This is an automated email from the ASF dual-hosted git repository. shaojunwang pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/incubator-teaclave-java-tee-sdk.git
commit 13e5e59baedb4b4ef5ac12b3ad1a14174212c5b0 Author: jeffery.wsj <[email protected]> AuthorDate: Tue Aug 23 17:58:40 2022 +0800 [sdk] Format JavaEnclave Summary: Format JavaEnclave according to IDE warning indication. Test Plan: all tests pass Reviewers: lei.yul, cengfeng.lzy, sanhong.lsh Issue: https://aone.alibaba-inc.com/task/44348442 CR: https://code.aone.alibaba-inc.com/java-tee/JavaEnclave/codereview/9865499 --- .../benchmark/guomi/host/GuoMiBenchMark.java | 19 +++---- .../benchmark/string/host/StringBenchMark.java | 26 +++++----- .../springboot/enclave/EnclaveServiceImpl.java | 3 +- .../enclave/NativeCommandUtil.java | 5 +- .../enclave/SUNECReplaceFeature.java | 4 +- .../enclave/agent/EnclaveAgent.java | 18 +++---- .../enclave/agent/EnclaveAgentServiceImpl.java | 6 +-- .../enclave/agent/EnclaveShutDown.java | 2 +- sdk/host/docs/Configuration.md | 58 +++++++++++----------- .../host/AbstractEnclave.java | 2 +- .../host/AttestationReport.java | 3 +- .../host/EmbeddedLibOSAttestationReport.java | 5 +- .../host/EmbeddedLibOSEnclave.java | 37 ++++++-------- .../host/EmbeddedLibOSEnclaveConfigure.java | 16 +++--- .../host/EnclaveConfigure.java | 11 ++-- .../confidentialcomputing/host/EnclaveDebug.java | 2 +- .../confidentialcomputing/host/EnclaveFactory.java | 9 ++-- .../confidentialcomputing/host/EnclaveInfo.java | 8 +-- .../host/EnclaveInfoMXBean.java | 6 +-- .../host/EnclaveInfoManager.java | 24 ++++++++- .../host/EnclaveServicesRecycler.java | 2 +- .../confidentialcomputing/host/EnclaveToken.java | 6 +-- .../confidentialcomputing/host/EnclaveType.java | 3 +- .../confidentialcomputing/host/ExtractLibrary.java | 6 +-- .../confidentialcomputing/host/MetricTrace.java | 22 ++++++-- .../host/MetricTraceContext.java | 4 +- .../host/MockEnclaveInfo.java | 10 ++-- .../host/MockInJvmEnclave.java | 10 ++-- .../host/MockInSvmEnclave.java | 10 ++-- .../host/MockInSvmEnclaveConfigure.java | 4 +- .../host/ProxyEnclaveInvocationHandler.java | 4 +- .../host/ProxyMockJvmInvocationHandler.java | 7 ++- .../host/RemoteAttestation.java | 2 +- .../host/RemoteAttestationVerifyResult.java | 8 +-- .../confidentialcomputing/host/SGXEnclaveInfo.java | 10 ++-- .../host/SGXRemoteAttestationVerify.java | 4 +- .../host/TeeSdkAttestationReport.java | 2 +- .../confidentialcomputing/host/TeeSdkEnclave.java | 11 ++-- .../host/TeeSdkEnclaveConfigure.java | 4 +- .../exception/EnclaveNativeInvokingException.java | 2 +- .../exception/MetricTraceLogWriteException.java | 4 +- .../host/MockTestEnclave.java | 19 +++---- .../confidentialcomputing/host/ServiceImpl.java | 2 +- .../host/TestAbstractEnclave.java | 2 +- .../host/TestRemoteAttestation.java | 7 ++- .../script/build_app/create_tee_sdk_configure.sh | 8 +-- .../test/common/AESSealedTest.java | 6 +-- .../test/enclave/AESUtil.java | 12 ++--- .../test/enclave/ConcurrencyCalculateImpl.java | 2 +- .../test/enclave/ReflectionCallServiceImpl.java | 8 +-- .../test/enclave/SHAServiceImpl.java | 8 +-- .../test/enclave/SM2ServiceImpl.java | 5 +- .../test/enclave/SM3ServiceImpl.java | 2 +- .../test/enclave/SM4ServiceImpl.java | 19 ++----- .../test/host/TestEnclaveConcurrency.java | 36 ++++++-------- .../test/host/TestEnclaveInfo.java | 8 +-- .../test/host/TestEnclaveInfoMXBean.java | 26 ++++------ .../test/host/TestEnclaveSHA.java | 8 +-- .../test/host/TestHelloWorld.java | 4 +- 59 files changed, 291 insertions(+), 290 deletions(-) diff --git a/benchmark/guomi/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/host/GuoMiBenchMark.java b/benchmark/guomi/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/host/GuoMiBenchMark.java index cbc048c..8f6df04 100644 --- a/benchmark/guomi/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/host/GuoMiBenchMark.java +++ b/benchmark/guomi/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/guomi/host/GuoMiBenchMark.java @@ -11,6 +11,7 @@ import org.openjdk.jmh.runner.RunnerException; import org.openjdk.jmh.runner.options.Options; import org.openjdk.jmh.runner.options.OptionsBuilder; +import java.util.Objects; import java.util.concurrent.TimeUnit; @BenchmarkMode(Mode.AverageTime) @@ -21,13 +22,8 @@ import java.util.concurrent.TimeUnit; @State(value = Scope.Thread) @OutputTimeUnit(TimeUnit.MILLISECONDS) public class GuoMiBenchMark { - private int sm2Weight = 10; - private int sm3Weight = 20_000; - private int sm4Weight = 300; - private String sm2Context = "[email protected]"; - private String sm3Context = "Hello World!"; - private String sm4Context = "word1, word2 word3@word4?word5.word6"; + public final String sm3Context = "Hello World!"; @Param(value = {"MOCK_IN_JVM", "MOCK_IN_SVM", "TEE_SDK", "EMBEDDED_LIB_OS"}) private String enclaveServiceInstance; @@ -99,15 +95,20 @@ public class GuoMiBenchMark { break; } + int sm2Weight = 10; + int sm3Weight = 20_000; + int sm4Weight = 300; + String sm2Context = "[email protected]"; + String sm4Context = "word1, word2 word3@word4?word5.word6"; switch (smAlgo) { case "SM2": - service.sm2Service(sm2Context, sm2Weight); + Objects.requireNonNull(service).sm2Service(sm2Context, sm2Weight); break; case "SM3": - service.sm3Service(sm3Context, sm3Weight); + Objects.requireNonNull(service).sm3Service(sm3Context, sm3Weight); break; case "SM4": - service.sm4Service(sm4Context, sm4Weight); + Objects.requireNonNull(service).sm4Service(sm4Context, sm4Weight); break; } } diff --git a/benchmark/string/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/host/StringBenchMark.java b/benchmark/string/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/host/StringBenchMark.java index f035f9b..7d4baf8 100644 --- a/benchmark/string/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/host/StringBenchMark.java +++ b/benchmark/string/host/src/main/java/com/alibaba/confidentialcomputing/benchmark/string/host/StringBenchMark.java @@ -11,6 +11,7 @@ import org.openjdk.jmh.runner.RunnerException; import org.openjdk.jmh.runner.options.Options; import org.openjdk.jmh.runner.options.OptionsBuilder; +import java.util.Objects; import java.util.concurrent.TimeUnit; @BenchmarkMode(Mode.AverageTime) @@ -21,22 +22,12 @@ import java.util.concurrent.TimeUnit; @State(value = Scope.Thread) @OutputTimeUnit(TimeUnit.MILLISECONDS) public class StringBenchMark { - private int regexWeight = 5000; - private int concatWeight = 50_000; - private int splitWeight = 5000; @Param(value = {"MOCK_IN_JVM", "MOCK_IN_SVM", "TEE_SDK", "EMBEDDED_LIB_OS"}) private String enclaveServiceInstance; @Param(value = {"regex", "concat", "split"}) private String stringOpt; - private String regexContext = "[email protected]"; - private String regexPattern = "^[\\w._]+@\\w+\\.[a-zA-Z]+$"; - private String concatContext = "Hello World!"; - private String concatPattern = "abc"; - private String splitContext = "word1, word2 word3@word4?word5.word6"; - private String splitPattern = "[, ?.@]+"; - @State(Scope.Thread) public static class EnclaveBenchmark { private Enclave mockJVMEnclave = null; @@ -102,15 +93,24 @@ public class StringBenchMark { break; } + int regexWeight = 5000; + int concatWeight = 50_000; + int splitWeight = 5000; + String regexContext = "[email protected]"; + String regexPattern = "^[\\w._]+@\\w+\\.[a-zA-Z]+$"; + String concatContext = "Hello World!"; + String concatPattern = "abc"; + String splitContext = "word1, word2 word3@word4?word5.word6"; + String splitPattern = "[, ?.@]+"; switch (stringOpt) { case "regex": - service.stringRegex(regexContext, regexPattern, regexWeight); + Objects.requireNonNull(service).stringRegex(regexContext, regexPattern, regexWeight); break; case "concat": - service.stringConcat(concatContext, concatPattern, concatWeight); + Objects.requireNonNull(service).stringConcat(concatContext, concatPattern, concatWeight); break; case "split": - service.stringSplit(splitContext, splitPattern, splitWeight); + Objects.requireNonNull(service).stringSplit(splitContext, splitPattern, splitWeight); break; } } diff --git a/samples/springboot/enclave/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/enclave/EnclaveServiceImpl.java b/samples/springboot/enclave/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/enclave/EnclaveServiceImpl.java index 95ae4e7..84ffa34 100644 --- a/samples/springboot/enclave/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/enclave/EnclaveServiceImpl.java +++ b/samples/springboot/enclave/src/main/java/com/alibaba/confidentialcomputing/samples/springboot/enclave/EnclaveServiceImpl.java @@ -20,6 +20,7 @@ import java.math.BigInteger; import java.security.*; import java.security.spec.ECGenParameterSpec; import java.util.Base64; +import java.util.Objects; @AutoService(SBEnclaveService.class) public class EnclaveServiceImpl implements SBEnclaveService { @@ -97,6 +98,6 @@ public class EnclaveServiceImpl implements SBEnclaveService { @Override public String encryptAndDecryptData(String data) { - return new String(decoder(encode(data, publicKey), privateKey)); + return new String(Objects.requireNonNull(decoder(encode(data, publicKey), privateKey))); } } diff --git a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/NativeCommandUtil.java b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/NativeCommandUtil.java index a5afe9f..f902231 100644 --- a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/NativeCommandUtil.java +++ b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/NativeCommandUtil.java @@ -7,7 +7,6 @@ import java.nio.charset.StandardCharsets; import java.nio.file.Path; import java.nio.file.Paths; import java.util.List; -import java.util.stream.Collectors; public class NativeCommandUtil { public static final Path GRAALVM_HOME = Paths.get(System.getenv("GRAALVM_HOME")); @@ -18,7 +17,7 @@ public class NativeCommandUtil { } ProcessBuilder pb = new ProcessBuilder(command).directory(workDir.toFile()); pb.redirectErrorStream(true); - String oneLineCommand = command.stream().collect(Collectors.joining(" ")); + String oneLineCommand = String.join(" ", command); System.out.println(oneLineCommand); Process p = null; try { @@ -33,7 +32,7 @@ public class NativeCommandUtil { int exitCode = p.waitFor(); if (exitCode != 0) { throw new RuntimeException("Failed to execute command:\n " + oneLineCommand + - "\n Working directory is :" + workDir.toString() + "\n The exit code is " + exitCode+ + "\n Working directory is :" + workDir + "\n The exit code is " + exitCode+ "\n"); } return 0; diff --git a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/SUNECReplaceFeature.java b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/SUNECReplaceFeature.java index b160a55..072f144 100644 --- a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/SUNECReplaceFeature.java +++ b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/SUNECReplaceFeature.java @@ -82,8 +82,8 @@ public class SUNECReplaceFeature extends JNIRegistrationUtil implements Feature // LibCBase instance has been set in LibCFeature#afterRegistration, so it's safe to get it now. command.add(LibCBase.singleton().getTargetCompiler()); command.add("-fPIC"); - command.add("-I" + GRAALVM_HOME.resolve("include").toAbsolutePath().toString()); - command.add("-I" + GRAALVM_HOME.resolve("include/linux").toAbsolutePath().toString()); + command.add("-I" + GRAALVM_HOME.resolve("include").toAbsolutePath()); + command.add("-I" + GRAALVM_HOME.resolve("include/linux").toAbsolutePath()); command.add("-I."); command.add("-L."); command.add("ECC_JNI.c"); diff --git a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveAgent.java b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveAgent.java index 3cf96df..1dc7e58 100644 --- a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveAgent.java +++ b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveAgent.java @@ -12,13 +12,13 @@ import java.io.InputStream; import java.io.OutputStream; import java.net.InetSocketAddress; import java.net.Socket; +import java.util.Objects; import java.util.concurrent.Executors; -import java.util.concurrent.ThreadFactory; class EnclaveAgent { private static final String HTTP_EXECUTE_THREAD_NAME = "enclave_http_remote_invoking_thread"; private static final String HTTP_SERVER_NAME = "/enclaveAgent"; - private static volatile EnclaveAgentServiceImpl service = new EnclaveAgentServiceImpl(); + private static final EnclaveAgentServiceImpl service = new EnclaveAgentServiceImpl(); private static volatile HttpServer httpServer = null; // socket service port is from host side. @@ -40,13 +40,11 @@ class EnclaveAgent { // create http connection and wait for request from host. httpServer = HttpServer.create(new InetSocketAddress(portEnclave), 0); httpServer.createContext(HTTP_SERVER_NAME, new EnclaveHttpHandler()); - httpServer.setExecutor(Executors.newScheduledThreadPool(threadPoolSize, new ThreadFactory() { - public Thread newThread(Runnable r) { - Thread thread = new Thread(r); - thread.setName(HTTP_EXECUTE_THREAD_NAME); - thread.setDaemon(true); - return thread; - } + httpServer.setExecutor(Executors.newScheduledThreadPool(threadPoolSize, r -> { + Thread thread = new Thread(r); + thread.setName(HTTP_EXECUTE_THREAD_NAME); + thread.setDaemon(true); + return thread; })); httpServer.start(); // notify host that enclave jvm had started up. @@ -79,7 +77,7 @@ class EnclaveAgent { e.printStackTrace(); } - switch (context.getAgentServiceName()) { + switch (Objects.requireNonNull(context).getAgentServiceName()) { case SocketEnclaveInvocationContext.SERVICE_LOADING: writeBackResponse(exchange, service.loadService(context.getServiceHandler().getServiceInterfaceName())); break; diff --git a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveAgentServiceImpl.java b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveAgentServiceImpl.java index f396873..d407ca5 100644 --- a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveAgentServiceImpl.java +++ b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveAgentServiceImpl.java @@ -32,7 +32,7 @@ public class EnclaveAgentServiceImpl { ret.setCost(System.nanoTime() - start); try { return SerializationHelper.serialize(ret); - } catch (IOException ex) { + } catch (IOException ignored) { } return null; } @@ -63,7 +63,7 @@ public class EnclaveAgentServiceImpl { } catch (IOException e) { try { return SerializationHelper.serialize(new EnclaveInvocationResult(null, e)); - } catch (IOException ex) { + } catch (IOException ignored) { } } return null; @@ -73,7 +73,7 @@ public class EnclaveAgentServiceImpl { EnclaveShutDown.shutDownNotify(); try { return SerializationHelper.serialize(new EnclaveInvocationResult(true, null)); - } catch (IOException e) { + } catch (IOException ignored) { } return null; } diff --git a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveShutDown.java b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveShutDown.java index b448c9f..cd8538e 100644 --- a/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveShutDown.java +++ b/sdk/enclave/src/main/java/com/alibaba/confidentialcomputing/enclave/agent/EnclaveShutDown.java @@ -5,7 +5,7 @@ import java.util.concurrent.LinkedBlockingQueue; class EnclaveShutDown { private static final int SHUTDOWN_DELAY_DURATION = 1000; // TimeUnit.MilliSecond - private static BlockingQueue<Integer> queue = new LinkedBlockingQueue<>(); + private static final BlockingQueue<Integer> queue = new LinkedBlockingQueue<>(); static void shutDownNotify() { boolean interrupted = false; diff --git a/sdk/host/docs/Configuration.md b/sdk/host/docs/Configuration.md index ef1ddf2..11ff31d 100644 --- a/sdk/host/docs/Configuration.md +++ b/sdk/host/docs/Configuration.md @@ -4,14 +4,14 @@ JavaEnclave provides a `java_enclave_configure.json` template file for user to set customized parameters. It provides six parameters: -| key | value(default) | illustation | -|--------------------------------| ------------ |--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| debuggable | false | Allow `TEE_SDK` Enclave or `EMBEDDED_LIB_OS` Enclave to be debuggable or not, debuggable mode help to debug. Should make it to be not debuggable when the project is online service for security. | -| enclave_type | TEE_SDK | When creating an enclave instance with method `EnclaveFactory.create()`, TEE_SDK kind of Enclave will be created by default, key `enclave_type` could be one of `MOCK_IN_JVM` `MOCK_IN_SVM` `TEE_SDK` `EMBEDDED_LIB_OS`. | -| metric_trace_enable | false | Enable JavaEnclave performance metric or not. | -| metric_trace_file_path | "" | Customized JavaEnclave metric log file path. JavaEnclave Metric feature could help to measure the cost of every service invocation and service loading/unloading. | -| enclave_max_thread | 50 | The max thread number ecalls into `TEE_SDK` Enclave or `EMBEDDED_LIB_OS` Enclave. | -| enclave_max_epc_memory_size_MB | 1500 | The max physical epc memory size in `TEE_SDK`, `EMBEDDED_LIB_OS` Enclave | +| key | value(default) | illustration | +|--------------------------------|----------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| debuggable | false | Allow `TEE_SDK` Enclave or `EMBEDDED_LIB_OS` Enclave to be debuggable or not, debuggable mode help to debug. Should make it to be not debuggable when the project is online service for security. | +| enclave_type | TEE_SDK | When creating an enclave instance with method `EnclaveFactory.create()`, TEE_SDK kind of Enclave will be created by default, key `enclave_type` could be one of `MOCK_IN_JVM` `MOCK_IN_SVM` `TEE_SDK` `EMBEDDED_LIB_OS`. | +| metric_trace_enable | false | Enable JavaEnclave performance metric or not. | +| metric_trace_file_path | "" | Customized JavaEnclave metric log file path. JavaEnclave Metric feature could help to measure the cost of every service invocation and service loading/unloading. | +| enclave_max_thread | 50 | The max thread number which enclave allows to be e-called into `TEE_SDK` Enclave or `EMBEDDED_LIB_OS` Enclave. | +| enclave_max_epc_memory_size_MB | 1500 | The max physical epc memory size in `TEE_SDK`, `EMBEDDED_LIB_OS` Enclave | `debuggable`、`enclave_type`、`metric_trace_enable` and `metric_trace_file_path`could also be set by -Dproperty way. But`enclave_max_thread ` and `enclave_max_epc_memory_size_MB `could only be changed or set by java_enclave_configure.json file in enclave submodule's resource dir. @@ -19,12 +19,12 @@ JavaEnclave provides a `java_enclave_configure.json` template file for user to s JavaEnclave provides some customized property setting for different scene. -| property | value | illustration | -| ------------ | ------------ | ------------ | -| com.alibaba.enclave.type | MOCK_IN_JVMMOCK_IN_SVM/TEE_SDK/EMBEDDED_LIB_OS | same as be described in Configure file | -| com.alibaba.enclave.debuggable | true/false | same as be described in Configure file | -| com.alibaba.enclave.metric.enable | true/false | same as be described in Configure file | -| com.alibaba.enclave.metric.log | customized metric log file path | same as be described in Configure file | +| property | value | illustration | +|-----------------------------------|-------------------------------------------------|----------------------------------------| +| com.alibaba.enclave.type | MOCK_IN_JVM/MOCK_IN_SVM/TEE_SDK/EMBEDDED_LIB_OS | same as be described in Configure file | +| com.alibaba.enclave.debuggable | true/false | same as be described in Configure file | +| com.alibaba.enclave.metric.enable | true/false | same as be described in Configure file | +| com.alibaba.enclave.metric.log | customized metric log file path | same as be described in Configure file | ### MOCK_IN_SVM Enclave Property Configuration Setting @@ -34,22 +34,22 @@ JavaEnclave provides some customized property setting for different scene. ### TEE_SDK Enclave Property Configuration Setting -| property | value | illustration | -|-----------------------------------------------|-------------|-----------------------------------------------------------------------------------| -| com.alibaba.enclave.teesdk.symbol.trace | true(false) | help to trace undefined symbols invocation in TEE_SDK, default value is unenable. | -| com.alibaba.enclave.teesdk.maxheap_MB | | gc max heap size(MB) in tee sdk enclave. | +| property | value | illustration | +|-----------------------------------------|-------------|----------------------------------------------------------------------------------| +| com.alibaba.enclave.teesdk.symbol.trace | true(false) | help to trace undefined symbols invocation in TEE_SDK, default value is disable. | +| com.alibaba.enclave.teesdk.maxheap_MB | | gc max heap size(MB) in tee sdk enclave. | ### EMBEDDED_LIB_OS Enclave Property Configuration Setting -| property | value | illustration | -|-------------------------------------------------| ------------ | ------------ | -| com.alibaba.enclave.agent.thread.pool.size | 5 | agent http server thread pool size in enclave, default value is 5. | -| com.alibaba.enclave.embedded.startup.timeout_ms | 60000 | the max startup timeout for libos enclave startup, default timeout is 60000ms. | -| com.alibaba.enclave.embedded.keepalive.timeout_s | 300 | enclave agent http long connection keep alive timeout, default timeout is 300s. | -| com.alibaba.enclave.embedded.keepalive.max | 100 | max agent http router, default number is 100. | -| com.alibaba.enclave.embedded.connect.timeout_ms | 1000 | agent http connection timeout, default is 1000ms. | -| com.alibaba.enclave.embedded.read.timeout_ms | 2000 | agent http reading timeout, default is 2000ms. | -| com.alibaba.enclave.embedded.ra.timeout_ms | 10000 | embedded libos remote attestation generation and verification timeout, default is 10000ms. | -| com.alibaba.enclave.embedded.log.level | "off" | enable enclave log or not, default is off. | -| com.alibaba.enclave.embedded.jvm.args | "-Dsun.net.httpserver.nodelay=true, -XX:-UseCompressedOops, -Xmx800m, -Dos.name=Linux" | jvm's startup args in embedded libos enclave. | +| property | value | illustration | +|--------------------------------------------------|-------------------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------| +| com.alibaba.enclave.agent.thread.pool.size | 5 | agent http server thread pool size in enclave, default value is 5. | +| com.alibaba.enclave.embedded.startup.timeout_ms | 60000 | the max startup timeout for lib os enclave startup, default timeout is 60000ms. | +| com.alibaba.enclave.embedded.keepalive.timeout_s | 300 | enclave agent http long connection keep alive timeout, default timeout is 300s. | +| com.alibaba.enclave.embedded.keepalive.max | 100 | max agent http router, default number is 100. | +| com.alibaba.enclave.embedded.connect.timeout_ms | 1000 | agent http connection timeout, default is 1000ms. | +| com.alibaba.enclave.embedded.read.timeout_ms | 2000 | agent http reading timeout, default is 2000ms. | +| com.alibaba.enclave.embedded.ra.timeout_ms | 10000 | embedded lib os remote attestation generation and verification timeout, default is 10000ms. | +| com.alibaba.enclave.embedded.log.level | "off" | enable enclave log or not, default is off. | +| com.alibaba.enclave.embedded.jvm.args | "-Dsun.net.httpserver.nodelay=true, -XX:-UseCompressedOops, -Xmx800m, -Dos.name=Linux" | jvm's startup args in embedded lib os enclave. | diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/AbstractEnclave.