1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "components/autofill/core/browser/validation.h"
7 #include "base/strings/string_number_conversions.h"
8 #include "base/strings/string_piece.h"
9 #include "base/strings/string_util.h"
10 #include "base/strings/utf_string_conversions.h"
11 #include "base/time/time.h"
12 #include "components/autofill/core/browser/autofill_regexes.h"
13 #include "components/autofill/core/browser/credit_card.h"
14 #include "components/autofill/core/browser/state_names.h"
19 bool IsValidCreditCardExpirationDate(const base::string16
& year
,
20 const base::string16
& month
,
21 const base::Time
& now
) {
22 base::string16 year_cleaned
, month_cleaned
;
23 base::TrimWhitespace(year
, base::TRIM_ALL
, &year_cleaned
);
24 base::TrimWhitespace(month
, base::TRIM_ALL
, &month_cleaned
);
25 if (year_cleaned
.length() != 4)
29 if (!base::StringToInt(year_cleaned
, &cc_year
))
33 if (!base::StringToInt(month_cleaned
, &cc_month
))
36 return IsValidCreditCardExpirationDate(cc_year
, cc_month
, now
);
39 bool IsValidCreditCardExpirationDate(int year
,
41 const base::Time
& now
) {
42 base::Time::Exploded now_exploded
;
43 now
.LocalExplode(&now_exploded
);
45 if (year
< now_exploded
.year
)
48 if (year
== now_exploded
.year
&& month
< now_exploded
.month
)
54 bool IsValidCreditCardNumber(const base::string16
& text
) {
55 base::string16 number
= CreditCard::StripSeparators(text
);
57 // Credit card numbers are at most 19 digits in length [1]. 12 digits seems to
58 // be a fairly safe lower-bound [2]. Specific card issuers have more rigidly
60 // [1] http://www.merriampark.com/anatomycc.htm
61 // [2] http://en.wikipedia.org/wiki/Bank_card_number
62 const char* const type
= CreditCard::GetCreditCardType(text
);
63 if (type
== kAmericanExpressCard
&& number
.size() != 15)
65 if (type
== kDinersCard
&& number
.size() != 14)
67 if (type
== kDiscoverCard
&& number
.size() != 16)
69 if (type
== kJCBCard
&& number
.size() != 16)
71 if (type
== kMasterCard
&& number
.size() != 16)
73 if (type
== kUnionPay
&& (number
.size() < 16 || number
.size() > 19))
75 if (type
== kVisaCard
&& number
.size() != 13 && number
.size() != 16)
77 if (type
== kGenericCard
&& (number
.size() < 12 || number
.size() > 19))
80 // Unlike all the other supported types, UnionPay cards lack Luhn checksum
82 if (type
== kUnionPay
)
85 // Use the Luhn formula [3] to validate the number.
86 // [3] http://en.wikipedia.org/wiki/Luhn_algorithm
89 for (base::string16::reverse_iterator iter
= number
.rbegin();
90 iter
!= number
.rend();
92 if (!IsAsciiDigit(*iter
))
95 int digit
= *iter
- '0';
98 sum
+= digit
/ 10 + digit
% 10;
105 return (sum
% 10) == 0;
108 bool IsValidCreditCardSecurityCode(const base::string16
& text
) {
109 if (text
.size() < 3U || text
.size() > 4U)
112 for (base::string16::const_iterator iter
= text
.begin();
115 if (!IsAsciiDigit(*iter
))
121 bool IsValidCreditCardSecurityCode(const base::string16
& code
,
122 const base::string16
& number
) {
123 const char* const type
= CreditCard::GetCreditCardType(number
);
124 size_t required_length
= 3;
125 if (type
== kAmericanExpressCard
)
128 return code
.length() == required_length
;
131 bool IsValidEmailAddress(const base::string16
& text
) {
132 // E-Mail pattern as defined by the WhatWG. (4.10.7.1.5 E-Mail state)
133 const base::string16 kEmailPattern
= base::ASCIIToUTF16(
134 "^[a-zA-Z0-9.!#$%&'*+/=?^_`{|}~-]+@"
135 "[a-zA-Z0-9-]+(?:\\.[a-zA-Z0-9-]+)*$");
136 return MatchesPattern(text
, kEmailPattern
);
139 bool IsValidState(const base::string16
& text
) {
140 return !state_names::GetAbbreviationForName(text
).empty() ||
141 !state_names::GetNameForAbbreviation(text
).empty();
144 bool IsValidZip(const base::string16
& text
) {
145 const base::string16 kZipPattern
= base::ASCIIToUTF16("^\\d{5}(-\\d{4})?$");
146 return MatchesPattern(text
, kZipPattern
);
149 bool IsSSN(const base::string16
& text
) {
150 base::string16 number_string
;
151 base::RemoveChars(text
, base::ASCIIToUTF16("- "), &number_string
);
153 // A SSN is of the form AAA-GG-SSSS (A = area number, G = group number, S =
154 // serial number). The validation we do here is simply checking if the area,
155 // group, and serial numbers are valid.
157 // Historically, the area number was assigned per state, with the group number
158 // ascending in an alternating even/odd sequence. With that scheme it was
159 // possible to check for validity by referencing a table that had the highest
160 // group number assigned for a given area number. (This was something that
161 // Chromium never did though, because the "high group" values were constantly
164 // However, starting on 25 June 2011 the SSA began issuing SSNs randomly from
165 // all areas and groups. Group numbers and serial numbers of zero remain
166 // invalid, and areas 000, 666, and 900-999 remain invalid.
168 // References for current practices:
169 // http://www.socialsecurity.gov/employer/randomization.html
170 // http://www.socialsecurity.gov/employer/randomizationfaqs.html
172 // References for historic practices:
173 // http://www.socialsecurity.gov/history/ssn/geocard.html
174 // http://www.socialsecurity.gov/employer/stateweb.htm
175 // http://www.socialsecurity.gov/employer/ssnvhighgroup.htm
177 if (number_string
.length() != 9 || !base::IsStringASCII(number_string
))
181 if (!base::StringToInt(base::StringPiece16(number_string
.begin(),
182 number_string
.begin() + 3),
193 if (!base::StringToInt(base::StringPiece16(number_string
.begin() + 3,
194 number_string
.begin() + 5),
201 if (!base::StringToInt(base::StringPiece16(number_string
.begin() + 5,
202 number_string
.begin() + 9),
211 } // namespace autofill