|
|
@@ -29,289 +29,6 @@ void CAccessAuthConn::OnDisconnect()
|
|
|
DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("connection disconnected");
|
|
|
}
|
|
|
|
|
|
-DWORD CAccessAuthConn::HandleUpdateWKRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
-{
|
|
|
-
|
|
|
- LOG_FUNCTION();
|
|
|
- DWORD rc = Error_Unexpect;
|
|
|
- DWORD dwSysCode, dwUserCode;
|
|
|
- /*string strErrMsg;
|
|
|
- auto pEntity = (CAccessAuthEntity*)m_pEntity;
|
|
|
- if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
- {
|
|
|
- rc = dwUserCode;
|
|
|
- m_pFSM->doWarnMsg(rc, GetOutPutStr("%s%08x%s%s", "GetErrMsg", rc, "strErrMsg", strErrMsg));
|
|
|
- }
|
|
|
- else
|
|
|
- {
|
|
|
- int nLen = pRecvPkg->GetStructLen("KMCKeyRet");
|
|
|
- if (nLen <= 0)
|
|
|
- {
|
|
|
-
|
|
|
- DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("KMCKeyRet返回数据为空。");
|
|
|
- pEntity->m_bGetKMCKey = false;
|
|
|
- rc = ERR_INITIALIZER_GET_KMC_KEY_NULL;
|
|
|
- }
|
|
|
- else
|
|
|
- {
|
|
|
- pEntity->m_bGetKMCKey = true;
|
|
|
- BYTE* pBuf = new BYTE[nLen];
|
|
|
- memset(pBuf, 0, nLen);
|
|
|
- int nArrayNum = 0;
|
|
|
- bool bSuc = pRecvPkg->GetStructData("KMCKeyRet", (BYTE*)pBuf, &nLen, &nArrayNum);
|
|
|
- assert(bSuc);
|
|
|
- assert(nLen % sizeof(KMCKeyRet) == 0);
|
|
|
- KMCKeyRet* ret = (KMCKeyRet*)pBuf;
|
|
|
- pEntity->m_TMK = ret->TMK;
|
|
|
- pEntity->m_TPK = ret->TPK;
|
|
|
- pEntity->m_EDK = ret->EDK;
|
|
|
- pEntity->m_index = ret->Index;
|
|
|
- DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("TMK=%s", pEntity->m_TMK.c_str());
|
|
|
- DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("TPK=%s", pEntity->m_TPK.c_str());
|
|
|
- DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("EDK=%s", pEntity->m_EDK.c_str());
|
|
|
- DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("Index=%s", pEntity->m_index.c_str());
|
|
|
- rc = pEntity->LoadPinPadWK(true);
|
|
|
- }
|
|
|
- }
|
|
|
- m_pFSM->PostEventFIFO(new FSMEvent(rc == Error_Succeed ? CAccessAuthFSM::Event_UpdateWKSucc : CAccessAuthFSM::Event_UpdateWKFail));*/
|
|
|
- return rc;
|
|
|
-}
|
|
|
-
|
|
|
-DWORD CAccessAuthConn::HandleReqTokenRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
-{
|
|
|
- LOG_FUNCTION();
|
|
|
- DWORD dwSysCode, dwUserCode;
|
|
|
- string strErrMsg;
|
|
|
- DWORD rc = Error_Succeed;
|
|
|
- CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
|
|
|
-
|
|
|
- if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
- {
|
|
|
- rc = dwUserCode;
|
|
|
- ((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg(strErrMsg.c_str());
|
|
|
- m_pFSM->doWarnMsg(rc, strErrMsg);
|
|
|
- if (rc == 0) rc = ERR_ACCESSAUTH_TOKEN_HASH;
|
|
|
- }
|
|
|
- else
|
|
|
- {
|
|
|
- int nRetLen = pRecvPkg->GetStructLen("TOKEN_RT");
