diff --git a/docs/readthedocs/source/doc/PPML/QuickStart/tpc-h_with_sparksql_on_k8s.md b/docs/readthedocs/source/doc/PPML/QuickStart/tpc-h_with_sparksql_on_k8s.md index 27d7a559d86..6973ac9a163 100644 --- a/docs/readthedocs/source/doc/PPML/QuickStart/tpc-h_with_sparksql_on_k8s.md +++ b/docs/readthedocs/source/doc/PPML/QuickStart/tpc-h_with_sparksql_on_k8s.md @@ -181,7 +181,7 @@ export OUTPUT_DIR=xxx/output \ --conf spark.ssl.trustStoreType=JKS \ --conf spark.bigdl.kms.type=SimpleKeyManagementService \ --conf spark.bigdl.kms.simple.id=simpleAPPID \ - --conf spark.bigdl.kms.simple.key=simpleAPPKEY \ + --conf spark.bigdl.kms.simple.key=simpleAPIKEY \ --conf spark.bigdl.kms.key.primary=xxxx/primaryKey \ --conf spark.bigdl.kms.key.data=xxxx/dataKey \ --class com.intel.analytics.bigdl.ppml.examples.tpch.TpchQuery \ diff --git a/ppml/README.md b/ppml/README.md index 608600eaffd..823efe07ed5 100644 --- a/ppml/README.md +++ b/ppml/README.md @@ -171,7 +171,7 @@ you can use [generate_people_csv.py](https://github.com/analytics-zoo/ppml-e2e-e 2. Encrypt `people.csv` ``` - docker exec -i $KMSUTIL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh encrypt $appid $appkey $input_file_path" + docker exec -i $KMSUTIL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh encrypt $appid $apikey $input_file_path" ``` #### Step 2. Build Big Data & AI applications To build your own Big Data & AI applications, refer to [develop your own Big Data & AI applications with BigDL PPML](#4-develop-your-own-big-data--ai-applications-with-bigdl-ppml). The code of SimpleQuery is in [here](https://github.com/intel-analytics/BigDL/blob/main/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/SimpleQuerySparkExample.scala), it is already built into bigdl-ppml-spark_3.1.2-2.1.0-SNAPSHOT.jar, and the jar is put into PPML image. @@ -287,7 +287,7 @@ Here we use **k8s client mode** and **PPML CLI** to run SimpleQuery. Check other --kmsServerIP your_ehsm_kms_server_ip \ --kmsServerPort your_ehsm_kms_server_port \ --ehsmAPPID your_ehsm_kms_appid \ - --ehsmAPPKEY your_ehsm_kms_appkey + --ehsmAPIKEY your_ehsm_kms_apikey ``` @@ -313,7 +313,7 @@ Here we use **k8s client mode** and **PPML CLI** to run SimpleQuery. Check other When the job is done, you can decrypt and read result of the job. More details in [Decrypt Job Result](./services/kms-utils/docker/README.md#3-enroll-generate-key-encrypt-and-decrypt). ``` - docker exec -i $KMSUTIL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh decrypt $appid $appkey $input_path" + docker exec -i $KMSUTIL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh decrypt $appid $apikey $input_path" ``` https://user-images.githubusercontent.com/61072813/184758643-821026c3-40e0-4d4c-bcd3-8a516c55fc01.mp4 diff --git a/ppml/docs/examples.md b/ppml/docs/examples.md index ec3f17daaaf..1853044fabe 100644 --- a/ppml/docs/examples.md +++ b/ppml/docs/examples.md @@ -175,7 +175,7 @@ bash bigdl-ppml-submit.sh \ --kmsServerIP kms_server_ip \ --kmsServerPort kms_server_port \ --ehsmAPPID appid \ - --ehsmAPPKEY apikey + --ehsmAPIKEY apikey ``` spark native mode, sgx enabled @@ -214,7 +214,7 @@ bash bigdl-ppml-submit.sh \ --kmsServerIP kms_server_ip \ --kmsServerPort kms_server_port \ --ehsmAPPID appid \ - --ehsmAPPKEY apikey + --ehsmAPIKEY apikey ``` k8s client mode, sgx enabled @@ -256,7 +256,7 @@ bash bigdl-ppml-submit.sh \ --kmsServerIP kms_server_ip \ --kmsServerPort kms_server_port \ --ehsmAPPID appid \ - --ehsmAPPKEY apikey + --ehsmAPIKEY apikey ``` k8s cluster mode, sgx enabled @@ -298,7 +298,7 @@ bash bigdl-ppml-submit.sh \ --kmsServerIP kms_server_ip \ --kmsServerPort kms_server_port \ --ehsmAPPID appid \ - --ehsmAPPKEY apikey + --ehsmAPIKEY apikey ``` diff --git a/ppml/services/kms-utils/docker/README.md b/ppml/services/kms-utils/docker/README.md index fca1eb412dc..05cdedfc790 100644 --- a/ppml/services/kms-utils/docker/README.md +++ b/ppml/services/kms-utils/docker/README.md @@ -67,24 +67,24 @@ INFO [main.cpp(159) -> main]: ehsm-kms enroll app end. export appid=your_appid -export appkey=your_apikey +export apikey=your_apikey export container_input_file_path=mounted_address_of_host_input_file_path export container_input_folder_path=mounted_address_of_host_input_folder_path # Generatekeys -docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh generatekeys $appid $appkey" +docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh generatekeys $appid $apikey" # Encrypt a single data file # encrpted data is next to $container_input_file_path -docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh $kms_type encrypt $appid $appkey $container_input_file_path" +docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh $kms_type encrypt $appid $apikey $container_input_file_path" # Decrypt a single data file -docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh decrypt $appid $appkey $container_input_file_path" +docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh decrypt $appid $apikey $container_input_file_path" # SplitAndEncrypt # encrpted data is in a directory next to $container_input_folder_path -docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh encryptwithrepartition $appid $appkey $container_input_folder_path" +docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh encryptwithrepartition $appid $apikey $container_input_folder_path" ``` ## 4. Stop container: ``` diff --git a/ppml/services/kms-utils/docker/entrypoint.sh b/ppml/services/kms-utils/docker/entrypoint.sh index 9fdd71e44ed..2e07af118bb 100644 --- a/ppml/services/kms-utils/docker/entrypoint.sh +++ b/ppml/services/kms-utils/docker/entrypoint.sh @@ -7,7 +7,7 @@ if [ "$action" = "enroll" ]; then cd /home/ehsm/out/ehsm-kms_enroll_app/ ./ehsm-kms_enroll_app -a http://$EHSM_KMS_IP:$EHSM_KMS_PORT/ehsm/ elif [ "$KMS_TYPE" = "simple" ]; then - echo "Simple KMS is dummy. You can choose any appid and appkey. If you want to generate the corresponding primarykey