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/AbstractEnclave.java index 30142a3..0fb5109 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/AbstractEnclave.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/AbstractEnclave.java @@ -204,7 +204,7 @@ abstract class AbstractEnclave implements Enclave { * enclave type and debug mode, and each enclave instance has a service * resource recycle processor. */ - class EnclaveContext { + static class EnclaveContext { // enclave's type. private final EnclaveType type; // enclave's debug mode. diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/AttestationReport.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/AttestationReport.java index 9847907..c7c3d6d 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/AttestationReport.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/AttestationReport.java @@ -3,7 +3,7 @@ package com.alibaba.confidentialcomputing.host; import java.io.Serializable; /** - * AttestationReport wraps enclave's type and generated remote attestation report. + * AttestationReport includes an enclave's type and generated remote attestation report. */ public class AttestationReport implements Serializable { private static final long serialVersionUID = -2781780414647128479L; @@ -60,7 +60,6 @@ public class AttestationReport implements Serializable { byte[] report = new byte[attestationReport.length - 1]; switch (attestationReport[0]) { case 0: - enclaveType = EnclaveType.NONE; break; case 1: enclaveType = EnclaveType.MOCK_IN_JVM; diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSAttestationReport.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSAttestationReport.java index 1913119..bd15b8f 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSAttestationReport.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSAttestationReport.java @@ -1,9 +1,10 @@ package com.alibaba.confidentialcomputing.host; /** - * EmbeddedLibOSAttestationReport parse more details information from a lib os embedded type enclave's remote attestation report. + * EmbeddedLibOSAttestationReport includes more detail information of remote attestation report + * for lib_os_embedded type enclave. */ -public final class EmbeddedLibOSAttestationReport extends SGXAttestationReport { +final class EmbeddedLibOSAttestationReport extends SGXAttestationReport { EmbeddedLibOSAttestationReport(byte[] quote, byte[] mrSigner, byte[] mrEnclave, byte[] userData) { super(EnclaveType.EMBEDDED_LIB_OS, quote, mrSigner, mrEnclave, userData); } diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSEnclave.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSEnclave.java index 867e3c0..33c8bb1 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSEnclave.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSEnclave.java @@ -10,11 +10,11 @@ import com.alibaba.confidentialcomputing.common.*; import com.alibaba.confidentialcomputing.host.exception.*; /** - * EmbeddedLibOSEnclave is a sgx2 enclave based on Ant's Occlum libos. + * EmbeddedLibOSEnclave is a sgx2 enclave based on Ant's Occlum lib_os. * EmbeddedLibOSEnclave is a singleton object module, there is only one * EmbeddedLibOSEnclave object in a process. */ -public class EmbeddedLibOSEnclave extends AbstractEnclave { +final class EmbeddedLibOSEnclave extends AbstractEnclave { private static final String EMBEDDED_LIB_OS_ENCLAVE_STARTUP_THREAD_NAME = "lib_os_enclave_agent_thread"; private static final String HTTP_SERVER_PREFIX = "http://localhost:";; private static final String HTTP_SERVER_NAME = "/enclaveAgent"; @@ -26,16 +26,15 @@ public class EmbeddedLibOSEnclave extends AbstractEnclave { // enclaveHandle stores created enclave's handle id. private long enclaveHandle; - private int portHost; - private int portEnclave; - private URL url; - private String httpURL; - private SGXEnclaveInfo enclaveInfo; + private final int portHost; + private final int portEnclave; + private final URL url; + private final SGXEnclaveInfo enclaveInfo; - static EmbeddedLibOSEnclave getEmbeddedLibOSEnclaveInstance(EnclaveDebug mode, EnclaveSimulate sim) throws EnclaveCreatingException { + static EmbeddedLibOSEnclave getEmbeddedLibOSEnclaveInstance(EnclaveDebug mode) throws EnclaveCreatingException { synchronized (EmbeddedLibOSEnclave.class) { if (singleInstance == null) { - singleInstance = new EmbeddedLibOSEnclave(mode, sim); + singleInstance = new EmbeddedLibOSEnclave(mode, EnclaveSimulate.HARDWARE); } return singleInstance; } @@ -72,7 +71,7 @@ public class EmbeddedLibOSEnclave extends AbstractEnclave { try { portHost = getFreePort(); portEnclave = getFreePort(); - httpURL = HTTP_SERVER_PREFIX + portEnclave + HTTP_SERVER_NAME; + String httpURL = HTTP_SERVER_PREFIX + portEnclave + HTTP_SERVER_NAME; url = new URL(httpURL); // Attach to target enclave service by rmi. attachToEnclaveAgent(mode, sim); @@ -94,16 +93,14 @@ public class EmbeddedLibOSEnclave extends AbstractEnclave { } } - private Future<EnclaveCreatingException> startupLibOSEnclaveAsync(EnclaveDebug mode, EnclaveSimulate sim) { + private void startupLibOSEnclaveAsync(EnclaveDebug mode, EnclaveSimulate sim) { // Create embedded lib os enclave by native call asynchronously. // Occlum embedded start up interface is occlum_pal_exec, it blocks until progress exit in enclave. - return Executors.newFixedThreadPool(1, new ThreadFactory() { - public Thread newThread(Runnable r) { - Thread thread = new Thread(r); - thread.setName(EMBEDDED_LIB_OS_ENCLAVE_STARTUP_THREAD_NAME); - thread.setDaemon(true); - return thread; - } + Executors.newFixedThreadPool(1, r -> { + Thread thread = new Thread(r); + thread.setName(EMBEDDED_LIB_OS_ENCLAVE_STARTUP_THREAD_NAME); + thread.setDaemon(true); + return thread; }).submit(() -> { EnclaveCreatingException exception = null; try { @@ -221,8 +218,6 @@ public class EmbeddedLibOSEnclave extends AbstractEnclave { report.getMrSigner(), report.getMrEnclave(), report.getUserData()); - } catch (InterruptedException | IOException | ClassNotFoundException e) { - throw new RemoteAttestationException(e); } catch (Throwable e) { throw new RemoteAttestationException(e); } @@ -252,7 +247,7 @@ public class EmbeddedLibOSEnclave extends AbstractEnclave { } } - class LibOSExtractTempPath { + static class LibOSExtractTempPath { private final String jniTempFilePath; private final String libOsSignedFilePath; diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSEnclaveConfigure.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSEnclaveConfigure.java index 80c3e1f..7877314 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSEnclaveConfigure.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EmbeddedLibOSEnclaveConfigure.java @@ -4,7 +4,7 @@ import java.io.IOException; import java.util.Arrays; import java.util.concurrent.TimeUnit; -class EmbeddedLibOSEnclaveConfigure { +final class EmbeddedLibOSEnclaveConfigure { private final static String AGENT_HTTP_THREAD_POOL_SIZE_PROPERTY = "com.alibaba.enclave.agent.thread.pool.size"; private final static String ENCLAVE_STARTUP_TIMEOUT_MS_PROPERTY = "com.alibaba.enclave.embedded.startup.timeout_ms"; private final static String ENCLAVE_DEBUG_LOG_LEVEL_PROPERTY = "com.alibaba.enclave.embedded.log.level"; @@ -54,11 +54,11 @@ class EmbeddedLibOSEnclaveConfigure { } private void parseThreadPoolSize(String size) { - if (size != null) this.threadPoolSize = Integer.valueOf(size); + if (size != null) this.threadPoolSize = Integer.parseInt(size); } private void parseStartupTimeout(String timeout) { - if (timeout != null) this.startupTimeout = Integer.valueOf(timeout); + if (timeout != null) this.startupTimeout = Integer.parseInt(timeout); } private void parseLogLevel(String logLevel) { @@ -70,23 +70,23 @@ class EmbeddedLibOSEnclaveConfigure { } private void parseHttpConnectTimeout(String args) { - if (args != null) this.agentHttpConnectTimeout = Integer.valueOf(args); + if (args != null) this.agentHttpConnectTimeout = Integer.parseInt(args); } private void parseHttpReadTimeout(String args) { - if (args != null) this.agentHttpReadTimeout = Integer.valueOf(args); + if (args != null) this.agentHttpReadTimeout = Integer.parseInt(args); } private void parseHttpRATimeout(String args) { - if (args != null) this.agentHttpRATimeout = Integer.valueOf(args); + if (args != null) this.agentHttpRATimeout = Integer.parseInt(args); } private void parseHttpKeepAliveTimeout(String args) { - if (args != null) this.agentHttpKeepAliveTimeout = Integer.valueOf(args); + if (args != null) this.agentHttpKeepAliveTimeout = Integer.parseInt(args); } private void parseHttpKeepAliveMax(String args) { - if (args != null) this.agentHttpKeepAliveMax = Integer.valueOf(args); + if (args != null) this.agentHttpKeepAliveMax = Integer.parseInt(args); } boolean isEnclaveDebuggable() { diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveConfigure.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveConfigure.java index fab348c..94e7500 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveConfigure.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveConfigure.java @@ -4,14 +4,14 @@ import org.json.JSONObject; import java.io.File; import java.io.IOException; -import java.nio.charset.Charset; +import java.nio.charset.StandardCharsets; import java.nio.file.Files; import java.text.SimpleDateFormat; import java.util.Date; -class EnclaveConfigure { +final class EnclaveConfigure { private final static double RATIO = 0.8; - private final static long KB = 1 * 1024; + private final static long KB = 1024; private final static long MB = KB * 1024; private final static long GB = MB * 1024; // TEE_SDK/EMBEDDED_LIB_OS/MOCK_IN_JVM/MOCK_IN_SVM @@ -42,7 +42,6 @@ class EnclaveConfigure { private boolean enableMetricTrace = false; // config metric trace file path. private String metricTraceFilePath = DEFAULT_METRIC_LOG_PATH; - private String configFilePath; private int maxEnclaveThreadNum = 50; private long maxEnclaveEPCMemorySize = 1500 * MB; private long referenceEnclaveMaxHeapSize = (long) (maxEnclaveEPCMemorySize * RATIO); @@ -97,7 +96,7 @@ class EnclaveConfigure { private void parseConfigureFile(String path) throws IOException { File file = new File(path); - String content = Files.readString(file.toPath(), Charset.forName("UTF-8")); + String content = Files.readString(file.toPath(), StandardCharsets.UTF_8); JSONObject jsonObject = new JSONObject(content); this.debuggable = jsonObject.getBoolean(ENCLAVE_DEBUGGABLE_CONFIG_FILE_KEY); parseEnclaveType(jsonObject.getString(ENCLAVE_TYPE_CONFIG_FILE_KEY)); @@ -115,7 +114,7 @@ class EnclaveConfigure { private void parseUserConfigureFile() throws IOException { // only parse configure file when it exists in .jar. if (ExtractLibrary.isFileExist(EnclaveConfigure.class.getClassLoader(), JAVA_ENCLAVE_CONFIG_FILE)) { - configFilePath = ExtractLibrary.extractLibrary(EnclaveConfigure.class.getClassLoader(), JAVA_ENCLAVE_CONFIG_FILE); + String configFilePath = ExtractLibrary.extractLibrary(EnclaveConfigure.class.getClassLoader(), JAVA_ENCLAVE_CONFIG_FILE); parseConfigureFile(configFilePath); } } diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveDebug.