Z991239-5288 #comment feat: 同步准入最新代码

Module/mod_accessauth/mod_AccessAuth.cpp

@@ -918,6 +918,180 @@ bool CAccessAuthEntity::GetTerminalFingerPrint(BYTE *pBuf, int &nBufLen)
 	return true;
 }
 
+#ifdef RVC_OS_WIN
+#define RSAPUBKEY_BITLEN 1024
+struct PublicKeyBlob
+{
+	PUBLICKEYSTRUC  publickeystruc;
+	RSAPUBKEY rsapubkey;
+	BYTE modulus[RSAPUBKEY_BITLEN / 8];
+};
+#endif // RVC_OS_WIN
+
+// 生成SM2密钥对，并导出公钥
+bool CAccessAuthEntity::GetTerminalPublicKey(BYTE* pBuf, int& nBufLen)
+{
+	CSimpleStringA runInfoPath, iniPath;
+	auto rc = GetFunction()->GetPath("runinfo", runInfoPath);
+	if (rc != Error_Succeed) {
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")
+			("GetPath runinfo error=%d.", rc);
+		return false;
+	}
+
+	char publicKey[BUF_SIZE] = { 0 };
+#ifdef RVC_OS_WIN
+	iniPath = runInfoPath + "\\runcfg\\AccessAuthorization.ini";
+	GetPrivateProfileString("TerminalPD", "PublicKey", "", publicKey, BUF_SIZE, iniPath.GetData());
+#else
+	iniPath = runInfoPath + SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "AccessAuthorization.ini";
+	char* tmp = inifile_read_str(iniPath.GetData(), "TerminalPD", "PublicKey", "");
+	strcpy(publicKey, tmp);
+	delete tmp;
+#endif // RVC_OS_WIN
+	if (strlen(publicKey) <= 0) {
+#ifdef RVC_OS_WIN
+		iniPath = runInfoPath + "\\runcfg\\Initializer.ini";
+		GetPrivateProfileString("TerminalPD", "PublicKey", "", publicKey, BUF_SIZE, iniPath.GetData());
+#else
+		iniPath = runInfoPath + SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "Initializer.ini";
+		char* tmp2 = inifile_read_str(iniPath.GetData(), "TerminalPD", "PublicKey", "");
+		strcpy(publicKey, tmp2);
+		delete tmp2;
+#endif // RVC_OS_WIN
+
+		if (strlen(publicKey) <= 0)
+		{
+			DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("读取公钥失败，公钥长度小于等于零！");
+			if (!ExistsFileA(iniPath))
+				printPasswdError("密钥集丢失（公钥为空），请重置秘钥进行初始化");
+			return false;
+		}
+	}
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("publickey=%s,%d", publicKey, strlen(publicKey));
+
+#ifdef RVC_OS_WIN
+	char* pDecodedPublickey = MyBase64::Hex2Str(publicKey, nBufLen);
+#else
+	char* pDecodedPublickey = Hex2Str(publicKey, nBufLen);
+#endif // RVC_OS_WIN
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("pDecodedPublickey len=%d", nBufLen);
+	memcpy(pBuf, pDecodedPublickey, nBufLen);
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("pBuf[0]=%02X,nBufLen=%d", pBuf[0], nBufLen);
+	delete[] pDecodedPublickey;
+	return true;
+}
+// 生成RSA密钥对，并导出公钥
+bool CAccessAuthEntity::GetTerminalPublicKey(BYTE* pBuf, int& nBufLen, string& pubkey)
+{
+	LOG_FUNCTION();
+	CSimpleString runInfoPath;
+	auto rc = GetFunction()->GetPath("runinfo", runInfoPath);
+	if (rc != Error_Succeed) {
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("GetPath runinfo error=%d.", rc);
+		return false;
+	}
+#ifdef RVC_OS_WIN
+	runInfoPath += "\\runcfg\\";
+	DWORD dwAttr = GetFileAttributes(runInfoPath.GetData());
+	if (dwAttr == 0xFFFFFFFF)  //目录不存在则创建   
+	{
+		if (!CreateDirectory(runInfoPath.GetData(), NULL))
+		{
+			DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("Create %s dir failed!", runInfoPath.GetData());
+		}
+	}
+#else
+	runInfoPath += SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR;
+	if (!dir_is_exist(runInfoPath.GetData()))
+	{
+		if (dir_create(runInfoPath.GetData()) != 0)
+		{
+			DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("Create %s dir failed!", runInfoPath.GetData());
+		}
+	}
+#endif // RVC_OS_WIN
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("Dir=%s", runInfoPath.GetData());
+	CSmartPointer<IConfigInfo> pConfig;
+	rc = GetFunction()->OpenConfig(Config_Run, pConfig);
+	if (rc != Error_Succeed) {
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("OpenConfig Config_Run error=%d.", rc);
+		return false;
+	}
+	CSimpleString publicKey;
+	rc = pConfig->ReadConfigValue("TerminalPD", "PublicKey", publicKey);
+	if (rc != Error_Succeed || publicKey.IsNullOrEmpty()) {
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("ReadConfig publicKey error=%d or publicKey is NULL.", rc);
