diff options
Diffstat (limited to 'chromium/net/base/hash_value.h')
-rw-r--r-- | chromium/net/base/hash_value.h | 125 |
1 files changed, 125 insertions, 0 deletions
diff --git a/chromium/net/base/hash_value.h b/chromium/net/base/hash_value.h new file mode 100644 index 00000000000..aa0b9f6e9f8 --- /dev/null +++ b/chromium/net/base/hash_value.h @@ -0,0 +1,125 @@ +// Copyright (c) 2012 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_BASE_HASH_VALUE_H_ +#define NET_BASE_HASH_VALUE_H_ + +#include <string.h> + +#include <string> +#include <vector> + +#include "base/basictypes.h" +#include "base/strings/string_piece.h" +#include "build/build_config.h" +#include "net/base/net_export.h" + +namespace net { + +struct NET_EXPORT SHA1HashValue { + bool Equals(const SHA1HashValue& other) const; + + unsigned char data[20]; +}; + +struct NET_EXPORT SHA256HashValue { + bool Equals(const SHA256HashValue& other) const; + + unsigned char data[32]; +}; + +enum HashValueTag { + HASH_VALUE_SHA1, + HASH_VALUE_SHA256, + + // This must always be last. + HASH_VALUE_TAGS_COUNT +}; + +class NET_EXPORT HashValue { + public: + explicit HashValue(HashValueTag tag) : tag(tag) {} + HashValue() : tag(HASH_VALUE_SHA1) {} + + // Check for equality of hash values + // This function may have VARIABLE timing which leaks information + // about its inputs. For example it may exit early once a + // nonequal character is discovered. Thus, for security reasons + // this function MUST NOT be used with secret values (such as + // password hashes, MAC tags, etc.) + bool Equals(const HashValue& other) const; + + // Serializes/Deserializes hashes in the form of + // <hash-name>"/"<base64-hash-value> + // (eg: "sha1/...") + // This format may be persisted to permanent storage, so + // care should be taken before changing the serialization. + // + // This format is used for: + // - net_internals display/setting public-key pins + // - logging public-key pins + // - serializing public-key pins + + // Deserializes a HashValue from a string. On error, returns + // false and MAY change the contents of HashValue to contain invalid data. + bool FromString(const base::StringPiece input); + + // Serializes the HashValue to a string. If an invalid HashValue + // is supplied (eg: an unknown hash tag), returns "unknown"/<base64> + std::string ToString() const; + + size_t size() const; + unsigned char* data(); + const unsigned char* data() const; + + HashValueTag tag; + + private: + union { + SHA1HashValue sha1; + SHA256HashValue sha256; + } fingerprint; +}; + +typedef std::vector<HashValue> HashValueVector; + + +class SHA1HashValueLessThan { + public: + bool operator()(const SHA1HashValue& lhs, + const SHA1HashValue& rhs) const { + return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0; + } +}; + +class SHA256HashValueLessThan { + public: + bool operator()(const SHA256HashValue& lhs, + const SHA256HashValue& rhs) const { + return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0; + } +}; + +class HashValuesEqual { + public: + explicit HashValuesEqual(const HashValue& fingerprint) : + fingerprint_(fingerprint) {} + + bool operator()(const HashValue& other) const { + return fingerprint_.Equals(other); + } + + const HashValue& fingerprint_; +}; + + +// IsSHA1HashInSortedArray returns true iff |hash| is in |array|, a sorted +// array of SHA1 hashes. +bool IsSHA1HashInSortedArray(const SHA1HashValue& hash, + const uint8* array, + size_t array_byte_len); + +} // namespace net + +#endif // NET_BASE_HASH_VALUE_H_ |