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveDebug.java index c0f2156..bf8ab83 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveDebug.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveDebug.java @@ -3,7 +3,7 @@ package com.alibaba.confidentialcomputing.host; /** * An enumeration of enclave debug mode. */ -public enum EnclaveDebug { +enum EnclaveDebug { /** * For MOCK_IN_JVM and MOCK_IN_SVM, there is no real enclave environment. */ diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveFactory.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveFactory.java index 7bc1078..ab0e0b7 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveFactory.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveFactory.java @@ -13,9 +13,8 @@ import java.io.IOException; * From software's point, there are SGX-SDK, OpenEnclave, TeeSDK and so on. * JavaEnclave is committed to make java enclave development easy and efficient. * <p> - * Java developer don't need to care too much about enclave's underlying technology stack. - * And JavaEnclave will help java programmer develop a java enclave service as the same as - * a common java service. + * Java developer does not need to care too much about enclave's underlying technology stack. + * And JavaEnclave will help java programmer develop a java enclave service as a common java service. * <pre> * try { * Enclave enclave = EnclaveFactory.create(); @@ -74,9 +73,9 @@ public final class EnclaveFactory { case EMBEDDED_LIB_OS: // EMBEDDED_LIB_OS only support hardware mode, not support simulate mode. if (EmbeddedLibOSEnclaveConfigure.getInstance().isEnclaveDebuggable()) { - enclave = EmbeddedLibOSEnclave.getEmbeddedLibOSEnclaveInstance(EnclaveDebug.DEBUG, EnclaveSimulate.HARDWARE); + enclave = EmbeddedLibOSEnclave.getEmbeddedLibOSEnclaveInstance(EnclaveDebug.DEBUG); } else { - enclave = EmbeddedLibOSEnclave.getEmbeddedLibOSEnclaveInstance(EnclaveDebug.RELEASE, EnclaveSimulate.HARDWARE); + enclave = EmbeddedLibOSEnclave.getEmbeddedLibOSEnclaveInstance(EnclaveDebug.RELEASE); } break; case NONE: diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfo.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfo.java index a66d324..a1f5b87 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfo.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfo.java @@ -1,7 +1,7 @@ package com.alibaba.confidentialcomputing.host; /** - * an enclave's detail information. + * an enclave's information details. */ public interface EnclaveInfo { /** @@ -16,9 +16,9 @@ public interface EnclaveInfo { /** * is the enclave debuggable or not. MOCK_IN_JVM and MOCK_IN_SVM are simulation mode, - * so the two mock enclave type are debuggable. TEE_SDK and EMBEDDED_LIB_OS depend on - * user, if the enclave is not debuggable, we couldn't debug the code run in enclave by - * gdb or other debug tools. + * so these two mock enclave type are debuggable. TEE_SDK and EMBEDDED_LIB_OS depend on + * user, if the enclave is not debuggable, the code and data in enclave is not accessible + * by gdb or other debugging tools. */ boolean isEnclaveDebuggable(); diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfoMXBean.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfoMXBean.java index 357f27a..0bc5c93 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfoMXBean.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfoMXBean.java @@ -5,13 +5,13 @@ import java.util.List; /** * EnclaveInfoMXBean help query created all existed enclave's detail information. * Such as existed enclave instance number, every enclave's type info, is debuggable, - * and enclave's epc memory size and so on. + * and enclave's epc memory size. */ public interface EnclaveInfoMXBean { /** - * get all existed enclaves' number. + * get the number of all existed enclaves. * - * @return int existed enclaves' number. + * @return number of all existed enclaves. */ int getEnclaveInstanceNumber(); diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfoManager.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfoManager.java index 24d04b2..378494e 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfoManager.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveInfoManager.java @@ -4,10 +4,20 @@ import java.util.ArrayList; import java.util.HashMap; import java.util.List; -public class EnclaveInfoManager implements EnclaveInfoMXBean { +/** + * EnclaveInfoManager stores all existed enclave's detail information. Such as the number of + * all existed enclave instance, every enclave's type info, debuggable or not, and enclave's + * epc memory size. + */ +public final class EnclaveInfoManager implements EnclaveInfoMXBean { private final static EnclaveInfoManager instance = new EnclaveInfoManager(); - private HashMap<Enclave, Object> enclaveRecord = new HashMap<>(); + private final HashMap<Enclave, Object> enclaveRecord = new HashMap<>(); + /** + * get a single instance of EnclaveInfoManager. + * + * @return a single instance of EnclaveInfoManager. + */ public static EnclaveInfoManager getEnclaveInfoManagerInstance() { return instance; } @@ -20,11 +30,21 @@ public class EnclaveInfoManager implements EnclaveInfoMXBean { enclaveRecord.remove(enclave); } + /** + * number of all existed enclaves. + * + * @return number of existed enclaves. + */ @Override public synchronized int getEnclaveInstanceNumber() { return enclaveRecord.size(); } + /** + * get all existed enclaves' EnclaveInfo details. + * + * @return List<EnclaveInfo> all existed enclaves' EnclaveInfo details. + */ @Override public synchronized List<EnclaveInfo> getEnclaveInstancesInfo() { List<EnclaveInfo> enclaveInfos = new ArrayList<>(); diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveServicesRecycler.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveServicesRecycler.java index 7af0ad4..4f95c66 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveServicesRecycler.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveServicesRecycler.java @@ -13,7 +13,7 @@ import java.util.concurrent.LinkedBlockingQueue; * to recycle the corresponding service loaded in enclave side. * EnclaveServicesRecycle starts a new thread to recycle enclave's services asynchronously. */ -class EnclaveServicesRecycler extends BaseEnclaveServicesRecycler { +final class EnclaveServicesRecycler extends BaseEnclaveServicesRecycler { private final Cleaner cleaner = Cleaner.create(); // toBeReleasedEnclaveServices stores a service proxy handler when it's recycled // by gc in host side. diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveToken.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveToken.java index 7d54dc0..492c30e 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveToken.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveToken.java @@ -6,8 +6,8 @@ import java.util.concurrent.atomic.AtomicBoolean; /** * EnclaveToken avoids an enclave's invocation happen when it's being destroyed. */ -class EnclaveToken { - private volatile AtomicBoolean alive = new AtomicBoolean(true); +final class EnclaveToken { + private final AtomicBoolean alive = new AtomicBoolean(true); private final int MAX_CONCURRENCY_INVOKER = 999999; private final Semaphore tokens = new Semaphore(MAX_CONCURRENCY_INVOKER); @@ -37,7 +37,7 @@ class EnclaveToken { try { tokens.acquire(MAX_CONCURRENCY_INVOKER); } catch (InterruptedException e) { - ; // Should never happen, do nothing here. + // Should never happen, do nothing here. } return true; } diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveType.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveType.java index 5a6705d..dbfaba9 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveType.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/EnclaveType.java @@ -2,7 +2,8 @@ package com.alibaba.confidentialcomputing.host; /** * An enumeration of enclave type. - * JavaEnclave supports three kinds of enclave, they are mock_jvm、mock_svm and tee_sdk. + * JavaEnclave supports three kinds of enclave, they are mock_in_jvm、mock_in_svm、tee_sdk + * and embedded_lib_os. */ public enum EnclaveType { NONE, diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ExtractLibrary.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ExtractLibrary.java index 0ede769..ff92e34 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ExtractLibrary.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ExtractLibrary.java @@ -15,7 +15,7 @@ import java.util.zip.GZIPInputStream; * decompress .tgz file into target temp path from the jar file. * it's very convenient for deployment. */ -public final class ExtractLibrary { +final class ExtractLibrary { /** * check file exist in the .jar or not. * @@ -83,9 +83,9 @@ public final class ExtractLibrary { entryFile.mkdir(); } subEntries = entry.getDirectoryEntries(); - for (int i = 0; i < subEntries.length; i++) { + for (TarArchiveEntry subEntry : subEntries) { try (OutputStream out = new FileOutputStream(subEntryFile)) { - subEntryFile = new File(entryFileName + File.separator + subEntries[i].getName()); + subEntryFile = new File(entryFileName + File.separator + subEntry.getName()); IOUtils.copy(tis, out); } } diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MetricTrace.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MetricTrace.java index e94a0bd..683cb77 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MetricTrace.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MetricTrace.java @@ -10,11 +10,16 @@ import java.text.SimpleDateFormat; import java.util.Date; import java.util.concurrent.TimeUnit; +/** + * MetricTrace is JavaEnclave's internal mechanism to trace metric of key enclave operation. + * For example, MetricTrace could metric and record the cost of enclave creation, also could + * trace an enclave service invocation cost and so on. + */ public abstract class MetricTrace implements AutoCloseable { private static boolean enableEnclaveMetricTrace = false; private static volatile String logPath = "JavaEnclave_Metric_Log_" + new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()) + ".log"; private static volatile BufferedWriter logFile; - private static DecimalFormat formatter = new DecimalFormat("###,###"); + private static final DecimalFormat formatter = new DecimalFormat("###,###"); private final long start = System.nanoTime(); @@ -25,14 +30,25 @@ public abstract class MetricTrace implements AutoCloseable { enableEnclaveMetricTrace = enableEnclaveMetricTraceTemp; logPath = logPathTemp; } catch (IOException e) { - ; // if exception happen, use original init value. + // if exception happen, use original init value. } } + /** + * turn on/off metric trace for JavaEnclave. + * + * @param flag turn on/off metric trace. + */ public static void setEnclaveMetricTraceSwitch(boolean flag) { enableEnclaveMetricTrace = flag; } + + /** + * check metric trace is on or off. + * + * @return metric trace is on or off. + */ public static boolean isEnableEnclaveMetricTrace() { return enableEnclaveMetricTrace; } @@ -60,7 +76,7 @@ public abstract class MetricTrace implements AutoCloseable { if (logFile == null) { synchronized (MetricTrace.class) { if (logFile == null) { - logFile = new BufferedWriter(new FileWriter(this.logPath)); + logFile = new BufferedWriter(new FileWriter(logPath)); } } } diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MetricTraceContext.