and datakey, the appid must be 12 characters long." + echo "Simple KMS is dummy. You can choose any appid and apikey. If you want to generate the corresponding primarykey and datakey, the appid must be 12 characters long." elif [ "$KMS_TYPE" = "azure" ]; then keyVaultName=$2 id=$3 @@ -20,7 +20,7 @@ if [ "$action" = "enroll" ]; then elif [ "$action" = "generatekeys" ]; then if [ "$KMS_TYPE" = "ehsm" ]; then appid=$2 - appkey=$3 + apikey=$3 java -cp $BIGDL_HOME/jars/bigdl-ppml-spark_3.1.2-2.1.0-SNAPSHOT.jar:$SPARK_HOME/jars/*:$SPARK_HOME/examples/jars/*:$BIGDL_HOME/jars/* \ com.intel.analytics.bigdl.ppml.examples.GenerateKeys \ --primaryKeyPath /home/key/ehsm_encrypted_primary_key \ @@ -29,17 +29,17 @@ elif [ "$action" = "generatekeys" ]; then --kmsServerIP $EHSM_KMS_IP \ --kmsServerPort $EHSM_KMS_PORT \ --ehsmAPPID $appid \ - --ehsmAPPKEY $appkey + --ehsmAPIKEY $apikey elif [ "$KMS_TYPE" = "simple" ]; then appid=$2 - appkey=$3 + apikey=$3 java -cp $BIGDL_HOME/jars/bigdl-ppml-spark_3.1.2-2.1.0-SNAPSHOT.jar:$SPARK_HOME/jars/*:$SPARK_HOME/examples/jars/*:$BIGDL_HOME/jars/* \ com.intel.analytics.bigdl.ppml.examples.GenerateKeys \ --primaryKeyPath /home/key/simple_encrypted_primary_key \ --dataKeyPath /home/key/simple_encrypted_data_key \ --kmsType SimpleKeyManagementService \ --simpleAPPID $appid \ - --simpleAPPKEY $appkey + --simpleAPIKEY $apikey elif [ "$KMS_TYPE" = "azure" ]; then keyVaultName=$2 java -cp $BIGDL_HOME/jars/bigdl-ppml-spark_3.1.2-2.1.0-SNAPSHOT.jar:$SPARK_HOME/jars/*:$SPARK_HOME/examples/jars/*:$BIGDL_HOME/jars/* \ @@ -54,11 +54,11 @@ elif [ "$action" = "generatekeys" ]; then fi elif [ "$action" = "encrypt" ]; then appid=$2 - appkey=$3 + apikey=$3 input_path=$4 if [ "$KMS_TYPE" = "ehsm" ]; then appid=$2 - appkey=$3 + apikey=$3 java -cp $BIGDL_HOME/jars/bigdl-ppml-spark_3.1.2-2.1.0-SNAPSHOT.jar:$SPARK_HOME/jars/*:$SPARK_HOME/examples/jars/*:$BIGDL_HOME/jars/* \ com.intel.analytics.bigdl.ppml.examples.Encrypt \ --inputPath $input_path \ @@ -68,10 +68,10 @@ elif [ "$action" = "encrypt" ]; then --kmsServerIP $EHSM_KMS_IP \ --kmsServerPort $EHSM_KMS_PORT \ --ehsmAPPID $appid \ - --ehsmAPPKEY $appkey + --ehsmAPIKEY $apikey elif [ "$KMS_TYPE" = "simple" ]; then appid=$2 - appkey=$3 + apikey=$3 java -cp $BIGDL_HOME/jars/bigdl-ppml-spark_3.1.2-2.1.0-SNAPSHOT.jar:$SPARK_HOME/jars/*:$SPARK_HOME/examples/jars/*:$BIGDL_HOME/jars/* \ com.intel.analytics.bigdl.ppml.examples.Encrypt \ --inputPath $input_path \ @@ -79,7 +79,7 @@ elif [ "$action" = "encrypt" ]; then --dataKeyPath /home/key/simple_encrypted_data_key \ --kmsType SimpleKeyManagementService \ --simpleAPPID $appid \ - --simpleAPPKEY $appkey + --simpleAPIKEY $apikey elif [ "$KMS_TYPE" = "azure" ]; then keyVaultName=$2 java -cp $BIGDL_HOME/jars/bigdl-ppml-spark_3.1.2-2.1.0-SNAPSHOT.jar:$SPARK_HOME/jars/*:$SPARK_HOME/examples/jars/*:$BIGDL_HOME/jars/* \ @@ -96,7 +96,7 @@ elif [ "$action" = "encrypt" ]; then elif [ "$action" = "encryptwithrepartition" ]; then if [ "$KMS_TYPE" = "ehsm" ]; then appid=$2 - appkey=$3 + apikey=$3 input_path=$4 output_path=$input_path.encrypted java -cp $BIGDL_HOME/jars/bigdl-ppml-spark_3.1.2-2.1.0-SNAPSHOT.jar:$SPARK_HOME/jars/*:$SPARK_HOME/examples/jars/*:$BIGDL_HOME/jars/* \ @@ -112,10 +112,10 @@ elif [ "$action" = "encryptwithrepartition" ]; then --kmsServerIP $EHSM_KMS_IP \ --kmsServerPort $EHSM_KMS_PORT \ --ehsmAPPID $appid \ - --ehsmAPPKEY $appkey + --ehsmAPIKEY $apikey elif [ "$KMS_TYPE" = "simple" ]; then appid=$2 - appkey=$3 + apikey=$3 input_path=$4 output_path=$input_path.encrypted java -cp $BIGDL_HOME/jars/bigdl-ppml-spark_3.1.2-2.1.0-SNAPSHOT.jar:$SPARK_HOME/jars/*:$SPARK_HOME/examples/jars/*:$BIGDL_HOME/jars/* \ @@ -129,7 +129,7 @@ elif [ "$action" = "encryptwithrepartition" ]; then --dataKeyPath /home/key/simple_encrypted_data_key \ --kmsType SimpleKeyManagementService \ --simpleAPPID $appid \ - --simpleAPPKEY $appkey + --simpleAPIKEY $apikey elif [ "$KMS_TYPE" = "azure" ]; then keyVaultName=$2 input_path=$3 @@ -152,7 +152,7 @@ elif [ "$action" = "encryptwithrepartition" ]; then elif [ "$action" = "decrypt" ]; then if [ "$KMS_TYPE" = "ehsm" ]; then appid=$2 - appkey=$3 + apikey=$3 input_path=$4 java -cp $BIGDL_HOME/jars/bigdl-ppml-spark_3.1.2-2.1.0-SNAPSHOT.jar:$SPARK_HOME/jars/*:$SPARK_HOME/examples/jars/*:$BIGDL_HOME/jars/* \ com.intel.analytics.bigdl.ppml.examples.Decrypt \ @@ -167,10 +167,10 @@ elif [ "$action" = "decrypt" ]; then --kmsServerIP $EHSM_KMS_IP \ --kmsServerPort $EHSM_KMS_PORT \ --ehsmAPPID $appid \ - --ehsmAPPKEY $appkey + --ehsmAPIKEY $apikey elif [ "$KMS_TYPE" = "simple" ]; then appid=$2 - appkey=$3 + apikey=$3 input_path=$4 java -cp $BIGDL_HOME/jars/bigdl-ppml-spark_3.1.2-2.1.0-SNAPSHOT.jar:$SPARK_HOME/jars/*:$SPARK_HOME/examples/jars/*:$BIGDL_HOME/jars/* \ com.intel.analytics.bigdl.ppml.examples.Decrypt \ @@ -183,7 +183,7 @@ elif [ "$action" = "decrypt" ]; then --dataKeyPath /home/key/simple_encrypted_data_key \ --kmsType SimpleKeyManagementService \ --simpleAPPID $appid \ - --simpleAPPKEY $appkey + --simpleAPIKEY $apikey elif [ "$KMS_TYPE" = "azure" ]; then keyVaultName=$2 input_path=$3 diff --git a/ppml/services/kms-utils/docker/run-docker-container.sh b/ppml/services/kms-utils/docker/run-docker-container.sh index 90d67469444..b24efbcb72d 100644 --- a/ppml/services/kms-utils/docker/run-docker-container.sh +++ b/ppml/services/kms-utils/docker/run-docker-container.sh @@ -33,29 +33,29 @@ sudo docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh enr # 3. generate primary key and data key, save them to local paths export APPID=your_appid_obtained_from_enroll -export APPKEY=your_appkey_obtained_from_enroll +export APIKEY=your_apikey_obtained_from_enroll -sudo docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh generatekeys $APPID $APPKEY" # keys to save in $local_key_folder_path +sudo docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh generatekeys $APPID $APIKEY" # keys to save in $local_key_folder_path # 4. encrypt and decrypt binary file export DATA_FILE_NAME_TO_HANDLE=your_local_data_file_name_in_local_data_folder_path export APPID=your_appid_obtained_from_enroll -export APPKEY=your_appkey_obtained_from_enroll +export APIKEY=your_apikey_obtained_from_enroll -sudo docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh localcrypto $APPID $APPKEY /home/data/$DATA_FILE_NAME_TO_HANDLE" # at local host side, a .encrypted and a .decrypted file will be generated +sudo docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh localcrypto $APPID $APIKEY /home/data/$DATA_FILE_NAME_TO_HANDLE" # at local host side, a .encrypted and a .decrypted file will be generated # 5. SplitAndEncrypt a CSV data file export DATA_FILE_NAME_TO_HANDLE=your_local_csv_data_file_name_in_local_data_folder_path export APPID=your_appid_obtained_from_enroll -export APPKEY=your_appkey_obtained_from_enroll +export APIKEY=your_apikey_obtained_from_enroll -sudo docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh splitandencrypt $APPID $APPKEY /home/data/$DATA_FILE_NAME_TO_HANDLE" # at local host side, a folder filled with encrypted data splits will be generated +sudo docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh splitandencrypt $APPID $APIKEY /home/data/$DATA_FILE_NAME_TO_HANDLE" # at local host side, a folder filled with encrypted data splits will be generated # 6. Decrypt a encrypted CSV data file with SimpleQuery export DATA_FILE_NAME_TO_HANDLE=your_local_encrypted_csv_data_file_name_in_local_data_folder_path export APPID=your_appid_obtained_from_enroll -export APPKEY=your_appkey_obtained_from_enroll +export APIKEY=your_apikey_obtained_from_enroll -sudo docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh simplequery $APPID $APPKEY /home/data/$DATA_FILE_NAME_TO_HANDLE" # at local host side, decrypted files will be generated +sudo docker exec -i $ENROLL_CONTAINER_NAME bash -c "bash /home/entrypoint.sh simplequery $APPID $APIKEY /home/data/$DATA_FILE_NAME_TO_HANDLE" # at local host side, decrypted files will be generated diff --git a/ppml/services/pccs-ehsm/kubernetes/README.md b/ppml/services/pccs-ehsm/kubernetes/README.md index 06e5bddd896..967ced44d0f 100644 --- a/ppml/services/pccs-ehsm/kubernetes/README.md +++ b/ppml/services/pccs-ehsm/kubernetes/README.md @@ -131,7 +131,7 @@ cd ../kms-utils bash build-docker-image.sh ``` -If image is ready, you can run the container and enroll by using `run-docker-container.sh` in order to get a appid and appkey pair like below: +If image is ready, you can run the container and enroll by using `run-docker-container.sh` in order to get a appid and apikey pair like below: ```bash export KMS_TYPE=an_optional_kms_type # KMS_TYPE can be (1) ehsm, (2) simple @@ -197,7 +197,7 @@ ls ehsm-kms_enroll_app Then, you will find a new target file `ehsm-kms_enroll_app` generated. -Now, you can enroll your app through command below, and you will receive a appid-appkey pair from the server: +Now, you can enroll your app through command below, and you will receive a appid-apikey pair from the server: ```bash ./ehsm-kms_enroll_app -a http://:9000/ehsm/ diff --git a/python/ppml/src/bigdl/ppml/README.md b/python/ppml/src/bigdl/ppml/README.md index 26753c607bb..f348c3482ed 100644 --- a/python/ppml/src/bigdl/ppml/README.md +++ b/python/ppml/src/bigdl/ppml/README.md @@ -29,7 +29,7 @@ If you want to read/write encrypted files, then you need to provide more informa if the `kms_type` is `SimpleKeyManagementService`, then need - `simple_app_id`: the appId your KMS generated -- `simple_app_key`: the appKey your KMS generated +- `simple_api_key`: the apiKey your KMS generated - `primary_key_path`: the path of your primaryKey - `data_key_path`: the path of your dataKey @@ -38,7 +38,7 @@ if the `kms_type` is `EHSMKeyManagementService`, then need - `kms_server_ip`: the server ip of your KMS - `kms_server_port`: the server port of your KMS - `ehsm_app_id`: the appId your KMS generated -- `ehsm_app_key`: the appKey your KMS generated +- `ehsm_api_key`: the apiKey your KMS generated - `primary_key_path`: the path of your primaryKey - `data_key_path`: the path of your dataKey @@ -49,7 +49,7 @@ if the `kms_type` is `AzureKeyManagementService`, then need - `primary_key_path`: the path of your primaryKey - `data_key_path`: the path of your dataKey -> How to generate appId, appKey, primaryKey and dataKey, please refer to [this](https://github.com/intel-analytics/BigDL/blob/main/ppml/services/kms-utils/docker/README.md) +> How to generate appId, apiKey, primaryKey and dataKey, please refer to [this](https://github.com/intel-analytics/BigDL/blob/main/ppml/services/kms-utils/docker/README.md) Example diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/PPMLContext.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/PPMLContext.scala index 2efdf550d85..f50cce63a28 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/PPMLContext.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/PPMLContext.scala @@ -205,12 +205,12 @@ object PPMLContext{ val ip = conf.get("spark.bigdl.kms.ehs.ip") val port = conf.get("spark.bigdl.kms.ehs.port") val appId = conf.get("spark.bigdl.kms.ehs.id") - val appKey = conf.get("spark.bigdl.kms.ehs.key") - new EHSMKeyManagementService(ip, port, appId, appKey) + val apiKey = conf.get("spark.bigdl.kms.ehs.key") + new EHSMKeyManagementService(ip, port, appId, apiKey) case KMS_CONVENTION.MODE_SIMPLE_KMS => val id = conf.get("spark.bigdl.kms.simple.id", defaultValue = "simpleAPPID") // println(id + "=-------------------") - val key = conf.get("spark.bigdl.kms.simple.key", defaultValue = "simpleAPPKEY") + val key = conf.get("spark.bigdl.kms.simple.key", defaultValue = "simpleAPIKEY") // println(key + "=-------------------") SimpleKeyManagementService(id, key) case KMS_CONVENTION.MODE_AZURE_KMS => @@ -251,12 +251,12 @@ object PPMLContext{ val ip = conf.get("spark.bigdl.kms.ehs.ip", defaultValue = "0.0.0.0") val port = conf.get("spark.bigdl.kms.ehs.port", defaultValue = "5984") val appId = conf.get("spark.bigdl.kms.ehs.id", defaultValue = "ehsmAPPID") - val appKey = conf.get("spark.bigdl.kms.ehs.key", defaultValue = "ehsmAPPKEY") - new EHSMKeyManagementService(ip, port, appId, appKey) + val apiKey = conf.get("spark.bigdl.kms.ehs.key", defaultValue = "ehsmAPIKEY") + new EHSMKeyManagementService(ip, port, appId, apiKey) case KMS_CONVENTION.MODE_SIMPLE_KMS => val id = conf.get("spark.bigdl.kms.simple.id", defaultValue = "simpleAPPID") // println(id + "=-------------------") - val key = conf.get("spark.bigdl.kms.simple.key", defaultValue = "simpleAPPKEY") + val key = conf.get("spark.bigdl.kms.simple.key", defaultValue = "simpleAPIKEY") // println(key + "=-------------------") SimpleKeyManagementService(id, key) case KMS_CONVENTION.MODE_AZURE_KMS => diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/attestation/AttestationCLI.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/attestation/AttestationCLI.scala index ec72131ebc3..4e80d5a889f 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/attestation/AttestationCLI.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/attestation/AttestationCLI.scala @@ -30,7 +30,7 @@ object AttestationCLI { val logger = LogManager.getLogger(getClass) case class CmdParams(appID: String = "test", - appKey: String = "test", + apiKey: String = "test", asType: String = ATTESTATION_CONVENTION.MODE_EHSM_KMS, asURL: String = "127.0.0.1:9000", challenge: String = "", @@ -40,9 +40,9 @@ object AttestationCLI { opt[String]('i', "appID") .text("app id for this app") .action((x, c) => c.copy(appID = x)) - opt[String]('k', "appKey") + opt[String]('k', "apiKey") .text("app key for this app") - .action((x, c) => c.copy(appKey = x)) + .action((x, c) => c.copy(apiKey = x)) opt[String]('u', "asURL") .text("attestation service url, default is 127.0.0.1:9000") .action((x, c) => c.copy(asURL = x)) @@ -68,7 +68,7 @@ object AttestationCLI { val as = params.asType match { case ATTESTATION_CONVENTION.MODE_EHSM_KMS => new EHSMAttestationService(params.asURL.split(":")(0), - params.asURL.split(":")(1), params.appID, params.appKey) + params.asURL.split(":")(1), params.appID, params.apiKey) case ATTESTATION_CONVENTION.MODE_DUMMY => new DummyAttestationService() case _ => throw new AttestationRuntimeException("Wrong Attestation service type") diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/attestation/EHSMAttestationService.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/attestation/EHSMAttestationService.scala index c22062b45f9..b9d492c9b13 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/attestation/EHSMAttestationService.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/attestation/EHSMAttestationService.scala @@ -29,10 +29,10 @@ import org.json.JSONObject * @param kmsServerIP ehsm IP * @param kmsServerPort ehsm port * @param ehsmAPPID application ID - * @param ehsmAPPKEY application Key + * @param ehsmAPIKEY application Key */ class EHSMAttestationService(kmsServerIP: String, kmsServerPort: String, - ehsmAPPID: String, ehsmAPPKEY: String) + ehsmAPPID: String, ehsmAPIKEY: String) extends AttestationService { val logger = LogManager.getLogger(getClass) @@ -60,7 +60,7 @@ class EHSMAttestationService(kmsServerIP: String, kmsServerPort: String, val action: String = ACTION_GENERATE_QUOTE val currentTime = System.currentTimeMillis() val timestamp = s"$currentTime" - val ehsmParams = new EHSMParams(ehsmAPPID, ehsmAPPKEY, timestamp) + val ehsmParams = new EHSMParams(ehsmAPPID, ehsmAPIKEY, timestamp) ehsmParams.addPayloadElement(PAYLOAD_CHALLENGE, challenge) val postResult: JSONObject = timing("EHSMKeyManagementService request for GenerateQuote") { val postString: String = ehsmParams.getPostJSONString() @@ -83,7 +83,7 @@ class EHSMAttestationService(kmsServerIP: String, kmsServerPort: String, val action: String = ACTION_VERIFY_QUOTE val currentTime = System.currentTimeMillis() // ms val timestamp = s"$currentTime" - val ehsmParams = new EHSMParams(ehsmAPPID, ehsmAPPKEY, timestamp) + val ehsmParams = new EHSMParams(ehsmAPPID, ehsmAPIKEY, timestamp) ehsmParams.addPayloadElement(PAYLOAD_QUOTE, quote) ehsmParams.addPayloadElement(PAYLOAD_NONCE, nonce) val postResult: JSONObject = timing("EHSMKeyManagementService request for VerifyQuote") { diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/Decrypt.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/Decrypt.scala index 5c5c658cf92..30f4ea64a6e 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/Decrypt.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/Decrypt.scala @@ -35,9 +35,9 @@ object Decrypt extends App with Supportive{ val kms = arguments.kmsType match { case KMS_CONVENTION.MODE_EHSM_KMS => new EHSMKeyManagementService(arguments.kmsServerIP, arguments.kmsServerPort, - arguments.ehsmAPPID, arguments.ehsmAPPKEY) + arguments.ehsmAPPID, arguments.ehsmAPIKEY) case KMS_CONVENTION.MODE_SIMPLE_KMS => - SimpleKeyManagementService(arguments.simpleAPPID, arguments.simpleAPPKEY) + SimpleKeyManagementService(arguments.simpleAPPID, arguments.simpleAPIKEY) case KMS_CONVENTION.MODE_AZURE_KMS => new AzureKeyManagementService(arguments.keyVaultName, arguments.managedIdentityClientId) case _ => diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/Encrypt.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/Encrypt.scala index 8c408595b13..a386d76b144 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/Encrypt.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/Encrypt.scala @@ -35,9 +35,9 @@ object Encrypt extends App with Supportive{ val kms = arguments.kmsType match { case KMS_CONVENTION.MODE_EHSM_KMS => new EHSMKeyManagementService(arguments.kmsServerIP, arguments.kmsServerPort, - arguments.ehsmAPPID, arguments.ehsmAPPKEY) + arguments.ehsmAPPID, arguments.ehsmAPIKEY) case KMS_CONVENTION.MODE_SIMPLE_KMS => - SimpleKeyManagementService(arguments.simpleAPPID, arguments.simpleAPPKEY) + SimpleKeyManagementService(arguments.simpleAPPID, arguments.simpleAPIKEY) case KMS_CONVENTION.MODE_AZURE_KMS => new AzureKeyManagementService(arguments.keyVaultName, arguments.managedIdentityClientId) case _ => diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/GenerateKeys.