feat(ai.triton.server): Add Model Encryption support for Triton Server Service

kura/org.eclipse.kura.ai.triton.server/META-INF/MANIFEST.MF

@@ -7,6 +7,7 @@ Bundle-Vendor: Eclipse Kura
 Bundle-RequiredExecutionEnvironment: JavaSE-1.8
 Service-Component: OSGI-INF/*.xml
 Bundle-ClassPath: .,
+ lib/bcpg-jdk15on-1.68.jar,
  lib/com.google.protobuf_3.19.3.jar,
  lib/grpc-netty-shaded-1.33.1.jar,
  lib/grpc-protobuf-1.33.1.jar,
@@ -22,10 +23,22 @@ Import-Package: com.google.common.base;version="25.0.0",
  com.google.common.util.concurrent;version="25.0.0",
  com.google.gson;version="2.7.0",
  javax.annotation;version="1.2.0",
+ org.bouncycastle.jcajce;version="1.68.0",
+ org.bouncycastle.jcajce.util;version="1.68.0",
+ org.bouncycastle.jcajce.interfaces;version="1.68.0",
+ org.bouncycastle.jcajce.io;version="1.68.0",
+ org.bouncycastle.jcajce.spec;version="1.68.0",
+ org.bouncycastle.jce.provider;version="1.68.0",
+ org.bouncycastle.util;version="1.68.0",
+ org.bouncycastle.util.encoders;version="1.68.0",
+ org.bouncycastle.util.io;version="1.68.0",
  org.apache.commons.io;version="2.4.0",
+ org.apache.commons.io.filefilter;version="2.11.0",
  org.eclipse.kura;version="[1.0,2.0)",
  org.eclipse.kura.ai.inference;version="[1.0,1.1)",
+ org.eclipse.kura.cloud.app.command;version="[1.0,2.0)",
  org.eclipse.kura.configuration;version="[1.1,2.0)",
+ org.eclipse.kura.crypto;version="[1.0,2.0)",
  org.eclipse.kura.core.linux.executor;version="[1.0,2.0)",
  org.eclipse.kura.core.util;version="[1.0,2.0)",
  org.eclipse.kura.executor;version="[1.0,2.0)",

kura/org.eclipse.kura.ai.triton.server/OSGI-INF/metatype/org.eclipse.kura.ai.triton.server.TritonServerService.xml

@@ -64,6 +64,15 @@
             default="" 
             description="Only for local instance, specify the path on the filesystem where the models are stored.">
        </AD>
+
+       <AD id="local.model.repository.password"  
+            name="Local model decryption password"
+            type="Password"
+            cardinality="0" 
+            required="false"
+            default="" 
+            description="Only for local instance, specify the password to be used for decrypting models stored in the model repository. If none is specified, models are supposed to be plaintext.">
+       </AD>
 
         <AD id="local.backends.path"  
             name="Local backends path"

kura/org.eclipse.kura.ai.triton.server/OSGI-INF/org.eclipse.kura.ai.triton.server.TritonServerService.xml

@@ -21,4 +21,5 @@
    </service>
    <property name="service.pid" type="String" value="org.eclipse.kura.ai.triton.server.TritonServerService"/>
    <reference bind="setCommandExecutorService" cardinality="1..1" interface="org.eclipse.kura.executor.PrivilegedExecutorService" name="PrivilegedExecutorService" policy="static" />
+   <reference bind="setCryptoService" cardinality="1..1" interface="org.eclipse.kura.crypto.CryptoService" name="CryptoService" policy="static"/>
 </scr:component>

kura/org.eclipse.kura.ai.triton.server/build.properties

@@ -15,6 +15,7 @@ bin.includes = .,\
                OSGI-INF/,\
                about.html,\
                about_files/,\
+               lib/bcpg-jdk15on-1.68.jar/,\
                lib/com.google.protobuf_3.19.3.jar,\
                lib/grpc-netty-shaded-1.33.1.jar,\
                lib/grpc-protobuf-1.33.1.jar,\

kura/org.eclipse.kura.ai.triton.server/src/main/java/org/eclipse/kura/ai/triton/server/TritonServerEncryptionUtils.java

