* feat(manager): start port search at minimum port range
When getting free port to be use we start at the minimum port range i.e 6000. This makes the agent url more deterministic since in most cases the agent port will be 6000
* fix(manager): Remove unused error channel
The error channel is not used
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
---------
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* feat(algorithm): Add wasm as an algo type
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* feat(algorithm): Use filesystem to store results
Move from unix socket for results storage to filesystem
* test: test new filesystem changes
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* refactor(files): rename resultFile to resultsFilePath
* feat(wasm-runtime): change from wasmtime to wasmedge
Wasmedge enables easier directory mapping to get results
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* feat(algorithm): send results as zipped directory
Create a new function to zip the results directory and send it back to the user
* fix(wasm): runtime argument
Fix the directory mapping for wasm runtime arguments
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* fix(errors): provide useful error message
* chore(gitignore): add results zip to gitignore
* feat(filesystem): Enable storing results on filesystem for python algos
* refactor: revert to upstream cocos repo
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* fix: remove AddDataset from algorithm interface
* fix: agent to handle results zipping
* test: test zipping directories
* refactor(agent): Handle file operations from agent
* test: run test inside eos
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* refactor(test): Document and test algos are running
Document steps on running the 2 python exampls and ensure they are running on eos
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* fix: remove witheDataset option
* test: test without dataset argument
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
---------
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* test(events): failing tests
* fix: Add datapath as optional parameter
If datapath is not provided if should work as assume dataset is empty
If an invalid i.e non existent path is given it should return an error
* feat(agent): Allow empty dataset
Allow running of algorithm with empty dataset since not all algorithms require datasets.
Allow state-machine transition from algo-received state to running state incase of no dataset provided
Fixes https://github.com/ultravioletrs/cocos/issues/168
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* chore(gitignore): Remove build artefacts
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* feat(algorithms): Add test algorithm for addition
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* refactor(addition): Modify addition algo to one file
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* fix(agent): move state transition to callback func
Move state transition from `receivingAlgorithm` to `running` to state call back function
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* feat(agent-event): Add `algoReceivedNoData` event
`algoReceivedNoData` is an event that is sent if we receive an algorithm and it should not have a dataset hence changes the state from `receivingAlgorithm` to `running`
* fix(agent-state): Change state depending on manifest
Change state from `receivingAlgorithm` to either `receivingData` if there is a dataset or `running` if there is no dataset provided
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
---------
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* refactor(env): remove internal env package
No need for this package since the parent package github.com/caarlos0/env does everything we need
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* refactor(jaeger): remove internal jaeger package
No need for this package since we can use magistrala exported package
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* refactor(metrics): remove internal metrics pkg
Use exported magistrala prometheus package
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* chore(dep): Update grpc and other dependencies
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* style(linter): remove enabled by default linters
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
---------
Signed-off-by: Rodney Osodo <socials@rodneyosodo.com>
* * fix(interceptors.go): change role from auth.DataProviderRole to auth.ConsumerRole in AuthenticateUser call
Signed-off-by: SammyOina <sammyoina@gmail.com>
* * test(interceptors_test.go): update role variable values in TestAuthUnaryInterceptor
* - Change role value from auth.DataProviderRole to auth.ConsumerRole in the "authorized result method" test case
* - Change role value from auth.DataProviderRole to auth.ConsumerRole in the "unauthorized result method" test case
* - Change role value from auth.DataProviderRole to auth.ConsumerRole in the "other method" test case
Signed-off-by: SammyOina <sammyoina@gmail.com>
---------
Signed-off-by: SammyOina <sammyoina@gmail.com>
* add host_data option
* add CLI hostdata option and rename platform to backend
* move code for computation hash to a function
* rename getComputationHash to computationHash
* add default for backend information field switch
* add cli option to download ask and ark
* add ARK and ASK to cert chain of the attestation report
* fix spelling mistake
* add explanation for aTLS testing
* remove commented code
* Implement gRPC auth interceptors and update dependencies
Introduced gRPC authentication interceptors for unary and stream calls in the agent's API to enhance security. These interceptors verify signatures based on roles before handling requests, rejecting unauthorized ones. The authentication logic was refactored, adding relevant error handling.
Added mocks for authentication interfaces to facilitate testing and replaced direct errors with wrapped ones to provide additional context.
The Makefile now includes a version pin for the Mockery tool, ensuring consistent mock generation across environments.