|
|
|
- if (nRetLen >0)
|
|
|
- {
|
|
|
- ((CAccessAuthEntity*)m_pEntity)->GetOrSetIsFirstSM(1);
|
|
|
- assert(nRetLen == sizeof(RequestTokenRet));
|
|
|
- RequestTokenRet ret;
|
|
|
- memset(&ret, 0, sizeof(ret));
|
|
|
- RequestTokenRet2 ret2;
|
|
|
- memset(&ret2, 0, sizeof(ret2));
|
|
|
-
|
|
|
- int nArrayNum(0);
|
|
|
- int nArrayNum2(0);
|
|
|
- int nBufLen = sizeof(ret);
|
|
|
- int nBufLen2 = sizeof(ret2);
|
|
|
- pRecvPkg->GetStructData("TOKEN_RT", (BYTE*)&ret, &nBufLen, &nArrayNum);
|
|
|
- pRecvPkg->GetStructData("TOKEN_RET2", (BYTE*)&ret2, &nBufLen2, &nArrayNum2);
|
|
|
- // 生成Hash
|
|
|
- BYTE enToken[512 + 16] = { 0 };
|
|
|
- memcpy(enToken, ret.enToken, 256);
|
|
|
- memcpy(enToken + 256, ret2.enToken, 256);
|
|
|
- memcpy(enToken + 512, ret.sharedSK, 16);
|
|
|
- BYTE sm3[32] = { 0 };
|
|
|
- if (!SM3Hash(enToken,512 + 16,sm3)) {
|
|
|
- DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("SM3 Hash error at Token Ret.");
|
|
|
- }
|
|
|
-
|
|
|
- if (memcmp(sm3, ret2.retHash, 32) != 0)
|
|
|
- {
|
|
|
- rc = Error_Bug;
|
|
|
-
|
|
|
- ((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("返回令牌校验不通过");
|
|
|
- m_pFSM->doWarnMsg(ERR_ACCESSAUTH_TOKEN_HASH, GetOutPutStr("%s%s", "Hash", "返回令牌校验不通过"));
|
|
|
- }
|
|
|
- else
|
|
|
- {
|
|
|
- // 保存令牌和共享会话密钥到令牌管理实体
|
|
|
- //跟良瑜那边确定使用512的长度
|
|
|
- CBlob token;
|
|
|
- token.Alloc(512);
|
|
|
- memcpy(token.m_pData, enToken, 512);
|
|
|
-
|
|
|
- CBlob sharedSK;
|
|
|
- sharedSK.Alloc(16);
|
|
|
- memcpy(sharedSK.m_pData, ret.sharedSK, 16);
|
|
|
- rc = ((CAccessAuthEntity*)m_pEntity)->SaveTokenAndSharedSK(token, sharedSK);
|
|
|
- if (rc != Error_Succeed)
|
|
|
- {
|
|
|
- ((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("保存令牌失败");
|
|
|
- m_pFSM->doWarnMsg(ERR_ACCESSAUTH_SAVE_TOKEN, GetOutPutStr("%s%08X", "SaveTokenAndSharedSK", rc), "保存令牌失败");
|
|
|
- }
|
|
|
- }
|
|
|
- }
|
|
|
- else
|
|
|
- {
|
|
|
- rc = Error_Bug;
|
|
|
- ((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("返回令牌数据非法");
|
|
|
- m_pFSM->doWarnMsg(ERR_ACCESSAUTH_TOKEN, GetOutPutStr("%s%d", "nRetLen", nRetLen), "返回令牌数据非法");
|
|
|
- }
|
|
|
- }
|
|
|
-
|
|
|
- m_pFSM->PostEventFIFO(new FSMEvent(rc==Error_Succeed ? CAccessAuthFSM::Event_ReqTokenSucc:CAccessAuthFSM::Event_ReqTokenFail));
|
|
|
- return rc;
|
|
|
-}
|
|
|
-
|
|
|
-DWORD CAccessAuthConn::HandleTermExitRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
-{
|
|
|
- DWORD dwSysCode, dwUserCode;
|
|
|
- string strErrMsg;
|
|
|
- ErrorCodeEnum rc = Error_Succeed;
|
|
|
- if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
- {
|
|
|
- rc = (ErrorCodeEnum)dwSysCode;
|
|
|
- m_pFSM->doWarnMsg(ERR_ACCESSAUTH_TERM_EXIT, GetOutPutStr("%s%08X%s%s", "GetErrMsg", dwSysCode, "strErrMsg", strErrMsg.c_str()));
