// Copyright (c) 2012 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #ifndef NET_BASE_HASH_VALUE_H_ #define NET_BASE_HASH_VALUE_H_ #include <string.h> #include <string> #include <vector> #include "base/basictypes.h" #include "base/strings/string_piece.h" #include "build/build_config.h" #include "net/base/net_export.h" namespace net { struct NET_EXPORT SHA1HashValue { bool Equals(const SHA1HashValue& other) const; unsigned char data[20]; }; struct NET_EXPORT SHA256HashValue { bool Equals(const SHA256HashValue& other) const; unsigned char data[32]; }; enum HashValueTag { HASH_VALUE_SHA1, HASH_VALUE_SHA256, // This must always be last. HASH_VALUE_TAGS_COUNT }; class NET_EXPORT HashValue { public: explicit HashValue(HashValueTag tag) : tag(tag) {} HashValue() : tag(HASH_VALUE_SHA1) {} // Check for equality of hash values // This function may have VARIABLE timing which leaks information // about its inputs. For example it may exit early once a // nonequal character is discovered. Thus, for security reasons // this function MUST NOT be used with secret values (such as // password hashes, MAC tags, etc.) bool Equals(const HashValue& other) const; // Serializes/Deserializes hashes in the form of // <hash-name>"/"<base64-hash-value> // (eg: "sha1/...") // This format may be persisted to permanent storage, so // care should be taken before changing the serialization. // // This format is used for: // - net_internals display/setting public-key pins // - logging public-key pins // - serializing public-key pins // Deserializes a HashValue from a string. On error, returns // false and MAY change the contents of HashValue to contain invalid data. bool FromString(const base::StringPiece input); // Serializes the HashValue to a string. If an invalid HashValue // is supplied (eg: an unknown hash tag), returns "unknown"/<base64> std::string ToString() const; size_t size() const; unsigned char* data(); const unsigned char* data() const; HashValueTag tag; private: union { SHA1HashValue sha1; SHA256HashValue sha256; } fingerprint; }; typedef std::vector<HashValue> HashValueVector; class SHA1HashValueLessThan { public: bool operator()(const SHA1HashValue& lhs, const SHA1HashValue& rhs) const { return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0; } }; class SHA256HashValueLessThan { public: bool operator()(const SHA256HashValue& lhs, const SHA256HashValue& rhs) const { return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0; } }; class HashValuesEqual { public: explicit HashValuesEqual(const HashValue& fingerprint) : fingerprint_(fingerprint) {} bool operator()(const HashValue& other) const { return fingerprint_.Equals(other); } const HashValue& fingerprint_; }; // IsSHA1HashInSortedArray returns true iff |hash| is in |array|, a sorted // array of SHA1 hashes. bool IsSHA1HashInSortedArray(const SHA1HashValue& hash, const uint8* array, size_t array_byte_len); } // namespace net #endif // NET_BASE_HASH_VALUE_H_