Snap for 11190379 from 4fd15465c364df9b8a5976ca19a99cd11f9e200a to mainline-conscrypt-release
Change-Id: I6e5a492ca78194eb848c6863887c373b7c775d80
diff --git a/Android.bp b/Android.bp
index bb4bef6..b9ccb5b 100644
--- a/Android.bp
+++ b/Android.bp
@@ -48,6 +48,9 @@
],
cflags: ["-Wno-unused-parameter"],
export_include_dirs: ["."],
+ include_dirs: [
+ "external/protobuf",
+ ],
proto: {
type: "lite",
export_proto_headers: true,
@@ -56,6 +59,8 @@
],
include_dirs: [
"external/private-join-and-compute",
+ "external/protobuf",
+
]
},
sanitize: {
diff --git a/WORKSPACE b/WORKSPACE
index 747032c..6cba449 100644
--- a/WORKSPACE
+++ b/WORKSPACE
@@ -20,9 +20,9 @@
# Private Join and Compute
http_archive(
name = "private_join_and_compute",
- sha256 = "6026c6522b0119e48b697492d184ee60be97071344c2788095fcb2a489ad905f",
- strip_prefix = "private-join-and-compute-e028e59420a9c36328705ed5064408de03d229a8",
- urls = ["https://github.com/google/private-join-and-compute/archive/e028e59420a9c36328705ed5064408de03d229a8.zip"],
+ sha256 = "9304a6fe62c7227657e7cecf08c6234c14dfb558bd6a2fa778de845056fb9dd3",
+ strip_prefix = "private-join-and-compute-f77f26fab7f37e5e1e2d43250662c0281bd7fa4a",
+ urls = ["https://github.com/google/private-join-and-compute/archive/f77f26fab7f37e5e1e2d43250662c0281bd7fa4a.zip"],
)
# loads boringssl, absl, googletest, protobuf.
@@ -48,4 +48,4 @@
grpc_deps()
load("@com_github_grpc_grpc//bazel:grpc_extra_deps.bzl", "grpc_extra_deps")
-grpc_extra_deps()
\ No newline at end of file
+grpc_extra_deps()
diff --git a/act/act.proto b/act/act.proto
index f40f608..1c39823 100644
--- a/act/act.proto
+++ b/act/act.proto
@@ -91,10 +91,12 @@
// An actual token recovered from the TokenResponse.
message Token {
- // Serialized BigNum corresponding to the nonce for this token.
- string nonce = 1;
+ reserved 1;
oneof token_oneof {
TokenV0 token_v0 = 2;
}
+
+ // Serialized BigNum corresponding to the nonce for this token.
+ bytes nonce_bytes = 3;
}
diff --git a/act/act_v0/BUILD b/act/act_v0/BUILD
index 64dacac..c4d2c89 100644
--- a/act/act_v0/BUILD
+++ b/act/act_v0/BUILD
@@ -50,10 +50,7 @@
"@private_join_and_compute//private_join_and_compute/crypto/dodis_yampolskiy_prf:bb_oblivious_signature_cc_proto",
"@private_join_and_compute//private_join_and_compute/crypto/dodis_yampolskiy_prf:dy_verifiable_random_function",
"@private_join_and_compute//private_join_and_compute/crypto/dodis_yampolskiy_prf:dy_verifiable_random_function_cc_proto",
- "@private_join_and_compute//private_join_and_compute/crypto/proto:big_num_cc_proto",
- "@private_join_and_compute//private_join_and_compute/crypto/proto:camenisch_shoup_cc_proto",
"@private_join_and_compute//private_join_and_compute/crypto/proto:ec_point_cc_proto",
- "@private_join_and_compute//private_join_and_compute/crypto/proto:pedersen_cc_proto",
"@private_join_and_compute//private_join_and_compute/crypto/proto:proto_util",
"@private_join_and_compute//private_join_and_compute/util:status_includes",
],
@@ -69,14 +66,12 @@
"//act",
"//act:act_cc_proto",
"@com_github_google_googletest//:gtest_main",
- "@com_google_absl//absl/strings",
"@private_join_and_compute//private_join_and_compute/crypto:bn_util",
