diff --git a/docker-files/mpc/Dockerfile-wedpr-mpc-base-centos b/docker-files/mpc/Dockerfile-wedpr-mpc-base-centos new file mode 100644 index 0000000..587dd84 --- /dev/null +++ b/docker-files/mpc/Dockerfile-wedpr-mpc-base-centos @@ -0,0 +1,18 @@ +FROM centos:7 + +ENV PPC_MPC_LIB=/data/app/wedpr/scripts/wedpr-mpc:/data/app/wedpr/scripts/wedpr-mpc/local/lib/:/usr/local/lib/ +ENV PPC_MPC_NO_GATEWAY_LIB=/data/app/wedpr/scripts/wedpr-mpc-no-gateway:/data/app/wedpr/scripts/wedpr-mpc-no-gateway/local/lib/:/usr/local/lib/ + +COPY ./config/mpc-node-conf.tar.gz /data/app/wedpr/scripts/ +COPY ./config/ssl_cert.tar.gz /data/app/wedpr/scripts/ +COPY ./config/CentOS-Base.repo /etc/yum.repos.d/ +COPY ./config/CentOS-SCLo-scl.repo /etc/yum.repos.d/ +COPY ./config/CentOS-SCLo-scl-rh.repo /etc/yum.repos.d/ +COPY ./config/.gitconfig /root/ +COPY ./scripts/build-mpc-base.sh /data/app/wedpr/scripts/ +COPY ./scripts/wedpr-mpc-node.sh /data/app/wedpr/scripts/ + +WORKDIR /data/app/wedpr + +RUN cd /data/app/wedpr/scripts/ && \ + bash build-mpc-base.sh diff --git a/docker-files/mpc/Dockerfile-wedpr-mpc-base-ubuntu b/docker-files/mpc/Dockerfile-wedpr-mpc-base-ubuntu new file mode 100644 index 0000000..d419eb3 --- /dev/null +++ b/docker-files/mpc/Dockerfile-wedpr-mpc-base-ubuntu @@ -0,0 +1,16 @@ +# FROM fiscoorg/wedpr-image:v3.0.0 +FROM ubuntu:22.04 + +ENV PPC_MPC_LIB=/data/app/wedpr/scripts/wedpr-mpc:/data/app/wedpr/scripts/wedpr-mpc/local/lib/:/usr/local/lib/ +ENV PPC_MPC_NO_GATEWAY_LIB=/data/app/wedpr/scripts/wedpr-mpc-no-gateway:/data/app/wedpr/scripts/wedpr-mpc-no-gateway/local/lib/:/usr/local/lib/ + +COPY ./config/mpc-node-conf.tar.gz /data/app/wedpr/scripts/ +COPY ./config/ssl_cert.tar.gz /data/app/wedpr/scripts/ +COPY ./config/.gitconfig /root/ +COPY ./scripts/build-mpc-base-ubuntu.sh /data/app/wedpr/scripts/ +COPY ./scripts/wedpr-mpc-node.sh /data/app/wedpr/scripts/ + +WORKDIR /data/app/wedpr + +RUN cd /data/app/wedpr/scripts/ && \ + bash build-mpc-base-ubuntu.sh diff --git a/docker-files/mpc/build-mpc-base-centos-image.sh b/docker-files/mpc/build-mpc-base-centos-image.sh new file mode 100644 index 0000000..4b66fcf --- /dev/null +++ b/docker-files/mpc/build-mpc-base-centos-image.sh @@ -0,0 +1 @@ +docker build -f Dockerfile-wedpr-mpc-base-centos -t fiscoorg/wedpr-mpc-base-centos:v3.0.0 . diff --git a/docker-files/mpc/build-mpc-base-ubuntu-image.sh b/docker-files/mpc/build-mpc-base-ubuntu-image.sh new file mode 100644 index 0000000..d757843 --- /dev/null +++ b/docker-files/mpc/build-mpc-base-ubuntu-image.sh @@ -0,0 +1 @@ +docker build -f Dockerfile-wedpr-mpc-base-ubuntu -t fiscoorg/wedpr-mpc-base-ubuntu:v3.0.0 . diff --git a/docker-files/mpc/config/.gitconfig b/docker-files/mpc/config/.gitconfig new file mode 100644 index 0000000..c0dfe50 --- /dev/null +++ b/docker-files/mpc/config/.gitconfig @@ -0,0 +1,11 @@ +[pager] + branch = false +[url "https://mirror.ghproxy.com/github.com"] +insteadOf = https://github.com +[http] + version = HTTP/1.1 + postBuffer = 524288000 +[https] + sslVerify = false +[core] + editor = vim diff --git a/docker-files/mpc/config/CentOS-Base.repo b/docker-files/mpc/config/CentOS-Base.repo new file mode 100644 index 0000000..5b74a07 --- /dev/null +++ b/docker-files/mpc/config/CentOS-Base.repo @@ -0,0 +1,43 @@ +# CentOS-Base.repo +# +# The mirror system uses the connecting IP address of the client and the +# update status of each mirror to pick mirrors that are updated to and +# geographically close to the client. You should use this for CentOS updates +# unless you are manually picking other mirrors. +# +# If the mirrorlist= does not work for you, as a fall back you can try the +# remarked out baseurl= line instead. +# +# + +[base] +name=CentOS-$releasever - Base - repo.huaweicloud.com +baseurl=https://repo.huaweicloud.com/centos/$releasever/os/$basearch/ +#mirrorlist=https://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os +gpgcheck=1 +gpgkey=https://repo.huaweicloud.com/centos/RPM-GPG-KEY-CentOS-7 + +#released updates +[updates] +name=CentOS-$releasever - Updates - repo.huaweicloud.com +baseurl=https://repo.huaweicloud.com/centos/$releasever/updates/$basearch/ +#mirrorlist=https://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates +gpgcheck=1 +gpgkey=https://repo.huaweicloud.com/centos/RPM-GPG-KEY-CentOS-7 + +#additional packages that may be useful +[extras] +name=CentOS-$releasever - Extras - repo.huaweicloud.com +baseurl=https://repo.huaweicloud.com/centos/$releasever/extras/$basearch/ +#mirrorlist=https://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras +gpgcheck=1 +gpgkey=https://repo.huaweicloud.com/centos/RPM-GPG-KEY-CentOS-7 + +#additional packages that extend functionality of existing packages +[centosplus] +name=CentOS-$releasever - Plus - repo.huaweicloud.com +baseurl=https://repo.huaweicloud.com/centos/$releasever/centosplus/$basearch/ +#mirrorlist=https://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus +gpgcheck=1 +enabled=0 +gpgkey=https://repo.huaweicloud.com/centos/RPM-GPG-KEY-CentOS-7 diff --git a/docker-files/mpc/config/CentOS-SCLo-scl-rh.repo b/docker-files/mpc/config/CentOS-SCLo-scl-rh.repo new file mode 100644 index 0000000..250d43c --- /dev/null +++ b/docker-files/mpc/config/CentOS-SCLo-scl-rh.repo @@ -0,0 +1,33 @@ +# CentOS-SCLo-rh.repo +# +# Please see http://wiki.centos.org/SpecialInterestGroup/SCLo for more +# information + +[centos-sclo-rh] +name=CentOS-7 - SCLo rh +baseurl=http://mirrors.aliyun.com/centos/7/sclo/$basearch/rh/ +#mirrorlist=http://mirrorlist.centos.org?arch=$basearch&release=7&repo=sclo-rh +gpgcheck=1 +enabled=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo + +[centos-sclo-rh-testing] +name=CentOS-7 - SCLo rh Testing +baseurl=http://buildlogs.centos.org/centos/7/sclo/$basearch/rh/ +gpgcheck=0 +enabled=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo + +[centos-sclo-rh-source] +name=CentOS-7 - SCLo rh Sources +baseurl=http://vault.centos.org/centos/7/sclo/Source/rh/ +gpgcheck=1 +enabled=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo + +[centos-sclo-rh-debuginfo] +name=CentOS-7 - SCLo rh Debuginfo +baseurl=http://debuginfo.centos.org/centos/7/sclo/$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo diff --git a/docker-files/mpc/config/CentOS-SCLo-scl.repo b/docker-files/mpc/config/CentOS-SCLo-scl.repo new file mode 100644 index 0000000..6f962ed --- /dev/null +++ b/docker-files/mpc/config/CentOS-SCLo-scl.repo @@ -0,0 +1,33 @@ +# CentOS-SCLo-scl.repo +# +# Please see http://wiki.centos.org/SpecialInterestGroup/SCLo for more +# information + +[centos-sclo-sclo] +name=CentOS-7 - SCLo sclo +baseurl=http://mirrors.aliyun.com/centos/7/sclo/$basearch/sclo/ +#mirrorlist=http://mirrorlist.centos.org?arch=$basearch&release=7&repo=sclo-sclo +gpgcheck=1 +enabled=1 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo + +[centos-sclo-sclo-testing] +name=CentOS-7 - SCLo sclo Testing +baseurl=http://buildlogs.centos.org/centos/7/sclo/$basearch/sclo/ +gpgcheck=0 +enabled=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo + +[centos-sclo-sclo-source] +name=CentOS-7 - SCLo sclo Sources +baseurl=http://vault.centos.org/centos/7/sclo/Source/sclo/ +gpgcheck=1 +enabled=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo + +[centos-sclo-sclo-debuginfo] +name=CentOS-7 - SCLo sclo Debuginfo +baseurl=http://debuginfo.centos.org/centos/7/sclo/$basearch/ +gpgcheck=1 +enabled=0 +gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-SIG-SCLo \ No newline at end of file diff --git a/docker-files/mpc/config/mpc-node-conf.tar.gz b/docker-files/mpc/config/mpc-node-conf.tar.gz new file mode 100644 index 0000000..6a17959 Binary files /dev/null and b/docker-files/mpc/config/mpc-node-conf.tar.gz differ diff --git a/docker-files/mpc/config/ssl_cert.tar.gz b/docker-files/mpc/config/ssl_cert.tar.gz new file mode 100644 index 0000000..8d96106 Binary files /dev/null and b/docker-files/mpc/config/ssl_cert.tar.gz differ diff --git a/docker-files/mpc/scripts/build-mpc-base-ubuntu.sh b/docker-files/mpc/scripts/build-mpc-base-ubuntu.sh new file mode 100644 index 0000000..6082ff1 --- /dev/null +++ b/docker-files/mpc/scripts/build-mpc-base-ubuntu.sh @@ -0,0 +1,120 @@ +#!/bin/bash + +set -e +LANG=en_US.UTF-8 + +LOG_INFO() { + local content=${1} + echo -e "\033[32m[INFO] ${content}\033[0m" +} + +LOG_ERROR() { + local content=${1} + echo -e "\033[31m[ERROR] ${content}\033[0m" +} + + +install_spdz_deps() { + # 安装基本依赖 + apt update + apt install -y wget dos2unix vim automake make yasm git libboost-dev libboost-thread-dev libssl-dev libtool m4 python3 texinfo yasm libgmp-dev libsodium-dev + # 安装特定版本的GCC(类似于CentOS中的devtoolset) + apt install -y software-properties-common + add-apt-repository ppa:ubuntu-toolchain-r/test + apt update + apt install -y g++-11 g++-11-multilib + + # 配置环境变量以使用新安装的GCC版本 + echo "export CC=/usr/bin/gcc-11" >> ~/.bashrc + echo "export CXX=/usr/bin/g++-11" >> ~/.bashrc + source ~/.bashrc + ln -sf /usr/bin/g++-11 /usr/bin/g++ + ln -sf /usr/bin/gcc-11 /usr/bin/gcc + g++ -v + + # 安装OpenSSL 1.1(类似于CentOS中的openssl11) + apt install -y openssl libssl-dev + # Ubuntu中不需要创建符号链接,因为软件包会自动处理版本问题 + # openssl rand -writerand /root/.rnd 命令在Ubuntu中同样适用 + openssl rand -writerand /root/.rnd +} + +cp_wedpr_node_script() { + dos2unix /data/app/wedpr/scripts/*.sh + chmod +x /data/app/wedpr/scripts/wedpr-mpc-node.sh + cp /data/app/wedpr/scripts/wedpr-mpc-node.sh /etc/init.d/ +} + +install_cmake(){ + cd /usr/local/lib/ + wget https://cmake.org/files/v3.21/cmake-3.21.4.tar.gz + tar -xf cmake-3.21.4.tar.gz + cd cmake-3.21.4 + g++-11 -v + ./configure + make -j4 + make install + rm -rf /usr/local/lib/cmake-3.21.4.tar.gz +} + +install_spdz() { + cd /data/app/wedpr/scripts/ + git clone https://github.com/WeDPR-Team/MP-SPDZ.git + cp -r MP-SPDZ wedpr-mpc-no-gateway + cp -r MP-SPDZ wedpr-mpc + + cd /data/app/wedpr/scripts/wedpr-mpc-no-gateway + git checkout ppc-2.0.0-no-gateway + do_compile_spdz + + + cd /data/app/wedpr/scripts/wedpr-mpc + git checkout ppc-2.0.0 + do_compile_spdz + + cd /data/app/wedpr/scripts + rm -rf MP-SPDZ +} + +do_compile_spdz(){ + echo CXX=g++ >> CONFIG.mine + echo AVX_OT=0 >> CONFIG.mine + # echo USE_NTL=1 > CONFIG.mine + make setup + sed -i "s/std::aligned_alloc/aligned_alloc/g" ./local/include/boost/asio/detail/memory.hpp + make -j4 replicated-ring-party.x + make -j4 hemi-party.x + make -j4 shamir-party.x + make -j4 mascot-party.x + make -j4 sy-rep-ring-party.x + strip mascot-party.x replicated-ring-party.x shamir-party.x hemi-party.x sy-rep-ring-party.x + + + mkdir Player-Data + tar xf /data/app/wedpr/scripts/ssl_cert.tar.gz + cp -r ssl_cert/* Player-Data/ + + rm -rf ./git ./GC ./Machines ./deps ./Math ./Processor ./FHEOffline ./OT ./Networking ./FHE ./ECDSA + rm -rf BMR ExternalIO Yao Utils bin doc Dockerfile Makefile License.txt README.md CHANGELOG.md azure-pipelines.yml setup.py Tools +} + +install_mpc_nodes() { + cd /data/app/wedpr/ + tar -xf wedpr-mpc-node.tar.gz + rm -rf wedpr-mpc-node.tar.gz + + chmod +x /data/app/wedpr/wedpr-mpc-node/wedpr-mpc + chmod +x /data/app/wedpr/wedpr-mpc-node/*.sh + dos2unix /data/app/wedpr/wedpr-mpc-node/*.sh +} + +install_spdz_deps +echo "install_spdz_deps ok" +cp_wedpr_node_script +echo "cp_wedpr_node_script ok" +install_cmake +echo "install_cmake ok" +install_spdz +echo "install_spdz ok" +#install_mpc_nodes +#echo "install_mpc_nodes ok" diff --git a/docker-files/mpc/scripts/build-mpc-base.sh b/docker-files/mpc/scripts/build-mpc-base.sh new file mode 100644 index 0000000..7ffec23 --- /dev/null +++ b/docker-files/mpc/scripts/build-mpc-base.sh @@ -0,0 +1,123 @@ +#!/bin/bash + +set -e +LANG=en_US.UTF-8 + +LOG_INFO() { + local content=${1} + echo -e "\033[32m[INFO] ${content}\033[0m" +} + +LOG_ERROR() { + local content=${1} + echo -e "\033[31m[ERROR] ${content}\033[0m" +} + +update_yum_repo() { + yum repolist + yum clean all + yum makecache + yum install epel-release -y + rm -rf /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo.rpmnew + rm -rf /etc/yum.repos.d/CentOS-SCLo-sclo.repo + yum repolist + yum clean all + yum makecache +} + + +install_spdz_deps() { + yum install epel-release wget dos2unix vim which automake make yasm git boost-devel boost-thread openssl-devel libtool m4 python3 texinfo yasm gmp-devel libsodium-devel -y + + yum -y install centos-release-scl + yum -y install devtoolset-11-gcc devtoolset-11-gcc-c++ devtoolset-11-binutils + echo "source /opt/rh/devtoolset-11/enable" >> ~/.bashrc + source ~/.bashrc + g++ -v + + yum -y install openssl11 + ln -s /usr/bin/openssl11 /usr/bin/openssl + openssl rand -writerand /root/.rnd +} + +cp_wedpr_node_script() { + dos2unix /data/app/wedpr/scripts/*.sh + chmod +x /data/app/wedpr/scripts/wedpr-mpc-node.sh + cp /data/app/wedpr/scripts/wedpr-mpc-node.sh /etc/init.d/ +} + +install_cmake(){ + cd /usr/local/lib/ + wget