| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/base/hash_value.h" | 5 #include "net/base/hash_value.h" |
| 6 | 6 |
| 7 #include <stdlib.h> | 7 #include <stdlib.h> |
| 8 | 8 |
| 9 #include "base/base64.h" | 9 #include "base/base64.h" |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| 11 #include "base/sha1.h" | 11 #include "base/sha1.h" |
| 12 #include "base/strings/string_split.h" | 12 #include "base/strings/string_split.h" |
| 13 #include "base/strings/string_util.h" | 13 #include "base/strings/string_util.h" |
| 14 #include "crypto/sha2.h" | 14 #include "crypto/sha2.h" |
| 15 | 15 |
| 16 namespace net { | 16 namespace net { |
| 17 | 17 |
| 18 namespace { | 18 namespace { |
| 19 | 19 |
| 20 // CompareSHA1Hashes is a helper function for using bsearch() with an array of | 20 // CompareSHA1Hashes is a helper function for using bsearch() with an array of |
| 21 // SHA1 hashes. | 21 // SHA1 hashes. |
| 22 int CompareSHA1Hashes(const void* a, const void* b) { | 22 int CompareSHA1Hashes(const void* a, const void* b) { |
| 23 return memcmp(a, b, base::kSHA1Length); | 23 return memcmp(a, b, base::kSHA1Length); |
| 24 } | 24 } |
| 25 | 25 |
| 26 } // namespace | 26 } // namespace |
| 27 | 27 |
| 28 | 28 |
| 29 HashValue::HashValue(const SHA1HashValue& hash) : HashValue(HASH_VALUE_SHA1) { | |
| 30 fingerprint.sha1 = hash; | |
| 31 } | |
| 32 | |
| 33 HashValue::HashValue(const SHA256HashValue& hash) | 29 HashValue::HashValue(const SHA256HashValue& hash) |
| 34 : HashValue(HASH_VALUE_SHA256) { | 30 : HashValue(HASH_VALUE_SHA256) { |
| 35 fingerprint.sha256 = hash; | 31 fingerprint.sha256 = hash; |
| 36 } | 32 } |
| 37 | 33 |
| 38 bool HashValue::FromString(const base::StringPiece value) { | 34 bool HashValue::FromString(const base::StringPiece value) { |
| 39 base::StringPiece base64_str; | 35 base::StringPiece base64_str; |
| 40 if (value.starts_with("sha1/")) { | 36 if (value.starts_with("sha256/")) { |
| 41 tag = HASH_VALUE_SHA1; | |
| 42 base64_str = value.substr(5); | |
| 43 } else if (value.starts_with("sha256/")) { | |
| 44 tag = HASH_VALUE_SHA256; | 37 tag = HASH_VALUE_SHA256; |
| 45 base64_str = value.substr(7); | 38 base64_str = value.substr(7); |
| 46 } else { | 39 } else { |
| 47 return false; | 40 return false; |
| 48 } | 41 } |
| 49 | 42 |
| 50 std::string decoded; | 43 std::string decoded; |
| 51 if (!base::Base64Decode(base64_str, &decoded) || decoded.size() != size()) | 44 if (!base::Base64Decode(base64_str, &decoded) || decoded.size() != size()) |
| 52 return false; | 45 return false; |
| 53 | 46 |
| 54 memcpy(data(), decoded.data(), size()); | 47 memcpy(data(), decoded.data(), size()); |
| 55 return true; | 48 return true; |
| 56 } | 49 } |
| 57 | 50 |
| 58 std::string HashValue::ToString() const { | 51 std::string HashValue::ToString() const { |
| 59 std::string base64_str; | 52 std::string base64_str; |
| 60 base::Base64Encode(base::StringPiece(reinterpret_cast<const char*>(data()), | 53 base::Base64Encode(base::StringPiece(reinterpret_cast<const char*>(data()), |
| 61 size()), &base64_str); | 54 size()), &base64_str); |
| 62 switch (tag) { | 55 switch (tag) { |
| 63 case HASH_VALUE_SHA1: | |
| 64 return std::string("sha1/") + base64_str; | |