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MetricTraceContext.java index 0084e4e..5ed22a9 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MetricTraceContext.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MetricTraceContext.java @@ -3,7 +3,7 @@ package com.alibaba.confidentialcomputing.host; final class MetricTraceContext extends MetricTrace { private EnclaveInfo info; private long costInnerEnclave = 0x0; - private String pattern; + private final String pattern; MetricTraceContext(EnclaveInfo info, LogPrefix prefix) { this.info = info; @@ -12,7 +12,7 @@ final class MetricTraceContext extends MetricTrace { MetricTraceContext(EnclaveInfo info, LogPrefix prefix, String service) { this.info = info; - pattern = new StringBuilder().append(prefix.toString()).append(":").append(service).toString(); + pattern = prefix.toString() + ":" + service; } MetricTraceContext(LogPrefix prefix) { diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockEnclaveInfo.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockEnclaveInfo.java index ef8a510..4a2db44 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockEnclaveInfo.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockEnclaveInfo.java @@ -2,12 +2,12 @@ package com.alibaba.confidentialcomputing.host; import javax.management.ConstructorParameters; -class MockEnclaveInfo implements EnclaveInfo { +final class MockEnclaveInfo implements EnclaveInfo { private final EnclaveType enclaveType; - private boolean isEnclaveDebuggable; - private long enclaveEPCMemorySizeBytes; // Bytes. - private int enclaveMaxThreadsNumber; - private int enclaveID; + private final boolean isEnclaveDebuggable; + private final long enclaveEPCMemorySizeBytes; // Bytes. + private final int enclaveMaxThreadsNumber; + private final int enclaveID; @ConstructorParameters({"enclaveType", "isEnclaveDebuggable", "enclaveEPCMemorySizeBytes", "enclaveMaxThreadsNumber"}) MockEnclaveInfo(EnclaveType enclaveType, boolean isEnclaveDebuggable, long enclaveEPCMemorySizeBytes, int enclaveMaxThreadsNumber) { diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInJvmEnclave.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInJvmEnclave.java index 1f5fc14..4dfb78f 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInJvmEnclave.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInJvmEnclave.java @@ -10,7 +10,7 @@ import java.io.IOException; * MockInJvmEnclave is a mock jvm enclave. Both host and enclave codes run * in one jvm. It was used for test and debug. */ -class MockInJvmEnclave extends AbstractEnclave { +final class MockInJvmEnclave extends AbstractEnclave { private final MockEnclaveInfo enclaveInfo; MockInJvmEnclave() throws IOException { @@ -24,22 +24,22 @@ class MockInJvmEnclave extends AbstractEnclave { throw new RemoteAttestationException("MOCK_IN_JVM enclave doesn't support remote attestation generation."); } - static int verifyAttestationReport(byte[] report) throws RemoteAttestationException { + static int verifyAttestationReport(byte[] ignoredReport) throws RemoteAttestationException { throw new RemoteAttestationException("MOCK_IN_JVM enclave doesn't support remote attestation verification."); } @Override - byte[] loadServiceNative(String service) throws ServicesLoadingException { + byte[] loadServiceNative(String service) { return null; } @Override - byte[] unloadServiceNative(ServiceHandler handler) throws ServicesUnloadingException { + byte[] unloadServiceNative(ServiceHandler handler) { return null; } @Override - byte[] invokeMethodNative(EnclaveInvocationContext context) throws EnclaveMethodInvokingException { + byte[] invokeMethodNative(EnclaveInvocationContext context) { return null; } diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInSvmEnclave.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInSvmEnclave.java index d46d1e8..76d069a 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInSvmEnclave.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInSvmEnclave.java @@ -14,8 +14,8 @@ import java.io.IOException; * The work mechanism in this mode is very closed to tee sdk enclave, so it's very * important to debug issue. */ -class MockInSvmEnclave extends AbstractEnclave { - private final static long KB = 1 * 1024; +final class MockInSvmEnclave extends AbstractEnclave { + private final static long KB = 1024; private final static long MB = KB * 1024; private final static String JNI_EXTRACTED_PACKAGE_PATH = "jni/lib_jni_mock_svm.so"; private final static String ENCLAVE_SVM_PACKAGE_PATH = "lib_mock_svm_load.so"; @@ -42,7 +42,7 @@ class MockInSvmEnclave extends AbstractEnclave { String enclaveSvmFilePath = ExtractLibrary.extractLibrary( MockInSvmEnclave.class.getClassLoader(), ENCLAVE_SVM_PACKAGE_PATH); - extractTempPath = new MockInSvmEnclave.MockInSvmExtractTempPath( + extractTempPath = new MockInSvmExtractTempPath( jniTempFilePath, enclaveSvmFilePath); System.load(extractTempPath.getJniTempFilePath()); @@ -86,7 +86,7 @@ class MockInSvmEnclave extends AbstractEnclave { throw new RemoteAttestationException("MOCK_IN_SVM enclave doesn't support remote attestation generation."); } - static int verifyAttestationReport(byte[] report) throws RemoteAttestationException { + static int verifyAttestationReport(byte[] ignoredReport) throws RemoteAttestationException { throw new RemoteAttestationException("MOCK_IN_SVM enclave doesn't support remote attestation verification."); } @@ -163,7 +163,7 @@ class MockInSvmEnclave extends AbstractEnclave { private native int nativeDestroyEnclave(long enclaveSvmSdkHandle) throws EnclaveDestroyingException; - class MockInSvmExtractTempPath { + static class MockInSvmExtractTempPath { private final String jniTempFilePath; private final String enclaveSvmFilePath; diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInSvmEnclaveConfigure.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInSvmEnclaveConfigure.java index 6cc95f2..9668e9e 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInSvmEnclaveConfigure.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/MockInSvmEnclaveConfigure.java @@ -2,8 +2,8 @@ package com.alibaba.confidentialcomputing.host; import java.io.IOException; -public class MockInSvmEnclaveConfigure { - private final static long KB = 1 * 1024; +final class MockInSvmEnclaveConfigure { + private final static long KB = 1024; private final static long MB = KB * 1024; private final static String MOCK_IN_SVM_MAX_HEAP_SIZE_PROPERTY = "com.alibaba.enclave.mockinsvm.maxheap_MB"; private static EnclaveConfigure enclaveConfigure; diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ProxyEnclaveInvocationHandler.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ProxyEnclaveInvocationHandler.java index 98a439d..6d5ab39 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ProxyEnclaveInvocationHandler.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ProxyEnclaveInvocationHandler.java @@ -12,7 +12,7 @@ import java.lang.reflect.Method; /** * ProxyEnclaveInvocationHandler define a service's proxy invocation handler. */ -class ProxyEnclaveInvocationHandler implements InvocationHandler, Runnable { +final class ProxyEnclaveInvocationHandler implements InvocationHandler, Runnable { private final AbstractEnclave enclave; private final ServiceHandler serviceHandler; @@ -52,7 +52,7 @@ class ProxyEnclaveInvocationHandler implements InvocationHandler, Runnable { EnclaveInvocationResult result = enclave.InvokeEnclaveMethod(methodInvokeMetaWrapper); trace.setCostInnerEnclave(result.getCost()); Throwable causeException = result.getException(); - if (causeException != null && causeException instanceof ConfidentialComputingException) { + if (causeException instanceof ConfidentialComputingException) { Throwable enclaveCauseException = causeException.getCause(); Class<?>[] exceptionTypes = method.getExceptionTypes(); if (enclaveCauseException instanceof InvocationTargetException) { diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ProxyMockJvmInvocationHandler.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ProxyMockJvmInvocationHandler.java index edfe877..db49306 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ProxyMockJvmInvocationHandler.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/ProxyMockJvmInvocationHandler.java @@ -4,7 +4,12 @@ import java.lang.reflect.InvocationHandler; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; -public class ProxyMockJvmInvocationHandler<T> implements InvocationHandler, Runnable { +/** + * ProxyMockJvmInvocationHandler define a service's proxy invocation handler. + * It mainly helps to metric trace the cost of a service invocation for + * MOCK_IN_JVM enclave. + */ +final class ProxyMockJvmInvocationHandler<T> implements InvocationHandler, Runnable { private final AbstractEnclave enclave; private final T proxyService; diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/RemoteAttestation.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/RemoteAttestation.java index 20255e6..e8f695c 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/RemoteAttestation.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/RemoteAttestation.java @@ -10,7 +10,7 @@ import java.util.Random; public final class RemoteAttestation { // normalizeUserData format userData to make sure it's a buffer with 64 bytes. private static byte[] normalizeUserData(byte[] userData) throws RemoteAttestationException { - byte[] result = null; + byte[] result; if (userData == null) { result = new byte[64]; new Random().nextBytes(result); diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/RemoteAttestationVerifyResult.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/RemoteAttestationVerifyResult.java index b99cb2d..2352ec0 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/RemoteAttestationVerifyResult.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/RemoteAttestationVerifyResult.java @@ -1,9 +1,9 @@ package com.alibaba.confidentialcomputing.host; -class RemoteAttestationVerifyResult { - private volatile int status; - private volatile int versionCheck; - private volatile int verifyFlag; +final class RemoteAttestationVerifyResult { + private final int status; + private final int versionCheck; + private final int verifyFlag; RemoteAttestationVerifyResult(int status, int versionCheck, int verifyFlag) { this.status = status; diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/SGXEnclaveInfo.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/SGXEnclaveInfo.java index 1a1022d..145c315 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/SGXEnclaveInfo.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/SGXEnclaveInfo.java @@ -2,12 +2,12 @@ package com.alibaba.confidentialcomputing.host; import javax.management.ConstructorParameters; -class SGXEnclaveInfo implements EnclaveInfo { +final class SGXEnclaveInfo implements EnclaveInfo { private final EnclaveType enclaveType; - private boolean isEnclaveDebuggable; - private long enclaveEPCMemorySizeBytes; // Bytes. - private int enclaveMaxThreadsNumber; - private int enclaveID; + private final boolean isEnclaveDebuggable; + private final long enclaveEPCMemorySizeBytes; // Bytes. + private final int enclaveMaxThreadsNumber; + private final int enclaveID; @ConstructorParameters({"enclaveType", "isEnclaveDebuggable", "enclaveEPCMemorySizeBytes", "enclaveMaxThreadsNumber"}) SGXEnclaveInfo(EnclaveType enclaveType, boolean isEnclaveDebuggable, long enclaveEPCMemorySizeBytes, int enclaveMaxThreadsNumber) { diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/SGXRemoteAttestationVerify.