Implement SHA-256 fingerprint support

net/base/x509_cert_types.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_BASE_X509_CERT_TYPES_H_
 #define NET_BASE_X509_CERT_TYPES_H_
 
 #include <string.h>
 
+#include <algorithm>
 #include <set>
 #include <string>
 #include <vector>
 
+#include "base/logging.h"
 #include "base/string_piece.h"
 #include "build/build_config.h"
 #include "net/base/net_export.h"
 
 #if defined(OS_MACOSX) && !defined(OS_IOS)
 #include <Security/x509defs.h>
 #endif
 
 namespace base {
 class Time;
 }  // namespace base
 
 namespace net {
 
 class X509Certificate;
 
 // SHA-1 fingerprint (160 bits) of a certificate.
-struct NET_EXPORT SHA1Fingerprint {
-  bool Equals(const SHA1Fingerprint& other) const {
+struct NET_EXPORT SHA1HashValue {
+  bool Equals(const SHA1HashValue& other) const {
     return memcmp(data, other.data, sizeof(data)) == 0;
   }
 
   unsigned char data[20];
 };
 
-// In the future there will be a generic Fingerprint type, with at least two
-// implementations: SHA1 and SHA256. See http://crbug.com/117914. Until that
-// work is done (in a separate patch) this typedef bridges the gap.
-typedef SHA1Fingerprint Fingerprint;
-
-typedef std::vector<Fingerprint> FingerprintVector;
-
-class NET_EXPORT SHA1FingerprintLessThan {
+class NET_EXPORT SHA1HashValueLessThan {
  public:
-  bool operator() (const SHA1Fingerprint& lhs,
-                   const SHA1Fingerprint& rhs) const {
+  bool operator() (const SHA1HashValue& lhs,
+                   const SHA1HashValue& rhs) const {
     return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0;
   }
 };
 
+struct NET_EXPORT SHA256HashValue {
+  bool Equals(const SHA256HashValue& other) const {
+    return memcmp(data, other.data, sizeof(data)) == 0;
+  }
+
+  unsigned char data[32];
+};
+
+class NET_EXPORT SHA256HashValueLessThan {
+ public:
+  bool operator() (const SHA256HashValue& lhs,
+                   const SHA256HashValue& rhs) const {
+    return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0;
+  }
+};
+
+enum HashValueTag {
+  HASH_VALUE_SHA1,
+  HASH_VALUE_SHA256,
+
+  // This must always be last.
+  HASH_VALUE_TAGS_COUNT
+};
+
+struct NET_EXPORT HashValue {
+  bool Equals(const HashValue& other) const {
+    if (tag != other.tag)
+      return false;
+    switch (tag) {
+      case HASH_VALUE_SHA1:
+        return fingerprint.sha1.Equals(other.fingerprint.sha1);
+        break;
+      case HASH_VALUE_SHA256:
+        return fingerprint.sha256.Equals(other.fingerprint.sha256);
+        break;
+      default:
+        NOTREACHED() << "Unknown HashValueTag " << tag;
+        return false;
+    }
+  }
+
+  size_t size() const {
+    switch (tag) {
+      case HASH_VALUE_SHA1:
+        return sizeof(fingerprint.sha1.data);
+        break;
+      case HASH_VALUE_SHA256:
+        return sizeof(fingerprint.sha256.data);
+        break;
+      default:
+        NOTREACHED() << "Unknown HashValueTag " << tag;
+        return sizeof(fingerprint.sha1.data);

[wtc, 2012/08/08 18:16:25]

The reason we have to return a non-zero value in the default
case is not obvious, so we should add a comment.

Based on the gcc compiler error message provided by jyasskin,
I think this can be considered a GCC optimization bug.  It
seems that we can avoid this problem by preventing GCC from
inlining this size() method.  Perhaps we can define the size()
method in the .cc file instead?

+    }
+  }
+
+  unsigned char* data() {
+    switch (tag) {
+      case HASH_VALUE_SHA1:
+        return fingerprint.sha1.data;
+        break;
+      case HASH_VALUE_SHA256:
+        return fingerprint.sha256.data;
+        break;
+      default:
+        NOTREACHED() << "Unknown HashValueTag " << tag;
+        return NULL;
+    }
+  }
+
+  const unsigned char* data() const {
+    switch (tag) {
+      case HASH_VALUE_SHA1:
+        return fingerprint.sha1.data;
+        break;
+      case HASH_VALUE_SHA256:
+        return fingerprint.sha256.data;
+        break;
+      default:
+        NOTREACHED() << "Unknown HashValueTag " << tag;
+        return NULL;
+    }
+  }
+
+  HashValueTag tag;
+
+  union {
+    SHA1HashValue sha1;
+    SHA256HashValue sha256;
+  } fingerprint;
+};
+
+class NET_EXPORT HashValueLessThan {
+ public:
+  bool operator() (const HashValue& lhs,
+                   const HashValue& rhs) const {
+    size_t lhs_size = lhs.size();
+    size_t rhs_size = rhs.size();
+    int r = memcmp(lhs.data(), rhs.data(), std::min(lhs_size, rhs_size));
+
+    if (r == 0 && lhs_size != rhs_size)
+      return lhs_size < rhs_size;
+    return r < 0;
+  }
+};
+
+typedef std::vector<HashValue> HashValueVector;
+
 // IsSHA1HashInSortedArray returns true iff |hash| is in |array|, a sorted
 // array of SHA1 hashes.
-bool NET_EXPORT IsSHA1HashInSortedArray(const SHA1Fingerprint& hash,
+bool NET_EXPORT IsSHA1HashInSortedArray(const SHA1HashValue& hash,
                                         const uint8* array,
                                         size_t array_byte_len);
 
 // CertPrincipal represents the issuer or subject field of an X.509 certificate.
 struct NET_EXPORT CertPrincipal {
   CertPrincipal();
   explicit CertPrincipal(const std::string& name);
   ~CertPrincipal();
 
 #if (defined(OS_MACOSX) && !defined(OS_IOS)) || defined(OS_WIN)
@@ skipping 56 matching lines @@
   void Deny(X509Certificate* cert);
 
   // Returns true if this policy has allowed at least one certificate.
   bool HasAllowedCert() const;
 
   // Returns true if this policy has denied at least one certificate.
   bool HasDeniedCert() const;
 
  private:
   // The set of fingerprints of allowed certificates.
-  std::set<SHA1Fingerprint, SHA1FingerprintLessThan> allowed_;
+  std::set<SHA1HashValue, SHA1HashValueLessThan> allowed_;
 
   // The set of fingerprints of denied certificates.
-  std::set<SHA1Fingerprint, SHA1FingerprintLessThan> denied_;
+  std::set<SHA1HashValue, SHA1HashValueLessThan> denied_;
 };
 
 #if defined(OS_MACOSX) && !defined(OS_IOS)
 // Compares two OIDs by value.
 inline bool CSSMOIDEqual(const CSSM_OID* oid1, const CSSM_OID* oid2) {
   return oid1->Length == oid2->Length &&
   (memcmp(oid1->Data, oid2->Data, oid1->Length) == 0);
 }
 #endif
 
@@ skipping 10 matching lines @@
 // Attempts to parse |raw_date|, an ASN.1 date/time string encoded as
 // |format|, and writes the result into |*time|. If an invalid date is
 // specified, or if parsing fails, returns false, and |*time| will not be
 // updated.
 bool ParseCertificateDate(const base::StringPiece& raw_date,
                           CertDateFormat format,
                           base::Time* time);
 }  // namespace net
 
 #endif  // NET_BASE_X509_CERT_TYPES_H_