"@private_join_and_compute//private_join_and_compute/crypto:camenisch_shoup",
"@private_join_and_compute//private_join_and_compute/crypto:ec_util",
"@private_join_and_compute//private_join_and_compute/crypto:pedersen_over_zn",
"@private_join_and_compute//private_join_and_compute/crypto/dodis_yampolskiy_prf:bb_oblivious_signature",
"@private_join_and_compute//private_join_and_compute/crypto/dodis_yampolskiy_prf:bb_oblivious_signature_cc_proto",
- "@private_join_and_compute//private_join_and_compute/crypto/dodis_yampolskiy_prf:dy_verifiable_random_function",
"@private_join_and_compute//private_join_and_compute/crypto/dodis_yampolskiy_prf:dy_verifiable_random_function_cc_proto",
"@private_join_and_compute//private_join_and_compute/crypto/proto:big_num_cc_proto",
"@private_join_and_compute//private_join_and_compute/crypto/proto:camenisch_shoup_cc_proto",
@@ -93,7 +88,8 @@
deps = [
":act_v0_cc_proto",
"//act:act_cc_proto",
- "@private_join_and_compute//private_join_and_compute/crypto:ec_util",
+ "@com_google_absl//absl/strings",
+ "@private_join_and_compute//private_join_and_compute/crypto:openssl_includes",
],
)
diff --git a/act/act_v0/act_v0.cc b/act/act_v0/act_v0.cc
index 74dc1dd..d4418e7 100644
--- a/act/act_v0/act_v0.cc
+++ b/act/act_v0/act_v0.cc
@@ -78,6 +78,8 @@
dy_vrf_parameters.set_random_oracle_prefix(
scheme_parameters_v0.random_oracle_prefix());
dy_vrf_parameters.set_dy_prf_base_g(server_public_parameters_v0.prf_base_g());
+ *dy_vrf_parameters.mutable_pedersen_parameters() =
+ server_public_parameters_v0.pedersen_parameters();
return DyVerifiableRandomFunction::Create(std::move(dy_vrf_parameters), ctx,
ec_group, pedersen);
@@ -109,28 +111,15 @@
challenge_sos.get());
challenge_cos->SetSerializationDeterministic(true);
challenge_cos->WriteVarint64(scheme_parameters.ByteSizeLong());
- if (!scheme_parameters.SerializeToCodedStream(challenge_cos.get())) {
- return absl::InternalError(
- "GetNoncesForTokenRequest: Failed to serialize scheme_parameters.");
- }
+ challenge_cos->WriteString(SerializeAsStringInOrder(scheme_parameters));
challenge_cos->WriteVarint64(server_public_parameters.ByteSizeLong());
- if (!server_public_parameters.SerializeToCodedStream(challenge_cos.get())) {
- return absl::InternalError(
- "GetNoncesForTokenRequest: Failed to serialize "
- "server_public_parameters.");
- }
+ challenge_cos->WriteString(
+ SerializeAsStringInOrder(server_public_parameters));
challenge_cos->WriteVarint64(client_public_parameters.ByteSizeLong());
- if (!client_public_parameters.SerializeToCodedStream(challenge_cos.get())) {
- return absl::InternalError(
- "GetNoncesForTokenRequest: Failed to serialize "
- "client_public_parameters.");
- }
+ challenge_cos->WriteString(
+ SerializeAsStringInOrder(client_public_parameters));
challenge_cos->WriteVarint64(tokens_request_part_1.ByteSizeLong());
- if (!tokens_request_part_1.SerializeToCodedStream(challenge_cos.get())) {
- return absl::InternalError(
- "GetNoncesForTokenRequest: Failed to serialize "
- "client_public_parameters.");
- }
+ challenge_cos->WriteString(SerializeAsStringInOrder(tokens_request_part_1));
challenge_cos->WriteVarint64(num_messages);
// Delete the serialization objects to make sure they clean up and write.
