This is an automated email from the ASF dual-hosted git repository. shaojunwang pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-java-tee-sdk.git
commit dcd6bfcb59e9165915c02f442a8070f311a785e6 Author: jeffery.wsj <[email protected]> AuthorDate: Tue Jul 26 23:14:56 2022 +0800 [sdk] Enhance JavaEnclave unit test cases Summary: 1. Fix enclave's random value native call bug 2. Add concurrency/SHA/RSA/AES test cases for JavaEnclave Test Plan: all tests pass Reviewers: lei.yul, cengfeng.lzy, sanhong.lsh Issue: https://aone.alibaba-inc.com/task/43584783 CR: https://code.aone.alibaba-inc.com/java-tee/JavaEnclave/codereview/9528563 --- .../substitutes/NativePRNGSubstitutions.java | 2 +- .../test/common/AESSealedTest.java | 25 ++++ .../test/common/AESService.java | 10 ++ .../test/common/ConcurrencyCalculate.java | 9 ++ .../test/common/RSAService.java | 8 ++ .../test/common/SHAService.java | 8 ++ .../test/enclave/AESServiceImpl.java | 41 +++++++ .../test/enclave/AESUtil.java | 106 +++++++++++++++++ .../test/enclave/ConcurrencyCalculateImpl.java | 21 ++++ .../test/enclave/RSAServiceImpl.java | 34 ++++++ .../test/enclave/SHAServiceImpl.java | 22 ++++ .../src/main/resources/embedded_libos_enclave.json | 4 +- test/enclave/src/main/resources/tee_sdk_svm.conf | 2 +- .../test/enclave/TestAESServiceImpl.java | 22 ++++ .../test/host/TestEnclaveAES.java | 40 +++++++ .../test/host/TestEnclaveConcurrency.java | 58 ++++++++++ .../test/host/TestEnclaveException.java | 37 ++++++ .../test/host/TestEnclaveRSA.java | 36 ++++++ .../test/host/TestEnclaveReflection.java | 38 ++++++ .../test/host/TestEnclaveSHA.java | 51 +++++++++ .../test/host/TestEnclaveServiceGC.java | 38 ++++++ .../test/host/TestHelloWorld.java | 41 +++++++ .../test/host/TestJavaEnclaveService.java | 127 --------------------- .../test/host/TestRemoteAttestation.java | 37 ++++++ 24 files changed, 686 insertions(+), 131 deletions(-) diff --git a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/substitutes/NativePRNGSubstitutions.java b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/substitutes/NativePRNGSubstitutions.java index 90a5feb..0fb9588 100644 --- a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/substitutes/NativePRNGSubstitutions.java +++ b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/substitutes/NativePRNGSubstitutions.java @@ -28,7 +28,7 @@ public final class NativePRNGSubstitutions { @Override public boolean getAsBoolean() { - return EnclaveOptions.UseNativeGetRandom.getValue(); + return EnclaveOptions.RunInEnclave.getValue(); } } diff --git a/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/AESSealedTest.java b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/AESSealedTest.java new file mode 100644 index 0000000..5c62678 --- /dev/null +++ b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/AESSealedTest.java @@ -0,0 +1,25 @@ +package com.alibaba.confidentialcomputing.test.common; + +import java.io.Serializable; + +public class AESSealedTest implements Serializable, Comparable<AESSealedTest> { + private String name; + private int age; + private int level; + + public AESSealedTest(String name, int age, int level) { + this.name = name; + this.age = age; + this.level = level; + } + + @Override + public int compareTo(AESSealedTest aesSealedTest) { + if (this.name.equals(aesSealedTest.name) + && this.age == aesSealedTest.age + && this.level == aesSealedTest.level) { + return 0; + } + return -1; + } +} diff --git a/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/AESService.java b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/AESService.java new file mode 100644 index 0000000..65446c7 --- /dev/null +++ b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/AESService.java @@ -0,0 +1,10 @@ +package com.alibaba.confidentialcomputing.test.common; + +import com.alibaba.confidentialcomputing.common.annotations.EnclaveService; + +@EnclaveService +public interface AESService { + String aesEncryptAndDecryptPlaintext(String plaintext) throws Exception; + String aesEncryptAndDecryptPlaintextWithPassword(String plaintext, String password, String salt) throws Exception; + Object aesEncryptAndDecryptObject(AESSealedTest obj) throws Exception; +} diff --git a/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/ConcurrencyCalculate.java b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/ConcurrencyCalculate.java new file mode 100644 index 0000000..2b227d0 --- /dev/null +++ b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/ConcurrencyCalculate.java @@ -0,0 +1,9 @@ +package com.alibaba.confidentialcomputing.test.common; + +import com.alibaba.confidentialcomputing.common.annotations.EnclaveService; + +@EnclaveService +public interface ConcurrencyCalculate { + void add(int delta); + long sum(); +} diff --git a/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/RSAService.java b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/RSAService.java new file mode 100644 