1 // Copyright 2018 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef COMPONENTS_AUTOFILL_CORE_BROWSER_RANDOMIZED_ENCODER_H_ 6 #define COMPONENTS_AUTOFILL_CORE_BROWSER_RANDOMIZED_ENCODER_H_ 7 8 #include <memory> 9 #include <string> 10 11 #include "base/strings/string_piece.h" 12 #include "components/autofill/core/browser/proto/server.pb.h" 13 #include "components/autofill/core/common/signatures.h" 14 15 class PrefService; 16 17 namespace autofill { 18 19 // Encodes string values using the differential-privacy scheme as described 20 // in go/autofill-metadata-upload (Google internal link). 21 class RandomizedEncoder { 22 public: 23 struct EncodingInfo { 24 AutofillRandomizedValue_EncodingType encoding_type; 25 size_t chunk_length_in_bytes; 26 size_t bit_offset; 27 size_t bit_stride; 28 }; 29 30 // Form-level data-type identifiers. 31 static const char FORM_ID[]; 32 static const char FORM_NAME[]; 33 static const char FORM_ACTION[]; 34 static const char FORM_URL[]; 35 static const char FORM_CSS_CLASS[]; 36 static const char FORM_BUTTON_TITLES[]; 37 38 // Field-level data-type identifiers. 39 static const char FIELD_ID[]; 40 static const char FIELD_NAME[]; 41 static const char FIELD_CONTROL_TYPE[]; 42 static const char FIELD_LABEL[]; 43 static const char FIELD_ARIA_LABEL[]; 44 static const char FIELD_ARIA_DESCRIPTION[]; 45 static const char FIELD_CSS_CLASS[]; 46 static const char FIELD_PLACEHOLDER[]; 47 static const char FIELD_INITIAL_VALUE_HASH[]; 48 49 static const char kUrlKeyedAnonymizedDataCollectionEnabled[]; 50 51 // Factory Function 52 static std::unique_ptr<RandomizedEncoder> Create(PrefService* pref_service); 53 54 RandomizedEncoder(std::string seed, 55 AutofillRandomizedValue_EncodingType encoding_type, 56 bool anonymous_url_collection_is_enabled); 57 58 // Encode |data_value| using this instance's |encoding_type_|. 59 // If |data_type!=FORM_URL|, the output value's length is limited by 60 // |kEncodedChunkLengthInBytes|. 61 std::string Encode(FormSignature form_signature, 62 FieldSignature field_signature, 63 base::StringPiece data_type, 64 base::StringPiece data_value) const; 65 // Used for testing, converts |data_value| to UTF-8 and calls Encode(). 66 std::string EncodeForTesting(FormSignature form_signature, 67 FieldSignature field_signature, 68 base::StringPiece data_type, 69 base::StringPiece16 data_value) const; 70 encoding_type()71 AutofillRandomizedValue_EncodingType encoding_type() const { 72 DCHECK(encoding_info_); 73 return encoding_info_ 74 ? encoding_info_->encoding_type 75 : AutofillRandomizedValue_EncodingType_UNSPECIFIED_ENCODING_TYPE; 76 } AnonymousUrlCollectionIsEnabled()77 bool AnonymousUrlCollectionIsEnabled() const { 78 return anonymous_url_collection_is_enabled_; 79 } 80 81 protected: 82 // Get the pseudo-random string to use at the coin bit-field. This function 83 // is internal, but exposed here to facilitate testing. 84 std::string GetCoins(FormSignature form_signature, 85 FieldSignature field_signature, 86 base::StringPiece data_type, 87 int encoding_length) const; 88 89 // Get the pseudo-random string to use at the noise bit-field. This function 90 // is internal, but exposed here to facilitate testing. 91 std::string GetNoise(FormSignature form_signature, 92 FieldSignature field_signature, 93 base::StringPiece data_type, 94 int encoding_length) const; 95 96 // For |data_type==FORM_URL|, returns required chunk count to fit 97 // |data_value|, but max |kMaxChunks|. Otherwise, returns 1. 98 int GetChunkCount(base::StringPiece data_value, 99 base::StringPiece data_type) const; 100 101 private: 102 const std::string seed_; 103 const EncodingInfo* const encoding_info_; 104 const bool anonymous_url_collection_is_enabled_; 105 }; 106 } // namespace autofill 107 108 #endif // COMPONENTS_AUTOFILL_CORE_BROWSER_RANDOMIZED_ENCODER_H_ 109