|
|
|
- return rc;
|
|
|
- }
|
|
|
-
|
|
|
- return rc;
|
|
|
-}
|
|
|
-
|
|
|
-DWORD CAccessAuthConn::HandleReportStageRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
-{
|
|
|
- DWORD dwSysCode, dwUserCode;
|
|
|
- string strErrMsg;
|
|
|
- ErrorCodeEnum rc = Error_Succeed;
|
|
|
- if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
- {
|
|
|
- rc = (ErrorCodeEnum)dwSysCode;
|
|
|
- m_pFSM->doWarnMsg(ERR_ACCESSAUTH_REPORT_STATE, GetOutPutStr("%s%08X%s%s", "GetErrMsg", dwSysCode, "strErrMsg", strErrMsg.c_str()));
|
|
|
- return rc;
|
|
|
- }
|
|
|
-
|
|
|
- return rc;
|
|
|
-}
|
|
|
-
|
|
|
-DWORD CAccessAuthConn::SendWKUpdatePackage()
|
|
|
-{
|
|
|
- LOG_FUNCTION();
|
|
|
- assert(IsConnectionOK());
|
|
|
- KMCKeyReq req;
|
|
|
- memset(req.TerminalNo,0,sizeof(req.TerminalNo));
|
|
|
- CSystemStaticInfo si;
|
|
|
- auto pEntity = (CAccessAuthEntity*)m_pEntity;
|
|
|
- pEntity->GetFunction()->GetSystemStaticInfo(si);
|
|
|
- strcpy(req.TerminalNo, si.strTerminalID.GetData());
|
|
|
- //req.TerminalNo = TerminalNo;
|
|
|
- CSmartPointer<IEntityFunction> pFunc = m_pEntity->GetFunction();
|
|
|
- CSmartPointer<IPackage> package = CreateNewPackage("KMCKey");
|
|
|
- package->AddStruct("KMCKeyReq", false, false, (BYTE*)& req, sizeof(req));
|
|
|
- return SendPackage(package) != "" ? Error_Succeed : Error_Unexpect;
|
|
|
-}
|
|
|
-
|
|
|
-
|
|
|
-DWORD CAccessAuthConn::SendExitNoticePackage(int nReason, int nWay)
|
|
|
-{
|
|
|
- assert(IsConnectionOK());
|
|
|
-
|
|
|
- TerminalExitReq req;
|
|
|
- memset(&req, 0, sizeof(req));
|
|
|
-
|
|
|
- CSystemStaticInfo si;
|
|
|
- m_pEntity->GetFunction()->GetSystemStaticInfo(si);
|
|
|
-
|
|
|
- // 设备号
|
|
|
- strncpy(&req.szTerminalNo[0], (const char*)si.strTerminalID, sizeof(req.szTerminalNo)-1);
|
|
|
-
|
|
|
- req.nTriggerReason = (BYTE) nReason;
|
|
|
- req.nRebootWay = (BYTE) nWay;
|
|
|
-
|
|
|
- CSimpleStringA strStage;
|
|
|
- m_pEntity->GetFunction()->GetSysVar("TerminalStage", strStage);
|
|
|
- req.chTerminalStage = strStage[0];
|
|
|
-
|
|
|
- CSmartPointer<IPackage> package = CreateNewPackage("TermExit");
|
|
|
- package->AddStruct("EXIT_REQ", false, false, (BYTE*)&req, sizeof(req));
|
|
|
- DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("send terminal exit package");
|
|
|
- SendPackage(package);
|
|
|
- return Error_Succeed;
|
|
|
-}
|
|
|
-
|
|
|
-DWORD CAccessAuthConn::SendTerminalStagePackage(char cNewStage, CSmallDateTime dtNewStageTime,
|
|
|
- char cOldStage, CSmallDateTime dtOldStageTime)
|
|
|
-{
|
|
|
- assert(IsConnectionOK());
|
|
|
-
|
|
|
- TerminalStageReport req = {};
|
|
|
-
|
|
|
- CSystemStaticInfo si;
|
|
|
- m_pEntity->GetFunction()->GetSystemStaticInfo(si);
