| blob | b08f4d56d9ef3aff0dfb5f0ab0226d565ce0653c |
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 /* Utilities for hashing. */
9 /*
10 * This file exports functions for hashing data down to a uint32_t (a.k.a.
11 * mozilla::HashNumber), including:
12 *
13 * - HashString Hash a char* or char16_t/wchar_t* of known or unknown
14 * length.
15 *
16 * - HashBytes Hash a byte array of known length.
17 *
18 * - HashGeneric Hash one or more values. Currently, we support uint32_t,
19 * types which can be implicitly cast to uint32_t, data
20 * pointers, and function pointers.
21 *
22 * - AddToHash Add one or more values to the given hash. This supports the
23 * same list of types as HashGeneric.
24 *
25 *
26 * You can chain these functions together to hash complex objects. For example:
27 *
28 * class ComplexObject
29 * {
30 * char* mStr;
31 * uint32_t mUint1, mUint2;
32 * void (*mCallbackFn)();
33 *
34 * public:
35 * HashNumber hash()
36 * {
37 * HashNumber hash = HashString(mStr);
38 * hash = AddToHash(hash, mUint1, mUint2);
39 * return AddToHash(hash, mCallbackFn);
40 * }
41 * };
42 *
43 * If you want to hash an nsAString or nsACString, use the HashString functions
44 * in nsHashKeys.h.
45 */
47 #ifndef mozilla_HashFunctions_h
48 #define mozilla_HashFunctions_h
57 #include <stdint.h>
58 #include <type_traits>
65 /**
66 * The golden ratio as a 32-bit fixed-point value.
67 */
70 /*
71 * Given a raw hash code, h, return a number that can be used to select a hash
72 * bucket.
73 *
74 * This function aims to produce as uniform an output distribution as possible,
75 * especially in the most significant (leftmost) bits, even though the input
76 * distribution may be highly nonrandom, given the constraints that this must
77 * be deterministic and quick to compute.
78 *
79 * Since the leftmost bits of the result are best, the hash bucket index is
80 * computed by doing ScrambleHashCode(h) / (2^32/N) or the equivalent
81 * right-shift, not ScrambleHashCode(h) % N or the equivalent bit-mask.
82 *
83 * FIXME: OrderedHashTable uses a bit-mask; see bug 775896.
84 */
86 /*
87 * Simply returning h would not cause any hash tables to produce wrong
88 * answers. But it can produce pathologically bad performance: The caller
89 * right-shifts the result, keeping only the highest bits. The high bits of
90 * hash codes are very often completely entropy-free. (So are the lowest
91 * bits.)
92 *
93 * So we use Fibonacci hashing, as described in Knuth, The Art of Computer
94 * Programming, 6.4. This mixes all the bits of the input hash code h.
95 *
96 * The value of goldenRatio is taken from the hex expansion of the golden
97 * ratio, which starts 1.9E3779B9.... This value is especially good if
98 * values with consecutive hash codes are stored in a hash table; see Knuth
99 * for details.
100 */
102 }
106 MOZ_NO_SANITIZE_UNSIGNED_OVERFLOW
109 }
112 /*
113 * This is the meat of all our hash routines. This hash function is not
114 * particularly sophisticated, but it seems to work well for our mostly
115 * plain-text inputs. Implementation notes follow.
116 *
117 * Our use of the golden ratio here is arbitrary; we could pick almost any
118 * number which:
119 *
120 * * is odd (because otherwise, all our hash values will be even)
121 *
122 * * has a reasonably-even mix of 1's and 0's (consider the extreme case
123 * where we multiply by 0x3 or 0xeffffff -- this will not produce good
124 * mixing across all bits of the hash).
125 *
126 * The rotation length of 5 is also arbitrary, although an odd number is again
127 * preferable so our hash explores the whole universe of possible rotations.
128 *
129 * Finally, we multiply by the golden ratio *after* xor'ing, not before.
130 * Otherwise, if |aHash| is 0 (as it often is for the beginning of a
131 * message), the expression
132 *
133 * mozilla::WrappingMultiply(kGoldenRatioU32, RotateLeft5(aHash))
134 * |xor|
135 * aValue
136 *
137 * evaluates to |aValue|.
138 *
139 * (Number-theoretic aside: Because any odd number |m| is relatively prime to
140 * our modulus (2**32), the list
141 *
142 * [x * m (mod 2**32) for 0 <= x < 2**32]
143 *
144 * has no duplicate elements. This means that multiplying by |m| does not
145 * cause us to skip any possible hash values.
