| blob | 4b740a3db16bca04ff3e73d1973c8f82335de4fb |
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 /* Utilities for hashing. */
9 /*
10 * This file exports functions for hashing data down to a uint32_t (a.k.a.
11 * mozilla::HashNumber), including:
12 *
13 * - HashString Hash a char* or char16_t/wchar_t* of known or unknown
14 * length.
15 *
16 * - HashBytes Hash a byte array of known length.
17 *
18 * - HashGeneric Hash one or more values. Currently, we support uint32_t,
19 * types which can be implicitly cast to uint32_t, data
20 * pointers, and function pointers.
21 *
22 * - AddToHash Add one or more values to the given hash. This supports the
23 * same list of types as HashGeneric.
24 *
25 *
26 * You can chain these functions together to hash complex objects. For example:
27 *
28 * class ComplexObject
29 * {
30 * char* mStr;
31 * uint32_t mUint1, mUint2;
32 * void (*mCallbackFn)();
33 *
34 * public:
35 * HashNumber hash()
36 * {
37 * HashNumber hash = HashString(mStr);
38 * hash = AddToHash(hash, mUint1, mUint2);
39 * return AddToHash(hash, mCallbackFn);
40 * }
41 * };
42 *
43 * If you want to hash an nsAString or nsACString, use the HashString functions
44 * in nsHashKeys.h.
45 */
47 #ifndef mozilla_HashFunctions_h
48 #define mozilla_HashFunctions_h
57 #include <stdint.h>
58 #include <type_traits>
65 /**
66 * The golden ratio as a 32-bit fixed-point value.
67 */
70 /*
71 * Given a raw hash code, h, return a number that can be used to select a hash
72 * bucket.
73 *
74 * This function aims to produce as uniform an output distribution as possible,
75 * especially in the most significant (leftmost) bits, even though the input
76 * distribution may be highly nonrandom, given the constraints that this must
77 * be deterministic and quick to compute.
78 *
79 * Since the leftmost bits of the result are best, the hash bucket index is
80 * computed by doing ScrambleHashCode(h) / (2^32/N) or the equivalent
81 * right-shift, not ScrambleHashCode(h) % N or the equivalent bit-mask.
82 */
84 /*
85 * Simply returning h would not cause any hash tables to produce wrong
86 * answers. But it can produce pathologically bad performance: The caller
87 * right-shifts the result, keeping only the highest bits. The high bits of
88 * hash codes are very often completely entropy-free. (So are the lowest
89 * bits.)
90 *
91 * So we use Fibonacci hashing, as described in Knuth, The Art of Computer
92 * Programming, 6.4. This mixes all the bits of the input hash code h.
93 *
94 * The value of goldenRatio is taken from the hex expansion of the golden
95 * ratio, which starts 1.9E3779B9.... This value is especially good if
96 * values with consecutive hash codes are stored in a hash table; see Knuth
97 * for details.
98 */
100 }
104 MOZ_NO_SANITIZE_UNSIGNED_OVERFLOW
107 }
110 /*
111 * This is the meat of all our hash routines. This hash function is not
112 * particularly sophisticated, but it seems to work well for our mostly
113 * plain-text inputs. Implementation notes follow.
114 *
115 * Our use of the golden ratio here is arbitrary; we could pick almost any
116 * number which:
117 *
118 * * is odd (because otherwise, all our hash values will be even)
119 *
120 * * has a reasonably-even mix of 1's and 0's (consider the extreme case
121 * where we multiply by 0x3 or 0xeffffff -- this will not produce good
122 * mixing across all bits of the hash).
123 *
124 * The rotation length of 5 is also arbitrary, although an odd number is again
125 * preferable so our hash explores the whole universe of possible rotations.
126 *
127 * Finally, we multiply by the golden ratio *after* xor'ing, not before.
128 * Otherwise, if |aHash| is 0 (as it often is for the beginning of a
129 * message), the expression
130 *
131 * mozilla::WrappingMultiply(kGoldenRatioU32, RotateLeft5(aHash))
132 * |xor|
133 * aValue
134 *
135 * evaluates to |aValue|.
136 *
137 * (Number-theoretic aside: Because any odd number |m| is relatively prime to
138 * our modulus (2**32), the list
139 *
140 * [x * m (mod 2**32) for 0 <= x < 2**32]
141 *
142 * has no duplicate elements. This means that multiplying by |m| does not
143 * cause us to skip any possible hash values.