@@ -847,7 +836,7 @@
for (size_t i = 0; i < messages.size(); ++i) {
Token token;
TokenV0* token_v0 = token.mutable_token_v0();
- token.set_nonce(nonces[i].ToBytes());
+ token.set_nonce_bytes(nonces[i].ToBytes());
ASSIGN_OR_RETURN(*token_v0->mutable_bb_signature(),
signatures[i].ToBytesCompressed());
tokens.push_back(std::move(token));
@@ -891,10 +880,11 @@
server_private_parameters_v0.bb_oblivious_signature_private_key().y());
BigNum hashed_message = ctx.RandomOracleSha512(m, ec_group.GetOrder());
- BigNum nonce = ctx.CreateBigNum(token.nonce());
+
+ BigNum nonce = ctx.CreateBigNum(token.nonce_bytes());
// Verify that reserializing the nonce comes out to the same value.
- if (nonce.ToBytes() != token.nonce()) {
+ if (nonce.ToBytes() != token.nonce_bytes()) {
return absl::InvalidArgumentError(
"AnonymousCountingTokensV0::VerifyToken: nonce comes out to different "
"value when serialized and deserialized.");
diff --git a/act/act_v0/act_v0_test.cc b/act/act_v0/act_v0_test.cc
index 387a993..2c17471 100644
--- a/act/act_v0/act_v0_test.cc
+++ b/act/act_v0/act_v0_test.cc
@@ -677,7 +677,8 @@
std::vector<std::string> messages = {"message_1", "message_2"};
ASSERT_OK_AND_ASSIGN(Transcript transcript, GenerateTranscript(messages));
- EXPECT_NE(transcript.tokens[0].nonce(), transcript.tokens[1].nonce());
+ EXPECT_NE(transcript.tokens[0].nonce_bytes(),
+ transcript.tokens[1].nonce_bytes());
}
} // namespace
diff --git a/act/act_v0/parameters.cc b/act/act_v0/parameters.cc
index 8a2e6c5..3f8ee7e 100644
--- a/act/act_v0/parameters.cc
+++ b/act/act_v0/parameters.cc
@@ -16,7 +16,7 @@
#include "act/act_v0/parameters.h"
#include <string>
-
+#include "absl/strings/str_cat.h"
#include "act/act_v0/act_v0.pb.h"
namespace private_join_and_compute {
@@ -80,5 +80,42 @@
return scheme_parameters;
}
+// Returns parameters supporting 32 messages in a batch, with CS vector
+// encryption length set to 2, and modulus length 2048.
+SchemeParameters
+ActV0SchemeParametersPedersen32Modulus2048CamenischShoupVector2() {
+ int pedersen_batch_size = 32;
+ int modulus_length = 2048;
+ int camensich_shoup_vector_encryption_length = 2;
+
+ return ActV0SchemeParameters(pedersen_batch_size, modulus_length,
+ camensich_shoup_vector_encryption_length);
+}
+
+// Returns custom parameters.
+SchemeParameters ActV0SchemeParameters(int pedersen_batch_size,
+ int modulus_length_bits,
+ int camenisch_shoup_vector_length) {
+ std::string random_oracle_prefix = absl::StrCat(
+ "ActV0SchemeParametersPedersenBatchSize", pedersen_batch_size,
+ "ModulusLengthBits", modulus_length_bits, "CamenischShoupVectorLength",
+ camenisch_shoup_vector_length);
+
+ SchemeParameters scheme_parameters;
+ SchemeParametersV0* scheme_parameters_v0 =
+ scheme_parameters.mutable_scheme_parameters_v0();
+ scheme_parameters_v0->set_security_parameter(kDefaultSecurityParameter);
+ scheme_parameters_v0->set_challenge_length_bits(kDefaultChallengeLength);
+ scheme_parameters_v0->set_modulus_length_bits(modulus_length_bits);
+ scheme_parameters_v0->set_camenisch_shoup_s(kDefaultCamenischShoupS);
+ scheme_parameters_v0->set_vector_encryption_length(
+ camenisch_shoup_vector_length);
+ scheme_parameters_v0->set_pedersen_batch_size(pedersen_batch_size);
+ scheme_parameters_v0->set_prf_ec_group(kDefaultCurveId);
+ scheme_parameters_v0->set_random_oracle_prefix(random_oracle_prefix);
+
+ return scheme_parameters;
+}
+
} // namespace anonymous_counting_tokens
} // namespace private_join_and_compute
diff --git a/act/act_v0/parameters.h b/act/act_v0/parameters.h
index 0371f7f..21cff96 100644
--- a/act/act_v0/parameters.h
+++ b/act/act_v0/parameters.h
@@ -34,12 +34,26 @@
// bits, smaller batch size of 3).