Updated the gRPC server setup in `grpc.go` to utilize the new interceptors. This change aims to reinforce the API's access control by authenticating users according to their roles and is expected to prevent unauthorized access to sensitive endpoints.
Lastly, dependencies in go.mod and go.sum were updated, most notably the inclusion of testify for improved testing capabilities.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* fix linting errors
Signed-off-by: SammyOina <sammyoina@gmail.com>
* * chore(Makefile): remove unused variables and update 'mocks' target
Signed-off-by: SammyOina <sammyoina@gmail.com>
---------
Signed-off-by: SammyOina <sammyoina@gmail.com>
Added support for Docker in the system configuration file. This includes packages like libseccomp, CA certificates, Docker CLI, Docker Compose, Docker Engine, containerd, and runc.
Signed-off-by: SammyOina <sammyoina@gmail.com>
Corrected the struct field 'vnc' to 'Vnc' to match Go's public field naming conventions and to make it exportable. Each QEMU virtual machine's VNC display number now increments upon instantiation to avoid display conflicts.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* add rust program for fetching platform data
* fix new line error
* add CLI options to add the measurement to platform_info.json file
* add documentation for platform info testing
* add explanation for sev-snp-measure
* delete excess space
* fix minor errors
* fix minor errors
* add file permision constant
* Update Go to 1.22 and enhance security features
- Upgraded the Go version in GitHub Actions workflows to 1.22.x for latest features and security patches.
- Added RSA public key field `UserKey` in `Dataset` and `Algorithm` to reinforce data integrity and encryption.
- Refactored `Result` method in `agentService` to use `containsID` for improved readability and potential performance benefits.
- Updated `grpcserver.New` and `internal/server/grpc` invocations to pass `agent.Service` by value in line with recommended Go practices.
- Introduced `grpc.StreamInterceptor` with no args in `Server.Start` which seems to be an initial step for future stream interceptor configuration.
These changes prepare for stronger data security measures, maintain compatibility with the latest Go features, and improve code quality regarding service struct usage. Potential follow-up is needed to configure the stream interceptor and to ensure the new RSA key field is appropriately utilized in data handling.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor auth system and protocol buffers
Enhanced the authentication system by adding context support and an improved user-role model. Implemented robust RSA public key verification for users and a restructured interceptor logic specific to stream types, streamlining the auth process. Updated protocol buffers and associated structures to accommodate user keys as byte slices, aligning with standard cryptographic practice. CLI commands for algorithms and datasets now require a private key file path argument for signing, strengthening security during interactions.
This comprehensive overhaul addresses security and efficiency considerations in the RPC framework and aligns with best practices for key handling. By streamlining and securing the user authentication process, the agent service's reliability is greatly improved, directly impacting the robustness of the entire computation pipeline.
- Refactored auth: added role-based user validation, context handling
- Reworked interceptors: separated stream types, fortified signature checks
- Updated protocol buffers: user public keys as byte slices for standard compatibility
- Enhanced CLI: introduced private key argument, ensuring secure algorithm and dataset submission
- Improved server and SDK contracts to align with auth changes
Related issues:
- Implements user roles and auth context [#103]
- CLI security enhancement for private key management
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Updated PEM decoding for key parsing in CLI and tests
Added `encoding/pem` to decode PEM blocks when parsing private and public keys across CLI commands and test computation scenarios, ensuring compatibility with key files. This enhances robustness in key handling by supporting PEM encoded keys. The update also includes registration of a new Keys command in the CLI.
Refactored code is now compliant with common key formats, addressing potential parsing issues.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Fix auth signature encoding and improve CLI usage example
The authentication system now decodes base64 strings before verifying signatures to align with the expected format. Additionally, the signature generation now encodes the output in base64, ensuring consistency across the auth process.
The CLI help message for the `result` command is enhanced by providing a usage example, making it more user-friendly and informative.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor containsID to handle dynamic fields
Updated the `containsID` function to accept a field name parameter, enabling dynamic field lookup within the reflection logic. This change facilitates the use of the function for various struct fields, improving code reusability and flexibility.
CLI command 'data' now requires an additional argument for the private key file path, outlined in the usage example update, reinforcing command clarity and user guidance.