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/GenerateKeys.scala index 03493849dc1..cbabda3a895 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/GenerateKeys.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/GenerateKeys.scala @@ -36,9 +36,9 @@ object GenerateKeys extends App { val kms = arguments.kmsType match { case KMS_CONVENTION.MODE_EHSM_KMS => new EHSMKeyManagementService(arguments.kmsServerIP, arguments.kmsServerPort, - arguments.ehsmAPPID, arguments.ehsmAPPKEY) + arguments.ehsmAPPID, arguments.ehsmAPIKEY) case KMS_CONVENTION.MODE_SIMPLE_KMS => - SimpleKeyManagementService(arguments.simpleAPPID, arguments.simpleAPPKEY) + SimpleKeyManagementService(arguments.simpleAPPID, arguments.simpleAPIKEY) case KMS_CONVENTION.MODE_AZURE_KMS => new AzureKeyManagementService(arguments.keyVaultName, arguments.managedIdentityClientId) case _ => diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/LocalCryptoExample.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/LocalCryptoExample.scala index 2d67c8d5679..fabbc592f6f 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/LocalCryptoExample.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/LocalCryptoExample.scala @@ -35,9 +35,9 @@ object LocalCryptoExample extends App with Supportive{ val kms = arguments.kmsType match { case KMS_CONVENTION.MODE_EHSM_KMS => new EHSMKeyManagementService(arguments.kmsServerIP, arguments.kmsServerPort, - arguments.ehsmAPPID, arguments.ehsmAPPKEY) + arguments.ehsmAPPID, arguments.ehsmAPIKEY) case KMS_CONVENTION.MODE_SIMPLE_KMS => - SimpleKeyManagementService(arguments.simpleAPPID, arguments.simpleAPPKEY) + SimpleKeyManagementService(arguments.simpleAPPID, arguments.simpleAPIKEY) case KMS_CONVENTION.MODE_AZURE_KMS => new AzureKeyManagementService(arguments.keyVaultName, arguments.managedIdentityClientId) case _ => diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/README.md b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/README.md index cb9a13b61bd..fb23d84f534 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/README.md +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/README.md @@ -38,7 +38,7 @@ Run this example in spark local mode: --dataKeyPath /your/data/key/path/dataKey \ --kmsType SimpleKeyManagementService \ --simpleAPPID your_app_id \ - --simpleAPPKEY your_app_key \ + --simpleAPIKEY your_api_key \ --numThreads 1 ``` @@ -66,7 +66,7 @@ Run this example in spark local mode: --kmsServerIP you_kms_server_ip \ --kmsServerPort you_kms_server_port \ --ehsmAPPID your_app_id \ - --ehsmAPPKEY your_app_key \ + --ehsmAPIKEY your_api_key \ --numThreads 1 ``` diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/tpch/EncryptFiles.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/tpch/EncryptFiles.scala index 2b44360e44f..0036fd70315 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/tpch/EncryptFiles.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/tpch/EncryptFiles.scala @@ -37,9 +37,9 @@ object EncryptFiles { val kms = arguments.kmsType match { case KMS_CONVENTION.MODE_EHSM_KMS => new EHSMKeyManagementService(arguments.kmsServerIP, arguments.kmsServerPort, - arguments.ehsmAPPID, arguments.ehsmAPPKEY) + arguments.ehsmAPPID, arguments.ehsmAPIKEY) case KMS_CONVENTION.MODE_SIMPLE_KMS => - SimpleKeyManagementService(arguments.simpleAPPID, arguments.simpleAPPKEY) + SimpleKeyManagementService(arguments.simpleAPPID, arguments.simpleAPIKEY) case KMS_CONVENTION.MODE_AZURE_KMS => new AzureKeyManagementService(arguments.keyVaultName, arguments.managedIdentityClientId) case _ => diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/tpch/README.md b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/tpch/README.md index 6882216aeb0..4d928181b4b 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/tpch/README.md +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/tpch/README.md @@ -35,7 +35,7 @@ java -cp '$BIGDL_HOME/lib/bigdl-ppml-VERSION-jar-with-dependencies.jar \ com.intel.analytics.bigdl.ppml.examples.tpch.EncryptFiles \ --kmsType SimpleKeyManagementService \ --simpleAPPID xxxxxxxxxxxx \ - --simpleAPPKEY xxxxxxxxxxxx \ + --simpleAPIKEY xxxxxxxxxxxx \ --inputPath xxx/dbgen \ --outputPath xxx/dbgen-encrypted ``` @@ -115,7 +115,7 @@ export OUTPUT_DIR=xxx/output && \ --conf spark.ssl.trustStoreType=JKS \ --conf spark.bigdl.kms.type=SimpleKeyManagementService \ --conf spark.bigdl.kms.simple.id=simpleAPPID \ - --conf spark.bigdl.kms.simple.key=simpleAPPKEY \ + --conf spark.bigdl.kms.simple.key=simpleAPIKEY \ --conf spark.bigdl.kms.key.primary=xxxx/primaryKey \ --conf spark.bigdl.kms.key.data=xxxx/dataKey \ --class com.intel.analytics.bigdl.ppml.examples.tpch.TpchQuery \ diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/xgbClassifierTrainingExampleOnCriteoClickLogsDataset.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/xgbClassifierTrainingExampleOnCriteoClickLogsDataset.scala index 1fa6be39f4b..5cf2d15c915 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/xgbClassifierTrainingExampleOnCriteoClickLogsDataset.