|
|
@@ -6,6 +6,7 @@
|
|
|
#pragma comment(lib, "crypt32.lib")
|
|
|
#include <windows.h>
|
|
|
#include <Wincrypt.h>
|
|
|
+#include "MyBase64.h"
|
|
|
#define MY_ENCODING_TYPE (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
|
|
|
|
|
|
CAccessAuthConn::CAccessAuthConn(CEntityBase *pEntity, CAccessAuthFSM *pFSM)
|
|
|
@@ -24,8 +25,10 @@ void CAccessAuthConn::OnDisconnect()
|
|
|
|
|
|
void CAccessAuthConn::OnPkgAnswer(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
+ LOG_FUNCTION();
|
|
|
string serviceCode = pRecvPkg->GetServiceCode();
|
|
|
- if (serviceCode == "UpdateWK")
|
|
|
+ Dbg("serviceCode=%s",serviceCode.c_str());
|
|
|
+ if (serviceCode == "KMCKey")
|
|
|
{
|
|
|
HandleUpdateWKRet(pRecvPkg);
|
|
|
}
|
|
|
@@ -65,6 +68,9 @@ void CAccessAuthConn::OnPkgAnswer(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
HandleUpdateMD5Ret(pRecvPkg);
|
|
|
}
|
|
|
+ else if (serviceCode == "KMCKey") {
|
|
|
+ HandleUpdateWKRet(pRecvPkg);
|
|
|
+ }
|
|
|
else
|
|
|
{
|
|
|
//Dbg("unknown service code: %s", serviceCode.c_str());
|
|
|
@@ -74,16 +80,17 @@ void CAccessAuthConn::OnPkgAnswer(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
}
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::HandleUpdateWKRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
+DWORD CAccessAuthConn::HandleUpdateWKRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
- ErrorCodeEnum rc = Error_Unexpect;
|
|
|
+ /*
|
|
|
+ LOG_FUNCTION();
|
|
|
+ DWORD rc = Error_Unexpect;
|
|
|
DWORD dwSysCode, dwUserCode;
|
|
|
string strErrMsg;
|
|
|
if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
{
|
|
|
- rc = (ErrorCodeEnum)dwSysCode;
|
|
|
- //LogError(Severity_Middle, rc, dwUserCode, strErrMsg.c_str());
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_UPDATE_WK,
|
|
|
+ rc = dwSysCode;
|
|
|
+ LogWarn(Severity_Middle, Error_Unexpect, rc,
|
|
|
GetOutPutStr("%s%08x%s%s","GetErrMsg",rc,"strErrMsg", strErrMsg).c_str());
|
|
|
}
|
|
|
else
|
|
|
@@ -99,14 +106,14 @@ ErrorCodeEnum CAccessAuthConn::HandleUpdateWKRet(const CSmartPointer<IPackage> &
|
|
|
int nArrayNum(0);
|
|
|
pRecvPkg->GetStructData("WKU_RET", pBuf, &nRetLen, &nArrayNum);
|
|
|
|
|
|
- // 调用KMC解析返回
|
|
|
+ // 锟斤拷锟斤拷KMC锟斤拷锟斤拷锟斤拷锟斤拷
|
|
|
Dbg("parse des key update result");
|
|
|
rc = pEntity->ParseWKUpdateResult((char*)pBuf, nRetLen, 1);
|
|
|
delete[] pBuf;
|
|
|
|
|
|
if (rc == Error_Succeed)
|
|
|
{
|
|
|
- // 加载WK到PinPad中
|
|
|
+ // 锟斤拷锟斤拷WK锟斤拷PinPad锟斤拷
|
|
|
Dbg("load des key to pinpad");
|
|
|
rc = ((CAccessAuthEntity*)m_pEntity)->LoadPinPadWK(false);
|
|
|
}
|
|
|
@@ -121,38 +128,83 @@ ErrorCodeEnum CAccessAuthConn::HandleUpdateWKRet(const CSmartPointer<IPackage> &
|
|
|
int nArrayNum(0);
|
|
|
