CN111736852A

CN111736852A - Compiling and linking method and device and compiling and linking device

Info

Publication number: CN111736852A
Application number: CN202010698507.4A
Authority: CN
Inventors: 徐鹏; 王一帆
Original assignee: Huakong Tsingjiao Information Technology Beijing Co Ltd
Current assignee: Huakong Tsingjiao Information Technology Beijing Co Ltd
Priority date: 2020-07-20
Filing date: 2020-07-20
Publication date: 2020-10-02
Anticipated expiration: 2040-07-20
Also published as: CN111736852B

Abstract

The embodiment of the application provides a compiling and linking method and device and a compiling and linking device, which are used for compiling and linking ciphertext processing source codes, wherein the ciphertext processing source codes are realized based on a first programming language, and the ciphertext processing source codes comprise privacy operation realized by a second programming language in a dynamic library form. The method comprises the following steps: compiling the ciphertext processing source code according to a grammar rule of the first programming language and a custom language, and converting the ciphertext processing source code into a pseudo assembly code corresponding to the custom language supporting the privacy operation; and linking each function module in the pseudo assembly code based on the coupling degree of the code line in the pseudo assembly code and the privacy operation to obtain a target file. The embodiment of the application can reduce the cost of secondary development and improve the code execution efficiency and the calculation performance.

Description

Compiling and linking method and device and compiling and linking device

Technical Field

The present application relates to the field of computer technologies, and in particular, to a compiling and linking method and apparatus, and an apparatus for compiling and linking.

Background

The ciphertext processing system can realize data-related operations such as data cleaning, calculation, analysis, model training, storage, database query and the like based on the ciphertext of the data, does not expose the plaintext of the data in the operation process, and can protect the privacy and the safety of the data.

In general, a ciphertext processing system includes a front end for implementing a system framework for ciphertext processing and a back end for implementing ciphertext-based privacy computations. Because the processing efficiency of the ciphertext data is lower than that of the plaintext data, in order to improve the efficiency of the privacy computation, the backend is usually implemented by a language with higher relative execution efficiency, such as C/C + +, and the like, and thus the current ciphertext processing system has at least the following problems:

under the condition that the programming language adopted by the rear end of the cryptograph processing system is fixed, if the front end adopts a programming language matched with the rear end programming language, such as Python language, the system cannot support other programming languages, and in order to support other programming languages (such as R language or Java language and the like), other programming languages (such as R language or Java language and the like) have to be used for rewriting a set of system framework of the front end, so that the expansibility of the cryptograph processing system is low, and the redevelopment cost is high.

Disclosure of Invention

The embodiment of the application provides a compiling and linking method and device and a compiling and linking device, which can provide an execution environment for realizing cross-language and cross-platform private computation, so that a ciphertext processing system can support any programming language, the expandability of the system is enhanced, and the execution efficiency of codes can be improved.

In order to solve the above problem, an embodiment of the present application discloses a compiling and linking method, where the method is used for performing compiling and linking on ciphertext processing source codes, where the ciphertext processing source codes are implemented based on a first programming language, and the ciphertext processing source codes include a privacy operation implemented by a second programming language in a dynamic library form, and the method includes:

compiling the ciphertext processing source code according to a grammar rule of the first programming language and a custom language, and converting the ciphertext processing source code into a pseudo assembly code corresponding to the custom language supporting the privacy operation;

and linking each function module in the pseudo assembly code based on the coupling degree of the code line in the pseudo assembly code and the privacy operation to obtain a target file.

On the other hand, the embodiment of the present application discloses a compiling and linking device, the device is used for compiling and linking ciphertext processing source codes, wherein the ciphertext processing source codes are implemented based on a first programming language, and the ciphertext processing source codes include privacy operations implemented by a second programming language in a dynamic library form, the device includes:

the compiling module is used for compiling the ciphertext processing source code according to the grammar rule of the first programming language and a custom language and converting the ciphertext processing source code into a pseudo assembly code corresponding to the custom language supporting the privacy operation;

and the link module is used for linking all the functional modules in the pseudo assembly code based on the coupling degree of the code lines in the pseudo assembly code and the privacy operation to obtain a target file.

In yet another aspect, an embodiment of the present application discloses an apparatus for compiling link, where the apparatus is configured to compile link ciphertext processing source code, where the ciphertext processing source code is implemented based on a first programming language, and includes a privacy operation implemented in a second programming language in the form of a dynamic library, and the apparatus includes a memory, and one or more programs, where the one or more programs are stored in the memory, and configured to be executed by one or more processors, and include instructions for:

In yet another aspect, embodiments of the present application disclose a machine-readable medium having instructions stored thereon, which when executed by one or more processors, cause an apparatus to perform a compiled link method as described in one or more of the preceding.

According to the method and the device, the ciphertext processing source code is compiled according to the grammar rule of the first programming language and the custom language, the ciphertext processing source code is converted into the pseudo assembly code corresponding to the custom language supporting the privacy operation, so that the compiling process is independent of the first programming language at the front end, a cross-language and cross-platform execution environment is provided for the privacy operation, and the cost of secondary development is reduced. In addition, according to the embodiment of the application, based on the coupling degree between the code line in the pseudo assembly code obtained by compiling and the privacy operation, each function module in the pseudo assembly code is linked to obtain the target file, the part of the first programming language virtual machine is kept to the maximum as much as possible, only the code with the higher coupling degree with the privacy operation is executed in the ciphertext computing virtual actuator, the implementation complexity can be reduced, the jump times between two environments can be reduced, and the code execution efficiency and the computing performance can be improved.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments of the present application will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive exercise.

FIG. 1 is a flow chart of the steps of one embodiment of a compilation linking method of the present application;

FIG. 2 is a flowchart illustrating the steps of one embodiment of a compiler-linker of the present application;

FIG. 3 is a block diagram of an apparatus 800 for compiling links according to the subject application;

fig. 4 is a schematic diagram of a server in some embodiments of the present application.

Detailed Description

The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.