@@ -0,0 +1,202 @@
+/*******************************************************************************
+ * Copyright (c) 2022 Eurotech and/or its affiliates and others
+ *
+ * This program and the accompanying materials are made
+ * available under the terms of the Eclipse Public License 2.0
+ * which is available at https://www.eclipse.org/legal/epl-2.0/
+ *
+ * SPDX-License-Identifier: EPL-2.0
+ *
+ * Contributors:
+ *  Eurotech
+ ******************************************************************************/
+
+package org.eclipse.kura.ai.triton.server;
+
+import java.io.BufferedInputStream;
+import java.io.File;
+import java.io.FileFilter;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.nio.file.attribute.PosixFilePermission;
+import java.nio.file.attribute.PosixFilePermissions;
+import java.security.Security;
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Set;
+
+import org.apache.commons.io.FileUtils;
+import org.apache.commons.io.filefilter.WildcardFileFilter;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.openpgp.PGPCompressedData;
+import org.bouncycastle.openpgp.PGPEncryptedDataList;
+import org.bouncycastle.openpgp.PGPException;
+import org.bouncycastle.openpgp.PGPLiteralData;
+import org.bouncycastle.openpgp.PGPPBEEncryptedData;
+import org.bouncycastle.openpgp.PGPUtil;
+import org.bouncycastle.openpgp.jcajce.JcaPGPObjectFactory;
+import org.bouncycastle.openpgp.operator.jcajce.JcaPGPDigestCalculatorProviderBuilder;
+import org.bouncycastle.openpgp.operator.jcajce.JcePBEDataDecryptorFactoryBuilder;
+import org.bouncycastle.util.io.Streams;
+import org.eclipse.kura.KuraIOException;
+import org.eclipse.kura.cloud.app.command.UnZip;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class TritonServerEncryptionUtils {
+
+    private static final Logger logger = LoggerFactory.getLogger(TritonServerEncryptionUtils.class);
+
+    private TritonServerEncryptionUtils() {
+    }
+
+    protected static String getEncryptedModelPath(String modelName, String folderPath) throws KuraIOException {
+        if (!Files.isDirectory(Paths.get(folderPath))) {
+            throw new KuraIOException("Model repository folder " + folderPath + " does not exist/is not a folder");
+        }
+
+        File dir = new File(folderPath);
+        FileFilter fileFilter = new WildcardFileFilter(modelName + ".*");
+        File[] files = dir.listFiles(fileFilter);
+
+        if (files.length != 1) {
+            throw new KuraIOException("No good match found in folder path");
+        }
+
+        return files[0].toString();
+    }
+
+    protected static String createDecryptionFolder(String prefix) throws IOException {
+        Set<PosixFilePermission> permissions = new HashSet<>(Arrays.asList(PosixFilePermission.OWNER_READ,
+                PosixFilePermission.OWNER_WRITE, PosixFilePermission.OWNER_EXECUTE));
+        Path tempFolderPath = Files.createTempDirectory(prefix, PosixFilePermissions.asFileAttribute(permissions));
+
+        logger.debug("Created temporary directory at path {}", tempFolderPath);
+
+        return tempFolderPath.toString();
+    }
+
+    protected static void decryptModel(String password, String inputFilePath, String outputFilePath)
+            throws IOException, KuraIOException {
+        if (Security.getProvider("BC") == null) {
+            Security.addProvider(new BouncyCastleProvider());
+        }
+
+        if (!Files.isRegularFile(Paths.get(inputFilePath))) {
+            throw new IOException("Input file " + inputFilePath + " does not exist/is not a file");
+        }
+
+        if (Files.exists(Paths.get(outputFilePath))) {
+            throw new IOException("Output file " + outputFilePath + " already exists");
+        }
+
+        try {
+            decryptFile(password, inputFilePath, outputFilePath);
+        } catch (PGPException e) {
+            throw new KuraIOException(e, "File decryption failed.");
+        }
+    }
+
+    protected static void unzipModel(String inputFilePath, String outputFolder) throws IOException {
+        if (!Files.isRegularFile(Paths.get(inputFilePath))) {
+            throw new IOException("Input file " + inputFilePath + " does not exist/is not a file");
+        }
+
+        if (!isZipCompressed(inputFilePath)) {
+            throw new IOException("ZIP magic number check failed. Wrong file format");
+        }
+
+        if (!Files.isDirectory(Paths.get(outputFolder))) {
+            throw new IOException("Output folder " + outputFolder + " does not exist/is not a folder");
+        }
+
+        UnZip.unZipFile(inputFilePath, outputFolder);
+    }
+
+    private static boolean isZipCompressed(String filePath) throws IOException {
+        byte b1 = 0;
+        byte b2 = 0;
+
+        try (InputStream is = new FileInputStream(filePath)) {
+            b1 = (byte) is.read();
+            b2 = (byte) is.read();
+        } catch (IOException e) {
+            throw new IOException(e);
+        }
+
+        return b1 == 0x50 && b2 == 0x4B;
+    }
+
+    protected static void cleanRepository(String modelRootPath) {
+        if (!Files.isDirectory(Paths.get(modelRootPath))) {
+            logger.warn("Model root folder {} does not exist", modelRootPath);
+            return;
+        }
+
+        try {
+            FileUtils.cleanDirectory(new File(modelRootPath));
+        } catch (IOException e) {
+            logger.warn("Cannot clean directory at path {}", modelRootPath, e);
+        }
+    }
+
+    private static void decryptFile(String password, String inputFilePath, String outputFilePath)
+            throws IOException, PGPException {
+        InputStream inStream = new BufferedInputStream(new FileInputStream(inputFilePath));
+
+        inStream = PGPUtil.getDecoderStream(inStream);
+
+        JcaPGPObjectFactory pgpFactory = new JcaPGPObjectFactory(inStream);
+        Object currentObj = pgpFactory.nextObject();
+
+        PGPEncryptedDataList enc;
+        if (currentObj instanceof PGPEncryptedDataList) {
+            enc = (PGPEncryptedDataList) currentObj;
+        } else {
+            enc = (PGPEncryptedDataList) pgpFactory.nextObject();
+        }
+
+        if (enc == null) {
+            inStream.close();
+            throw new IOException("PGP PBE File format read failed");
+        }
+
+        PGPPBEEncryptedData pbe = (PGPPBEEncryptedData) enc.get(0);
+        InputStream clear = pbe.getDataStream(new JcePBEDataDecryptorFactoryBuilder(
+                new JcaPGPDigestCalculatorProviderBuilder().setProvider("BC").build()).setProvider("BC")
+                        .build(password.toCharArray()));
+
+        pgpFactory = new JcaPGPObjectFactory(clear);
+        currentObj = pgpFactory.nextObject();
+
+        if (currentObj instanceof PGPCompressedData) {
+            PGPCompressedData compressedData = (PGPCompressedData) currentObj;
+            pgpFactory = new JcaPGPObjectFactory(compressedData.getDataStream());
+            currentObj = pgpFactory.nextObject();
+        }
+
+        PGPLiteralData literalData = (PGPLiteralData) currentObj;
+        InputStream decryptedStream = literalData.getInputStream();
+
+        OutputStream outStream = new FileOutputStream(outputFilePath);
+        Streams.pipeAll(decryptedStream, outStream);
+        outStream.close();
+        inStream.close();
+
+        if (pbe.isIntegrityProtected()) {
+            if (!pbe.verify()) {
+                logger.error("File failed integrity check");
+            } else {
+                logger.info("File integrity check passed");
+            }
+        } else {
+            logger.info("No file integrity check");
+        }
+    }
+}

