#IQRV #comment [Merge]诗友去分行项目：准入实体同步

Module/mod_accessauth/AccessAuthConn.cpp

@@ -3,7 +3,7 @@
 #include "mod_AccessAuth.h"
 #include "GetDevInfoHelper.h"
 #include "comm.h"
-
+#include "access_basefun.h"
 #ifdef RVC_OS_WIN
 #pragma comment(lib, "crypt32.lib")
 #include <windows.h>
@@ -14,7 +14,18 @@
 using namespace std;
 
 #define MY_ENCODING_TYPE  (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
-
+//oiltest need to public function
+int HexBuf2StrBuf(PBYTE hexBuf, char** strBuf, DWORD len)
+{
+	char* tmpStr = *strBuf;
+	int count = 0;
+	for (int i = 0; i < len; ++i)
+	{
+		sprintf(tmpStr + count, "%0.2X", hexBuf[i]);
+		count += 2;
+	}
+	return 0;
+}
 CAccessAuthConn::CAccessAuthConn(CEntityBase *pEntity, CAccessAuthFSM *pFSM)
 	:SpSecureClient(pEntity), m_pFSM(pFSM)
 {	
@@ -34,7 +45,7 @@ void CAccessAuthConn::OnPkgAnswer(const CSmartPointer<IPackage> &pRecvPkg)
 	LOG_FUNCTION();
 	string serviceCode = pRecvPkg->GetServiceCode();
 	Dbg("serviceCode=%s",serviceCode.c_str());
-	if (serviceCode == "KMCKey")
+	if (serviceCode == "UpdateWK")
 	{
 		HandleUpdateWKRet(pRecvPkg);
 	}
@@ -79,8 +90,7 @@ void CAccessAuthConn::OnPkgAnswer(const CSmartPointer<IPackage> &pRecvPkg)
 	}
 	else
 	{
-		LogWarn(Severity_Middle,Error_Unexpect, ERR_ACCESSAUTH_UNKOWN,
-			GetOutPutStr("%s%s","UnKown", serviceCode.c_str()).c_str());
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_UNKOWN, GetOutPutStr("%s%s", "UnKown", serviceCode.c_str()));
 	}
 }
 
@@ -88,14 +98,14 @@ DWORD CAccessAuthConn::HandleUpdateWKRet(const CSmartPointer<IPackage> &pRecvPkg
 {
 
 	LOG_FUNCTION();
-	DWORD rc = Error_Succeed;
+	DWORD rc = Error_Unexpect;
 	DWORD dwSysCode, dwUserCode;
 	string strErrMsg;
 	auto pEntity = (CAccessAuthEntity*)m_pEntity;
 	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
 		rc = dwUserCode;
-		((CAccessAuthEntity*)m_pEntity)->WarnAuthErrMsg(rc, rc, strErrMsg);
+		m_pFSM->doWarnMsg(rc, GetOutPutStr("%s%08x%s%s", "GetErrMsg", rc, "strErrMsg", strErrMsg));
 	}
 	else
 	{
@@ -144,7 +154,8 @@ DWORD CAccessAuthConn::HandleReqTokenRet(const CSmartPointer<IPackage> &pRecvPkg
 	{
 		rc = dwUserCode;
 		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg(strErrMsg.c_str());
-		((CAccessAuthEntity*)m_pEntity)->WarnAuthErrMsg(rc, rc, strErrMsg, true);
+		m_pFSM->doWarnMsg(rc, strErrMsg);
+		if (rc == 0) rc = ERR_ACCESSAUTH_TOKEN_HASH;
 	}
 	else
 	{
@@ -179,10 +190,7 @@ DWORD CAccessAuthConn::HandleReqTokenRet(const CSmartPointer<IPackage> &pRecvPkg
 				rc = Error_Bug;
 				
 				((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("返回令牌校验不通过");
-				spFunction->SetSysVar("AuthErrMsg", "返回令牌校验不通过", false);
-
-				LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_TOKEN_HASH,
-					GetOutPutStr("%s%s", "Hash", "返回令牌校验不通过").c_str());
+				m_pFSM->doWarnMsg(ERR_ACCESSAUTH_TOKEN_HASH, GetOutPutStr("%s%s", "Hash", "返回令牌校验不通过"));
 			}
 			else
 			{
@@ -195,27 +203,19 @@ DWORD CAccessAuthConn::HandleReqTokenRet(const CSmartPointer<IPackage> &pRecvPkg
 				CBlob sharedSK;
 				sharedSK.Alloc(16);
 				memcpy(sharedSK.m_pData, ret.sharedSK, 16);
-				//@test 
-				
 				rc = ((CAccessAuthEntity*)m_pEntity)->SaveTokenAndSharedSK(token, sharedSK);
 				if (rc != Error_Succeed)
 				{
 					((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("保存令牌失败");
-					spFunction->SetSysVar("AuthErrMsg", "保存令牌失败", false);
-			
-					LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SAVE_TOKEN,
-						GetOutPutStr("%s%08X", "SaveTokenAndSharedSK", rc).c_str());
-				}
-				
+					m_pFSM->doWarnMsg(ERR_ACCESSAUTH_SAVE_TOKEN, GetOutPutStr("%s%08X", "SaveTokenAndSharedSK", rc), "保存令牌失败");
+				}				
 			}
 		}
 		else
 		{
 			rc = Error_Bug;
-			((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("返回令牌数据非法");			
-			spFunction->SetSysVar("AuthErrMsg", "返回令牌数据非法", false);
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_TOKEN,
-				GetOutPutStr("%s%d", "nRetLen", nRetLen).c_str());
+			((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("返回令牌数据非法");	
+			m_pFSM->doWarnMsg(ERR_ACCESSAUTH_TOKEN, GetOutPutStr("%s%d", "nRetLen", nRetLen), "返回令牌数据非法");
 		}
 	}
 
@@ -231,7 +231,7 @@ DWORD CAccessAuthConn::HandleTermExitRet(const CSmartPointer<IPackage> &pRecvPkg
 	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
 		rc = (ErrorCodeEnum)dwSysCode;
-		((CAccessAuthEntity*)m_pEntity)->WarnAuthErrMsg(rc, ERR_ACCESSAUTH_TERM_EXIT, strErrMsg);
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_TERM_EXIT, GetOutPutStr("%s%08X%s%s", "GetErrMsg", dwSysCode, "strErrMsg", strErrMsg.c_str()));
 		return rc;
 	}
 
@@ -246,7 +246,7 @@ DWORD CAccessAuthConn::HandleReportStageRet(const CSmartPointer<IPackage> &pRecv
 	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
 		rc = (ErrorCodeEnum)dwSysCode;
-		((CAccessAuthEntity*)m_pEntity)->WarnAuthErrMsg(rc, ERR_ACCESSAUTH_REPORT_STATE, strErrMsg);
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_REPORT_STATE, GetOutPutStr("%s%08X%s%s", "GetErrMsg", dwSysCode, "strErrMsg", strErrMsg.c_str()));
 		return rc;
 	}
 
@@ -279,7 +279,8 @@ DWORD CAccessAuthConn::SendGetTokenPackage()
 	CSmartPointer<IPackage> package = CreateNewPackage("ReqToken");
 	// 获取外设及PinPadID
 	CSimpleStringA strPinPadID = "", strDeviceID = "";
-	int nRet = ((CAccessAuthEntity*)m_pEntity)->GetPinPadIDAndDeviceID(strPinPadID, strDeviceID);
+	bool bHasPinPad = false;
+	int nRet = ((CAccessAuthEntity*)m_pEntity)->GetPinPadIDAndDeviceID(strPinPadID, strDeviceID, bHasPinPad);
 	Dbg("GetPinPadIDAndDeviceID ret: %d, PinPadID: %s, DeviceID: %s", nRet, (const char*)strPinPadID, (const char*)strDeviceID);
 	std::regex pattern(".+-[Ff][Ww][Bb]-.+");
 	if (std::regex_match(strDeviceID.GetData(), pattern))
@@ -401,8 +402,7 @@ DWORD CAccessAuthConn::SendGetTokenPackage()
 	//ts = "A";
 	if (rc != Error_Succeed)
 	{
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_SYS_VAR,
-			GetOutPutStr("%s%08X%s%s", "GetSysVar", rc,"TerminalStage",ts).c_str());
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_SYS_VAR, GetOutPutStr("%s%08X%s%s", "GetSysVar", rc, "TerminalStage", ts));
 		return ERR_ACCESSAUTH_GET_SYS_VAR;
 	}
 	assert(ts.GetLength() >=1);
@@ -414,8 +414,7 @@ DWORD CAccessAuthConn::SendGetTokenPackage()
 	//rs = "O";
 	if (rc != Error_Succeed)
 	{
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_SYS_VAR,
-			GetOutPutStr("%s%08X%s%s", "GetSysVar", rc,"RunState", rs).c_str());
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_SYS_VAR, GetOutPutStr("%s%08X%s%s", "GetSysVar", rc, "RunState", rs));
 		return ERR_ACCESSAUTH_GET_SYS_VAR;
 	}
 	assert(rs.GetLength() >=1);
@@ -453,8 +452,7 @@ DWORD CAccessAuthConn::SendGetTokenPackage()
 
 	if (rc != Error_Succeed)
 	{
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_ENCRYPT_KEY,
-			GetOutPutStr("%s%08X", "CryptEncrypt", rc).c_str());
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_ENCRYPT_KEY, GetOutPutStr("%s%08X", "CryptEncrypt", rc));
 		return ERR_ACCESSAUTH_ENCRYPT_KEY;
 	}
 
@@ -468,12 +466,8 @@ DWORD CAccessAuthConn::SendGetTokenPackage()
 	rc = SpGetAllDevices(m_pEntity, devNames);
 	if (rc != Error_Succeed)
 	{
-		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("从root.ini获取终端设备信息失败");
-		spFunction->SetSysVar("AuthErrMsg", "从root.ini获取终端设备信息失败", false);
-
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE,
-			GetOutPutStr("%s%08X", "SpGetAllDevices", rc).c_str());
-		
+		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("从root.ini获取终端设备信息失败");		
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE, GetOutPutStr("%s%08X", "SpGetAllDevices", rc));
 		return ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE;
 	}
 
@@ -543,12 +537,8 @@ DWORD CAccessAuthConn::SendGetTokenPackage()
 			strncpy(req3.szSignCertHash, strHash1, 40);
 			Dbg("spshell hash value=%s",req3.szSignCertHash);
 		}
-			
 		else
-		{
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_SPSHELL_HASH,
-					GetOutPutStr("%s%s", "GetSpBaseSignCertHash", "False").c_str());
-		}
+			m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_SPSHELL_HASH, GetOutPutStr("%s%s", "GetSpBaseSignCertHash", "False"));
 	}
 
 	CSimpleStringA strHash2;
@@ -563,8 +553,7 @@ DWORD CAccessAuthConn::SendGetTokenPackage()
 	int nBufLen = sizeof(fingerPrint);
 	if (!pEntity->GetTerminalFingerPrint(fingerPrint, nBufLen))
 	{
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
-				GetOutPutStr("%s%s", "GetTerminalFingerPrint", "False").c_str());
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT, GetOutPutStr("%s%s", "GetTerminalFingerPrint", "False"));
 		return ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT;
 	}
 	memcpy(req3.FingerPrint, fingerPrint, 16);
@@ -582,8 +571,7 @@ DWORD CAccessAuthConn::SendGetTokenPackage()
 		memset(req3.PublicKey,0,nBufLen);
 		if (!pEntity->GetTerminalPublicKey(req3.PublicKey, nBufLen))
 		{
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_PUBKEY,
-				GetOutPutStr("%s%s", "GetTerminalPublicKey", "False").c_str());
+			m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_TERMINAL_PUBKEY, GetOutPutStr("%s%s", "GetTerminalPublicKey", "False"));
 			return ERR_ACCESSAUTH_GET_TERMINAL_PUBKEY;
 		}
 	}
@@ -594,12 +582,14 @@ DWORD CAccessAuthConn::SendGetTokenPackage()
 	{
 		RequestTokenReq4 req4 = {};
 		strncpy(req4.szPinPadID, (const char*)strPinPadID, sizeof(req4.szPinPadID) - 1);
+		strncpy(req4.terminalNo, si.strTerminalID.GetData(), sizeof(req4.terminalNo) - 1);
 		package->AddStruct("TOKEN_R4", false, false, (BYTE*)&req4, sizeof(req4));
 	}
 	
 	RequestTokenReq5 req5 = {};
 	// 获取密码键盘链接状态
-	if (((CAccessAuthEntity*)m_pEntity)->HasPinPad())
+	//if (((CAccessAuthEntity*)m_pEntity)->HasPinPad())
+	if (bHasPinPad)
 	{		
 		req5.chExistPinPad = '1';
 		Dbg("has pinpad");			
@@ -814,8 +804,7 @@ bool CAccessAuthConn::GetUKeyRootCertHash(CSimpleStringA &strHash)
 	if(!hFile.is_open())
 #endif
 	{
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE,
-			GetOutPutStr("%s%s%s%s", "open", "false","strPath", strPath.GetData()).c_str());
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE, GetOutPutStr("%s%s%s", "读写config配置文件错误", "strPath", strPath).c_str());
 	}
 	else
 	{
@@ -828,8 +817,7 @@ bool CAccessAuthConn::GetUKeyRootCertHash(CSimpleStringA &strHash)
 		if(hFile >> data)
 		{
 #endif
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE,
-				GetOutPutStr("%s%s", "ReadFile", "False").c_str());
+			m_pFSM->doWarnMsg(ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE,GetOutPutStr("%s%s", "读写config配置文件错误", "False").c_str());
 		}
 		else
 		{
@@ -859,11 +847,7 @@ bool CAccessAuthConn::GetUKeyRootCertHash(CSimpleStringA &strHash)
 