|
|
|
-
|
|
|
- strncpy(req.szTerminalNo, si.strTerminalID, sizeof(req.szTerminalNo) - 1);
|
|
|
-
|
|
|
- {
|
|
|
-#ifdef RVC_OS_WIN
|
|
|
- hostent *ent = gethostbyname(NULL);
|
|
|
- if (ent && ent->h_addr_list[0] != NULL)
|
|
|
- {
|
|
|
- int i = 0;
|
|
|
- for (; ent->h_addr_list[i] != NULL; ++i)
|
|
|
- {
|
|
|
- struct in_addr *in = (struct in_addr*)ent->h_addr_list[i];
|
|
|
- if (in->S_un.S_un_b.s_b1 == 99 || in->S_un.S_un_b.s_b1 == 10)
|
|
|
- break;
|
|
|
- }
|
|
|
-
|
|
|
- if (ent->h_addr_list[i] == NULL)
|
|
|
- i = 0;
|
|
|
-
|
|
|
- auto in = (struct in_addr*)ent->h_addr_list[i];
|
|
|
-
|
|
|
- req.IP[0] = in->S_un.S_un_b.s_b1;
|
|
|
- req.IP[1] = in->S_un.S_un_b.s_b2;
|
|
|
- req.IP[2] = in->S_un.S_un_b.s_b3;
|
|
|
- req.IP[3] = in->S_un.S_un_b.s_b4;
|
|
|
- }
|
|
|
-#else
|
|
|
- char ip[32] = { 0 };
|
|
|
- if (getIPFromLinux(ip)) DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("Get IP From Linux Error.");
|
|
|
- else {
|
|
|
- if (ip2byte(ip, req.IP)) DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("Ip 2 Byte Error");
|
|
|
- else {
|
|
|
- for (int i = 0; i < 4; i++) {
|
|
|
- DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("ip[%d]=%d", i, (int)req.IP[i]);
|
|
|
- }
|
|
|
- }
|
|
|
- }
|
|
|
-#endif // RVS_OS_WIN
|
|
|
- }
|
|
|
-
|
|
|
- strncpy(req.szSites, si.strSite, sizeof(req.szSites)-1);
|
|
|
- si.EnrolGPS.GetBinaryLongitude(&req.CurrentGPS[0]);
|
|
|
- si.EnrolGPS.GetBinaryLatitude(&req.CurrentGPS[4]);
|
|
|
-
|
|
|
- CSimpleStringA strSysVarVal;
|
|
|
- m_pEntity->GetFunction()->GetSysVar("RunState", strSysVarVal);
|
|
|
- req.cRunState = strSysVarVal[0];
|
|
|
-
|
|
|
- req.cNewStage = cNewStage;
|
|
|
- req.dwNewStageTime = dtNewStageTime;
|
|
|
- req.cLastStage = cOldStage;
|
|
|
- req.dwLastStageTime = dtOldStageTime;
|
|
|
-
|
|
|
- CSmartPointer<IPackage> package = CreateNewPackage("StageRep");
|
|
|
- package->AddStruct("STAGEREP", false, false, (BYTE*)&req, sizeof(req));
|
|
|
- DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("send ReportTerminalStage package");
|
|
|
- SendPackage(package);
|
|
|
- return Error_Succeed;
|
|
|
-}
|
|
|
-
|
|
|
-bool CAccessAuthConn::GetSpBaseSignCertHash(CSimpleStringA &strHash)
|
|
|
-{
|
|
|
- auto pFunc = m_pEntity->GetFunction();
|
|
|
- CSimpleStringA strPath;
|
|
|
- pFunc->GetPath("Bin", strPath);
|
|
|
- strPath += "\\spbase.dll";
|
|
|
-
|
|
|
- return (pFunc->VerifySignature(strPath, strHash) == Error_Succeed);
|
|
|
-}
|
|
|
-
|
|
|
static inline bool is_base64(unsigned char c)
|
|
|
{
|
|
|
return (isalnum(c) || (c == '+') || (c == '/'));
|
|
|
@@ -383,87 +100,6 @@ int base64_decode(const unsigned char * pEncodedString, long lEncodedLen,
|
|
|
return 0;
|
|
