1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_BASE_HASH_VALUE_H_ 6 #define NET_BASE_HASH_VALUE_H_ 7 8 #include <string.h> 9 10 #include <string> 11 #include <vector> 12 13 #include "base/basictypes.h" 14 #include "base/strings/string_piece.h" 15 #include "build/build_config.h" 16 #include "net/base/net_export.h" 17 18 namespace net { 19 20 struct NET_EXPORT SHA1HashValue { 21 bool Equals(const SHA1HashValue& other) const; 22 23 unsigned char data[20]; 24 }; 25 26 struct NET_EXPORT SHA256HashValue { 27 bool Equals(const SHA256HashValue& other) const; 28 29 unsigned char data[32]; 30 }; 31 32 enum HashValueTag { 33 HASH_VALUE_SHA1, 34 HASH_VALUE_SHA256, 35 36 // This must always be last. 37 HASH_VALUE_TAGS_COUNT 38 }; 39 40 class NET_EXPORT HashValue { 41 public: HashValue(HashValueTag tag)42 explicit HashValue(HashValueTag tag) : tag(tag) {} HashValue()43 HashValue() : tag(HASH_VALUE_SHA1) {} 44 45 // Check for equality of hash values 46 // This function may have VARIABLE timing which leaks information 47 // about its inputs. For example it may exit early once a 48 // nonequal character is discovered. Thus, for security reasons 49 // this function MUST NOT be used with secret values (such as 50 // password hashes, MAC tags, etc.) 51 bool Equals(const HashValue& other) const; 52 53 // Serializes/Deserializes hashes in the form of 54 // <hash-name>"/"<base64-hash-value> 55 // (eg: "sha1/...") 56 // This format may be persisted to permanent storage, so 57 // care should be taken before changing the serialization. 58 // 59 // This format is used for: 60 // - net_internals display/setting public-key pins 61 // - logging public-key pins 62 // - serializing public-key pins 63 64 // Deserializes a HashValue from a string. On error, returns 65 // false and MAY change the contents of HashValue to contain invalid data. 66 bool FromString(const base::StringPiece input); 67 68 // Serializes the HashValue to a string. If an invalid HashValue 69 // is supplied (eg: an unknown hash tag), returns "unknown"/<base64> 70 std::string ToString() const; 71 72 size_t size() const; 73 unsigned char* data(); 74 const unsigned char* data() const; 75 76 HashValueTag tag; 77 78 private: 79 union { 80 SHA1HashValue sha1; 81 SHA256HashValue sha256; 82 } fingerprint; 83 }; 84 85 typedef std::vector<HashValue> HashValueVector; 86 87 88 class SHA1HashValueLessThan { 89 public: operator()90 bool operator()(const SHA1HashValue& lhs, 91 const SHA1HashValue& rhs) const { 92 return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0; 93 } 94 }; 95 96 class SHA256HashValueLessThan { 97 public: operator()98 bool operator()(const SHA256HashValue& lhs, 99 const SHA256HashValue& rhs) const { 100 return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0; 101 } 102 }; 103 104 class HashValuesEqual { 105 public: HashValuesEqual(const HashValue & fingerprint)106 explicit HashValuesEqual(const HashValue& fingerprint) : 107 fingerprint_(fingerprint) {} 108 operator()109 bool operator()(const HashValue& other) const { 110 return fingerprint_.Equals(other); 111 } 112 113 const HashValue& fingerprint_; 114 }; 115 116 117 // IsSHA1HashInSortedArray returns true iff |hash| is in |array|, a sorted 118 // array of SHA1 hashes. 119 bool IsSHA1HashInSortedArray(const SHA1HashValue& hash, 120 const uint8* array, 121 size_t array_byte_len); 122 123 } // namespace net 124 125 #endif // NET_BASE_HASH_VALUE_H_ 126