The general cryptograph processing system comprises a front end and a back end, wherein the front end is used for realizing a system framework for processing the cryptograph, and the back end is used for realizing data related operation based on the cryptograph. Because the ciphertext data processing efficiency is lower than that of plaintext data, in order to improve the ciphertext data processing efficiency, a language with higher relative execution efficiency, such as C/C + +, Rust, Go, and the like, is usually and fixedly adopted at the back end for implementation, and thus the current ciphertext processing system has at least the following problems:

The cryptograph processing platform (for example, a data transaction platform based on multi-party secure computation) is used for realizing secure fusion of multi-party data under the condition of ensuring that plaintext is not leaked, so that the data island problem is solved. If the front end of the cryptograph processing system running in the cryptograph processing platform only supports one fixed programming language, the application of the platform is definitely limited.

At present, in the fields of Machine Learning (ML), Deep Learning (DL), Artificial Intelligence (AI), and the like, frameworks of ML, DL, AI, and the like implemented by various programming languages appear in order to make it convenient for users to use trained models. Frameworks such as Tensorflow, Pythroch, Keras, MxNet, and caffe based on Python programming language; deeplearning4j based on the Java programming language; SVM light realized based on pure C language and Libsvm + + realized based on C + +; a Caret framework based on the R programming language, and the like. Of course, there are a number of other programming language implementations of frameworks for operations such as data storage, querying, etc., in addition to those described above. If the front end of a cryptograph processing system only supports one programming language, the realization of other programming languages cannot be supported, and the use scene of the platform is limited. If a set of front-end frameworks based on other programming languages (R or Java) are written, and simultaneously the running environments (R virtual machine and Java virtual machine) of other programming languages are used, the research and development cost is greatly increased.

In order to solve the above problems, the present application provides the following solutions.

Method embodiment

Referring to fig. 1, a flowchart illustrating steps of an embodiment of a compiling and linking method according to the present application is shown, where the method is used for compiling and linking ciphertext processing source code, where the ciphertext processing source code is implemented based on a first programming language, and the ciphertext processing source code includes a privacy operation implemented in a second programming language in the form of a dynamic library, and the method may include the following steps:

step 101, compiling the ciphertext processing source code according to a grammar rule of the first programming language and a custom language, and converting the ciphertext processing source code into a pseudo assembly code corresponding to the custom language supporting the privacy operation;

and 102, linking each function module in the pseudo assembly code based on the coupling degree of the code line in the pseudo assembly code and the privacy operation to obtain a target file.

The method and the device can be used for compiling and linking ciphertext processing source codes compiled by different programming languages. The ciphertext processing source code may include a system framework based on a first programming language, and a privacy operation based on a second programming language, the privacy operation being included in the ciphertext processing source code in the form of a dynamic library.

It should be noted that, in the embodiment of the present application, "first" and "second" in the first programming language and the second programming language are only used for distinguishing between the front-end framework and the back-end privacy operation of the ciphertext processing system, which may be implemented based on different programming languages, and do not indicate a specific programming language category.

The ciphertext processing source code refers to a program source code for the ciphertext processing system to perform data processing on ciphertext data. The ciphertext processing includes, but is not limited to: and data related operations such as cleaning, calculation, analysis, model training, storage, database query and the like of the data are realized based on the ciphertext. It should be noted that the embodiment of the present application does not limit the specific type of ciphertext processing. The ciphertext processing system may be implemented in different programming languages, and may perform privacy operations on ciphertext data based on a ciphertext data processing algorithm, for example, the ciphertext processing system may be a multi-party secure computing system.

The privacy operation refers to an operation performed on data based on a ciphertext, and may be implemented by a data processing algorithm based on the ciphertext, where the data processing algorithm may include algorithms such as data calculation, model training, and database query. In the privacy operation process of the data, the data exists in a ciphertext mode, and the plaintext of the data cannot be exposed. Optionally, the privacy operations may include any one or more of: cipher text based computing operations, cipher text based model training, cipher text based database query operations, and the like.

For example, the privacy operations may include: and performing calculation operations such as addition, subtraction, multiplication, division, averaging and the like on the data ciphertext, performing comparison operation on the data ciphertext, performing model training and prediction such as machine learning and artificial intelligence by using the data ciphertext, performing database query operation on the data ciphertext, and the like.

It should be noted that the privacy operation may be implemented by invoking a ciphertext computing system, where the ciphertext computing system may be based on a multi-party secure computing protocol, data participating in the computation includes ciphertext data, and an intermediate result and a final computation result generated in the computation process are also ciphertext data. In the calculation process based on the ciphertext, the data plaintext is not exposed, and the privacy security of the data can be ensured.

The privacy operation may be used for data processing of ciphertext data. In some examples, the ciphertext data is a private data, and the technician stores a program containing a business logic for processing the private data in the task management platform in advance, wherein the business logic describes a processing process of the private data through a computer program language, and the processing process can contain one or more computing tasks. The business logic refers to a process that a technician performs data processing on private data by using one or more computing tasks and obtains the private data according to a natural law. For example, one business logic comprises: under the condition that the clear text of the credit rating values of the enterprises is not known, a group of enterprises which are already ranked according to the credit rating scores and another group of enterprises which are already ranked according to the credit rating scores are merged, and the merging process directly completes the ranking. Another business logic includes: under the condition that the repayment ability score plaintext of each user is not known, a group of users which are sequenced according to the repayment ability score and another group of users which are sequenced according to the repayment ability score are combined, and the sequence is directly completed in the combining process. The scheme of the application is suitable for any privacy operation scene based on the ciphertext.

The first programming language may be a model programming language, and the model programming language refers to a programming language for machine learning, deep learning, and artificial intelligence algorithm implementation. For example, the first programming language may include Python language, Java language, C language, R language, and the like. A framework of models such as machine learning, deep learning and artificial intelligence can be achieved based on the first programming language. For example, frames such as Tensorflow, Pythrch, Keras, MxNet, and caffe implemented based on Python language; a deepearning 4j framework implemented based on the Java language; an SVM light framework realized based on C language; a Libsvm + + framework realized based on a C + + language; a Caret framework implemented based on the R language, and the like.

