Synchronize private membership library from google3 and chromium.
Synchronization between the google3 and chromium private membership
library is handled through copybara.
BUG=chromium:1327682
Change-Id: Iff2b95cee8dcffe6ed0ffc55e4853d38015c13de
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3628355
Reviewed-by: Amr Aboelkher <amraboelkher@chromium.org>
Commit-Queue: Hirthanan Subenderan <hirthanan@google.com>
Cr-Commit-Position: refs/heads/main@{#1012742}
NOKEYCHECK=True
GitOrigin-RevId: faea7a580cc754a21b71ce78d91cc1641fc9c29b
diff --git a/BUILD.gn b/BUILD.gn
index 63757f3..164b4bc 100644
--- a/BUILD.gn
+++ b/BUILD.gn
@@ -99,7 +99,6 @@
"src/internal/rlwe_id_utils.h",
"src/internal/rlwe_params.h",
"src/internal/utils.h",
- "src/membership_response_map.h",
"src/private_membership_rlwe_client.h",
]
sources = [
@@ -112,7 +111,6 @@
"src/internal/rlwe_id_utils.cc",
"src/internal/rlwe_params.cc",
"src/internal/utils.cc",
- "src/membership_response_map.cc",
"src/private_membership_rlwe_client.cc",
]
public_deps = [
@@ -143,13 +141,14 @@
# TODO(crbug.com/1298087): Re-enable these test files to comply with
# Chromium.
+ #"src/internal/encrypted_buckets_test.cc",
#"src/internal/hashed_bucket_id_test.cc",
+ #"src/internal/hashed_buckets_test.cc",
"src/internal/id_utils_test.cc",
"src/internal/oprf_utils_test.cc",
"src/internal/rlwe_id_utils_test.cc",
"src/internal/utils_test.cc",
- "src/membership_response_map_test.cc",
"src/private_membership_rlwe_client_regression_test.cc",
]
public_deps = [
diff --git a/README.chromium b/README.chromium
index 3f9bc89..f5d20c2 100644
--- a/README.chromium
+++ b/README.chromium
@@ -1,6 +1,6 @@
Name: PSM (Private Set Membership) client side
URL: None
-Version: 24-Feb-2022
+Version: 31-Mar-2022
License: Apache Version 2.0
License File: LICENSE
Security Critical: yes
diff --git a/src/internal/aes_ctr_256_with_fixed_iv.cc b/src/internal/aes_ctr_256_with_fixed_iv.cc
index 4301ed5..28efef0 100644
--- a/src/internal/aes_ctr_256_with_fixed_iv.cc
+++ b/src/internal/aes_ctr_256_with_fixed_iv.cc
@@ -14,6 +14,7 @@
#include "third_party/private_membership/src/internal/aes_ctr_256_with_fixed_iv.h"
+#include <string>
#include <vector>
#include <openssl/err.h>
diff --git a/src/internal/aes_ctr_256_with_fixed_iv.h b/src/internal/aes_ctr_256_with_fixed_iv.h
index a07dc41..a108f06 100644
--- a/src/internal/aes_ctr_256_with_fixed_iv.h
+++ b/src/internal/aes_ctr_256_with_fixed_iv.h
@@ -16,6 +16,7 @@
#define THIRD_PARTY_PRIVATE_MEMBERSHIP_SRC_INTERNAL_AES_CTR_256_WITH_FIXED_IV_H_
#include <memory>
+#include <string>
#include "third_party/private_membership/base/private_membership_export.h"
#include "absl/strings/string_view.h"
diff --git a/src/internal/aes_ctr_256_with_fixed_iv_test.cc b/src/internal/aes_ctr_256_with_fixed_iv_test.cc
index 032d91a..44911f8 100644
--- a/src/internal/aes_ctr_256_with_fixed_iv_test.cc
+++ b/src/internal/aes_ctr_256_with_fixed_iv_test.cc
@@ -15,6 +15,7 @@
#include "third_party/private_membership/src/internal/aes_ctr_256_with_fixed_iv.h"
#include <memory>
+#include <string>
#include <gmock/gmock.h>
