This is an automated email from the ASF dual-hosted git repository. shaojunwang pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-java-tee-sdk.git
commit d24cc6fcbf51ae0276a7eddf815d5ce30a26c3e7 Author: jeffery.wsj <[email protected]> AuthorDate: Fri Aug 12 14:44:48 2022 +0800 [sdk] Add JavaEnclave benchmark and samples Summary: 1. Add string and sm2/sm3/sm4 benchmark for JavaEnclave. 2. Enhance springboot sample for JavaEnclave. Test Plan: all tests pass Reviewers: lei.yul, cengfeng.lzy, sanhong.lsh Issue: https://aone.alibaba-inc.com/task/44037219 CR: https://code.aone.alibaba-inc.com/java-tee/JavaEnclave/codereview/9739228 --- benchmark/guomi/common/pom.xml | 59 ++++++ .../benchmark/guomi/common/SMService.java | 10 + benchmark/guomi/enclave/pom.xml | 208 +++++++++++++++++++++ .../benchmark/guomi/enclave/SM2ServiceImpl.java | 86 +++++++++ .../benchmark/guomi/enclave/SM3ServiceImpl.java | 15 ++ .../benchmark/guomi/enclave/SM4ServiceImpl.java | 53 ++++++ .../benchmark/guomi/enclave/SMServiceImpl.java | 23 +++ .../META-INF/native-image/jni-config.json | 2 + .../META-INF/native-image/proxy-config.json | 2 + .../META-INF/native-image/reflect-config.json | 2 + .../META-INF/native-image/resource-config.json | 5 + .../native-image/serialization-config.json | 2 + .../src/main/resources/embedded_libos_enclave.json | 11 ++ .../enclave/src/main/resources/tee_sdk_svm.conf | 12 ++ benchmark/guomi/host/pom.xml | 128 +++++++++++++ .../benchmark/guomi/host/GuoMiBenchMark.java | 156 ++++++++++++++++ benchmark/guomi/pom.xml | 107 +++++++++++ benchmark/guomi/run.sh | 5 + benchmark/string/common/pom.xml | 59 ++++++ .../string/common/StringOperationMetric.java | 10 + benchmark/string/enclave/pom.xml | 201 ++++++++++++++++++++ .../string/enclave/StringOperationMetricImpl.java | 45 +++++ .../META-INF/native-image/jni-config.json | 2 + .../META-INF/native-image/proxy-config.json | 2 + .../META-INF/native-image/reflect-config.json | 2 + .../META-INF/native-image/resource-config.json | 5 + .../native-image/serialization-config.json | 2 + .../src/main/resources/embedded_libos_enclave.json | 11 ++ .../enclave/src/main/resources/tee_sdk_svm.conf | 12 ++ benchmark/string/host/pom.xml | 128 +++++++++++++ .../benchmark/string/host/StringBenchMark.java | 158 ++++++++++++++++ benchmark/string/pom.xml | 97 ++++++++++ benchmark/string/run.sh | 5 + samples/springboot/common/pom.xml | 59 ++++++ .../springboot/common/SBEnclaveService.java | 11 ++ samples/springboot/enclave/pom.xml | 208 +++++++++++++++++++++ .../springboot/enclave/EnclaveServiceImpl.java | 102 ++++++++++ .../META-INF/native-image/jni-config.json | 2 + .../META-INF/native-image/proxy-config.json | 2 + .../META-INF/native-image/reflect-config.json | 2 + .../META-INF/native-image/resource-config.json | 5 + .../native-image/serialization-config.json | 2 + .../src/main/resources/embedded_libos_enclave.json | 11 ++ .../enclave/src/main/resources/tee_sdk_svm.conf | 12 ++ samples/springboot/host/pom.xml | 131 +++++++++++++ .../samples/springboot/host/Application.java | 25 +++ .../springboot/host/EnclaveDigestController.java | 27 +++ .../springboot/host/EnclaveEncDecController.java | 27 +++ samples/springboot/pom.xml | 101 ++++++++++ samples/springboot/run.sh | 20 ++ 50 files changed, 2372 insertions(+) diff --git a/benchmark/guomi/common/pom.xml b/benchmark/guomi/common/pom.xml new file mode 100644 index 0000000..a528117 --- /dev/null +++ b/benchmark/guomi/common/pom.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <parent> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <artifactId>guomi</artifactId> + <version>1.0-SNAPSHOT</version> + </parent> + <artifactId>common</artifactId> + <packaging>jar</packaging> + <name>common</name> + <url>http://maven.apache.org</url> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>3.0.0</version> + <configuration> + <attach>true</attach> + </configuration> + <executions> + <execution> + <phase>compile</phase> + <goals> + <goal>jar</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>3.0.0-M5</version> + </plugin> + </plugins> + </build> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>common</artifactId> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service-annotations</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + </dependencies> +</project> \ No newline at end of file diff --git a/benchmark/guomi/common/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/common/SMService.java b/benchmark/guomi/common/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/common/SMService.java new file mode 100644 index 0000000..858123c --- /dev/null +++ b/benchmark/guomi/common/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/common/SMService.java @@ -0,0 +1,10 @@ +package com.alibaba.confidentialcomputing.benchmark.guomi.common; + +import com.alibaba.confidentialcomputing.common.annotations.EnclaveService; + +@EnclaveService +public interface SMService { + String sm2Service(String plaintext) throws Exception; + byte[] sm3Service(String plainText) throws Exception; + String sm4Service(String plaintext) throws Exception; +} diff --git a/benchmark/guomi/enclave/pom.xml b/benchmark/guomi/enclave/pom.xml new file mode 100644 index 0000000..aac6171 --- /dev/null +++ b/benchmark/guomi/enclave/pom.xml @@ -0,0 +1,208 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <parent> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <artifactId>guomi</artifactId> + <version>1.0-SNAPSHOT</version> + </parent> + <artifactId>enclave</artifactId> + <packaging>jar</packaging> + <name>enclave</name> + <url>http://maven.apache.org</url> + <properties> + <svm.maven.version>0.9.13</svm.maven.version> + <com.alibaba.enclave.privatePem.path></com.alibaba.enclave.privatePem.path> + </properties> + <profiles> + <profile> + <id>native</id> + <build> + <plugins> + <plugin> + <groupId>org.graalvm.buildtools</groupId> + <artifactId>native-maven-plugin</artifactId> + <version>${svm.maven.version}</version> + <extensions>true</extensions> + <executions> + <execution> + <id>test-native</id> + <goals> + <goal>test</goal> + </goals> + <configuration> + <buildArgs> + <buildArg>--no-fallback</buildArg> + </buildArgs> + </configuration> + <phase>test</phase> + </execution> + <execution> + <id>build-native</id> + <goals> + <goal>build</goal> + </goals> + <configuration> + <imageName>lib_mock_svm_load</imageName> + <buildArgs> + <buildArg>--shared</buildArg> + <buildArg>--no-fallback</buildArg> + <buildArg>-H:Path=svm-output</buildArg> + </buildArgs> + </configuration> + <phase>package</phase> + </execution> + <execution> + <id>build-native-tee</id> + <goals> + <goal>build</goal> + </goals> + <configuration> + <imageName>lib_tee_sdk_svm_load</imageName> + <buildArgs> + <buildArg>--shared</buildArg> + <buildArg>--no-fallback</buildArg> + <buildArg>-H:-AllowVMInternalThreads</buildArg> + <buildArg>-H:+RunInEnclave</buildArg> + <buildArg>-H:Path=svm-output</buildArg> + </buildArgs> + </configuration> + <phase>package</phase> + </execution> + </executions> + <configuration> + <agent> + <enabled>true</enabled> + </agent> + </configuration> + </plugin> + <plugin> + <artifactId>exec-maven-plugin</artifactId> + <groupId>org.codehaus.mojo</groupId> + <executions> + <execution> + <id>ApplicationNativeCompile</id> + <phase>package</phase> + <goals> + <goal>exec</goal> + </goals> + <configuration> + <executable>bash</executable> + <arguments> + <argument>/opt/javaenclave/build_app/make.sh</argument> + <argument>${project.basedir}</argument> + <argument>${com.alibaba.enclave.platform}</argument> + <argument>${com.alibaba.enclave.privatePem.path}</argument> + </arguments> + </configuration> + </execution> + </executions> + </plugin> + </plugins> + </build> + </profile> + </profiles> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>3.0.0</version> + <configuration> + <attach>true</attach> + </configuration> + <executions> + <execution> + <phase>compile</phase> + <goals> + <goal>jar</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-assembly-plugin</artifactId> + <version>3.3.0</version> + <configuration> + <descriptorRefs> + <descriptorRef>jar-with-dependencies</descriptorRef> + </descriptorRefs> + </configuration> + <executions> + <execution> + <id>make-assembly</id> + <phase>package</phase> + <goals> + <goal>single</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>3.0.0-M5</version> + </plugin> + </plugins> + </build> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>enclave</artifactId> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <artifactId>common</artifactId> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>bouncycastle-native</artifactId> + </dependency> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service-annotations</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-api</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-launcher</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit-pioneer</groupId> + <artifactId>junit-pioneer</artifactId> + <scope>test</scope> + </dependency> + </dependencies> +</project> \ No newline at end of file diff --git a/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SM2ServiceImpl.java b/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SM2ServiceImpl.java new file mode 100644 index 0000000..1bfb4dc --- /dev/null +++ b/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SM2ServiceImpl.java @@ -0,0 +1,86 @@ +package com.alibaba.confidentialcomputing.benchmark.guomi.enclave; + +import org.bouncycastle.asn1.gm.GMNamedCurves; +import org.bouncycastle.asn1.x9.X9ECParameters; +import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey; +import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ECParameterSpec; +import org.bouncycastle.jce.spec.ECPrivateKeySpec; +import org.bouncycastle.jce.spec.ECPublicKeySpec; +import org.bouncycastle.math.ec.ECPoint; +import org.bouncycastle.util.encoders.Hex; + +import javax.crypto.Cipher; +import java.math.BigInteger; +import java.security.