1 // Copyright 2020 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef COMPONENTS_METRICS_ENTROPY_STATE_H_ 6 #define COMPONENTS_METRICS_ENTROPY_STATE_H_ 7 8 #include <string> 9 10 #include "base/gtest_prod_util.h" 11 #include "base/memory/raw_ptr.h" 12 #include "components/prefs/pref_registry_simple.h" 13 14 class PrefService; 15 16 namespace metrics { 17 18 // A class to get entropy source values from the PrefService. 19 class EntropyState final { 20 public: 21 // Creates the EntropyState with the given |local_state| to get 22 // the entropy source value from this helper class. 23 explicit EntropyState(PrefService* local_state); 24 25 EntropyState(const EntropyState&) = delete; 26 EntropyState& operator=(const EntropyState&) = delete; 27 28 // Clears low_entropy_source and old_low_entropy_source in the prefs. 29 static void ClearPrefs(PrefService* local_state); 30 31 // Registers low_entropy_source and old_low_entropy_source in the prefs. 32 static void RegisterPrefs(PrefRegistrySimple* registry); 33 34 // Returns the high entropy source for this client, which is composed of a 35 // client ID and the low entropy source. This is intended to be unique for 36 // each install. |initial_client_id| is the client_id that was used to 37 // randomize field trials and must not be empty. 38 std::string GetHighEntropySource(const std::string& initial_client_id); 39 40 // Returns the low entropy source that is used to randomize field trials on 41 // startup for this client. Generates a new value if there is none. See the 42 // |low_entropy_source_| comment for more info. 43 int GetLowEntropySource(); 44 45 // Returns the pseudo low entropy source for this client. Generates a new 46 // value if there is none. See the |pseudo_low_entropy_source_| comment 47 // for more info. 48 int GetPseudoLowEntropySource(); 49 50 // Returns the old low entropy source for this client. Does not generate a new 51 // value, but instead returns |kLowEntropySourceNotSet|, if there is none. See 52 // the |old_low_entropy_source_| comment for more info. 53 int GetOldLowEntropySource(); 54 55 // The argument used to generate a non-identifying entropy source. We want no 56 // more than 13 bits of entropy, so use this max to return a number in the 57 // range [0, 7999] as the entropy source (12.97 bits of entropy). 58 // 59 // The value should be kept consistent with 60 // LowEntropySource.MAX_LOW_ENTROPY_SIZE in Java. 61 static constexpr int kMaxLowEntropySize = 8000; 62 63 private: 64 FRIEND_TEST_ALL_PREFIXES(EntropyStateTest, LowEntropySourceNotReset); 65 FRIEND_TEST_ALL_PREFIXES(EntropyStateTest, PseudoLowEntropySourceNotReset); 66 FRIEND_TEST_ALL_PREFIXES(EntropyStateTest, HaveNoLowEntropySource); 67 FRIEND_TEST_ALL_PREFIXES(EntropyStateTest, HaveOnlyNewLowEntropySource); 68 FRIEND_TEST_ALL_PREFIXES(EntropyStateTest, HaveOnlyOldLowEntropySource); 69 FRIEND_TEST_ALL_PREFIXES(EntropyStateTest, CorruptNewLowEntropySources); 70 FRIEND_TEST_ALL_PREFIXES(EntropyStateTest, CorruptOldLowEntropySources); 71 72 // Default value for prefs::kMetricsLowEntropySource. 73 static constexpr int kLowEntropySourceNotSet = -1; 74 75 // Loads the low entropy source values from prefs. Creates the new source 76 // value if it doesn't exist, but doesn't create the old source value. After 77 // this function finishes, |low_entropy_source_| will be set, but 78 // |old_low_entropy_source_| may still be |kLowEntropySourceNotSet|. 79 void UpdateLowEntropySources(); 80 81 // Checks whether a value is on the range of allowed low entropy source 82 // values. 83 static bool IsValidLowEntropySource(int value); 84 85 // The local state prefs store. 86 const raw_ptr<PrefService> local_state_; 87 88 // The non-identifying low entropy source values. These values seed the 89 // pseudorandom generators which pick experimental groups. The "old" value is 90 // thought to be biased in the wild, and is no longer used for experiments 91 // requiring low entropy. Clients which already have an "old" value continue 92 // incorporating it into the high entropy source, to avoid changing those 93 // group assignments. New clients only have the new source. 94 // 95 // The pseudo-low entropy source is not used for experiment diversion, but 96 // only for statistical validation. (Since it's not used for experiment 97 // diversion, it won't be subject to drift over time as experiment effects 98 // accumulate in actual low entropy source buckets.) 99 // 100 // During startup these are set to the values used for randomizing field 101 // trials and won't be changed within the session even after calling 102 // |ClearPrefs| 103 int low_entropy_source_ = kLowEntropySourceNotSet; 104 int old_low_entropy_source_ = kLowEntropySourceNotSet; 105 int pseudo_low_entropy_source_ = kLowEntropySourceNotSet; 106 }; 107 108 } // namespace metrics 109 110 #endif // COMPONENTS_METRICS_ENTROPY_STATE_H_ 111