index 0000000..db24ce6 --- /dev/null +++ b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/RSAService.java @@ -0,0 +1,8 @@ +package com.alibaba.confidentialcomputing.test.common; + +import com.alibaba.confidentialcomputing.common.annotations.EnclaveService; + +@EnclaveService +public interface RSAService { + String encryptAndDecryptWithPlaintext(String plaintext) throws Exception; +} diff --git a/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/SHAService.java b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/SHAService.java new file mode 100644 index 0000000..4fa802c --- /dev/null +++ b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/SHAService.java @@ -0,0 +1,8 @@ +package com.alibaba.confidentialcomputing.test.common; + +import com.alibaba.confidentialcomputing.common.annotations.EnclaveService; + +@EnclaveService +public interface SHAService { + String encryptPlaintext(String plaintext, String SHAType) throws Exception; +} diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/AESServiceImpl.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/AESServiceImpl.java new file mode 100644 index 0000000..87b02b0 --- /dev/null +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/AESServiceImpl.java @@ -0,0 +1,41 @@ +package com.alibaba.confidentialcomputing.test.enclave; + +import com.alibaba.confidentialcomputing.test.common.AESSealedTest; +import com.alibaba.confidentialcomputing.test.common.AESService; +import com.google.auto.service.AutoService; + +import javax.crypto.SealedObject; +import javax.crypto.SecretKey; +import javax.crypto.spec.IvParameterSpec; + +@AutoService(AESService.class) +public class AESServiceImpl implements AESService { + @Override + public String aesEncryptAndDecryptPlaintext(String plaintext) throws Exception { + SecretKey key = AESUtil.generateKey(128); + IvParameterSpec ivParameterSpec = AESUtil.generateIv(); + String algorithm = "AES/CBC/PKCS5Padding"; + + String cipherText = AESUtil.encrypt(algorithm, plaintext, key, ivParameterSpec); + return AESUtil.decrypt(algorithm, cipherText, key, ivParameterSpec); + } + + @Override + public String aesEncryptAndDecryptPlaintextWithPassword(String plaintext, String password, String salt) throws Exception { + IvParameterSpec ivParameterSpec = AESUtil.generateIv(); + SecretKey key = AESUtil.getKeyFromPassword(password, salt); + + String cipherText = AESUtil.encryptPasswordBased(plaintext, key, ivParameterSpec); + return AESUtil.decryptPasswordBased(cipherText, key, ivParameterSpec); + } + + @Override + public Object aesEncryptAndDecryptObject(AESSealedTest obj) throws Exception { + SecretKey key = AESUtil.generateKey(128); + IvParameterSpec ivParameterSpec = AESUtil.generateIv(); + String algorithm = "AES/CBC/PKCS5Padding"; + + SealedObject sealedObject = AESUtil.encryptObject(algorithm, obj, key, ivParameterSpec); + return AESUtil.decryptObject(algorithm, sealedObject, key, ivParameterSpec); + } +} diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/AESUtil.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/AESUtil.java new file mode 100644 index 0000000..8ac60fe --- /dev/null +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/AESUtil.java @@ -0,0 +1,106 @@ +package com.alibaba.confidentialcomputing.test.enclave; + +import javax.crypto.Cipher; +import javax.crypto.IllegalBlockSizeException; +import javax.crypto.NoSuchPaddingException; +import javax.crypto.SecretKey; +import javax.crypto.BadPaddingException; +import javax.crypto.KeyGenerator; +import javax.crypto.SecretKeyFactory; +import javax.crypto.SealedObject; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.PBEKeySpec; +import javax.crypto.spec.SecretKeySpec; +import java.io.IOException; +import java.io.Serializable; +import java.security.InvalidAlgorithmParameterException; +import java.security.InvalidKeyException; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; +import java.security.spec.InvalidKeySpecException; +import java.security.spec.KeySpec; +import java.util.Base64; + +class AESUtil { + + public static String encrypt(String algorithm, String input, SecretKey key, IvParameterSpec iv) + throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, + InvalidKeyException, BadPaddingException, IllegalBlockSizeException { + Cipher cipher = Cipher.getInstance(algorithm); + cipher.init(Cipher.ENCRYPT_MODE, key, iv); + byte[] cipherText = cipher.doFinal(input.getBytes()); + return Base64.getEncoder() + .encodeToString(cipherText); + } + + public static String decrypt(String algorithm, String cipherText, SecretKey key, IvParameterSpec iv) + throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, + InvalidKeyException, BadPaddingException, IllegalBlockSizeException { + Cipher cipher = Cipher.getInstance(algorithm); + cipher.init(Cipher.DECRYPT_MODE, key, iv); + byte[] plainText = cipher.doFinal(Base64.getDecoder() + .decode(cipherText)); + return new String(plainText); + } + + public static SecretKey