*; +import java.security.spec.ECGenParameterSpec; +import java.util.Base64; + +class SM2ServiceImpl { + private static BouncyCastleProvider provider; + private static ECParameterSpec ecParameterSpec; + private static KeyFactory keyFactory; + private static String publicKey; + private static String privateKey; + + static { + try { + provider = (BouncyCastleProvider) Security.getProvider("BC"); + if (provider == null) { + provider = new BouncyCastleProvider(); + } + X9ECParameters parameters = GMNamedCurves.getByName("sm2p256v1"); + ecParameterSpec = new ECParameterSpec(parameters.getCurve(), parameters.getG(), parameters.getN(), parameters.getH()); + keyFactory = KeyFactory.getInstance("EC", provider); + generateSm2KeyPair(); + } catch (Exception e) { + e.printStackTrace(); + } + } + + private static void generateSm2KeyPair() throws Exception { + final ECGenParameterSpec sm2Spec = new ECGenParameterSpec("sm2p256v1"); + final KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", provider); + SecureRandom random = new SecureRandom(); + kpg.initialize(sm2Spec, random); + KeyPair keyPair = kpg.generateKeyPair(); + BCECPrivateKey priKey = (BCECPrivateKey) keyPair.getPrivate(); + BCECPublicKey pubKey = (BCECPublicKey) keyPair.getPublic(); + publicKey = new String(Hex.encode(pubKey.getQ().getEncoded(true))); + privateKey = priKey.getD().toString(16); + } + + private String encode(String input, String pubKey) { + try { + X9ECParameters parameters = GMNamedCurves.getByName("sm2p256v1"); + ECParameterSpec ecParameterSpec = new ECParameterSpec(parameters.getCurve(), parameters.getG(), parameters.getN(), parameters.getH()); + ECPoint ecPoint = parameters.getCurve().decodePoint(Hex.decode(pubKey)); + KeyFactory keyFactory = KeyFactory.getInstance("EC", provider); + BCECPublicKey key = (BCECPublicKey) keyFactory.generatePublic(new ECPublicKeySpec(ecPoint, ecParameterSpec)); + Cipher cipher = Cipher.getInstance("SM2", provider); + cipher.init(Cipher.ENCRYPT_MODE, key); + return Base64.getEncoder().encodeToString(cipher.doFinal(input.getBytes())); + } catch (Exception e) { + e.printStackTrace(); + } + return null; + } + + private byte[] decoder(String input, String prvKey) { + try { + Cipher cipher = Cipher.getInstance("SM2", provider); + BigInteger bigInteger = new BigInteger(prvKey, 16); + BCECPrivateKey privateKey = (BCECPrivateKey) keyFactory.generatePrivate(new ECPrivateKeySpec(bigInteger, ecParameterSpec)); + cipher.init(Cipher.DECRYPT_MODE, privateKey); + return cipher.doFinal(Base64.getDecoder().decode(input)); + } catch (Exception e) { + e.printStackTrace(); + } + return null; + } + + String sm2Service(String plaintext) throws Exception { + return new String(decoder(encode(plaintext, publicKey), privateKey)); + } +} diff --git a/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SM3ServiceImpl.java b/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SM3ServiceImpl.java new file mode 100644 index 0000000..e4e64a5 --- /dev/null +++ b/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SM3ServiceImpl.java @@ -0,0 +1,15 @@ +package com.alibaba.confidentialcomputing.benchmark.guomi.enclave; + +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.digests.SM3Digest; + +class SM3ServiceImpl { + static byte[] sm3Service(String plainText) throws Exception { + byte[] messages = plainText.getBytes(); + Digest md = new SM3Digest(); + md.update(messages, 0, messages.length); + byte[] digest = new byte[md.getDigestSize()]; + md.doFinal(digest, 0); + return digest; + } +} diff --git a/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SM4ServiceImpl.java b/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SM4ServiceImpl.java new file mode 100644 index 0000000..0d13810 --- /dev/null +++ b/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SM4ServiceImpl.java @@ -0,0 +1,53 @@ +package com.alibaba.confidentialcomputing.benchmark.guomi.enclave; + +import org.bouncycastle.jce.provider.BouncyCastleProvider; + +import javax.crypto.Cipher; +import javax.crypto.KeyGenerator; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; +import java.nio.charset.StandardCharsets; +import java.security.Provider; +import java.security.SecureRandom; +import java.security.Security; + +public class SM4ServiceImpl { + private static final String ALGORITHM_NAME = "SM4"; + private static final String ALGORITHM_ECB_PKCS5PADDING = "SM4/ECB/PKCS5Padding"; + private static final int DEFAULT_KEY_SIZE = 128; + + static { + Provider provider = Security.getProvider("BC"); + if (provider == null) { + provider = new BouncyCastleProvider(); + } + Security.addProvider(provider); + } + + private byte[] generateKey() throws Exception { + KeyGenerator kg = KeyGenerator.getInstance(ALGORITHM_NAME, BouncyCastleProvider.PROVIDER_NAME); + kg.init(DEFAULT_KEY_SIZE, new SecureRandom()); + return kg.generateKey().getEncoded(); + } + + private byte[] sm4EncryptAndDecrypt(byte[] data, byte[] key, String sm4mode, byte[] iv, int mode) throws Exception { + IvParameterSpec ivParameterSpec = null; + if (null != iv) { + ivParameterSpec = new IvParameterSpec(iv); + } + SecretKeySpec sm4Key = new SecretKeySpec(key, ALGORITHM_NAME); + Cipher cipher = Cipher.getInstance(sm4mode, BouncyCastleProvider.PROVIDER_NAME); + if (null == ivParameterSpec) { + cipher.init(mode, sm4Key); + } else { + cipher.init(mode, sm4Key, ivParameterSpec); + } + return cipher.doFinal(data); + } + + String sm4Service(String plaintext) throws Exception { + byte[] key = generateKey(); + byte[] encryptResult = sm4EncryptAndDecrypt(plaintext.getBytes(StandardCharsets.UTF_8), key, ALGORITHM_ECB_PKCS5PADDING, null, Cipher.ENCRYPT_MODE); + return new String(sm4EncryptAndDecrypt(encryptResult, key, ALGORITHM_ECB_PKCS5PADDING, null, Cipher.DECRYPT_MODE), StandardCharsets.UTF_8); + } +} diff --git a/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SMServiceImpl.java b/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SMServiceImpl.java new file mode 100644 index 0000000..4f46345 --- /dev/null +++ b/benchmark/guomi/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/enclave/SMServiceImpl.java @@ -0,0 +1,23 @@ +package com.alibaba.confidentialcomputing.benchmark.guomi.enclave; + +import com.alibaba.confidentialcomputing.benchmark.guomi.common.SMService; +import com.google.auto.service.AutoService; + +@AutoService(SMService.class) +public class SMServiceImpl implements SMService { + + @Override + public String sm2Service(String plaintext) throws Exception { + return new SM2ServiceImpl().sm2Service(plaintext); + } + + @Override + public byte[] sm3Service(String plainText) throws Exception { + return SM3ServiceImpl.sm3Service(plainText); + } + + @Override + public String sm4Service(String plaintext) throws Exception { + return new SM4ServiceImpl().sm4Service(plaintext); + } +} diff --git a/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/jni-config.json b/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/jni-config.json new file mode 100644 index 0000000..0d4f101 --- /dev/null +++ b/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/jni-config.json @@ -0,0 +1,2 @@ +[ +] diff --git a/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/proxy-config.json b/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/proxy-config.json new file mode 100644 index 0000000..0d4f101 --- /dev/null +++ b/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/proxy-config.json @@ -0,0 +1,2 @@ +[ +] diff --git a/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/reflect-config.json b/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/reflect-config.json new file mode 100644 index 0000000..32960f8 --- /dev/null +++ b/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/reflect-config.json @@ -0,0 +1,2 @@ +[ +] \ No newline at end of file diff --git a/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/resource-config.json b/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/resource-config.json new file mode 100644 index 0000000..791ea0f --- /dev/null +++ b/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/resource-config.json @@ -0,0 +1,5 @@ +{ + "resources":{ + "includes":[]}, + "bundles":[] +} diff --git a/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/serialization-config.json b/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/serialization-config.json new file mode 100644 index 0000000..0d4f101 --- /dev/null +++ b/benchmark/guomi/enclave/src/main/resources/META-INF/native-image/serialization-config.json @@ -0,0 +1,2 @@ +[ +] diff --git a/benchmark/guomi/enclave/src/main/resources/embedded_libos_enclave.json b/benchmark/guomi/enclave/src/main/resources/embedded_libos_enclave.json new file mode 100644 index 0000000..add95b2 --- /dev/null +++ b/benchmark/guomi/enclave/src/main/resources/embedded_libos_enclave.json @@ -0,0 +1,11 @@ +{ + "debuggable": true, + "agent_http_handler_thread_pool_size": 6, + "enclave_startup_duration_ms": 60000, + "kernel_space_heap_size": "32MB", + "user_space_size": "1200MB", + "default_mmap_size": "800MB", + "max_num_of_threads": 48, + "log_level": "off", + "enclave_jvm_args": ["-XX:-UseCompressedOops", "-Xmx512m", "-Dos.name=Linux"] +} \ No newline at end of file diff --git a/benchmark/guomi/enclave/src/main/resources/tee_sdk_svm.conf b/benchmark/guomi/enclave/src/main/resources/tee_sdk_svm.conf new file mode 100644 index 0000000..ffa1b22 --- /dev/null +++ b/benchmark/guomi/enclave/src/main/resources/tee_sdk_svm.conf @@ -0,0 +1,12 @@ +<!