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/examples/xgbClassifierTrainingExampleOnCriteoClickLogsDataset.scala @@ -59,9 +59,9 @@ case class Params( kmsServerIP: String = "0.0.0.0", kmsServerPort: String = "5984", ehsmAPPID: String = "ehsmAPPID", - ehsmAPPKEY: String = "ehsmAPPKEY", + ehsmAPIKEY: String = "ehsmAPIKEY", simpleAPPID: String = "simpleAPPID", - simpleAPPKEY: String = "simpleAPPKEY", + simpleAPIKEY: String = "simpleAPIKEY", modelSavePath: String = "/host/data/model", numThreads: Int = 2, numRound: Int = 100, @@ -76,10 +76,10 @@ case class Params( kmsArgs("spark.bigdl.kms.ehs.ip") = kmsServerIP kmsArgs("spark.bigdl.kms.ehs.port") = kmsServerPort kmsArgs("spark.bigdl.kms.ehs.id") = ehsmAPPID - kmsArgs("spark.bigdl.kms.ehs.key") = ehsmAPPKEY + kmsArgs("spark.bigdl.kms.ehs.key") = ehsmAPIKEY case KMS_CONVENTION.MODE_SIMPLE_KMS => kmsArgs("spark.bigdl.kms.simple.id") = simpleAPPID - kmsArgs("spark.bigdl.kms.simple.key") = simpleAPPKEY + kmsArgs("spark.bigdl.kms.simple.key") = simpleAPIKEY case _ => throw new EncryptRuntimeException("Wrong kms type") } @@ -248,17 +248,17 @@ object xgbClassifierTrainingExampleOnCriteoClickLogsDataset { .action((v, p) => p.copy(ehsmAPPID = v)) .text("ehsmAPPID") - opt[String]('k', "ehsmAPPKEY") - .action((v, p) => p.copy(ehsmAPPKEY = v)) - .text("ehsmAPPKEY") + opt[String]('k', "ehsmAPIKEY") + .action((v, p) => p.copy(ehsmAPIKEY = v)) + .text("ehsmAPIKEY") opt[String]('s', "simpleAPPID") .action((v, p) => p.copy(simpleAPPID = v)) .text("simpleAPPID") - opt[String]('k', "simpleAPPKEY") - .action((v, p) => p.copy(simpleAPPKEY = v)) - .text("simpleAPPKEY") + opt[String]('k', "simpleAPIKEY") + .action((v, p) => p.copy(simpleAPIKEY = v)) + .text("simpleAPIKEY") opt[Int]('t', "numThreads") .text("threads num") diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/EHSMKeyManagementService.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/EHSMKeyManagementService.scala index cc6db3ee384..4c203838c84 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/EHSMKeyManagementService.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/EHSMKeyManagementService.scala @@ -48,12 +48,12 @@ class EHSMKeyManagementService( kmsServerIP: String, kmsServerPort: String, ehsmAPPID: String, - ehsmAPPKEY: String)extends KeyManagementService { + ehsmAPIKEY: String)extends KeyManagementService { val keyReaderWriter = new KeyReaderWriter Log4Error.invalidInputError(ehsmAPPID != "", s"ehsmAPPID should not be empty string.") - Log4Error.invalidInputError(ehsmAPPKEY != "", s"ehsmAPPKEY should not be empty string.") + Log4Error.invalidInputError(ehsmAPIKEY != "", s"ehsmAPIKEY should not be empty string.") def retrievePrimaryKey(primaryKeySavePath: String, config: Configuration = null): Unit = { Log4Error.invalidInputError(primaryKeySavePath != null && primaryKeySavePath != "", @@ -61,7 +61,7 @@ class EHSMKeyManagementService( val action: String = EHSM_CONVENTION.ACTION_CREATE_KEY val currentTime = System.currentTimeMillis() // ms val timestamp = s"$currentTime" - val ehsmParams = new EHSMParams(ehsmAPPID, ehsmAPPKEY, timestamp) + val ehsmParams = new EHSMParams(ehsmAPPID, ehsmAPIKEY, timestamp) ehsmParams.addPayloadElement(EHSM_CONVENTION.PAYLOAD_KEYSPEC, EHSM_CONVENTION.KEYSPEC_EH_AES_GCM_128) ehsmParams.addPayloadElement(EHSM_CONVENTION.PAYLOAD_ORIGIN, @@ -86,7 +86,7 @@ class EHSMKeyManagementService( val encryptedPrimaryKey: String = keyReaderWriter.readKeyFromFile(primaryKeyPath, config) val currentTime = System.currentTimeMillis() // ms val timestamp = s"$currentTime" - val ehsmParams = new EHSMParams(ehsmAPPID, ehsmAPPKEY, timestamp) + val ehsmParams = new EHSMParams(ehsmAPPID, ehsmAPIKEY, timestamp) ehsmParams.addPayloadElement(EHSM_CONVENTION.PAYLOAD_AAD, "test") ehsmParams.addPayloadElement(EHSM_CONVENTION.PAYLOAD_KEY_ID, encryptedPrimaryKey) ehsmParams.addPayloadElement(EHSM_CONVENTION.PAYLOAD_KEY_LENGTH, "32") @@ -112,7 +112,7 @@ class EHSMKeyManagementService( val encryptedDataKey: String = keyReaderWriter.readKeyFromFile(dataKeyPath, config) val currentTime = System.currentTimeMillis() // ms val timestamp = s"$currentTime" - val ehsmParams = new EHSMParams(ehsmAPPID, ehsmAPPKEY, timestamp) + val ehsmParams = new EHSMParams(ehsmAPPID, ehsmAPIKEY, timestamp) ehsmParams.addPayloadElement(EHSM_CONVENTION.PAYLOAD_AAD, "test") ehsmParams.addPayloadElement(EHSM_CONVENTION.PAYLOAD_CIPHER_TEXT, encryptedDataKey) ehsmParams.addPayloadElement(EHSM_CONVENTION.PAYLOAD_KEY_ID, encryptedPrimaryKey) diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/README.md b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/README.md index aaada12023a..1c03d941a6b 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/README.md +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/README.md @@ -143,7 +143,7 @@ ls ehsm-kms_enroll_app Then, you will find a new target file `ehsm-kms_enroll_app` generated. -Now, you can enroll your app through command below, and you will receive a appid-appkey pair from the server: +Now, you can enroll your app through command below, and you will receive a appid-apikey pair from the server: ```bash ./ehsm-kms_enroll_app http://:9000/ehsm/ @@ -175,6 +175,6 @@ java -cp target/spark-encrypt-io-0.2-SNAPSHOT-jar-with-dependencies.jar \ --kmsServerIP /the/kms/external/ip/prementioned \ --kmsServerPort 9000 \ --ehsmAPPID /the/appid/obtained/through/enroll \ - --ehsmAPPKEY /the/appkey/obtained/through/enroll \ + --ehsmAPIKEY /the/apikey/obtained/through/enroll \ --kmsType EHSMKeyManagementService ``` diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/SimpleKeyManagementService.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/SimpleKeyManagementService.scala index ce716193a8f..c2f82ef4619 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/SimpleKeyManagementService.