|
}
|
|
|
|
|
|
-bool CAccessAuthConn::GetUKeyRootCertHash(CSimpleStringA &strHash)
|
|
|
-{
|
|
|
- LOG_FUNCTION();
|
|
|
- bool bRet = false;
|
|
|
- auto pFunc = m_pEntity->GetFunction();
|
|
|
- CSimpleStringA strPath;
|
|
|
- pFunc->GetPath("Cfg", strPath);
|
|
|
-
|
|
|
-#ifdef RVC_OS_WIN
|
|
|
- strPath += "\\certs\\RootCert.pem";
|
|
|
- auto hFile = CreateFile(strPath, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
|
|
|
- if (hFile == INVALID_HANDLE_VALUE)
|
|
|
-#else
|
|
|
- strPath += "/certs/RootCert.pem";
|
|
|
- DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("RootCert Path=%s", strPath.GetData());
|
|
|
- fstream hFile;
|
|
|
- hFile.open(strPath.GetData(), ios::in);
|
|
|
- if(!hFile.is_open())
|
|
|
-#endif
|
|
|
- {
|
|
|
- m_pFSM->doWarnMsg(ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE, GetOutPutStr("%s%s%s", "读写config配置文件错误", "strPath", strPath).c_str());
|
|
|
- }
|
|
|
- else
|
|
|
- {
|
|
|
- BYTE data[2048] = {};
|
|
|
- DWORD nReadLen = 0;
|
|
|
-#ifdef RVC_OS_WIN
|
|
|
- if (!ReadFile(hFile, data, 2048, &nReadLen, NULL) || nReadLen <= 0)
|
|
|
- {
|
|
|
-#else
|
|
|
- if(hFile >> data)
|
|
|
- {
|
|
|
-#endif
|
|
|
- m_pFSM->doWarnMsg(ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE,GetOutPutStr("%s%s", "读写config配置文件错误", "False").c_str());
|
|
|
- }
|
|
|
- else
|
|
|
- {
|
|
|
- // 去年头尾标识 -----BEGIN CERTIFICATE----- -----END CERTIFICATE-----
|
|
|
- const char *pszHead = "-----BEGIN CERTIFICATE-----\r\n";
|
|
|
- const char *pszTail = "-----END CERTIFICATE-----\r\n";
|
|
|
-
|
|
|
- int nStart = strlen(pszHead);
|
|
|
- int nLen = nReadLen - nStart - strlen(pszTail);
|
|
|
- data[nStart + nLen] = 0;
|
|
|
- const char *pCert = (char*) &data[nStart];
|
|
|
- BYTE buf[2048] = {};
|
|
|
- long nRetLen = 2048;
|
|
|
- base64_decode((BYTE*)pCert, nLen, buf, nRetLen);
|
|
|
-
|
|
|
- BYTE hash[32] = {0};
|
|
|
- if(SM3Hash(buf,nRetLen,hash))
|
|
|
- {
|
|
|
- char* szBuf;
|
|
|
-
|
|
|
- szBuf = Str2Hex((char *)hash,32);
|
|
|
-
|
|
|
- strHash = szBuf;
|
|
|
- delete[] szBuf;
|
|
|
- DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("Ex RootCert.pem hash=%s",strHash.GetData());
|
|
|
- bRet = true;
|
|
|
-
|
|
|
- }
|
|
|
- else
|
|
|
- m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_HASH, GetOutPutStr("%s%s", "Sha1Hash", "False").c_str());
|
|
|
- }
|
|
|
-#ifdef RVC_OS_WIN
|
|
|
- CloseHandle(hFile);
|
|
|
-#else
|
|
|
- hFile.close();
|
|
|
-#endif
|
|
|
-
|
|
|
- }
|
|
|
-
|
|
|
- return bRet;
|
|
|
-}
|
|
|
-
|
|
|
-bool CAccessAuthConn::Sha1Hash(BYTE *pData, int nDataLen, BYTE hash[])
|
|
|
-{
|
|
|
- return true;
|
|
|
-}
|
|
|
-
|
|
|
//同步时间
|
|
|
DWORD CAccessAuthConn::SendSyncTimePackage()
|
|
|
{
|
陈纪林80310970