-- Please refer to User's Guide for the explanation of each field --> +<EnclaveConfiguration> + <ProdID>0</ProdID> + <ISVSVN>0</ISVSVN> + <StackMaxSize>0x101000</StackMaxSize> + <HeapMaxSize>0x30000000</HeapMaxSize> + <TCSNum>15</TCSNum> + <TCSPolicy>1</TCSPolicy> + <DisableDebug>0</DisableDebug> + <MiscSelect>0</MiscSelect> + <MiscMask>0xFFFFFFFF</MiscMask> +</EnclaveConfiguration> \ No newline at end of file diff --git a/benchmark/guomi/host/pom.xml b/benchmark/guomi/host/pom.xml new file mode 100644 index 0000000..3289f64 --- /dev/null +++ b/benchmark/guomi/host/pom.xml @@ -0,0 +1,128 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <parent> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <artifactId>guomi</artifactId> + <version>1.0-SNAPSHOT</version> + </parent> + <artifactId>host</artifactId> + <packaging>jar</packaging> + <name>host</name> + <url>http://maven.apache.org</url> + <build> + <resources> + <resource> + <directory>${project.basedir}/../enclave/target/svm-output</directory> + <includes> + <include>**/*.so</include> + <include>**/*.signed</include> + <include>**/*.tgz</include> + </includes> + </resource> + <resource> + <directory>${project.basedir}/../enclave/src/main/resources</directory> + <includes> + <include>**/embedded_libos_enclave.json</include> + <include>**/tee_sdk_svm.conf</include> + </includes> + </resource> + </resources> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>3.0.0</version> + <configuration> + <attach>true</attach> + </configuration> + <executions> + <execution> + <phase>compile</phase> + <goals> + <goal>jar</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>3.0.0-M5</version> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-assembly-plugin</artifactId> + <version>3.3.0</version> + <configuration> + <descriptorRefs> + <descriptorRef>jar-with-dependencies</descriptorRef> + </descriptorRefs> + </configuration> + <executions> + <execution> + <id>make-assembly</id> + <phase>package</phase> + <goals> + <goal>single</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>host</artifactId> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <artifactId>common</artifactId> + </dependency> + <dependency> + <groupId>org.openjdk.jmh</groupId> + <artifactId>jmh-core</artifactId> + </dependency> + <dependency> + <groupId>org.openjdk.jmh</groupId> + <artifactId>jmh-generator-annprocess</artifactId> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service-annotations</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-api</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit-pioneer</groupId> + <artifactId>junit-pioneer</artifactId> + <scope>test</scope> + </dependency> + </dependencies> +</project> \ No newline at end of file diff --git a/benchmark/guomi/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/host/GuoMiBenchMark.java b/benchmark/guomi/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/host/GuoMiBenchMark.java new file mode 100644 index 0000000..a5ecc29 --- /dev/null +++ b/benchmark/guomi/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/host/GuoMiBenchMark.java @@ -0,0 +1,156 @@ +package com.alibaba.confidentialcomputing.benchmark.guomi.host; + +import com.alibaba.confidentialcomputing.benchmark.guomi.common.SMService; +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import org.openjdk.jmh.annotations.*; +import org.openjdk.jmh.results.format.ResultFormatType; +import org.openjdk.jmh.runner.Runner; +import org.openjdk.jmh.runner.RunnerException; +import org.openjdk.jmh.runner.options.Options; +import org.openjdk.jmh.runner.options.OptionsBuilder; + +import java.util.concurrent.TimeUnit; + +@BenchmarkMode(Mode.AverageTime) +@Warmup(iterations = 3, time = 1) +@Measurement(iterations = 5, time = 2) +@Threads(8) +@Fork(1) +@State(value = Scope.Benchmark) +@OutputTimeUnit(TimeUnit.MILLISECONDS) +public class GuoMiBenchMark { + + @State(Scope.Benchmark) + public static class MockJVMEnclave { + private Enclave enclave = null; + private SMService service = null; + + @Setup(Level.Trial) + public void createEnclave() throws Exception { + enclave = EnclaveFactory.create(EnclaveType.MOCK_IN_JVM); + service = enclave.load(SMService.class).next(); + } + + public SMService getServiceInstance() { + return this.service; + } + } + + @State(Scope.Benchmark) + public static class MockSVMEnclave { + private Enclave enclave = null; + private SMService service = null; + + @Setup(Level.Trial) + public void createEnclave() throws Exception { + enclave = EnclaveFactory.create(EnclaveType.MOCK_IN_SVM); + service = enclave.load(SMService.class).next(); + } + + public SMService getServiceInstance() { + return this.service; + } + } + + @State(Scope.Benchmark) + public static class TeeSDKEnclave { + private Enclave enclave = null; + private SMService service = null; + + @Setup(Level.Trial) + public void createEnclave() throws Exception { + enclave = EnclaveFactory.create(EnclaveType.TEE_SDK); + service = enclave.load(SMService.class).next(); + } + + public SMService getServiceInstance() { + return this.service; + } + } + + @State(Scope.Benchmark) + public static class EmbeddedLibOSEnclave { + private Enclave enclave = null; + private SMService service = null; + + @Setup(Level.Trial) + public void createEnclave() throws Exception { + enclave = EnclaveFactory.create(EnclaveType.EMBEDDED_LIB_OS); + service = enclave.load(SMService.class).next(); + } + + public SMService getServiceInstance() { + return this.service; + } + } + + @Benchmark + public void sm2TeeSDKBenchMark(TeeSDKEnclave enclave) throws Exception { + enclave.getServiceInstance().sm2Service("[email protected]"); + } + + @Benchmark + public void sm2MockJVMBenchMark(MockJVMEnclave enclave) throws Exception { + enclave.getServiceInstance().sm2Service("[email protected]"); + } + + @Benchmark + public void sm2MockSVMBenchMark(MockSVMEnclave enclave) throws Exception { + enclave.getServiceInstance().sm2Service("[email protected]"); + } + + @Benchmark + public void sm2EmbeddedLibOSBenchMark(EmbeddedLibOSEnclave enclave) throws Exception { + enclave.getServiceInstance().sm2Service("[email protected]"); + } + + @Benchmark + public void sm3MockJVMBenchMark(MockJVMEnclave enclave) throws Exception { + enclave.getServiceInstance().sm3Service("Hello World!"); + } + + @Benchmark + public void sm3MockSVMBenchMark(MockSVMEnclave enclave) throws Exception { + enclave.getServiceInstance().sm3Service("Hello World!"); + } + + @Benchmark + public void sm3TeeSDKBenchMark(TeeSDKEnclave enclave) throws Exception { + enclave.getServiceInstance().sm3Service("Hello World!"); + } + + @Benchmark + public void sm3EmbeddedLibOSBenchMark(EmbeddedLibOSEnclave enclave) throws Exception { + enclave.getServiceInstance().sm3Service("Hello World!"); + } + + @Benchmark + public void sm4MockJVMBenchMark(MockJVMEnclave enclave) throws Exception { + enclave.getServiceInstance().sm4Service("word1, word2 word3@word4?word5.word6"); + } + + @Benchmark + public void sm4MockSVMBenchMark(MockSVMEnclave enclave) throws Exception { + enclave.getServiceInstance().sm4Service("word1, word2 word3@word4?word5.word6"); + } + + @Benchmark + public void sm4TeeSDKBenchMark(TeeSDKEnclave enclave) throws Exception { + enclave.getServiceInstance().sm4Service("word1, word2 word3@word4?word5.word6"); + } + + @Benchmark + public void sm4EmbeddedLibOSBenchMark(EmbeddedLibOSEnclave enclave) throws Exception { + enclave.getServiceInstance().sm4Service("word1, word2 word3@word4?word5.word6"); + } + + public static void main(String[] args) throws RunnerException { + Options opt = new OptionsBuilder() + .include(GuoMiBenchMark.class.getSimpleName()) + .result("guomi_benchmark.json") + .resultFormat(ResultFormatType.JSON).build(); + new Runner(opt).run(); + } +} diff --git a/benchmark/guomi/pom.xml b/benchmark/guomi/pom.xml new file mode 100644 index 0000000..08f51eb --- /dev/null +++ b/benchmark/guomi/pom.xml @@ -0,0 +1,107 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <artifactId>guomi</artifactId> + <packaging>pom</packaging> + <version>1.0-SNAPSHOT</version> + <name>guomi</name> + <url>http://maven.apache.org</url> + <properties> + <jmh.version>1.35</jmh.version> + <maven.compiler.source>11</maven.compiler.source> + <maven.compiler.target>11</maven.compiler.target> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + <com.alibaba.enclave.platform>MOCK_IN_SVM:TEE_SDK:EMBEDDED_LIB_OS</com.alibaba.enclave.platform> + </properties> + <dependencyManagement> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>common</artifactId> + <version>0.1.0</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>enclave</artifactId> + <version>0.1.0</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>host</artifactId> + <version>0.1.0</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <artifactId>common</artifactId> + <version>1.0-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <artifactId>enclave</artifactId> + <version>1.0-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.benchmark.guomi</groupId> + <artifactId>host</artifactId> + <version>1.0-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>bouncycastle-native</artifactId> + <version>1.0-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + <version>1.66</version> + </dependency> + <dependency> + <groupId>org.openjdk.jmh</groupId> + <artifactId>jmh-core</artifactId> + <version>${jmh.version}</version> + </dependency> + <dependency> + <groupId>org.openjdk.jmh</groupId> + <artifactId>jmh-generator-annprocess</artifactId> + <version>${jmh.version}</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-api</artifactId> + <version>5.7.