The Python language is widely used in the fields of machine learning, artificial intelligence and the like due to the characteristics of simplicity, easiness in use, high development efficiency, cross-platform and the like. However, the Python language has its own disadvantage of being slow to run. In the privacy operation process based on the multi-party security computing protocol, at least two computing nodes are required to participate in computing, communication is required to be carried out between the at least two computing nodes, and the execution efficiency of the privacy operation is greatly influenced by multiple times of communication. Therefore, the privacy operation part of the embodiment of the application can be realized based on the C + + language, and compared with the Python language, the operation speed of the privacy operation can be greatly increased, and the processing efficiency of ciphertext processing can be further improved.

It should be noted that, for convenience of description, the first programming language is Python language, and the second programming language is C + + language in the embodiments of the present application. In practical applications, the embodiment of the present application does not limit the language types of the first programming language and the second programming language. For example, the first programming language may include: python language, Java language, C language, R language, etc. The second programming language may include: C/C + + language, Go language, Rust language, etc. The first and second programming languages may be different programming languages.

The method and the device for processing the ciphertext convert the ciphertext processing source codes realized by different first programming languages into the pseudo assembly codes of the user-defined language in a unified mode based on the ciphertext computing compiler. In addition, the embodiment of the application also realizes a ciphertext calculation linker which is used for linking the result obtained by compiling by the ciphertext calculation compiler to obtain the executable target file.

In an example of the embodiment of the present application, the following code list 1 shows a part of codes in ciphertext processing source codes of which the first programming language is Python.

Code list 1:

import sys

import os

import numpy as np

sys.path.append(os.getcwd() + '/privpy_lib')

import pnumpy as pnp

import privpy as pp

import psql as psq

from numpy import array as np

table = pnp.reshape(pp.ss("golda"), (10000,4))

colm0,colm1,colm2,colm3= table.trans()

conj0 = (colm3==5152)

conj1 = (colm2<=3948)

conj2 = (colm2>=3946)

conj3 = ( 1 - (1 - (colm0<20181031)) * (1 - (colm0==20181031)*(colm1<=95838463))))

conj4 = ( 1 - (1 - (colm0>20181031)) * (1 - ((colm0==20181031)*(colm1>=95327897))))

conjs0 =conj0*conj1*conj2*conj3*conj4

colm5= psq.sum(colm2,1)

colm5 = pp.farr([colm5])

pp.reveal(colm5, "a3")

the code list 1 is compiled through a ciphertext computing compiler, so that the code list 1 can be converted into pseudo assembly codes corresponding to the custom language, as shown in a code list 2.

Code list 2:

----------------Line1----------------

Import sys None

----------------Line2----------------

Import os None

----------------Line3----------------

Import numpy np

----------------Line4----------------

CALL IR4-1 os.getcwd

Add IR4-2 IR4-1 '/privpy_lib'

CALL IR4-3 sys.path.append IR4-2

----------------Line5----------------

----------------Line9----------------

CALL IR9-1 pp.ss 'golda'

CALL IR9-2 pnp.reshape IR9-1 visit_Tuple

Assign table IR9-2

----------------Line10----------------

CALL IR10-1 table.trans

Assign visit_Tuple IR10-1

----------------Line12----------------

----------------Line18----------------

CALL IR18-1 psq.sum colm21

Assign colm5 IR18-1

----------------Line20----------------

CALL IR20-1 pp.farr None

Assign colm5 IR20-1

----------------Line21----------------

CALL IR21-1 pp.reveal colm5 'a3'

in code List 2, the behavior is annotated with a "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -. Ellipses between Line5 and Line9 and between Line12 and Line18 indicate the omission of part of the code.

In the embodiment of the application, the custom language may include a custom operation code, and the operation code is used to support a privacy operation in the ciphertext processing source code. The operation code may include comparison operations such as compare equal (Eq), compare equal to or less (LtE), compare equal to or more (GtE), compare less (Lt), compare greater (Gt). The operation code may further include an Add (Add), a subtract (Sub), a multiply (Mult), a divide (Div), an average (Avg), an ASSIGN operation (ASSIGN), a function CALL (CALL), and the like.

In code listing 2, lines of code beginning with the opcode "CALL" are used to represent pseudo assembly instructions that involve function CALLs. When the ciphertext computation virtual executor executes to the "CALL IR function name parameter name" instruction, it is not known how the called function is implemented. Therefore, in the embodiment of the application, each functional module in the pseudo assembly code is linked through the ciphertext calculation linker, so that the executable target file is obtained. The ciphertext computation linker is used for linking together pseudo assembly code implementations of classes, functions and the like in a Python library generated by a compiler and providing implementation logic of the classes, functions and the like.

As shown in the code manifest 2, the functions called in the code manifest may include functions in a system extension library of Python, a common extension library of Python, and an extension library provided by a ciphertext computing system and supporting plaintext computing. For example, functions in the system extension library of Python such as os.getcwd (), sys.path.apend (); functions in common extended libraries of Python such as np.array (), etc.; functions in the extended library provided by the ciphertext computing system to support plaintext computing are pp.farr (), pnp.reshape (), psq.sum (), and the like.

In practical applications, a function call may involve three types of functions as follows: the first is the Python's own system function, such as len (), range (), type (); the second is a standard function in Python libraries, such as np.reshape (), pd.series (); and the third is a function, a class and the like in a ciphertext computing system self-defined Python library, such as pp.ss (), pnp.reshape (), and the like.

According to the embodiment of the application, all compiled functional modules are linked together through a ciphertext computing linker and then input into a first programming language (Python) executor to be executed as a target file.

In the process of executing the target file, the first programming language executor needs to go through multiple jumping processes from the Python virtual machine environment to the cryptograph calculation virtual executor environment and then from the cryptograph calculation virtual executor to the Python virtual machine environment, so that the delay of the system is increased.

In order to reduce the number of jumps between two environments as much as possible, in the linking process, according to the embodiments of the present application, based on the coupling degree between the code line in the pseudo assembly code and the privacy operation, each functional module in the pseudo assembly code is linked, so that the maximum value of the Python virtual machine is maintained as much as possible, and only the code with the higher coupling degree with the privacy operation is executed in the ciphertext computing virtual executor. For example, reshape functions that need to be extended to PNumpy libraries and ss functions in Privpy may be executed in Python virtual machines in the form of Python code; and for the privacy operations of ciphertext addition, ciphertext comparison, ciphertext multiplication and the like, the privacy operations are executed in the ciphertext computing virtual actuator in a mode of transmitting parameters by using the interface function.

