1 // Copyright 2016 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/unguessable_token.h"
9 #include "base/format_macros.h"
10 #include "base/rand_util.h"
11 #include "build/build_config.h"
13 #if !BUILDFLAG(IS_NACL)
14 #include "third_party/boringssl/src/include/openssl/mem.h"
19 UnguessableToken::UnguessableToken(const base::Token& token) : token_(token) {}
22 UnguessableToken UnguessableToken::Create() {
23 return UnguessableToken(Token::CreateRandom());
27 const UnguessableToken& UnguessableToken::Null() {
28 static const UnguessableToken null_token{};
33 UnguessableToken UnguessableToken::Deserialize(uint64_t high, uint64_t low) {
34 // Receiving a zeroed out UnguessableToken from another process means that it
35 // was never initialized via Create(). The real check for this is in the
36 // StructTraits in mojo/public/cpp/base/unguessable_token_mojom_traits.cc
37 // where a zero-ed out token will fail to deserialize. This DCHECK is a
39 DCHECK(!(high == 0 && low == 0));
40 return UnguessableToken(Token{high, low});
43 bool UnguessableToken::operator==(const UnguessableToken& other) const {
44 #if BUILDFLAG(IS_NACL)
45 // BoringSSL is unavailable for NaCl builds so it remains timing dependent.
46 return token_ == other.token_;
48 auto bytes = token_.AsBytes();
49 auto other_bytes = other.token_.AsBytes();
50 return CRYPTO_memcmp(bytes.data(), other_bytes.data(), bytes.size()) == 0;
54 std::ostream& operator<<(std::ostream& out, const UnguessableToken& token) {
55 return out << "(" << token.ToString() << ")";