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-engine</artifactId> + <version>1.8.2</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-launcher</artifactId> + <version>1.8.2</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-engine</artifactId> + <version>5.6.2</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit-pioneer</groupId> + <artifactId>junit-pioneer</artifactId> + <version>1.5.0</version> + <scope>test</scope> + </dependency> + </dependencies> + </dependencyManagement> + <modules> + <module>common</module> + <module>enclave</module> + <module>host</module> + </modules> +</project> \ No newline at end of file diff --git a/benchmark/guomi/run.sh b/benchmark/guomi/run.sh new file mode 100755 index 0000000..7f5894e --- /dev/null +++ b/benchmark/guomi/run.sh @@ -0,0 +1,5 @@ +#/bin/bash + +mvn --settings /root/tools/settings.xml -Pnative clean package + +java -cp host/target/host-1.0-SNAPSHOT-jar-with-dependencies.jar:enclave/target/enclave-1.0-SNAPSHOT-jar-with-dependencies.jar com.alibaba.confidentialcomputing.benchmark.guomi.host.GuoMiBenchMark diff --git a/benchmark/string/common/pom.xml b/benchmark/string/common/pom.xml new file mode 100644 index 0000000..0340e10 --- /dev/null +++ b/benchmark/string/common/pom.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <parent> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <artifactId>string</artifactId> + <version>1.0-SNAPSHOT</version> + </parent> + <artifactId>common</artifactId> + <packaging>jar</packaging> + <name>common</name> + <url>http://maven.apache.org</url> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>3.0.0</version> + <configuration> + <attach>true</attach> + </configuration> + <executions> + <execution> + <phase>compile</phase> + <goals> + <goal>jar</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>3.0.0-M5</version> + </plugin> + </plugins> + </build> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>common</artifactId> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service-annotations</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + </dependencies> +</project> \ No newline at end of file diff --git a/benchmark/string/common/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/common/StringOperationMetric.java b/benchmark/string/common/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/common/StringOperationMetric.java new file mode 100644 index 0000000..c0edbb0 --- /dev/null +++ b/benchmark/string/common/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/common/StringOperationMetric.java @@ -0,0 +1,10 @@ +package com.alibaba.confidentialcomputing.benchmark.string.common; + +import com.alibaba.confidentialcomputing.common.annotations.EnclaveService; + +@EnclaveService +public interface StringOperationMetric { + boolean stringRegex(String source, String pattern, int iterator); + String stringConcat(String source, String split, int iterator); + String[] stringSplit(String source, String concat, int iterator); +} diff --git a/benchmark/string/enclave/pom.xml b/benchmark/string/enclave/pom.xml new file mode 100644 index 0000000..01a79e0 --- /dev/null +++ b/benchmark/string/enclave/pom.xml @@ -0,0 +1,201 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <parent> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <artifactId>string</artifactId> + <version>1.0-SNAPSHOT</version> + </parent> + <artifactId>enclave</artifactId> + <packaging>jar</packaging> + <name>enclave</name> + <url>http://maven.apache.org</url> + <properties> + <svm.maven.version>0.9.13</svm.maven.version> + <com.alibaba.enclave.privatePem.path></com.alibaba.enclave.privatePem.path> + </properties> + <profiles> + <profile> + <id>native</id> + <build> + <plugins> + <plugin> + <groupId>org.graalvm.buildtools</groupId> + <artifactId>native-maven-plugin</artifactId> + <version>${svm.maven.version}</version> + <extensions>true</extensions> + <executions> + <execution> + <id>test-native</id> + <goals> + <goal>test</goal> + </goals> + <configuration> + <buildArgs> + <buildArg>--no-fallback</buildArg> + </buildArgs> + </configuration> + <phase>test</phase> + </execution> + <execution> + <id>build-native</id> + <goals> + <goal>build</goal> + </goals> + <configuration> + <imageName>lib_mock_svm_load</imageName> + <buildArgs> + <buildArg>--shared</buildArg> + <buildArg>--no-fallback</buildArg> + <buildArg>-H:Path=svm-output</buildArg> + </buildArgs> + </configuration> + <phase>package</phase> + </execution> + <execution> + <id>build-native-tee</id> + <goals> + <goal>build</goal> + </goals> + <configuration> + <imageName>lib_tee_sdk_svm_load</imageName> + <buildArgs> + <buildArg>--shared</buildArg> + <buildArg>-R:-PrintGC</buildArg> + <buildArg>--no-fallback</buildArg> + <buildArg>-H:-AllowVMInternalThreads</buildArg> + <buildArg>-H:+RunInEnclave</buildArg> + <buildArg>-H:Path=svm-output</buildArg> + </buildArgs> + </configuration> + <phase>package</phase> + </execution> + </executions> + <configuration> + <agent> + <enabled>true</enabled> + </agent> + </configuration> + </plugin> + <plugin> + <artifactId>exec-maven-plugin</artifactId> + <groupId>org.codehaus.mojo</groupId> + <executions> + <execution> + <id>ApplicationNativeCompile</id> + <phase>package</phase> + <goals> + <goal>exec</goal> + </goals> + <configuration> + <executable>bash</executable> + <arguments> + <argument>/opt/javaenclave/build_app/make.sh</argument> + <argument>${project.basedir}</argument> + <argument>${com.alibaba.enclave.platform}</argument> + <argument>${com.alibaba.enclave.privatePem.path}</argument> + </arguments> + </configuration> + </execution> + </executions> + </plugin> + </plugins> + </build> + </profile> + </profiles> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>3.0.0</version> + <configuration> + <attach>true</attach> + </configuration> + <executions> + <execution> + <phase>compile</phase> + <goals> + <goal>jar</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-assembly-plugin</artifactId> + <version>3.3.0</version> + <configuration> + <descriptorRefs> + <descriptorRef>jar-with-dependencies</descriptorRef> + </descriptorRefs> + </configuration> + <executions> + <execution> + <id>make-assembly</id> + <phase>package</phase> + <goals> + <goal>single</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>3.0.0-M5</version> + </plugin> + </plugins> + </build> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>enclave</artifactId> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <artifactId>common</artifactId> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service-annotations</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-api</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-launcher</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit-pioneer</groupId> + <artifactId>junit-pioneer</artifactId> + <scope>test</scope> + </dependency> + </dependencies> +</project> \ No newline at end of file diff --git a/benchmark/string/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/enclave/StringOperationMetricImpl.java b/benchmark/string/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/enclave/StringOperationMetricImpl.java new file mode 100644 index 0000000..c17df7a --- /dev/null +++ b/benchmark/string/enclave/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/enclave/StringOperationMetricImpl.java @@ -0,0 +1,45 @@ +package com.alibaba.confidentialcomputing.benchmark.string.enclave; + +import com.alibaba.confidentialcomputing.benchmark.string.common.StringOperationMetric; +import com.google.auto.service.AutoService; + +import java.util.regex.Pattern; + +@AutoService(StringOperationMetric.class) +public class StringOperationMetricImpl implements StringOperationMetric { + private final long INNER_MAX_ITERATOR = 50; + + @Override + public String stringConcat(String source, String concat, int iterator) { + String result = null; + for (int i = 0x0; i < iterator; i++) { + for (int j = 0x0; j < INNER_MAX_ITERATOR; j++) { + result = source.concat(concat).toLowerCase().trim().replace('a', 'b'); + } + } + return result; + } + + @Override + public boolean stringRegex(String source, String pattern, int iterator) { + boolean matched = false; + for (int i = 0x0; i < iterator; i++) { + for (int j = 0x0; j < INNER_MAX_ITERATOR; j++) { + Pattern p = Pattern.compile(pattern); + matched = p.matcher(source).matches(); + } + } + return matched; + } + + @Override + public String[] stringSplit(String source, String split, int iterator) { + String[] result = null; + for (int i = 0x0; i < iterator; i++) { + for (int j = 0x0; j < INNER_MAX_ITERATOR; j++) { + result = source.split(split); + } + } + return result; + } +} diff --git a/benchmark/string/enclave/src/main/resources/META-INF/native-image/jni-config.json b/benchmark/string/enclave/src/main/resources/META-INF/native-image/jni-config.json new file mode 100644 index 0000000..0d4f101 --- /dev/null +++ b/benchmark/string/enclave/src/main/resources/META-INF/native-image/jni-config.json @@ -0,0 +1,2 @@ +[ +] diff --git a/benchmark/string/enclave/src/main/resources/META-INF/native-image/proxy-config.json b/benchmark/string/enclave/src/main/resources/META-INF/native-image/proxy-config.json new file mode 100644 index 0000000..0d4f101 --- /dev/null +++ b/benchmark/string/enclave/src/main/resources/META-INF/native-image/proxy-config.json @@ -0,0 +1,2 @@ +[ +] diff --git a/benchmark/string/enclave/src/main/resources/META-INF/native-image/reflect-config.json b/benchmark/string/enclave/src/main/resources/META-INF/native-image/reflect-config.json new file mode 100644 index 0000000..32960f8 --- /dev/null +++ b/benchmark/string/enclave/src/main/resources/META-INF/native-image/reflect-config.json @@ -0,0 +1,2 @@ +[ +] \ No newline at end of file diff --git a/benchmark/string/enclave/src/main/resources/META-INF/native-image/resource-config.json b/benchmark/string/enclave/src/main/resources/META-INF/native-image/resource-config.json new file mode 100644 index 0000000..791ea0f --- /dev/null +++ b/benchmark/string/enclave/src/main/resources/META-INF/native-image/resource-config.json @@ -0,0 +1,5 @@ +{ + "resources":{ + "includes":[]}, + "bundles":[] +} diff --git a/benchmark/string/enclave/src/main/resources/META-INF/native-image/serialization-config.json b/benchmark/string/enclave/src/main/resources/META-INF/native-image/serialization-config.json new file mode 100644 index 0000000..0d4f101 --- /dev/null +++ b/benchmark/string/enclave/src/main/resources/META-INF/native-image/serialization-config.json @@ -0,0 +1,2 @@ +[ +] diff --git a/benchmark/string/enclave/src/main/resources/embedded_libos_enclave.json b/benchmark/string/enclave/src/main/resources/embedded_libos_enclave.json new file mode 100644 index 0000000..add95b2 --- /dev/null +++ b/benchmark/string/enclave/src/main/resources/embedded_libos_enclave.json @@ -0,0 +1,11 @@ +{ + "debuggable": true, + "agent_http_handler_thread_pool_size": 6, + "enclave_startup_duration_ms": 60000, + "kernel_space_heap_size": "32MB", + "user_space_size": "1200MB", + "default_mmap_size": "800MB", + "max_num_of_threads": 48, + "log_level": "off", + "enclave_jvm_args": ["-XX:-UseCompressedOops", "-Xmx512m", "-Dos.name=Linux"] +} \ No newline at end of file diff --git a/benchmark/string/enclave/src/main/resources/tee_sdk_svm.conf b/benchmark/string/enclave/src/main/resources/tee_sdk_svm.conf new file mode 100644 index 0000000..6e39049 --- /dev/null +++ b/benchmark/string/enclave/src/main/resources/tee_sdk_svm.conf @@ -0,0 +1,12 @@ +<!-- Please refer to User's Guide for the explanation of each field --> +<EnclaveConfiguration> + <ProdID>0</ProdID> + <ISVSVN>0</ISVSVN> + <StackMaxSize>0x101000</StackMaxSize> + <HeapMaxSize>0x30000000</HeapMaxSize> + <TCSNum>10</TCSNum> + <TCSPolicy>1</TCSPolicy> + <DisableDebug>0</DisableDebug> + <MiscSelect>0</MiscSelect> + <MiscMask>0xFFFFFFFF</MiscMask> +</EnclaveConfiguration> \ No newline at end of file diff --git a/benchmark/string/host/pom.xml b/benchmark/string/host/pom.xml new file mode 100644 index 0000000..124618b --- /dev/null +++ b/benchmark/string/host/pom.xml @@ -0,0 +1,128 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <parent> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <artifactId>string</artifactId> + <version>1.0-SNAPSHOT</version> + </parent> + <artifactId>host</artifactId> + <packaging>jar</packaging> + <name>host</name> + <url>http://maven.apache.org</url> + <build> + <resources> + <resource> + <directory>${project.basedir}/../enclave/target/svm-output</directory> + <includes> + <include>**/*.so</include> + <include>**/*.signed</include> + <include>**/*.tgz</include> + </includes> + </resource> + <resource> + <directory>${project.basedir}/../enclave/src/main/resources</directory> + <includes> + <include>**/embedded_libos_enclave.json</include> + <include>**/tee_sdk_svm.conf</include> + </includes> + </resource> + </resources> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>3.0.0</version> + <configuration> + <attach>true</attach> + </configuration> + <executions> + <execution> + <phase>compile</phase> + <goals> + <goal>jar</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>3.0.0-M5</version> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-assembly-plugin</artifactId> + <version>3.3.0</version> + <configuration> + <descriptorRefs> + <descriptorRef>jar-with-dependencies</descriptorRef> + </descriptorRefs> + </configuration> + <executions> + <execution> + <id>make-assembly</id> + <phase>package</phase> + <goals> + <goal>single</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>host</artifactId> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <artifactId>common</artifactId> + </dependency> + <dependency> + <groupId>org.openjdk.jmh</groupId> + <artifactId>jmh-core</artifactId> + </dependency> + <dependency> + <groupId>org.openjdk.jmh</groupId> + <artifactId>jmh-generator-annprocess</artifactId> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service-annotations</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-api</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit-pioneer</groupId> + <artifactId>junit-pioneer</artifactId> + <scope>test</scope> + </dependency> + </dependencies> +</project> \ No newline at end of file diff --git a/benchmark/string/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/host/StringBenchMark.java b/benchmark/string/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/host/StringBenchMark.java new file mode 100644 index 0000000..8455724 --- /dev/null +++ b/benchmark/string/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/host/StringBenchMark.java @@ -0,0 +1,158 @@ +package com.alibaba.confidentialcomputing.benchmark.string.host; + +import com.alibaba.confidentialcomputing.benchmark.string.common.StringOperationMetric; +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import org.openjdk.jmh.annotations.*; +import org.openjdk.jmh.results.format.ResultFormatType; +import org.openjdk.jmh.runner.Runner; +import org.openjdk.jmh.runner.RunnerException; +import org.openjdk.jmh.runner.options.Options; +import org.openjdk.jmh.runner.options.OptionsBuilder; + +import java.util.concurrent.TimeUnit; + +@BenchmarkMode(Mode.AverageTime) +@Warmup(iterations = 3, time = 1) +@Measurement(iterations = 4, time = 2) +@Threads(8) +@Fork(1) +@State(value = Scope.Benchmark) +@OutputTimeUnit(TimeUnit.MILLISECONDS) +public class StringBenchMark { + @Param(value = {"5"}) + private int iterator; + + @State(Scope.Benchmark) + public static class MockJVMEnclave { + private Enclave enclave = null; + private StringOperationMetric service = null; + + @Setup(Level.Trial) + public void createEnclave() throws Exception { + enclave = EnclaveFactory.create(EnclaveType.MOCK_IN_JVM); + service = enclave.load(StringOperationMetric.class).next(); + } + + public StringOperationMetric getServiceInstance() { + return this.service; + } + } + + @State(Scope.Benchmark) + public static class MockSVMEnclave { + private Enclave enclave = null; + private StringOperationMetric service = null; + + @Setup(Level.Trial) + public void createEnclave() throws Exception { + enclave = EnclaveFactory.create(EnclaveType.MOCK_IN_SVM); + service = enclave.load(StringOperationMetric.class).next(); + } + + public StringOperationMetric getServiceInstance() { + return this.service; + } + } + + @State(Scope.Benchmark) + public static class TeeSDKEnclave { + private Enclave enclave = null; + private StringOperationMetric service = null; + + @Setup(Level.Trial) + public void createEnclave() throws Exception { + enclave = EnclaveFactory.create(EnclaveType.TEE_SDK); + service = enclave.load(StringOperationMetric.class).next(); + } + + public StringOperationMetric getServiceInstance() { + return this.service; + } + } + + @State(Scope.Benchmark) + public static class EmbeddedLibOSEnclave { + private Enclave enclave = null; + private StringOperationMetric service = null; + + @Setup(Level.Trial) + public void createEnclave() throws Exception { + enclave = EnclaveFactory.create(EnclaveType.EMBEDDED_LIB_OS); + service = enclave.load(StringOperationMetric.class).next(); + } + + public StringOperationMetric getServiceInstance() { + return this.service; + } + } + + @Benchmark + public void stringRegexMockJVMBenchMark(MockJVMEnclave enclave) { + enclave.getServiceInstance().stringRegex("[email protected]", "^[\\w._]+@\\w+\\.[a-zA-Z]+$", iterator); + } + + @Benchmark + public void stringRegexMockSVMBenchMark(MockSVMEnclave enclave) { + enclave.getServiceInstance().stringRegex("[email protected]", "^[\\w._]+@\\w+\\.[a-zA-Z]+$", iterator); + } + + @Benchmark + public void stringRegexTeeSDKBenchMark(TeeSDKEnclave enclave) { + enclave.getServiceInstance().stringRegex("[email protected]", "^[\\w._]+@\\w+\\.[a-zA-Z]+$", iterator); + } + + @Benchmark + public void stringRegexEmbeddedLibOSBenchMark(EmbeddedLibOSEnclave enclave) { + enclave.getServiceInstance().stringRegex("[email protected]", "^[\\w._]+@\\w+\\.