generateKey(int n) throws NoSuchAlgorithmException { + KeyGenerator keyGenerator = KeyGenerator.getInstance("AES"); + keyGenerator.init(n); + SecretKey key = keyGenerator.generateKey(); + return key; + } + + public static SecretKey getKeyFromPassword(String password, String salt) + throws NoSuchAlgorithmException, InvalidKeySpecException { + SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256"); + KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(), 65536, 256); + SecretKey secret = new SecretKeySpec(factory.generateSecret(spec) + .getEncoded(), "AES"); + return secret; + } + + public static IvParameterSpec generateIv() { + byte[] iv = new byte[16]; + new SecureRandom().nextBytes(iv); + return new IvParameterSpec(iv); + } + + + public static SealedObject encryptObject(String algorithm, Serializable object, SecretKey key, + IvParameterSpec iv) throws NoSuchPaddingException, NoSuchAlgorithmException, + InvalidAlgorithmParameterException, InvalidKeyException, IOException, IllegalBlockSizeException { + Cipher cipher = Cipher.getInstance(algorithm); + cipher.init(Cipher.ENCRYPT_MODE, key, iv); + SealedObject sealedObject = new SealedObject(object, cipher); + return sealedObject; + } + + public static Serializable decryptObject(String algorithm, SealedObject sealedObject, SecretKey key, + IvParameterSpec iv) throws NoSuchPaddingException, NoSuchAlgorithmException, + InvalidAlgorithmParameterException, InvalidKeyException, ClassNotFoundException, + BadPaddingException, IllegalBlockSizeException, IOException { + Cipher cipher = Cipher.getInstance(algorithm); + cipher.init(Cipher.DECRYPT_MODE, key, iv); + Serializable unsealObject = (Serializable) sealedObject.getObject(cipher); + return unsealObject; + } + + public static String encryptPasswordBased(String plainText, SecretKey key, IvParameterSpec iv) + throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, + InvalidKeyException, BadPaddingException, IllegalBlockSizeException { + Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); + cipher.init(Cipher.ENCRYPT_MODE, key, iv); + return Base64.getEncoder() + .encodeToString(cipher.doFinal(plainText.getBytes())); + } + + public static String decryptPasswordBased(String cipherText, SecretKey key, IvParameterSpec iv) + throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, + InvalidKeyException, BadPaddingException, IllegalBlockSizeException { + Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING"); + cipher.init(Cipher.DECRYPT_MODE, key, iv); + return new String(cipher.doFinal(Base64.getDecoder() + .decode(cipherText))); + } + +} diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/ConcurrencyCalculateImpl.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/ConcurrencyCalculateImpl.java new file mode 100644 index 0000000..617737a --- /dev/null +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/ConcurrencyCalculateImpl.java @@ -0,0 +1,21 @@ +package com.alibaba.confidentialcomputing.test.enclave; + +import com.alibaba.confidentialcomputing.test.common.ConcurrencyCalculate; +import com.google.auto.service.AutoService; + +import java.util.concurrent.atomic.AtomicLong; + +@AutoService(ConcurrencyCalculate.class) +public class ConcurrencyCalculateImpl implements ConcurrencyCalculate { + private AtomicLong sum = new AtomicLong(); + + @Override + public void add(int delta) { + sum.addAndGet(delta); + } + + @Override + public long sum() { + return sum.get(); + } +} diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/RSAServiceImpl.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/RSAServiceImpl.java new file mode 100644 index 0000000..860d28c --- /dev/null +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/RSAServiceImpl.java @@ -0,0 +1,34 @@ +package com.alibaba.confidentialcomputing.test.enclave; + +import com.alibaba.confidentialcomputing.test.common.RSAService; +import com.google.auto.service.AutoService; + +import javax.crypto.Cipher; +import java.nio.charset.StandardCharsets; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.PrivateKey; +import java.security.PublicKey; + +@AutoService(RSAService.class) +public class RSAServiceImpl implements RSAService { + + @Override + public String encryptAndDecryptWithPlaintext(String plaintext) throws Exception { + KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA"); + generator.initialize(2048); + KeyPair pair = generator.generateKeyPair(); + PrivateKey privateKey = pair.getPrivate(); + PublicKey publicKey = pair.getPublic(); + + Cipher encryptCipher = Cipher.getInstance("RSA"); + encryptCipher.init(Cipher.ENCRYPT_MODE, publicKey); + byte[] secretMessageBytes = plaintext.getBytes(StandardCharsets.UTF_8); + byte[] encryptedMessageBytes = encryptCipher.doFinal(secretMessageBytes); + + Cipher decryptCipher = Cipher.getInstance("RSA"); + decryptCipher.init(Cipher.DECRYPT_MODE, privateKey); + byte[] decryptedMessageBytes = decryptCipher.doFinal(encryptedMessageBytes); + return new String(decryptedMessageBytes, StandardCharsets.UTF_8); + } +} diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SHAServiceImpl.