 			}
 			else
-			{
-			
-				LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_HASH,
-					GetOutPutStr("%s%s", "Sha1Hash", "False").c_str());
-			}
+				m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_HASH, GetOutPutStr("%s%s", "Sha1Hash", "False").c_str());
 		}
 #ifdef RVC_OS_WIN
 		CloseHandle(hFile);
@@ -950,8 +934,8 @@ DWORD CAccessAuthConn::SendSyncTimePackageNew()
 	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
 		rc = dwUserCode;
-		((CAccessAuthEntity*)m_pEntity)->WarnAuthErrMsg(rc, rc, strErrMsg);
-	}
+		m_pFSM->doWarnMsg(dwUserCode, GetOutPutStr("%s%08X%s%s", "GetErrMsg", dwUserCode, "strErrMsg", strErrMsg.c_str()).c_str());
+	}		
 	else
 	{
 		int nRetLen = pRecvPkg->GetStructLen("SYNC_A1");
@@ -982,8 +966,7 @@ DWORD CAccessAuthConn::SendSyncTimePackageNew()
 					Dbg("sync time with server succeed, server time: [%s]", (const char*)dtServerTime.ToTimeString());
 				else
 				{
-					LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SET_LOCALE_TIME,
-						GetOutPutStr("%s%s", "stServerTime", dtServerTime.ToTimeString()).c_str());
+					m_pFSM->doWarnMsg(ERR_ACCESSAUTH_SET_LOCALE_TIME, GetOutPutStr("%s%s", "stServerTime", dtServerTime.ToTimeString()).c_str());
 					rc = ERR_ACCESSAUTH_SET_LOCALE_TIME;
 				}
 			}
@@ -995,8 +978,7 @@ DWORD CAccessAuthConn::SendSyncTimePackageNew()
 		else
 		{
 			
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SYNC_TIME,
-				GetOutPutStr("%s%d", "GetStructLen", nRetLen).c_str());
+			m_pFSM->doWarnMsg(ERR_ACCESSAUTH_SYNC_TIME,	GetOutPutStr("%s%d", "GetStructLen", nRetLen).c_str());
 			rc = ERR_ACCESSAUTH_SYNC_TIME;
 		}
 	}
@@ -1016,8 +998,8 @@ DWORD CAccessAuthConn::HandleSyncTimeRet(const CSmartPointer<IPackage> &pRecvPkg
 	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
 		rc = dwUserCode;
-		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg(strErrMsg.c_str());
-		((CAccessAuthEntity*)m_pEntity)->WarnAuthErrMsg(rc, rc, strErrMsg);
+		m_pFSM->doWarnMsg(rc, GetOutPutStr("%s%08X%s%s", "GetErrMsg", rc,"strErrMsg", strErrMsg.c_str()).c_str());
+
 	}
 	else
 	{
@@ -1049,9 +1031,7 @@ DWORD CAccessAuthConn::HandleSyncTimeRet(const CSmartPointer<IPackage> &pRecvPkg
 					Dbg("sync time with server succeed, server time: [%s]", (const char*)dtServerTime.ToTimeString());
 				else
 				{
-					LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SET_LOCALE_TIME,
-						GetOutPutStr("%s%s", "stServerTime", dtServerTime.ToTimeString()).c_str());
-					((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("设置本地时间失败");
+					m_pFSM->doWarnMsg(ERR_ACCESSAUTH_SET_LOCALE_TIME, GetOutPutStr("%s%s", "设置本地时间错误", dtServerTime.ToTimeString()).c_str());
 					rc = ERR_ACCESSAUTH_SET_LOCALE_TIME;
 				}
 			}
@@ -1069,20 +1049,21 @@ DWORD CAccessAuthConn::HandleSyncTimeRet(const CSmartPointer<IPackage> &pRecvPkg
 				pEntity->SetAuthErrMsg("时间同步时，获取准入加密版本错误，请先进行密钥初始化");
 			}
 			else {
-				((CAccessAuthEntity*)m_pEntity)->SaveAuthVerAndKey(ret.nAuthVersion, ret.SessionKey);
+				bool saveRet = ((CAccessAuthEntity*)m_pEntity)->SaveAuthVerAndKey(ret.nAuthVersion, ret.SessionKey);
+				if (!saveRet) {
+					Dbg("SaveAuthVerAndKey faild.");
+					rc = ERR_ACCESSAUTH_SYNC_TIME;
+				}
 			}
 		}
 		else
 		{
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SYNC_TIME,
-				GetOutPutStr("%s%d", "GetStructLen", nRetLen).c_str());
-			((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("未返回数据，同步时间失败");
+			m_pFSM->doWarnMsg(ERR_ACCESSAUTH_SYNC_TIME,	GetOutPutStr("%s%d", "时间同步错误", nRetLen).c_str());
 			rc = ERR_ACCESSAUTH_SYNC_TIME;
 		}
 	}
+	m_pFSM->PostEventFIFO(new FSMEvent(rc == Error_Succeed ? CAccessAuthFSM::Event_EndSyncTime : CAccessAuthFSM::Event_CheckMD5Fail));
 	
-	auto pEvent = new FSMEvent(rc == Error_Succeed?CAccessAuthFSM::Event_EndSyncTime: CAccessAuthFSM::Event_SyncTimeFailed);
-	m_pFSM->PostEventFIFO(pEvent);
 	return rc;
 }
 
@@ -1093,18 +1074,22 @@ DWORD CAccessAuthConn::SendInitDevicePackage(SpReqAnsContext<AccessAuthService_I
 	InitDeviceReq req;
 	memset(&req, 0, sizeof(req));
 	
-	strncpy(req.CR1, (const char*)ctx->Req.EncR1, sizeof(req.CR1));
+	strncpy(req.vtmCR1, (const char*)ctx->Req.EncR1, sizeof(req.vtmCR1));
 	strncpy(req.R2, (const char*)ctx->Req.R2, sizeof(req.R2));
-	strncpy(req.CR3, (const char*)ctx->Req.EncR3, sizeof(req.CR3));
+	strncpy(req.vtmCR3, (const char*)ctx->Req.EncR3, sizeof(req.vtmCR3));
 	strncpy(req.CDevPubKey, (const char*)ctx->Req.EncDevPubKey, sizeof(req.CDevPubKey));
 	strncpy(req.Verdor, (const char*)ctx->Req.Vendor, sizeof(req.Verdor));
 
 	CSmartPointer<IPackage> package = CreateNewPackage("InitDev");
 	package->AddStruct("InitDevR", false, false, (BYTE*)&req, sizeof(req));
+
+	InitDeviceReq0 req0;
+	req0.isSM = 1;
+	package->AddStruct("SMSyn", false, false, (BYTE*)& req0, sizeof(req0));
+
 	if (SendPackage(package) == "")
 	{
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_INIT_DEV_SEND_PKG,
-			GetOutPutStr("%s%s", "SendInitDevicePackage", "").c_str());
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_INIT_DEV_SEND_PKG,	GetOutPutStr("%s%s", "发送初始化设备数据包失败", "").c_str());
 		return ERR_ACCESSAUTH_INIT_DEV_SEND_PKG;
 	}
 	else
@@ -1125,7 +1110,8 @@ DWORD CAccessAuthConn::HandleInitDeviceRet(const CSmartPointer<IPackage> &pRecvP
 	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
 		rc = (ErrorCodeEnum)dwSysCode;
-		((CAccessAuthEntity*)m_pEntity)->WarnAuthErrMsg(rc, ERR_ACCESSAUTH_INIT_DEV, strErrMsg);
+
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_INIT_DEV, GetOutPutStr("%s%08X%s%s", "初始化设备错误", rc,"strErrMsg", strErrMsg.c_str()).c_str());
 	}
 	else if (m_ctxInitDev == NULL)
 	{
@@ -1154,8 +1140,7 @@ DWORD CAccessAuthConn::HandleInitDeviceRet(const CSmartPointer<IPackage> &pRecvP
 		}
 		else
 		{
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_INIT_DEV,
-				GetOutPutStr("%s%d", "GetStructLen", nRetLen).c_str());
+			m_pFSM->doWarnMsg(ERR_ACCESSAUTH_INIT_DEV, GetOutPutStr("%s%d", "GetStructLen", nRetLen).c_str());
 			rc = Error_Bug;
 		}
 	}
@@ -1199,9 +1184,9 @@ DWORD CAccessAuthConn::HandleReportStateRet(const CSmartPointer<IPackage> &pRecv
 	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
 		rc = dwUserCode;
-		((CAccessAuthEntity*)m_pEntity)->WarnAuthErrMsg(rc, rc, strErrMsg);
+		m_pFSM->doWarnMsg(rc, strErrMsg);
 	}
-
+	
 	return rc;
 }
 
@@ -1215,8 +1200,7 @@ DWORD CAccessAuthConn::SendLockStatePackage()
 	DWORD rc = pFunc->GetSystemStaticInfo(info);
 	if (rc != Error_Succeed)
 	{
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_SYSTEM_STATIC_INFO,
-			GetOutPutStr("%s%08X", "GetSystemStaticInfo", rc).c_str());
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_SYSTEM_STATIC_INFO, GetOutPutStr("%s%08X", "GetSystemStaticInfo", rc).c_str());
 		return ERR_ACCESSAUTH_GET_SYSTEM_STATIC_INFO;
 	}
 	strncpy(req.TerminalNo, (const char*)info.strTerminalID, sizeof(req.TerminalNo)-1);
@@ -1225,8 +1209,7 @@ DWORD CAccessAuthConn::SendLockStatePackage()
 	pkt->AddStruct("LockStateReq", false, false, (LPBYTE)&req, sizeof(LockStateReq));
 	if (SendPackage(pkt) == "")
 	{
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_LOCK_SEND_PKG,
-			GetOutPutStr("%s%08X", "SendLockStatePackage", Error_Unexpect).c_str());
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_LOCK_SEND_PKG,	GetOutPutStr("%s%08X", "SendLockStatePackage", Error_Unexpect).c_str());
 		return ERR_ACCESSAUTH_LOCK_SEND_PKG;
 	}
 	else
@@ -1247,7 +1230,11 @@ DWORD CAccessAuthConn::HandleLockStateRet(const CSmartPointer<IPackage> &pRecvPk
 	{
 		rc = dwUserCode;
 		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg(strErrMsg.c_str());
-		((CAccessAuthEntity*)m_pEntity)->WarnAuthErrMsg(rc, rc, strErrMsg, true);
+		CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
+		spFunction->SetSysVar("AuthErrMsg", strErrMsg.c_str(), true);
+
+		m_pFSM->doWarnMsg(rc, GetOutPutStr("%s%08X%s%s", "GetErrMsg", rc,"AuthErrMsg", strErrMsg.c_str()).c_str());
+
 		return rc;
 	}
 
@@ -1279,16 +1266,14 @@ DWORD CAccessAuthConn::HandleLockStateRet(const CSmartPointer<IPackage> &pRecvPk
 		} 
 		else 
 		{
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_LOCK_STATE,
-				GetOutPutStr("%s%s", "GetStructLen", "False").c_str());
+			m_pFSM->doWarnMsg(ERR_ACCESSAUTH_LOCK_STATE, GetOutPutStr("%s%s", "GetStructLen", "False").c_str());
 			return ERR_ACCESSAUTH_LOCK_STATE;
 		}
 		delete pBuf;
 	}
 	else
 	{
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_LOCK_STATE,
-			GetOutPutStr("%s%s%s%d", "GetStructData", "False","nLen", nLen).c_str());
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_LOCK_STATE, GetOutPutStr("%s%s%s%d", "GetStructData", "False","nLen", nLen).c_str());
 		return ERR_ACCESSAUTH_LOCK_STATE;
 	}
 
@@ -1348,8 +1333,8 @@ DWORD CAccessAuthConn::HandleCheckMD5Ret(const CSmartPointer<IPackage> &pRecvPkg
 	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
 		rc = (ErrorCodeEnum)dwSysCode;
-		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg(strErrMsg.c_str());
-		((CAccessAuthEntity*)m_pEntity)->WarnAuthErrMsg(rc, rc, strErrMsg, true);
+		m_pFSM->doWarnMsg(dwUserCode, strErrMsg);
+		CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
 	}
 
 	m_pFSM->PostEventFIFO(new FSMEvent(rc==Error_Succeed ? CAccessAuthFSM::Event_CheckMD5Succ:CAccessAuthFSM::Event_CheckMD5Fail));
@@ -1366,11 +1351,509 @@ DWORD CAccessAuthConn::HandleUpdateMD5Ret(const CSmartPointer<IPackage> &pRecvPk
 	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
 		rc = (ErrorCodeEnum)dwSysCode;
-		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg(strErrMsg.c_str());
-		((CAccessAuthEntity*)m_pEntity)->WarnAuthErrMsg(rc, rc, strErrMsg, true);
+		m_pFSM->doWarnMsg(dwUserCode, strErrMsg);
+		CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
 	}
 
 	m_pFSM->PostEventFIFO(new FSMEvent(rc==Error_Succeed ? CAccessAuthFSM::Event_CheckMD5Succ:CAccessAuthFSM::Event_CheckMD5Fail));
 