#include <gtest/gtest.h>
diff --git a/src/internal/crypto_utils.cc b/src/internal/crypto_utils.cc
index 4751632..9aa682a 100644
--- a/src/internal/crypto_utils.cc
+++ b/src/internal/crypto_utils.cc
@@ -14,6 +14,8 @@
#include "third_party/private_membership/src/internal/crypto_utils.h"
+#include <string>
+
#include "third_party/private_membership/src/internal/aes_ctr_256_with_fixed_iv.h"
#include "third_party/private_membership/src/internal/id_utils.h"
#include "third_party/shell-encryption/src/status_macros.h"
diff --git a/src/internal/crypto_utils_test.cc b/src/internal/crypto_utils_test.cc
index cc28394..ddd8208 100644
--- a/src/internal/crypto_utils_test.cc
+++ b/src/internal/crypto_utils_test.cc
@@ -14,6 +14,8 @@
#include "third_party/private_membership/src/internal/crypto_utils.h"
+#include <string>
+
#include "third_party/private_membership/src/internal/aes_ctr_256_with_fixed_iv.h"
#include "third_party/private_membership/src/private_membership.pb.h"
#include <gmock/gmock.h>
@@ -27,7 +29,6 @@
constexpr int kCurveId = NID_X9_62_prime256v1;
using ::rlwe::testing::StatusIs;
-using ::testing::Eq;
using ::testing::HasSubstr;
class CryptoUtilsTest : public ::testing::Test {
diff --git a/src/internal/encrypted_bucket_id.h b/src/internal/encrypted_bucket_id.h
index dd758d6..9af3d12 100644
--- a/src/internal/encrypted_bucket_id.h
+++ b/src/internal/encrypted_bucket_id.h
@@ -15,6 +15,8 @@
#ifndef THIRD_PARTY_PRIVATE_MEMBERSHIP_SRC_INTERNAL_ENCRYPTED_BUCKET_ID_H_
#define THIRD_PARTY_PRIVATE_MEMBERSHIP_SRC_INTERNAL_ENCRYPTED_BUCKET_ID_H_
+#include <string>
+
#include "third_party/private-join-and-compute/src/crypto/ec_commutative_cipher.h"
#include "third_party/private_membership/base/private_membership_export.h"
#include "third_party/private_membership/src/private_membership_rlwe.pb.h"
diff --git a/src/internal/encrypted_bucket_id_test.cc b/src/internal/encrypted_bucket_id_test.cc
index 4f08bad..213ebe2 100644
--- a/src/internal/encrypted_bucket_id_test.cc
+++ b/src/internal/encrypted_bucket_id_test.cc
@@ -15,6 +15,7 @@
#include "third_party/private_membership/src/internal/encrypted_bucket_id.h"
#include <cstdint>
+#include <string>
#include "third_party/private_membership/src/private_membership_rlwe.pb.h"
#include "third_party/private_membership/src/internal/rlwe_id_utils.h"
diff --git a/src/internal/hashed_bucket_id.cc b/src/internal/hashed_bucket_id.cc
index 73cc23a..364e4db 100644
--- a/src/internal/hashed_bucket_id.cc
+++ b/src/internal/hashed_bucket_id.cc
@@ -14,6 +14,7 @@
#include "third_party/private_membership/src/internal/hashed_bucket_id.h"
+#include <string>
#include <utility>
#include "third_party/private_membership/src/private_membership.pb.h"
diff --git a/src/internal/hashed_bucket_id.h b/src/internal/hashed_bucket_id.h
index d460610..38f57c5 100644
--- a/src/internal/hashed_bucket_id.h
+++ b/src/internal/hashed_bucket_id.h
@@ -15,6 +15,8 @@
#ifndef THIRD_PARTY_PRIVATE_MEMBERSHIP_SRC_INTERNAL_HASHED_BUCKET_ID_H_
#define THIRD_PARTY_PRIVATE_MEMBERSHIP_SRC_INTERNAL_HASHED_BUCKET_ID_H_
+#include <string>
+
