• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /**
2  * Copyright 2021 Huawei Technologies Co., Ltd
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 
17 #ifndef MINDSPORE_CCSRC_PS_CORE_COMMUNICATOR_SSL_WRAPPER_H_
18 #define MINDSPORE_CCSRC_PS_CORE_COMMUNICATOR_SSL_WRAPPER_H_
19 
20 #include <openssl/ssl.h>
21 #include <openssl/rand.h>
22 #include <openssl/err.h>
23 #include <openssl/evp.h>
24 #include <assert.h>
25 #include <openssl/pkcs12.h>
26 #include <openssl/bio.h>
27 #include <iostream>
28 #include <string>
29 #include <memory>
30 #include <chrono>
31 #include <condition_variable>
32 #include <mutex>
33 #include <atomic>
34 #include "utils/log_adapter.h"
35 #include "ps/core/comm_util.h"
36 #include "ps/core/file_configuration.h"
37 #include "include/backend/distributed/ps/constants.h"
38 
39 namespace mindspore {
40 namespace ps {
41 namespace core {
42 class SSLWrapper {
43  public:
44   void InitSSL();
GetInstance()45   static SSLWrapper &GetInstance() {
46     static SSLWrapper instance;
47     return instance;
48   }
49   SSL_CTX *GetSSLCtx(bool is_server = true);
50 
51  private:
52   SSLWrapper();
53   virtual ~SSLWrapper();
54   SSLWrapper(const SSLWrapper &) = delete;
55   SSLWrapper &operator=(const SSLWrapper &) = delete;
56 
57   void CleanSSL();
58   time_t ConvertAsn1Time(const ASN1_TIME *const time) const;
59   void StartCheckCertTime(const Configuration &config, const X509 *cert, const std::string &ca_path);
60   void StopCheckCertTime();
61   void InitSSLCtx(const Configuration &config, const X509 *cert, const EVP_PKEY *pkey, X509_CRL *crl);
62 
63   SSL_CTX *ssl_ctx_;
64 
65   // The firset root ca certificate.
66   X509 *rootFirstCA_;
67   // The second root ca certificate.
68   X509 *rootSecondCA_;
69   std::unique_ptr<std::thread> check_time_thread_;
70   std::atomic<bool> running_;
71   std::atomic<bool> is_ready_;
72   std::mutex mutex_;
73   std::condition_variable cond_;
74   std::mutex verify_mutex_;
75 
76   // Indicates whether the ssl wrapper has been initialized.
77   bool init_{false};
78 };
79 }  // namespace core
80 }  // namespace ps
81 }  // namespace mindspore
82 #endif  // MINDSPORE_CCSRC_PS_CORE_COMMUNICATOR_SSL_WRAPPER_H_
83