def __init__(self, user_id, user_password): self.user_id = user_id self.user_password = user_password self.client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print(f"[+] {self.user_id} registering user") self.client.user_register(self.user_id, self.user_password) print(f"[+] {self.user_id} login") token = self.client.user_login(self.user_id, self.user_password) self.client = FrontendService( FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": self.user_id, "token": token} self.client.metadata = metadata
class DataClient: def __init__(self, user_id, user_password): self.user_id = user_id self.user_password = user_password self.client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print(f"[+] {self.user_id} registering user") self.client.user_register(self.user_id, self.user_password) print(f"[+] {self.user_id} login") token = self.client.user_login(self.user_id, self.user_password) self.client = FrontendService( FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": self.user_id, "token": token} self.client.metadata = metadata def register_data(self, task_id, input_url, input_cmac, output_url, file_key, input_label, output_label): client = self.client print(f"[+] {self.user_id} registering input file") url = input_url cmac = input_cmac schema = "teaclave-file-128" key = file_key iv = [] input_id = client.register_input_file(url, schema, key, iv, cmac) print(f"[+] {self.user_id} registering output file") url = output_url schema = "teaclave-file-128" key = file_key iv = [] output_id = client.register_output_file(url, schema, key, iv) print(f"[+] {self.user_id} assigning data to task") client.assign_data_to_task(task_id, [DataList(input_label, input_id)], [DataList(output_label, output_id)]) def approve_task(self, task_id): client = self.client print(f"[+] {self.user_id} approving task") client.approve_task(task_id) def get_task_result(self, task_id): client = self.client print(f"[+] {self.user_id} getting task result") return bytes(client.get_task_result(task_id))
def get_client(user_id, user_password): auth_client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print("[+] registering user") auth_client.user_register(user_id, user_password) print("[+] login") token = auth_client.user_login(user_id, user_password) client = FrontendService(FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": user_id, "token": token} client.metadata = metadata return client
def detect_face(self, image_base64): client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print("[+] registering user") client.user_register(self.user_id, self.user_password) print("[+] login") token = client.user_login(self.user_id, self.user_password) client = FrontendService(FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": self.user_id, "token": token} client.metadata = metadata print("[+] registering function") function_id = client.register_function( name="builtin-face-detection", description="Native Face Detection Function", executor_type="builtin", inputs=[], arguments=[ "image_base64", "min_face_size", "score_thresh", "pyramid_scale_factor", "slide_window_step_x", "slide_window_step_y" ]) print("[+] creating task") task_id = client.create_task(function_id=function_id, function_arguments={ "image_base64": image_base64, "min_face_size": 20, "score_thresh": 2.0, "pyramid_scale_factor": 0.8, "slide_window_step_x": 4, "slide_window_step_y": 4 }, inputs_ownership=[], executor="builtin") print("[+] invoking task") client.invoke_task(task_id) print("[+] getting result") result = client.get_task_result(task_id) print("[+] done") return bytes(result)
def printf(self, message="Hello, Teaclave!"): print("AUTHENTICATION_SERVICE_ADDRESS = ", AUTHENTICATION_SERVICE_ADDRESS) print("AS_ROOT_CA_CERT_PATH = ", AS_ROOT_CA_CERT_PATH) print("ENCLAVE_INFO_PATH = ", ENCLAVE_INFO_PATH) client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print("[+] registering user") client.user_register(self.user_id, self.user_password) print("[+] login") token = client.user_login(self.user_id, self.user_password) client = FrontendService(FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": self.user_id, "token": token} client.metadata = metadata print("[+] registering function") function_id = client.register_function( name="builtin-printf", description="Native Printf Function", executor_type="builtin", arguments=["message"]) print("[+] creating task") task_id = client.create_task(function_id=function_id, function_arguments={"message": message}, executor="builtin") print("function_id = ", function_id) print("message = ", message) print("task_id = ", task_id) print("[+] invoking task") print("task_id = ", task_id) client.invoke_task(task_id) print("[+] getting result") print("task_id = ", task_id) result = client.get_task_result(task_id) print("[+] done") return bytes(result)
