII(codepoints, transitionalProcessing, checkHyphens, checkBidi, checkJoiners, useSTD3ASCIIRules)
-- Assigns default values if not specified.
if transitionalProcessing == nil then
transitionalProcessing = true
end
if checkHyphens == nil then
checkHyphens = true
end
-- Bidi refers to right-to-left scripts.
-- Labels must satisfy all six of the numbered conditions in RFC 5893, Section 2.
-- to use checkBidi functionality.
if checkBidi == nil then
checkBidi = false
end
-- Labels must satisify the ContextJ rules to use checkJoiners functionality.
if checkJoiners == nil then
checkJoiners = false
end
if useSTD3ASCIIRules == nil then
useSTD3ASCIIRules = true
end
local decoded_tbl, disallowedCodePoints = map(codepoints, useSTD3ASCIIRules, transitionalProcessing)
if decoded_tbl == nil then
return nil
end
-- Prints the list of disallowed values in the given input.
if #disallowedCodePoints > 0 then
stdnse.debug(table.concat(disallowedCodePoints, ", "))
end
-- Breaks the codepoints into multiple tables using delimiter.
decoded_tbl = breakInput(decoded_tbl, 0x2E)
if decoded_tbl == nil then
return nil
end
-- Validates the codepoints and if any invalid codepoint found, returns nil.
if not validate(decoded_tbl, checkHyphens) then
return nil
end
for i, label in ipairs(decoded_tbl) do
decoded_tbl[i] = punycode.encode_label(label)
end
return table.concat(decoded_tbl, ".")
end
--- Converts the input into Unicode codepoints based on IDNA rules.
--
-- Note that the input should already be a table of Unicode code points. If
-- your input is an ASCII string, convert it by using
-- unicode.decode with the unicode.utf8_dec decoder.
-- @param codepoints A domain name as a list of code points.
-- @param transitionalProcessing Boolean value. Default: true.
-- @param checkHyphens Boolean flag for checking hyphens presence in input.
-- Default: true.
-- @param checkBidi Boolean flag to represent if the input is of Bidi type.
-- Default: false.
-- @param checkJoiners Boolean flag to check for ContextJ rules in input.
-- Default: false.
-- @param useSTD3ASCIIRules Boolean value to represent ASCII rules. Default: true.
-- @return Returns the Unicode format of the input based on IDNA rules.
-- @return Throws nil, if there is any error in conversion.
function toUnicode(codepoints, transitionalProcessing, checkHyphens, checkBidi, checkJoiners, useSTD3ASCIIRules)
-- Assigns default values if not specified.
if transitionalProcessing == nil then
transitionalProcessing = true
end
if checkHyphens == nil then
checkHyphens = true
end
if checkBidi == nil then
checkBidi = false
end
if checkJoiners == nil then
checkJoiners = false
end
if useSTD3ASCIIRules == nil then
useSTD3ASCIIRules = true
end
-- Breaks the codepoints into multiple tables using delimiter.
local decoded_tbl, disallowedCodePoints = map(codepoints, useSTD3ASCIIRules, transitionalProcessing)
decoded_tbl = breakInput(decoded_tbl, 0x2E)
if decoded_tbl == nil then
return nil
end
-- Validates the codepoints and if any invalid codepoint found, returns nil.
--if not validate(decoded_tbl, checkHyphens) then
-- return nil
--end
local output = {}
for i, label in ipairs(decoded_tbl) do
if label[1] == string.byte("x") and
label[2] == string.byte("n") and
label[3] == string.byte("-") and
label[4] == string.byte("-") then
local decoded = punycode.decode_label(unicode.encode(label, unicode.utf8_enc))
label = decoded or label
end
for j = 1, #label do
output[#output+1] = label[j]
end
if i < #decoded_tbl then
output[#output+1] = 0x2E
end
end
return output
end
if not unittest.testing() then
return _ENV
end
-- These are the used for two way testing (both encoding and decoding).
local encodingAndDecodingTestCases = {
{
"\xce\xb1\xcf\x80\xcf\x80\xce\xbb\xce\xb5.\xce\xba\xce\xbf\xce\xbc",
"xn--mxairta.xn--vxaei"
},
{
"a\xe0\xa5\x8db",
"xn--ab-fsf"
},
{
"\xd9\x86\xd8\xa7\xd9\x85\xd9\x87\xd8\xa7\xdb\x8c.com",
"xn--mgba3gch31f.com"
},
{
"\xe0\xb7\x81\xe0\xb7\x8a\xe0\xb6\xbb\xe0\xb7\x93.com",
"xn--10cl1a0b.com"
},
{
"\xd0\xbf\xd1\x80\xd0\xb0\xd0\xb2\xd0\xb8\xd1\x82\xd0\xb5\xd0\xbb\xd1\x8c\xd1\x81\xd1\x82\xd0\xb2\xd0\xbe.\xd1\x80\xd1\x84",
"xn--80aealotwbjpid2k.xn--p1ai"
},
{
"\xe0\xa4\x95\xe0\xa4\xbe\xe0\xa4\xb6\xe0\xa5\x80\xe0\xa4\xaa\xe0\xa5\x81\xe0\xa4\xb0.\xe0\xa4\xad\xe0\xa4\xbe\xe0\xa4\xb0\xe0\xa4\xa4",
"xn--11b6bsw3bni.xn--h2brj9c"
},
{
"rewanthcool.com",
"rewanthcool.com"
},
{
"\xe3\xaf\x99\xe3\xaf\x9c\xe3\xaf\x99\xe3\xaf\x9f.com",
"xn--domain.com"
}
}
-- These test cases are used for only converting them into ASCII text.