#include "third_party/private-join-and-compute/src/crypto/ec_commutative_cipher.h"
#include "third_party/private_membership/src/private_membership_rlwe.pb.h"
#include "absl/hash/hash.h"
diff --git a/src/internal/id_utils.cc b/src/internal/id_utils.cc
index 10ee447..a01bf2a 100644
--- a/src/internal/id_utils.cc
+++ b/src/internal/id_utils.cc
@@ -14,6 +14,8 @@
#include "third_party/private_membership/src/internal/id_utils.h"
+#include <string>
+
namespace private_membership {
std::string PadOrTruncate(absl::string_view in, int len) {
diff --git a/src/internal/id_utils_test.cc b/src/internal/id_utils_test.cc
index cb245bf..dbace14 100644
--- a/src/internal/id_utils_test.cc
+++ b/src/internal/id_utils_test.cc
@@ -14,6 +14,8 @@
#include "third_party/private_membership/src/internal/id_utils.h"
+#include <string>
+
#include <gmock/gmock.h>
#include <gtest/gtest.h>
diff --git a/src/internal/oprf_utils.cc b/src/internal/oprf_utils.cc
index 13b6191..053d6f3 100644
--- a/src/internal/oprf_utils.cc
+++ b/src/internal/oprf_utils.cc
@@ -29,7 +29,7 @@
doubly_encrypted_id.set_queried_encrypted_id(std::string(encrypted_id));
auto reencrypted_id =
- ec_cipher->ReEncrypt(std::string(encrypted_id));
+ ec_cipher->ReEncrypt(std::string(encrypted_id)); // NOLINT
if (!reencrypted_id.ok()) {
return reencrypted_id.status();
}
diff --git a/src/internal/rlwe_id_utils.cc b/src/internal/rlwe_id_utils.cc
index 43eb083..9cbbdc8 100644
--- a/src/internal/rlwe_id_utils.cc
+++ b/src/internal/rlwe_id_utils.cc
@@ -18,6 +18,7 @@
#include <utility>
#include "third_party/private_membership/src/internal/crypto_utils.h"
+#include "third_party/private_membership/src/private_membership.pb.h"
#include "third_party/private_membership/src/internal/constants.h"
#include "absl/status/status.h"
#include "absl/strings/str_cat.h"
@@ -51,20 +52,33 @@
}
const std::string hashed_encrypted_id = HashEncryptedId(encrypted_id, ctx);
- // Find the first byte that is not used by the bucket ID.
- int start_byte = (params.encrypted_bucket_id_length() - 1) / 8 + 1;
+ switch (params.sensitive_id_hash_type()) {
+ case ENCRYPTED_BUCKET_HASH_TYPE_UNDEFINED: {
+ return absl::InvalidArgumentError(
+ "Sensitive id hash type must be defined.");
+ }
+ case ENCRYPTED_BUCKET_TEST_HASH_TYPE:
+ case SHA256_NON_SENSITIVE_AND_SENSITIVE_ID: {
+ // Find the first byte that is not used by the bucket ID.
+ int start_byte = (params.encrypted_bucket_id_length() - 1) / 8 + 1;
- // Ensure that the total of the bytes stored in the bucket plus the length
- // of the bucket ID is at least kBucketStoredEncryptedIdByteLength. Since
- // the ID within a bucket needs to be represented at byte-level
- // granularity, pad up the remainder of a byte if needed.
- int byte_length =
- kStoredEncryptedIdByteLength - (params.encrypted_bucket_id_length() / 8);
- if (byte_length < 0) {
- byte_length = 0;
+ // Ensure that the total of the bytes stored in the bucket plus the length
+ // of the bucket ID is at least kBucketStoredEncryptedIdByteLength. Since
+ // the ID within a bucket needs to be represented at byte-level
+ // granularity, pad up the remainder of a byte if needed.