SchemeParameters ActV0TestSchemeParameters();
-// Returns parameters supporting 16 messages in a batch.
+// Returns parameters supporting 16 messages in a batch, with both Pedersen and
+// CS parameters set to 16, and modulus length 3072.
SchemeParameters ActV0Batch16SchemeParameters();
-// Returns parameters supporting 32 messages in a batch.
+// Returns parameters supporting 32 messages in a batch, with both Pedersen and
+// CS parameters set to 32, and modulus length 3072.
SchemeParameters ActV0Batch32SchemeParameters();
+// Returns parameters supporting 32 messages in a batch, with CS vector
+// encryption length set to 2, and modulus length 2048.
+//
+// These parameters are currently the best-optimized for performance.
+SchemeParameters
+ActV0SchemeParametersPedersen32Modulus2048CamenischShoupVector2();
+
+// Returns custom parameters.
+SchemeParameters ActV0SchemeParameters(int pedersen_batch_size,
+ int modulus_length_bits,
+ int camenisch_shoup_vector_length);
+
} // namespace anonymous_counting_tokens
} // namespace private_join_and_compute
diff --git a/act/act_v0/parameters_test.cc b/act/act_v0/parameters_test.cc
index 04927e5..afbcf87 100644
--- a/act/act_v0/parameters_test.cc
+++ b/act/act_v0/parameters_test.cc
@@ -33,8 +33,8 @@
namespace anonymous_counting_tokens {
namespace {
-Status EndToEndTestNoVerification(SchemeParameters scheme_parameters,
- int num_messages) {
+
+Status EndToEndTest(SchemeParameters scheme_parameters, int num_messages) {
std::unique_ptr<AnonymousCountingTokens> act =
AnonymousCountingTokensV0::Create();
@@ -42,12 +42,18 @@
ASSIGN_OR_RETURN(ServerParameters server_parameters,
act->GenerateServerParameters(scheme_parameters));
- // Generate client parameters.
+
+ // Generate client parameters and check them.
ASSIGN_OR_RETURN(
ClientParameters client_parameters,
act->GenerateClientParameters(scheme_parameters,
server_parameters.public_parameters()));
+ RETURN_IF_ERROR(act->CheckClientParameters(
+ scheme_parameters, client_parameters.public_parameters(),
+ server_parameters.public_parameters(),
+ server_parameters.private_parameters()));
+
// Generate messages.
std::vector<std::string> messages;
messages.reserve(num_messages);
@@ -55,7 +61,7 @@
messages.push_back(absl::StrCat("message", i));
}
- // Generate Tokens Request.
+ // Generate Tokens Request and check it.
std::vector<std::string> client_fingerprints;
TokensRequest tokens_request;
TokensRequestPrivateState tokens_request_private_state;
@@ -67,7 +73,13 @@
client_parameters.private_parameters(),
server_parameters.public_parameters()));
- // Generate Tokens Response.
+ RETURN_IF_ERROR(act->CheckTokensRequest(
+ client_fingerprints, tokens_request, scheme_parameters,
+ client_parameters.public_parameters(),
+ server_parameters.public_parameters(),
+ server_parameters.private_parameters()));
+
+ // Generate Tokens Response and check it.
ASSIGN_OR_RETURN(
TokensResponse tokens_response,
act->GenerateTokensResponse(tokens_request, scheme_parameters,
@@ -75,6 +87,12 @@
server_parameters.public_parameters(),
server_parameters.private_parameters()));
+ RETURN_IF_ERROR(act->VerifyTokensResponse(
+ messages, tokens_request, tokens_request_private_state, tokens_response,
+ scheme_parameters, client_parameters.public_parameters(),
+ client_parameters.private_parameters(),
+ server_parameters.public_parameters()));
+
// Extract Tokens.
