| // Copyright 2016 The Fuchsia Authors |
| // |
| // Licensed under the Apache License, Version 2.0 (the "License"); |
| // you may not use this file except in compliance with the License. |
| // You may obtain a copy of the License at |
| // |
| // http://www.apache.org/licenses/LICENSE-2.0 |
| // |
| // Unless required by applicable law or agreed to in writing, software |
| // distributed under the License is distributed on an "AS IS" BASIS, |
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| // See the License for the specific language governing permissions and |
| // limitations under the License. |
| |
| #ifndef COBALT_SRC_ALGORITHMS_FORCULUS_FORCULUS_ENCRYPTER_H_ |
| #define COBALT_SRC_ALGORITHMS_FORCULUS_FORCULUS_ENCRYPTER_H_ |
| |
| #include <memory> |
| #include <string> |
| #include <utility> |
| |
| #include "src/algorithms/forculus/forculus_config.h" |
| #include "src/pb/observation.pb.h" |
| #include "src/system_data/client_secret.h" |
| |
| namespace cobalt::forculus { |
| |
| class ForculusConfigValidator; |
| |
| // Encrypts a string value using Forculus threshold encryption. This API |
| // is intended for use in the Cobalt Encoder. |
| class ForculusEncrypter { |
| public: |
| enum Status { kOK = 0, kInvalidConfig, kEncryptionFailed }; |
| |
| // Constructs a ForculusEncrypter with the given |config| for the specified |
| // metric part. |
| // |
| // The |client_secret| is the entropy used while deriving a point on |
| // the Forculus polynomial. |
| ForculusEncrypter(const ForculusConfig& config, uint32_t customer_id, uint32_t project_id, |
| uint32_t metric_id, std::string metric_part_name, |
| system_data::ClientSecret client_secret); |
| |
| ~ForculusEncrypter(); |
| |
| // Encrypts |plaintext| using Forculus threshold encryption and writes the |
| // output to |*observation_out|. |
| // |
| // Forculus encryption consists of the following steps: |
| // |
| // (1) Generate a polynomial f(x) over the Forculus field. The degree of |
| // the polynomial is |threshold| - 1. |
| // |
| // (2) Use the constant term from f(x) as the key with which to encrypt |
| // the plaintext and produce a ciphertext. |
| // |
| // (3) Generate a point x in the Forculus field and compute y = f(x) |
| // |
| // (4) Return the triple (ciphertext, x, y) |
| // |
| // |observation_day_index| is used to determine the observation epoch |
| // |
| // The generated polynomial and ciphertext are deteriministic functions of |
| // the following data: The plaintext, the epoch, the metric_id and |
| // metric_part_name and the threshold. They do not depend on client_secret |
| // and so are produced the same way by different clients. |
| // |
| // The generated x- and y-values are a deterministic function of all of the |
| // above plus the client_secret. They therfore will be different on different |
| // clients. |
| // |
| // Returns kOk on success, kInvalidConfig if the |config| passed to the |
| // constructor is not valid, or kEncryptionFailed if the encryption fails |
| // for any reason. |
| Status Encrypt(const std::string& plaintext, uint32_t observation_day_index, |
| ForculusObservation* observation_out); |
| |
| // Serializes |value| into a plaintext string using standard protocol buffer |
| // serialization and then invokes Encrypt() on the serialized bytes. |
| // |
| // The Cobalt Encoder invokes this method rather than directly invoking |
| // Encrypt() in order to uniformly handle values of different data types. |
| Status EncryptValue(const ValuePart& value, uint32_t observation_day_index, |
| ForculusObservation* observation_out); |
| |
| private: |
| std::unique_ptr<ForculusConfigValidator> config_; |
| uint32_t customer_id_, project_id_, metric_id_; |
| std::string metric_part_name_; |
| system_data::ClientSecret client_secret_; |
| }; |
| |
| } // namespace cobalt::forculus |
| |
| #endif // COBALT_SRC_ALGORITHMS_FORCULUS_FORCULUS_ENCRYPTER_H_ |