OLD | NEW |
(Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #ifndef NET_BASE_HASH_VALUE_H_ |
| 6 #define NET_BASE_HASH_VALUE_H_ |
| 7 |
| 8 #include <string.h> |
| 9 |
| 10 #include <string> |
| 11 #include <vector> |
| 12 |
| 13 #include "base/basictypes.h" |
| 14 #include "base/string_piece.h" |
| 15 #include "build/build_config.h" |
| 16 #include "net/base/net_export.h" |
| 17 |
| 18 namespace net { |
| 19 |
| 20 struct NET_EXPORT SHA1HashValue { |
| 21 bool Equals(const SHA1HashValue& other) const; |
| 22 |
| 23 unsigned char data[20]; |
| 24 }; |
| 25 |
| 26 struct NET_EXPORT SHA256HashValue { |
| 27 bool Equals(const SHA256HashValue& other) const; |
| 28 |
| 29 unsigned char data[32]; |
| 30 }; |
| 31 |
| 32 enum HashValueTag { |
| 33 HASH_VALUE_SHA1, |
| 34 HASH_VALUE_SHA256, |
| 35 |
| 36 // This must always be last. |
| 37 HASH_VALUE_TAGS_COUNT |
| 38 }; |
| 39 |
| 40 class NET_EXPORT HashValue { |
| 41 public: |
| 42 explicit HashValue(HashValueTag tag) : tag(tag) {} |
| 43 HashValue() : tag(HASH_VALUE_SHA1) {} |
| 44 |
| 45 // Check for equality of hash values |
| 46 // This function may have VARIABLE timing which leaks information |
| 47 // about its inputs. For example it may exit early once a |
| 48 // nonequal character is discovered. Thus, for security reasons |
| 49 // this function MUST NOT be used with secret values (such as |
| 50 // password hashes, MAC tags, etc.) |
| 51 bool Equals(const HashValue& other) const; |
| 52 |
| 53 // Serializes/Deserializes hashes in the form of |
| 54 // <hash-name>"/"<base64-hash-value> |
| 55 // (eg: "sha1/...") |
| 56 // This format may be persisted to permanent storage, so |
| 57 // care should be taken before changing the serialization. |
| 58 // |
| 59 // This format is used for: |
| 60 // - net_internals display/setting public-key pins |
| 61 // - logging public-key pins |
| 62 // - serializing public-key pins |
| 63 |
| 64 // Deserializes a HashValue from a string. On error, returns |
| 65 // false and MAY change the contents of HashValue to contain invalid data. |
| 66 bool FromString(const base::StringPiece input); |
| 67 |
| 68 // Serializes the HashValue to a string. If an invalid HashValue |
| 69 // is supplied (eg: an unknown hash tag), returns "unknown"/<base64> |
| 70 std::string ToString() const; |
| 71 |
| 72 size_t size() const; |
| 73 unsigned char* data(); |
| 74 const unsigned char* data() const; |
| 75 |
| 76 HashValueTag tag; |
| 77 |
| 78 private: |
| 79 union { |
| 80 SHA1HashValue sha1; |
| 81 SHA256HashValue sha256; |
| 82 } fingerprint; |
| 83 }; |
| 84 |
| 85 typedef std::vector<HashValue> HashValueVector; |
| 86 |
| 87 |
| 88 class SHA1HashValueLessThan { |
| 89 public: |
| 90 bool operator()(const SHA1HashValue& lhs, |
| 91 const SHA1HashValue& rhs) const { |
| 92 return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0; |
| 93 } |
| 94 }; |
| 95 |
| 96 class SHA256HashValueLessThan { |
| 97 public: |
| 98 bool operator()(const SHA256HashValue& lhs, |
| 99 const SHA256HashValue& rhs) const { |
| 100 return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0; |
| 101 } |
| 102 }; |
| 103 |
| 104 class HashValuesEqual { |
| 105 public: |
| 106 explicit HashValuesEqual(const HashValue& fingerprint) : |
| 107 fingerprint_(fingerprint) {} |
| 108 |
| 109 bool operator()(const HashValue& other) const { |
| 110 return fingerprint_.Equals(other); |
| 111 } |
| 112 |
| 113 const HashValue& fingerprint_; |
| 114 }; |
| 115 |
| 116 |
| 117 // IsSHA1HashInSortedArray returns true iff |hash| is in |array|, a sorted |
| 118 // array of SHA1 hashes. |
| 119 bool IsSHA1HashInSortedArray(const SHA1HashValue& hash, |
| 120 const uint8* array, |
| 121 size_t array_byte_len); |
| 122 |
| 123 } // namespace net |
| 124 |
| 125 #endif // NET_BASE_HASH_VALUE_H_ |
OLD | NEW |