Index: net/base/hash_value.h |
=================================================================== |
--- net/base/hash_value.h (revision 0) |
+++ net/base/hash_value.h (revision 0) |
@@ -0,0 +1,125 @@ |
+// Copyright (c) 2012 The Chromium Authors. All rights reserved. |
+// Use of this source code is governed by a BSD-style license that can be |
+// found in the LICENSE file. |
+ |
+#ifndef NET_BASE_HASH_VALUE_H_ |
+#define NET_BASE_HASH_VALUE_H_ |
+ |
+#include <string.h> |
+ |
+#include <string> |
+#include <vector> |
+ |
+#include "base/basictypes.h" |
+#include "base/string_piece.h" |
+#include "build/build_config.h" |
+#include "net/base/net_export.h" |
+ |
+namespace net { |
+ |
+struct NET_EXPORT SHA1HashValue { |
+ bool Equals(const SHA1HashValue& other) const; |
+ |
+ unsigned char data[20]; |
+}; |
+ |
+struct NET_EXPORT SHA256HashValue { |
+ bool Equals(const SHA256HashValue& other) const; |
+ |
+ unsigned char data[32]; |
+}; |
+ |
+enum HashValueTag { |
+ HASH_VALUE_SHA1, |
+ HASH_VALUE_SHA256, |
+ |
+ // This must always be last. |
+ HASH_VALUE_TAGS_COUNT |
+}; |
+ |
+class NET_EXPORT HashValue { |
+ public: |
+ explicit HashValue(HashValueTag tag) : tag(tag) {} |
+ HashValue() : tag(HASH_VALUE_SHA1) {} |
+ |
+ // Check for equality of hash values |
+ // This function may have VARIABLE timing which leaks information |
+ // about its inputs. For example it may exit early once a |
+ // nonequal character is discovered. Thus, for security reasons |
+ // this function MUST NOT be used with secret values (such as |
+ // password hashes, MAC tags, etc.) |
+ bool Equals(const HashValue& other) const; |
+ |
+ // Serializes/Deserializes hashes in the form of |
+ // <hash-name>"/"<base64-hash-value> |
+ // (eg: "sha1/...") |
+ // This format may be persisted to permanent storage, so |
+ // care should be taken before changing the serialization. |
+ // |
+ // This format is used for: |
+ // - net_internals display/setting public-key pins |
+ // - logging public-key pins |
+ // - serializing public-key pins |
+ |
+ // Deserializes a HashValue from a string. On error, returns |
+ // false and MAY change the contents of HashValue to contain invalid data. |
+ bool FromString(const base::StringPiece input); |
+ |
+ // Serializes the HashValue to a string. If an invalid HashValue |
+ // is supplied (eg: an unknown hash tag), returns "unknown"/<base64> |
+ std::string ToString() const; |
+ |
+ size_t size() const; |
+ unsigned char* data(); |
+ const unsigned char* data() const; |
+ |
+ HashValueTag tag; |
+ |
+ private: |
+ union { |
+ SHA1HashValue sha1; |
+ SHA256HashValue sha256; |
+ } fingerprint; |
+}; |
+ |
+typedef std::vector<HashValue> HashValueVector; |
+ |
+ |
+class SHA1HashValueLessThan { |
+ public: |
+ bool operator()(const SHA1HashValue& lhs, |
+ const SHA1HashValue& rhs) const { |
+ return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0; |
+ } |
+}; |
+ |
+class SHA256HashValueLessThan { |
+ public: |
+ bool operator()(const SHA256HashValue& lhs, |
+ const SHA256HashValue& rhs) const { |
+ return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0; |
+ } |
+}; |
+ |
+class HashValuesEqual { |
+ public: |
+ explicit HashValuesEqual(const HashValue& fingerprint) : |
+ fingerprint_(fingerprint) {} |
+ |
+ bool operator()(const HashValue& other) const { |
+ return fingerprint_.Equals(other); |
+ } |
+ |
+ const HashValue& fingerprint_; |
+}; |
+ |
+ |
+// IsSHA1HashInSortedArray returns true iff |hash| is in |array|, a sorted |
+// array of SHA1 hashes. |
+bool IsSHA1HashInSortedArray(const SHA1HashValue& hash, |
+ const uint8* array, |
+ size_t array_byte_len); |
+ |
+} // namespace net |
+ |
+#endif // NET_BASE_HASH_VALUE_H_ |