+	return rc;
+}
+DWORD CAccessAuthConn::HandleTimeSyn(int nTimeDiff,BYTE nAuthVersion,BYTE* nSessionKey) {
+	// 比较终端和服务器时间， 时差小于3分钟不纠正	
+	DWORD dwTimeDiff = nTimeDiff;
+	if (dwTimeDiff > 180)
+	{
+		Dbg("time diff is too large (%ds), sync time now", dwTimeDiff);
+
+		CSmallDateTime dtServerTime(CSmallDateTime::GetNow() + dwTimeDiff);
+		SYSTEMTIME stServerTime = dtServerTime.ToSystemTime();
+#ifdef RVC_OS_WIN
+		if (SetLocalTime(&stServerTime))
+#else
+		if (set_system_time_by_sec(dwTimeDiff))
+#endif // RVC_OS_WIN
+			Dbg("sync time with server succeed, server time: [%s]", (const char*)dtServerTime.ToTimeString());
+		else
+		{
+			//LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SET_LOCALE_TIME,
+			//	GetOutPutStr("%s%s", "stServerTime", dtServerTime.ToTimeString()).c_str());
+			return ERR_ACCESSAUTH_SET_LOCALE_TIME;
+		}
+	}
+	else
+	{
+		Dbg("time diff is acceptable (%ds)", dwTimeDiff);
+	}
+
+	// 检查准入请求版本 //会话密钥缓存
+	Dbg("auth version: %d", nAuthVersion);
+	if (((CAccessAuthEntity*)m_pEntity)->SaveAuthVerAndKey(nAuthVersion, nSessionKey)) return Error_Succeed;
+	return Error_Unexpect;
+}
+DWORD CAccessAuthConn::HandleLockState(int nState) {
+
+	//设置系统变量LockState, 0，正常；1，锁定；2，罚出；(准入服务返回，6:罚出 7：锁定)
+	CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
+	DWORD rc = Error_Succeed;
+	if (6 == nState)
+	{
+		rc = spFunction->SetSysVar("LockState", "2", true);
+		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("终端已罚出");
+	}
+	else if (7 == nState)
+	{
+		rc = spFunction->SetSysVar("LockState", "1", true);
+		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("终端已锁定");
+	}
+	return rc;
+}
+DWORD CAccessAuthConn::HandleGetToken(BYTE* enToken1, BYTE* sharedKey, BYTE* enToken2, BYTE* retHash) {
+	DWORD rc = Error_Succeed;
+	auto pEntity = (CAccessAuthEntity*)m_pEntity;
+	pEntity->GetOrSetIsFirstSM(1);
+
+	
+	if (m_pFSM->m_bAccessACS) {
+		Dbg("retHash=%s", (char*)retHash);
+
+		char* enToken1_acs, * sharedKey_acs, * enToken2_acs, * hash_acs;
+		int enToken1_acs_len = 0, sharedKey_acs_len = 0, enToken2_acs_len = 0, hash_acs_len = 0;
+		enToken1_acs = Hex2Str((char*)enToken1, enToken1_acs_len);
+		sharedKey_acs = Hex2Str((char*)sharedKey, sharedKey_acs_len);
+		enToken2_acs = Hex2Str((char*)enToken2, enToken2_acs_len);
+		hash_acs = Hex2Str((char*)retHash, hash_acs_len);
+
+		Dbg("enToken1_acs_len=%d", enToken1_acs_len);
+		Dbg("sharedKey_acs_len=%d", sharedKey_acs_len);
+		Dbg("enToken2_acs_len=%d", enToken2_acs_len);
+		Dbg("hash_acs_len=%d", hash_acs_len);
+
+		memset(enToken1, 0, strlen((char*)enToken1));
+		memset(sharedKey, 0, strlen((char*)sharedKey));
+		memset(enToken2, 0, strlen((char*)enToken2));
+		memset(retHash, 0, strlen((char*)retHash));
+
+		memcpy(enToken1, enToken1_acs, enToken1_acs_len);
+		memcpy(sharedKey, sharedKey_acs, sharedKey_acs_len);
+		memcpy(enToken2, enToken2_acs, enToken2_acs_len);
+		memcpy(retHash, hash_acs, hash_acs_len);
+
+		delete enToken1_acs;
+		delete sharedKey_acs;
+		delete enToken2_acs;
+		delete hash_acs;
+
+	}
+
+	BYTE enToken[512 + 16] = { 0 };
+	memcpy(enToken, enToken1, 256);
+	memcpy(enToken + 256, enToken2, 256);
+	memcpy(enToken + 512, sharedKey, 16);
+	
+	
+	BYTE sm3[32] = { 0 };
+	if (!SM3Hash(enToken, 512 + 16, sm3)) {
+		Dbg("SM3 Hash error at Token Ret.");
+	}
+ 	if (memcmp(sm3, retHash, 32) != 0)
+	{
+		rc = Error_Bug;
+		pEntity->SetAuthErrMsg("返回令牌校验不通过");
+		pEntity->GetFunction()->SetSysVar("AuthErrMsg", "返回令牌校验不通过", true);
+		char* sm3Ret = Str2Hex((char *)sm3, 32);
+		Dbg("sm3Ret=%s", (char*)sm3Ret);
+		delete sm3Ret;
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_TOKEN_HASH,
+			GetOutPutStr("%s%s", "Hash", "返回令牌校验不通过").c_str(),true);
+	}
+	else
+	{
+		CBlob token;
+		token.Alloc(512);
+		memcpy(token.m_pData, enToken, 512);
+
+		CBlob sharedSK;
+		sharedSK.Alloc(16);
+		memcpy(sharedSK.m_pData, sharedKey, 16);
+		rc = pEntity->SaveTokenAndSharedSK(token, sharedSK);
+		if (rc != Error_Succeed)
+		{
+			pEntity->SetAuthErrMsg("保存令牌失败");
+			pEntity->GetFunction()->SetSysVar("AuthErrMsg", "保存令牌失败", true);
+			pEntity->SetAuthErrMsg("保存令牌失败");
+			m_pFSM->doWarnMsg(ERR_ACCESSAUTH_SAVE_TOKEN,
+				GetOutPutStr("%s%08X", "SaveTokenAndSharedSK", rc).c_str(),true);
+		}
+	}
+
+	return rc;
+}
+DWORD CAccessAuthConn::GetEncTerminalInfo(CBlob& encInfo) {
+	LOG_FUNCTION();
+	RequestTokenReq1 req1;
+	memset(&req1, 0, sizeof(req1));
+	BYTE* pBuf = (BYTE*)& req1.encTerminalInfo;
+
+	// 设置长度
+	sprintf((char*)pBuf, "%.4d", sizeof(RequestTokenInfo));
+
+	RequestTokenInfo* pInfo = (RequestTokenInfo*)(pBuf + 4);
+
+	CSystemStaticInfo si;
+	m_pEntity->GetFunction()->GetSystemStaticInfo(si);
+	strncpy(pInfo->szTerminalNo, (const char*)si.strTerminalID, sizeof(pInfo->szTerminalNo) - 1);
+
+	CSimpleStringA strPinPadID = "", strDeviceID = "";
+	bool bHasPinPad = false;
+	int nRet = ((CAccessAuthEntity*)m_pEntity)->GetPinPadIDAndDeviceID(strPinPadID, strDeviceID, bHasPinPad);
+	Dbg("GetPinPadIDAndDeviceID ret: %d, PinPadID: %s, DeviceID: %s", nRet, (const char*)strPinPadID, (const char*)strDeviceID);
+	if (nRet == 2 || nRet == 3){
+		strncpy(pInfo->szPadDeviceID, (const char*)strDeviceID, sizeof(pInfo->szPadDeviceID) - 1);
+	}
+		
+	strncpy(pInfo->szMachineType, (const char*)si.strMachineType, sizeof(pInfo->szMachineType) - 1);
+
+	// 设备版本，低两位为小版本号，高两位为大版本号 Binary	4
+	DWORD ver32 = si.MachineVersion.GetVersion32();
+	for (int i = 0; i < 4; i++) {
+		pInfo->machineVersion[3 - i] = ((BYTE*)& ver32)[i];
+	}
+
+	//	安装版本，其中包含软件框架版本	binary	8
+	__int64 ver64 = si.InstallVersion.GetVersion64();
+	for (int i = 0; i < 8; i++){
+		pInfo->installVersion[7 - i] = ((BYTE*)& ver64)[i];
+	}
+#ifdef RVC_OS_WIN	
+	hostent* ent = gethostbyname(NULL);
+	if (ent && ent->h_addr_list[0] != NULL)
+	{
+		int i = 0;
+		for (; ent->h_addr_list[i] != NULL; ++i)
+		{
+			struct in_addr* in = (struct in_addr*)ent->h_addr_list[i];
+			if (in->S_un.S_un_b.s_b1 == 99 || in->S_un.S_un_b.s_b1 == 10)
+				break;
+		}
+
+		if (ent->h_addr_list[i] == NULL)
+			i = 0;
+
+		auto in = (struct in_addr*)ent->h_addr_list[i];
+
+		pInfo->ip[0] = in->S_un.S_un_b.s_b1;
+		pInfo->ip[1] = in->S_un.S_un_b.s_b2;
+		pInfo->ip[2] = in->S_un.S_un_b.s_b3;
+		pInfo->ip[3] = in->S_un.S_un_b.s_b4;
+		Dbg("ip:%d.%d.%d.%d", pInfo->ip[0], pInfo->ip[1], pInfo->ip[2], pInfo->ip[3]);
+	}
+#else
+	char ip[32] = { 0 };
+	if (getIPFromLinux(ip)) Dbg("Get IP From Linux Error ex.");
+	else {
+		if (ip2byte(ip, pInfo->ip)) Dbg("Ip 2 Byte Error");
+		else {
+			for (int i = 0; i < 4; i++) {
+				Dbg("ip[%d]=%d", i, (int)pInfo->ip[i]);
+			}
+		}
+	}
+#endif //#ifdef RVC_OS_WIN
+	strncpy(pInfo->szSites, si.strSite, sizeof(pInfo->szSites) - 1);
+
+	si.EnrolGPS.GetBinaryLongitude(&pInfo->currentGPS[0]);
+	si.EnrolGPS.GetBinaryLatitude(&pInfo->currentGPS[4]);
+
+	CSimpleStringA ts;
+	DWORD rc = m_pEntity->GetFunction()->GetSysVar("TerminalStage", ts);
+	if (rc != Error_Succeed)
+	{
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_SYS_VAR,
+			GetOutPutStr("%s%08X%s%s", "GetSysVar", rc, "TerminalStage", ts).c_str());
+		return ERR_ACCESSAUTH_GET_SYS_VAR;
+	}
+	assert(ts.GetLength() >= 1);
+	pInfo->chTerminalState = ts[0];
+
+	CSimpleStringA rs;
+	rc = m_pEntity->GetFunction()->GetSysVar("RunState", rs);
+	if (rc != Error_Succeed)
+	{
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_SYS_VAR,
+			GetOutPutStr("%s%08X%s%s", "GetSysVar", rc, "RunState", rs).c_str());
+		return ERR_ACCESSAUTH_GET_SYS_VAR;
+	}
+	assert(rs.GetLength() >= 1);
+	pInfo->chRunState = rs[0];
+
+
+	CBlob raw;
+	auto pEntity = ((CAccessAuthEntity*)m_pEntity);
+	if (pEntity->GetAuthVersion() == 2)
+	{
+		// 使用会话密钥加密
+		Dbg("使用会话密钥加密。。。");
+		raw.Refer(pBuf, sizeof(RequestTokenInfo) + 4);
+		rc = pEntity->EncryptDataWithSessionKey(raw, encInfo);
+	}
+	else
+	{
+		//后续基本废弃
+		Dbg("使用密码键盘加密。。。");
+		raw.Refer(pBuf, sizeof(req1.encTerminalInfo));
+		rc = pEntity->EncryptDataWithPinPad(raw, encInfo);
+	}
+	if (rc != Error_Succeed)
+	{
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_ENCRYPT_KEY,
+			GetOutPutStr("%s%08X", "CryptEncrypt", rc).c_str());
+		return ERR_ACCESSAUTH_ENCRYPT_KEY;
+	}
+	return Error_Succeed;
+}
+//密钥加密并转成可见字符
+DWORD CAccessAuthConn::GetTmk(string &tmk) {
+	BYTE tmp[140];
+	CBlob pubKey;
+	CBlob priKey;
+	DWORD rc = ((CAccessAuthEntity*)m_pEntity)->CreateSM2KeyPair(pubKey, priKey);
+	if (rc != Error_Succeed) return rc;
+	rc = ((CAccessAuthEntity*)m_pEntity)->SaveSM2KeyPair(pubKey, priKey);
+	if (rc != Error_Succeed) return rc;
+	memset(tmp, 0, sizeof(tmp));
+	if (pubKey.m_iLength > 70) {
+		Dbg("临时公钥长度(%d)大于70。。。", pubKey.m_iLength);
+		return Error_TooSmallBuffer;
+	}
+	memcpy_s(tmp, sizeof(tmp) - 70, pubKey.m_pData, pubKey.m_iLength);
+	if (priKey.m_iLength > 70) {
+		Dbg("临时私钥长度(%d)大于70。。。", priKey.m_iLength);
+		return Error_TooSmallBuffer;
+	}
+	memcpy_s(&tmp[70], sizeof(tmp) - 70, priKey.m_pData, priKey.m_iLength);
+	//CBlob raw, enc;
+	//auto pEntity = ((CAccessAuthEntity*)m_pEntity);
+	// 使用会话密钥加密
+	//Dbg("使用会话密钥加密。。。");
+	//raw.Refer(tmp, 140);
+	//rc = pEntity->EncryptDataWithSessionKey(raw, enc);
+	//if (rc != Error_Succeed) return rc;
+	//char *ret = MyBase64::Str2Hex((char*)enc.m_pData, enc.m_iLength);
+	//Dbg("data=%s,%d", ret, enc.m_iLength);
+	char *pRet = new char[512];
+	HexBuf2StrBuf(tmp, &pRet, 140);
+	Dbg("data=%s,%d", pRet, strlen(pRet));
+	tmk.assign(pRet);
+	delete[] pRet;
+	
+	return Error_Succeed;
+}
+DWORD CAccessAuthConn::GetModalInfo(BYTE** pDevInfo, int & nDevEntityCount) {
+
+	// 获取硬件信息
+	CAutoArray<CSimpleStringA> devNames;
+	DWORD rc = GetAllDevices(m_pEntity, devNames);
+	if (rc != Error_Succeed)
+	{
+		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("从root.ini获取终端设备信息失败");
+		CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
+		spFunction->SetSysVar("AuthErrMsg", "从root.ini获取终端设备信息失败", true);
+
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE,
+			GetOutPutStr("%s%08X", "SpGetAllDevices", rc).c_str());
+
+		return ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE;
+	}
+	
+	nDevEntityCount = devNames.GetCount();
+	if (nDevEntityCount > 0)
+	{
+		
+		int nBufLen = nDevEntityCount * sizeof(RequestTokenReq2);
+		*pDevInfo = new BYTE[nBufLen];
+		memset(*pDevInfo, 0, nBufLen);
+		
+		RequestTokenReq2* pTmp = (RequestTokenReq2*)*pDevInfo;
+
+		for (int i = 0; i < nDevEntityCount; i++)
+		{
+			CSimpleStringA strVersion, strModel, strVendor;
+			rc = GetDeviceInfo(m_pEntity, devNames[i], strModel, strVendor, strVersion);
+			if (rc == Error_Succeed)
+			{
+				strncpy(pTmp->szType, (const char*)devNames[i], sizeof(pTmp->szType) - 1);
+				strncpy(pTmp->szModal, (const char*)strModel, sizeof(pTmp->szModal) - 1);
+				strncpy(pTmp->szFactory, (const char*)strVendor, sizeof(pTmp->szFactory) - 1);
+
+				if (strVersion.GetLength() > 0)
+				{
+					CAutoArray<CSimpleStringA> arr = strVersion.Split('.');
+					for (int i = 0; i < 4 && i < arr.GetCount(); i++)
+					{
+						WORD w = (WORD)atoi(arr[i]);
+						((BYTE*)pTmp->version)[i * 2] = (w >> 8) & 0xFF;
+						((BYTE*)pTmp->version)[i * 2 + 1] = w & 0xFF;
+					}
+				}
+			}
+
+			pTmp++;
+		}
+		//delete pDevInfo
+	}
+	return Error_Succeed;
+}
+DWORD CAccessAuthConn::GetTokenReq(CAccessAuthGetTokenReq* getTokenReq)
+{
+	DWORD rc;
+	auto pEntity = (CAccessAuthEntity*)m_pEntity;
+
+	CSystemStaticInfo si;
+	pEntity->GetFunction()->GetSystemStaticInfo(si);
+
+	BYTE fingerPrint[32] = { 0 };
+	int nBufLen = sizeof(fingerPrint);
+	if (!pEntity->GetTerminalFingerPrint(fingerPrint, nBufLen))
+	{
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
+			GetOutPutStr("%s%s", "GetTerminalFingerPrint", "False").c_str());
+		return ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT;
+	}
+	char tmp[256] = { 0 };
+	char* fingerPrintHex = Str2Hex((char*)(fingerPrint + 16), 16);
+	memcpy(tmp, fingerPrintHex, 32);
+	delete fingerPrintHex;
+
+	getTokenReq->TOKEN_R0.fingerPrintSM = tmp;
+	getTokenReq->TOKEN_R0.isFirst = pEntity->GetOrSetIsFirstSM(0);
+	getTokenReq->TOKEN_R0.isSM = 1;
+
+	CBlob encInfo;
+	if ((rc = GetEncTerminalInfo(encInfo)) != Error_Succeed)
+	{
+		Dbg("GetEncTerminalInfo failed:%d",rc);
+		return rc;
+	}
+	char *pTmp =Str2Hex((char*)encInfo.m_pData , encInfo.m_iLength);
+	getTokenReq->TOKEN_R1.encTerminalInfo = pTmp;
+	delete pTmp;
+	getTokenReq->TOKEN_R1.terminalNo = si.strTerminalID.GetData();
+	string tmpStr = "";
+	if ((rc = GetTmk(tmpStr)) != Error_Succeed) return rc;
+	getTokenReq->TOKEN_R1.TPK = tmpStr;
+
+	int nDevEntityCount = 0;
+	BYTE* pDevInfo = NULL;
+	if ((rc = GetModalInfo(&pDevInfo, nDevEntityCount)) != Error_Succeed) return rc;
+	else if (pDevInfo == NULL) {
+		Dbg("pDexInfo is NULL.");
+	}
+	else {
+		Dbg("GetModalInfo succ.");
+	}
+	if (nDevEntityCount > 0 && pDevInfo != NULL) {
+		RequestTokenReq2* R2Array = (RequestTokenReq2*)pDevInfo;
+		for (int i = 0; i < nDevEntityCount; i++) {
+			Dbg("szFactory=%s", R2Array->szFactory);
+			getTokenReq->TOKEN_R2[i]->factory = R2Array->szFactory;
+			getTokenReq->TOKEN_R2[i]->modal = R2Array->szModal;
+			getTokenReq->TOKEN_R2[i]->type = R2Array->szType;
+			getTokenReq->TOKEN_R2[i]->versoin =(char*) R2Array->version;
+			R2Array++;
+		}
+		delete pDevInfo;
+	}
+	memset(tmp, 0, sizeof(tmp));
+
+	fingerPrintHex = Str2Hex((char*)(fingerPrint), 16);
+	memcpy(tmp, fingerPrintHex, 32);
+	delete fingerPrintHex;
+
+	getTokenReq->TOKEN_R3.authVersion = pEntity->GetAuthVersion();
+	getTokenReq->TOKEN_R3.fingerPrint = tmp;
+	getTokenReq->TOKEN_R3.kmcSyncFlag = "";
+	memset(tmp, 0, sizeof(tmp));
+	int publicKeyLen = sizeof(tmp);
+	if (!pEntity->GetTerminalPublicKey((BYTE*) tmp, publicKeyLen))
+	{
+		m_pFSM->doWarnMsg(ERR_ACCESSAUTH_GET_TERMINAL_PUBKEY,
+			GetOutPutStr("%s%s", "GetTerminalPublicKey", "False").c_str());
+		return ERR_ACCESSAUTH_GET_TERMINAL_PUBKEY;
+	}
+	Dbg("publicKeyLen=%d",publicKeyLen);
+	char* retKey = Str2Hex(tmp, publicKeyLen);
+	getTokenReq->TOKEN_R3.publicKey.assign(retKey);
+	delete retKey;
+	getTokenReq->TOKEN_R3.reserved = "";
+	getTokenReq->TOKEN_R3.signCertHash = "";
+	getTokenReq->TOKEN_R3.uKeyRootHash ="";
+
+	CSimpleStringA strPinPadID = "", strDeviceID = "";
+	bool bHasPinPad = false;
+	int nRet = ((CAccessAuthEntity*)m_pEntity)->GetPinPadIDAndDeviceID(strPinPadID, strDeviceID,bHasPinPad);
+	getTokenReq->TOKEN_R4.pinPadID = strPinPadID.GetData();
+	getTokenReq->TOKEN_R4.reserved = "";
+	if (pEntity->HasPinPad())
+	{
+		getTokenReq->TOKEN_R5.existPinPad = 1;
+	}
+	else
+	{
+		getTokenReq->TOKEN_R5.existPinPad = 0;
+	}
+	return rc;
+}
+DWORD CAccessAuthConn::GetDeviceInfo(CEntityBase* pCallerEntity, const CSimpleStringA& devDeviceName,
+	CSimpleStringA& strModel, CSimpleStringA& strVendor, CSimpleStringA& strVersion)
+{
+	CSmartPointer<IConfigInfo> pConfig;
+	DWORD rc = pCallerEntity->GetFunction()->OpenConfig(Config_Root, pConfig);
+	if (rc == Error_Succeed)
+	{
+		CSimpleStringA strSection = CSimpleStringA("Device.") + devDeviceName;
+
+		pConfig->ReadConfigValue(strSection, "Vendor", strVendor);
+		pConfig->ReadConfigValue(strSection, "Version", strVersion);
+
+		strModel = devDeviceName;
+		if (!strVendor.IsNullOrEmpty())
+		{
+			strModel += ".";
+			strModel += strVendor;
+		}
+
+		if (!strVersion.IsNullOrEmpty())
+		{
+			strModel += ".";
+			strModel += strVersion;
+		}
+	}
+
+	return rc;
+}
+DWORD CAccessAuthConn::GetAllDevices(CEntityBase* pEntity, CAutoArray<CSimpleStringA>& devs)
+{
+	CSmartPointer<IConfigInfo> pConfig;
+	DWORD rc = pEntity->GetFunction()->OpenConfig(Config_Root, pConfig);
+	if (rc == Error_Succeed)
+	{
+		int nCount(0);
+		rc = pConfig->ReadConfigValueInt("Device", "Number", nCount);
+		Dbg("nCount=%d", nCount);
+		if (rc == Error_Succeed && nCount > 0)
+		{
+			devs.Init(nCount);
+
+			for (int i = 0; i < nCount; i++)
+			{
+				CSimpleStringA str = CSimpleStringA::Format("%d", i + 1);
+				rc = pConfig->ReadConfigValue("Device", (const char*)str, devs[i]);
+			}
+		}
+	}
+	else {
+		Dbg("GetAllDevices OpenConfig error");
+	}
 	return rc;
 }