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/SGXRemoteAttestationVerify.java index 2db853d..6858478 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/SGXRemoteAttestationVerify.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/SGXRemoteAttestationVerify.java @@ -4,7 +4,7 @@ import com.alibaba.confidentialcomputing.host.exception.RemoteAttestationExcepti import java.io.IOException; -public class SGXRemoteAttestationVerify { +final class SGXRemoteAttestationVerify { private final static String JNI_EXTRACTED_PACKAGE_PATH = "remote_attestation/sgx/jni/lib_jni_sgx_remote_attestation_verify.so"; static { @@ -21,7 +21,7 @@ public class SGXRemoteAttestationVerify { private static native void registerNatives(); private static native int nativeVerifyAttestationReport(byte[] report, RemoteAttestationVerifyResult result); - public static int VerifyAttestationReport(byte[] report) throws RemoteAttestationException { + static int VerifyAttestationReport(byte[] report) throws RemoteAttestationException { RemoteAttestationVerifyResult verifyResult = new RemoteAttestationVerifyResult(0, 0, 0); nativeVerifyAttestationReport(report, verifyResult); if (verifyResult.getVersionCheck() == -1) { diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkAttestationReport.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkAttestationReport.java index 4f75a2c..2343a71 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkAttestationReport.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkAttestationReport.java @@ -3,7 +3,7 @@ package com.alibaba.confidentialcomputing.host; /** * TeeSdkAttestationReport parse more details information from a tee sdk type enclave's remote attestation report. */ -public final class TeeSdkAttestationReport extends SGXAttestationReport { +final class TeeSdkAttestationReport extends SGXAttestationReport { TeeSdkAttestationReport(byte[] quote, byte[] mrSigner, byte[] mrEnclave, byte[] userData) { super(EnclaveType.TEE_SDK, quote, mrSigner, mrEnclave, userData); } diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkEnclave.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkEnclave.java index a4d80d4..ba4fc68 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkEnclave.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkEnclave.java @@ -10,8 +10,8 @@ import java.io.IOException; /** * TeeSdkEnclave is a sgx2 enclave based on Alibaba cloud's tee sdk. */ -class TeeSdkEnclave extends AbstractEnclave { - private final static long KB = 1 * 1024; +final class TeeSdkEnclave extends AbstractEnclave { + private final static long KB = 1024; private final static long MB = KB * 1024; private final static String JNI_EXTRACTED_PACKAGE_PATH = "jni/lib_jni_tee_sdk_svm.so"; private final static String TEE_SDK_SIGNED_PACKAGE_PATH = "lib_tee_sdk_svm_load.signed"; @@ -24,7 +24,7 @@ class TeeSdkEnclave extends AbstractEnclave { private long isolateHandle; // isolateThreadHandle stores the first attached isolateThread Handle. private long isolateThreadHandle; - private SGXEnclaveInfo enclaveInfo; + private final SGXEnclaveInfo enclaveInfo; private void extractNativeResource() throws EnclaveCreatingException { // Extract jni .so and signed tee .so from .jar file. @@ -70,10 +70,7 @@ class TeeSdkEnclave extends AbstractEnclave { // Create svm attach isolate and isolateThread, and they are set in jni in nativeHandlerContext. nativeSvmAttachIsolate(enclaveHandle, TeeSdkEnclaveConfigure.getInstance().isEnableTeeSDKSymbolTracing(), buildSVMHeapConf()); // Create enclave info. - boolean isDebuggable = true; - if (mode.getValue() == 0x2) { - isDebuggable = false; - } + boolean isDebuggable = mode.getValue() != 0x2; enclaveInfo = new SGXEnclaveInfo( EnclaveType.TEE_SDK, isDebuggable, diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkEnclaveConfigure.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkEnclaveConfigure.java index 0b1ebfe..81cdc93 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkEnclaveConfigure.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/TeeSdkEnclaveConfigure.java @@ -2,8 +2,8 @@ package com.alibaba.confidentialcomputing.host; import java.io.IOException; -class TeeSdkEnclaveConfigure { - private final static long KB = 1 * 1024; +final class TeeSdkEnclaveConfigure { + private final static long KB = 1024; private final static long MB = KB * 1024; private final static String TEE_SDK_SVM_MAX_HEAP_SIZE_PROPERTY = "com.alibaba.enclave.teesdk.maxheap_MB"; private final static String TEE_SDK_SYMBOL_TRACE_ENABLE_PROPERTY = "com.alibaba.enclave.teesdk.symbol.trace"; diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/exception/EnclaveNativeInvokingException.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/exception/EnclaveNativeInvokingException.java index 052234f..1b431ca 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/exception/EnclaveNativeInvokingException.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/exception/EnclaveNativeInvokingException.java @@ -2,7 +2,7 @@ package com.alibaba.confidentialcomputing.host.exception; /** * EnclaveNativeInvokingException defines all kinds of possible exceptions towards an - * enclave's native operation. Basically there are two kinds error about enclave operation, + * enclave's native invocation. Basically there are two kinds error about enclave invocation, * one kind is native calling return an unexpected value, the other kind is an exception * happen in enclave and transform into host side. If a native invoking into enclave returns * an error value, enum of EnclaveNativeInvokingException will add extra error message details diff --git a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/exception/MetricTraceLogWriteException.java b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/exception/MetricTraceLogWriteException.java index f244cb6..b94b063 100644 --- a/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/exception/MetricTraceLogWriteException.java +++ b/sdk/host/src/main/java/com/alibaba/confidentialcomputing/host/exception/MetricTraceLogWriteException.java @@ -1,11 +1,13 @@ package com.alibaba.confidentialcomputing.host.exception; +import com.alibaba.confidentialcomputing.common.exception.ConfidentialComputingException; + /** * MetricTraceLogWriteException {@link MetricTraceLogWriteException} is thrown when an enclave metric trace * write into log file. * Programmers need to handle MetricTraceLogWriteException seriously. */ -public class MetricTraceLogWriteException extends EnclaveCreatingException { +public class MetricTraceLogWriteException extends ConfidentialComputingException { /** * @param info exception information. */ diff --git a/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/MockTestEnclave.java b/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/MockTestEnclave.java index acf94d1..e97a6fe 100644 --- a/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/MockTestEnclave.java +++ b/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/MockTestEnclave.java @@ -30,7 +30,7 @@ class MockTestEnclave extends AbstractEnclave { try { parametersClass.add(nameToType(p)); } catch (ClassNotFoundException e) { - assertTrue(false); + fail(); } }); return parametersClass.toArray(new Class<?>[0]); @@ -67,7 +67,7 @@ class MockTestEnclave extends AbstractEnclave { throw new RemoteAttestationException("MockTestEnclave enclave doesn't support remote attestation generation."); } - static int verifyAttestationReport(byte[] report) throws RemoteAttestationException { + static int verifyAttestationReport(byte[] ignoredReport) throws RemoteAttestationException { throw new RemoteAttestationException("MockTestEnclave enclave doesn't support remote attestation verification."); } @@ -78,14 +78,12 @@ class MockTestEnclave extends AbstractEnclave { EnclaveInvocationResult result; try { Class<?> service = Class.forName(interfaceName); - Iterator<?> services = ServiceLoader.load(service).iterator(); - while (services.hasNext()) { + for (Object o : ServiceLoader.load(service)) { String identity = String.valueOf(instanceIdentity.addAndGet(1)); - Object instance = services.next(); - ServiceHandler sm = new ServiceHandler(interfaceName, instance.getClass().getName(), identity); + ServiceHandler sm = new ServiceHandler(interfaceName, o.getClass().getName(), identity); handlers.add(sm); cacheServiceHandler.add(sm); - instancesRegisterCenter.put(identity, instance); + instancesRegisterCenter.put(identity, o); } } catch (ClassNotFoundException e) { exception = e; @@ -102,11 +100,10 @@ class MockTestEnclave extends AbstractEnclave { @Override byte[] unloadServiceNative(ServiceHandler handler) throws ServicesUnloadingException { - Throwable exception = null; EnclaveInvocationResult result; instancesRegisterCenter.remove(handler.getInstanceIdentity()); - result = new EnclaveInvocationResult(null, exception); + result = new EnclaveInvocationResult(null, null); try { return SerializationHelper.serialize(result); @@ -127,7 +124,7 @@ class MockTestEnclave extends AbstractEnclave { Object[] args = invocationContext.getArguments(); Object instance = instancesRegisterCenter.get(invocationContext.getServiceHandler().getInstanceIdentity()); assertNotNull(instance); - assertTrue(className.equals(instance.getClass().getName())); + assertEquals(className, instance.getClass().getName()); Class<?> service = Class.forName(className); Method method = service.getDeclaredMethod(methodName, parseParamClass(parameterTypes)); method.setAccessible(true); @@ -151,7 +148,7 @@ class MockTestEnclave extends AbstractEnclave { } @Override - public void destroy() throws EnclaveDestroyingException { + public void destroy() { // destroyToken will wait for all ongoing enclave invocations finished. if (this.getEnclaveContext().getEnclaveToken().destroyToken()) { // interrupt enclave services' recycler firstly. diff --git a/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/ServiceImpl.java b/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/ServiceImpl.java index b364b9e..3c5cbde 100644 --- a/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/ServiceImpl.java +++ b/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/ServiceImpl.java @@ -6,7 +6,7 @@ import com.google.auto.service.AutoService; public class ServiceImpl implements Service { @Override public void doNothing() { - ; // Do nothing; + // Do nothing; } @Override diff --git a/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/TestAbstractEnclave.java b/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/TestAbstractEnclave.java index 785b6c6..e5dfa25 100644 --- a/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/TestAbstractEnclave.java +++ b/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/TestAbstractEnclave.java @@ -29,7 +29,7 @@ class TestAbstractEnclave { Service service = (Service) services.next(); service.doNothing(); assertEquals(200, service.add(20, 180)); - assertTrue("Hello World".equals(service.saySomething("Hello World"))); + assertEquals("Hello World", service.saySomething("Hello World")); assertThrows(ServiceExceptionTest.class, () -> service.throwException("something is wrong")); Queue<?