• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /**
2  * Copyright 2021 Huawei Technologies Co., Ltd
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef MINDSPORE_CCSRC_PS_CORE_COMMUNICATOR_SSL_WRAPPER_H_
18 #define MINDSPORE_CCSRC_PS_CORE_COMMUNICATOR_SSL_WRAPPER_H_
19 
20 #include <openssl/ssl.h>
21 #include <openssl/rand.h>
22 #include <openssl/err.h>
23 #include <openssl/evp.h>
24 #include <assert.h>
25 #include <openssl/pkcs12.h>
26 #include <openssl/bio.h>
27 
28 #include <iostream>
29 #include <string>
30 #include <memory>
31 #include <chrono>
32 #include <condition_variable>
33 #include <mutex>
34 #include <atomic>
35 
36 #include "utils/log_adapter.h"
37 #include "ps/core/comm_util.h"
38 #include "ps/core/file_configuration.h"
39 #include "ps/constants.h"
40 
41 namespace mindspore {
42 namespace ps {
43 namespace core {
44 class SSLWrapper {
45  public:
GetInstance()46   static SSLWrapper &GetInstance() {
47     static SSLWrapper instance;
48     return instance;
49   }
50   SSL_CTX *GetSSLCtx(bool is_server = true);
51 
52  private:
53   SSLWrapper();
54   virtual ~SSLWrapper();
55   SSLWrapper(const SSLWrapper &) = delete;
56   SSLWrapper &operator=(const SSLWrapper &) = delete;
57 
58   void InitSSL();
59   void CleanSSL();
60   time_t ConvertAsn1Time(const ASN1_TIME *const time) const;
61   void StartCheckCertTime(const Configuration &config, const X509 *cert, const std::string &ca_path);
62   void StopCheckCertTime();
63 
64   SSL_CTX *ssl_ctx_;
65 
66   // The firset root ca certificate.
67   X509 *rootFirstCA_;
68   // The second root ca certificate.
69   X509 *rootSecondCA_;
70   std::unique_ptr<std::thread> check_time_thread_;
71   std::atomic<bool> running_;
72   std::atomic<bool> is_ready_;
73   std::mutex mutex_;
74   std::condition_variable cond_;
75   std::mutex verify_mutex_;
76 };
77 }  // namespace core
78 }  // namespace ps
79 }  // namespace mindspore
80 #endif  // MINDSPORE_CCSRC_PS_CORE_COMMUNICATOR_SSL_WRAPPER_H_
81