In an optional embodiment of the present application, the linking, based on the coupling degree between the code line in the pseudo assembly code and the privacy operation in step 102, the pseudo assembly code may include:

step S11, scanning the pseudo assembly code, and marking the code category of each code line based on the coupling degree of the code line in the pseudo assembly code and the privacy operation to obtain a marked code;

step S12, for the code line of the mark code whose code type is the first type, converting the code line into the object code which accords with the grammar rule of the first programming language;

step S13, for a code line of which the code type is the second type in the mark code, generating an interface function, where the interface function is used to transfer parameter information used for executing the privacy operation to a ciphertext calculation virtual actuator, and receive a return result obtained by the ciphertext calculation virtual actuator by calling a bottom-layer actuator to execute the privacy operation.

The linking process of the embodiment of the present application includes the following three steps, which can be described as follows: code class marking, object code generation, and interface function generation.

The code category marking means that a ciphertext calculation linker scans pseudo assembly codes generated by a ciphertext calculation compiler, and based on the coupling degree of code lines in the pseudo assembly codes and the privacy operation, the code category of each code line is marked to obtain a marked code. In this embodiment, two types of codes may be marked, namely, a first type (e.g., denoted as Python) and a second type (e.g., denoted as Asm), where the first type is used to indicate that the line of codes is to be executed in a Python virtual machine by a Python executor, and the second type is used to indicate that the line of codes is to be executed in a cryptograph computation virtual executor.

Object code generation refers to the process of converting lines of code marked "Python" into object code that satisfies the Python syntax and is executable in a Python virtual machine. After the pseudo assembly code generated by the cryptograph calculation compiler is marked by the code category, the code line marked as "Python" cannot be directly executed in a Python virtual machine because the syntax of the Python language is not satisfied, and therefore, conversion needs to be performed through the process of object code generation.

Interface function generation refers to the process of generating a code segment executable by the ciphertext computing virtual executor for the code line marked as "Asm". The interface function is used for transmitting parameter information for executing the privacy operation to a ciphertext computing virtual actuator and receiving a return result obtained by calling a bottom-layer actuator to execute the privacy operation by the ciphertext computing virtual actuator.

It should be noted that, in the embodiments of the present application, the first programming language is a Python language, and in a specific implementation, the first programming language may be any type of programming language. For example, if the first programming language is R language, the first class in the process of marking the code class may be R class, and the process of generating the object code may convert the code fragment marked as "R" class into the object code that satisfies the syntax of R language and can be executed in the R language virtual machine. Similarly, the second programming language may be any type of programming language.

In an optional embodiment of the present application, the scanning the pseudo assembly code in step S11, and marking a code category of each code line based on a coupling degree of the code line in the pseudo assembly code and the privacy operation may include:

step S111, determining a code line corresponding to a non-privacy operation and a code line corresponding to a privacy operation based on the coupling degree of the code line in the pseudo assembly code and the privacy operation;

step S112, scanning the pseudo assembly code, marking code lines corresponding to the called object and the non-privacy operation in the pseudo assembly code as a first category, and marking code lines corresponding to the privacy operation in the pseudo assembly code as a second category.

According to the method and the device, the code lines corresponding to the called object and the non-privacy operation in the pseudo assembly code are marked as a first category, and the code lines corresponding to the privacy operation are marked as a second category.

The called object comprises called functions and classes, and the called object begins with an operation code 'CALL'. In this embodiment of the application, the called object may include a system function and a library function corresponding to the first programming language, a library function in the ciphertext computing system called by the privacy operation, a custom function and a custom class in the ciphertext computing system called by the privacy operation, and the like. For example, the called object may include a Python system owned function, a function in a Python standard library, an ss function and a present function in a ciphertext computing system (the ss function and the present function may be implemented by Python language), and the like.

The code lines corresponding to the non-private operations refer to code lines that are not relevant to the ciphertext computation. The code line corresponding to the privacy operation refers to a code line related to ciphertext calculation, and has a high coupling degree with the privacy operation, such as a code line of the privacy operation related to ciphertext addition, ciphertext comparison, ciphertext multiplication and the like.

The called object is marked as a first class if the called object needs to be expanded to a reshape function in a PNumpy library, an ss function in a ciphertext computing system and the like, and a code line irrelevant to ciphertext computing, and is executed in a Python virtual machine in a Python code form; code lines related to ciphertext calculation, such as code lines related to privacy operations of ciphertext addition, ciphertext comparison, ciphertext multiplication and the like, are marked as a second category and are executed in the ciphertext calculation virtual actuator in a mode of transmitting parameters through an interface function. Thus, the part of the Python virtual machine can be kept as maximum as possible, and only the code with a high degree of coupling with the private operation can be executed in the cryptograph computation virtual executor.

And marking the code category of the code list 2 through a code category marking module in the ciphertext computing linker to obtain a marked code, as shown in a code list 3.

Code listing 3:

Python : IR9-1 pp.ss 'golda'

Python : IR9-2 pnp.reshape IR9-1 ['10000', '4']