| 65 case HASH_VALUE_SHA256: | 56 case HASH_VALUE_SHA256: |
| 66 return std::string("sha256/") + base64_str; | 57 return std::string("sha256/") + base64_str; |
| 67 default: | 58 default: |
| 68 NOTREACHED() << "Unknown HashValueTag " << tag; | 59 NOTREACHED() << "Unknown HashValueTag " << tag; |
| 69 return std::string("unknown/" + base64_str); | 60 return std::string("unknown/" + base64_str); |
| 70 } | 61 } |
| 71 } | 62 } |
| 72 | 63 |
| 73 size_t HashValue::size() const { | 64 size_t HashValue::size() const { |
| 74 switch (tag) { | 65 switch (tag) { |
| 75 case HASH_VALUE_SHA1: | |
| 76 return sizeof(fingerprint.sha1.data); | |
| 77 case HASH_VALUE_SHA256: | 66 case HASH_VALUE_SHA256: |
| 78 return sizeof(fingerprint.sha256.data); | 67 return sizeof(fingerprint.sha256.data); |
| 79 default: | 68 default: |
| 80 NOTREACHED() << "Unknown HashValueTag " << tag; | 69 NOTREACHED() << "Unknown HashValueTag " << tag; |
| 81 // While an invalid tag should not happen, return a non-zero length | 70 // While an invalid tag should not happen, return a non-zero length |
| 82 // to avoid compiler warnings when the result of size() is | 71 // to avoid compiler warnings when the result of size() is |
| 83 // used with functions like memset. | 72 // used with functions like memset. |
| 84 return sizeof(fingerprint.sha1.data); | 73 return sizeof(fingerprint.sha1.data); |
| 85 } | 74 } |
| 86 } | 75 } |
| 87 | 76 |
| 88 unsigned char* HashValue::data() { | 77 unsigned char* HashValue::data() { |
| 89 return const_cast<unsigned char*>(const_cast<const HashValue*>(this)->data()); | 78 return const_cast<unsigned char*>(const_cast<const HashValue*>(this)->data()); |
| 90 } | 79 } |
| 91 | 80 |
| 92 const unsigned char* HashValue::data() const { | 81 const unsigned char* HashValue::data() const { |
| 93 switch (tag) { | 82 switch (tag) { |
| 94 case HASH_VALUE_SHA1: | |
| 95 return fingerprint.sha1.data; | |
| 96 case HASH_VALUE_SHA256: | 83 case HASH_VALUE_SHA256: |
| 97 return fingerprint.sha256.data; | 84 return fingerprint.sha256.data; |
| 98 default: | 85 default: |
| 99 NOTREACHED() << "Unknown HashValueTag " << tag; | 86 NOTREACHED() << "Unknown HashValueTag " << tag; |
| 100 return NULL; | 87 return NULL; |
| 101 } | 88 } |
| 102 } | 89 } |
| 103 | 90 |
| 104 bool IsSHA256HashInSortedArray(const SHA256HashValue& hash, | 91 bool IsSHA256HashInSortedArray(const SHA256HashValue& hash, |
| 105 const uint8_t* array, | 92 const uint8_t* array, |
| 106 size_t array_byte_len) { | 93 size_t array_byte_len) { |
| 107 DCHECK_EQ(0u, array_byte_len % crypto::kSHA256Length); | 94 DCHECK_EQ(0u, array_byte_len % crypto::kSHA256Length); |
| 108 const size_t arraylen = array_byte_len / crypto::kSHA256Length; | 95 const size_t arraylen = array_byte_len / crypto::kSHA256Length; |
| 109 return NULL != bsearch(hash.data, array, arraylen, crypto::kSHA256Length, | 96 return NULL != bsearch(hash.data, array, arraylen, crypto::kSHA256Length, |
| 110 CompareSHA1Hashes); | 97 CompareSHA1Hashes); |
| 111 } | 98 } |
| 112 | 99 |
| 113 } // namespace net | 100 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2951343002:
Remove residual support for SHA-1 public key pins. (Closed)