pRecvPkg->GetStructData("SMWKU_RT", pBuf, &nRetLen, &nArrayNum);
|
|
|
|
|
|
- // 调用KMC解析返回
|
|
|
+ // 锟斤拷锟斤拷KMC锟斤拷锟斤拷锟斤拷锟斤拷
|
|
|
Dbg("parse sm key update result");
|
|
|
rc = pEntity->ParseWKUpdateResult((char*)pBuf, nRetLen, 2);
|
|
|
delete[] pBuf;
|
|
|
|
|
|
if (rc == Error_Succeed)
|
|
|
{
|
|
|
- // 加载WK到PinPad中
|
|
|
+ // 锟斤拷锟斤拷WK锟斤拷PinPad锟斤拷
|
|
|
Dbg("load sm key to pinpad");
|
|
|
rc = ((CAccessAuthEntity*)m_pEntity)->LoadPinPadWK(true);
|
|
|
}
|
|
|
}
|
|
|
}
|
|
|
|
|
|
- m_pFSM->PostEventFIFO(new FSMEvent(rc == Error_Succeed? CAccessAuthFSM::Event_UpdateWKSucc:CAccessAuthFSM::Event_UpdateWKFail));
|
|
|
+ m_pFSM->PostEventFIFO(new FSMEvent(rc == Error_Succeed? CAccessAuthFSM::Event_UpdateWKSucc:CAccessAuthFSM::Event_UpdateWKFail));
|
|
|
+ */
|
|
|
+
|
|
|
+ LOG_FUNCTION();
|
|
|
+ DWORD rc = Error_Succeed;
|
|
|
+ DWORD dwSysCode, dwUserCode;
|
|
|
+ string strErrMsg;
|
|
|
+ auto pEntity = (CAccessAuthEntity*)m_pEntity;
|
|
|
+ if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
+ {
|
|
|
+ rc = dwUserCode;
|
|
|
+ LogWarn(Severity_Middle, (ErrorCodeEnum)dwSysCode, dwUserCode,
|
|
|
+ GetOutPutStr("%s%08X%s%s", "GetErrMsg", rc,"strErrMsg", strErrMsg.c_str()).c_str());
|
|
|
+
|
|
|
+ }
|
|
|
+ else
|
|
|
+ {
|
|
|
+ int nLen = pRecvPkg->GetStructLen("KMCKeyRet");
|
|
|
+ if (nLen <= 0)
|
|
|
+ {
|
|
|
+
|
|
|
+ Dbg("KMCKeyRet返回数据为空。");
|
|
|
+ pEntity->m_bGetKMCKey = false;
|
|
|
+ rc = ERR_INITIALIZER_GET_KMC_KEY_NULL;
|
|
|
+ }
|
|
|
+ else
|
|
|
+ {
|
|
|
+ pEntity->m_bGetKMCKey = true;
|
|
|
+ BYTE* pBuf = new BYTE[nLen];
|
|
|
+ memset(pBuf, 0, nLen);
|
|
|
+ int nArrayNum = 0;
|
|
|
+ bool bSuc = pRecvPkg->GetStructData("KMCKeyRet", (BYTE*)pBuf, &nLen, &nArrayNum);
|
|
|
+ assert(bSuc);
|
|
|
+ assert(nLen % sizeof(KMCKeyRet) == 0);
|
|
|
+ KMCKeyRet* ret = (KMCKeyRet*)pBuf;
|
|
|
+ pEntity->m_TMK = ret->TMK;
|
|
|
+ pEntity->m_TPK = ret->TPK;
|
|
|
+ pEntity->m_EDK = ret->EDK;
|
|
|
+ pEntity->m_index = ret->Index;
|
|
|
+ Dbg("TMK=%s", pEntity->m_TMK.c_str());
|
|
|
+ Dbg("TPK=%s", pEntity->m_TPK.c_str());
|
|
|
+ Dbg("EDK=%s", pEntity->m_EDK.c_str());
|
|
|
+ Dbg("Index=%s", pEntity->m_index.c_str());
|
|
|
+ rc = pEntity->LoadPinPadWK(true);
|
|
|
+ }
|
|
|
+ }
|
|
|
+ m_pFSM->PostEventFIFO(new FSMEvent(rc == Error_Succeed ? CAccessAuthFSM::Event_UpdateWKSucc : CAccessAuthFSM::Event_UpdateWKFail));
|
|
|
return rc;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::HandleReqTokenRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
+DWORD CAccessAuthConn::HandleReqTokenRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
DWORD dwSysCode, dwUserCode;
|
|
|
string strErrMsg;
|
|
|
- ErrorCodeEnum rc = Error_Succeed;
|
|
|
+ DWORD rc = Error_Succeed;