Module/mod_accessauth/AccessAuthConn.h

@@ -3,6 +3,8 @@
 
 #include "SpSecureClient.h"
 #include "AccessAuthorization_def_g.h"
+#include "IHttpFunc.h"
+#include "publicFunExport.h"
 using namespace AccessAuthorization;
 
 #pragma pack(1)
@@ -106,7 +108,8 @@ struct RequestTokenReq3
 struct RequestTokenReq4
 {
 	char szPinPadID[32];				// PinPadID
-	BYTE Reserved[256];
+	char terminalNo[16];
+	BYTE Reserved[240];
 };
 
 // 请求TOKEN附加信息： 密码键盘是否存在
@@ -178,12 +181,18 @@ struct SyncTimeAns
 	BYTE byReserved[64];		// 保留字段
 };
 
+
+struct InitDeviceReq0
+{
+	int isSM;
+};
+
 // 外设加密握手包
 //[StructName("InitDevR")]
 struct InitDeviceReq
 {
-	char CR1[256];
-	char CR3[256];
+	char vtmCR1[256];
+	char vtmCR3[256];
 	char R2[64];
 	char CDevPubKey[360];
 	char Verdor[64];				// @20170124: 厂商名称：nantian(南天); yotap(skyui)
@@ -230,6 +239,7 @@ struct CheckMD5Req
 #pragma pack()
 
 class CAccessAuthFSM;
+class CAccessAuthGetTokenReq;
 class CAccessAuthConn : public SpSecureClient
 {
 public:
@@ -272,9 +282,20 @@ private:
 	bool GetSpBaseSignCertHash(CSimpleStringA &strHash);
 	bool GetUKeyRootCertHash(CSimpleStringA &strHash);
 	bool Sha1Hash(BYTE *pData, int nDataLen, BYTE hash[20]);
-
+	
+public:
+	DWORD HandleTimeSyn(int nTimeDiff, BYTE nAuthVersion, BYTE* nSessionKey);
+	DWORD HandleLockState(int nState);
+	DWORD HandleGetToken(BYTE* token, BYTE* sharedKey, BYTE* token2, BYTE* retHash);
+	DWORD GetEncTerminalInfo(CBlob& encInfo);
+	DWORD GetTmk(string &tmk);
+	DWORD GetModalInfo(BYTE ** pDevInfo, int &nDevEntityCount);
+	DWORD GetTokenReq(CAccessAuthGetTokenReq* getTokenReq);
+	DWORD GetDeviceInfo(CEntityBase* pCallerEntity, const CSimpleStringA& devDeviceName,
+		CSimpleStringA& strModel, CSimpleStringA& strVendor, CSimpleStringA& strVersion);
+	DWORD GetAllDevices(CEntityBase* pEntity, CAutoArray<CSimpleStringA>& devs);
+	SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer m_ctxInitDev;
 private:
 	CAccessAuthFSM *m_pFSM;
-	SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer m_ctxInitDev;
 };
 #endif // !__ACCESSAUTHCONN_H

