1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef NET_BASE_HASH_VALUE_H_
#define NET_BASE_HASH_VALUE_H_
#include <string.h>
#include <string>
#include <vector>
#include "base/basictypes.h"
#include "base/strings/string_piece.h"
#include "build/build_config.h"
#include "net/base/net_export.h"
namespace net {
struct NET_EXPORT SHA1HashValue {
bool Equals(const SHA1HashValue& other) const;
unsigned char data[20];
};
struct NET_EXPORT SHA256HashValue {
bool Equals(const SHA256HashValue& other) const;
unsigned char data[32];
};
enum HashValueTag {
HASH_VALUE_SHA1,
HASH_VALUE_SHA256,
// This must always be last.
HASH_VALUE_TAGS_COUNT
};
class NET_EXPORT HashValue {
public:
explicit HashValue(HashValueTag tag) : tag(tag) {}
HashValue() : tag(HASH_VALUE_SHA1) {}
// Check for equality of hash values
// This function may have VARIABLE timing which leaks information
// about its inputs. For example it may exit early once a
// nonequal character is discovered. Thus, for security reasons
// this function MUST NOT be used with secret values (such as
// password hashes, MAC tags, etc.)
bool Equals(const HashValue& other) const;
// Serializes/Deserializes hashes in the form of
// <hash-name>"/"<base64-hash-value>
// (eg: "sha1/...")
// This format may be persisted to permanent storage, so
// care should be taken before changing the serialization.
//
// This format is used for:
// - net_internals display/setting public-key pins
// - logging public-key pins
// - serializing public-key pins
// Deserializes a HashValue from a string. On error, returns
// false and MAY change the contents of HashValue to contain invalid data.
bool FromString(const base::StringPiece input);
// Serializes the HashValue to a string. If an invalid HashValue
// is supplied (eg: an unknown hash tag), returns "unknown"/<base64>
std::string ToString() const;
size_t size() const;
unsigned char* data();
const unsigned char* data() const;
HashValueTag tag;
private:
union {
SHA1HashValue sha1;
SHA256HashValue sha256;
} fingerprint;
};
typedef std::vector<HashValue> HashValueVector;
class SHA1HashValueLessThan {
public:
bool operator()(const SHA1HashValue& lhs,
const SHA1HashValue& rhs) const {
return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0;
}
};
class SHA256HashValueLessThan {
public:
bool operator()(const SHA256HashValue& lhs,
const SHA256HashValue& rhs) const {
return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0;
}
};
class HashValuesEqual {
public:
explicit HashValuesEqual(const HashValue& fingerprint) :
fingerprint_(fingerprint) {}
bool operator()(const HashValue& other) const {
return fingerprint_.Equals(other);
}
const HashValue& fingerprint_;
};
// IsSHA1HashInSortedArray returns true iff |hash| is in |array|, a sorted
// array of SHA1 hashes.
bool IsSHA1HashInSortedArray(const SHA1HashValue& hash,
const uint8* array,
size_t array_byte_len);
} // namespace net
#endif // NET_BASE_HASH_VALUE_H_
|