def setup_config(args=None): """ Fixture to setup initial config for pytest session. """ # parse out the configuration file first conffiles = ["tcs_config.toml"] confpaths = [".", TCFHOME + "/config"] parser = argparse.ArgumentParser() parser.add_argument("--config", help="configuration file", nargs="+") parser.add_argument("--config-dir", help="configuration folder", nargs="+") parser.add_argument("--connect_uri", action="store", default="http://localhost:1947", help="server uri") (options, remainder) = parser.parse_known_args(args) if options.config: conffiles = options.config if options.config_dir: confpaths = options.config_dir if options.connect_uri: server_uri = options.connect_uri try: config = pconfig.parse_configuration_files(conffiles, confpaths) config_json_str = json.dumps(config, indent=4) except pconfig.ConfigurationException as e: logger.error(str(e)) sys.exit(-1) plogger.setup_loggers(config.get("Logging", {})) sys.stdout = plogger.stream_to_logger((logging.getLogger("STDOUT"), logging.DEBUG)) sys.stderr = plogger.stream_to_logger((logging.getLogger("STDERR"), logging.WARN)) logger.info("configuration for the session: %s", config) uri_client = HttpJrpcClient(server_uri) # private_key of client private_key = enclave_helper.generate_signing_keys() # Initializing worker object to pass client default worker # data to testcases worker_obj = worker.SGXWorkerDetails() worker_obj, err_cd = worker_lookup_retrieve(config, worker_obj, uri_client) # return worker_obj, sig_obj, uri_client, private_key, err_cd return worker_obj, uri_client, private_key, err_cd
def fetchWorkerObj(worker_id): worker_obj = worker_details.SGXWorkerDetails() logging.info(worker_obj) direct_jrpc = AvalonDirectClient(config_file=None, config=config) worker_registry_instance = \ direct_jrpc.get_worker_registry_instance() req_id = 9 try: worker_retrieve_result = \ worker_registry_instance.worker_retrieve(worker_id, req_id) except Exception as error: logging.error(error) try: worker_obj.load_worker(worker_retrieve_result) except Exception as error2: logging.error(error2) logging.info(worker_obj) return worker_obj
def parse_command_line(config, args): LOGGER.info("***************** AVALON *****************") global input_json_str global input_json_dir global server_uri global output_json_file_name global consensus_file_name global sig_obj global worker_obj global private_key global encrypted_session_key global session_iv parser = argparse.ArgumentParser() parser.add_argument("--logfile", help="Name of the log file. " + "Use __screen__ for standard output", type=str) parser.add_argument("-p", "--private_key", help="Private Key of the Client", type=str, default=None) parser.add_argument("--loglevel", help="Logging level", type=str) parser.add_argument("-i", "--input_file", help="JSON input file name", type=str, default="input.json") parser.add_argument("--input_dir", help="Logging level", type=str, default=[]) parser.add_argument("-c", "--connect_uri", help="URI to send requests to", type=str, default=[]) parser.add_argument("output_file", help="JSON output file name", type=str, default="output.json", nargs="?") options = parser.parse_args(args) if config.get("Logging") is None: config["Logging"] = {"LogFile": "__screen__", "LogLevel": "INFO"} if options.logfile: config["Logging"]["LogFile"] = options.logfile if options.loglevel: config["Logging"]["LogLevel"] = options.loglevel.upper() input_json_str = None input_json_dir = None if options.connect_uri: server_uri = options.connect_uri else: LOGGER.error("ERROR: Please enter the server URI") if options.input_dir: LOGGER.info("Load Json Directory from %s", options.input_dir) input_json_dir = options.input_dir elif options.input_file: try: LOGGER.info("load JSON input from %s", options.input_file) with open(options.input_file, "r") as file: input_json_str = file.read() except Exception as err: LOGGER.error("ERROR: Failed to read from file %s: %s", options.input_file, str(err)) else: LOGGER.info("No input found") if options.output_file: output_json_file_name = options.output_file else: output_json_file_name = None if options.private_key: private_key = options.private_key else: # Generating the private Key for the client private_key = enclave_helper.generate_signing_keys() # Initializing Signature object, Worker Object sig_obj = signature.ClientSignature() worker_obj = worker.SGXWorkerDetails()