+ int byte_length = kStoredEncryptedIdByteLength -
+ (params.encrypted_bucket_id_length() / 8);
+ if (byte_length < 0) {
+ byte_length = 0;
+ }
+ std::string stored_encrypted_id(hashed_encrypted_id, start_byte,
+ byte_length);
+ return stored_encrypted_id;
+ }
+ default:
+ return absl::InvalidArgumentError(absl::StrCat(
+ "Unknown sensitive id hash type: ", params.sensitive_id_hash_type()));
}
- std::string stored_encrypted_id(hashed_encrypted_id, start_byte, byte_length);
- return stored_encrypted_id;
}
std::string HashRlwePlaintextId(const RlwePlaintextId& id) {
diff --git a/src/internal/rlwe_id_utils_test.cc b/src/internal/rlwe_id_utils_test.cc
index f03ba96..e92fa13 100644
--- a/src/internal/rlwe_id_utils_test.cc
+++ b/src/internal/rlwe_id_utils_test.cc
@@ -14,7 +14,8 @@
#include "third_party/private_membership/src/internal/rlwe_id_utils.h"
-#include "third_party/private_membership/src/private_membership.pb.h"
+#include <string>
+
#include "third_party/private_membership/src/internal/constants.h"
#include "third_party/private_membership/src/internal/testing/constants.h"
#include <gmock/gmock.h>
@@ -34,6 +35,7 @@
TEST(RlweIdUtils, ComputeBucketStoredEncryptedIdSuccess) {
EncryptedBucketsParameters params;
params.set_encrypted_bucket_id_length(14);
+ params.set_sensitive_id_hash_type(ENCRYPTED_BUCKET_TEST_HASH_TYPE);
RlwePlaintextId plaintext_id;
plaintext_id.set_non_sensitive_id("nsid");
@@ -62,6 +64,7 @@
EncryptedBucketsParameters empty_id_params;
empty_id_params.set_encrypted_bucket_id_length(kStoredEncryptedIdByteLength *
8);
+ empty_id_params.set_sensitive_id_hash_type(ENCRYPTED_BUCKET_TEST_HASH_TYPE);
RlwePlaintextId plaintext_id;
plaintext_id.set_non_sensitive_id("empty-nsid");
@@ -82,6 +85,7 @@
TEST(RlweIdUtils, ComputeBucketStoredEncryptedIdError) {
EncryptedBucketsParameters params;
params.set_encrypted_bucket_id_length(14);
+ params.set_sensitive_id_hash_type(ENCRYPTED_BUCKET_TEST_HASH_TYPE);
RlwePlaintextId plaintext_id;
plaintext_id.set_non_sensitive_id("nsid-test");
@@ -177,6 +181,43 @@
hash.length()));
}
+TEST(RlweIdUtils, AllSensitiveIdHashTypesCovered) {
+ RlwePlaintextId plaintext_id;
+ plaintext_id.set_non_sensitive_id("nsid");
+ plaintext_id.set_sensitive_id("sid");
+
+ private_join_and_compute::Context ctx;
+ ASSERT_OK_AND_ASSIGN(
+ auto ec_cipher,
+ private_join_and_compute::ECCommutativeCipher::CreateWithNewKey(
+ kTestCurveId, private_join_and_compute::ECCommutativeCipher::HashType::SHA256));
+
+ // The EnumerateEnumValues method is unavailable in Chromium.
+ // Test uses a hardcoded vector of the enums in order to allow clean
+ // compilation and have this test coverage in Chromium.