Module/mod_accessauth/AccessAuthFSM.h

@@ -4,8 +4,461 @@
 #include "SpBase.h"
 #include "SpFSM.h"
 #include "Blob.h"
-#include "AccessAuthConn.h"
 #include <mutex>
+#include "EventCode.h"
+#include "AccessAuthConn.h"
+//#include "AccessAuthErrorCode.h"
+
+#include "IHttpFunc.h"
+#include "publicFunExport.h"
+#include <winpr/sysinfo.h>
+static void GetLocalTimeRVC(SYSTEMTIME& stTime)
+{
+	GetLocalTime(&stTime);
+}
+#define ACS_SUCCESS "0"
+#define REFLECTION(var) #var
+#define JUAGEHTTPS(ret) (ret.m_sysCode == 200 || ret.m_sysCode == 201)
+typedef struct CAccessAuthHttpsGateReq : public CHTTPReq {
+
+	string terminal_no;
+	string branch_no;
+	string modular;
+
+	CAccessAuthHttpsGateReq(string terminal, string branch, string module) :
+		terminal_no(terminal),
+		branch_no(branch),
+		modular(module) {
+		//m_url = "https://rvcgateway.paas.cmbchina.cn/api/gray/way";
+	}
+
+	string ToJson() {
+		Dbg("To Json");
+		map<string, string> mapReq;
+		mapReq[REFLECTION(terminal_no)] = terminal_no;
+		Dbg("%s=%s", REFLECTION(terminal_no),terminal_no.c_str());
+		mapReq[REFLECTION(branch_no)] = branch_no;
+		mapReq[REFLECTION(modular)] = modular;
+
+		pair<bool, string> pairRet = generateJsonStr(mapReq);
+
+		if (pairRet.first) return pairRet.second;
+		else return "";
+	}
+} CAccessAuthHttpsGateReq;
+
+typedef struct CAccessAuthHttpsGateRet : public CHTTPRet {
+	bool m_bACS;
+	CAccessAuthHttpsGateRet(): m_bACS(false){}
+	bool Parse(string strData) {
+		Dbg("Parse Json");
+		Dbg("strData=%s", strData.c_str());
+		if (m_userCode.compare("10000")) return false;
+		RVCJson rvcJson;
+		rvcJson.SetJson((char*)strData.c_str());
+		m_bACS = rvcJson.GetBoolValue(REFLECTION(data));
+		rvcJson.Destory();
+		return true;
+	}
+} CAccessAuthHttpsGateRet;
+
+/*
+typedef struct CAccessAuthBaseRet : CHTTPRet {
+	string request;
+	bool success;
+	string code;
+	string message;
+	virtual void Parse(string strData) {
+		RVCJson rvcJson;
+		rvcJson.SetJson((char*)strData.c_str());
+		request = rvcJson.GetStringValue(REFLECTION(request));
+		success = rvcJson.GetBoolValue(REFLECTION(success));
+		code = rvcJson.GetStringValue(REFLECTION(code));
+		message = rvcJson.GetStringValue(REFLECTION(message));
+	}
+} CAccessAuthBaseRet;
+*/
+typedef struct CAccessAuthTimeSynReq : CHTTPReq {
+	string terminalNo;
+	long curTime;
+	string reserved;
+	CAccessAuthTimeSynReq(string terminalNo, long curTime, string reserved = "")
+		: terminalNo(terminalNo), curTime(curTime) {}
+	string ToJson() {
+		RVCJson rvcJson(true);
+		rvcJson.AddStringToObject(REFLECTION(terminalNo),(char*) terminalNo.c_str());
+		rvcJson.AddNumberToObject(REFLECTION(curTime), curTime);
+		rvcJson.AddStringToObject(REFLECTION(reserved),(char*) reserved.c_str());
+		char* tmp = rvcJson.GetJsonStr();
+		rvcJson.Destory();
+		Dbg("req=%s at CAccessAuthTimeSynReq", tmp);
+		string ret;
+		ret.assign(tmp);
+		delete tmp;
+		return ret;
+	}
+} CAccessAuthTimeSynReq;
+
+typedef struct CAccessAuthTimeSynRet : CHTTPRet {
+	struct data {
+		long timeDiff;
+		int authVersion;
+		string sessionKey;
+		string reserved;
+	} data;
+	bool Parse(string strData) {
+		Dbg("ret=%s at CAccessAuthTimeSynRet", strData.c_str());
+		if (m_userCode.compare(ACS_SUCCESS)) return true;
+		RVCJson rvcJson;
+		rvcJson.SetJson(strData.c_str());
+		auto retJson = rvcJson.GetJsonValue(REFLECTION(data));
+			
+		data.timeDiff = retJson->GetNumberValue(REFLECTION(timeDiff));
+		data.authVersion = retJson->GetNumberIntValue(REFLECTION(authVersion));
+		data.sessionKey = retJson->GetStringValue(REFLECTION(sessionKey));
+		char * tmpReserved = retJson->GetStringValue(REFLECTION(reserved));
+		data.reserved = tmpReserved == NULL ? "" : tmpReserved;
+		rvcJson.Destory();
+		retJson->Destory();
+		delete retJson;
+		return true;
+	}
+} CAccessAuthTimeSynRet;
+
+typedef struct CAccessAuthLockStateReq : CHTTPReq {
+	string terminalNo;
+	CAccessAuthLockStateReq(string terminalNo) : terminalNo(terminalNo) {}
+	string ToJson() {
+		RVCJson rvcJson(true);
+		rvcJson.AddStringToObject(REFLECTION(terminalNo),(char*) terminalNo.c_str());
+		string ret;
+		char* tmp = rvcJson.GetJsonStr();
+		ret.assign(tmp);
+		delete tmp;
+		rvcJson.Destory();
+		Dbg("req=%s at CAccessAuthLockStateReq", ret.c_str());
+		return ret;
+	}
+} CAccessAuthLockStateReq;
+
+typedef struct CAccessAuthLockStateRet : CHTTPRet {
+	struct data {
+		string lockState;
+	} data;
+	bool Parse(string strData) {
+		Dbg("ret=%s at CAccessAuthLockStateRet", strData.c_str());
+		if (m_userCode.compare(ACS_SUCCESS)) return true;
+		RVCJson rvcJson;
+		rvcJson.SetJson(strData.c_str());
+		auto retJson = rvcJson.GetJsonValue(REFLECTION(data));
+		data.lockState = retJson->GetStringValue(REFLECTION(lockState));
+		rvcJson.Destory();
+		retJson->Destory();
+		delete retJson;
+		return true;
+	}
+} CAccessAuthLockStateRet;
+
+typedef struct CAccessAuthUpdateWKReq : CHTTPReq {
+	string terminalNo;
+	CAccessAuthUpdateWKReq(string terminalNo) : terminalNo(terminalNo) {}
+	string ToJson() {
+		RVCJson rvcJson(true);
+		rvcJson.AddStringToObject(REFLECTION(terminalNo),(char*) terminalNo.c_str());
+		string ret;
+		char* tmp = rvcJson.GetJsonStr();
+		ret.assign(tmp);
+		delete tmp;
+		rvcJson.Destory();
+		Dbg("req=%s at CAccessAuthUpdateWKReq", ret.c_str());
+		return ret;
+	}
+} CAccessAuthUpdateWKReq;
+
+typedef struct CAccessAuthUpdateWKRet : CHTTPRet {
+	struct data {
+		string TMK;
+		string TPK;
+		string EDK;
+		string index;
+		string reserved;
+	} data;
+	bool Parse(string strData) {
+		Dbg("ret=%s at CAccessAuthUpdateWKRet", strData.c_str());
+		if (m_userCode.compare(ACS_SUCCESS)) return true;
+		RVCJson rvcJson;
+		rvcJson.SetJson((char*)strData.c_str());
+		auto retJson = rvcJson.GetJsonValue(REFLECTION(data));
+		data.TMK = retJson->GetStringValue(REFLECTION(TMK));
+		data.TPK = retJson->GetStringValue(REFLECTION(TPK));
+		data.EDK = retJson->GetStringValue(REFLECTION(EDK));
+		data.index = retJson->GetStringValue(REFLECTION(index));
+		rvcJson.Destory();
+		retJson->Destory();
+		delete retJson;
+		return true;
+	}
+} CAccessAuthUpdateWKRet;
+
+typedef struct CAccessAuthGetTokenReq :public CHTTPReq {
+public:
+	struct TOKEN_R0 {
+		int isSM;
+		int isFirst;
+		string fingerPrintSM;
+	} TOKEN_R0;
+	struct TOKEN_R1 {
+		string terminalNo;
+		string TPK;
+		string encTerminalInfo;
+	} TOKEN_R1;
+	struct TOKEN_R2 {
+		string type;
+		string modal;
+		string factory;
+		string versoin;
+	}**TOKEN_R2;
+	struct TOKEN_R3 {
+		string signCertHash;
+		string uKeyRootHash;
+		int authVersion;
+		string fingerPrint;
+		string publicKey;
+		string kmcSyncFlag;
+		string reserved;
+	} TOKEN_R3;
+	struct TOKEN_R4 {
+		string pinPadID;
+		string reserved;
+	}TOKEN_R4;
+	struct TOKEN_R5 {
+		int existPinPad;
+	} TOKEN_R5;
+	int R2Count;
+	CAccessAuthGetTokenReq(int R2Count) : R2Count(R2Count){
+		TOKEN_R2 = new struct TOKEN_R2 *[R2Count];
+		for (int i = 0; i < R2Count; i++) {
+			TOKEN_R2[i] = new struct TOKEN_R2;
+		}
+	}
+	string ToJson() {
+		RVCJson rvcJson(true);
+		RVCJson *tokenJson[6];
+		for (int i = 0; i < 6; i++){
+			if(i == 2) tokenJson[i] = new RVCJson(false);
+			else tokenJson[i] = new RVCJson(true);
+		}
+		
+		tokenJson[0]->AddStringToObject(REFLECTION(fingerPrintSM),(char*) TOKEN_R0.fingerPrintSM.c_str());
+		tokenJson[0]->AddNumberToObject(REFLECTION(isFirst), TOKEN_R0.isFirst);
+		tokenJson[0]->AddNumberToObject(REFLECTION(isSM), TOKEN_R0.isSM);
+		Dbg("R0=%s",tokenJson[0]->GetJsonStr());
+
+		tokenJson[1]->AddStringToObject(REFLECTION(terminalNo),(char*) TOKEN_R1.terminalNo.c_str());
+		tokenJson[1]->AddStringToObject(REFLECTION(TPK),(char*) TOKEN_R1.TPK.c_str());
+		tokenJson[1]->AddStringToObject(REFLECTION(encTerminalInfo),(char*) TOKEN_R1.encTerminalInfo.c_str());
+		Dbg("R1=%s", tokenJson[1]->GetJsonStr());
+
+		for (int i = 0; i < R2Count; i++) {
+			RVCJson R2Json(true);
+			R2Json.AddStringToObject(REFLECTION(type),(char*) TOKEN_R2[i]->type.c_str());
+			R2Json.AddStringToObject(REFLECTION(modal),(char*) TOKEN_R2[i]->modal.c_str());
+			R2Json.AddStringToObject(REFLECTION(factory),(char*) TOKEN_R2[i]->factory.c_str());
+			R2Json.AddStringToObject(REFLECTION(versoin),(char*) TOKEN_R2[i]->versoin.c_str());
+			Dbg("R_=%s", R2Json.GetJsonStr());
+			tokenJson[2]->AddItemToArray(&R2Json);
+			
+			R2Json.Destory();
+		}
+		Dbg("R2=%s", tokenJson[2]->GetJsonStr());
+
+		tokenJson[3]->AddStringToObject(REFLECTION(signCertHash),(char*) TOKEN_R3.signCertHash.c_str());
+		tokenJson[3]->AddStringToObject(REFLECTION(uKeyRootHash),(char*) TOKEN_R3.uKeyRootHash.c_str());
+		tokenJson[3]->AddNumberToObject(REFLECTION(authVersion), TOKEN_R3.authVersion);
+		tokenJson[3]->AddStringToObject(REFLECTION(fingerPrint),(char*) TOKEN_R3.fingerPrint.c_str());
+		tokenJson[3]->AddStringToObject(REFLECTION(publicKey),(char*) TOKEN_R3.publicKey.c_str());
+		tokenJson[3]->AddStringToObject(REFLECTION(kmcSyncFlag),(char*) TOKEN_R3.kmcSyncFlag.c_str());
+		tokenJson[3]->AddStringToObject(REFLECTION(reserved),(char*) TOKEN_R3.reserved.c_str());
+		Dbg("R3=%s", tokenJson[3]->GetJsonStr());
+		
+
+		tokenJson[4]->AddStringToObject(REFLECTION(pinPadID),(char*) TOKEN_R4.pinPadID.c_str());
+		tokenJson[4]->AddStringToObject(REFLECTION(reserved),(char*) TOKEN_R4.reserved.c_str());
+		Dbg("R4=%s", tokenJson[4]->GetJsonStr());
+
+		tokenJson[5]->AddNumberToObject(REFLECTION(existPinPad),TOKEN_R5.existPinPad);
+		Dbg("R5=%s", tokenJson[5]->GetJsonStr());
+
+		for (int i = 0; i < 6; i++) {
+			string strTmp = int2str(i);
+			strTmp = "TOKEN_R" + strTmp;
+			rvcJson.AddItemToObject(strTmp.c_str(), tokenJson[i]);
+		}
+		char *tmp = rvcJson.GetJsonStr();
+		string ret(tmp);
+		delete tmp;
+		Dbg("req=%s at CAccessAuthGetTokenReq", ret.c_str());
+		for (int i = 0; i < 6; i++) {
+			tokenJson[i]->Destory();
+			delete tokenJson[i];
+		}
+		rvcJson.Destory();
+		return ret;
+	}
+}CAccessAuthGetTokenReq;
+
+typedef struct CAccessAuthGetTokenRet : CHTTPRet {
+	typedef struct AccessToken {
+		string enToken;
+		string retHash;
+	} AccessToken;
+	typedef struct SharedKey {
+		string enToken;
+		string sharedSK;
+		string retHash;
+	} ShareKey;
+	struct data {
+		AccessToken accessToken;
+		SharedKey sharedKey;
+	} data;
+	bool Parse(string strData) {
+		Dbg("ret=%s at CAccessAuthGetTokenRet", strData.c_str());
+		if (m_userCode.compare(ACS_SUCCESS)) return true;
+		RVCJson rvcJson;
+		rvcJson.SetJson(strData.c_str());
+		
+		auto dataJson = rvcJson.GetJsonValue(REFLECTION(data));
+		auto tokenJson = dataJson->GetJsonValue(REFLECTION(accessToken));
+		
+		data.accessToken.enToken = tokenJson->GetStringValue(REFLECTION(enToken));
+		data.accessToken.retHash = tokenJson->GetStringValue(REFLECTION(retHash));
+		tokenJson->Destory();
+		delete tokenJson;
+		
+		auto sharedJson = dataJson->GetJsonValue(REFLECTION(sharedKey));
+		
+		data.sharedKey.enToken = sharedJson->GetStringValue(REFLECTION(enToken));
+		data.sharedKey.sharedSK = sharedJson->GetStringValue(REFLECTION(sharedSK));
+		char* tmp = sharedJson->GetStringValue(REFLECTION(retHash));
+		data.sharedKey.retHash =  tmp == NULL?"":tmp;
+		
+		sharedJson->Destory();
+		delete sharedJson;
+		dataJson->Destory();
+		delete dataJson;
+		
+		rvcJson.Destory();
+		Dbg("leave CAccessAuthGetTokenRet.");
+		return true;
+	}
+} CAccessAuthGetTokenRet;
+
+typedef struct CAccessAuthStageReportReq : CHTTPReq {
+	string terminalNo;
+	string newStage;
+	string ip;
+	string runState;
+	string ToJson() {
+		RVCJson rvcJson(true);
+		rvcJson.AddStringToObject(REFLECTION(terminalNo),(char*) terminalNo.c_str());
+		rvcJson.AddStringToObject(REFLECTION(newStage),(char*) newStage.c_str());
+		rvcJson.AddStringToObject(REFLECTION(ip),(char*) ip.c_str());
+		rvcJson.AddStringToObject(REFLECTION(runState),(char*) runState.c_str());
+		string ret;
+		char* tmp = rvcJson.GetJsonStr();
+		ret.assign(tmp);
+		delete tmp;
+		Dbg("req=%s at CAccessAuthStageReportReq", ret.c_str());
+		return ret;
+	}
+} CAccessAuthStageReportReq;
+
+typedef struct CAccessAuthStageReportRet : CHTTPRet {
+	bool Parse(string strData) {
+		//if (m_userCode.compare(ACS_SUCCESS)) return false;
+		return true;
+	}
+} CAccessAuthStageReportRet;
+
+typedef struct CAccessAuthInitDeviceReq : CHTTPReq {
+	string cr1;
+	string cr3;
+	string r2;
+	string cDevPubKey;
+	string vendor;
+	string terminalNo;
+	string ToJson() {
+		RVCJson rvcJson(true);
+		rvcJson.AddStringToObject(REFLECTION(cr1),(char*) cr1.c_str());
+		rvcJson.AddStringToObject(REFLECTION(cr3),(char*) cr3.c_str());
+		rvcJson.AddStringToObject(REFLECTION(r2),(char*) r2.c_str());
+		rvcJson.AddStringToObject(REFLECTION(cDevPubKey),(char*) cDevPubKey.c_str());
+		rvcJson.AddStringToObject(REFLECTION(vendor),(char*) vendor.c_str());
+		rvcJson.AddStringToObject(REFLECTION(terminalNo), (char*)terminalNo.c_str());
+		string ret;
+		char* tmp = rvcJson.GetJsonStr();
+		ret.assign(tmp);
+		delete tmp;
+		Dbg("req=%s at CAccessAuthInitDeviceReq", ret.c_str());
+		rvcJson.Destory();
+		return ret;
+	}
+} CAccessAuthInitDeviceReq;
+
+typedef struct CAccessAuthInitDeviceRet : CHTTPRet {
+	struct data {
+		string r3;
+		string cr2;
+		string r1;
+	}data;
+	bool Parse(string strData) {
+		Dbg("ret=%s at CAccessAuthInitDeviceRet", strData.c_str());
+		if (m_userCode.compare(ACS_SUCCESS)) return true;
+		RVCJson rvcJson;
+		rvcJson.SetJson((char*)strData.c_str());
+		auto retJson = rvcJson.GetJsonValue(REFLECTION(data));
+		//data.r3 = retJson->GetNumberValue(REFLECTION(r3));
+		data.r3 = retJson->GetStringValue(REFLECTION(r3));
+		//data.cr2 = retJson->GetNumberValue(REFLECTION(cr2));
+		data.cr2 = retJson->GetStringValue(REFLECTION(cr2));
+		//data.r1 = retJson->GetNumberValue(REFLECTION(r1));
+		data.r1 = retJson->GetStringValue(REFLECTION(r1));
+		rvcJson.Destory();
+		return true;
+	}
+} CAccessAuthInitDeviceRet;
+
+typedef struct CAccessAuthExitReq : CHTTPReq {
+	string terminalNo;
+	int triggerReason;
+	int rebootWay;
+	int terminalStage;
+	string ToJson() {
+		RVCJson rvcJson(true);
+		rvcJson.AddStringToObject(REFLECTION(terminalNo),(char*) terminalNo.c_str());
+		rvcJson.AddNumberToObject(REFLECTION(triggerReason),triggerReason);
+		rvcJson.AddNumberToObject(REFLECTION(rebootWay), rebootWay);
+		rvcJson.AddNumberToObject(REFLECTION(terminalStage), terminalStage);
+		string ret;
+		char* tmp = rvcJson.GetJsonStr();
+		ret.assign(tmp);
+		delete tmp;
+		Dbg("req=%s at CAccessAuthExitReq", ret.c_str());
+		return ret;
+	}
+} CAccessAuthExitReq;
+
+typedef struct CAccessAuthExitRet : CHTTPRet {
+	bool Parse(string strData) {
+		if (m_userCode.compare(ACS_SUCCESS)) return true;
+		if (strData.empty()) Dbg("ret is NULL at CAccessAuthExitReq");
+		else {
+			Dbg("ret=%s at CAccessAuthExitReq",strData.c_str());
+		}
+		return true;
+	}
+} CAccessAuthExitRet;
+
 class MyMutex;
 class CAccessAuthFSM : public FSMImpl<CAccessAuthFSM>, public IFSMStateHooker
 {
@@ -51,6 +504,8 @@ public:
 		Event_CheckMD5Succ,
 		Event_CheckMD5Fail,
 		Event_InitFinishOK,
+		Event_GetHsotFailed,
+		Event_NetworkIllegal,
 		Event_SyncTimeFailed  //同步时间失败
 	};
 