[a-zA-Z]+$", iterator); + } + + @Benchmark + public void stringConcatMockJVMBenchMark(MockJVMEnclave enclave) { + enclave.getServiceInstance().stringConcat("Hello World!", "abc", iterator); + } + + @Benchmark + public void stringConcatMockSVMBenchMark(MockSVMEnclave enclave) { + enclave.getServiceInstance().stringConcat("Hello World!", "abc", iterator); + } + + @Benchmark + public void stringConcatTeeSDKBenchMark(TeeSDKEnclave enclave) { + enclave.getServiceInstance().stringConcat("Hello World!", "abc", iterator); + } + + @Benchmark + public void stringConcatEmbeddedLibOSBenchMark(EmbeddedLibOSEnclave enclave) { + enclave.getServiceInstance().stringConcat("Hello World!", "abc", iterator); + } + + @Benchmark + public void stringSplitMockJVMBenchMark(MockJVMEnclave enclave) { + enclave.getServiceInstance().stringSplit("word1, word2 word3@word4?word5.word6", "[, ?.@]+", iterator); + } + + @Benchmark + public void stringSplitMockSVMBenchMark(MockSVMEnclave enclave) { + enclave.getServiceInstance().stringSplit("word1, word2 word3@word4?word5.word6", "[, ?.@]+", iterator); + } + + @Benchmark + public void stringSplitTeeSDKBenchMark(TeeSDKEnclave enclave) { + enclave.getServiceInstance().stringSplit("word1, word2 word3@word4?word5.word6", "[, ?.@]+", iterator); + } + + @Benchmark + public void stringSplitEmbeddedLibOSBenchMark(EmbeddedLibOSEnclave enclave) { + enclave.getServiceInstance().stringSplit("word1, word2 word3@word4?word5.word6", "[, ?.@]+", iterator); + } + + public static void main(String[] args) throws RunnerException { + Options opt = new OptionsBuilder() + .include(StringBenchMark.class.getSimpleName()) + .result("string_benchmark.json") + .resultFormat(ResultFormatType.JSON).build(); + new Runner(opt).run(); + } +} diff --git a/benchmark/string/pom.xml b/benchmark/string/pom.xml new file mode 100644 index 0000000..4c96a84 --- /dev/null +++ b/benchmark/string/pom.xml @@ -0,0 +1,97 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <artifactId>string</artifactId> + <packaging>pom</packaging> + <version>1.0-SNAPSHOT</version> + <name>string</name> + <url>http://maven.apache.org</url> + <properties> + <jmh.version>1.35</jmh.version> + <maven.compiler.source>11</maven.compiler.source> + <maven.compiler.target>11</maven.compiler.target> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + <com.alibaba.enclave.platform>MOCK_IN_SVM:TEE_SDK:EMBEDDED_LIB_OS</com.alibaba.enclave.platform> + </properties> + <dependencyManagement> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>common</artifactId> + <version>0.1.0</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>enclave</artifactId> + <version>0.1.0</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>host</artifactId> + <version>0.1.0</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <artifactId>common</artifactId> + <version>1.0-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <artifactId>enclave</artifactId> + <version>1.0-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.benchmark</groupId> + <artifactId>host</artifactId> + <version>1.0-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>org.openjdk.jmh</groupId> + <artifactId>jmh-core</artifactId> + <version>${jmh.version}</version> + </dependency> + <dependency> + <groupId>org.openjdk.jmh</groupId> + <artifactId>jmh-generator-annprocess</artifactId> + <version>${jmh.version}</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-api</artifactId> + <version>5.7.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-engine</artifactId> + <version>1.8.2</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-launcher</artifactId> + <version>1.8.2</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-engine</artifactId> + <version>5.6.2</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit-pioneer</groupId> + <artifactId>junit-pioneer</artifactId> + <version>1.5.0</version> + <scope>test</scope> + </dependency> + </dependencies> + </dependencyManagement> + <modules> + <module>common</module> + <module>enclave</module> + <module>host</module> + </modules> +</project> \ No newline at end of file diff --git a/benchmark/string/run.sh b/benchmark/string/run.sh new file mode 100755 index 0000000..346419d --- /dev/null +++ b/benchmark/string/run.sh @@ -0,0 +1,5 @@ +#/bin/bash + +mvn --settings /root/tools/settings.xml -Pnative clean package + +java -cp host/target/host-1.0-SNAPSHOT-jar-with-dependencies.jar:enclave/target/enclave-1.0-SNAPSHOT-jar-with-dependencies.jar com.alibaba.confidentialcomputing.benchmark.string.host.StringBenchMark diff --git a/samples/springboot/common/pom.xml b/samples/springboot/common/pom.xml new file mode 100644 index 0000000..dbe2562 --- /dev/null +++ b/samples/springboot/common/pom.xml @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <parent> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <artifactId>springboot</artifactId> + <version>1.0-SNAPSHOT</version> + </parent> + <artifactId>common</artifactId> + <packaging>jar</packaging> + <name>common</name> + <url>http://maven.apache.org</url> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>3.0.0</version> + <configuration> + <attach>true</attach> + </configuration> + <executions> + <execution> + <phase>compile</phase> + <goals> + <goal>jar</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>3.0.0-M5</version> + </plugin> + </plugins> + </build> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>common</artifactId> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service-annotations</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + </dependencies> +</project> \ No newline at end of file diff --git a/samples/springboot/common/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/common/SBEnclaveService.java b/samples/springboot/common/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/common/SBEnclaveService.java new file mode 100644 index 0000000..86d5749 --- /dev/null +++ b/samples/springboot/common/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/common/SBEnclaveService.java @@ -0,0 +1,11 @@ +package com.alibaba.confidentialcomputing.samples.springboot.common; + +import com.alibaba.confidentialcomputing.common.annotations.EnclaveService; + +@EnclaveService +public interface SBEnclaveService { + // calculate giving data's digest. + String digestData(String data); + // encrypt and decrypt giving string. + String encryptAndDecryptData(String data); +} diff --git a/samples/springboot/enclave/pom.xml b/samples/springboot/enclave/pom.xml new file mode 100644 index 0000000..6a8ea86 --- /dev/null +++ b/samples/springboot/enclave/pom.xml @@ -0,0 +1,208 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; + xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <parent> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <artifactId>springboot</artifactId> + <version>1.0-SNAPSHOT</version> + </parent> + <artifactId>enclave</artifactId> + <packaging>jar</packaging> + <name>enclave</name> + <url>http://maven.apache.org</url> + <properties> + <svm.maven.version>0.9.13</svm.maven.version> + <com.alibaba.enclave.privatePem.path></com.alibaba.enclave.privatePem.path> + </properties> + <profiles> + <profile> + <id>native</id> + <build> + <plugins> + <plugin> + <groupId>org.graalvm.buildtools</groupId> + <artifactId>native-maven-plugin</artifactId> + <version>${svm.maven.version}</version> + <extensions>true</extensions> + <executions> + <execution> + <id>test-native</id> + <goals> + <goal>test</goal> + </goals> + <configuration> + <buildArgs> + <buildArg>--no-fallback</buildArg> + </buildArgs> + </configuration> + <phase>test</phase> + </execution> + <execution> + <id>build-native</id> + <goals> + <goal>build</goal> + </goals> + <configuration> + <imageName>lib_mock_svm_load</imageName> + <buildArgs> + <buildArg>--shared</buildArg> + <buildArg>--no-fallback</buildArg> + <buildArg>-H:Path=svm-output</buildArg> + </buildArgs> + </configuration> + <phase>package</phase> + </execution> + <execution> + <id>build-native-tee</id> + <goals> + <goal>build</goal> + </goals> + <configuration> + <imageName>lib_tee_sdk_svm_load</imageName> + <buildArgs> + <buildArg>--shared</buildArg> + <buildArg>--no-fallback</buildArg> + <buildArg>-H:-AllowVMInternalThreads</buildArg> + <buildArg>-H:+RunInEnclave</buildArg> + <buildArg>-H:Path=svm-output</buildArg> + </buildArgs> + </configuration> + <phase>package</phase> + </execution> + </executions> + <configuration> + <agent> + <enabled>true</enabled> + </agent> + </configuration> + </plugin> + <plugin> + <artifactId>exec-maven-plugin</artifactId> + <groupId>org.codehaus.mojo</groupId> + <executions> + <execution> + <id>ApplicationNativeCompile</id> + <phase>package</phase> + <goals> + <goal>exec</goal> + </goals> + <configuration> + <executable>bash</executable> + <arguments> + <argument>/opt/javaenclave/build_app/make.sh</argument> + <argument>${project.basedir}</argument> + <argument>${com.alibaba.enclave.platform}</argument> + <argument>${com.alibaba.enclave.privatePem.path}</argument> + </arguments> + </configuration> + </execution> + </executions> + </plugin> + </plugins> + </build> + </profile> + </profiles> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>3.0.0</version> + <configuration> + <attach>true</attach> + </configuration> + <executions> + <execution> + <phase>compile</phase> + <goals> + <goal>jar</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-assembly-plugin</artifactId> + <version>3.3.0</version> + <configuration> + <descriptorRefs> + <descriptorRef>jar-with-dependencies</descriptorRef> + </descriptorRefs> + </configuration> + <executions> + <execution> + <id>make-assembly</id> + <phase>package</phase> + <goals> + <goal>single</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>3.0.0-M5</version> + </plugin> + </plugins> + </build> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>enclave</artifactId> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <artifactId>common</artifactId> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>bouncycastle-native</artifactId> + </dependency> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service-annotations</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-api</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-launcher</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit-pioneer</groupId> + <artifactId>junit-pioneer</artifactId> + <scope>test</scope> + </dependency> + </dependencies> +</project> \ No newline at end of file diff --git a/samples/springboot/enclave/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/enclave/EnclaveServiceImpl.java b/samples/springboot/enclave/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/enclave/EnclaveServiceImpl.java new file mode 100644 index 0000000..95ae4e7 --- /dev/null +++ b/samples/springboot/enclave/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/enclave/EnclaveServiceImpl.java @@ -0,0 +1,102 @@ +package com.alibaba.confidentialcomputing.samples.springboot.enclave; + +import com.alibaba.confidentialcomputing.samples.springboot.common.SBEnclaveService; +import com.google.auto.service.AutoService; +import org.bouncycastle.asn1.gm.GMNamedCurves; +import org.bouncycastle.asn1.x9.X9ECParameters; +import org.bouncycastle.crypto.Digest; +import org.bouncycastle.crypto.digests.SM3Digest; +import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey; +import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey; +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.jce.spec.ECParameterSpec; +import org.bouncycastle.jce.spec.ECPrivateKeySpec; +import org.bouncycastle.jce.spec.ECPublicKeySpec; +import org.bouncycastle.math.ec.ECPoint; +import org.bouncycastle.util.encoders.Hex; + +import javax.crypto.Cipher; +import java.math.BigInteger; +import java.security.*; +import java.security.spec.ECGenParameterSpec; +import java.util.Base64; + +@AutoService(SBEnclaveService.class) +public class EnclaveServiceImpl implements SBEnclaveService { + private BouncyCastleProvider provider; + private ECParameterSpec ecParameterSpec; + private KeyFactory keyFactory; + private String publicKey; + private String privateKey; + + public EnclaveServiceImpl() { + try { + provider = (BouncyCastleProvider) Security.getProvider("BC"); + if (provider == null) { + provider = new BouncyCastleProvider(); + } + X9ECParameters parameters = GMNamedCurves.getByName("sm2p256v1"); + ecParameterSpec = new ECParameterSpec(parameters.getCurve(), parameters.getG(), parameters.getN(), parameters.getH()); + keyFactory = KeyFactory.getInstance("EC", provider); + generateSm2KeyPair(); + } catch (Exception e) { + e.printStackTrace(); + } + } + + private void generateSm2KeyPair() throws Exception { + final ECGenParameterSpec sm2Spec = new ECGenParameterSpec("sm2p256v1"); + final KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", provider); + SecureRandom random = new SecureRandom(); + kpg.initialize(sm2Spec, random); + KeyPair keyPair = kpg.generateKeyPair(); + BCECPrivateKey privateKey = (BCECPrivateKey) keyPair.getPrivate(); + BCECPublicKey publicKey = (BCECPublicKey) keyPair.getPublic(); + this.publicKey = new String(Hex.encode(publicKey.getQ().getEncoded(true))); + this.privateKey = privateKey.getD().toString(16); + } + + private String encode(String input, String pubKey) { + try { + X9ECParameters parameters = GMNamedCurves.getByName("sm2p256v1"); + ECParameterSpec ecParameterSpec = new ECParameterSpec(parameters.getCurve(), parameters.getG(), parameters.getN(), parameters.getH()); + ECPoint ecPoint = parameters.getCurve().decodePoint(Hex.decode(pubKey)); + KeyFactory keyFactory = KeyFactory.getInstance("EC", provider); + BCECPublicKey key = (BCECPublicKey) keyFactory.generatePublic(new ECPublicKeySpec(ecPoint, ecParameterSpec)); + Cipher cipher = Cipher.getInstance("SM2", provider); + cipher.init(Cipher.ENCRYPT_MODE, key); + return Base64.getEncoder().encodeToString(cipher.doFinal(input.getBytes())); + } catch (Exception e) { + e.printStackTrace(); + } + return null; + } + + private byte[] decoder(String input, String prvKey) { + try { + Cipher cipher = Cipher.getInstance("SM2", provider); + BigInteger bigInteger = new BigInteger(prvKey, 16); + BCECPrivateKey privateKey = (BCECPrivateKey) keyFactory.generatePrivate(new ECPrivateKeySpec(bigInteger, ecParameterSpec)); + cipher.init(Cipher.DECRYPT_MODE, privateKey); + return cipher.doFinal(Base64.getDecoder().decode(input)); + } catch (Exception e) { + e.printStackTrace(); + } + return null; + } + + @Override + public String digestData(String data) { + byte[] messages = data.getBytes(); + Digest md = new SM3Digest(); + md.update(messages, 0, messages.length); + byte[] digest = new byte[md.getDigestSize()]; + md.doFinal(digest, 0); + return new String(digest); + } + + @Override + public String encryptAndDecryptData(String data) { + return new String(decoder(encode(data, publicKey), privateKey)); + } +} diff --git a/samples/springboot/enclave/src/main/resources/META-INF/native-image/jni-config.json b/samples/springboot/enclave/src/main/resources/META-INF/native-image/jni-config.json new file mode 100644 index 0000000..0d4f101 --- /dev/null +++ b/samples/springboot/enclave/src/main/resources/META-INF/native-image/jni-config.json @@ -0,0 +1,2 @@ +[ +] diff --git a/samples/springboot/enclave/src/main/resources/META-INF/native-image/proxy-config.json b/samples/springboot/enclave/src/main/resources/META-INF/native-image/proxy-config.json new file mode 100644 index 0000000..0d4f101 --- /dev/null +++ b/samples/springboot/enclave/src/main/resources/META-INF/native-image/proxy-config.json @@ -0,0 +1,2 @@ +[ +] diff --git a/samples/springboot/enclave/src/main/resources/META-INF/native-image/reflect-config.json b/samples/springboot/enclave/src/main/resources/META-INF/native-image/reflect-config.json new file mode 100644 index 0000000..32960f8 --- /dev/null +++ b/samples/springboot/enclave/src/main/resources/META-INF/native-image/reflect-config.json @@ -0,0 +1,2 @@ +[ +] \ No newline at end of file diff --git a/samples/springboot/enclave/src/main/resources/META-INF/native-image/resource-config.json b/samples/springboot/enclave/src/main/resources/META-INF/native-image/resource-config.json new file mode 100644 index 0000000..791ea0f --- /dev/null +++ b/samples/springboot/enclave/src/main/resources/META-INF/native-image/resource-config.json @@ -0,0 +1,5 @@ +{ + "resources":{ + "includes":[]}, + "bundles":[] +} diff --git a/samples/springboot/enclave/src/main/resources/META-INF/native-image/serialization-config.json b/samples/springboot/enclave/src/main/resources/META-INF/native-image/serialization-config.json new file mode 100644 index 0000000..0d4f101 --- /dev/null +++ b/samples/springboot/enclave/src/main/resources/META-INF/native-image/serialization-config.json @@ -0,0 +1,2 @@ +[ +] diff --git a/samples/springboot/enclave/src/main/resources/embedded_libos_enclave.json b/samples/springboot/enclave/src/main/resources/embedded_libos_enclave.json new file mode 100644 index 0000000..add95b2 --- /dev/null +++ b/samples/springboot/enclave/src/main/resources/embedded_libos_enclave.json @@ -0,0 +1,11 @@ +{ + "debuggable": true, + "agent_http_handler_thread_pool_size": 6, + "enclave_startup_duration_ms": 60000, + "kernel_space_heap_size": "32MB", + "user_space_size": "1200MB", + "default_mmap_size": "800MB", + "max_num_of_threads": 48, + "log_level": "off", + "enclave_jvm_args": ["-XX:-UseCompressedOops", "-Xmx512m", "-Dos.name=Linux"] +} \ No newline at end of file diff --git a/samples/springboot/enclave/src/main/resources/tee_sdk_svm.conf b/samples/springboot/enclave/src/main/resources/tee_sdk_svm.conf new file mode 100644 index 0000000..5ff1791 --- /dev/null +++ b/samples/springboot/enclave/src/main/resources/tee_sdk_svm.conf @@ -0,0 +1,12 @@ +<!