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/kms/SimpleKeyManagementService.scala @@ -25,21 +25,21 @@ import com.intel.analytics.bigdl.ppml.utils.KeyReaderWriter class SimpleKeyManagementService protected( simpleAPPID: String, - simpleAPPKEY: String) extends KeyManagementService { + simpleAPIKEY: String) extends KeyManagementService { val enrollMap = new HashMap[String, String] val keyReaderWriter = new KeyReaderWriter var _appId: String = _ - var _appKey: String = _ + var _apiKey: String = _ - setAppIdAndKey(simpleAPPID, simpleAPPKEY) + setAppIdAndKey(simpleAPPID, simpleAPIKEY) Log4Error.invalidInputError(simpleAPPID != "", s"simpleAPPID should not be empty string.") - Log4Error.invalidInputError(simpleAPPKEY != "", s"simpleAPPKEY should not be empty string.") + Log4Error.invalidInputError(simpleAPIKEY != "", s"simpleAPIKEY should not be empty string.") def retrievePrimaryKey(primaryKeySavePath: String, config: Configuration = null): Unit = { timing("SimpleKeyManagementService retrievePrimaryKey") { Log4Error.invalidInputError(enrollMap.keySet.contains(_appId) && - enrollMap(_appId) == _appKey, "appid and appkey do not match!") + enrollMap(_appId) == _apiKey, "appid and apikey do not match!") Log4Error.invalidInputError(primaryKeySavePath != null && primaryKeySavePath != "", "primaryKeySavePath should be specified") val suffix = (1 to 4).map { x => Random.nextInt(10) }.mkString @@ -52,7 +52,7 @@ class SimpleKeyManagementService protected( config: Configuration = null): Unit = { timing("SimpleKeyManagementService retrieveDataKey") { Log4Error.invalidInputError(enrollMap.keySet.contains(_appId) && - enrollMap(_appId) == _appKey, "appid and appkey do not match!") + enrollMap(_appId) == _apiKey, "appid and apikey do not match!") Log4Error.invalidInputError(primaryKeyPath != null && primaryKeyPath != "", "primaryKeyPath should be specified") Log4Error.invalidInputError(dataKeySavePath != null && dataKeySavePath != "", @@ -75,7 +75,7 @@ class SimpleKeyManagementService protected( config: Configuration = null): String = { timing("SimpleKeyManagementService retrieveDataKeyPlaintext") { Log4Error.invalidInputError(enrollMap.keySet.contains(_appId) && - enrollMap(_appId) == _appKey, "appid and appkey do not match!") + enrollMap(_appId) == _apiKey, "appid and apikey do not match!") Log4Error.invalidInputError(primaryKeyPath != null && primaryKeyPath != "", "primaryKeyPath should be specified") Log4Error.invalidInputError(dataKeyPath != null && dataKeyPath != "", @@ -93,10 +93,10 @@ class SimpleKeyManagementService protected( } } - private def setAppIdAndKey(appId: String, appKey: String): Unit = { + private def setAppIdAndKey(appId: String, apiKey: String): Unit = { _appId = appId - _appKey = appKey - enrollMap(_appId) = _appKey + _apiKey = apiKey + enrollMap(_appId) = _apiKey } } @@ -104,11 +104,11 @@ class SimpleKeyManagementService protected( object SimpleKeyManagementService { def apply(): SimpleKeyManagementService = { val appid = (1 to 12).map(x => Random.nextInt(10)).mkString - val appkey = (1 to 12).map(x => Random.nextInt(10)).mkString - new SimpleKeyManagementService(appid, appkey) + val apikey = (1 to 12).map(x => Random.nextInt(10)).mkString + new SimpleKeyManagementService(appid, apikey) } - def apply(appID: String, appKey: String): SimpleKeyManagementService = { - new SimpleKeyManagementService(appID, appKey) + def apply(appID: String, apiKey: String): SimpleKeyManagementService = { + new SimpleKeyManagementService(appID, apiKey) } } diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/python/PPMLContextPython.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/python/PPMLContextPython.scala index b0f44accce9..b1cc9a39999 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/python/PPMLContextPython.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/python/PPMLContextPython.scala @@ -123,9 +123,9 @@ class PPMLContextPython[T]() { * support for test */ - def initKeys(appId: String, appKey: String, primaryKeyPath: String, + def initKeys(appId: String, apiKey: String, primaryKeyPath: String, dataKeyPath: String): SimpleKeyManagementService = { - val kms = SimpleKeyManagementService.apply(appId, appKey) + val kms = SimpleKeyManagementService.apply(appId, apiKey) kms.retrievePrimaryKey(primaryKeyPath) kms.retrieveDataKey(primaryKeyPath, dataKeyPath) kms diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/utils/EHSMParams.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/utils/EHSMParams.scala index de3a8a4301c..3a10f9536c5 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/utils/EHSMParams.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/utils/EHSMParams.scala @@ -25,7 +25,7 @@ import java.util.Base64 class EHSMParams( appId: String, - appKey: String, + apiKey: String, timeStamp: String) { protected val payLoad = new HashMap[String, String] @@ -56,7 +56,7 @@ class EHSMParams( private def getSignCiphertextString(): String = { - val secret = new SecretKeySpec(appKey.getBytes("UTF-8"), "SHA256") + val secret = new SecretKeySpec(apiKey.getBytes("UTF-8"), "SHA256") val mac = Mac.getInstance("HmacSHA256") mac.init(secret) val signPlaintextString: String = getSignPlaintextString() @@ -67,7 +67,7 @@ class EHSMParams( private def getSignPlaintextString(): String = { - Log4Error.invalidInputError(appId != "" && appKey != "" && timeStamp != "" + Log4Error.invalidInputError(appId != "" && apiKey != "" && timeStamp != "" && !payLoad.isEmpty, "Lack necessary param or payload!") var signString: String = s"appid=$appId&payload=" val tmp = Map(payLoad.toSeq.sortWith(_._1 < _._1): _*) diff --git a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/utils/EncryptIOArguments.scala b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/utils/EncryptIOArguments.scala index 48cd0318c1a..501e0fb9d48 100644 --- a/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/utils/EncryptIOArguments.scala +++ b/scala/ppml/src/main/scala/com/intel/analytics/bigdl/ppml/utils/EncryptIOArguments.scala @@ -35,9 +35,9 @@ case class EncryptIOArguments( kmsServerIP: String = "0.0.0.0", kmsServerPort: String = "5984", ehsmAPPID: String = "ehsmAPPID", - ehsmAPPKEY: String = "ehsmAPPKEY", + ehsmAPIKEY: String = "ehsmAPIKEY", simpleAPPID: String = "simpleAPPID", - simpleAPPKEY: String = "simpleAPPKEY", + simpleAPIKEY: String = "simpleAPIKEY", keyVaultName: String = "keyVaultName", managedIdentityClientId: String = "") { def ppmlArgs(): Map[String, String] = { @@ -48,10 +48,10 @@ case class EncryptIOArguments( kmsArgs("spark.bigdl.kms.ehs.ip") = kmsServerIP kmsArgs("spark.bigdl.kms.ehs.port") = kmsServerPort