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SHAServiceImpl.java new file mode 100644 index 0000000..95caa11 --- /dev/null +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SHAServiceImpl.java @@ -0,0 +1,22 @@ +package com.alibaba.confidentialcomputing.test.enclave; + +import com.alibaba.confidentialcomputing.test.common.SHAService; +import com.google.auto.service.AutoService; + +import java.math.BigInteger; +import java.security.MessageDigest; + +@AutoService(SHAService.class) +public class SHAServiceImpl implements SHAService { + @Override + public String encryptPlaintext(String plaintext, String SHAType) throws Exception { + MessageDigest md = MessageDigest.getInstance(SHAType); + byte[] messageDigest = md.digest(plaintext.getBytes()); + BigInteger no = new BigInteger(1, messageDigest); + String hashtext = no.toString(16); + while (hashtext.length() < 32) { + hashtext = "0" + hashtext; + } + return hashtext; + } +} diff --git a/test/enclave/src/main/resources/embedded_libos_enclave.json b/test/enclave/src/main/resources/embedded_libos_enclave.json index 655b56a..5ea4c10 100644 --- a/test/enclave/src/main/resources/embedded_libos_enclave.json +++ b/test/enclave/src/main/resources/embedded_libos_enclave.json @@ -1,11 +1,11 @@ { "debuggable": false, - "agent_http_handler_thread_pool_size": 6, + "agent_http_handler_thread_pool_size": 15, "enclave_startup_duration_ms": 60000, "kernel_space_heap_size": "32MB", "user_space_size": "1200MB", "default_mmap_size": "800MB", - "max_num_of_threads": 48, + "max_num_of_threads": 60, "log_level": "off", "enclave_jvm_args": ["-XX:-UseCompressedOops", "-Xmx512m", "-Dos.name=Linux"] } \ No newline at end of file diff --git a/test/enclave/src/main/resources/tee_sdk_svm.conf b/test/enclave/src/main/resources/tee_sdk_svm.conf index 3f18b9f..95d4685 100644 --- a/test/enclave/src/main/resources/tee_sdk_svm.conf +++ b/test/enclave/src/main/resources/tee_sdk_svm.conf @@ -4,7 +4,7 @@ <ISVSVN>0</ISVSVN> <StackMaxSize>0x101000</StackMaxSize> <HeapMaxSize>0x20000000</HeapMaxSize> - <TCSNum>10</TCSNum> + <TCSNum>15</TCSNum> <TCSPolicy>1</TCSPolicy> <DisableDebug>0</DisableDebug> <MiscSelect>0</MiscSelect> diff --git a/test/enclave/src/test/java/com/alibaba/confidentialcomputing/test/enclave/TestAESServiceImpl.java b/test/enclave/src/test/java/com/alibaba/confidentialcomputing/test/enclave/TestAESServiceImpl.java new file mode 100644 index 0000000..2e70075 --- /dev/null +++ b/test/enclave/src/test/java/com/alibaba/confidentialcomputing/test/enclave/TestAESServiceImpl.java @@ -0,0 +1,22 @@ +package com.alibaba.confidentialcomputing.test.enclave; + +import com.alibaba.confidentialcomputing.test.common.AESSealedTest; +import com.alibaba.confidentialcomputing.test.common.AESService; +import org.junit.jupiter.api.Test; + +import static org.junit.jupiter.api.Assertions.assertEquals; + +public class TestAESServiceImpl { + String plaintext = "Hello World!!!"; + + @Test + public void testAESServiceImpl() throws Exception { + AESService service = new AESServiceImpl(); + String result = service.aesEncryptAndDecryptPlaintext(plaintext); + assertEquals(plaintext, result); + result = service.aesEncryptAndDecryptPlaintextWithPassword(plaintext, "javaenclave", "12345678"); + assertEquals(plaintext, result); + AESSealedTest obj = new AESSealedTest("javaenclave", 25, 5); + assertEquals(0, obj.compareTo((AESSealedTest) service.aesEncryptAndDecryptObject(obj))); + } +} diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveAES.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveAES.java new file mode 100644 index 0000000..6ad65dc --- /dev/null +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveAES.java @@ -0,0 +1,40 @@ +package com.alibaba.confidentialcomputing.test.host; + +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import com.alibaba.confidentialcomputing.test.common.AESSealedTest; +import com.alibaba.confidentialcomputing.test.common.AESService; +import org.junit.jupiter.api.Test; + +import java.util.Iterator; + +import static org.junit.jupiter.api.Assertions.*; + +public class TestEnclaveAES { + @Test + public void testAESService() throws Exception { + String plaintext = "Hello World!!!"; + EnclaveType[] types = new EnclaveType[]{ + EnclaveType.MOCK_IN_JVM, + EnclaveType.MOCK_IN_SVM, + EnclaveType.TEE_SDK, + EnclaveType.EMBEDDED_LIB_OS}; + + for (EnclaveType type : types) { + Enclave enclave = EnclaveFactory.create(type); + assertNotNull(enclave); + Iterator<AESService> userServices = enclave.load(AESService.class); + assertNotNull(userServices); + assertTrue(userServices.hasNext()); + AESService service = userServices.next(); + String result = service.aesEncryptAndDecryptPlaintext(plaintext); + assertEquals(plaintext, result); + result = service.aesEncryptAndDecryptPlaintextWithPassword(plaintext, "javaenclave", "12345678"); + assertEquals(plaintext, result); + AESSealedTest obj = new AESSealedTest("javaenclave", 25, 5); + assertEquals(0, obj.compareTo((AESSealedTest) service.aesEncryptAndDecryptObject(obj))); + enclave.destroy(); + } + } +} diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveConcurrency.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveConcurrency.java new file mode 100644 index 0000000..4740f53 --- /dev/null +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveConcurrency.java @@ -0,0 +1,58 @@ +package com.alibaba.confidentialcomputing.test.host; + +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import com.alibaba.confidentialcomputing.test.common.ConcurrencyCalculate; +import org.junit.jupiter.api.Test; + +import java.util.Iterator; +import java.util.concurrent.CountDownLatch; + +import static org.junit.jupiter.api.Assertions.*; + +public class TestEnclaveConcurrency { + private void enclaveConcurrency(EnclaveType type) throws Exception { + int concurrency = 10; + int workload = 10_000; + CountDownLatch latch0 = new CountDownLatch(1); + CountDownLatch latch1 = new CountDownLatch(concurrency); + + Enclave enclave = EnclaveFactory.create(type); + Iterator<ConcurrencyCalculate> services = enclave.load(ConcurrencyCalculate.class); + assertTrue(services.hasNext()); + ConcurrencyCalculate service = services.next(); + for (int i = 0; i < concurrency; i++) { + new Thread(new Runnable() { + @Override + public void run() { + try { + latch0.await(); + for (int i = 0; i < workload; i++) { + service.add(1); + } + latch1.countDown(); + } catch (Exception e) { + e.printStackTrace(); + } + } + }).start(); + } + latch0.countDown(); + latch1.await(); + assertEquals(concurrency * workload, service.sum()); + + // waiting for enclave service recycle. + System.gc(); + Thread.sleep(2000); + enclave.destroy(); + } + + @Test + public void testEnclaveConcurrency() throws Exception { + enclaveConcurrency(EnclaveType.MOCK_IN_JVM); + enclaveConcurrency(EnclaveType.MOCK_IN_SVM); + enclaveConcurrency(EnclaveType.TEE_SDK); + enclaveConcurrency(EnclaveType.EMBEDDED_LIB_OS); + } +} diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveException.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveException.java new file mode 100644 index 0000000..73f0d89 --- /dev/null +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveException.java @@ -0,0 +1,37 @@ +package com.alibaba.confidentialcomputing.test.host; + +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import com.alibaba.confidentialcomputing.host.exception.EnclaveCreatingException; +import com.alibaba.confidentialcomputing.host.exception.EnclaveDestroyingException; +import com.alibaba.confidentialcomputing.host.exception.ServicesLoadingException; +import com.alibaba.confidentialcomputing.test.common.EnclaveException; +import com.alibaba.confidentialcomputing.test.common.JavaEnclaveException; +import org.junit.jupiter.api.Test; + +import java.util.Iterator; + +import static org.junit.jupiter.api.Assertions.*; + +public class TestEnclaveException { + + private void javaEnclaveException(EnclaveType type) throws EnclaveCreatingException, ServicesLoadingException, EnclaveDestroyingException { + Enclave enclave = EnclaveFactory.create(type); + assertNotNull(enclave); + Iterator<EnclaveException> userServices = enclave.load(EnclaveException.class); + assertNotNull(userServices); + assertTrue(userServices.hasNext()); + EnclaveException service = userServices.next(); + assertThrows(JavaEnclaveException.class, () -> service.enclaveException("JavaEnclave Exception")); + enclave.destroy(); + } + + @Test + public void testJavaEnclaveException() throws Exception { + javaEnclaveException(EnclaveType.MOCK_IN_JVM); + javaEnclaveException(EnclaveType.MOCK_IN_SVM); + javaEnclaveException(EnclaveType.TEE_SDK); + javaEnclaveException(EnclaveType.EMBEDDED_LIB_OS); + } +} diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveRSA.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveRSA.java new file mode 100644 index 0000000..62618da --- /dev/null +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveRSA.java @@ -0,0 +1,36 @@ +package com.alibaba.confidentialcomputing.test.host; + +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import com.alibaba.confidentialcomputing.test.common.RSAService; +import org.junit.jupiter.api.Test; + +import java.util.Iterator; + +import static org.junit.jupiter.api.Assertions.*; +import static org.junit.jupiter.api.Assertions.assertEquals; + +public class TestEnclaveRSA { + @Test + public void testRSAService() throws Exception { + String plaintext = "Hello World!!!"; + EnclaveType[] types = new EnclaveType[]{ + EnclaveType.MOCK_IN_JVM, + EnclaveType.MOCK_IN_SVM, + EnclaveType.TEE_SDK, + EnclaveType.EMBEDDED_LIB_OS}; + + for (EnclaveType type : types) { + Enclave enclave = EnclaveFactory.create(type); + assertNotNull(enclave); + Iterator<RSAService> userServices = enclave.load(RSAService.class); + assertNotNull(userServices); + assertTrue(userServices.hasNext()); + RSAService service = userServices.next(); + String result = service.encryptAndDecryptWithPlaintext(plaintext); + assertEquals(plaintext, result); + enclave.destroy(); + } + } +} diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveReflection.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveReflection.java new file mode 100644 index 0000000..6fd03ad --- /dev/null +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveReflection.java @@ -0,0 +1,38 @@ +package com.alibaba.confidentialcomputing.test.host; + +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import com.alibaba.confidentialcomputing.host.exception.EnclaveCreatingException; +import com.alibaba.confidentialcomputing.host.exception.EnclaveDestroyingException; +import com.alibaba.confidentialcomputing.host.exception.ServicesLoadingException; +import com.alibaba.confidentialcomputing.test.common.ReflectionCallService; +import org.junit.jupiter.api.Test; + +import java.util.Iterator; + +import static org.junit.jupiter.api.Assertions.*; +import static org.junit.jupiter.api.Assertions.assertEquals; + +public class TestEnclaveReflection { + + private void reflectionCallService(EnclaveType type) throws EnclaveCreatingException, ServicesLoadingException, EnclaveDestroyingException { + Enclave enclave = EnclaveFactory.create(type); + assertNotNull(enclave); + Iterator<ReflectionCallService> userServices = enclave.load(ReflectionCallService.class); + assertNotNull(userServices); + assertTrue(userServices.hasNext()); + ReflectionCallService service = userServices.next(); + assertEquals(20, service.add(2, 18)); + assertEquals(-20, service.sub(2, 22)); + enclave.destroy(); + } + + @Test + public void testReflectionCallService() throws Exception { + reflectionCallService(EnclaveType.MOCK_IN_JVM); + reflectionCallService(EnclaveType.MOCK_IN_SVM); + reflectionCallService(EnclaveType.TEE_SDK); + reflectionCallService(EnclaveType.EMBEDDED_LIB_OS); + } +} diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveSHA.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveSHA.java new file mode 100644 index 0000000..9faa20a --- /dev/null +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveSHA.java @@ -0,0 +1,51 @@ +package com.alibaba.confidentialcomputing.test.host; + +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import com.alibaba.confidentialcomputing.test.common.SHAService; +import org.junit.jupiter.api.Test; + +import java.math.BigInteger; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.util.Iterator; + +import static org.junit.jupiter.api.Assertions.*; + +public class TestEnclaveSHA { + private String encryptSHA(String plaintext, String SHAType) throws NoSuchAlgorithmException { + MessageDigest md = MessageDigest.getInstance(SHAType); + byte[] messageDigest = md.digest(plaintext.getBytes()); + BigInteger no = new BigInteger(1, messageDigest); + String hashtext = no.toString(16); + while (hashtext.length() < 32) { + hashtext = "0" + hashtext; + } + return hashtext; + } + + @Test + public void testEnclaveSHA() throws Exception { + String plaintext = "Hello World!!!"; + EnclaveType[] types = new EnclaveType[]{ + EnclaveType.MOCK_IN_JVM, + EnclaveType.MOCK_IN_SVM, + EnclaveType.TEE_SDK, + EnclaveType.EMBEDDED_LIB_OS}; + + for (EnclaveType type : types) { + Enclave enclave = EnclaveFactory.create(type); + assertNotNull(enclave); + Iterator<SHAService> userServices = enclave.load(SHAService.class); + assertNotNull(userServices); + assertTrue(userServices.hasNext()); + SHAService service = userServices.next(); + String result = service.encryptPlaintext(plaintext, "SHA-384"); + assertEquals(encryptSHA(plaintext, "SHA-384"), result); + result = service.encryptPlaintext(plaintext, "SHA-512"); + assertEquals(encryptSHA(plaintext, "SHA-512"), result); + enclave.destroy(); + } + } +} diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveServiceGC.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveServiceGC.java new file mode 100644 index 0000000..419168c --- /dev/null +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveServiceGC.java @@ -0,0 +1,38 @@ +package com.alibaba.confidentialcomputing.test.host; + +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import com.alibaba.confidentialcomputing.test.common.EnclaveServiceStatistic; +import org.junit.jupiter.api.Test; + +import java.util.Iterator; + +import static org.junit.jupiter.api.Assertions.