+ // LINT.IfChange(encrypted_bucket_hash_types)
+ std::vector<EncryptedBucketHashType> encrypted_bucket_hash_types = {
+ ENCRYPTED_BUCKET_HASH_TYPE_UNDEFINED, ENCRYPTED_BUCKET_TEST_HASH_TYPE,
+ SHA256_NON_SENSITIVE_AND_SENSITIVE_ID,
+ };
+ // LINT.ThenChange()
+
+ for (const auto& hash_type : encrypted_bucket_hash_types) {
+ EncryptedBucketsParameters params;
+ params.set_encrypted_bucket_id_length(14);
+ params.set_sensitive_id_hash_type(hash_type);
+ if (hash_type == ENCRYPTED_BUCKET_HASH_TYPE_UNDEFINED) {
+ EXPECT_THAT(ComputeBucketStoredEncryptedId(plaintext_id, params,
+ ec_cipher.get(), &ctx),
+ StatusIs(absl::StatusCode::kInvalidArgument,
+ HasSubstr("must be defined.")));
+ } else {
+ EXPECT_OK(ComputeBucketStoredEncryptedId(plaintext_id, params,
+ ec_cipher.get(), &ctx));
+ }
+ }
+}
+
} // namespace
} // namespace rlwe
} // namespace private_membership
diff --git a/src/internal/rlwe_params.cc b/src/internal/rlwe_params.cc
index 87a7b7e..1b354e3 100644
--- a/src/internal/rlwe_params.cc
+++ b/src/internal/rlwe_params.cc
@@ -14,6 +14,9 @@
#include "third_party/private_membership/src/internal/rlwe_params.h"
+#include <memory>
+#include <utility>
+
#include "third_party/private_membership/src/private_membership_rlwe.pb.h"
#include "third_party/private_membership/src/internal/constants.h"
#include "third_party/shell-encryption/src/montgomery.h"
@@ -92,7 +95,7 @@
RLWE_ASSIGN_OR_RETURN(::rlwe::NttParameters<ModularInt> ntt_params,
::rlwe::InitializeNttParameters<ModularInt>(
rlwe_params.log_degree(), modulus_params));
- return absl::make_unique<const ::rlwe::NttParameters<ModularInt>>(
+ return std::make_unique<const ::rlwe::NttParameters<ModularInt>>(
std::move(ntt_params));
}
@@ -114,7 +117,7 @@
::rlwe::ErrorParams<ModularInt>::Create(
rlwe_params.log_t(), rlwe_params.variance(),
modulus_params, ntt_params));
- return absl::make_unique<const ::rlwe::ErrorParams<ModularInt>>(error_params);
+ return std::make_unique<const ::rlwe::ErrorParams<ModularInt>>(error_params);
}
template ::rlwe::StatusOr<
diff --git a/src/internal/testing/regression_test_data/test_data.binarypb b/src/internal/testing/regression_test_data/test_data.binarypb
index 7d591a1..137de02 100644
--- a/src/internal/testing/regression_test_data/test_data.binarypb
+++ b/src/internal/testing/regression_test_data/test_data.binarypb
Binary files differ
diff --git a/src/internal/utils.cc b/src/internal/utils.cc
index 92086ec..f2120f2 100644
--- a/src/internal/utils.cc
+++ b/src/internal/utils.cc
@@ -14,6 +14,8 @@
#include "third_party/private_membership/src/internal/utils.h"
+#include <string>
+
#include "third_party/shell-encryption/src/status_macros.h"
namespace private_membership {
diff --git a/src/membership_response_map.cc b/src/membership_response_map.cc
deleted file mode 100644
index 231752e..0000000
--- a/src/membership_response_map.cc
+++ /dev/null
@@ -1,47 +0,0 @@
-// Copyright 2020 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include "third_party/private_membership/src/membership_response_map.h"
-
-#include "third_party/private_membership/src/internal/rlwe_id_utils.h"
-
-namespace private_membership {
-namespace rlwe {
-
-private_membership::MembershipResponse MembershipResponseMap::Get(
- RlwePlaintextId id) {
- return map_[HashRlwePlaintextId(id)];
-}
-
-void MembershipResponseMap::Update(
- RlwePlaintextId id, private_membership::MembershipResponse response) {
- map_[HashRlwePlaintextId(id)] = response;
-}
-
-bool MembershipResponseMap::Contains(RlwePlaintextId id) {
- return map_.contains(HashRlwePlaintextId(id));
-}
-
-void MembershipResponseMap::Merge(const MembershipResponseMap& other_map) {
- // Check for duplicate IDs.
- for (auto it = other_map.GetMap().begin(); it != other_map.GetMap().end();
- ++it) {
- if (!map_.contains(it->first)) {
- map_[it->first] = it->second;
- }
- }
-}
-
-} // namespace rlwe
-} // namespace private_membership
diff --git a/src/membership_response_map.h b/src/membership_response_map.h
deleted file mode 100644
index b556985..0000000
--- a/src/membership_response_map.h
+++ /dev/null
@@ -1,58 +0,0 @@
-// Copyright 2020 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#ifndef THIRD_PARTY_PRIVATE_MEMBERSHIP_SRC_MEMBERSHIP_RESPONSE_MAP_H_
-#define THIRD_PARTY_PRIVATE_MEMBERSHIP_SRC_MEMBERSHIP_RESPONSE_MAP_H_
-
-#include "third_party/private_membership/src/private_membership.pb.h"
-#include "third_party/private_membership/base/private_membership_export.h"
-#include "third_party/private_membership/src/private_membership_rlwe.pb.h"
-#include "absl/container/flat_hash_map.h"
-
-namespace private_membership {
-namespace rlwe {
-
-class PRIVATE_MEMBERSHIP_EXPORT MembershipResponseMap {
- public:
- MembershipResponseMap() = default;
-
- // Get the MembershipResponse associated with id.