kura/org.eclipse.kura.ai.triton.server/src/main/java/org/eclipse/kura/ai/triton/server/TritonServerLocalManager.java

@@ -36,6 +36,7 @@ public class TritonServerLocalManager {
     private static final int MONITOR_PERIOD = 30;
     private static final String[] TRITONSERVER = new String[] { "tritonserver" };
 
+    private final String decryptionFolderPath;
     private final CommandExecutorService commandExecutorService;
     private final TritonServerServiceOptions options;
     private Command serverCommand;
@@ -44,9 +45,10 @@ public class TritonServerLocalManager {
     private ScheduledFuture<?> scheduledFuture;
 
     protected TritonServerLocalManager(TritonServerServiceOptions options,
-            CommandExecutorService commandExecutorService) {
+            CommandExecutorService commandExecutorService, String decryptionFolderPath) {
         this.options = options;
         this.commandExecutorService = commandExecutorService;
+        this.decryptionFolderPath = decryptionFolderPath;
         this.scheduledExecutorService = Executors.newSingleThreadScheduledExecutor();
     }
 
@@ -137,7 +139,11 @@ protected static void sleepFor(long timeout) {
     private Command createServerCommand() {
         List<String> commandString = new ArrayList<>();
         commandString.add("tritonserver");
-        commandString.add("--model-repository=" + this.options.getModelRepositoryPath());
+        if (this.options.modelsAreEncrypted()) {
+            commandString.add("--model-repository=" + this.decryptionFolderPath);
+        } else {
+            commandString.add("--model-repository=" + this.options.getModelRepositoryPath());
+        }
         commandString.add("--backend-directory=" + this.options.getBackendsPath());
         if (!this.options.getBackendsConfigs().isEmpty()) {
             this.options.getBackendsConfigs().forEach(config -> commandString.add("--backend-config=" + config));