@@ -66,9 +521,11 @@ public:
 
 	BEGIN_FSM_RULE(CAccessAuthFSM,s1)
 		FSM_RULE_ENTRY_ANY(s1, s2, Event_StartRegist)
+		FSM_RULE_ENTRY_ANY(s1, s3, Event_GetHsotFailed)
 		//FSM_RULE_ENTRY_ANY(s2, s3, Event_UpdateWKFail)
 		FSM_RULE_ENTRY_ANY(s2, s3, Event_ReqTokenFail)
-		FSM_RULE_ENTRY_ANY(s2, s3, Event_CheckMD5Fail)		
+		FSM_RULE_ENTRY_ANY(s2, s3, Event_CheckMD5Fail)
+		FSM_RULE_ENTRY_ANY(s2, s3, Event_NetworkIllegal)
 		FSM_RULE_ENTRY_ANY(s2, s4, Event_ReqTokenCancel)
 		FSM_RULE_ENTRY_ANY(s2, s5, Event_ReqTokenSucc)
 		FSM_RULE_ENTRY_ANY(s2, s3, Event_SyncTimeFailed)
@@ -114,20 +571,49 @@ public:
 	DWORD InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx);
 	DWORD SyncTime();
 	int m_finishAccess;
-
+	static void HttpsLogCallBack(const char *logtxt);
+	bool m_bAccessACS;
+	CAccessAuthConn* m_pConnection;
+	bool ACSAccessControl();
+	CSimpleStringA GetmGateHost(){ return m_gateHost; }
+	CSimpleStringA GetmAccessAuthHost() { return m_accessAuthHost; }
+	CSimpleStringA GetmInitDeviceHost() { return m_initDeviceHost; }
+	CSimpleStringA GetmTerminalList() { return m_terminalList; }
+	int GetmnExitReason() { return m_nExitReason; }
+	int GetmnExitWay() { return m_nExitWay; }
+	bool DecryptWithSessionKey(BYTE* encText, int encTextLen, BYTE* decTest, int& decTestLen);
+	//oilyang@20210813 add bNeedEvent.
+	//no need to throw event defaultly except the KEY error to call for Close Page
+	void doWarnMsg(int errReason, std::string errMsg, bool bNeedEvent = false,string varMsg = "");
+	int RtsMapToUserCode(const char* pRtsCode,DWORD dwDefaultUserCode = ERR_ACCESSAUTH_UNKOWN);
 private:
+	
 	ErrorCodeEnum SetSysVar(const CSimpleStringA &newVal);
 	ErrorCodeEnum SecureClientConnect();
 	ErrorCodeEnum SecureClientRelease();
 
 	ErrorCodeEnum LoadCenterConfig();
-	CAccessAuthConn *m_pConnection;
+	
+
+	/*True: Legal; False: illegal*/
+	BOOL DetectNetworkLegality();
 
 	int m_nExitReason;
 	int m_nExitWay;
-	int m_nCheckMD5;
+	CSimpleStringA m_gateHost;
+	CSimpleStringA m_accessAuthHost;
+	CSimpleStringA m_initDeviceHost;
+	CSimpleStringA m_terminalList;
 
 	
+
+	ErrorCodeEnum GetIntFromCS(const char* pcSection, const char* pcKey,  int &retInt);
+	ErrorCodeEnum GetStrFromCS(const char* pcSection, const char* pcKey,  CSimpleStringA& retStr);
+
+	vector<string> GetSplitByChar(const char* content, int len, char spl);
+	int m_nCheckMD5;
+	//oilyang@20210813 实际上上次关门页改造应该把这个去掉，已经有了(不）重试(不）重启的模式组合
+	int m_nAccessFailedCount;
 };
 class MyMutex {
 public:

Module/mod_accessauth/CMakeLists.txt

@@ -21,6 +21,8 @@ else()
 	AccessAuthConn.cpp
 	AccessAuthFSM.cpp
 	mod_AccessAuth.cpp
+	access_basefun.h
+	access_basefun.cpp
 	)
 endif(WIN32)
 

Module/mod_accessauth/Event.h

@@ -0,0 +1,9 @@
+enum AccessAuthorization_UserErrorCode {
+	AccessAuthorization_UserErrorCode_Start = 0x50200200,
+	AccessAuthorization_UserErrorCode_GateUrl_NULL,			//灰度配置为空
+	AccessAuthorization_UserErrorCode_AccessAuth_NULL,		//准入配置为空
+	AccessAuthorization_UserErrorCode_InitDev_NULL,			//加密通道配置为空
+	AccessAuthorization_UserErrorCode_ACS_TURE,				//灰度告知准入走总行ACS
+	AccessAuthorization_UserErrorCode_ACS_FALSE,			//访问灰度失败or灰度告知不走ACS
+	AccessAuthorization_UserErrorCode_AuthPath_Change,		//总/分行切换
+};

Module/mod_accessauth/access_basefun.cpp

@@ -0,0 +1,25 @@
+#include "access_basefun.h"
+#include <vector>
+#include <thread>
+#include <chrono>
+int checkErrType(int curEvent)
+{
+	std::vector<int> noretry_norestart_vec = ERRARR_ACCESSAUTH_NORETRY_NORESTART, retry_norestart_vec = ERRARR_ACCESSAUTH_RETRY_NORESTART
+		,retry_restart_vec = ACCESSAUTH_ERR_RETRY_RESTART;
+	auto checkFun = [&](std::vector<int> &cur) -> bool {
+		for(auto i : cur)
+		{
+			if (i == curEvent)
+				return true;
+		}
+		return false;
+	};
+	if (checkFun(noretry_norestart_vec))
+		return CONTROL_ACCESSAUTH_NORETRY_NORESTART;
+	else if (checkFun(retry_norestart_vec))
+		return CONTROL_ACCESSAUTH_RETRY_NORESTART;
+	else if (checkFun(retry_restart_vec))
+		return CONTROL_ACCESSAUTH_RETRY_RESTART;
+	else
+		return CONTROL_ACCESSAUTH_UNKNOWN;
+}

Module/mod_accessauth/access_basefun.h

@@ -0,0 +1,6 @@
+#pragma once
+
+#include "EventCode.h"
+//#include <windows.h>
+
+int checkErrType(int curEvent);

Module/mod_accessauth/mod_AccessAuth.cpp

@@ -3,11 +3,11 @@
 #include "mod_AccessAuth.h"
 #include "RVCComm.h"
 #include "comm.h"
+#include "access_basefun.h"
 #include "DeviceBaseClass.h"
 #include <fileutil.h>
 #include <iniutil.h>
 #include <cmath>
-#include "SpUtility.h"
 #include "TokenKeeper_client_g.h"
 using namespace TokenKeeper;
 
@@ -68,10 +68,23 @@ void CAccessAuthEntity::OnStarted()
 	//设置时区为北京标准时区
 	if (!SetLocalTimeZoneByKeyName("China Standard Time", FALSE))
 	{
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SETTIMEZONE,GetOutPutStr("%s%s","SetLocalTimeZoneByKeyName","False").c_str());
+		
+		m_FSM.doWarnMsg(ERR_ACCESSAUTH_SETTIMEZONE,GetOutPutStr("%s%s","设置时区错误","False").c_str());
 	}
 
 	m_FSM.Init(this);
+	CSimpleStringA strErrMsg;
+	CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
+	memset(&m_info,0, sizeof(CSystemStaticInfo));
+	auto rc = GetFunction()->GetSystemStaticInfo(m_info);
+	if (rc != Error_Succeed)
+	{
+		strErrMsg = "HasPinPad()=>GetSystemStaticInfo() fail";
+		SetAuthErrMsg((const char*)strErrMsg);
+
+		m_FSM.doWarnMsg(ERR_ACCESSAUTH_GET_SYSTEM_STATIC_INFO,
+			GetOutPutStr("%s%08X", "获取系统静态信息错误", rc).c_str(), strErrMsg.GetData());
+	}
 }
 
 void CAccessAuthEntity::OnPreStart(CAutoArray<CSimpleStringA> strArgs,CSmartPointer<ITransactionContext> pTransactionContext) 
@@ -225,7 +238,61 @@ DWORD CAccessAuthEntity::LoadPinPadWK(bool bSM)
   
 	return rc;
 }
+DWORD CAccessAuthEntity::LoadKeysToPinPadNew(string TMK, string TPK, string EDK, string index)
+{
+	LOG_FUNCTION();
+	Dbg("load sm key to pinpad...");
 
+	PinPadService_ClientBase* pPinPad = new PinPadService_ClientBase(this);
+	DWORD rc = pPinPad->Connect();
+	if (rc == Error_Succeed)
+	{
+		PinPadService_LoadKeysSM_Req req = {};
+		req.initializeflag = true;
+		req.smflag = 1;
+
+
+		Dbg("使用云接口获取的KMC密钥");
+		req.masterkey = TMK.c_str();
+		req.workingkey1 = TPK.c_str();
+		req.workingkey2 = EDK.c_str();
+		req.reserved3 = index.c_str();
+
+		if (req.initializeflag) Dbg("initializeflag is true");
+		else Dbg("initializeflag is false");
+		Dbg("req.smflag=%d", req.smflag);
+		Dbg("req.masterkey=%s", req.masterkey.GetData());
+		Dbg("req.workingkey1=%s", req.workingkey1.GetData());
+		Dbg("req.workingkey2=%s", req.workingkey2.GetData());
+		Dbg("req.reserved3=%s", req.reserved3.GetData());
+
+		PinPadService_LoadKeysSM_Ans ans = {};
+		rc = pPinPad->LoadKeysSM(req, ans, 30000);
+		if (rc == Error_Succeed)
+			Dbg("load sm key to pinpad succ");
+		else
+		{
+			SetAuthErrMsg("加载SM密钥到PinPad失败");
+			m_FSM.doWarnMsg(ERR_INITIALIZER_LOAD_KEYS_TO_PINPAD,
+				GetOutPutStr("%s%08x%s%s", "LoadKeys", rc, "strErrMsg", "加载SM密钥到PinPad失败").c_str());
+			
+			rc = ERR_INITIALIZER_LOAD_KEYS_TO_PINPAD;
+		}
+
+		pPinPad->GetFunction()->CloseSession();
+	}
+	else
+	{
+		SetAuthErrMsg("连接PinPad实体失败");
+		m_FSM.doWarnMsg(ERR_INITIALIZER_CONNECT_PINPAD,
+			GetOutPutStr("%s%08x%s%s", "Connect", rc, "strErrMsg", "连接PinPad实体失败").c_str());
+		
+		rc = ERR_INITIALIZER_CONNECT_PINPAD;
+		pPinPad->SafeDelete();
+	}
+
+	return rc;
+}
 // 将16进制字符串转成BYTE数据
 bool CAccessAuthEntity::HexStrToByteArray(const char* pHex, BYTE *pBuf, int *pBufLen)
 {
@@ -326,9 +393,8 @@ DWORD CAccessAuthEntity::EncryptDataWithPinPad(const CBlob &raw, CBlob &enc)
 		{
 			strErrMsg = "调用PinPad实体中的EncryptData方法加密数据失败";
 			SetAuthErrMsg((const char *)strErrMsg);
-			spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_FROM_PINPAD,
-				GetOutPutStr("%s%08x%s%s", "EncryptData", rc, "strErrMsg", (const char*)strErrMsg).c_str());
+			m_FSM.doWarnMsg(ERR_ACCESSAUTH_FROM_PINPAD,
+				GetOutPutStr("%s%08x%s%s", "EncryptData", rc, "strErrMsg", strErrMsg).c_str());
 			rc = ERR_ACCESSAUTH_FROM_PINPAD;
 		}
 