local toASCIITestCases = {
{
"ma\xc3\xb1ana.com",
"xn--maana-pta.com"
},
{
"RewanthCool.com",
"rewanthcool.com"
},
{
"\xc3\xb6bb.at",
"xn--bb-eka.at"
},
{
"\xe3\x83\x89\xe3\x83\xa1\xe3\x82\xa4\xe3\x83\xb3.\xe3\x83\x86\xe3\x82\xb9\xe3\x83\x88",
"xn--eckwd4c7c.xn--zckzah"
},
{
"\xd0\xb4\xd0\xbe\xd0\xbc\xd0\xb5\xd0\xbd\xd0\xb0.\xd0\xb8\xd1\x81\xd0\xbf\xd1\x8b\xd1\x82\xd0\xb0\xd0\xbd\xd0\xb8\xd0\xb5",
"xn--80ahd1agd.xn--80akhbyknj4f"
},
{
"\xe6\xb5\x8b\xe8\xaf\x95",
"xn--0zwm56d"
},
{
"k\xc3\xb6nigsg\xc3\xa4\xc3\x9fchen",
"xn--knigsgsschen-lcb0w"
},
{
"fa\xc3\x9f.de",
"fass.de"
},
{
"\xce\xb2\xcf\x8c\xce\xbb\xce\xbf\xcf\x82.com",
"xn--nxasmq6b.com"
},
{
"mycharity\xe3\x80\x82org",
"mycharity.org"
},
{
"K\xc3\xb6nigsg\xc3\xa4\xc3\x9fchen",
"xn--knigsgsschen-lcb0w"
},
{
"B\xc3\xbccher.de",
"xn--bcher-kva.de"
},
{
"xn--ma\xc3\xb1ana.com",
nil
}
}
-- These test cases are used for only converting them into ASCII text.
-- The last two values in a table are outputs for different cases.
--
-- Format:
-- {
-- input unicode string,
-- transitional processed output, --transitional=true
-- non-transitional processed output --transitional=false
-- }
local multipleProcessingTestCases = {
{
"a\xe0\xa5\x8d\xe2\x80\x8cb",
"xn--ab-fsf",
"xn--ab-fsf604u"
},
{
"A\xe0\xa5\x8d\xe2\x80\x8cb",
"xn--ab-fsf",
"xn--ab-fsf604u"
},
{
"A\xe0\xa5\x8d\xe2\x80\x8Cb",
"xn--ab-fsf",
"xn--ab-fsf604u"
},
{
"\xd9\x86\xd8\xa7\xd9\x85\xd9\x87\xe2\x80\x8c\xd8\xa7\xdb\x8c",
"xn--mgba3gch31f",
"xn--mgba3gch31f060k"
},
{
"\xd9\x86\xd8\xa7\xd9\x85\xd9\x87\xe2\x80\x8c\xd8\xa7\xdb\x8c.com",
"xn--mgba3gch31f.com",
"xn--mgba3gch31f060k.com"
},
{
"\xc3\x9f\xe0\xa7\x81\xe1\xb7\xad\xe3\x80\x82\xd8\xa085",
"xn--ss-e2f077r.xn--85-psd",
"xn--zca266bwrr.xn--85-psd"
},
{
"\xc3\x9f\xe0\xa7\x81\xe1\xb7\xad\xe3\x80\x82\xd8\xa08\xe2\x82\x85",
"xn--ss-e2f077r.xn--85-psd",
"xn--zca266bwrr.xn--85-psd"
}
}
test_suite = unittest.TestSuite:new()
for _, v in ipairs(toASCIITestCases) do
test_suite:add_test(unittest.equal(toASCII(unicode.decode(v[1], unicode.utf8_dec)), v[2]))
end
for _, v in ipairs(encodingAndDecodingTestCases) do
test_suite:add_test(unittest.equal(toASCII(unicode.decode(v[1], unicode.utf8_dec)), v[2]))
test_suite:add_test(unittest.equal(unicode.encode(toUnicode(unicode.decode(v[2], unicode.utf8_dec)), unicode.utf8_enc), v[1]))
end
for _, v in ipairs(multipleProcessingTestCases) do
-- Performs transitional conversion.
test_suite:add_test(unittest.equal(toASCII(unicode.decode(v[1], unicode.utf8_dec)), v[2]))
-- Performs non-transitional conversion.
test_suite:add_test(unittest.equal(toASCII(unicode.decode(v[1], unicode.utf8_dec), false), v[3]))
end
return _ENV