RAPPOR implementation

components/rappor/byte_vector_utils.h

Index: components/rappor/byte_vector_utils.h
diff --git a/components/rappor/byte_vector_utils.h b/components/rappor/byte_vector_utils.h
new file mode 100644
index 0000000000000000000000000000000000000000..e77edf7873f8cdf52f3c53e75442119063c5b30a
--- /dev/null
+++ b/components/rappor/byte_vector_utils.h
@@ -0,0 +1,86 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_RAPPOR_BYTE_VECTOR_UTILS_H_
+#define COMPONENTS_RAPPOR_BYTE_VECTOR_UTILS_H_
+
+#include <stddef.h>
+#include <stdint.h>
+#include <vector>
+
+#include "components/rappor/rappor_parameters.h"
+#include "crypto/hmac.h"
+
+namespace rappor {
+
+// A vector of 8-bit integers used to store a set of binary bits.
+typedef std::vector<uint8_t> ByteVector;
+
+// Computes a bitwise OR of byte vectors and stores the result in rhs.
+ByteVector* ByteVectorOr(const ByteVector& lhs, ByteVector* rhs);
+
+// Merges the contents of lhs and rhs  vectors according to a mask vector.
+// Equivalent to (lhs & ~mask) | (rhs & mask).  Stores the result in rhs.
+ByteVector* ByteVectorMerge(const ByteVector& mask,
+                            const ByteVector& lhs,
+                            ByteVector* rhs);
+
+// Counts the number of bits set in the byte vector.
+int CountBits(const ByteVector& vector);
+
+// A utility object for generating random binary data with different
+// likelihood of bits being true, using entropy from crypto::RandBytes().
+class ByteVectorGenerator {
+ public:
+  explicit ByteVectorGenerator(size_t byte_count);
+
+  ~ByteVectorGenerator();
+
+  // Generates a random byte vector where the bits are independent random
+  // variables which are true with the given |probability|.
+  ByteVector GetWeightedRandomByteVector(Probability probability);
+
+ protected:
+  // Generates a random vector of bytes from a uniform distribution.
+  virtual ByteVector GetRandomByteVector();
+
+  size_t byte_count_;
+
+  DISALLOW_COPY_AND_ASSIGN(ByteVectorGenerator);
+};
+
+// A ByteVectorGenerator that uses a psuedo-random function to generate a
+// deterministically random bits.  The implementation is equivalent to the
+// HMAC_DRBG algorithm from NIST, assuming that all of the bytes can
+// be generated from one request.  Therefore, this one instance of this class

[edknapp, 2014/02/11 17:28:00]

Something like:
This class only implements a single request from HMAC_DRBG and streams up to
2^19 bits from that request. 

[Steven Holte, 2014/02/11 22:08:14]

Done.

+// should not be used to generate more than 2^19 bits
+// Ref: http://csrc.nist.gov/publications/nistpubs/800-90A/SP800-90A.pdf
+// We're using our own PRNG instead of crypto::RandBytes because we need to
+// generate a repeatable sequence of bits from the same seed. Conservatively,
+// we're choosing to use HMAC_DRBG here, as it is one of the best studied
+// and standardized ways of generating deterministic, unpredictable sequences
+// based on a secret seed.
+class HmacByteVectorGenerator : public ByteVectorGenerator {
+ public:
+  // Constructor takes the size of the vector to generate, along with a
+  // secret value to seed the pseudo-random number generator.  |secret| is
+  // treated as an array of bytes.
+  HmacByteVectorGenerator(size_t byte_count, const std::string& secret);
+
+  ~HmacByteVectorGenerator();
+
+ protected:
+  virtual ByteVector GetRandomByteVector() OVERRIDE;
+
+ private:
+  crypto::HMAC hmac_;
+  ByteVector value_;
+  size_t requested_bytes_;
+
+  DISALLOW_COPY_AND_ASSIGN(HmacByteVectorGenerator);
+};
+
+}  // namespace rappor
+
+#endif  // COMPONENTS_RAPPOR_BYTE_VECTOR_UTILS_H_