- private_membership::MembershipResponse Get(RlwePlaintextId id);
-
- // Update the Membership Response associated with id.
- void Update(RlwePlaintextId id,
- private_membership::MembershipResponse response);
-
- // Merges current map with argument map. Duplicate IDs that appear in
- // other_map will not be reflected in the newly merged map.
- void Merge(const MembershipResponseMap& other_map);
-
- const absl::flat_hash_map<std::string,
- private_membership::MembershipResponse>&
- GetMap() const {
- return map_;
- }
-
- // Returns whether map contains passed id.
- bool Contains(RlwePlaintextId id);
-
- private:
- // Map storing hashes of RlwePlaintextId to responses.
- absl::flat_hash_map<std::string, private_membership::MembershipResponse> map_;
-};
-
-} // namespace rlwe
-} // namespace private_membership
-
-#endif // THIRD_PARTY_PRIVATE_MEMBERSHIP_SRC_MEMBERSHIP_RESPONSE_MAP_H_
diff --git a/src/membership_response_map_test.cc b/src/membership_response_map_test.cc
deleted file mode 100644
index 7784138..0000000
--- a/src/membership_response_map_test.cc
+++ /dev/null
@@ -1,125 +0,0 @@
-// Copyright 2020 Google LLC
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// https://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-#include "third_party/private_membership/src/membership_response_map.h"
-
-#include "third_party/private_membership/src/private_membership.pb.h"
-#include <gmock/gmock.h>
-#include <gtest/gtest.h>
-#include "third_party/shell-encryption/src/testing/protobuf_matchers.h"
-
-namespace private_membership {
-namespace rlwe {
-namespace {
-
-using ::rlwe::testing::EqualsProto;
-
-RlwePlaintextId CreateRlwePlaintextId(absl::string_view non_sensitive_id,
- absl::string_view sensitive_id) {
- RlwePlaintextId id;
- id.set_non_sensitive_id(std::string(
- non_sensitive_id));
- id.set_sensitive_id(
- std::string(sensitive_id));
- return id;
-}
-
-TEST(MembershipResponseMapTest, GetEmpty) {
- MembershipResponseMap map;
- EXPECT_THAT(map.Get(CreateRlwePlaintextId("1", "2")),
- EqualsProto(private_membership::MembershipResponse()));
-}
-
-TEST(MembershipResponseMapTest, UpdateAndGet) {
- MembershipResponseMap map;
- RlwePlaintextId id = CreateRlwePlaintextId("a", "b");
- EXPECT_THAT(map.Get(id),
- EqualsProto(private_membership::MembershipResponse()));
-
- private_membership::MembershipResponse resp;
- resp.set_is_member(true);
- map.Update(id, resp);
- EXPECT_THAT(map.Get(id), EqualsProto(resp));
-}
-
-TEST(MembershipResponseMapTest, Contains) {
- MembershipResponseMap map;
- RlwePlaintextId id = CreateRlwePlaintextId("a", "b");
- EXPECT_FALSE(map.Contains(id));
-
- private_membership::MembershipResponse resp;
- resp.set_is_member(true);
- map.Update(id, resp);
- EXPECT_TRUE(map.Contains(id));
-}
-
-TEST(MembershipResponseMapTest, MultipleUpdateAndGet) {
- const int num_rounds = 1000;
- std::vector<RlwePlaintextId> ids(num_rounds);
- std::vector<private_membership::MembershipResponse> resps(num_rounds);
-
- MembershipResponseMap map;
- for (int i = 0; i < num_rounds; ++i) {
- ids[i] =
