OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef COMPONENTS_RAPPOR_BYTE_VECTOR_UTILS_H_ | |
6 #define COMPONENTS_RAPPOR_BYTE_VECTOR_UTILS_H_ | |
7 | |
8 #include <stddef.h> | |
9 #include <stdint.h> | |
10 #include <vector> | |
11 | |
12 #include "components/rappor/rappor_parameters.h" | |
13 #include "crypto/hmac.h" | |
14 | |
15 namespace rappor { | |
16 | |
17 // A vector of 8-bit integers used to store a set of binary bits. | |
18 typedef std::vector<uint8_t> ByteVector; | |
19 | |
20 // Computes a bitwise OR of byte vectors and stores the result in rhs. | |
21 ByteVector* ByteVectorOr(const ByteVector& lhs, ByteVector* rhs); | |
22 | |
23 // Merges the contents of lhs and rhs vectors according to a mask vector. | |
24 // Equivalent to (lhs & ~mask) | (rhs & mask). Stores the result in rhs. | |
25 ByteVector* ByteVectorMerge(const ByteVector& mask, | |
26 const ByteVector& lhs, | |
27 ByteVector* rhs); | |
28 | |
29 // Counts the number of bits set in the byte vector. | |
30 int CountBits(const ByteVector& vector); | |
31 | |
32 // A utility object for generating random binary data with different | |
33 // likelihood of bits being true, using entropy from crypto::RandBytes(). | |
34 class ByteVectorGenerator { | |
35 public: | |
36 explicit ByteVectorGenerator(size_t byte_count); | |
37 | |
38 ~ByteVectorGenerator(); | |
39 | |
40 // Generates a random byte vector where the bits are independent random | |
41 // variables which are true with the given |probability|. | |
42 ByteVector GetWeightedRandomByteVector(Probability probability); | |
43 | |
44 protected: | |
45 // Generates a random vector of bytes from a uniform distribution. | |
46 virtual ByteVector GetRandomByteVector(); | |
47 | |
48 size_t byte_count_; | |
49 | |
50 DISALLOW_COPY_AND_ASSIGN(ByteVectorGenerator); | |
51 }; | |
52 | |
53 // A ByteVectorGenerator that uses a psuedo-random function to generate a | |
54 // deterministically random bits. This class only implements a single request | |
55 // from HMAC_DRBG and streams up to 2^19 bits from that request. | |
56 // Ref: http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf | |
57 // We're using our own PRNG instead of crypto::RandBytes because we need to | |
58 // generate a repeatable sequence of bits from the same seed. Conservatively, | |
59 // we're choosing to use HMAC_DRBG here, as it is one of the best studied | |
60 // and standardized ways of generating deterministic, unpredictable sequences | |
61 // based on a secret seed. | |
62 class HmacByteVectorGenerator : public ByteVectorGenerator { | |
63 public: | |
64 // Constructor takes the size of the vector to generate, along with a | |
65 // secret value to seed the pseudo-random number generator. |secret| is | |
66 // treated as an array of bytes. | |
67 HmacByteVectorGenerator(size_t byte_count, | |
68 const std::string& entropy_input, | |
69 const std::string& personalization_string); | |
70 | |
71 ~HmacByteVectorGenerator(); | |
72 | |
73 static std::string GenerateEntropyInput(); | |
74 | |
75 // Key size required for 128-bit security strength (including nonce). | |
76 static const size_t kEntropyInputSize; | |
77 | |
78 protected: | |
79 virtual ByteVector GetRandomByteVector() OVERRIDE; | |
80 | |
81 private: | |
82 // HMAC_DRBG_Update | |
Alexei Svitkine (slow)
2014/02/12 18:13:05
Expand comment to briefly explain what this does (
Steven Holte
2014/02/12 22:28:50
Done.
| |
83 void Update(const std::string& provided_data, const ByteVector& key); | |
84 | |
85 // HMAC initalized with the value of "Key" HMAC_DRBG_Initialize. | |
86 crypto::HMAC hmac_; | |
87 // The "V" value from HMAC_DRBG. | |
88 ByteVector value_; | |
89 // Total number of bytes streamed from the HMAC_DRBG Generate Process | |
Alexei Svitkine (slow)
2014/02/12 18:13:05
Nit: add . at the end
Steven Holte
2014/02/12 22:28:50
Done.
| |
90 size_t requested_bytes_; | |
Alexei Svitkine (slow)
2014/02/12 18:13:05
Nit: I'd use a different name for this, "requested
Steven Holte
2014/02/12 22:28:50
Done.
| |
91 | |
92 DISALLOW_COPY_AND_ASSIGN(HmacByteVectorGenerator); | |
93 }; | |
94 | |
95 } // namespace rappor | |
96 | |
97 #endif // COMPONENTS_RAPPOR_BYTE_VECTOR_UTILS_H_ | |
OLD | NEW |