https://cmake.org/files/v3.21/cmake-3.21.4.tar.gz + tar -xf cmake-3.21.4.tar.gz + cd cmake-3.21.4 + g++ -v + ./configure + make -j4 + make install + rm -rf /usr/local/lib/cmake-3.21.4.tar.gz +} + +install_spdz() { + cd /data/app/wedpr/scripts/ + git clone https://github.com/WeDPR-Team/MP-SPDZ.git + cp -r MP-SPDZ wedpr-mpc-no-gateway + cp -r MP-SPDZ wedpr-mpc + + cd /data/app/wedpr/scripts/wedpr-mpc-no-gateway + git checkout ppc-2.0.0-no-gateway + do_compile_spdz + + + cd /data/app/wedpr/scripts/wedpr-mpc + git checkout ppc-2.0.0 + do_compile_spdz + + cd /data/app/wedpr/scripts + rm -rf MP-SPDZ +} + +do_compile_spdz(){ + echo CXX=g++ >> CONFIG.mine + echo AVX_OT=0 >> CONFIG.mine + # echo USE_NTL=1 > CONFIG.mine + make setup + sed -i "s/std::aligned_alloc/aligned_alloc/g" ./local/include/boost/asio/detail/memory.hpp + make -j4 replicated-ring-party.x + make -j4 hemi-party.x + make -j4 shamir-party.x + make -j4 mascot-party.x + make -j4 sy-rep-ring-party.x + strip mascot-party.x replicated-ring-party.x shamir-party.x hemi-party.x sy-rep-ring-party.x + + + mkdir Player-Data + tar xf /data/app/wedpr/scripts/ssl_cert.tar.gz + cp -r ssl_cert/* Player-Data/ + + rm -rf ./git ./GC ./Machines ./deps ./Math ./Processor ./FHEOffline ./OT ./Networking ./FHE ./ECDSA + rm -rf BMR ExternalIO Yao Utils bin doc Dockerfile Makefile License.txt README.md CHANGELOG.md azure-pipelines.yml setup.py Tools +} + +install_mpc_nodes() { + cd /data/app/wedpr/ + tar -xf wedpr-mpc-node.tar.gz + rm -rf wedpr-mpc-node.tar.gz + + chmod +x /data/app/wedpr/wedpr-mpc-node/wedpr-mpc + chmod +x /data/app/wedpr/wedpr-mpc-node/*.sh + dos2unix /data/app/wedpr/wedpr-mpc-node/*.sh +} + +update_yum_repo +echo "update_yum_repo ok" +install_spdz_deps +echo "install_spdz_deps ok" +cp_wedpr_node_script +echo "cp_wedpr_node_script ok" +install_cmake +echo "install_cmake ok" +install_spdz +echo "install_spdz ok" +#install_mpc_nodes +#echo "install_mpc_nodes ok" diff --git a/docker-files/mpc/scripts/wedpr-mpc-node.sh b/docker-files/mpc/scripts/wedpr-mpc-node.sh new file mode 100644 index 0000000..a36daaf --- /dev/null +++ b/docker-files/mpc/scripts/wedpr-mpc-node.sh @@ -0,0 +1,51 @@ +#!/bin/bash + +LANG=en_US.UTF-8 + +mpc_work_dir=/data/app/wedpr/wedpr-mpc-node/ + +copy_wedpr_mpc_cert(){ + wedpr_mpc_cert_path=/data/app/wedpr/scripts/wedpr-mpc/Player-Data + wedpr_mpc_no_gateway_cert_path=/data/app/wedpr/scripts/wedpr-mpc-no-gateway/Player-Data + if [ ! -f ${mpc_work_dir}/conf/ca.crt ];then + cd /data/app/wedpr/scripts/ + tar xf mpc-node-conf.tar.gz + cp -r conf ${mpc_work_dir}/ + fi + if [ ! -f ${wedpr_mpc_cert_path}/P0.pem ];then + cd /data/app/wedpr/scripts/ + mkdir -p ${wedpr_mpc_cert_path} + mkdir -p ${wedpr_mpc_no_gateway_cert_path} + tar xf ssl_cert.tar.gz + cp -r ssl_cert/* ${wedpr_mpc_cert_path}/ + cp -r ssl_cert/* ${wedpr_mpc_no_gateway_cert_path}/ + fi +} + +wedpr_mpc_start() { + copy_wedpr_mpc_cert + cd ${mpc_work_dir} + bash start.sh +} + +wedpr_mpc_stop() { + cd ${mpc_work_dir} + bash stop.sh +} + +case "$1" in + start) + wedpr_mpc_start + ;; + stop) + wedpr_mpc_stop + ;; + restart) + wedpr_mpc_stop + wedpr_mpc_start + ;; + *) + echo "Usage: /etc/init.d/wedpr-mpc {start|stop|restart}" + exit 1 +esac +exit 0