net/base/hash_value.cc - Issue 11274032: Separate http_security_headers from transport_security_state

Side by Side Diff: net/base/hash_value.cc

Issue 11274032: Separate http_security_headers from transport_security_state (Closed) Base URL: https://src.chromium.org/chrome/trunk/src/

Patch Set: Created 8 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
(Empty)
	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

	2 // Use of this source code is governed by a BSD-style license that can be

	3 // found in the LICENSE file.

	4

	5 #include "net/base/hash_value.h"

	6

	7 #include <cstdlib>

	8 #include <cstring>

	9

	10 #include "base/base64.h"

	11 #include "base/logging.h"

	12 #include "base/sha1.h"

	13 #include "base/string_split.h"

	14 #include "base/string_util.h"

	15

	16 namespace net {

	17

	18 namespace {

	19

	20 // CompareSHA1Hashes is a helper function for using bsearch() with an array of

	21 // SHA1 hashes.

	22 int CompareSHA1Hashes(const void* a, const void* b) {

	23 return memcmp(a, b, base::kSHA1Length);

	24 }

	25

	26 } // namespace

	27

	28 bool HashValue::Equals(const HashValue& other) const {

	29 if (tag != other.tag)

	30 return false;

	31 switch (tag) {

	32 case HASH_VALUE_SHA1:

	33 return fingerprint.sha1.Equals(other.fingerprint.sha1);

	34 case HASH_VALUE_SHA256:

	35 return fingerprint.sha256.Equals(other.fingerprint.sha256);

	36 default:

	37 NOTREACHED() << "Unknown HashValueTag " << tag;

	38 return false;

	39 }

	40 }

	41

	42 bool HashValue::FromString(const std::string& value) {

	43 std::string base64_str;

	44 if (value.substr(0, 5) == "sha1/") {

	45 if (value.size() != 5 + 28)

	46 return false;

	47 tag = HASH_VALUE_SHA1;

	48 base64_str = value.substr(5, 28);

	49 } else if (value.substr(0, 7) == "sha256/") {

	50 if (value.size() != 7 + 44)

	51 return false;
	Ryan Sleevi 2012/11/13 23:32:05 design nit: You can drop these two added checks (4 design nit: You can drop these two added checks (45-46, 50-51), just take .substr(7) to let the implied npos handle it, and let the handling on lines 59-60 handle decode failures. This avoids the magic number issue more or less entirely
	52 tag = HASH_VALUE_SHA256;

	53 base64_str = value.substr(7, 44);

	54 } else {

	55 return false;

	56 }

	57

	58 std::string decoded;

	59 if (!base::Base64Decode(base64_str, &decoded) \|\|

	60 decoded.size() != size()) {

	61 return false;

	62 }

	63

	64 memcpy(data(), decoded.data(), size());

	65 return true;

	66 }

	67

	68 std::string HashValue::ToString() const {

	69 std::string base64_str;

	70 base::Base64Encode(base::StringPiece(reinterpret_cast<const char*>(data()),

	71 size()), &base64_str);

	72 switch (tag) {

	73 case HASH_VALUE_SHA1:

	74 return std::string("sha1/" + base64_str);

	75 case HASH_VALUE_SHA256:

	76 return std::string("sha256/" + base64_str);

	77 default:

	78 NOTREACHED() << "Unknown HashValueTag " << tag;

	79 return std::string("unknown/" + base64_str);

	80 }

	81 }

	82

	83 size_t HashValue::size() const {

	84 switch (tag) {

	85 case HASH_VALUE_SHA1:

	86 return sizeof(fingerprint.sha1.data);

	87 case HASH_VALUE_SHA256:

	88 return sizeof(fingerprint.sha256.data);

	89 default:

	90 NOTREACHED() << "Unknown HashValueTag " << tag;

	91 // Although this is NOTREACHED, this function might be inlined and its

	92 // return value can be passed to memset as the length argument. If we

	93 // returned 0 here, it might result in what appears (in some stages of

	94 // compilation) to be a call to to memset with a length argument of 0,

	95 // which results in a warning. Therefore, we return a dummy value

	96 // here.

	97 return sizeof(fingerprint.sha1.data);

	98 }

	99 }

	100

	101 unsigned char* HashValue::data() {

	102 return const_cast<unsigned char>(const_cast<const HashValue>(this)->data());

	103 }

	104

	105 const unsigned char* HashValue::data() const {

	106 switch (tag) {

	107 case HASH_VALUE_SHA1:

	108 return fingerprint.sha1.data;

	109 case HASH_VALUE_SHA256:

	110 return fingerprint.sha256.data;

	111 default:

	112 NOTREACHED() << "Unknown HashValueTag " << tag;

	113 return NULL;

	114 }

	115 }

	116

	117 bool IsSHA1HashInSortedArray(const SHA1HashValue& hash,

	118 const uint8* array,

	119 size_t array_byte_len) {

	120 DCHECK_EQ(0u, array_byte_len % base::kSHA1Length);

	121 const size_t arraylen = array_byte_len / base::kSHA1Length;

	122 return NULL != bsearch(hash.data, array, arraylen, base::kSHA1Length,

	123 CompareSHA1Hashes);

	124 }

	125

	126 } // namespace net

	127

OLD	NEW

« no previous file with comments | « net/base/hash_value.h ('k') | net/base/transport_security_state.h » ('j') | net/http/http_security_headers.cc » ('J')