def echo(self, message="Hello, Teaclave!"): channel = AuthenticationService(AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect() client = AuthenticationClient(channel) print("[+] registering user") client.user_register(self.user_id, self.user_password) print("[+] login") token = client.user_login(self.user_id, self.user_password) channel = FrontendService(FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect() metadata = {"id": self.user_id, "token": token} client = FrontendClient(channel, metadata) print("[+] registering function") payload = b""" def entrypoint(argv): assert argv[0] == 'message' assert argv[1] is not None return argv[1] """ function_id = client.register_function( name="mesapy-echo", description="An echo function implemented in Python", executor_type="python", payload=list(payload), arguments=["message"]) print("[+] creating task") task_id = client.create_task(function_id=function_id, function_arguments={"message": message}, executor="mesapy") print("[+] invoking task") client.invoke_task(task_id) print("[+] getting result") result = client.get_task_result(task_id) print("[+] done") return bytes(result)
def decrypt(self, key, nonce, encrypted_data, algorithm): client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print("[+] registering user") client.user_register(self.user_id, self.user_password) print("[+] login") token = client.user_login(self.user_id, self.user_password) client = FrontendService(FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": self.user_id, "token": token} client.metadata = metadata print("[+] registering function") function_id = client.register_function( name="builtin_online_decrypt", description="Native Echo Function", executor_type="builtin", arguments=["key", "nonce", "encrypted_data", "algorithm"]) print("[+] creating task") task_id = client.create_task( function_id=function_id, function_arguments={ "key": dataToBase64(key), "nonce": dataToBase64(nonce), "encrypted_data": "CaZd8qSMMlBp8SjSXj2I4dQIuC9KkZ5DI/ATo1sWJw==", "algorithm": algorithm }, executor="builtin") print("[+] invoking task") client.invoke_task(task_id) print("[+] getting result") result = client.get_task_result(task_id) print("[+] done") return bytes(result)
def echo(self, payload_file="mesapy_echo_payload.py", message="Hello, Teaclave!"): client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print("[+] registering user") client.user_register(self.user_id, self.user_password) print("[+] login") token = client.user_login(self.user_id, self.user_password) client = FrontendService(FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": self.user_id, "token": token} client.metadata = metadata print("[+] registering function") with open(payload_file, "rb") as f: payload = f.read() function_id = client.register_function( name="mesapy-echo", description="An echo function implemented in Python", executor_type="python", payload=list(payload), arguments=["message"]) print("[+] creating task") task_id = client.create_task(function_id=function_id, function_arguments={"message": message}, executor="mesapy") print("[+] invoking task") client.invoke_task(task_id) print("[+] getting result") result = client.get_task_result(task_id) print("[+] done") return bytes(result)
def gbdt(self): client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print("[+] registering user") client.user_register(self.user_id, self.user_password) print("[+] login") token = client.user_login(self.user_id, self.user_password) client = FrontendService(FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": self.user_id, "token": token} client.metadata = metadata print("[+] registering function") function_id = client.register_function( name="builtin-gbdt-train", description="Native Gbdt Training Function", executor_type="builtin", arguments=[ "feature_size", "max_depth", "iterations", "shrinkage", "feature_sample_ratio", "data_sample_ratio", "min_leaf_size", "loss", "training_optimization_level" ], inputs=[ FunctionInput("training_data", "Input traning data file.") ], outputs=[FunctionOutput("trained_model", "Output trained model.")]) print("[+] registering input file") url = "http://localhost:6789/fixtures/functions/gbdt_training/train.enc" cmac = "881adca6b0524472da0a9d0bb02b9af9" schema = "teaclave-file-128" key = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0] iv = [] training_data_id = client.register_input_file(url, schema, key, iv, cmac) print("[+] registering output file") url = "http://localhost:6789/fixtures/functions/gbdt_training/e2e_output_model.enc" schema = "teaclave-file-128" key = [ 63, 195, 250, 208, 252, 127, 203, 27, 247, 168, 71, 77, 27, 47, 254, 240 ] iv = [] output_model_id = client.register_output_file(url, schema, key, iv) print("[+] creating task") task_id = client.create_task( function_id=function_id, function_arguments=({ "feature_size": 4, "max_depth": 4, "iterations": 100, "shrinkage": 0.1, "feature_sample_ratio": 1.0, "data_sample_ratio": 1.0, "min_leaf_size": 1, "loss": "LAD", "training_optimization_level": 2 }), executor="builtin", inputs_ownership=[OwnerList("training_data", [self.user_id])], outputs_ownership=[OwnerList("trained_model", [self.user_id])]) print("[+] assigning data to task") client.assign_data_to_task( task_id, [DataMap("training_data", training_data_id)], [DataMap("trained_model", output_model_id)]) print("[+] approving task") client.approve_task(task_id) print("[+] invoking task") client.invoke_task(task_id) print("[+] getting result") result = client.get_task_result(task_id) print("[+] done") return bytes(result)