- CreateRlwePlaintextId(absl::StrCat("nsid", i), absl::StrCat("sid", i));
- resps[i].set_value(absl::StrCat("value", i));
- map.Update(ids[i], resps[i]);
- }
- for (int i = 0; i < num_rounds; ++i) {
- EXPECT_THAT(map.Get(ids[i]), EqualsProto(resps[i]));
- }
-}
-
-TEST(MembershipResponseMapTest, Merge) {
- const int num_items = 50;
- std::vector<RlwePlaintextId> ids(num_items);
- std::vector<private_membership::MembershipResponse> resps(num_items);
-
- MembershipResponseMap map1;
- MembershipResponseMap map2;
- for (int i = 0; i < num_items; ++i) {
- ids[i] =
- CreateRlwePlaintextId(absl::StrCat("nsid", i), absl::StrCat("sid", i));
- resps[i].set_value(absl::StrCat("value", i));
- if (i % 2 == 0) {
- map1.Update(ids[i], resps[i]);
- } else {
- map2.Update(ids[i], resps[i]);
- }
- }
- map1.Merge(map2);
- for (int i = 0; i < num_items; ++i) {
- EXPECT_THAT(map1.Get(ids[i]), EqualsProto(resps[i]));
- }
-}
-
-TEST(MembershipResponseMapTest, MergeWithDuplicateIds) {
- RlwePlaintextId id = CreateRlwePlaintextId("nsid", "sid");
- private_membership::MembershipResponse resp1;
- resp1.set_value("value1");
- private_membership::MembershipResponse resp2;
- resp2.set_value("value2");
-
- MembershipResponseMap map1;
- map1.Update(id, resp1);
- MembershipResponseMap map2;
- map2.Update(id, resp2);
- map1.Merge(map2);
-
- EXPECT_THAT(map1.Get(id), EqualsProto(resp1));
-}
-
-} // namespace
-} // namespace rlwe
-} // namespace private_membership
diff --git a/src/private_membership.proto b/src/private_membership.proto
index 925ea33..39fdbe3 100644
--- a/src/private_membership.proto
+++ b/src/private_membership.proto
@@ -31,6 +31,7 @@
// Add more hash types if necessary.
}
+// LINT.IfChange
// An enum describing how to hash IDs to encrypted buckets.
enum EncryptedBucketHashType {
ENCRYPTED_BUCKET_HASH_TYPE_UNDEFINED = 0;
@@ -44,6 +45,7 @@
reserved 2;
}
+// LINT.ThenChange(//depot/google3/privacy/private_membership/rlwe/shared/rlwe_id_utils_test.cc:encrypted_bucket_hash_types)
// A proto message that holds the doubly encrypted identifier.
message DoublyEncryptedId {
diff --git a/src/private_membership_rlwe.proto b/src/private_membership_rlwe.proto
index 6ad214a..34a4f25 100644
--- a/src/private_membership_rlwe.proto
+++ b/src/private_membership_rlwe.proto
@@ -97,7 +97,7 @@
// Different use cases of the RLWE-based PSM protocol.
//
-// NEXT ID: 16
+// NEXT ID: 18
enum RlweUseCase {
RLWE_USE_CASE_UNDEFINED = 0;
TEST_USE_CASE = 1;
@@ -114,7 +114,9 @@
// Use-cases for ChromeOS Device Active Reporting to Fresnel.
CROS_FRESNEL_DAILY = 13;
CROS_FRESNEL_MONTHLY = 14;
- CROS_FRESNEL_ALL_TIME = 15;
+ CROS_FRESNEL_FIRST_ACTIVE = 15;
+ CROS_FRESNEL_7DAY_ACTIVE = 16;
+ CROS_FRESNEL_28DAY_ACTIVE = 17;
reserved 4, 6, 7, 8, 9, 10, 11;
}
@@ -266,6 +268,10 @@
// Value that is encrypted using AES where the key is a serialization
// of the identifier encrypted using the Elliptic curve commutative cipher.
bytes encrypted_value = 2;
+
+ // Proto containing the sensitive and non-sensitive portion of the
+ // identifier in plaintext.
