google
diff --git a/‎willow/src/api/BUILD‎
Lines changed: 71 additions & 1 deletion b/‎willow/src/api/BUILD‎
Lines changed: 71 additions & 1 deletion
diff --git a/‎willow/src/api/client.cc‎
Lines changed: 94 additions & 0 deletions b/‎willow/src/api/client.cc‎
Lines changed: 94 additions & 0 deletions
diff --git a/‎willow/src/api/client.h‎
Lines changed: 40 additions & 0 deletions b/‎willow/src/api/client.h‎
Lines changed: 40 additions & 0 deletions
diff --git a/‎willow/src/api/client.rs‎
Lines changed: 165 additions & 0 deletions b/‎willow/src/api/client.rs‎
Lines changed: 165 additions & 0 deletions
@@ -59,7 +59,6 @@ cc_library(
         "@abseil-cpp//absl/status",
         "@abseil-cpp//absl/status:statusor",
         "@abseil-cpp//absl/strings",
-        "@cxx.rs//:cxx",
         "@cxx.rs//:core",
         "//willow/proto/willow:aggregation_config_cc_proto",
         "//willow/proto/willow:server_accumulator_cc_proto",
@@ -112,3 +111,74 @@ rust_library(
         "//willow/src/willow_v1:willow_v1_verifier",
     ],
 )
+
+rust_library(
+    name = "client",
+    srcs = ["client.rs"],
+    deps = [
+        ":aggregation_config",
+        "@protobuf//rust:protobuf",
+        "@cxx.rs//:cxx",
+        "//shell_wrapper:status",
+        "//willow/proto/shell:shell_ciphertexts_rust_proto",
+        "//willow/proto/willow:aggregation_config_rust_proto",
+        "//willow/proto/willow:messages_rust_proto",
+        "//willow/src/shell:ahe_shell",
+        "//willow/src/shell:kahe_shell",
+        "//willow/src/shell:parameters_shell",
+        "//willow/src/shell:single_thread_hkdf",
+        "//willow/src/shell:vahe_shell",
+        "//willow/src/traits:ahe_traits",
+        "//willow/src/traits:client_traits",
+        "//willow/src/traits:kahe_traits",
+        "//willow/src/traits:messages",
+        "//willow/src/traits:prng_traits",
+        "//willow/src/traits:proto_serialization_traits",
+        "//willow/src/traits:vahe_traits",
+        "//willow/src/willow_v1:willow_v1_client",
+        "//willow/src/willow_v1:willow_v1_server",
+    ],
+)
+
+rust_cxx_bridge(
+    name = "client_cxx",
+    src = "client.rs",
+    deps = [
+        ":client",
+    ],
+)
+
+cc_library(
+    name = "client_cc",
+    srcs = ["client.cc"],
+    hdrs = ["client.h"],
+    deps = [
+        ":client_cxx",
+        "@abseil-cpp//absl/status",
+        "@abseil-cpp//absl/status:statusor",
+        "@cxx.rs//:core",
+        "//shell_wrapper:shell_types_cc",
+        "//willow/proto/shell:shell_ciphertexts_cc_proto",
+        "//willow/proto/willow:aggregation_config_cc_proto",
+        "//willow/proto/willow:messages_cc_proto",
+        "//willow/proto/willow:server_accumulator_cc_proto",
+        "//willow/src/input_encoding:codec",
+    ],
+)
+
+cc_test(
+    name = "client_test_cc",
+    srcs = ["client_test.cc"],
+    deps = [
+        ":client_cc",
+        ":client_cxx",
+        "@googletest//:gtest_main",
+        "@abseil-cpp//absl/status",
+        "@cxx.rs//:core",
+        "//shell_wrapper:status_matchers",
+        "//willow/proto/willow:aggregation_config_cc_proto",
+        "//willow/proto/willow:input_spec_cc_proto",
+        "//willow/src/input_encoding:codec",
+        "//willow/src/testing_utils:shell_testing_decryptor_cc",
+    ],
+)
@@ -0,0 +1,94 @@
+// Copyright 2025 Google LLC
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+#include "willow/src/api/client.h"
+
+#include <cstdint>
+#include <memory>
+#include <string>
+#include <utility>
+#include <vector>
+
+#include "absl/status/status.h"
+#include "absl/status/statusor.h"
+#include "include/cxx.h"
+#include "shell_wrapper/shell_types.h"
+#include "willow/proto/shell/ciphertexts.pb.h"
+#include "willow/proto/willow/aggregation_config.pb.h"
+#include "willow/proto/willow/server_accumulator.pb.h"
+#include "willow/src/api/client.rs.h"
+#include "willow/src/input_encoding/codec.h"
+
+namespace secure_aggregation {
+
+absl::StatusOr<willow::ClientMessage> GenerateClientContribution(
+    const willow::AggregationConfigProto& aggregation_config,
+    const willow::EncodedData& encoded_data,
+    const willow::ShellAhePublicKey& public_key, const std::string& nonce) {
+  // Initialize client.