@@ -338,12 +404,12 @@ DWORD CAccessAuthEntity::EncryptDataWithPinPad(const CBlob &raw, CBlob &enc)
 	{
 		strErrMsg = "连接PinPad实体失败";
 		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_CONNECT_PINPAD,
-			GetOutPutStr("%s%08x%s%s", "Connect", rc, "strErrMsg", (const char*)strErrMsg).c_str());
+		m_FSM.doWarnMsg(ERR_ACCESSAUTH_CONNECT_PINPAD,
+			GetOutPutStr("%s%08x%s%s", "Connect", rc, "strErrMsg", strErrMsg).c_str());
 		rc = ERR_ACCESSAUTH_CONNECT_PINPAD;
 		pPinPad->SafeDelete();
 	}
+	
 	if (rc != Error_Succeed)
 		return rc;
 
@@ -355,9 +421,8 @@ DWORD CAccessAuthEntity::EncryptDataWithPinPad(const CBlob &raw, CBlob &enc)
 	{
 		strErrMsg = "加密数据转化十六进制失败";
 		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_HEX_TO_BYTE,
-			GetOutPutStr("%s%s%s%s", "HexStrToByteArray", "False", "strErrMsg", (const char*)strErrMsg).c_str());
+		m_FSM.doWarnMsg(ERR_ACCESSAUTH_HEX_TO_BYTE,
+			GetOutPutStr("%s%s%s%s", "HexStrToByteArray", "False", "strErrMsg", strErrMsg).c_str());
 		return ERR_ACCESSAUTH_HEX_TO_BYTE;
 	}
 
@@ -376,14 +441,13 @@ DWORD CAccessAuthEntity::CreateSM2KeyPair(CBlob &pubKey, CBlob &priKey)
 	priKey.Alloc(nPriKeyLen);
 
 	
-	if (!::CreateSM2KeyPair((BYTE*)pubKey.m_pData, &nPubKeyLen, (BYTE*)priKey.m_pData, &nPriKeyLen))
+	if (!::CreateSM2KeyPair((BYTE*)(pubKey.m_pData), &nPubKeyLen, (BYTE*)(priKey.m_pData), &nPriKeyLen))
 	{
 		SetAuthErrMsg("创建SM2密钥对失败");
 		CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
-		spFunction->SetSysVar("AuthErrMsg", "创建SM2密钥对失败", false);
 		
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_CREATE_RSA_KEY_PAIR,
-			GetOutPutStr("%s%s","CreateRsaKeyPair","False").c_str());
+		m_FSM.doWarnMsg(ERR_ACCESSAUTH_CREATE_RSA_KEY_PAIR,
+			GetOutPutStr("%s%s","CreateRsaKeyPair","False").c_str(), "创建SM2密钥对失败");
 		return ERR_ACCESSAUTH_CREATE_RSA_KEY_PAIR;
 	}
 
@@ -395,6 +459,7 @@ DWORD CAccessAuthEntity::CreateSM2KeyPair(CBlob &pubKey, CBlob &priKey)
 // 保存到令牌管理实体中
 DWORD CAccessAuthEntity::SaveSM2KeyPair(const CBlob &pubKey, const CBlob &priKey)
 {
+	LOG_FUNCTION();
 	CSimpleStringA strErrMsg;
 	CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
 
@@ -404,10 +469,9 @@ DWORD CAccessAuthEntity::SaveSM2KeyPair(const CBlob &pubKey, const CBlob &priKey
 	{
 		strErrMsg = "连接令牌管理实体失败";
 		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
 		rc = ERR_ACCESSAUTH_CONNECT_TOKEN_SERVICE;
-		LogWarn(Severity_Middle, Error_Unexpect, rc,
-			GetOutPutStr("%s%08X%s%s", "Connect", rc,"strErrMsg", (const char*)strErrMsg).c_str());
+		m_FSM.doWarnMsg(rc,
+			GetOutPutStr("%s%08X%s%s", "Connect", rc,"strErrMsg", strErrMsg).c_str());
 		pTokenServiceClient->SafeDelete();
 	}
 	else
@@ -422,20 +486,21 @@ DWORD CAccessAuthEntity::SaveSM2KeyPair(const CBlob &pubKey, const CBlob &priKey
 		{
 			strErrMsg = "保存密钥对失败";
 			SetAuthErrMsg((const char *)strErrMsg);
-			spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
 			rc = ERR_ACCESSAUTH_FROM_TOKEN_SERVICE_SET_KEYS;
-			LogWarn(Severity_Middle, Error_Unexpect, rc,
+			m_FSM.doWarnMsg(rc,
 				GetOutPutStr("%s%08X%s%s", "SetKeyPair", rc,"strErrMsg", (const char*)strErrMsg).c_str());
 		}
 		else
 			Dbg("set sm2 key pair succ");
 	}
 
+	
 	return rc;
 }
 
 ErrorCodeEnum CAccessAuthEntity::SaveTokenAndSharedSK(const CBlob &token, const CBlob &sharedSK)
 {
+	LOG_FUNCTION();
 	CSimpleStringA strErrMsg;
 	CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
 
@@ -444,11 +509,9 @@ ErrorCodeEnum CAccessAuthEntity::SaveTokenAndSharedSK(const CBlob &token, const
 	if (rc != Error_Succeed)
 	{
 		strErrMsg = "连接令牌管理实体失败";
-		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-		
+		SetAuthErrMsg((const char *)strErrMsg);		
 
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_CONNECT_TOKEN_SERVICE,
+		m_FSM.doWarnMsg(ERR_ACCESSAUTH_CONNECT_TOKEN_SERVICE,
 			GetOutPutStr("%s%08X%s%s", "Connect", rc,"strErrMsg", (const char*)strErrMsg).c_str());
 		pTokenServiceClient->SafeDelete();
 	}
@@ -464,10 +527,9 @@ ErrorCodeEnum CAccessAuthEntity::SaveTokenAndSharedSK(const CBlob &token, const
 		{
 			strErrMsg = "保存令牌失败";
 			SetAuthErrMsg((const char *)strErrMsg);
-			spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
 
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_FROM_TOKEN_SERVICE_SET_TOKEN,
-				GetOutPutStr("%s%08X%s%s", "SetToken", rc,"strErrMsg", (const char*)strErrMsg).c_str());
+			m_FSM.doWarnMsg(ERR_ACCESSAUTH_FROM_TOKEN_SERVICE_SET_TOKEN,
+				GetOutPutStr("%s%08X%s%s", "SetToken", rc,"strErrMsg", strErrMsg).c_str());
 		}
 
 		TokenService_SetSharedSK_Req req2 = {};
@@ -480,9 +542,8 @@ ErrorCodeEnum CAccessAuthEntity::SaveTokenAndSharedSK(const CBlob &token, const
 		{
 			strErrMsg = "保存会话密钥失败";
 			SetAuthErrMsg((const char *)strErrMsg);
-			spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
 
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_FROM_TOKEN_SERVICE_SET_SHAREKEY,
+			m_FSM.doWarnMsg(ERR_ACCESSAUTH_FROM_TOKEN_SERVICE_SET_SHAREKEY,
 				GetOutPutStr("%s%08X%s%s", "SetSharedSK", rc,"strErrMsg", (const char*)strErrMsg).c_str());
 		}
 
@@ -496,24 +557,13 @@ bool CAccessAuthEntity::HasPinPad()
 {
 	CSimpleStringA strErrMsg;
 	CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
-	CSystemStaticInfo info;
-
-	auto rc = GetFunction()->GetSystemStaticInfo(info);
-	if (rc != Error_Succeed)
-	{
-		strErrMsg = "HasPinPad()=>GetSystemStaticInfo() fail";
-		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_SYSTEM_STATIC_INFO,
-			GetOutPutStr("%s%08X", "GetSystemStaticInfo", rc).c_str());
-		return true;
-	}
-	if (info.strMachineType.IsStartWith("RPM", true) || info.strMachineType.IsStartWith("RVC.CardStore", true) || info.strMachineType.IsStartWith("RVC.IL", true))		// 回单打印机、简化版
+	//oilyang@20210514 
+	if (!IsMachineTypeConfigurePinPad(m_info.strMachineType))
 	{
-		Dbg("MachineType[%s], not exist pinpad", info.strMachineType);
+		Dbg("MachineType[%s], not exist pinpad", m_info.strMachineType);
 		return false;
 	}
-	else if (stricmp(info.strMachineType, "RVC.PAD") == 0)		// Pad机型
+	else if (stricmp(m_info.strMachineType, "RVC.PAD") == 0)		// Pad机型
 	{
 		// 根据PinPad实体状态确定是否连接密码键盘
 		bool bPinPadExist = false;
@@ -522,10 +572,9 @@ bool CAccessAuthEntity::HasPinPad()
 		if (pPinPadClient->Connect() != Error_Succeed)
 		{
 			Dbg("connect PinPad fail, assume no pinpad");
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_CONNECT_PINPAD,
-				GetOutPutStr("%s%s", "Connect", "False").c_str());
+			m_FSM.doWarnMsg(ERR_ACCESSAUTH_CONNECT_PINPAD,
+				GetOutPutStr("%s%s", "连接pinpad错误", "False").c_str());
 			pPinPadClient->SafeDelete();
-			pPinPadClient = NULL;
 		}
 		else
 		{
@@ -537,9 +586,9 @@ bool CAccessAuthEntity::HasPinPad()
 			{
 				strErrMsg = "PinPad::GetDevInfo() fail";
 				SetAuthErrMsg((const char *)strErrMsg);
-				spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-				LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_FROM_PINPAD,
-					GetOutPutStr("%s%08X", "GetDevInfo", rc).c_str());
+				
+				m_FSM.doWarnMsg(ERR_ACCESSAUTH_FROM_PINPAD,
+					GetOutPutStr("%s%08X", "来自pinpad的错误", rc).c_str(), strErrMsg.GetData());
 			}
 			else
 			{
@@ -550,6 +599,7 @@ bool CAccessAuthEntity::HasPinPad()
 			pPinPadClient->GetFunction()->CloseSession();
 		}
 
+		pPinPadClient = NULL;
 		return bPinPadExist;
 	}
 	else
@@ -564,6 +614,8 @@ bool CAccessAuthEntity::HasPinPad()
 int CAccessAuthEntity::GetPinPadCapability()
 {
 	int nCapability = 0;
+	if (!IsMachineTypeConfigurePinPad(m_info.strMachineType))
+		return nCapability;
 
 	PinPadService_ClientBase *pPinPad = new PinPadService_ClientBase(this);
 	auto rc = pPinPad->Connect();
@@ -582,9 +634,8 @@ int CAccessAuthEntity::GetPinPadCapability()
 		{
 			SetAuthErrMsg("从PinPad获取主密钥类型失败");
 			CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
-			spFunction->SetSysVar("AuthErrMsg", "从PinPad获取主密钥类型失败", false);
 
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_FROM_PINPAD,
+			m_FSM.doWarnMsg(ERR_ACCESSAUTH_FROM_PINPAD,
 				GetOutPutStr("%s%s%s%s", "QueryFunc", "False", "AuthErrMsg", "从PinPad获取主密钥类型失败").c_str());
 		}
 
@@ -594,9 +645,8 @@ int CAccessAuthEntity::GetPinPadCapability()
 	{
 		SetAuthErrMsg("连接PinPad实体失败");
 		CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
-		spFunction->SetSysVar("AuthErrMsg", "连接PinPad实体失败", false);
 	
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_CONNECT_PINPAD,
+		m_FSM.doWarnMsg(ERR_ACCESSAUTH_CONNECT_PINPAD,
 			GetOutPutStr("%s%08X%s%s", "Connect", rc,"AuthErrMsg", "连接PinPad实体失败").c_str());
 		pPinPad->SafeDelete();
 	}
@@ -607,8 +657,8 @@ int CAccessAuthEntity::GetPinPadCapability()
 void CAccessAuthEntity::printPasswdError(){
 	string strErrMsg = "密钥集丢失，请重新初始化密钥!";
 	SetAuthErrMsg(strErrMsg.c_str());
-	GetFunction()->SetSysVar("AuthErrMsg", strErrMsg.c_str(), false);
-	LogError(Severity_Low, Error_Unexpect, ERROR_ACCESSAUTH_OPENCRYPTCONTEXT, strErrMsg.c_str());
+	GetFunction()->SetSysVar("AuthErrMsg", strErrMsg.c_str(), true);
+	m_FSM.doWarnMsg( ERROR_ACCESSAUTH_OPENCRYPTCONTEXT, strErrMsg.c_str(),false, strErrMsg);
 }
 int Char2Int(char * ch) {
 	int num = 0;
@@ -817,8 +867,8 @@ bool CAccessAuthEntity::GetTerminalFingerPrint(BYTE *pBuf, int &nBufLen)
 	{
 		strErrMsg = CSimpleStringA::Format("查询CPU ID失败，请重启机器并重新初始化");
 		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
+		
+		m_FSM.doWarnMsg(ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
 			GetOutPutStr("%s%s", "Processor", "False").c_str());
 		return false;
 	}
@@ -837,8 +887,8 @@ bool CAccessAuthEntity::GetTerminalFingerPrint(BYTE *pBuf, int &nBufLen)
 	{
 		strErrMsg = CSimpleStringA::Format("查询主板序列号失败,  请重启机器并重新初始化");
 		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
+		
+		m_FSM.doWarnMsg(ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
 			GetOutPutStr("%s%s", "BaseBoard", "False").c_str());
 		return false;
 	}
@@ -860,8 +910,8 @@ bool CAccessAuthEntity::GetTerminalFingerPrint(BYTE *pBuf, int &nBufLen)
 		Dbg("get_disk_serial_by_system errCode:%d", errCode);
 		strErrMsg = CSimpleStringA::Format("查询磁盘序列号失败, 请重启机器并重新初始化");
 		SetAuthErrMsg((const char*)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char*)strErrMsg, false);
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_GET_DISKDRIVE_ID,
+		
+		m_FSM.doWarnMsg(ERR_INITIALIZER_GET_DISKDRIVE_ID,
 			GetOutPutStr("%s%s", "DiskDrive", "False").c_str());
 		return false;
 	}
@@ -887,14 +937,15 @@ bool CAccessAuthEntity::GetTerminalFingerPrint(BYTE *pBuf, int &nBufLen)
 	{
 		strErrMsg = "get sm3 hash as fingerprint fail";
 		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-		LogError(Severity_Low, Error_Unexpect, ERROR_ACCESSAUTH_GETSM3HASH, (const char *)strErrMsg);
+		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, true);
+		m_FSM.doWarnMsg(ERROR_ACCESSAUTH_GETSM3HASH, (const char *)strErrMsg);
 		return false;
 	}
 
 	if (nBufLen < 32)
 	{
-		LogError(Severity_Low, Error_Unexpect, ERROR_ACCESSAUTH_GETSM3HASH, "buf len is too small fail");
+		//Dbg("buf len is too small");
+		m_FSM.doWarnMsg(ERROR_ACCESSAUTH_GETSM3HASH, "buf len is too small fail");
 		return false;
 	}
 