kmsArgs("spark.bigdl.kms.ehs.id") = ehsmAPPID - kmsArgs("spark.bigdl.kms.ehs.key") = ehsmAPPKEY + kmsArgs("spark.bigdl.kms.ehs.key") = ehsmAPIKEY case KMS_CONVENTION.MODE_SIMPLE_KMS => kmsArgs("spark.bigdl.kms.simple.id") = simpleAPPID - kmsArgs("spark.bigdl.kms.simple.key") = simpleAPPKEY + kmsArgs("spark.bigdl.kms.simple.key") = simpleAPIKEY case KMS_CONVENTION.MODE_AZURE_KMS => kmsArgs("spark.bigdl.kms.azure.vault") = keyVaultName kmsArgs("spark.bigdl.kms.azure.clientId") = managedIdentityClientId @@ -110,15 +110,15 @@ object EncryptIOArguments { opt[String]('j', "ehsmAPPID") .action((x, c) => c.copy(ehsmAPPID = x)) .text("ehsmAPPID") - opt[String]('k', "ehsmAPPKEY") - .action((x, c) => c.copy(ehsmAPPKEY = x)) - .text("ehsmAPPKEY") + opt[String]('k', "ehsmAPIKEY") + .action((x, c) => c.copy(ehsmAPIKEY = x)) + .text("ehsmAPIKEY") opt[String]('s', "simpleAPPID") .action((x, c) => c.copy(simpleAPPID = x)) .text("simpleAPPID") - opt[String]('k', "simpleAPPKEY") - .action((x, c) => c.copy(simpleAPPKEY = x)) - .text("simpleAPPKEY") + opt[String]('k', "simpleAPIKEY") + .action((x, c) => c.copy(simpleAPIKEY = x)) + .text("simpleAPIKEY") opt[String]('v', "vaultName") .action((x, c) => c.copy(keyVaultName = x)) .text("keyVaultName") diff --git a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/DataFrameHelper.scala b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/DataFrameHelper.scala index 9ba081e5e38..afe9819d676 100644 --- a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/DataFrameHelper.scala +++ b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/DataFrameHelper.scala @@ -29,8 +29,8 @@ class DataFrameHelper extends BigDLSpecHelper { val repeatedNum = 100000 val totalNum = repeatedNum * 3 val header = "name,age,job\n" - val (appid, appkey) = generateKeys() - val simpleKms = SimpleKeyManagementService(appid, appkey) + val (appid, apikey) = generateKeys() + val simpleKms = SimpleKeyManagementService(appid, apikey) val dir = createTmpDir("rwx------") val primaryKeyPath = dir + s"/primary.key" @@ -38,8 +38,8 @@ class DataFrameHelper extends BigDLSpecHelper { def generateKeys(): (String, String) = { val appid: String = "123456789012" - val appkey: String = "210987654321" - (appid, appkey) + val apikey: String = "210987654321" + (appid, apikey) } def generateCsvData(): (String, String, String, String) = { diff --git a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptDataFrameHadoopSpec.scala b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptDataFrameHadoopSpec.scala index 479a868a068..2ff59d801ca 100644 --- a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptDataFrameHadoopSpec.scala +++ b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptDataFrameHadoopSpec.scala @@ -32,7 +32,7 @@ class EncryptDataFrameHadoopSpec extends DataFrameHelper { val ppmlArgs = Map( "spark.bigdl.kms.simple.id" -> appid, - "spark.bigdl.kms.simple.key" -> appkey, + "spark.bigdl.kms.simple.key" -> apikey, "spark.bigdl.kms.key.primary" -> (s"file://" + primaryKeyPath), "spark.bigdl.kms.key.data" -> (s"file://" + dataKeyPath) ) diff --git a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptDataFrameSpec.scala b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptDataFrameSpec.scala index e4ea9053749..0cd61bd1e0f 100644 --- a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptDataFrameSpec.scala +++ b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptDataFrameSpec.scala @@ -31,7 +31,7 @@ class EncryptDataFrameSpec extends DataFrameHelper { val ppmlArgs = Map( "spark.bigdl.kms.simple.id" -> appid, - "spark.bigdl.kms.simple.key" -> appkey, + "spark.bigdl.kms.simple.key" -> apikey, "spark.bigdl.kms.key.primary" -> primaryKeyPath, "spark.bigdl.kms.key.data" -> dataKeyPath ) diff --git a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptedJsonSpec.scala b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptedJsonSpec.scala index 54d63bc49af..5d7ba66735e 100644 --- a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptedJsonSpec.scala +++ b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/EncryptedJsonSpec.scala @@ -26,7 +26,7 @@ class EncryptedJsonSpec extends DataFrameHelper { val ppmlArgs = Map( "spark.bigdl.kms.simple.id" -> appid, - "spark.bigdl.kms.simple.key" -> appkey, + "spark.bigdl.kms.simple.key" -> apikey, "spark.bigdl.kms.key.primary" -> primaryKeyPath, "spark.bigdl.kms.key.data" -> dataKeyPath ) diff --git a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/ParquetEncryptionSpec.scala b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/ParquetEncryptionSpec.scala index 4ea60095b82..43325b6ea86 100644 --- a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/ParquetEncryptionSpec.scala +++ b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/crypto/dataframe/ParquetEncryptionSpec.scala @@ -33,7 +33,7 @@ class ParquetEncryptionSpec extends DataFrameHelper { val ppmlArgs = Map( "spark.bigdl.kms.simple.id" -> appid, - "spark.bigdl.kms.simple.key" -> appkey, + "spark.bigdl.kms.simple.key" -> apikey, "spark.bigdl.kms.key.primary" -> primaryKeyPath, "spark.bigdl.kms.key.data" -> dataKeyPath ) diff --git a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/python/PPMLContextPythonSpec.scala b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/python/PPMLContextPythonSpec.scala index fc509465d7c..3bf0338f23d 100644 --- a/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/python/PPMLContextPythonSpec.scala +++ b/scala/ppml/src/test/scala/com/intel/analytics/bigdl/ppml/python/PPMLContextPythonSpec.scala @@ -31,7 +31,7 @@ class PPMLContextPythonSpec extends DataFrameHelper{ val ppmlArgs: Map[String, String] = Map( "spark.bigdl.kms.type" -> "SimpleKeyManagementService", "spark.bigdl.kms.simple.id" -> appid, - "spark.bigdl.kms.simple.key" -> appkey, + "spark.bigdl.kms.simple.key" -> apikey, "spark.bigdl.kms.key.primary" -> primaryKeyPath, "spark.bigdl.kms.key.data" -> dataKeyPath )