Resolves issues with hardcoded field lookups and enhances CLI usability.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Remove extraneous newline in key generation log output
A redundant newline after the success message in the key generation command was removed to clean up log output formatting. This change ensures a more consistent and professional appearance of the CLI tool's messages.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Implemented auth service in gRPC startup
Added authentication services to the gRPC server initialization to enforce security measures. The gRPC server's New function now includes an `authSvc` parameter, requiring instantiation of the auth service before starting the server. Failure to create the auth service results in a fatal error, halting the process to avoid running without protection. Tests have been updated to include `nil` values for the auth service parameter to maintain their functionality without authentication.
Refactored `grpcserver.New` to accept the new auth service, and updated the main agent startup logic to create and inject the auth service. Added the auth middleware interceptors to the server options, which ensures that each gRPC call will undergo authentication.
This change is a step towards secure communication, and affected components should now consider the authentication requirement.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor config read logic and update agent setup
Improved the configuration reading in `cmd/agent/main.go` to handle larger payloads by reading data in chunks and checking for EOF, ensuring that all config data is captured even if it exceeds the initial buffer size. Enhanced the `test/manual/agent-config/main.go` to require additional command-line arguments, improving the setup process by explicitly requiring paths for data, algorithm, and public key as well as a boolean for attested TLS. Also updated the hashing method to SHA3 for the algorithm and data files, and included the hash and public keys as part of the agent, dataset, and result consumer configurations. These changes will make the agent setup more robust and provide better integrity checks for the involved files.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor run method to agentService
Moved the run function into agentService for better encapsulation and maintainability. This refactoring includes capturing both stdout and stderr during algorithm execution, enabling more informative debugging through enhanced logging. Consequentially, the run method now references members through the service instance, aligning with object-oriented best practices and improving code coherence.
Resolves issue with insufficient execution details when computations fail.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor computation data handling to use filepaths
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor error logging and ensure consistency
Replaced usage of the standard log package with a custom logger for error reporting to standardize error logging throughout the application. Additionally, introduced graceful shutdown by returning from the main function rather than forcing exit when failing to create auth service, aligning the application's error handling strategy.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor auth initialization and key file handling
Improved the readability and maintainability of the authentication service initialization by adding line breaks for logical separation. Also, standardized key filenames in the CLI key generation by introducing constants, enhancing code clarity and reducing the likelihood of file-naming errors.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor auth verification logic for improved security
Removed an extraneous line in the `verifySignature` function that was not necessary for the signature verification process. This change simplifies the code and improves readability.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Refactor payload structures to simplify API
Removed the 'provider', 'id', 'consumer' fields from protocol buffers, gRPC services, and related functions across various files to streamline the data model and align with the new authentication system based on cryptographic verification rather than string identifiers. This results in more efficient data handling and a reduction in unnecessary payload data, while enhancing security by making entity validation strictly cryptographic.
The changes affect agent-SDK interactions, CLI tools, and related services, ensuring only the necessary data (algorithm/data bytes, user keys, and hashes) is transmitted and processed. Consequently, the core computation algorithm and dataset handlers now rely on indexes derived from context to associate data with respective manifest entries, thus maintaining the ability to link to specific computation manifests without relying on explicit IDs in the payload. Additionally, refactored authentication methods now enforce role-based security seamlessly through metadata.
This approach enhances privacy by avoiding transmission of potentially sensitive strings over the network and by ensuring that only internal indices, not globally interpretable identifiers, are used to process computations.
Aligned with the broader architectural goal of simplifying and securing the platform's core services, this change paves the way for upcoming revisions to the authentication scheme that will further consolidate role-based security and improve system integrity.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* Enhance CLI security with key paths
Removed the section on running computations from the CLI README as it may no longer be necessary or the functionality has been moved elsewhere. Required private key file paths for algorithm, dataset upload, and result retrieval commands to enhance security. This change associates each action with a specific identity, ensuring secure and traceable operations. Additionally, updated the manual test commands to reflect this new requirement.
Signed-off-by: SammyOina <sammyoina@gmail.com>
* fix ci
Signed-off-by: SammyOina <sammyoina@gmail.com>
* fix fmt
Signed-off-by: SammyOina <sammyoina@gmail.com>
---------
Signed-off-by: SammyOina <sammyoina@gmail.com>
Enhanced the manual algorithm testing documentation by including steps to install additional dependencies and guidance on creating static binaries. This ensures wider compatibility and ease of deployment for python programs tested with this framework.
Signed-off-by: SammyOina <sammyoina@gmail.com>
Sammy Kerata Oina
b1ackd0t
Washington Kigani Kamadi
Danko Miladinovic
Smith Jilks