+  std::string config_str = aggregation_config.SerializeAsString();
+  auto config_ptr = std::make_unique<std::string>(std::move(config_str));
+  secure_aggregation::WillowShellClient* client_ptr = nullptr;
+  std::unique_ptr<std::string> status_message;
+  int status_code =
+      initialize_client(std::move(config_ptr), &client_ptr, &status_message);
+  if (status_code != 0) {
+    return absl::Status(absl::StatusCode(status_code), *status_message);
+  }
+  // Use `into_box` to avoid linker issues arising from rust::Box::from_raw.
+  auto client = client_into_box(client_ptr);
+
+  // Prepare arguments.
+  std::vector<DataEntryView> entries;
+  entries.reserve(encoded_data.size());
+  for (const auto& [key, values] : encoded_data) {
+    rust::Slice<const uint8_t> key_slice = ToRustSlice(key);
+    // values.data() is currently a pointer to an int64_t array and not
+    // uint64_t, so this performs an implicit cast (wrapping around if
+    // necessary). Not using a ToRustSlice variant because this is a temporary
+    // solution until the codec is updated to use uint64_t.
+    rust::Slice<const uint64_t> values_slice(
+        reinterpret_cast<const uint64_t*>(values.data()), values.size());
+    entries.push_back(DataEntryView{key_slice, values_slice});
+  }
+  rust::Slice<const DataEntryView> entries_slice(entries.data(),
+                                                 entries.size());
+
+  std::string key_str = public_key.SerializeAsString();
+  auto key_ptr = std::make_unique<std::string>(std::move(key_str));
+  rust::Slice<const uint8_t> nonce_slice = ToRustSlice(nonce);
+  rust::Vec<uint8_t> result_bytes;
+  std::unique_ptr<std::string> status_message_gen;
+
+  // Encrypt data.
+  int status_code_gen =
+      generate_contribution(client, entries_slice, std::move(key_ptr),
+                            nonce_slice, &result_bytes, &status_message_gen);
+  if (status_code_gen != 0) {
+    return absl::Status(absl::StatusCode(status_code_gen), *status_message_gen);
+  }
+
+  // Parse string to ClientMessage.
+  willow::ClientMessage client_message;
+  std::string result_str(reinterpret_cast<const char*>(result_bytes.data()),
+                         result_bytes.size());
+  if (!client_message.ParseFromString(result_str)) {
+    return absl::InternalError(
+        "Failed to parse ClientMessage from Rust output.");
+  }
+
+  return client_message;
+}
+
+}  // namespace secure_aggregation
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef SECURE_AGGREGATION_WILLOW_SRC_API_CLIENT_H_
+#define SECURE_AGGREGATION_WILLOW_SRC_API_CLIENT_H_
+
+#include <string>
+
+#include "absl/status/statusor.h"
+#include "willow/proto/shell/ciphertexts.pb.h"
+#include "willow/proto/willow/aggregation_config.pb.h"
+#include "willow/proto/willow/messages.pb.h"
+#include "willow/proto/willow/server_accumulator.pb.h"
+#include "willow/src/input_encoding/codec.h"
+
+namespace secure_aggregation {
+
+// Generates a client contribution by encrypting the encoded data with the
+// provided AHE public key.
+absl::StatusOr<willow::ClientMessage> GenerateClientContribution(
+    const willow::AggregationConfigProto& aggregation_config,
+    const willow::EncodedData& encoded_data,
+    const willow::ShellAhePublicKey& public_key, const std::string& nonce);
+
+}  // namespace secure_aggregation
+
+#endif  // SECURE_AGGREGATION_WILLOW_SRC_API_CLIENT_H_
@@ -0,0 +1,165 @@
+/*
+ * Copyright 2025 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+use aggregation_config::AggregationConfig;
+use aggregation_config_rust_proto::AggregationConfigProto;
+use ahe_shell::PublicKey;
+use ahe_traits::AheBase;
+use client_traits::SecureAggregationClient;
+use kahe_shell::ShellKahe;
+use kahe_traits::KaheBase;
+use parameters_shell::create_shell_configs;
+use prng_traits::SecurePrng;
+use proto_serialization_traits::{FromProto, ToProto};
+use protobuf::prelude::*;
+use shell_ciphertexts_rust_proto::ShellAhePublicKey;
+use single_thread_hkdf::SingleThreadHkdfPrng;
+use status::ffi::FfiStatus;
+use status::StatusError;
+use std::collections::HashMap;
+use vahe_shell::ShellVahe;
+use willow_v1_client::WillowV1Client;
+
+/// CXX bridge to call Rust client code from C++.
+///
+/// SAFETY: all functions in this module are only called from the wrapping C++ library,
+///   ensuring that output pointers are correctly wrapped by a rust::Box, and that pointer arguments
+///   are not null.
+#[cxx::bridge(namespace = "secure_aggregation")]
+pub mod ffi {
+    /// One entry in the plaintext map. Obtained by taking slices of the metric names and values
+    /// owned by the C++ EncodedData object (hence the lifetime).