+ RlwePlaintextId id = 3;
}
}
diff --git a/src/private_membership_rlwe_client.cc b/src/private_membership_rlwe_client.cc
index e52e27b..7ea031f 100644
--- a/src/private_membership_rlwe_client.cc
+++ b/src/private_membership_rlwe_client.cc
@@ -15,7 +15,9 @@
#include "third_party/private_membership/src/private_membership_rlwe_client.h"
#include <algorithm>
+#include <optional>
#include <string>
+#include <utility>
#include "third_party/private-join-and-compute/src/crypto/ec_commutative_cipher.h"
#include "third_party/private_membership/src/internal/crypto_utils.h"
@@ -43,7 +45,7 @@
PrivateMembershipRlweClient::Create(
private_membership::rlwe::RlweUseCase use_case,
const std::vector<RlwePlaintextId>& plaintext_ids) {
- return CreateInternal(use_case, plaintext_ids, absl::optional<std::string>(),
+ return CreateInternal(use_case, plaintext_ids, std::optional<std::string>(),
internal::PrngSeedGenerator::Create());
}
@@ -55,7 +57,7 @@
RLWE_ASSIGN_OR_RETURN(auto prng_seed_generator,
internal::PrngSeedGenerator::CreateDeterministic(seed));
return CreateInternal(use_case, plaintext_ids,
- absl::optional<std::string>(ec_cipher_key),
+ std::optional<std::string>(ec_cipher_key),
std::move(prng_seed_generator));
}
@@ -63,7 +65,7 @@
PrivateMembershipRlweClient::CreateInternal(
private_membership::rlwe::RlweUseCase use_case,
const std::vector<RlwePlaintextId>& plaintext_ids,
- absl::optional<std::string> ec_cipher_key,
+ std::optional<std::string> ec_cipher_key,
std::unique_ptr<internal::PrngSeedGenerator> prng_seed_generator) {
if (use_case == private_membership::rlwe::RLWE_USE_CASE_UNDEFINED) {
return absl::InvalidArgumentError("Use case must be defined.");
@@ -388,7 +390,7 @@
PrngSeedGenerator::PrngSeedGenerator(
std::unique_ptr<SingleThreadPrng> prng_seed_generator)
: deterministic_prng_seed_generator_(
- absl::optional<std::unique_ptr<SingleThreadPrng>>(
+ std::optional<std::unique_ptr<SingleThreadPrng>>(
std::move(prng_seed_generator))) {}
template <typename ModularInt>
diff --git a/src/private_membership_rlwe_client.h b/src/private_membership_rlwe_client.h
index 5ebab23..0fdd6af 100644
--- a/src/private_membership_rlwe_client.h
+++ b/src/private_membership_rlwe_client.h
@@ -15,6 +15,9 @@
#ifndef THIRD_PARTY_PRIVATE_MEMBERSHIP_SRC_PRIVATE_MEMBERSHIP_RLWE_CLIENT_H_
#define THIRD_PARTY_PRIVATE_MEMBERSHIP_SRC_PRIVATE_MEMBERSHIP_RLWE_CLIENT_H_
+#include <optional>
+#include <string>
+
#include "third_party/private-join-and-compute/src/crypto/ec_commutative_cipher.h"
#include "third_party/private_membership/src/private_membership.pb.h"
#include "third_party/private_membership/base/private_membership_export.h"
@@ -49,7 +52,7 @@
explicit PrngSeedGenerator(
std::unique_ptr<SingleThreadPrng> prng_seed_generator);
- const absl::optional<std::unique_ptr<SingleThreadPrng>>
+ const std::optional<std::unique_ptr<SingleThreadPrng>>
deterministic_prng_seed_generator_;
};
@@ -192,7 +195,7 @@
CreateInternal(
private_membership::rlwe::RlweUseCase use_case,
const std::vector<RlwePlaintextId>& plaintext_ids,
- absl::optional<std::string> ec_cipher_key,
+ std::optional<std::string> ec_cipher_key,
std::unique_ptr<internal::PrngSeedGenerator> prng_seed_generator);
PrivateMembershipRlweClient(