def ParseCommandLine(args): global worker_obj global worker_id global message global config global off_chain global requester_signature global input_data_hash parser = argparse.ArgumentParser() use_service = parser.add_mutually_exclusive_group() parser.add_argument( "-c", "--config", help="the config file containing the Ethereum contract information", type=str) use_service.add_argument("-r", "--registry-list", help="the Ethereum address of the registry list", type=str) use_service.add_argument("-s", "--service-uri", help="skip URI lookup and send to specified URI", type=str) use_service.add_argument( "-o", "--off-chain", help="skip URI lookup and use the registry in the config file", action="store_true") parser.add_argument( "-w", "--worker-id", help="skip worker lookup and retrieve specified worker", type=str) parser.add_argument( "-m", "--message", help='text message to be included in the JSON request payload', type=str) parser.add_argument( "-rs", "--requester-signature", help="Enable requester signature for work order requests", action="store_true") parser.add_argument("-dh", "--data-hash", help="Enable input data hash for work order requests", action="store_true") options = parser.parse_args(args) if options.config: conf_files = [options.config] else: conf_files = [ TCFHOME + "/client_sdk/avalon_client_sdk/tcf_connector.toml" ] confpaths = ["."] try: config = pconfig.parse_configuration_files(conf_files, confpaths) config_json_str = json.dumps(config) except pconfig.ConfigurationException as e: logger.error(str(e)) sys.exit(-1) global direct_jrpc direct_jrpc = AvalonDirectClient(conf_files[0]) # Whether or not to connect to the registry list on the blockchain off_chain = False if options.registry_list: config["ethereum"]["direct_registry_contract_address"] = \ options.registry_list if options.service_uri: config["tcf"]["json_rpc_uri"] = options.service_uri off_chain = True if options.off_chain: off_chain = True requester_signature = options.requester_signature input_data_hash = options.data_hash worker_id = options.worker_id message = options.message if options.message is None or options.message == "": message = "Test Message" # Initializing Worker Object worker_obj = worker.SGXWorkerDetails()
def Main(args=None): options = _parse_command_line(args) config = _parse_config_file(options.config) if config is None: logger.error("\n Error in parsing config file: {}\n".format( options.config)) sys.exit(-1) # mode should be one of listing or registry (default) mode = options.mode # Http JSON RPC listener uri uri = options.uri if uri: config["tcf"]["json_rpc_uri"] = uri # Address of smart contract address = options.address if address: if mode == "listing": config["ethereum"]["direct_registry_contract_address"] = \ address elif mode == "registry": logger.error( "\n Only Worker registry listing address is supported." + "Worker registry address is unsupported \n") sys.exit(-1) # worker id worker_id = options.worker_id # work load id of worker workload_id = options.workload_id if not workload_id: logger.error("\nWorkload id is mandatory\n") sys.exit(-1) # work order input data in_data = options.in_data # show receipt in output show_receipt = options.receipt # show decrypted result in output show_decrypted_output = options.decrypted_output # requester signature for work order requests requester_signature = options.requester_signature # setup logging config["Logging"] = {"LogFile": "__screen__", "LogLevel": "INFO"} plogger.setup_loggers(config.get("Logging", {})) sys.stdout = plogger.stream_to_logger(logging.getLogger("STDOUT"), logging.DEBUG) sys.stderr = plogger.stream_to_logger(logging.getLogger("STDERR"), logging.WARN) logger.info("******* Hyperledger Avalon Generic client *******") if mode == "registry" and address: logger.error("\n Worker registry contract address is unsupported \n") sys.exit(-1) # Retrieve