144 *
145 * It's also nice if |m| has large-ish order mod 2**32 -- that is, if the
146 * smallest k such that m**k == 1 (mod 2**32) is large -- so we can safely
147 * multiply our hash value by |m| a few times without negating the
148 * multiplicative effect. Our golden ratio constant has order 2**29, which is
149 * more than enough for our purposes.)
150 */
153 }
155 /**
156 * AddUintptrToHash takes sizeof(uintptr_t) as a template parameter.
157 */
161 }
168 }
172 /**
173 * AddToHash takes a hash and some values and returns a new hash based on the
174 * inputs.
175 *
176 * Currently, we support hashing uint32_t's, values which we can implicitly
177 * convert to uint32_t, data pointers, and function pointers.
178 */
183 /*
184 * Try to convert |A| to uint32_t implicitly. If this works, great. If not,
185 * we'll error out.
186 */
188 }
192 /*
193 * You might think this function should just take a void*. But then we'd only
194 * catch data pointers and couldn't handle function pointers.
195 */
200 }
202 // We use AddUintptrToHash() for hashing all integral types. 8-byte integral
203 // types are treated the same as 64-bit pointers, and smaller integral types are
204 // first implicitly converted to 32 bits and then passed to AddUintptrToHash()
205 // to be hashed.
209 }
213 // Hash using AddUintptrToHash with the underlying type of the enum type
217 }
222 }
224 /**
225 * The HashGeneric class of functions let you hash one or more values.
226 *
227 * If you want to hash together two values x and y, calling HashGeneric(x, y) is
228 * much better than calling AddToHash(x, y), because AddToHash(x, y) assumes
229 * that x has already been hashed.
230 */
234 }
236 /**
237 * Hash successive |*aIter| until |!*aIter|, i.e. til null-termination.
238 *
239 * This function is *not* named HashString like the non-template overloads
240 * below. Some users define HashString overloads and pass inexactly-matching
241 * values to them -- but an inexactly-matching value would match this overload
242 * instead! We follow the general rule and don't mix and match template and
243 * regular overloads to avoid this.
244 *
245 * If you have the string's length, call HashStringKnownLength: it may be
246 * marginally faster.
247 */
253 }
255 }
257 /**
258 * Hash successive |aIter[i]| up to |i == aLength|.
259 */
266 }
268 }
270 /**
271 * The HashString overloads below do just what you'd expect.
272 *
273 * These functions are non-template functions so that users can 1) overload them
274 * with their own types 2) in a way that allows implicit conversions to happen.
275 */
277 // Use the |const unsigned char*| version of the above so that all ordinary
278 // character data hashes identically.
280 }
283 // Delegate to the |const unsigned char*| version of the above to share
284 // template instantiations.
286 aLength);
287 }
292 }
296 }
301 }
303 /**
304 * HashString overloads for |wchar_t| on platforms where it isn't |char16_t|.
305 */
311 }
318 }
320 /**
321 * Hash some number of bytes.
322 *
323 * This hash walks word-by-word, rather than byte-by-byte, so you won't get the
324 * same result out of HashBytes as you would out of HashString.
325 */
329 /**
330 * A pseudorandom function mapping 32-bit integers to 32-bit integers.
331 *
332 * This is for when you're feeding private data (like pointer values or credit
333 * card numbers) to a non-crypto hash function (like HashBytes) and then using
334 * the hash code for something that untrusted parties could observe (like a JS
335 * Map). Plug in a HashCodeScrambler before that last step to avoid leaking the
336 * private data.
337 *
338 * By itself, this does not prevent hash-flooding DoS attacks, because an
339 * attacker can still generate many values with exactly equal hash codes by
340 * attacking the non-crypto hash function alone. Equal hash codes will, of
341 * course, still be equal however much you scramble them.
342 *
343 * The algorithm is SipHash-1-3. See <https://131002.net/siphash/>.
344 */
351 /** Creates a new scrambler with the given 128-bit key. */
355 /**
356 * Scramble a hash code. Always produces the same result for the same
357 * combination of key and hash code.
358 */
362 }
366 }
370 }
375 // 1. Initialization.
380 }
383 // 2. Compression.
388 // 3. Finalization.
392 }
409 }
412 };
413 };