+	}
+
+	BYTE btPublicKey[BUF_SIZE] = { 0 }, btPrivateKey[BUF_SIZE] = { 0 };
+	int iPublicKeyLen = sizeof(btPublicKey);
+	int iPrivateKeyLen = sizeof(btPrivateKey);
+	if (!::CreateSM2KeyPair(btPublicKey, &iPublicKeyLen, btPrivateKey, &iPrivateKeyLen)) {
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("Create SM2 key pair error.");
+		return false;
+	}
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("iPublicKeyLen=%d,iPrivateKeyLen=%d", iPublicKeyLen, iPrivateKeyLen);
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("[btPublicKey=%s]", (char*)btPublicKey);
+
+#ifdef RVC_OS_WIN
+	char* pEncode = MyBase64::Str2Hex((char*)btPublicKey, iPublicKeyLen);
+#else
+	char* pEncode = Str2Hex((char*)btPublicKey, iPublicKeyLen);
+#endif // RVC_OS_WIN
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("pEncode=%s,%d", pEncode, strlen(pEncode));
+
+	/*rc = pConfig->WriteConfigValue("TerminalPD", "PublicKey", pEncode);
+	assert(rc == Error_Succeed);*/
+
+	m_publicKey = pEncode;
+	pubkey = pEncode;
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("write public key success.");
+
+	BYTE pCryptPrivateKey[BUF_SIZE] = { 0 };
+	int cryptPrivateKeyLen = BUF_SIZE;
+	if (!EncWithSM4_ECB("s5da69gnh4!963@6s5da69gnh4!963@6", btPrivateKey, iPrivateKeyLen, pCryptPrivateKey, &cryptPrivateKeyLen)) {
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("sm4 crypt privateKey error.");
+		/*rc = pConfig->WriteConfigValue("TerminalPD", "PublicKey", "");*/
+		m_publicKey = "";
+		delete[] pEncode;
+		return false;
+	}
+
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("sm4 encrypt pri key success.");
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("cryptPrivateKeyLen=%d", cryptPrivateKeyLen);
+
+#ifdef RVC_OS_WIN
+	char* pEncodedCryptPrivateKey = MyBase64::Str2Hex((char*)pCryptPrivateKey, cryptPrivateKeyLen);
+#else
+	char* pEncodedCryptPrivateKey = Str2Hex((char*)pCryptPrivateKey, cryptPrivateKeyLen);
+#endif // RVC_OS_WIN
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("encode pri key success.");
+
+	m_privateKey = pEncodedCryptPrivateKey;
+	/*rc = pConfig->WriteConfigValue("TerminalPD", "PrivateKey", pEncodedCryptPrivateKey);
+	if (rc != Error_Succeed) {
+		rc = pConfig->WriteConfigValue("TerminalPD", "PublicKey", "");
+		delete[] pEncodedCryptPrivateKey;
+		return false;
+	}
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("write pri key success.");*/
+	publicKey = pEncode;
+	delete[] pEncode;
+	delete[] pEncodedCryptPrivateKey;
+
+#ifdef RVC_OS_WIN
+	char* pDecode = MyBase64::Hex2Str(publicKey.GetData(), nBufLen);
+#else
+	char* pDecode = Hex2Str(publicKey.GetData(), nBufLen);
+#endif // RVC_OS_WIN
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("pDecode=[%s],len=%d", pDecode, nBufLen);
+
+	memcpy(pBuf, pDecode, nBufLen);
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("pBuf[0]=%02X,nBufLen=%d", pBuf[0], nBufLen);
+	return true;
+}
+
 //oilyang@20210510 嵌入"bool CAccessAuthEntity::HasPinPad()"的逻辑
 // 返回1：只有PinPadID；2：只有DeviceID；3：两者都有；0：没有；-1表示失败
 int CAccessAuthEntity::GetPinPadIDAndDeviceID(CSimpleStringA &strPinPadID, CSimpleStringA &strDeviceID, bool& bHasPinPad)
@@ -1430,6 +1604,17 @@ bool CAccessAuthEntity::SendInitMKReqACS(CInitlizerMKReq& initMKReq)
 	if (nRet == 1 || nRet == 3)
 		initMKReq.pinPadID = strPinPadID;
 
+	BYTE xPublicKey[148];
+	nBufLen = sizeof(xPublicKey);
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("SendInitMKReqACS")("开始获取公钥。。。");
+	memset(xPublicKey, 0, nBufLen);
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("SendInitMKReqACS")("nBufLen=%d", nBufLen);
+	if (!GetTerminalPublicKey(xPublicKey, nBufLen, initMKReq.publicKey))
+	{
+		LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_GET_TERMINAL_PUBKEY,
+			GetOutPutStr("%s%s", "GetTerminalPublicKey", "False").c_str());
+		return ERR_INITIALIZER_GET_TERMINAL_PUBKEY;
+	}
 	initMKReq.user = m_strUserID.GetData();
 	initMKReq.password = m_strPassword.GetData();
 	if (!m_strUserID.IsNullOrEmpty() && !m_strPassword.IsNullOrEmpty())