146 *
147 * It's also nice if |m| has large-ish order mod 2**32 -- that is, if the
148 * smallest k such that m**k == 1 (mod 2**32) is large -- so we can safely
149 * multiply our hash value by |m| a few times without negating the
150 * multiplicative effect. Our golden ratio constant has order 2**29, which is
151 * more than enough for our purposes.)
152 */
155 }
157 /**
158 * AddUintptrToHash takes sizeof(uintptr_t) as a template parameter.
159 */
163 }
170 }
174 /**
175 * AddToHash takes a hash and some values and returns a new hash based on the
176 * inputs.
177 *
178 * Currently, we support hashing uint32_t's, values which we can implicitly
179 * convert to uint32_t, data pointers, and function pointers.
180 */
185 /*
186 * Try to convert |A| to uint32_t implicitly. If this works, great. If not,
187 * we'll error out.
188 */
190 }
194 /*
195 * You might think this function should just take a void*. But then we'd only
196 * catch data pointers and couldn't handle function pointers.
197 */
202 }
204 // We use AddUintptrToHash() for hashing all integral types. 8-byte integral
205 // types are treated the same as 64-bit pointers, and smaller integral types are
206 // first implicitly converted to 32 bits and then passed to AddUintptrToHash()
207 // to be hashed.
211 }
215 // Hash using AddUintptrToHash with the underlying type of the enum type
219 }
224 }
226 /**
227 * The HashGeneric class of functions let you hash one or more values.
228 *
229 * If you want to hash together two values x and y, calling HashGeneric(x, y) is
230 * much better than calling AddToHash(x, y), because AddToHash(x, y) assumes
231 * that x has already been hashed.
232 */
236 }
238 /**
239 * Hash successive |*aIter| until |!*aIter|, i.e. til null-termination.
240 *
241 * This function is *not* named HashString like the non-template overloads
242 * below. Some users define HashString overloads and pass inexactly-matching
243 * values to them -- but an inexactly-matching value would match this overload
244 * instead! We follow the general rule and don't mix and match template and
245 * regular overloads to avoid this.
246 *
247 * If you have the string's length, call HashStringKnownLength: it may be
248 * marginally faster.
249 */
255 }
257 }
259 /**
260 * Hash successive |aIter[i]| up to |i == aLength|.
261 */
268 }
270 }
272 /**
273 * The HashString overloads below do just what you'd expect.
274 *
275 * These functions are non-template functions so that users can 1) overload them
276 * with their own types 2) in a way that allows implicit conversions to happen.
277 */
279 // Use the |const unsigned char*| version of the above so that all ordinary
280 // character data hashes identically.
282 }
285 // Delegate to the |const unsigned char*| version of the above to share
286 // template instantiations.
288 aLength);
289 }
291 MOZ_MUST_USE
294 }
298 }
303 }
305 /**
306 * HashString overloads for |wchar_t| on platforms where it isn't |char16_t|.
307 */
313 }
320 }
322 /**
323 * Hash some number of bytes.
324 *
325 * This hash walks word-by-word, rather than byte-by-byte, so you won't get the
326 * same result out of HashBytes as you would out of HashString.
327 */
331 /**
332 * A pseudorandom function mapping 32-bit integers to 32-bit integers.
333 *
334 * This is for when you're feeding private data (like pointer values or credit
335 * card numbers) to a non-crypto hash function (like HashBytes) and then using
336 * the hash code for something that untrusted parties could observe (like a JS
337 * Map). Plug in a HashCodeScrambler before that last step to avoid leaking the
338 * private data.
339 *
340 * By itself, this does not prevent hash-flooding DoS attacks, because an
341 * attacker can still generate many values with exactly equal hash codes by
342 * attacking the non-crypto hash function alone. Equal hash codes will, of
343 * course, still be equal however much you scramble them.
344 *
345 * The algorithm is SipHash-1-3. See <https://131002.net/siphash/>.
346 */
353 /** Creates a new scrambler with the given 128-bit key. */
357 /**
358 * Scramble a hash code. Always produces the same result for the same
359 * combination of key and hash code.
360 */
364 }
369 // 1. Initialization.
374 }
377 // 2. Compression.
382 // 3. Finalization.
386 }
403 }
406 };
407 };