-- Please refer to User's Guide for the explanation of each field --> +<EnclaveConfiguration> + <ProdID>0</ProdID> + <ISVSVN>0</ISVSVN> + <StackMaxSize>0x101000</StackMaxSize> + <HeapMaxSize>0x60000000</HeapMaxSize> + <TCSNum>10</TCSNum> + <TCSPolicy>1</TCSPolicy> + <DisableDebug>0</DisableDebug> + <MiscSelect>0</MiscSelect> + <MiscMask>0xFFFFFFFF</MiscMask> +</EnclaveConfiguration> \ No newline at end of file diff --git a/samples/springboot/host/pom.xml b/samples/springboot/host/pom.xml new file mode 100644 index 0000000..0f2507e --- /dev/null +++ b/samples/springboot/host/pom.xml @@ -0,0 +1,131 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <parent> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <artifactId>springboot</artifactId> + <version>1.0-SNAPSHOT</version> + </parent> + <artifactId>host</artifactId> + <packaging>jar</packaging> + <name>host</name> + <url>http://maven.apache.org</url> + <build> + <resources> + <resource> + <directory>${project.basedir}/../enclave/target/svm-output</directory> + <includes> + <include>**/*.so</include> + <include>**/*.signed</include> + <include>**/*.tgz</include> + </includes> + </resource> + <resource> + <directory>${project.basedir}/../enclave/src/main/resources</directory> + <includes> + <include>**/embedded_libos_enclave.json</include> + <include>**/tee_sdk_svm.conf</include> + </includes> + </resource> + </resources> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-source-plugin</artifactId> + <version>3.0.0</version> + <configuration> + <attach>true</attach> + </configuration> + <executions> + <execution> + <phase>compile</phase> + <goals> + <goal>jar</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>3.0.0-M5</version> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-assembly-plugin</artifactId> + <version>3.3.0</version> + <configuration> + <descriptorRefs> + <descriptorRef>jar-with-dependencies</descriptorRef> + </descriptorRefs> + </configuration> + <executions> + <execution> + <id>make-assembly</id> + <phase>package</phase> + <goals> + <goal>single</goal> + </goals> + </execution> + </executions> + </plugin> + <plugin> + <groupId>org.springframework.boot</groupId> + <artifactId>spring-boot-maven-plugin</artifactId> + </plugin> + </plugins> + </build> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>host</artifactId> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <artifactId>common</artifactId> + </dependency> + <dependency> + <groupId>org.springframework.boot</groupId> + <artifactId>spring-boot-starter-web</artifactId> + </dependency> + <dependency> + <groupId>org.springframework.boot</groupId> + <artifactId>spring-boot-starter-thymeleaf</artifactId> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service-annotations</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>com.google.auto.service</groupId> + <artifactId>auto-service</artifactId> + <version>1.0-rc6</version> + <optional>true</optional> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-api</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-engine</artifactId> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit-pioneer</groupId> + <artifactId>junit-pioneer</artifactId> + <scope>test</scope> + </dependency> + </dependencies> +</project> \ No newline at end of file diff --git a/samples/springboot/host/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/host/Application.java b/samples/springboot/host/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/host/Application.java new file mode 100644 index 0000000..d817c6f --- /dev/null +++ b/samples/springboot/host/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/host/Application.java @@ -0,0 +1,25 @@ +package com.alibaba.confidentialcomputing.samples.springboot.host; + +import java.util.Arrays; + +import org.springframework.boot.CommandLineRunner; +import org.springframework.boot.SpringApplication; +import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.context.ApplicationContext; +import org.springframework.context.annotation.Bean; + +@SpringBootApplication +public class Application { + + public static void main(String[] args) { + SpringApplication.run(Application.class, args); + } + + @Bean + public CommandLineRunner commandLineRunner(ApplicationContext ctx) { + return args -> { + String[] beanNames = ctx.getBeanDefinitionNames(); + Arrays.sort(beanNames); + }; + } +} diff --git a/samples/springboot/host/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/host/EnclaveDigestController.java b/samples/springboot/host/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/host/EnclaveDigestController.java new file mode 100644 index 0000000..0fd1aff --- /dev/null +++ b/samples/springboot/host/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/host/EnclaveDigestController.java @@ -0,0 +1,27 @@ +package com.alibaba.confidentialcomputing.samples.springboot.host; + +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import com.alibaba.confidentialcomputing.samples.springboot.common.SBEnclaveService; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import java.util.Iterator; + +@RestController +public class EnclaveDigestController { + @RequestMapping("/enclaveDigestService") + public String enclaveDigestService(String data) { + try { + Enclave enclave = EnclaveFactory.create(EnclaveType.TEE_SDK); + Iterator<SBEnclaveService> services = enclave.load(SBEnclaveService.class); + String result = services.next().digestData(data); + enclave.destroy(); + return result; + } catch (Exception e) { + e.printStackTrace(); + } + return null; + } +} \ No newline at end of file diff --git a/samples/springboot/host/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/host/EnclaveEncDecController.java b/samples/springboot/host/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/host/EnclaveEncDecController.java new file mode 100644 index 0000000..4690595 --- /dev/null +++ b/samples/springboot/host/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/host/EnclaveEncDecController.java @@ -0,0 +1,27 @@ +package com.alibaba.confidentialcomputing.samples.springboot.host; + +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import com.alibaba.confidentialcomputing.samples.springboot.common.SBEnclaveService; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RestController; + +import java.util.Iterator; + +@RestController +public class EnclaveEncDecController { + @RequestMapping("/enclaveEncDecService") + public String enclaveEncDecService(String data) { + try { + Enclave enclave = EnclaveFactory.create(EnclaveType.TEE_SDK); + Iterator<SBEnclaveService> services = enclave.load(SBEnclaveService.class); + String result = services.next().encryptAndDecryptData(data); + enclave.destroy(); + return result; + } catch (Exception e) { + e.printStackTrace(); + } + return null; + } +} diff --git a/samples/springboot/pom.xml b/samples/springboot/pom.xml new file mode 100644 index 0000000..7ed2109 --- /dev/null +++ b/samples/springboot/pom.xml @@ -0,0 +1,101 @@ +<?xml version="1.0" encoding="UTF-8"?> +<project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> + <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.springframework.boot</groupId> + <artifactId>spring-boot-starter-parent</artifactId> + <version>2.7.0</version> + <relativePath/> + </parent> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <artifactId>springboot</artifactId> + <packaging>pom</packaging> + <version>1.0-SNAPSHOT</version> + <name>springboot</name> + <url>http://maven.apache.org</url> + <properties> + <maven.compiler.source>11</maven.compiler.source> + <maven.compiler.target>11</maven.compiler.target> + <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> + <com.alibaba.enclave.platform>MOCK_IN_SVM:TEE_SDK:EMBEDDED_LIB_OS</com.alibaba.enclave.platform> + </properties> + <dependencyManagement> + <dependencies> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>common</artifactId> + <version>0.1.0</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>enclave</artifactId> + <version>0.1.0</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>host</artifactId> + <version>0.1.0</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <artifactId>common</artifactId> + <version>1.0-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <artifactId>enclave</artifactId> + <version>1.0-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing.samples</groupId> + <artifactId>host</artifactId> + <version>1.0-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>com.alibaba.confidentialcomputing</groupId> + <artifactId>bouncycastle-native</artifactId> + <version>1.0-SNAPSHOT</version> + </dependency> + <dependency> + <groupId>org.bouncycastle</groupId> + <artifactId>bcprov-jdk15on</artifactId> + <version>1.66</version> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-api</artifactId> + <version>5.7.1</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-engine</artifactId> + <version>1.8.2</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.platform</groupId> + <artifactId>junit-platform-launcher</artifactId> + <version>1.8.2</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit.jupiter</groupId> + <artifactId>junit-jupiter-engine</artifactId> + <version>5.6.2</version> + <scope>test</scope> + </dependency> + <dependency> + <groupId>org.junit-pioneer</groupId> + <artifactId>junit-pioneer</artifactId> + <version>1.5.0</version> + <scope>test</scope> + </dependency> + </dependencies> + </dependencyManagement> + <modules> + <module>common</module> + <module>enclave</module> + <module>host</module> + </modules> +</project> \ No newline at end of file diff --git a/samples/springboot/run.sh b/samples/springboot/run.sh new file mode 100755 index 0000000..b8034ae --- /dev/null +++ b/samples/springboot/run.sh @@ -0,0 +1,20 @@ +#!/bin/bash + +# step1: build springboot application service. +mvn --settings /root/tools/settings.xml -Pnative clean package + +# step2: startup springboot application service. +java -cp host/target/host-1.0-SNAPSHOT-jar-with-dependencies.jar:enclave/target/enclave-1.0-SNAPSHOT-jar-with-dependencies.jar com.alibaba.confidentialcomputing.samples.springboot.host.Application & +sleep 5 +# shellcheck disable=SC2006 +# shellcheck disable=SC2009 +PID=`ps -ef | grep "Application" | grep -v grep | awk '{print $2}'` + +# step3: encrypt and decrypt service. +wget http://localhost:8080/enclaveEncDecService?data=SELECT+TOP+50+PERCENT+*+FROM+Websites; + +# step4: digest service. +wget http://localhost:8080/enclaveDigestService?data=SELECT+TOP+50+PERCENT+*+FROM+Websites; + +# step5: kill springboot service. +kill -9 "$PID" \ No newline at end of file --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