class ConfigClient: def __init__(self, user_id, user_password): self.user_id = user_id self.user_password = user_password self.client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print(f"[+] {self.user_id} registering user") self.client.user_register(self.user_id, self.user_password) print(f"[+] {self.user_id} login") token = self.client.user_login(self.user_id, self.user_password) self.client = FrontendService( FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": self.user_id, "token": token} self.client.metadata = metadata def set_task(self): client = self.client print(f"[+] {self.user_id} registering function") function_id = client.register_function( name="builtin-private-join-and-compute", description="Native Private Join And Compute", executor_type="builtin", arguments=["num_user"], inputs=[ FunctionInput("input_data0", "Bank A data file."), FunctionInput("input_data1", "Bank B data file."), FunctionInput("input_data2", "Bank C data file.") ], outputs=[ FunctionOutput("output_data0", "Output data."), FunctionOutput("output_data1", "Output data."), FunctionOutput("output_data2", "Output date.") ]) print(f"[+] {self.user_id} creating task") task_id = client.create_task(function_id=function_id, function_arguments=({ "num_user": 3, }), executor="builtin", inputs_ownership=[ OwnerList("input_data0", [USER_DATA_0.user_id]), OwnerList("input_data1", [USER_DATA_1.user_id]), OwnerList("input_data2", [USER_DATA_2.user_id]) ], outputs_ownership=[ OwnerList("output_data0", [USER_DATA_0.user_id]), OwnerList("output_data1", [USER_DATA_1.user_id]), OwnerList("output_data2", [USER_DATA_2.user_id]) ]) return task_id def run_task(self, task_id): client = self.client client.approve_task(task_id) print(f"[+] {self.user_id} invoking task") client.invoke_task(task_id)
class Client: def __init__(self, user_id, user_password): self.user_id = user_id self.user_password = user_password self.client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print(f"[+] {self.user_id} registering user") self.client.user_register(self.user_id, self.user_password) print(f"[+] {self.user_id} login") token = self.client.user_login(self.user_id, self.user_password) self.client = FrontendService( FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": self.user_id, "token": token} self.client.metadata = metadata def set_task(self): client = self.client print(f"[+] {self.user_id} registering function") function_id = client.register_function( name="builtin-ordered-set-intersect", description="Native Private Set Intersection", executor_type="builtin", arguments=["order"], inputs=[ FunctionInput("input_data1", "Client 0 data."), FunctionInput("input_data2", "Client 1 data.") ], outputs=[ FunctionOutput("output_result1", "Output data."), FunctionOutput("output_result2", "Output data.") ]) print(f"[+] {self.user_id} creating task") task_id = client.create_task( function_id=function_id, function_arguments=({ "order": "ascending", # Order can be ascending or desending }), executor="builtin", inputs_ownership=[ OwnerList("input_data1", [USER_DATA_0.user_id]), OwnerList("input_data2", [USER_DATA_1.user_id]) ], outputs_ownership=[ OwnerList("output_result1", [USER_DATA_0.user_id]), OwnerList("output_result2", [USER_DATA_1.user_id]) ]) return task_id def run_task(self, task_id): client = self.client print(f"[+] {self.user_id} invoking task") client.invoke_task(task_id) def register_data(self, task_id, input_url, input_cmac, output_url, file_key, input_label, output_label): client = self.client print(f"[+] {self.user_id} registering input file") url = input_url cmac = input_cmac schema = "teaclave-file-128" key = file_key iv = [] input_id = client.register_input_file(url, schema, key, iv, cmac) print(f"[+] {self.user_id} registering output file") url = output_url schema = "teaclave-file-128" key = file_key iv = [] output_id = client.register_output_file(url, schema, key, iv) print(f"[+] {self.user_id} assigning data to task") client.assign_data_to_task(task_id, [DataList(input_label, input_id)], [DataList(output_label, output_id)]) def approve_task(self, task_id): client = self.client print(f"[+] {self.user_id} approving task") client.approve_task(task_id) def get_task_result(self, task_id): client = self.client print(f"[+] {self.user_id} getting task result") return bytes(client.get_task_result(task_id))