ASSIGN_OR_RETURN(
std::vector<Token> tokens,
@@ -97,15 +115,30 @@
}
TEST(ActV0ParametersTest, EndToEndWithTestParameters) {
- EXPECT_OK(EndToEndTestNoVerification(ActV0TestSchemeParameters(), 3));
+ EXPECT_OK(EndToEndTest(ActV0TestSchemeParameters(), 3));
}
TEST(ActV0ParametersTest, EndToEndWithBatch16Parameters) {
- EXPECT_OK(EndToEndTestNoVerification(ActV0Batch16SchemeParameters(), 16));
+ EXPECT_OK(EndToEndTest(ActV0Batch16SchemeParameters(), 16));
}
TEST(ActV0ParametersTest, EndToEndWithBatch32Parameters) {
- EXPECT_OK(EndToEndTestNoVerification(ActV0Batch32SchemeParameters(), 32));
+ EXPECT_OK(EndToEndTest(ActV0Batch32SchemeParameters(), 32));
+}
+
+TEST(ActV0ParametersTest, EndToEndWithBatch32Cs2Modulus2048Parameters) {
+ EXPECT_OK(EndToEndTest(
+ ActV0SchemeParametersPedersen32Modulus2048CamenischShoupVector2(), 32));
+}
+
+TEST(ActV0ParametersTest, EndToEndWithCustomParameters) {
+ int pedersen_batch_size = 32;
+ int modulus_length_bits = 1576;
+ int camenisch_shoup_vector_length = 2;
+ EXPECT_OK(EndToEndTest(
+ ActV0SchemeParameters(pedersen_batch_size, modulus_length_bits,
+ camenisch_shoup_vector_length),
+ 32));
}
// More extensive tests are in act_v0_test.cc. These tests simply ensure that
diff --git a/act/act_v0/testing/BUILD b/act/act_v0/testing/BUILD
new file mode 100644
index 0000000..ccb192b
--- /dev/null
+++ b/act/act_v0/testing/BUILD
@@ -0,0 +1,75 @@
+# Copyright 2023 Google LLC.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+load("@rules_cc//cc:defs.bzl", "cc_library")
+load("@rules_proto//proto:defs.bzl", "proto_library")
+
+package(default_visibility = ["//visibility:public"])
+
+proto_library(
+ name = "transcript_proto",
+ srcs = ["transcript.proto"],
+ deps = ["//act:act_proto"],
+)
+
+cc_proto_library(
+ name = "transcript_cc_proto",
+ deps = [":transcript_proto"],
+)
+
+cc_binary(
+ name = "generate_transcript",
+ srcs = ["generate_transcript.cc"],
+ deps = [
+ ":transcript_cc_proto",
+ "//act",
+ "//act:act_cc_proto",
+ "//act/act_v0",
+ "//act/act_v0:act_v0_cc_proto",
+ "//act/act_v0:parameters",
+ "@com_google_absl//absl/flags:flag",
+ "@com_google_absl//absl/flags:parse",
+ "@com_google_absl//absl/log",
+ "@com_google_absl//absl/log:check",
+ "@com_google_absl//absl/strings",
+ "@private_join_and_compute//private_join_and_compute/util:proto_util",
+ "@private_join_and_compute//private_join_and_compute/util:status_includes",
+ ],
+)
+
+filegroup(
+ name = "transcripts",
+ testonly = 1,
+ srcs = glob(["transcripts/*"]),
+)
+
+cc_test(
+ name = "golden_transcript_test",
+ srcs = ["golden_transcript_test.cc"],
+ data = [
+ ":transcripts",
+ ],
+ deps = [
+ ":transcript_cc_proto",
+ "//act",
+ "//act:act_cc_proto",
+ "//act/act_v0",
+ "//act/act_v0:act_v0_cc_proto",
+ "//act/act_v0:parameters",
+ "@com_github_google_googletest//:gtest_main",
+ "@private_join_and_compute//private_join_and_compute/util:proto_util",
+ "@private_join_and_compute//private_join_and_compute/util:status_includes",
+ "@private_join_and_compute//private_join_and_compute/util:status_testing_includes",
+ ],
+)
diff --git a/act/act_v0/testing/generate_transcript.cc b/act/act_v0/testing/generate_transcript.cc
new file mode 100644
index 0000000..915b960
--- /dev/null
+++ b/act/act_v0/testing/generate_transcript.cc
@@ -0,0 +1,175 @@
+/*
+ * Copyright 2023 Google LLC.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <cstddef>
+#include <string>
+#include <tuple>
+#include <vector>
+
+#include "absl/flags/flag.h"
+#include "absl/flags/parse.h"
+#include "absl/log/check.h"