Asm : Assign table IR9-2

----------------Line10----------------

Python : IR10-1 table.trans

Asm : Assign ['colm0', 'colm1', 'colm2', 'colm3']IR10-1

----------------Line11----------------

Asm : Assign constantnum_0 5152

----------------Line12----------------

Asm : Eq IR12-1 colm3 constantnum_0

Asm : Assign conj0 IR12-1

----------------Line13----------------

Asm : Assign constantnum_1 3948

----------------Line14----------------

Asm : LtE IR14-1 colm2 constantnum_1

Asm : Assign conj1 IR14-1

----------------Line15----------------

Asm : Assign constantnum_2 3946

----------------Line16----------------

Asm : GtE IR16-1 colm2 constantnum_2

Asm : Assign conj2 IR16-1

----------------Line17----------------

Asm : Assign constantnum_5 95838463

----------------Line18----------------

Asm : Assign constantnum_4 20181031

----------------Line19----------------

Asm : Assign constantnum_3 1

----------------Line20----------------

Asm : Lt IR20-1 colm0 constantnum_4

Asm : Sub IR20-2 constantnum_3 IR20-1

Asm : Eq IR21-3 colm0 constantnum_4

Asm : LtE IR21-4 colm1 constantnum_5

Asm : Mult IR21-5 IR21-3 IR21-4

Asm : Sub IR21-6 constantnum_3 IR21-5

Asm : Mult IR20-7 IR20-2 IR21-6

Asm : Sub IR20-8 constantnum_3 IR20-7

Asm : Assign conj3 IR20-8

----------------Line22----------------

Asm : Assign constantnum_6 95327897

----------------Line23----------------

Asm : Gt IR23-1 colm0 constantnum_4

Asm : Sub IR23-2 constantnum_3 IR23-1

Asm : Eq IR24-3 colm0 constantnum_4

Asm : GtE IR24-4 colm1 constantnum_6

Asm : Mult IR24-5 IR24-3 IR24-4

Asm : Sub IR24-6 constantnum_3 IR24-5

Asm : Mult IR23-7 IR23-2 IR24-6

Asm : Sub IR23-8 constantnum_3 IR23-7

Asm : Assign conj4 IR23-8

----------------Line25----------------

Asm : Mult IR25-1 conj0 conj1

Asm : Mult IR25-2 IR25-1 conj2

Asm : Mult IR25-3 IR25-2 conj3

Asm : Mult IR25-4 IR25-3 conj4

Asm : Assign conjs0 IR25-4

----------------Line28----------------

Python : IR28-1 pp.reveal conjs0 'a3'

as shown in code List 3, the beginning of each line of code is labeled with a code class, such as a first class (Python) or a second class (ASM). The code line labeled as the first category "Python" will execute in a Python virtual machine and the code line labeled as the second category "Asm" will execute in a ciphertext computing virtual executor.

After the pseudo assembly code is marked by the code category, an object file can be obtained through the processes of object code generation and interface function generation, as shown in a code list 4.

Code list 4:

1. IR4-1 = os.getcwd()

2. pp.exec_code(["Add IR4-2 IR4-1 '/privpy_lib'"],[IR4-1,'/privpy_lib'],['IR4-1',''/privpy_lib''],['IR4-2'])

3. IR4-3 = sys.path.append(IR4-2)

4. IR9-1 = pp.ss('golda')

5. IR9-2 = pnp.reshape(IR9-1,['10000',,'4'])

6. pp.exec_code(["Assign table IR9-2 "],[IR9-2],['IR9-2'],['table'])

7. IR10-1 = table.trans()

8. conjs0 = comp.exec_code("./external/privpy_asm_simple_3.txt",[colm0,colm1,colm2, colm3, constantnum_0, constantnum_1, constantnum_2,constantnum_3, constantnum_4, constantnum_5, constantnum_6],['colm0','colm1','colm2','colm3', 'constantnum_0', 'constantnum_1', 'constantnum_2', 'constantnum_3', 'constantnum_4', 'constantnum_5', 'constantnum_6'],['conjs0'])

9. IR18-1 = psq.sum(colm2,1)

10. pp.exec_code(["Assign colm5 IR18-1 "],[IR18-1],['IR18-1'],['colm5'])

11. IR20-1 = pp.farr(['colm5'])

12. pp.exec_code(["Assign colm5 IR20-1 "],[IR20-1],['IR20-1'],['colm5'])

13. IR21-1 = pp.reveal(colm5,'a3')

as shown in code list 4, it contains object code that satisfies Python syntax and can be executed in a Python virtual machine, and an interface function exec _ code ().

In an optional embodiment of the present application, the step S13 of generating an interface function for a code line of the mark code whose code category is the second category may include:

in the mark code, for each discontinuous code line with the code type of the second type, an interface function corresponding to each code line is respectively generated, and in the mark code, for a plurality of continuous code lines with the code type of the second type, one interface function corresponding to the plurality of code lines is generated by combining.

The embodiment of the present application generates exec _ code () interface functions for the code lines marked "Asm" in the code list 3. If a line of code labeled "Asm" is not contiguous with the previous and next lines of code labeled "Asm", then that line of code is generated separately as an exec _ code () interface function, such as lines 2, 6, 10, 12 of code list 4. Conversely, if there are multiple consecutive lines of code labeled "Asm", then these multiple consecutive lines of code are merged to generate an exec _ code () interface function, such as line 8 in code listing 4.

In code manifest 4, line1 executes in the Python virtual machine, while line 2 needs to execute in the cryptograph computation virtual executor, thus involving a jump from the Python virtual machine environment to the cryptograph computation virtual executor environment, and after the execution of line 2 code is completed, involving a jump from the cryptograph computation virtual executor environment to the Python virtual machine environment. In line 8, since consecutive lines of code that need to be executed in the ciphertext computing virtual executor are merged, consecutive lines of code can be executed in the ciphertext computing virtual executor and data transmission can be performed in the ciphertext computing virtual executor without a process of repeatedly returning to the Python virtual machine environment, and the number of times of switching back and forth between the two environments can be reduced.

Of course, in a specific implementation, for the mark code, a plurality of consecutive code lines marked as "Asm" therein may also be used to generate exec _ code () interface functions, respectively. For example, line 8 in code listing 4 may also be represented in the form of code listing 5.

Code list 5:

colm0 = pp.exec_code(["Assign ['colm0', 'colm1', 'colm2', 'colm3']IR10-1"],["'colm1',"],["'colm1',"],["['colm0',"])

IR12-1 = pp.exec_code(['Eq IR12-1 colm3 5152 '],[colm3],['colm3'],['IR12-1'])

conj0 = pp.exec_code(['Assign conj0 IR12-1 '],[IR12-1],['IR12-1'],['conj0'])

IR3-1 = pp.exec_code(['LtE IR13-1 colm2 3948 '],[colm2],['colm2'],['IR13-1'])

Conj1 = pp.exec_code(['Assign conj1 IR13-1 '],[IR13-1],['IR13-1'],['conj1'])

as shown in the code list 5, consecutive code lines having 5 lines labeled "Asm" generate exec _ code () interface functions, respectively, resulting in 5 exec _ code () interface functions.