class ConfigClient: def __init__(self, user_id, user_password): self.user_id = user_id self.user_password = user_password self.client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print(f"[+] {self.user_id} registering user") self.client.user_register(self.user_id, self.user_password) print(f"[+] {self.user_id} login") token = self.client.user_login(self.user_id, self.user_password) self.client = FrontendService( FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": self.user_id, "token": token} self.client.metadata = metadata def set_single_party_task(self, functionname, payloadpath, args={}, inlabels=["input_data_0"], outlabels=["result_data_0"], ex=Executor.builtin): client = self.client print(f"[+] {self.user_id} registering function") p_str = "" if payloadpath != "": print(f"[+] {self.user_id} reading payload file") with open(payloadpath, "rb") as f: p_str = f.read() function_id = client.register_function( name=functionname, description="worker: %s" % functionname, executor_type=ex.name, arguments=list(args.keys()), payload=list(p_str), inputs=[ FunctionInput(label, "user input data file: %s" % label) for label in inlabels ], outputs=[ FunctionOutput(label, "user output file: %s" % label) for label in outlabels ]) print(f"[+] {self.user_id} creating task") task_id = client.create_task(function_id=function_id, executor=ex.value, function_arguments=(args), inputs_ownership=[ OwnerList(label, [self.user_id]) for label in inlabels ], outputs_ownership=[ OwnerList(label, [self.user_id]) for label in outlabels ]) return task_id def run_task(self, task_id): client = self.client client.approve_task(task_id) print(f"[+] {self.user_id} invoking task") client.invoke_task(task_id) def register_data(self, task_id, inputs: List[InputData], outputs: List[OutputData]): client = self.client print(f"[+] {self.user_id} registering input file") input_data_list = [] for da in inputs: url = da.input_url cmac = da.input_cmac schema = da.schema key = da.file_key iv = da.iv input_id = client.register_input_file(url, schema, key, iv, cmac) input_data_list.append(DataList(da.label, input_id)) print(f"[+] {self.user_id} registering output file") output_data_list = [] for out_data in outputs: out_url = out_data.output_url schema = out_data.schema key = out_data.file_key iv = out_data.iv output_id = client.register_output_file(out_url, schema, key, iv) output_data_list.append(DataList(out_data.label, output_id)) print(f"[+] {self.user_id} assigning data to task") client.assign_data_to_task(task_id, input_data_list, output_data_list) return True def approve_task(self, task_id): client = self.client print(f"[+] {self.user_id} approving task") client.approve_task(task_id) def get_task_result(self, task_id): client = self.client print(f"[+] {self.user_id} getting task result") return bytes(client.get_task_result(task_id)) def get_output_cmac_by_tag(self, task_id, tag): client = self.client print(f"[+] {self.user_id} getting task output") return client.get_output_cmac_by_tag(task_id, tag)
class Client: def __init__(self, user_id, user_password): self.user_id = user_id self.user_password = user_password self.client = AuthenticationService( AUTHENTICATION_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() print(f"[+] {self.user_id} registering user") self.client.user_register(self.user_id, self.user_password) print(f"[+] {self.user_id} login") token = self.client.user_login(self.user_id, self.user_password) self.client = FrontendService( FRONTEND_SERVICE_ADDRESS, AS_ROOT_CA_CERT_PATH, ENCLAVE_INFO_PATH).connect().get_client() metadata = {"id": self.user_id, "token": token} self.client.metadata = metadata def set_task(self): client = self.client print(f"[+] {self.user_id} registering function") function_id = client.register_function( name="builtin-password-check", description="Check whether a password is exposed.", executor_type="builtin", arguments=[], inputs=[ FunctionInput("password", "Client 0 data."), FunctionInput("exposed_passwords", "Client 1 data.") ], outputs=[]) print(f"[+] {self.user_id} creating task") task_id = client.create_task( function_id=function_id, function_arguments={}, executor="builtin", inputs_ownership=[ OwnerList("password", [USER_DATA_0.user_id]), OwnerList("exposed_passwords", [USER_DATA_1.user_id]) ], ) return task_id def run_task(self, task_id): client = self.client print(f"[+] {self.user_id} invoking task") client.invoke_task(task_id) def register_data(self, task_id, input_url, algorithm, input_cmac, file_key, iv, input_label): client = self.client print(f"[+] {self.user_id} registering input file") url = input_url cmac = input_cmac schema = algorithm key = file_key input_id = client.register_input_file(url, schema, key, iv, cmac) print(f"[+] {self.user_id} assigning data to task") client.assign_data_to_task(task_id, [DataList(input_label, input_id)], []) def approve_task(self, task_id): client = self.client print(f"[+] {self.user_id} approving task") client.approve_task(task_id) def get_task_result(self, task_id): client = self.client print(f"[+] {self.user_id} getting task result") return bytes(client.get_task_result(task_id))