@@ -907,6 +958,8 @@ bool CAccessAuthEntity::GetTerminalFingerPrint(BYTE *pBuf, int &nBufLen)
 	return true;
 }
 
+
+
 // 生成SM2密钥对，并导出公钥
 bool CAccessAuthEntity::GetTerminalPublicKey(BYTE *pBuf, int &nBufLen)
 {
@@ -941,55 +994,22 @@ bool CAccessAuthEntity::GetTerminalPublicKey(BYTE *pBuf, int &nBufLen)
 	return true;
 }
 
-void CAccessAuthEntity::SetAuthErrMsg(const char* pszErrMsg)
-{
-#if defined(RVC_OS_WIN)
-    m_strAuthErrMsg = pszErrMsg;
-#else
-    std::string str = SP::Utility::GBK2UTF8(pszErrMsg);
-    m_strAuthErrMsg = str.c_str();
-#endif //RVC_OS_WIN
-}
-
-void CAccessAuthEntity::WarnAuthErrMsg(DWORD dwSrvCode, DWORD dwSysCode, const std::string& strErrMsg, bool setSysVar)
-{
-    const std::string errStr = SP::Utility::GBK2UTF8(strErrMsg);
-    if (setSysVar) {
-        GetFunction()->SetSysVar("AuthErrMsg", errStr.c_str(), false);
-    }
-    LogWarn(Severity_Middle, Error_Unexpect, dwSysCode,
-            GetOutPutStr("%s%08X%s%s", "GetErrMsg", dwSrvCode, "AuthErrMsg", errStr.c_str()).c_str());
-}
-
 DWORD CAccessAuthEntity::InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx)
 {
 	return m_FSM.InitDevice(ctx);
 }
 
+//oilyang@20210510 嵌入"bool CAccessAuthEntity::HasPinPad()"的逻辑
 // 返回1：只有PinPadID；2：只有DeviceID；3：两者都有；0：没有；-1表示失败
-int CAccessAuthEntity::GetPinPadIDAndDeviceID(CSimpleStringA &strPinPadID, CSimpleStringA &strDeviceID)
+int CAccessAuthEntity::GetPinPadIDAndDeviceID(CSimpleStringA &strPinPadID, CSimpleStringA &strDeviceID, bool& bHasPinPad)
 {
+	bHasPinPad = false;
 	CSimpleStringA strErrMsg;
 	CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
-	CSystemStaticInfo info;
-	auto rc = GetFunction()->GetSystemStaticInfo(info);
-	if (rc != Error_Succeed)
-	{
-		strErrMsg = "获取系统静态信息（GetPinPadIDAndDeviceID）失败";
-		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-		
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_SYSTEM_STATIC_INFO,
-			GetOutPutStr("%s%08X", "GetSystemStaticInfo", rc).c_str());
-		return -1;
-	}
 
-	if (info.strMachineType.IsStartWith("RPM", true)
-		|| info.strMachineType.IsStartWith("RVC.CardStore", true)
-		|| info.strMachineType.IsStartWith("RVC.IL", true))		// 回单打印机、简化版
-	{
+	//oilyang@20210514 
+	if (!IsMachineTypeConfigurePinPad(m_info.strMachineType))
 		return 0;
-	}
 
 	int nRet = -1;
 	auto pPinPadClient = new PinPadService_ClientBase(this);
@@ -1001,9 +1021,9 @@ int CAccessAuthEntity::GetPinPadIDAndDeviceID(CSimpleStringA &strPinPadID, CSimp
 	CSimpleStringA strBluetoothID;
 	CSimpleStringA strPID;
 	CSimpleStringA strMID;
-
-	rc = pPinPadClient->Connect();
-	if (rc == Error_Succeed)
+	bHasPinPad = true;
+	auto rc = 0;
+	if ( (rc = pPinPadClient->Connect()) == Error_Succeed)
 	{
 		PinPadService_GetDevInfo_Req req = {};
 		PinPadService_GetDevInfo_Ans ans = {};
@@ -1065,15 +1085,18 @@ int CAccessAuthEntity::GetPinPadIDAndDeviceID(CSimpleStringA &strPinPadID, CSimp
 			}
 			else
 			{
+				if (m_info.strMachineType.IsStartWith("RVC.PAD", true))
+					bHasPinPad = false;
 				Dbg("pinpad not exist, state: %d", ans.state);
 			}
 		}
 		else
 		{
+			if (m_info.strMachineType.IsStartWith("RVC.PAD", true))
+				bHasPinPad = false;
 			strErrMsg = "调用PinPad实体的GetDevInfo方法失败";
 			SetAuthErrMsg((const char *)strErrMsg);
-			spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_FROM_PINPAD,
+			m_FSM.doWarnMsg(ERR_ACCESSAUTH_FROM_PINPAD,
 				GetOutPutStr("%s%08X%s%s", "GetDevInfo", rc, "strErrMsg", (const char*)strErrMsg ).c_str());
 		}
 
@@ -1081,15 +1104,17 @@ int CAccessAuthEntity::GetPinPadIDAndDeviceID(CSimpleStringA &strPinPadID, CSimp
 	}
 	else
 	{
+		if (m_info.strMachineType.IsStartWith("RVC.PAD", true))
+			bHasPinPad = false;
 		strErrMsg = "连接PinPad实体失败";
 		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
 
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_CONNECT_PINPAD,
+		m_FSM.doWarnMsg(ERR_ACCESSAUTH_CONNECT_PINPAD,
 			GetOutPutStr("%s%08X%s%s", "Connect", rc, "strErrMsg", "连接PinPad实体失败").c_str());
 		pPinPadClient->SafeDelete();
-		pPinPadClient = NULL;
 	}
+	
+	pPinPadClient = NULL;
 
 	if (bPinPadID)
 	{
@@ -1113,6 +1138,11 @@ int CAccessAuthEntity::GetPinPadIDAndDeviceID(CSimpleStringA &strPinPadID, CSimp
 
 		nRet += 2;
 	}
+	else if (bBluetooth)
+	{
+		strDeviceID = strDeviceID + "_" + strBluetoothID;
+		nRet += 2;
+	}
 
 	return nRet;
 }
@@ -1122,22 +1152,10 @@ bool CAccessAuthEntity::HasCkCodeFlg()
 	CSimpleStringA strErrMsg;
 	CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
 
-	CSystemStaticInfo info;
-	auto rc = GetFunction()->GetSystemStaticInfo(info);
-	if (rc != Error_Succeed)
-	{
-		strErrMsg = "获取系统静态信息失败";
-		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_SYSTEM_STATIC_INFO,
-			GetOutPutStr("%s%08X%s%s", "GetSystemStaticInfo", rc, "strErrMsg", (const char*)strErrMsg).c_str());
-		return false;
-	}
-
-	if (info.strMachineType.IsStartWith("RPM", true) || info.strMachineType.IsStartWith("RVC.CardStore", true) || info.strMachineType.IsStartWith("RVC.IL", true))		// 回单打印机、简化版
+	//oilyang@20210514 
+	if (!IsMachineTypeConfigurePinPad(m_info.strMachineType))
 	{
-		Dbg("MachineType is [%s], not exist pinpad entity", info.strMachineType);
+		Dbg("MachineType is [%s], not exist pinpad entity", m_info.strMachineType);
 		return false;
 	}
 		
@@ -1189,17 +1207,16 @@ bool CAccessAuthEntity::HasCkCodeFlg()
 			else
 			{
 				Dbg("pinpad not exist, state: %d", ans.state);	
-				LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_FROM_PINPAD,
-					GetOutPutStr("%s%d", "ans.state", ans.state).c_str());
+				m_FSM.doWarnMsg(ERR_ACCESSAUTH_FROM_PINPAD,
+					GetOutPutStr("%s%d", "密码键盘异常，请检查。ans.state", ans.state).c_str());
 			}
 		}
 		else
 		{
 			strErrMsg = "调用PinPad实体（GetDevInfo）失败";
 			SetAuthErrMsg((const char *)strErrMsg);
-			spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
-			LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_FROM_PINPAD,
-				GetOutPutStr("%s%08X", "GetDevInfo", rc).c_str());
+			m_FSM.doWarnMsg(ERR_ACCESSAUTH_FROM_PINPAD,
+				GetOutPutStr("%s%08X", "GetDevInfo", rc).c_str(), strErrMsg.GetData());
 		}
 
 		pPinPadClient->GetFunction()->CloseSession();
@@ -1208,14 +1225,15 @@ bool CAccessAuthEntity::HasCkCodeFlg()
 	{
 		strErrMsg = "连接PinPad实体失败";
 		SetAuthErrMsg((const char *)strErrMsg);
-		spFunction->SetSysVar("AuthErrMsg", (const char *)strErrMsg, false);
 	
-		LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_CONNECT_PINPAD,
-			GetOutPutStr("%s%s", "strErrMsg", strErrMsg).c_str());
+		m_FSM.doWarnMsg(ERR_ACCESSAUTH_CONNECT_PINPAD,
+			GetOutPutStr("%s%s", "连接pinpad错误, strErrMsg", strErrMsg).c_str());
 		pPinPadClient->SafeDelete();
-		pPinPadClient = NULL;
 	}
 
+	
+	pPinPadClient = NULL;
+
 	return bCheckCode? true:false;
 }
 
@@ -1377,6 +1395,7 @@ int CAccessAuthEntity::GetOrSetIsFirstSM(int type) {
 	}
 	CSimpleStringA sIsFirst;
 	if (type == 0) {
+		return 0;//oilyang@20211208 这个逻辑没有存在的必要了
 		rc = pConfig->ReadConfigValue("SM", "IsFirst", sIsFirst);
 		if (rc != Error_Succeed || sIsFirst.IsNullOrEmpty()) {
 			rc = pConfig->WriteConfigValue("SM", "IsFirst", "Yes");
@@ -1405,7 +1424,17 @@ int CAccessAuthEntity::GetOrSetIsFirstSM(int type) {
 		return isFirst;
 	}
 }
-
+bool CAccessAuthEntity::IsMachineTypeConfigurePinPad(CSimpleStringA strMachineType)
+{
+	// 回单打印机、卡库、简化版
+	if (strMachineType.IsStartWith("RPM", true) || strMachineType.IsStartWith("RVC.CardStore", true)
+		|| strMachineType.IsStartWith("RVC.IL", true))		
+	{
+		return false;
+	}
+	else
+		return true;
+}
 SP_BEGIN_ENTITY_MAP()
 	SP_ENTITY(CAccessAuthEntity)
 SP_END_ENTITY_MAP()

Module/mod_accessauth/mod_AccessAuth.h

@@ -99,6 +99,8 @@ public:
 
 	// 是否使用PinPad
 	bool HasPinPad();
+	// 机型是否配置密码键盘
+	bool IsMachineTypeConfigurePinPad(CSimpleStringA strMachineType);
 
 	int GetPinPadCapability();
 
@@ -116,13 +118,13 @@ public:
 	
 	DWORD InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx);
 
-	void SetAuthErrMsg(const char* pszErrMsg);
-	void WarnAuthErrMsg(DWORD dwSrvCode, DWORD dwSysCode, const std::string& strErrMsg, bool setSysVar = false);
+	void SetAuthErrMsg(const char *pszErrMsg) { m_strAuthErrMsg = pszErrMsg; }
 	const char *GetAuthErrMsg() { return m_strAuthErrMsg; }
 
 	// 获取密码键盘ID和外设ID
+	//oilyang@20210510 add:in order to avoid getting info out of async, check if has pinpad while getting info
 	// 返回1：只有PinPadID；2：只有DeviceID；3：两者都有；0：失败
-	int GetPinPadIDAndDeviceID(CSimpleStringA &strPinPadID, CSimpleStringA &strDeviceID);
+	int GetPinPadIDAndDeviceID(CSimpleStringA &strPinPadID, CSimpleStringA &strDeviceID,bool &bHasPinPad);
 
 	// 密码键盘是否支持校验码
 	bool HasCkCodeFlg();
@@ -133,6 +135,12 @@ public:
 
 	int ConvertStr2Byte(string input, BYTE* output, int outputLen);
 	void printPasswdError();
+	DWORD LoadKeysToPinPadNew(string TMK, string TPK, string EDK, string index);
+	BYTE m_AuthSessionKey[140];
+	virtual void OnSelfTest(EntityTestEnum eTestType, CSmartPointer<ITransactionContext> pTransactionContext)
+	{
+		pTransactionContext->SendAnswer(Error_Succeed);
+	}
 	/*type=0 means read first or not while type=1 for writing not first*/
 	/*return 1 means first access auth as 0 means not first access auth*/
 	int GetOrSetIsFirstSM(int type);
@@ -146,7 +154,7 @@ protected:
 	CAccessAuthFSM m_FSM;
 
 	int m_nAuthVersion;		// 准入请求版本： 1 借助KMC密钥验证；2 借助终端密钥动态生成会话密钥验证
-	BYTE m_AuthSessionKey[140];
+	CSystemStaticInfo m_info;
 
 	CSimpleStringA m_strAuthErrMsg;
 };