+#include "absl/log/log.h"
+#include "absl/strings/str_cat.h"
+#include "absl/strings/string_view.h"
+#include "act/act.h"
+#include "act/act.pb.h"
+#include "act/act_v0/act_v0.h"
+#include "act/act_v0/act_v0.pb.h"
+#include "act/act_v0/parameters.h"
+#include "act/act_v0/testing/transcript.pb.h"
+#include "private_join_and_compute/util/proto_util.h"
+#include "private_join_and_compute/util/status.inc"
+
+ABSL_FLAG(std::string, transcript_path, "",
+ "Prefix of file to which the generated transcript will be "
+ "written/read from.");
+
+ABSL_FLAG(bool, verify, false,
+ "If true, will attempt to read the transcript from the specified "
+ "path to verify it.");
+
+namespace private_join_and_compute {
+namespace anonymous_counting_tokens {
+namespace {
+
+absl::Status GenerateTranscript(absl::string_view transcript_path) {
+ SchemeParameters scheme_parameters =
+ private_join_and_compute::anonymous_counting_tokens::
+ ActV0SchemeParametersPedersen32Modulus2048CamenischShoupVector2();
+ auto act = AnonymousCountingTokensV0::Create();
+
+ ASSIGN_OR_RETURN(ServerParameters server_parameters,
+ act->GenerateServerParameters(scheme_parameters));
+ ASSIGN_OR_RETURN(
+ ClientParameters client_parameters,
+ act->GenerateClientParameters(scheme_parameters,
+ server_parameters.public_parameters()));
+ std::vector<std::string> messages;
+ size_t num_messages =
+ scheme_parameters.scheme_parameters_v0().pedersen_batch_size();
+ messages.reserve(num_messages);
+ for (int i = 0; i < num_messages; ++i) {
+ messages.push_back(absl::StrCat("message", i));
+ }
+ std::vector<std::string> client_fingerprints;
+ TokensRequest tokens_request;
+ TokensRequestPrivateState tokens_request_private_state;
+ ASSIGN_OR_RETURN(
+ std::tie(client_fingerprints, tokens_request,
+ tokens_request_private_state),
+ act->GenerateTokensRequest(messages, scheme_parameters,
+ client_parameters.public_parameters(),
+ client_parameters.private_parameters(),
+ server_parameters.public_parameters()));
+
+ ASSIGN_OR_RETURN(
+ TokensResponse tokens_response,
+ act->GenerateTokensResponse(tokens_request, scheme_parameters,
+ client_parameters.public_parameters(),
+ server_parameters.public_parameters(),
+ server_parameters.private_parameters()));
+
+ ASSIGN_OR_RETURN(
+ std::vector<Token> tokens,
+ act->RecoverTokens(messages, tokens_request, tokens_request_private_state,
+ tokens_response, scheme_parameters,
+ client_parameters.public_parameters(),
+ client_parameters.private_parameters(),
+ server_parameters.public_parameters()));
+
+ Transcript transcript;
+ *transcript.mutable_scheme_parameters() = scheme_parameters;
+ *transcript.mutable_server_parameters() = server_parameters;
+ *transcript.mutable_client_parameters() = client_parameters;
+ *transcript.mutable_messages() = {messages.begin(), messages.end()};
+ *transcript.mutable_fingerprints() = {client_fingerprints.begin(),
+ client_fingerprints.end()};
+ *transcript.mutable_tokens_request() = tokens_request;
+ *transcript.mutable_tokens_request_private_state() =
+ tokens_request_private_state;
+ *transcript.mutable_tokens_response() = tokens_response;
+ *transcript.mutable_tokens() = {tokens.begin(), tokens.end()};
+
+ return ProtoUtils::WriteProtoToFile(transcript, transcript_path);
+}
+
+absl::Status VerifyTranscript(absl::string_view transcript_path) {
+ ASSIGN_OR_RETURN(Transcript transcript,
+ ProtoUtils::ReadProtoFromFile<Transcript>(transcript_path));
+
+ auto act = AnonymousCountingTokensV0::Create();
+
+ if (!transcript.has_scheme_parameters() ||