JSON RPC uri from registry list if not uri and mode == "listing": uri = _retrieve_uri_from_registry_list(config) if uri is None: logger.error("\n Unable to get http JSON RPC uri \n") sys.exit(-1) # Prepare worker # JRPC request id. Choose any integer value jrpc_req_id = 31 worker_registry = WorkerRegistryJRPCClientImpl(config) if not worker_id: # Get first worker from worker registry worker_id = _lookup_first_worker(worker_registry, jrpc_req_id) if worker_id is None: logger.error("\n Unable to get worker \n") sys.exit(-1) # Retrieve worker details jrpc_req_id += 1 worker_retrieve_result = worker_registry.worker_retrieve( worker_id, jrpc_req_id) logger.info("\n Worker retrieve response: {}\n".format( json.dumps(worker_retrieve_result, indent=4))) if "error" in worker_retrieve_result: logger.error("Unable to retrieve worker details\n") sys.exit(1) # Create session key and iv to sign work order request session_key = crypto_utility.generate_key() session_iv = crypto_utility.generate_iv() # Initializing Worker Object worker_obj = worker_details.SGXWorkerDetails() worker_obj.load_worker(worker_retrieve_result) logger.info( "**********Worker details Updated with Worker ID" + "*********\n%s\n", worker_id) # Create work order wo_params = _create_work_order_params(worker_id, workload_id, in_data, worker_obj.encryption_key, session_key, session_iv) client_private_key = crypto_utility.generate_signing_keys() if requester_signature: # Add requester signature and requester verifying_key if wo_params.add_requester_signature(client_private_key) is False: logger.info("Work order request signing failed") exit(1) # Submit work order logger.info("Work order submit request : %s, \n \n ", wo_params.to_jrpc_string(jrpc_req_id)) work_order = WorkOrderJRPCClientImpl(config) jrpc_req_id += 1 response = work_order.work_order_submit(wo_params.get_work_order_id(), wo_params.get_worker_id(), wo_params.get_requester_id(), wo_params.to_string(), id=jrpc_req_id) logger.info("Work order submit response : {}\n ".format( json.dumps(response, indent=4))) if "error" in response and response["error"]["code"] != \ WorkOrderStatus.PENDING: sys.exit(1) # Create receipt wo_receipt = WorkOrderReceiptJRPCClientImpl(config) if show_receipt: jrpc_req_id += 1 _create_work_order_receipt(wo_receipt, wo_params, client_private_key, jrpc_req_id) # Retrieve work order result jrpc_req_id += 1 res = work_order.work_order_get_result(wo_params.get_work_order_id(), jrpc_req_id) logger.info("Work order get result : {}\n ".format( json.dumps(res, indent=4))) # Check if result field is present in work order response if "result" in res: # Verify work order response signature if _verify_wo_res_signature(res, worker_obj.verification_key) is False: logger.error("Work order response signature verification Failed") sys.exit(1) # Decrypt work order response if show_decrypted_output: decrypted_res = crypto_utility.decrypted_response( res, session_key, session_iv) logger.info("\nDecrypted response:\n {}".format(decrypted_res)) else: logger.error("\n Work order get result failed {}\n".format(res)) sys.exit(1) if show_receipt: # Retrieve receipt jrpc_req_id += 1 retrieve_wo_receipt \ = _retrieve_work_order_receipt(wo_receipt, wo_params, jrpc_req_id) # Verify receipt signature if _verify_receipt_signature(retrieve_wo_receipt) is False: logger.error("Receipt signature verification Failed") sys.exit(1)
def Main(args=None): ParseCommandLine(args) config["Logging"] = { "LogFile": "__screen__", "LogLevel": "INFO" } plogger.setup_loggers(config.get("Logging", {})) sys.stdout = plogger.stream_to_logger( logging.getLogger("STDOUT"), logging.DEBUG) sys.stderr = plogger.stream_to_logger( logging.getLogger("STDERR"), logging.WARN) logger.info("***************** TRUSTED COMPUTE FRAMEWORK (TCF)" + " *****************") global direct_jrpc direct_jrpc = AvalonDirectClient(config_file=None, config=config) global address if mode == "registry" and address: logger.error("\n Worker registry contract address is unsupported \n") sys.exit(-1) # Connect to registry list and retrieve registry global uri if not uri and mode == "listing": registry_list_instance = direct_jrpc.get_worker_registry_list_instance( ) # Lookup returns tuple, first element is number of registries and # second is element is lookup tag and # third is list of organization ids. registry_count, lookup_tag, registry_list = \ registry_list_instance.registry_lookup() logger.info("\n Registry lookup response: registry count: {} " + "lookup tag: {} registry list: {}\n".format( registry_count, lookup_tag, registry_list)) if (registry_count == 0): logger.error("No registries found") sys.exit(1) # Retrieve the fist registry details. registry_retrieve_result = registry_list_instance.registry_retrieve( registry_list[0]) logger.info("\n Registry retrieve response: {}\n".format( registry_retrieve_result )) config["tcf"]["json_rpc_uri"] = registry_retrieve_result[0] # Prepare worker req_id = 31 global worker_id if not worker_id: worker_registry_instance = direct_jrpc.get_worker_registry_instance() worker_lookup_result = worker_registry_instance.worker_lookup( worker_type=WorkerType.TEE_SGX, id=req_id ) logger.info("\n Worker lookup response: {}\n".format( json.dumps(worker_lookup_result, indent=4) )) if "result" in worker_lookup_result and \ "ids" in worker_lookup_result["result"].keys(): if worker_lookup_result["result"]["totalCount"] != 0: worker_id = worker_lookup_result["result"]["ids"][0] else: logger.error("ERROR: No workers found") sys.exit(1) else: logger.error("ERROR: Failed to lookup worker") sys.exit(1) req_id += 1 worker_retrieve_result = worker_registry_instance.worker_retrieve( worker_id, req_id ) logger.info("\n Worker retrieve response: {}\n".format( json.dumps(worker_retrieve_result, indent=4) )) if "error" in worker_retrieve_result: logger.error("Unable to retrieve worker details\n") sys.exit(1) # Initializing Worker Object worker_obj = worker_details.SGXWorkerDetails() worker_obj.load_worker(worker_retrieve_result) logger.info("**********Worker details Updated with Worker ID" + "*********\n%s\n", worker_id) # Convert workloadId to hex global workload_id workload_id = workload_id.encode("UTF-8").hex() work_order_id = secrets.token_hex(32) requester_id = secrets.token_hex(32) session_iv = utility.generate_iv() session_key = utility.generate_key() requester_nonce = secrets.token_hex(16) # Create work order wo_params = WorkOrderParams( work_order_id, worker_id, workload_id, requester_id, session_key, session_iv, requester_nonce, result_uri=" ", notify_uri=" ", worker_encryption_key=worker_obj.encryption_key, data_encryption_algorithm="AES-GCM-256" ) # Add worker input data global in_data for value in in_data: wo_params.add_in_data(value) # Encrypt work order request hash wo_params.add_encrypted_request_hash() private_key = utility.generate_signing_keys() if requester_signature: # Add requester signature and requester verifying_key if wo_params.add_requester_signature(private_key) is False: logger.info("Work order request signing failed") exit(1) # Submit work order logger.info("Work order submit request : %s, \n \n ", wo_params.to_jrpc_string(req_id)) work_order_instance = direct_jrpc.get_work_order_instance() req_id += 1 response = work_order_instance.work_order_submit( wo_params.get_work_order_id(), wo_params.get_worker_id(), wo_params.get_requester_id(), wo_params.to_string(), id=req_id ) logger.info("Work order submit response : {}\n ".format( json.dumps(response, indent=4) )) if "error" in response and response["error"]["code"] != \ WorkOrderStatus.PENDING: sys.exit(1) wo_receipt_instance = direct_jrpc.get_work_order_receipt_instance() # Create receipt if show_receipt: req_id += 1 # Create work order receipt object using WorkOrderReceiptRequest class wo_request = json.loads(wo_params.to_jrpc_string(req_id)) wo_receipt_obj = WorkOrderReceiptRequest() wo_create_receipt = wo_receipt_obj.create_receipt( wo_request, ReceiptCreateStatus.PENDING.value, private_key ) logger.info("Work order create receipt request : {} \n \n ".format( json.dumps(wo_create_receipt, indent=4) )) # Submit work order create receipt jrpc request wo_receipt_resp = wo_receipt_instance.work_order_receipt_create( wo_create_receipt["workOrderId"], wo_create_receipt["workerServiceId"], wo_create_receipt["workerId"], wo_create_receipt["requesterId"], wo_create_receipt["receiptCreateStatus"], wo_create_receipt["workOrderRequestHash"], wo_create_receipt["requesterGeneratedNonce"], wo_create_receipt["requesterSignature"], wo_create_receipt["signatureRules"], wo_create_receipt["receiptVerificationKey"], req_id ) logger.info("Work order create receipt response : {} \n \n ".format( wo_receipt_resp )) # Retrieve result req_id += 1 res = work_order_instance.work_order_get_result( work_order_id, req_id ) logger.info("Work order get result : {}\n ".format( json.dumps(res, indent=4) )) sig_obj = signature.ClientSignature() if "result" in res: status = sig_obj.verify_signature(res, worker_obj.verification_key) try: if status == SignatureStatus.PASSED: logger.info("Signature verification Successful") decrypted_res = utility.decrypted_response( res, session_key, session_iv) if show_decrypted_output: logger.info("\nDecrypted response:\n {}" .format(decrypted_res)) else: logger.error("Signature verification Failed") sys.exit(1) except Exception as err: logger.error("ERROR: Failed to decrypt response: %s", str(err)) sys.exit(1) else: logger.error("\n Work order get result failed {}\n".format( res )) sys.exit(1) if show_receipt: # Retrieve receipt req_id += 1 receipt_res = wo_receipt_instance.work_order_receipt_retrieve( work_order_id, id=req_id ) logger.info("\n Retrieve receipt response:\n {}".format( json.dumps(receipt_res, indent=4) )) # Retrieve last update to receipt by passing 0xFFFFFFFF req_id += 1 receipt_update_retrieve = \ wo_receipt_instance.work_order_receipt_update_retrieve( work_order_id, None, 1 << 32, id=req_id) logger.info("\n Last update to receipt receipt is:\n {}".format( json.dumps(receipt_update_retrieve, indent=4) )) status = sig_obj.verify_update_receipt_signature( receipt_update_retrieve) if status == SignatureStatus.PASSED: logger.info( "Work order receipt retrieve signature verification " + "successful") else: logger.info( "Work order receipt retrieve signature verification failed!!") sys.exit(1)
def parse_command_line(args): """Setup and parse command line arguments and help information.""" global worker_obj global worker_id global verbose global config global off_chain global requester_signature parser = argparse.ArgumentParser() use_service = parser.add_mutually_exclusive_group() parser.add_argument("-c", "--config", help="the config file containing the" + " Ethereum contract information", type=str) use_service.add_argument("-r", "--registry-list", help="the Ethereum address of the registry list", type=str) use_service.add_argument("-s", "--service-uri", help="skip URI lookup and send to specified URI", type=str) use_service.add_argument( "-o", "--off-chain", help="skip URI lookup and use the registry in the config file", action="store_true") parser.add_argument( "-w", "--worker-id", help="skip worker lookup and retrieve specified worker", type=str) parser.add_argument("-v", "--verbose", help="increase output verbosity", action="store_true") parser.add_argument( "-rs", "--requester_signature", help="Enable requester signature for work order requests", action="store_true") options = parser.parse_args(args) if options.config: conf_files = [options.config] else: conf_files = [ TCFHOME + "/client_sdk/avalon_client_sdk/tcf_connector.toml" ] conf_paths = ["."] try: config = pconfig.parse_configuration_files(conf_files, conf_paths) json.dumps(config, indent=4) except pconfig.ConfigurationException as e: logger.error(str(e)) sys.exit(-1) global direct_jrpc direct_jrpc = AvalonDirectClient(conf_files[0]) # Whether or not to connect to the registry list on the blockchain off_chain = False if options.registry_list: config["ethereum"]["direct_registry_contract_address"] = \ options.registry_list if options.service_uri: service_uri = options.service_uri off_chain = True if options.off_chain: service_uri = config["tcf"].get("json_rpc_uri") off_chain = True requester_signature = options.requester_signature verbose = options.verbose worker_id = options.worker_id # Initializing Worker Object worker_obj = worker.SGXWorkerDetails()