From 135ae20d8843513ab811a347bbc9c9f31bfe69ea Mon Sep 17 00:00:00 2001 From: Chester Leung Date: Wed, 9 Jun 2021 05:29:21 +0000 Subject: [PATCH 1/2] Add in root.pem. change quickstart dir to playground --- quickstart/config.yaml | 16 ++++++++-------- quickstart/keys/root.pem | 39 +++++++++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+), 8 deletions(-) create mode 100644 quickstart/keys/root.pem diff --git a/quickstart/config.yaml b/quickstart/config.yaml index 3c29ae2..e35c393 100644 --- a/quickstart/config.yaml +++ b/quickstart/config.yaml @@ -8,26 +8,26 @@ user: # and run `mc2 init` to generate a key # # `mc2 init` will not overwrite anything at this path - symmetric_key: ${MC2_CLIENT_HOME}/quickstart/keys/user1_sym.key + symmetric_key: ${MC2_CLIENT_HOME}/playground/keys/user1_sym.key # Path to your private key and certificate # If you don't have a private key / certificate, specify paths here # and run `mc2 init` to generate a keypair # # `mc2 init` will not overwrite anything at this path - private_key: ${MC2_CLIENT_HOME}/quickstart/keys/user1.pem - certificate: ${MC2_CLIENT_HOME}/quickstart/keys/user1.crt + private_key: ${MC2_CLIENT_HOME}/playground/keys/user1.pem + certificate: ${MC2_CLIENT_HOME}/playground/keys/user1.crt # Path to CA certificate and private key # Needed if you want to generate a certificate signed by CA - root_certificate: ${MC2_CLIENT_HOME}/quickstart/keys/root.crt - root_private_key: ${MC2_CLIENT_HOME}/quickstart/keys/root.pem + root_certificate: ${MC2_CLIENT_HOME}/playground/keys/root.crt + root_private_key: ${MC2_CLIENT_HOME}/playground/keys/root.pem # Configuration for launching cloud resources launch: # The absolute path to your Azure configuraton # This needs to be an absolute path - azure_config: ${MC2_CLIENT_HOME}/quickstart/azure.yaml + azure_config: ${MC2_CLIENT_HOME}/playground/azure.yaml # # Manually specify the IP/uname/ssh_key of the head node or workers. # # If these values exist, they will override any values in `azure_config`. @@ -76,12 +76,12 @@ upload: # Files to encrypt and upload src: - - ${MC2_CLIENT_HOME}/quickstart/data/opaquesql.csv + - ${MC2_CLIENT_HOME}/playground/data/opaquesql.csv # If you want to run Opaque SQL, you must also specify a schema, # one for each file you want to encrypt and upload schemas: - - ${MC2_CLIENT_HOME}/quickstart/data/opaquesql_schema.json + - ${MC2_CLIENT_HOME}/playground/data/opaquesql_schema.json # Directory to upload data to dst: /mc2/data diff --git a/quickstart/keys/root.pem b/quickstart/keys/root.pem new file mode 100644 index 0000000..c6fbd18 --- /dev/null +++ b/quickstart/keys/root.pem @@ -0,0 +1,39 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIG5AIBAAKCAYEAxiaG+ZQBDsqvkA4v+oBsZ5pK8FhiwKQv4yFU7E7ea+1ae95p +9UAW6aL7KJM3vWoalOsfoE/JCO1T2r18DfjIyTM2zyhBK75d1zKGOlz0iGkKxBDy +YjBAdsMdsm+XCwvVanGK8j2613eSz+Xl6lzKBKcRYDoZ1yrjLQaLQBDKQUv1JOaW +bs8OiAtgTPrSqlspmt2bUsvgkQ6jq0hrL7TxwBMQcTWxhCIN60VDe79xbUXJsnSs +FETMRVQVfv1K0g6HM+lauyAXlkD9srbF9aXAycliXdUe/HxOiA/IxeyCp8pM3PAZ +emMVfpMcLXbvaNd5d34qvr0ovMm+3nJCbZBtziF0EQkRlspZdihGb4A1tN9r99F/ +VvznRGVmRQEy7d7n5ktkHTzsRBbfyngG/APAMHNOboWGCCtpL6NYu4opMAQ+Tnry +WXQfNdPA6+VGeK5IbYgpa5yD9urIWZc8LTCTkPk2pxge6Ypymn9iujKt2RefDlEP +EbBS8ngy9u01/vBhAgEDAoIBgQCEGa9RDVYJ3HUKtB/8VZ2aZtygOuyAbXVCFjid +iemdSOb9PvFOKrnxF1IbDM/TnBG4nL/ANTCwnjfnKP1epdswzM80xYDH1D6PdwQm +6KMFm1yCtfbsICr512khn7oHXTjxoQdMKSc6T7c1Q+6cPdwDGguVfBE6HJdzWbIq +tdwrh/jDRGRJ318FXOrd/Ixxkhu8k7zh3UBgtG0c2vIfzfaADLWgznZYFrPyLiz9 +KkueLoZ2+HK4Ld2DjWOp/jHhXwOg8sfm6SYMoCQWKQEKYaz76HxnYrpYEm/86Ss/ +VvCkEATZOJkqTr8R9RA6IyiQ5fCOCYMB6+Z2KoU8Jlml96ctcpe68RkeHWEvyo9M +2cXSFiyuzQq+xn1ZI8X+cddOtfIwgit/e8V7liERtow2uIXvWYKk2R9RYj8s9Eg8 +My4pDfo3BPP7lMBeQlbnQ0mGbIznr2kx7eY26T4Q9uckmE+2b/sDLvd0tzCiNKNe +gDcHg9rJsezKOrQDWcM0QgWktGMCgcEA5Ctw7VAKOTK8Zum/a/t/PxI47m+E/Dvd +s1YeTWwxQBWdrCWXnSnoehsy5ab389MiETe2IaybzUlS2HqZDD4P1h7FdQkT8By8 +tsJxUjiYir0L+W7ZbC9uIqfwJIVvKE+6w5qi78jTv9H0lCpyMyNURZPJxWBngO94 +3OWltobqPhB/29c7jAjyDf5XFijl2TnNXN6RDesyv9uJLJ8gjlX4+HMjqZ2mWH7F +kbbaPMXCyEfqpOnAZkDKUyNK0SIPMFDjAoHBAN5RvfNyVEoeCyqPhPoXvhDabtRR +gnwkyNlb6Zl96HGcp+r1nB3DDmmIUPCbOpurbpE4MBousz5ApCu+Iuhe4zPWywOW +V/mBive1/ioA9G8BHPgvFcyjvRwHzSLRAM9+Qdntf+46cErjuZu7wnbLowPZQLHf +b40okY9PRqq2ebRexyAcSNQMDJpx53rXclXRp7UiepLMd+SxYhOFwOf2IwbeGni0 +BWH45BV5k2+smIWJ7Drca3wXeppOQ1doHleQ6wKBwQCYHPXzirF7dyhEm9Typ6oq +DCX0SlioJ+kiOWmI8suADmkdbmUTcUWmvMyZGfqijMFgz87BHb0zhjc6/GYIKV/k +FIOjW2KgEyh51vY20GWx011Q9JDyyklsb/Vtrkoa39HXvGyf2zfVNqMNcaF3bOLZ +DTEuQEUAn6XomRkkWfF+taqSj30IBfaz/uS5cJk7e9496bYJR3cqkltzFMBe4/tQ +TMJxE8Q6/y5hJJF92SyFhUcYm9WZgIbiF4c2FrTK4JcCgcEAlDZ+okw4MWlcxwpY +prp+teb0jYusUsMwkOfxEP6a9mhv8fkSvoIJm7A19bzRvRz0YNAgEXR3ftXCx9QX +RZSXd+SHV7mP+6ux+nlUHACi9KtopXS5MxfTaAUzbItV36mBO/OqntGgMe0mZ9KB +pIfCApDVy+pKXhsLtN+Ecc77zZSEwBLbOAgIZvaaUeT24+EaeMGnDIhP7cuWt66A +mqQXWelm+yKuQVCYDlEM9R27A7FIJz2c/WT8Zt7Xj5q+5QtHAoHBAKSRenWOHjHG +eoVkz3UKR3Nwn1Ctn/cJmMHE53vR16MeN/FlqnPQdYlvdAPaAHMy91B/zbXAKHGB +WxWlEEv6PbDa0xpHwOzKgkaiES3znEyq7cjlJ6HfURdaAbbbq+uYYdaE9/qQUddC +xttQW+WqaKUz71cMRmAKzzXNBmeeueQ5V514k9r5smgfm/8+//xqltPDomNnoaqz +zMubnimitg5M7OcDv/eR0Hfs+N9Rh3U4yo8DJBRfyvnVMrtw7ydwnQ== +-----END RSA PRIVATE KEY----- From 37d0142b3b0375fb789b1d8c5c47e90f2e348dea Mon Sep 17 00:00:00 2001 From: Chester Leung Date: Fri, 11 Jun 2021 23:27:45 +0000 Subject: [PATCH 2/2] Remove old config yaml --- demo/mc2.yaml | 81 ---------------------------- python-package/mc2client/config.yaml | 36 ------------- 2 files changed, 117 deletions(-) delete mode 100644 demo/mc2.yaml delete mode 100644 python-package/mc2client/config.yaml diff --git a/demo/mc2.yaml b/demo/mc2.yaml deleted file mode 100644 index 6aec480..0000000 --- a/demo/mc2.yaml +++ /dev/null @@ -1,81 +0,0 @@ -# User configuration -user: - # Your username - username should be specified in certificate - username: user1 - - # Path to your symmetric key - will be used for encryption/decryption - # If you don't have a symmetric key, specify a path here and the MC2 Client - # will generate a key and output it to this path - symmetric_key: /root/mc2/demo/keys/user1_sym.key - - # Path to your private key and certificate - # If you don't have a private key / certificate, specify paths here - # and the MC2 client will generate them to these paths - private_key: /root/mc2/demo/keys/user1.pem - certificate: /root/mc2/demo/keys/user1.crt - -# Configuration for cloud resource management and connection -cloud: - # Username to be used when scp-ing into remote machines - remote_username: root - - # Cloud orchestrator - orchestrator: 127.0.0.1:50052 - - # Workers in cluster - nodes: - - 127.0.0.1 - - # List of commands to launch desired compute service - launch: - # Launch commands for Secure XGBoost service - secure_xgboost: - - python3 /root/secure-xgboost/demo/python/remote-control/server/enclave_serve.py - - python3 /root/secure-xgboost/demo/python/remote-control/orchestrator/start_orchestrator.py - - # Launch command for Opaque SQL service - opaque_sql: - - build/sbt run - - # Directory to upload encrypted data to - data_dir: /root/data - - # Directory to save encrypted results to - # This directory will be fetched from when retrieving results - results: - # Secure XGBoost results - - /root/results/xgb.model - - # FIXME: Opaque SQL results - # - /root/results/opaque_sql_result - -# Configuration for local data -local: - # If you want to run Secure XGBoost - # Your data to compute on - data: - - /root/mc2/demo/data/securexgb_train.csv - - /root/mc2/demo/data/securexgb_test.csv - - # Secure XGBoost script to run - script: /root/mc2/demo/secure_xgboost_demo.py - # ---------------------------------- - - # # FIXME: If you want to run Opaque SQL - # # Your data to compute on - # data: - # - /root/mc2/demo/data/opaquesql.csv - # - # schemas: - # - /root/mc2/demo/data/opaquesql_schema.json - # - # # Opaque SQL script to run - # script: /root/mc2/demo/opaque_sql_demo.scala - # ------------------------------ - - # Directory to download results - results: /root/mc2/demo/results - -# Configuration for remote attestation of enclaves -attestation: - simulation_mode: 1 diff --git a/python-package/mc2client/config.yaml b/python-package/mc2client/config.yaml deleted file mode 100644 index 5cac933..0000000 --- a/python-package/mc2client/config.yaml +++ /dev/null @@ -1,36 +0,0 @@ -# User configuration -user: - username: user1 - symmetric_key: /home/chester/opaque-client/python-package/tests/keys/user1_sym.key - private_key: /home/chester/opaque-client/python-package/tests/keys/user1.pem - certificate: /home/chester/opaque-client/python-package/tests/keys/user1.crt - - root_private_key: /home/chester/opaque-client/python-package/tests/keys/root.pem - root_certificate: /home/chester/opaque-client/python-package/tests/keys/root.crt - -# Configuration for remote attestation of enclaves -attestation: - simulation_mode: 0 - mrenclave: NULL - mrsigner: |- # Preserve line breaks - -----BEGIN PUBLIC KEY----- - MIIBoDANBgkqhkiG9w0BAQEFAAOCAY0AMIIBiAKCAYEAoaB84pKOIcKs4kIQbCfe - 9NdH5uj4hkXDtcc8hY2QYpZWLweZNKYPwbEADkpOLxSOJcBzhPHVgzzQdC29DVUB - r7fLrUMtlOmQ+fjUyjHgwr980qnxYkqRtt1fgxNxwIiqbfNT2oFOl5Ycqi4j4N7n - HlQwEG3ohiYDnhUBAKlK/QuzsPU4Pis0aJjpnzmEsJrhlKz2G9I6um2/3wCUbGQT - 4yVNXCPps4zjeGH5W6xQUjyB0IHvjOLuvkYrpfH7VKjq5aFvAT94mxFaI5k3LxMS - bKmF8OiGw/bfh+FJLOmZkBkgTPzUetD+Ix5GmOrAR899ELPQLmNxJves1e6p30Wv - l5MkFoxHbwW8q3djUIn3NbT1o1cNXiu5lezLFfsr/2uZ9uOn2IQruFmJ1SwwBIay - qbBqWJ52Nlq9buAcB3SgKysD6KEf2kBtcSdJ6J3D6dnhVU3kw65RPQynvah7YU4P - 3Kd+ffXQ81eZBqt82FNullMWmz4OoPiOTT5DWTYrIjwXAgED - -----END PUBLIC KEY----- - check_client_list: 1 - client_list: - - user1 - -# Configuration for cloud resource management and connection -cloud: - orchestrator: 137.116.126.152:50052 - azure_config: /home/chester/opaque-client/python-package/mc2client/toolchain/mc2_azure/example-full.yaml - -