+ !transcript.scheme_parameters().has_scheme_parameters_v0() ||
+ transcript.scheme_parameters()
+ .scheme_parameters_v0()
+ .pedersen_batch_size() <= 0) {
+ return InvalidArgumentError(
+ "VerifyTranscript: transcript should have a SchemeParametersV0 with a "
+ "positive pedersen_batch_size.");
+ }
+
+ RETURN_IF_ERROR(act->CheckClientParameters(
+ transcript.scheme_parameters(),
+ transcript.client_parameters().public_parameters(),
+ transcript.server_parameters().public_parameters(),
+ transcript.server_parameters().private_parameters()));
+
+ std::vector<std::string> client_fingerprints(
+ transcript.fingerprints().begin(), transcript.fingerprints().end());
+ RETURN_IF_ERROR(act->CheckTokensRequest(
+ client_fingerprints, transcript.tokens_request(),
+ transcript.scheme_parameters(),
+ transcript.client_parameters().public_parameters(),
+ transcript.server_parameters().public_parameters(),
+ transcript.server_parameters().private_parameters()));
+
+ std::vector<std::string> messages(transcript.messages().begin(),
+ transcript.messages().end());
+ RETURN_IF_ERROR(act->VerifyTokensResponse(
+ messages, transcript.tokens_request(),
+ transcript.tokens_request_private_state(), transcript.tokens_response(),
+ transcript.scheme_parameters(),
+ transcript.client_parameters().public_parameters(),
+ transcript.client_parameters().private_parameters(),
+ transcript.server_parameters().public_parameters()));
+
+ return OkStatus();
+}
+
+} // namespace
+} // namespace anonymous_counting_tokens
+} // namespace private_join_and_compute
+
+int main(int argc, char** argv) {
+ absl::ParseCommandLine(argc, argv);
+ std::string transcript_path = absl::GetFlag(FLAGS_transcript_path);
+
+ bool verify = absl::GetFlag(FLAGS_verify);
+ if (verify) {
+ CHECK_OK(
+ private_join_and_compute::anonymous_counting_tokens::VerifyTranscript(
+ transcript_path));
+ LOG(INFO) << "Successfully verified transcript.";
+ } else {
+ CHECK_OK(
+ private_join_and_compute::anonymous_counting_tokens::GenerateTranscript(
+ transcript_path));
+ LOG(INFO) << "Successfully generated transcript.";
+ }
+
+ return 0;
+}
diff --git a/act/act_v0/testing/golden_transcript_test.cc b/act/act_v0/testing/golden_transcript_test.cc
new file mode 100644
index 0000000..df4efb0
--- /dev/null
+++ b/act/act_v0/testing/golden_transcript_test.cc
@@ -0,0 +1,81 @@
+/*
+ * Copyright 2023 Google LLC.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include <gmock/gmock.h>
+#include <gtest/gtest.h>
+
+#include <filesystem>
+#include <memory>
+#include <string>
+#include <vector>
+
+#include "act/act.h"
+#include "act/act.pb.h"
+#include "act/act_v0/act_v0.h"
+#include "act/act_v0/testing/transcript.pb.h"
+#include "private_join_and_compute/util/proto_util.h"
+#include "private_join_and_compute/util/status_testing.inc"
+
+namespace private_join_and_compute {
+namespace anonymous_counting_tokens {
+namespace {
+
+const char kTranscriptPathBase[] = "act/act_v0/testing/transcripts/";
+
+TEST(GoldenTranscriptTest, TranscriptPassesValidityTests) {
+ auto act = AnonymousCountingTokensV0::Create();
+
+ std::vector<std::string> transcript_paths;
+
+ for (const auto& entry :
+ std::filesystem::directory_iterator(kTranscriptPathBase)) {
+ transcript_paths.push_back(std::string(entry.path()));
+ }
+
+ for (const auto& transcript_path : transcript_paths) {
+ ASSERT_OK_AND_ASSIGN(
+ Transcript transcript,
+ ProtoUtils::ReadProtoFromFile<Transcript>(transcript_path));
+
+ EXPECT_OK(act->CheckClientParameters(
+ transcript.scheme_parameters(),
+ transcript.client_parameters().public_parameters(),