+    struct DataEntryView<'a> {
+        key: &'a [u8],
+        values: &'a [u64],
+    }
+
+    extern "Rust" {
+        // cxx: types used as extern Rust types are required to be defined by the same crate that
+        // contains the bridge using them
+        type WillowShellClient;
+
+        pub unsafe fn initialize_client(
+            config: UniquePtr<CxxString>,
+            out: *mut *mut WillowShellClient,
+            out_status_message: *mut UniquePtr<CxxString>,
+        ) -> i32;
+
+        unsafe fn client_into_box(ptr: *mut WillowShellClient) -> Box<WillowShellClient>;
+
+        unsafe fn generate_contribution(
+            client: &mut Box<WillowShellClient>,
+            data: &[DataEntryView],
+            key: UniquePtr<CxxString>,
+            nonce: &[u8],
+            out: *mut Vec<u8>,
+            out_status_message: *mut UniquePtr<CxxString>,
+        ) -> i32;
+    }
+}
+
+pub struct WillowShellClient(WillowV1Client<ShellKahe, ShellVahe>);
+
+impl WillowShellClient {
+    fn new_from_serialized_config(
+        config: cxx::UniquePtr<cxx::CxxString>,
+    ) -> Result<Self, StatusError> {
+        let aggregation_config_proto =
+            AggregationConfigProto::parse(config.as_bytes()).map_err(|e| {
+                status::internal(format!("Failed to parse AggregationConfigProto: {}", e))
+            })?;
+        let aggregation_config = AggregationConfig::from_proto(aggregation_config_proto, ())?;
+        let (kahe_config, ahe_config) = create_shell_configs(&aggregation_config)?;
+        let context_bytes = aggregation_config.compute_context_bytes()?;
+        let kahe = ShellKahe::new(kahe_config, &context_bytes)?;
+        let vahe = ShellVahe::new(ahe_config, &context_bytes)?;
+        let client_seed = SingleThreadHkdfPrng::generate_seed()?;
+        let prng = SingleThreadHkdfPrng::create(&client_seed)?;
+        let client = WillowV1Client { kahe, vahe, prng };
+        Ok(WillowShellClient(client))
+    }
+
+    fn generate_contribution(
+        &mut self,
+        data: &[ffi::DataEntryView],
+        public_key: cxx::UniquePtr<cxx::CxxString>,
+        nonce: &[u8],
+    ) -> Result<Vec<u8>, StatusError> {
+        let mut plaintext_slice: HashMap<&str, &[u64]> = HashMap::new();
+        for entry in data {
+            let key = str::from_utf8(entry.key)
+                .map_err(|e| status::internal(format!("Failed to parse key as UTF-8: {}", e)))?;
+            plaintext_slice.insert(key, entry.values);
+        }
+        let public_key_proto = ShellAhePublicKey::parse(public_key.as_bytes())
+            .map_err(|e| status::internal(format!("Failed to parse ShellAhePublicKey: {}", e)))?;
+        let public_key_rust = PublicKey::from_proto(public_key_proto, &self.0.vahe)?;
+        let message = self.0.create_client_message(&plaintext_slice, &public_key_rust, nonce)?;
+        Ok(message
+            .to_proto(&self.0)?
+            .serialize()
+            .map_err(|e| status::internal(format!("Failed to serialize ClientMessage: {}", e)))?)
+    }
+}
+
+/// SAFETY: `out` and `out_status_message` must not be null.
+unsafe fn initialize_client(
+    config: cxx::UniquePtr<cxx::CxxString>,
+    out: *mut *mut WillowShellClient,
+    out_status_message: *mut cxx::UniquePtr<cxx::CxxString>,
+) -> i32 {
+    match WillowShellClient::new_from_serialized_config(config) {
+        Ok(client) => {
+            *out = Box::into_raw(Box::new(client));
+            0
+        }
+        Err(status_error) => {
+            let ffi_status: FfiStatus = status_error.into();
+            *out_status_message = ffi_status.message;
+            ffi_status.code
+        }
+    }
+}
+
+/// Converts a raw pointer to a Box. Ideally we would use `rust::Box::from_raw`
+/// (https://cxx.rs/binding/box.html) directly from C++, but that causes linker errors.
+///
+/// SAFETY: `ptr` must have been created by `Box::into_raw`, as in `initialize_client`.
+unsafe fn client_into_box(ptr: *mut WillowShellClient) -> Box<WillowShellClient> {
+    Box::from_raw(ptr)
+}
+
+/// SAFETY: `out` and `out_status_message` must not be null.
+unsafe fn generate_contribution(
+    client: &mut Box<WillowShellClient>,
+    data: &[ffi::DataEntryView],
+    public_key: cxx::UniquePtr<cxx::CxxString>,
+    nonce: &[u8],
+    out: *mut Vec<u8>,
+    out_status_message: *mut cxx::UniquePtr<cxx::CxxString>,
+) -> i32 {
+    match client.generate_contribution(data, public_key, nonce) {
+        Ok(contribution) => {
+            *out = contribution;
+            0
+        }
+        Err(status_error) => {
+            let ffi_status: FfiStatus = status_error.into();
+            *out_status_message = ffi_status.message;
+            ffi_status.code
+        }
+    }
+}