*; + +public class TestEnclaveServiceGC { + private void enclaveServiceGC(EnclaveType type) throws Exception { + int count = 1001; + Enclave enclave = EnclaveFactory.create(type); + assertNotNull(enclave); + for (int i = 0x0; i < count; i++) { + Iterator<EnclaveServiceStatistic> userServices = enclave.load(EnclaveServiceStatistic.class); + assertNotNull(userServices); + assertTrue(userServices.hasNext()); + } + System.gc(); + Thread.sleep(1000); + System.gc(); + Thread.sleep(1000); + Iterator<EnclaveServiceStatistic> userServices = enclave.load(EnclaveServiceStatistic.class); + assertEquals(1, userServices.next().getEnclaveServiceCount()); + enclave.destroy(); + } + + @Test + public void testEnclaveServiceGC() throws Exception { + enclaveServiceGC(EnclaveType.MOCK_IN_SVM); + enclaveServiceGC(EnclaveType.TEE_SDK); + enclaveServiceGC(EnclaveType.EMBEDDED_LIB_OS); + } +} diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestHelloWorld.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestHelloWorld.java new file mode 100644 index 0000000..e819685 --- /dev/null +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestHelloWorld.java @@ -0,0 +1,41 @@ +package com.alibaba.confidentialcomputing.test.host; + +import com.alibaba.confidentialcomputing.host.Enclave; +import com.alibaba.confidentialcomputing.host.EnclaveFactory; +import com.alibaba.confidentialcomputing.host.EnclaveType; +import com.alibaba.confidentialcomputing.host.exception.EnclaveCreatingException; +import com.alibaba.confidentialcomputing.host.exception.EnclaveDestroyingException; +import com.alibaba.confidentialcomputing.host.exception.RemoteAttestationException; +import com.alibaba.confidentialcomputing.host.exception.ServicesLoadingException; +import com.alibaba.confidentialcomputing.test.common.SayHelloService; +import org.junit.jupiter.api.Test; + +import java.io.IOException; +import java.util.Iterator; + +import static org.junit.jupiter.api.Assertions.*; + +public class TestHelloWorld { + + private String sayHelloService(EnclaveType type, String plain) throws + EnclaveCreatingException, ServicesLoadingException, EnclaveDestroyingException, RemoteAttestationException, IOException { + Enclave enclave = EnclaveFactory.create(type); + assertNotNull(enclave); + Iterator<SayHelloService> userServices = enclave.load(SayHelloService.class); + assertNotNull(userServices); + assertTrue(userServices.hasNext()); + SayHelloService service = userServices.next(); + String result = service.sayHelloService(plain); + assertEquals("Hello World", service.sayHelloWorld()); + enclave.destroy(); + return result; + } + + @Test + public void testSayHelloService() throws Exception { + assertEquals("Hello World", sayHelloService(EnclaveType.MOCK_IN_JVM, "Hello World")); + assertEquals("Hello World", sayHelloService(EnclaveType.MOCK_IN_SVM, "Hello World")); + assertEquals("Hello World", sayHelloService(EnclaveType.TEE_SDK, "Hello World")); + assertEquals("Hello World", sayHelloService(EnclaveType.EMBEDDED_LIB_OS, "Hello World")); + } +} diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestJavaEnclaveService.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestJavaEnclaveService.java deleted file mode 100644 index e01cbfc..0000000 --- a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestJavaEnclaveService.java +++ /dev/null @@ -1,127 +0,0 @@ -package com.alibaba.confidentialcomputing.test.host; - -import java.io.IOException; -import java.util.Iterator; -import java.util.Random; - -import com.alibaba.confidentialcomputing.host.*; -import com.alibaba.confidentialcomputing.host.exception.EnclaveCreatingException; -import com.alibaba.confidentialcomputing.host.exception.EnclaveDestroyingException; -import com.alibaba.confidentialcomputing.host.exception.RemoteAttestationException; -import com.alibaba.confidentialcomputing.host.exception.ServicesLoadingException; -import com.alibaba.confidentialcomputing.test.common.*; - -import org.junit.jupiter.api.Test; - -import static org.junit.jupiter.api.Assertions.*; - -public class TestJavaEnclaveService { - private String sayHelloService(EnclaveType type, String plain) throws - EnclaveCreatingException, ServicesLoadingException, EnclaveDestroyingException, RemoteAttestationException, IOException { - Enclave enclave = EnclaveFactory.create(type); - assertNotNull(enclave); - Iterator<SayHelloService> userServices = enclave.load(SayHelloService.class); - assertNotNull(userServices); - assertTrue(userServices.hasNext()); - SayHelloService service = userServices.next(); - String result = service.sayHelloService(plain); - assertEquals("Hello World", service.sayHelloWorld()); - enclave.destroy(); - return result; - } - - private void reflectionCallService(EnclaveType type) throws EnclaveCreatingException, ServicesLoadingException, EnclaveDestroyingException { - Enclave enclave = EnclaveFactory.create(type); - assertNotNull(enclave); - Iterator<ReflectionCallService> userServices = enclave.load(ReflectionCallService.class); - assertNotNull(userServices); - assertTrue(userServices.hasNext()); - ReflectionCallService service = userServices.next(); - assertEquals(20, service.add(2, 18)); - assertEquals(-20, service.sub(2, 22)); - enclave.destroy(); - } - - private void javaEnclaveException(EnclaveType type) throws EnclaveCreatingException, ServicesLoadingException, EnclaveDestroyingException { - Enclave enclave = EnclaveFactory.create(type); - assertNotNull(enclave); - Iterator<EnclaveException> userServices = enclave.load(EnclaveException.class); - assertNotNull(userServices); - assertTrue(userServices.hasNext()); - EnclaveException service = userServices.next(); - assertThrows(JavaEnclaveException.class, () -> service.enclaveException("JavaEnclave Exception")); - enclave.destroy(); - } - - private void remoteAttestation(EnclaveType type) throws EnclaveCreatingException, RemoteAttestationException, EnclaveDestroyingException { - Enclave enclave = EnclaveFactory.create(type); - assertNotNull(enclave); - byte[] userData = new byte[64]; - new Random().nextBytes(userData); - - SGXAttestationReport report = (SGXAttestationReport) RemoteAttestation.generateAttestationReport(enclave, userData); - assertEquals(report.getEnclaveType(), type); - assertNotNull(report.getQuote()); - assertEquals(0, RemoteAttestation.verifyAttestationReport(report)); - assertNotNull(report.getMeasurementEnclave()); - assertNotNull(report.getMeasurementSigner()); - assertNotNull(report.getUserData()); - assertArrayEquals(userData, report.getUserData()); - enclave.destroy(); - } - - private void enclaveServiceGC(EnclaveType type) throws Exception { - int count = 10001; - Enclave enclave = EnclaveFactory.create(type); - assertNotNull(enclave); - for (int i = 0x0; i < count; i++) { - Iterator<EnclaveServiceStatistic> userServices = enclave.load(EnclaveServiceStatistic.class); - assertNotNull(userServices); - assertTrue(userServices.hasNext()); - } - System.gc(); - Thread.sleep(2000); - System.gc(); - Thread.sleep(2000); - Iterator<EnclaveServiceStatistic> userServices = enclave.load(EnclaveServiceStatistic.class); - assertEquals(1, userServices.next().getEnclaveServiceCount()); - enclave.destroy(); - } - - @Test - public void testSayHelloService() throws Exception { - assertEquals("Hello World", sayHelloService(EnclaveType.MOCK_IN_JVM, "Hello World")); - assertEquals("Hello World", sayHelloService(EnclaveType.MOCK_IN_SVM, "Hello World")); - assertEquals("Hello World", sayHelloService(EnclaveType.TEE_SDK, "Hello World")); - assertEquals("Hello World", sayHelloService(EnclaveType.EMBEDDED_LIB_OS, "Hello World")); - } - - @Test - public void testReflectionCallService() throws Exception { - reflectionCallService(EnclaveType.MOCK_IN_JVM); - reflectionCallService(EnclaveType.MOCK_IN_SVM); - reflectionCallService(EnclaveType.TEE_SDK); - reflectionCallService(EnclaveType.EMBEDDED_LIB_OS); - } - - @Test - public void testJavaEnclaveException() throws Exception { - javaEnclaveException(EnclaveType.MOCK_IN_JVM); - javaEnclaveException(EnclaveType.MOCK_IN_SVM); - javaEnclaveException(EnclaveType.TEE_SDK); - javaEnclaveException(EnclaveType.EMBEDDED_LIB_OS); - } - - @Test - public void testRemoteAttestation() throws Exception { - remoteAttestation(EnclaveType.TEE_SDK); - remoteAttestation(EnclaveType.EMBEDDED_LIB_OS); - } - - @Test - public void testEnclaveServiceGC() throws Exception { - enclaveServiceGC(EnclaveType.MOCK_IN_SVM); - enclaveServiceGC(EnclaveType.TEE_SDK); - enclaveServiceGC(EnclaveType.EMBEDDED_LIB_OS); - } -} diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestRemoteAttestation.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestRemoteAttestation.java new file mode 100644 index 0000000..3c625db --- /dev/null +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestRemoteAttestation.java @@ -0,0 +1,37 @@ +package com.alibaba.confidentialcomputing.test.host; + +import com.alibaba.confidentialcomputing.host.*; +import com.alibaba.confidentialcomputing.host.exception.EnclaveCreatingException; +import com.alibaba.confidentialcomputing.host.exception.EnclaveDestroyingException; +import com.alibaba.confidentialcomputing.host.exception.RemoteAttestationException; +import org.junit.jupiter.api.Test; + +import java.util.Random; + +import static org.junit.jupiter.api.Assertions.*; + +public class TestRemoteAttestation { + + private void remoteAttestation(EnclaveType type) throws EnclaveCreatingException, RemoteAttestationException, EnclaveDestroyingException { + Enclave enclave = EnclaveFactory.create(type); + assertNotNull(enclave); + byte[] userData = new byte[64]; + new Random().nextBytes(userData); + + SGXAttestationReport report = (SGXAttestationReport) RemoteAttestation.generateAttestationReport(enclave, userData); + assertEquals(report.getEnclaveType(), type); + assertNotNull(report.getQuote()); + assertEquals(0, RemoteAttestation.verifyAttestationReport(report)); + assertNotNull(report.getMeasurementEnclave()); + assertNotNull(report.getMeasurementSigner()); + assertNotNull(report.getUserData()); + assertArrayEquals(userData, report.getUserData()); + enclave.destroy(); + } + + @Test + public void testRemoteAttestation() throws Exception { + remoteAttestation(EnclaveType.TEE_SDK); + remoteAttestation(EnclaveType.EMBEDDED_LIB_OS); + } +} --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