+ transcript.server_parameters().public_parameters(),
+ transcript.server_parameters().private_parameters()));
+
+ std::vector<std::string> client_fingerprints(
+ transcript.fingerprints().begin(), transcript.fingerprints().end());
+ EXPECT_OK(act->CheckTokensRequest(
+ client_fingerprints, transcript.tokens_request(),
+ transcript.scheme_parameters(),
+ transcript.client_parameters().public_parameters(),
+ transcript.server_parameters().public_parameters(),
+ transcript.server_parameters().private_parameters()));
+
+ std::vector<std::string> messages(transcript.messages().begin(),
+ transcript.messages().end());
+ EXPECT_OK(act->VerifyTokensResponse(
+ messages, transcript.tokens_request(),
+ transcript.tokens_request_private_state(), transcript.tokens_response(),
+ transcript.scheme_parameters(),
+ transcript.client_parameters().public_parameters(),
+ transcript.client_parameters().private_parameters(),
+ transcript.server_parameters().public_parameters()));
+ }
+}
+
+} // namespace
+} // namespace anonymous_counting_tokens
+} // namespace private_join_and_compute
diff --git a/act/act_v0/testing/transcript.proto b/act/act_v0/testing/transcript.proto
new file mode 100644
index 0000000..957335d
--- /dev/null
+++ b/act/act_v0/testing/transcript.proto
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2023 Google LLC.
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * https://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+syntax = "proto3";
+
+package private_join_and_compute.anonymous_counting_tokens;
+
+import "act/act.proto";
+
+option java_multiple_files = true;
+
+message Transcript {
+ SchemeParameters scheme_parameters = 1;
+ ServerParameters server_parameters = 2;
+ ClientParameters client_parameters = 3;
+ repeated string messages = 4;
+ repeated bytes fingerprints = 5;
+ TokensRequest tokens_request = 6;
+ TokensRequestPrivateState tokens_request_private_state = 7;
+ TokensResponse tokens_response = 8;
+ repeated Token tokens = 9;
+}
diff --git a/act/act_v0/testing/transcripts/golden_transcript_1_09122023 b/act/act_v0/testing/transcripts/golden_transcript_1_09122023
new file mode 100644
index 0000000..8787824
--- /dev/null
+++ b/act/act_v0/testing/transcripts/golden_transcript_1_09122023
Binary files differ
diff --git a/act/act_v0/testing/transcripts/golden_transcript_2_09122023 b/act/act_v0/testing/transcripts/golden_transcript_2_09122023
new file mode 100644
index 0000000..5e99965
--- /dev/null
+++ b/act/act_v0/testing/transcripts/golden_transcript_2_09122023
Binary files differ
diff --git a/act/act_v0/testing/transcripts/golden_transcript_3_09122023 b/act/act_v0/testing/transcripts/golden_transcript_3_09122023
new file mode 100644
index 0000000..fcd1e82
--- /dev/null
+++ b/act/act_v0/testing/transcripts/golden_transcript_3_09122023
Binary files differ
diff --git a/act/fake_act.cc b/act/fake_act.cc
index 349a1cb..48cf40f 100644
--- a/act/fake_act.cc
+++ b/act/fake_act.cc
@@ -123,7 +123,8 @@
result.reserve(messages.size());
for (size_t i = 0; i < messages.size(); ++i) {
Token fake_token;
- fake_token.set_nonce(context.GenerateRandLessThan(nonce_bound).ToBytes());
+ fake_token.set_nonce_bytes(
+ context.GenerateRandLessThan(nonce_bound).ToBytes());
result.push_back(fake_token);
}
diff --git a/act/util.proto b/act/util.proto
index 9041c07..ca8c410 100644
--- a/act/util.proto
+++ b/act/util.proto
@@ -42,3 +42,7 @@
TokensRequest token_request = 2;
TokensRequestPrivateState tokens_request_private_state = 3;
}
+
+message TokensSet {
+ repeated Token tokens = 1;
+}