> queue = ((MockTestEnclave) enclave).getCachedServiceHandler(); assertEquals(1, queue.size()); diff --git a/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/TestRemoteAttestation.java b/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/TestRemoteAttestation.java index 997f3e1..636f197 100644 --- a/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/TestRemoteAttestation.java +++ b/sdk/host/src/test/java/com/alibaba/confidentialcomputing/host/TestRemoteAttestation.java @@ -6,6 +6,7 @@ import org.junit.jupiter.api.Test; import java.io.IOException; import java.lang.reflect.InvocationTargetException; import java.lang.reflect.Method; +import java.util.Arrays; import static org.junit.jupiter.api.Assertions.*; @@ -25,7 +26,7 @@ class TestRemoteAttestation { method.setAccessible(true); byte[] parameter = null; - Object result = method.invoke(null, (Object) parameter); + Object result = method.invoke(null, parameter); assertEquals(((byte[]) result).length, 64); parameter = new byte[32]; @@ -39,9 +40,7 @@ class TestRemoteAttestation { @Test void testAttestationReport() { byte[] quote = new byte[4]; - for (int index = 0; index < quote.length; index++) { - quote[index] = (byte) 0x5f; - } + Arrays.fill(quote, (byte) 0x5f); AttestationReport report = new AttestationReport(EnclaveType.TEE_SDK, quote); byte[] serializedReport = report.toByteArray(); AttestationReport deserializedReport = AttestationReport.fromByteArray(serializedReport); diff --git a/sdk/native/script/build_app/create_tee_sdk_configure.sh b/sdk/native/script/build_app/create_tee_sdk_configure.sh index 7a6115b..cd2bbca 100644 --- a/sdk/native/script/build_app/create_tee_sdk_configure.sh +++ b/sdk/native/script/build_app/create_tee_sdk_configure.sh @@ -4,7 +4,7 @@ TEE_SDK_CONFIG_FILE_PATH=$1 TEE_SDK_BUILD_WORKSPACE=$2 # prepare for TeeSDK.conf -cp /opt/javaenclave/config/template/TeeSDK.conf ${TEE_SDK_BUILD_WORKSPACE} +cp /opt/javaenclave/config/template/TeeSDK.conf "${TEE_SDK_BUILD_WORKSPACE}" user_tee_sdk_enclave_config_file=/opt/javaenclave/config/template/java_enclave_configure.json if [[ -f "${TEE_SDK_CONFIG_FILE_PATH}/java_enclave_configure.json" ]]; then user_tee_sdk_enclave_config_file=${TEE_SDK_CONFIG_FILE_PATH}/java_enclave_configure.json @@ -12,6 +12,6 @@ fi max_thread_num=$(< "${user_tee_sdk_enclave_config_file}" jq -r '.enclave_max_thread') user_space_size=$(< "${user_tee_sdk_enclave_config_file}" jq -r '.enclave_max_epc_memory_size_MB') user_space_size=$((user_space_size*1024*1024)) -user_space_size=`printf "%x" $user_space_size` -sed -i "s/<TCSNum>[0-9]*<\/TCSNum>/<TCSNum>${max_thread_num}<\/TCSNum>/g" ${TEE_SDK_BUILD_WORKSPACE}/TeeSDK.conf -sed -i "s/<HeapMaxSize>0x[0-9]*<\/HeapMaxSize>/<HeapMaxSize>0x${user_space_size}<\/HeapMaxSize>/g" ${TEE_SDK_BUILD_WORKSPACE}/TeeSDK.conf \ No newline at end of file +user_space_size=$(printf "%x" $user_space_size) +sed -i "s/<TCSNum>[0-9]*<\/TCSNum>/<TCSNum>${max_thread_num}<\/TCSNum>/g" "${TEE_SDK_BUILD_WORKSPACE}"/TeeSDK.conf +sed -i "s/<HeapMaxSize>0x[0-9]*<\/HeapMaxSize>/<HeapMaxSize>0x${user_space_size}<\/HeapMaxSize>/g" "${TEE_SDK_BUILD_WORKSPACE}"/TeeSDK.conf \ No newline at end of file diff --git a/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/AESSealedTest.java b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/AESSealedTest.java index 5c62678..26a8f04 100644 --- a/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/AESSealedTest.java +++ b/test/common/src/main/java/com/alibaba/confidentialcomputing/test/common/AESSealedTest.java @@ -3,9 +3,9 @@ package com.alibaba.confidentialcomputing.test.common; import java.io.Serializable; public class AESSealedTest implements Serializable, Comparable<AESSealedTest> { - private String name; - private int age; - private int level; + private final String name; + private final int age; + private final int level; public AESSealedTest(String name, int age, int level) { this.name = name; diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/AESUtil.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/AESUtil.java index 8ac60fe..480f609 100644 --- a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/AESUtil.java +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/AESUtil.java @@ -46,17 +46,15 @@ class AESUtil { public static SecretKey generateKey(int n) throws NoSuchAlgorithmException { KeyGenerator keyGenerator = KeyGenerator.getInstance("AES"); keyGenerator.init(n); - SecretKey key = keyGenerator.generateKey(); - return key; + return keyGenerator.generateKey(); } public static SecretKey getKeyFromPassword(String password, String salt) throws NoSuchAlgorithmException, InvalidKeySpecException { SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256"); KeySpec spec = new PBEKeySpec(password.toCharArray(), salt.getBytes(), 65536, 256); - SecretKey secret = new SecretKeySpec(factory.generateSecret(spec) + return new SecretKeySpec(factory.generateSecret(spec) .getEncoded(), "AES"); - return secret; } public static IvParameterSpec generateIv() { @@ -71,8 +69,7 @@ class AESUtil { InvalidAlgorithmParameterException, InvalidKeyException, IOException, IllegalBlockSizeException { Cipher cipher = Cipher.getInstance(algorithm); cipher.init(Cipher.ENCRYPT_MODE, key, iv); - SealedObject sealedObject = new SealedObject(object, cipher); - return sealedObject; + return new SealedObject(object, cipher); } public static Serializable decryptObject(String algorithm, SealedObject sealedObject, SecretKey key, @@ -81,8 +78,7 @@ class AESUtil { BadPaddingException, IllegalBlockSizeException, IOException { Cipher cipher = Cipher.getInstance(algorithm); cipher.init(Cipher.DECRYPT_MODE, key, iv); - Serializable unsealObject = (Serializable) sealedObject.getObject(cipher); - return unsealObject; + return (Serializable) sealedObject.getObject(cipher); } public static String encryptPasswordBased(String plainText, SecretKey key, IvParameterSpec iv) diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/ConcurrencyCalculateImpl.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/ConcurrencyCalculateImpl.java index 587a00f..a4b4aef 100644 --- a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/ConcurrencyCalculateImpl.java +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/ConcurrencyCalculateImpl.java @@ -7,7 +7,7 @@ import java.util.concurrent.atomic.AtomicLong; @AutoService(ConcurrencyCalculate.class) public class ConcurrencyCalculateImpl implements ConcurrencyCalculate { - private AtomicLong sum = new AtomicLong(); + private final AtomicLong sum = new AtomicLong(); private long sumSync = 0x0; @Override diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/ReflectionCallServiceImpl.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/ReflectionCallServiceImpl.java index 3aaf6f1..0274b89 100644 --- a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/ReflectionCallServiceImpl.java +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/ReflectionCallServiceImpl.java @@ -25,9 +25,7 @@ public class ReflectionCallServiceImpl implements ReflectionCallService { public int add(int a, int b) { try { return (int) addMethod.invoke(null, a, b); - } catch (IllegalAccessException e) { - e.printStackTrace(); - } catch (InvocationTargetException e) { + } catch (IllegalAccessException | InvocationTargetException e) { e.printStackTrace(); } return -1; @@ -37,9 +35,7 @@ public class ReflectionCallServiceImpl implements ReflectionCallService { public int sub(int a, int b) { try { return (int) subMethod.invoke(null, a, b); - } catch (IllegalAccessException e) { - e.printStackTrace(); - } catch (InvocationTargetException e) { + } catch (IllegalAccessException | InvocationTargetException e) { e.printStackTrace(); } return -1; diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SHAServiceImpl.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SHAServiceImpl.java index 95caa11..a45b447 100644 --- a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SHAServiceImpl.java +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SHAServiceImpl.java @@ -13,10 +13,10 @@ public class SHAServiceImpl implements SHAService { MessageDigest md = MessageDigest.getInstance(SHAType); byte[] messageDigest = md.digest(plaintext.getBytes()); BigInteger no = new BigInteger(1, messageDigest); - String hashtext = no.toString(16); - while (hashtext.length() < 32) { - hashtext = "0" + hashtext; + StringBuilder hashText = new StringBuilder(no.toString(16)); + while (hashText.length() < 32) { + hashText.insert(0, "0"); } - return hashtext; + return hashText.toString(); } } diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM2ServiceImpl.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM2ServiceImpl.java index 68e3366..b19c91d 100644 --- a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM2ServiceImpl.java +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM2ServiceImpl.java @@ -16,6 +16,7 @@ import java.math.BigInteger; import java.security.*; import java.security.spec.ECGenParameterSpec; import java.util.Base64; +import java.util.Objects; import com.alibaba.confidentialcomputing.test.common.SM2Service; import com.google.auto.service.AutoService; @@ -85,7 +86,7 @@ public class SM2ServiceImpl implements SM2Service { } @Override - public String encryptAndDecryptWithPlaintext(String plaintext) throws Exception { - return new String(decoder(encode(plaintext, publicKey), privateKey)); + public String encryptAndDecryptWithPlaintext(String plaintext) { + return new String(Objects.requireNonNull(decoder(encode(plaintext, publicKey), privateKey))); } } diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM3ServiceImpl.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM3ServiceImpl.java index dcb1bf8..185eb50 100644 --- a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM3ServiceImpl.java +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM3ServiceImpl.java @@ -8,7 +8,7 @@ import org.bouncycastle.crypto.digests.SM3Digest; @AutoService(SM3Service.class) public class SM3ServiceImpl implements SM3Service { @Override - public byte[] sm3Service(String plainText) throws Exception { + public byte[] sm3Service(String plainText) { byte[] messages = plainText.getBytes(); Digest md = new SM3Digest(); md.update(messages, 0, messages.length); diff --git a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM4ServiceImpl.java b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM4ServiceImpl.java index bab25b2..c83e056 100644 --- a/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM4ServiceImpl.java +++ b/test/enclave/src/main/java/com/alibaba/confidentialcomputing/test/enclave/SM4ServiceImpl.java @@ -6,7 +6,6 @@ import org.bouncycastle.jce.provider.BouncyCastleProvider; import javax.crypto.Cipher; import javax.crypto.KeyGenerator; -import javax.crypto.spec.IvParameterSpec; import javax.crypto.spec.SecretKeySpec; import java.nio.charset.StandardCharsets; import java.security.Provider; @@ -33,25 +32,17 @@ public class SM4ServiceImpl implements SM4Service { return kg.generateKey().getEncoded(); } - private byte[] sm4EncryptAndDecrypt(byte[] data, byte[] key, String sm4mode, byte[] iv, int mode) throws Exception { - IvParameterSpec ivParameterSpec = null; - if (null != iv) { - ivParameterSpec = new IvParameterSpec(iv); - } + private byte[] sm4EncryptAndDecrypt(byte[] data, byte[] key, int mode) throws Exception { SecretKeySpec sm4Key = new SecretKeySpec(key, ALGORITHM_NAME); - Cipher cipher = Cipher.getInstance(sm4mode, BouncyCastleProvider.PROVIDER_NAME); - if (null == ivParameterSpec) { - cipher.init(mode, sm4Key); - } else { - cipher.init(mode, sm4Key, ivParameterSpec); - } + Cipher cipher = Cipher.getInstance(SM4ServiceImpl.ALGORITHM_ECB_PKCS5PADDING, BouncyCastleProvider.PROVIDER_NAME); + cipher.init(mode, sm4Key); return cipher.doFinal(data); } @Override public String sm4Service(String plaintext) throws Exception { byte[] key = generateKey(); - byte[] encryptResult = sm4EncryptAndDecrypt(plaintext.getBytes(StandardCharsets.UTF_8), key, ALGORITHM_ECB_PKCS5PADDING, null, Cipher.ENCRYPT_MODE); - return new String(sm4EncryptAndDecrypt(encryptResult, key, ALGORITHM_ECB_PKCS5PADDING, null, Cipher.DECRYPT_MODE), StandardCharsets.UTF_8); + byte[] encryptResult = sm4EncryptAndDecrypt(plaintext.getBytes(StandardCharsets.UTF_8), key, Cipher.ENCRYPT_MODE); + return new String(sm4EncryptAndDecrypt(encryptResult, key, Cipher.DECRYPT_MODE), StandardCharsets.UTF_8); } } diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveConcurrency.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveConcurrency.java index 89f2d77..57b0a78 100644 --- a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveConcurrency.java +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveConcurrency.java @@ -23,18 +23,15 @@ public class TestEnclaveConcurrency { assertTrue(services.hasNext()); ConcurrencyCalculate service = services.next(); for (int i = 0; i < concurrency; i++) { - new Thread(new Runnable() { - @Override - public void run() { - try { - latch0.await(); - for (int i = 0; i < workload; i++) { - service.add(1); - } - latch1.countDown(); - } catch (Exception e) { - e.printStackTrace(); + new Thread(() -> { + try { + latch0.await(); + for (int i1 = 0; i1 < workload; i1++) { + service.add(1); } + latch1.countDown(); + } catch (Exception e) { + e.printStackTrace(); } }).start(); } @@ -59,16 +56,13 @@ public class TestEnclaveConcurrency { assertTrue(services.hasNext()); ConcurrencyCalculate service = services.next(); for (int i = 0; i < concurrency; i++) { - new Thread(new Runnable() { - @Override - public void run() { - try { - latch0.await(); - service.addSync(workload); - latch1.countDown(); - } catch (Exception e) { - e.printStackTrace(); - } + new Thread(() -> { + try { + latch0.await(); + service.addSync(workload); + latch1.countDown(); + } catch (Exception e) { + e.printStackTrace(); } }).start(); } diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveInfo.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveInfo.java index 1630d82..8a46a04 100644 --- a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveInfo.java +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveInfo.java @@ -15,7 +15,7 @@ public class TestEnclaveInfo { Enclave enclave = EnclaveFactory.create(EnclaveType.MOCK_IN_JVM); EnclaveInfo enclaveInfo = enclave.getEnclaveInfo(); assertEquals(enclaveInfo.getEnclaveType(), EnclaveType.MOCK_IN_JVM); - assertEquals(enclaveInfo.isEnclaveDebuggable(), true); + assertTrue(enclaveInfo.isEnclaveDebuggable()); assertEquals(enclaveInfo.getEnclaveEPCMemorySizeBytes(), -1); assertEquals(enclaveInfo.getEnclaveMaxThreadsNumber(), -1); enclave.destroy(); @@ -23,7 +23,7 @@ public class TestEnclaveInfo { enclave = EnclaveFactory.create(EnclaveType.MOCK_IN_SVM); enclaveInfo = enclave.getEnclaveInfo(); assertEquals(enclaveInfo.getEnclaveType(), EnclaveType.MOCK_IN_SVM); - assertEquals(enclaveInfo.isEnclaveDebuggable(), true); + assertTrue(enclaveInfo.isEnclaveDebuggable()); assertEquals(enclaveInfo.getEnclaveEPCMemorySizeBytes(), -1); assertEquals(enclaveInfo.getEnclaveMaxThreadsNumber(), -1); enclave.destroy(); @@ -32,7 +32,7 @@ public class TestEnclaveInfo { enclave = EnclaveFactory.create(EnclaveType.TEE_SDK); enclaveInfo = enclave.getEnclaveInfo(); assertEquals(enclaveInfo.getEnclaveType(), EnclaveType.TEE_SDK); - assertEquals(enclaveInfo.isEnclaveDebuggable(), false); + assertFalse(enclaveInfo.isEnclaveDebuggable()); assertEquals(enclaveInfo.getEnclaveEPCMemorySizeBytes(), 1500 * 1024 * 1024); assertEquals(enclaveInfo.getEnclaveMaxThreadsNumber(), 50); enclave.destroy(); @@ -41,7 +41,7 @@ public class TestEnclaveInfo { enclave = EnclaveFactory.create(EnclaveType.EMBEDDED_LIB_OS); enclaveInfo = enclave.getEnclaveInfo(); assertEquals(enclaveInfo.getEnclaveType(), EnclaveType.EMBEDDED_LIB_OS); - assertEquals(enclaveInfo.isEnclaveDebuggable(), false); + assertFalse(enclaveInfo.isEnclaveDebuggable()); assertEquals(enclaveInfo.getEnclaveEPCMemorySizeBytes(), 1500 * 1024 * 1024); assertEquals(enclaveInfo.getEnclaveMaxThreadsNumber(), 50); enclave.destroy(); diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveInfoMXBean.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveInfoMXBean.java index 622f87c..8937b89 100644 --- a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveInfoMXBean.java +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveInfoMXBean.java @@ -13,23 +13,19 @@ import java.io.IOException; import java.lang.management.ManagementFactory; import java.net.ServerSocket; import java.rmi.registry.LocateRegistry; -import java.rmi.registry.Registry; import java.util.concurrent.CountDownLatch; -import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.*; public class TestEnclaveInfoMXBean { private static final String DOMAIN_NAME = "EnclaveMXBean"; private static final String ENCLAVE_MX_BEAN_STUB = "enclaveInfoMXBeanStub"; - private CountDownLatch cl0 = new CountDownLatch(1); - private CountDownLatch cl1 = new CountDownLatch(1); + private final CountDownLatch cl0 = new CountDownLatch(1); + private final CountDownLatch cl1 = new CountDownLatch(1); - private int rmiPort = getFreePort(); + private final int rmiPort = getFreePort(); ObjectName enclaveInfoMXBeanStub; - private Registry registry; - private MBeanServer mxBeanService; - private JMXConnectorServer jmxConnector; private int getFreePort() { try (ServerSocket serverSocket = new ServerSocket(0)) { @@ -44,14 +40,14 @@ public class TestEnclaveInfoMXBean { Enclave enclaveJVM = EnclaveFactory.create(EnclaveType.MOCK_IN_JVM); EnclaveInfo enclaveInfoJVM = enclaveJVM.getEnclaveInfo(); assertEquals(enclaveInfoJVM.getEnclaveType(), EnclaveType.MOCK_IN_JVM); - assertEquals(enclaveInfoJVM.isEnclaveDebuggable(), true); + assertTrue(enclaveInfoJVM.isEnclaveDebuggable()); assertEquals(enclaveInfoJVM.getEnclaveEPCMemorySizeBytes(), -1); assertEquals(enclaveInfoJVM.getEnclaveMaxThreadsNumber(), -1); Enclave enclaveSVM = EnclaveFactory.create(EnclaveType.MOCK_IN_SVM); EnclaveInfo enclaveInfoSVM = enclaveSVM.getEnclaveInfo(); assertEquals(enclaveInfoSVM.getEnclaveType(), EnclaveType.MOCK_IN_SVM); - assertEquals(enclaveInfoSVM.isEnclaveDebuggable(), true); + assertTrue(enclaveInfoSVM.isEnclaveDebuggable()); assertEquals(enclaveInfoSVM.getEnclaveEPCMemorySizeBytes(), -1); assertEquals(enclaveInfoSVM.getEnclaveMaxThreadsNumber(), -1); @@ -59,7 +55,7 @@ public class TestEnclaveInfoMXBean { Enclave enclaveTEE = EnclaveFactory.create(EnclaveType.TEE_SDK); EnclaveInfo enclaveInfoTEE = enclaveTEE.getEnclaveInfo(); assertEquals(enclaveInfoTEE.getEnclaveType(), EnclaveType.TEE_SDK); - assertEquals(enclaveInfoTEE.isEnclaveDebuggable(), false); + assertFalse(enclaveInfoTEE.isEnclaveDebuggable()); assertEquals(enclaveInfoTEE.getEnclaveEPCMemorySizeBytes(), 1500 * 1024 * 1024); assertEquals(enclaveInfoTEE.getEnclaveMaxThreadsNumber(), 50); @@ -67,19 +63,19 @@ public class TestEnclaveInfoMXBean { Enclave enclaveLIBOS = EnclaveFactory.create(EnclaveType.EMBEDDED_LIB_OS); EnclaveInfo enclaveInfoLIBOS = enclaveLIBOS.getEnclaveInfo(); assertEquals(enclaveInfoLIBOS.getEnclaveType(), EnclaveType.EMBEDDED_LIB_OS); - assertEquals(enclaveInfoLIBOS.isEnclaveDebuggable(), false); + assertFalse(enclaveInfoLIBOS.isEnclaveDebuggable()); assertEquals(enclaveInfoLIBOS.getEnclaveEPCMemorySizeBytes(), 1500 * 1024 * 1024); assertEquals(enclaveInfoLIBOS.getEnclaveMaxThreadsNumber(), 50); enclaveInfoMXBeanStub = new ObjectName(DOMAIN_NAME + ":name=" + ENCLAVE_MX_BEAN_STUB); - mxBeanService = ManagementFactory.getPlatformMBeanServer(); + MBeanServer mxBeanService = ManagementFactory.getPlatformMBeanServer(); mxBeanService.registerMBean( EnclaveInfoManager.getEnclaveInfoManagerInstance(), enclaveInfoMXBeanStub); - registry = LocateRegistry.createRegistry(rmiPort); + LocateRegistry.createRegistry(rmiPort); JMXServiceURL url = new JMXServiceURL("service:jmx:rmi:///jndi/rmi://localhost:" + rmiPort + "/" + DOMAIN_NAME); - jmxConnector = JMXConnectorServerFactory.newJMXConnectorServer(url, null, mxBeanService); + JMXConnectorServer jmxConnector = JMXConnectorServerFactory.newJMXConnectorServer(url, null, mxBeanService); jmxConnector.start(); cl0.countDown(); diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveSHA.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveSHA.java index 9faa20a..509aa63 100644 --- a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveSHA.java +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestEnclaveSHA.java @@ -18,11 +18,11 @@ public class TestEnclaveSHA { MessageDigest md = MessageDigest.getInstance(SHAType); byte[] messageDigest = md.digest(plaintext.getBytes()); BigInteger no = new BigInteger(1, messageDigest); - String hashtext = no.toString(16); - while (hashtext.length() < 32) { - hashtext = "0" + hashtext; + StringBuilder hashText = new StringBuilder(no.toString(16)); + while (hashText.length() < 32) { + hashText.insert(0, "0"); } - return hashtext; + return hashText.toString(); } @Test diff --git a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestHelloWorld.java b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestHelloWorld.java index e819685..463d1f3 100644 --- a/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestHelloWorld.java +++ b/test/host/src/test/java/com/alibaba/confidentialcomputing/test/host/TestHelloWorld.java @@ -5,12 +5,10 @@ import com.alibaba.confidentialcomputing.host.EnclaveFactory; import com.alibaba.confidentialcomputing.host.EnclaveType; import com.alibaba.confidentialcomputing.host.exception.EnclaveCreatingException; import com.alibaba.confidentialcomputing.host.exception.EnclaveDestroyingException; -import com.alibaba.confidentialcomputing.host.exception.RemoteAttestationException; import com.alibaba.confidentialcomputing.host.exception.ServicesLoadingException; import com.alibaba.confidentialcomputing.test.common.SayHelloService; import org.junit.jupiter.api.Test; -import java.io.IOException; import java.util.Iterator; import static org.junit.jupiter.api.Assertions.*; @@ -18,7 +16,7 @@ import static org.junit.jupiter.api.Assertions.*; public class TestHelloWorld { private String sayHelloService(EnclaveType type, String plain) throws - EnclaveCreatingException, ServicesLoadingException, EnclaveDestroyingException, RemoteAttestationException, IOException { + EnclaveCreatingException, ServicesLoadingException, EnclaveDestroyingException { Enclave enclave = EnclaveFactory.create(type); assertNotNull(enclave); Iterator<SayHelloService> userServices = enclave.load(SayHelloService.class); --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