For the code list 5, when executing the line1, jumping from the Python virtual machine environment to the cryptograph computing virtual actuator environment, and after the line1 is executed, jumping from the cryptograph computing virtual actuator environment to the Python virtual machine environment. And when the line 2 is executed, jumping from the Python virtual machine environment to the cryptograph computing virtual actuator environment, after the line 2 is executed, jumping from the cryptograph computing virtual actuator environment to the Python virtual machine environment, and so on until the line5 code is executed. It can be seen that the execution of these 5 lines of code requires frequent switching back and forth between the two environments, which in turn can affect the performance of the computation. In order to improve code execution efficiency and computational performance, the embodiment of the application adopts a mode of combining a plurality of continuous code lines marked as 'Asm' to generate one exec _ code () interface function.

In the embodiment of the present application, each exec _ code () interface function contains 4 input parameters and one return value. Where the return value is the final output of a line of code labeled "Asm" (line 2 of code listing 4) or a set of codes labeled "Asm" (line 8 of code listing 4). Of the 4 input parameters, the first input parameter is a pseudo assembly code representation in a code line marked as "Asm", the second input parameter is a list of input symbol values corresponding to the pseudo assembly code, the third parameter is a list of input symbol names corresponding to the pseudo assembly code, and the fourth parameter is a list of output symbol names corresponding to the pseudo assembly code. As the last line "Conj 1 = pp.exec _ code ([ 'Assign Conj1IR 13-1' ], [ IR13-1], [ 'IR13-1' ], [ 'Conj1' ])" in code list 5, the first input parameter of the interface function in this line is: assign conj1IR13-1, the second input parameter is: IR13-1, the third input parameter is: IR13-1, the fourth input parameter is Conj1, and the return value of the interface function is Conj 1. The interface function is used to perform a privacy operation by the ciphertext computing virtual executor, and assigns the result of the privacy operation to a variable Conj 1.

In an optional embodiment of the present application, after obtaining the target file in step 102, the method may further include:

inputting the target file into a first programming language executor to execute the target file through the first programming language executor, wherein the first programming language executor calls a corresponding bottom layer executor through a ciphertext computing virtual executor to execute a corresponding privacy operation when executing an interface function in the target file in the process of executing the target file.

According to the embodiment of the application, a plurality of function modules with smaller functions can be linked together according to the constraint of the ciphertext computing virtual actuator through the ciphertext computing linker, and the target file obtained through final linking is input into the ciphertext computing virtual machine to be executed.

In the embodiment of the application, the target file comprises target code which meets the grammar of the first programming language and can be executed in a first programming language executor, and an interface function which accords with the constraint of a ciphertext calculation executor and can be executed in the ciphertext calculation executor. The object code may be executed by an executor of a first programming language. The interface function can be used for transmitting input parameters to the bottom layer executor, executing the privacy operation realized by the interface function through the bottom layer executor, and assigning the calculation result of the privacy operation to the return value of the interface function.

In an alternative embodiment of the present application, the bottom layer actuator may include any one of: secret sharing based executors, homomorphic encryption based executors, trusted execution environment based executors.

In an embodiment of the present application, the bottom layer actuator includes any one of: an SS (secret sharing) based executor, an HE (Homomorphic Encryption) based executor, and a TEE (Trusted Execution Environment) based executor.

Optionally, in this embodiment of the present application, the ciphertext computation virtual executor may select a corresponding bottom layer executor according to the data obtaining manner of the privacy operation. The Data acquisition mode refers to a mode of acquiring Data from a DS (Data Server) to an ES (execution Server). For example, if the pp.ss () function is used in the process of acquiring data from the DS to the ES, the SS-based underlying executor is selected; selecting an HE-based bottom layer executor if a pp.he () function is used in the process of acquiring data from the DS to the ES; the TEE-based underlying executor is selected if the pp.tee () function is used in getting data from the DS to the ES.

In summary, according to the syntax rule of the first programming language and the custom language, the ciphertext processing source code is compiled, and the ciphertext processing source code is converted into the pseudo assembly code corresponding to the custom language supporting the privacy operation, so that the compiling process is independent of the first programming language at the front end, a cross-language and cross-platform execution environment is provided for the privacy operation, and the cost of secondary development is reduced. In addition, according to the embodiment of the application, based on the coupling degree between the code line in the pseudo assembly code obtained by compiling and the privacy operation, each function module in the pseudo assembly code is linked to obtain the target file, the part of the first programming language virtual machine is kept to the maximum as much as possible, only the code with the higher coupling degree with the privacy operation is executed in the ciphertext computing virtual actuator, the implementation complexity can be reduced, the jump times between two environments can be reduced, and the code execution efficiency and the computing performance can be improved.

In addition, in the embodiment of the application, the execution process of the bottom-layer executor is independent of the first programming language of the front end, a cross-language and cross-platform execution environment is provided for privacy operation, and the cost of secondary development is reduced.

It should be noted that, for simplicity of description, the method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the embodiments are not limited by the order of acts described, as some steps may occur in other orders or concurrently depending on the embodiments. Further, those skilled in the art will also appreciate that the embodiments described in the specification are presently preferred and that no particular act is required of the embodiments of the application.

Device embodiment

Referring to fig. 2, a block diagram illustrating an embodiment of a compiling and linking apparatus according to the present application, where the apparatus is configured to perform compiling and linking on ciphertext processing source code, where the ciphertext processing source code is implemented based on a first programming language, and the ciphertext processing source code includes a privacy operation implemented by a second programming language in the form of a dynamic library, and the apparatus may specifically include:

the compiling module 201 is configured to compile the ciphertext processing source code according to a grammar rule of the first programming language and a custom language, and convert the ciphertext processing source code into a pseudo assembly code corresponding to the custom language supporting the privacy operation;

and the linking module 202 is configured to link each function module in the pseudo assembly code based on a coupling degree between a code line in the pseudo assembly code and the privacy operation, so as to obtain a target file.

Optionally, the link module 202 includes:

the scanning and marking submodule is used for scanning the pseudo assembly code and marking the code category of each code line based on the coupling degree of the code line in the pseudo assembly code and the privacy operation to obtain a marked code;

the code conversion sub-module is used for converting the code line of which the code category is the first category in the mark codes into the target codes which accord with the grammar rule of the first programming language;

and the interface generation submodule is used for generating an interface function for the code line of which the code category is the second category in the mark code, wherein the interface function is used for transmitting parameter information for executing the privacy operation to a cryptograph calculation virtual actuator and receiving a return result obtained by calling a bottom layer actuator to execute the privacy operation by the cryptograph calculation virtual actuator.

Optionally, the scan mark sub-module comprises:

a determining unit, configured to determine, based on a coupling degree of a code line in the pseudo assembly code and the privacy operation, a code line corresponding to a non-privacy operation and a code line corresponding to a privacy operation;

the marking unit is used for scanning the pseudo assembly code, marking a code line corresponding to a called object and a non-privacy operation in the pseudo assembly code as a first category, and marking a code line corresponding to a privacy operation in the pseudo assembly code as a second category.

Optionally, the interface generation submodule is specifically configured to generate, in the mark code, an interface function corresponding to each discontinuous code line of which the code type is the second type, and combine a plurality of continuous code lines of which the code type is the second type to generate one interface function corresponding to the plurality of code lines in the mark code.

Optionally, the apparatus further comprises:

and the execution module is used for inputting the target file into a first programming language executor so as to execute the target file through the first programming language executor, wherein in the process of executing the target file, when an interface function in the target file is executed, the first programming language executor calls a corresponding bottom layer executor through a ciphertext calculation virtual executor to execute corresponding privacy operation.

Optionally, the bottom layer actuator comprises any one of: secret sharing based executors, homomorphic encryption based executors, trusted execution environment based executors.

For the device embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.

The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.

With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.

The embodiment of the application provides a device for compiling link, which is used for compiling link to ciphertext processing source code, wherein the ciphertext processing source code is implemented based on a first programming language, and the ciphertext processing source code includes a privacy operation implemented by a second programming language in a dynamic library form, the device includes a memory, and one or more programs, wherein the one or more programs are stored in the memory, and are configured to be executed by the one or more processors, and the one or more programs include instructions for: compiling the ciphertext processing source code according to a grammar rule of the first programming language and a custom language, and converting the ciphertext processing source code into a pseudo assembly code corresponding to the custom language supporting the privacy operation; and linking each function module in the pseudo assembly code based on the coupling degree of the code line in the pseudo assembly code and the privacy operation to obtain a target file.

FIG. 3 is a block diagram illustrating an apparatus 800 for compiling links according to an example embodiment. For example, the apparatus 800 may be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a game console, a tablet device, a medical device, an exercise device, a personal digital assistant, and the like.

Referring to fig. 3, the apparatus 800 may include one or more of the following components: processing component 802, memory 804, power component 806, multimedia component 808, audio component 810, input/output (I/O) interface 812, sensor component 814, and communication component 816.

The processing component 802 generally controls overall operation of the device 800, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing elements 802 may include one or more processors 820 to execute instructions to perform all or a portion of the steps of the methods described above. Further, the processing component 802 can include one or more modules that facilitate interaction between the processing component 802 and other components. For example, the processing component 802 can include a multimedia module to facilitate interaction between the multimedia component 808 and the processing component 802.

The memory 804 is configured to store various types of data to support operation at the device 800. Examples of such data include instructions for any application or method operating on device 800, contact data, phonebook data, messages, pictures, videos, and so forth. The memory 804 may be implemented by any type or combination of volatile or non-volatile memory devices such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.

Power components 806 provide power to the various components of device 800. The power components 806 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power for the apparatus 800.

The multimedia component 808 includes a screen that provides an output interface between the device 800 and a user. In some embodiments, the screen may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 808 includes a front facing camera and/or a rear facing camera. The front-facing camera and/or the rear-facing camera may receive external multimedia data when the device 800 is in an operating mode, such as a shooting mode or a video mode. Each front camera and rear camera may be a fixed optical lens system or have a focal length and optical zoom capability.

The audio component 810 is configured to output and/or input audio signals. For example, the audio component 810 includes a Microphone (MIC) configured to receive external audio signals when the apparatus 800 is in an operational mode, such as a call mode, a recording mode, and a voice information processing mode. The received audio signals may further be stored in the memory 804 or transmitted via the communication component 816. In some embodiments, audio component 810 also includes a speaker for outputting audio signals.

The I/O interface 812 provides an interface between the processing component 802 and peripheral interface modules, which may be keyboards, click wheels, buttons, etc. These buttons may include, but are not limited to: a home button, a volume button, a start button, and a lock button.

The sensor assembly 814 includes one or more sensors for providing various aspects of state assessment for the device 800. For example, the sensor assembly 814 may detect the open/closed state of the device 800, the relative positioning of the components, such as a display and keypad of the apparatus 800, the sensor assembly 814 may also detect a change in position of the apparatus 800 or a component of the apparatus 800, the presence or absence of user contact with the apparatus 800, orientation or acceleration/deceleration of the apparatus 800, and a change in temperature of the apparatus 800. Sensor assembly 814 may include a proximity sensor configured to detect the presence of a nearby object without any physical contact. The sensor assembly 814 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 814 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.

The communication component 816 is configured to facilitate communications between the apparatus 800 and other devices in a wired or wireless manner. The device 800 may access a wireless network based on a communication standard, such as WiFi, 2G or 3G, or a combination thereof. In an exemplary embodiment, the communication component 816 receives a broadcast signal or broadcast related information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, the communication component 816 further includes a Near Field Communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on radio frequency information processing (RFID) technology, infrared data association (IrDA) technology, Ultra Wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.

In an exemplary embodiment, the apparatus 800 may be implemented by one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), controllers, micro-controllers, microprocessors or other electronic components for performing the above-described methods.

In an exemplary embodiment, a non-transitory computer-readable storage medium comprising instructions, such as the memory 804 comprising instructions, executable by the processor 820 of the device 800 to perform the above-described method is also provided. For example, the non-transitory computer readable storage medium may be a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.

Fig. 4 is a schematic diagram of a server in some embodiments of the present application. The server 1900, which may vary widely in configuration or performance, may include one or more Central Processing Units (CPUs) 1922 (e.g., one or more processors) and memory 1932, one or more storage media 1930 (e.g., one or more mass storage devices) storing applications 1942 or data 1944. Memory 1932 and storage medium 1930 can be, among other things, transient or persistent storage. The program stored in the storage medium 1930 may include one or more modules (not shown), each of which may include a series of instructions operating on a server. Still further, a central processor 1922 may be provided in communication with the storage medium 1930 to execute a series of instruction operations in the storage medium 1930 on the server 1900.

The server 1900 may also include one or more power supplies 1926, one or more wired or wireless network interfaces 1950, one or more input-output interfaces 1958, one or more keyboards 1956, and/or one or more operating systems 1941, such as Windows Server, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM, etc.

A non-transitory computer readable storage medium in which instructions, when executed by a processor of an apparatus (server or terminal), enable the apparatus to perform the compile link method shown in fig. 1.

A non-transitory computer-readable storage medium, wherein instructions of the storage medium, when executed by a processor of an apparatus (server or terminal), enable the apparatus to perform a compilation linking method for compiling ciphertext processing source code, wherein the ciphertext processing source code is implemented based on a first programming language and includes privacy operations implemented in a second programming language in the form of a dynamic library, the method comprising: compiling the ciphertext processing source code according to a grammar rule of the first programming language and a custom language, and converting the ciphertext processing source code into a pseudo assembly code corresponding to the custom language supporting the privacy operation; and linking each function module in the pseudo assembly code based on the coupling degree of the code line in the pseudo assembly code and the privacy operation to obtain a target file.

Other embodiments of the present application will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.

It will be understood that the present application is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the application is limited only by the appended claims.

The above description is only exemplary of the present application and should not be taken as limiting the present application, as any modification, equivalent replacement, or improvement made within the spirit and principle of the present application should be included in the protection scope of the present application.

The compiling and linking method, the compiling and linking device and the device for compiling and linking provided by the application are introduced in detail, and specific examples are applied in the description to explain the principle and the implementation manner of the application, and the description of the above embodiments is only used for helping to understand the method and the core idea of the application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims

1. A compilation linking method, wherein the method is used for performing compilation linking on ciphertext processing source code, and wherein the ciphertext processing source code is implemented based on a first programming language and includes privacy operations implemented in a second programming language in the form of a dynamic library, the method comprising:

2. The method of claim 1, wherein linking functional modules in the pseudo assembly code based on a degree of coupling of lines of code in the pseudo assembly code to the privacy operation comprises:

scanning the pseudo assembly code, and marking the code category of each code line based on the coupling degree of the code line in the pseudo assembly code and the privacy operation to obtain a marked code;

for the code line of which the code category is a first category in the mark codes, converting the code line into target codes which accord with the grammar rule of the first programming language;

and generating an interface function for a code line of which the code type is the second type in the mark code, wherein the interface function is used for transmitting parameter information for executing the privacy operation to a cryptograph computing virtual actuator and receiving a return result obtained by calling a bottom-layer actuator to execute the privacy operation by the cryptograph computing virtual actuator.

3. The method of claim 2, wherein the scanning the pseudo assembly code and marking a code category of each code line based on a degree of coupling of the code line in the pseudo assembly code with the privacy operation comprises:

determining a code line corresponding to a non-private operation and a code line corresponding to a private operation based on the coupling degree of the code line in the pseudo assembly code and the private operation;

scanning the pseudo assembly code, marking code lines corresponding to called objects and non-privacy operations in the pseudo assembly code into a first category, and marking code lines corresponding to privacy operations in the pseudo assembly code into a second category.

4. The method according to claim 2, wherein the generating an interface function for the code line of which the code category is the second category in the markup code comprises:

5. The method of any of claims 1 to 4, wherein after obtaining the target document, the method further comprises:

6. The method of claim 5, wherein the bottom layer actuator comprises any one of: secret sharing based executors, homomorphic encryption based executors, trusted execution environment based executors.

7. A compile-linking apparatus, configured to perform compile-linking on ciphertext processing source code, where the ciphertext processing source code is implemented based on a first programming language and includes a privacy operation implemented in a second programming language in the form of a dynamic library, the apparatus comprising:

8. The apparatus of claim 7, wherein the linking module comprises:

9. The apparatus of claim 8, wherein the scan mark sub-module comprises:

10. The apparatus according to claim 8, wherein the interface generation submodule is specifically configured to generate, in the markup code, an interface function corresponding to each discontinuous code line having a second code type, and to combine a plurality of continuous code lines having a second code type to generate one interface function corresponding to the plurality of code lines.

11. The apparatus of any one of claims 7 to 10, further comprising:

12. The apparatus of claim 11, wherein the bottom layer actuator comprises any one of: secret sharing based executors, homomorphic encryption based executors, trusted execution environment based executors.

13. An apparatus for compile linking, wherein the apparatus is configured to compile linking ciphertext processing source code, wherein the ciphertext processing source code is implemented based on a first programming language and includes privacy operations implemented in a second programming language in the form of a dynamic library, the apparatus comprising a memory, and one or more programs, wherein the one or more programs are stored in the memory and configured to be executed by the one or more processors to perform the one or more programs including instructions for:

14. The apparatus of claim 13, wherein the linking functional modules in the pseudo assembly code based on the degree of coupling of the lines of code in the pseudo assembly code to the privacy operations comprises:

15. The apparatus of claim 14, wherein the scanning the pseudo assembly code and marking a code category of each code line based on a degree of coupling of the code line in the pseudo assembly code with the privacy operation comprises:

16. The apparatus according to claim 14, wherein the generating an interface function for the code line of which the code category is the second category in the markup code comprises:

17. The apparatus of any of claims 13 to 16, wherein the apparatus is further configured to execute the one or more programs by the one or more processors includes instructions for:

18. The apparatus of claim 17, wherein the bottom layer actuator comprises any one of: secret sharing based executors, homomorphic encryption based executors, trusted execution environment based executors.

19. A machine-readable medium having stored thereon instructions, which when executed by one or more processors, cause an apparatus to perform the method of compiling a link according to any of claims 1 to 6.