|
|
|
CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
|
|
|
|
|
|
if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
{
|
|
|
- rc = (ErrorCodeEnum)dwSysCode;
|
|
|
- //LogError(Severity_Middle, (ErrorCodeEnum)dwSysCode, dwUserCode, strErrMsg.c_str());
|
|
|
+ rc = dwUserCode;
|
|
|
((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg(strErrMsg.c_str());
|
|
|
spFunction->SetSysVar("AuthErrMsg", strErrMsg.c_str(), true);
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_TOKEN,
|
|
|
+ LogWarn(Severity_Middle, Error_Unexpect, rc,
|
|
|
GetOutPutStr("%s%s%s%08X", "GetErrMsg", "False", "dwSysCode", rc).c_str());
|
|
|
}
|
|
|
else
|
|
|
@@ -160,24 +212,38 @@ ErrorCodeEnum CAccessAuthConn::HandleReqTokenRet(const CSmartPointer<IPackage> &
|
|
|
int nRetLen = pRecvPkg->GetStructLen("TOKEN_RT");
|
|
|
if (nRetLen >0)
|
|
|
{
|
|
|
+ ((CAccessAuthEntity*)m_pEntity)->GetOrSetIsFirstSM(1);
|
|
|
assert(nRetLen == sizeof(RequestTokenRet));
|
|
|
RequestTokenRet ret;
|
|
|
memset(&ret, 0, sizeof(ret));
|
|
|
+ RequestTokenRet2 ret2;
|
|
|
+ memset(&ret2, 0, sizeof(ret2));
|
|
|
|
|
|
int nArrayNum(0);
|
|
|
+ int nArrayNum2(0);
|
|
|
int nBufLen = sizeof(ret);
|
|
|
+ int nBufLen2 = sizeof(ret2);
|
|
|
pRecvPkg->GetStructData("TOKEN_RT", (BYTE*)&ret, &nBufLen, &nArrayNum);
|
|
|
-
|
|
|
+ pRecvPkg->GetStructData("TOKEN_RET2", (BYTE*)&ret2, &nBufLen2, &nArrayNum2);
|
|
|
// 生成Hash
|
|
|
- BYTE md5[16];
|
|
|
+ /*BYTE md5[16];
|
|
|
memset(md5, 0, 16);
|
|
|
MD5Hash((BYTE*)&ret, 256 + 16, md5);
|
|
|
DWORD dwHash = ((DWORD)md5[0]) << 24 | ((DWORD)md5[1]) << 16 | ((DWORD)md5[2]) << 8 | ((DWORD)md5[3]);
|
|
|
- DWORD dwHash2 = ((DWORD)ret.retHash[0]) << 24 | ((DWORD)ret.retHash[1]) << 16 | ((DWORD)ret.retHash[2]) << 8 | ((DWORD)ret.retHash[3]);
|
|
|
- if (dwHash != dwHash2)
|
|
|
+ DWORD dwHash2 = ((DWORD)ret.retHash[0]) << 24 | ((DWORD)ret.retHash[1]) << 16 | ((DWORD)ret.retHash[2]) << 8 | ((DWORD)ret.retHash[3]);*/
|
|
|
+ BYTE enToken[512 + 16] = { 0 };
|
|
|
+ memcpy(enToken, ret.enToken, 256);
|
|
|
+ memcpy(enToken + 256, ret2.enToken, 256);
|
|
|
+ memcpy(enToken + 512, ret.sharedSK, 16);
|
|
|
+ BYTE sm3[32] = { 0 };
|
|
|
+ if (!SM3Hash(enToken,512 + 16,sm3)) {
|
|
|
+ Dbg("SM3 Hash error at Token Ret.");
|
|
|
+ }
|
|
|
+
|
|
|
+ if (memcmp(sm3, ret2.retHash, 32) != 0)
|
|
|
{
|
|
|
rc = Error_Bug;
|
|
|
- //LogError(Severity_Low, rc, 0, "返回令牌校验不通过");
|
|
|
+
|
|
|
((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("返回令牌校验不通过");
|
|
|
spFunction->SetSysVar("AuthErrMsg", "返回令牌校验不通过", true);
|
|
|
|
|
|
@@ -187,9 +253,10 @@ ErrorCodeEnum CAccessAuthConn::HandleReqTokenRet(const CSmartPointer<IPackage> &
|
|
|
else
|
|
|
{
|
|
|
// 保存令牌和共享会话密钥到令牌管理实体
|
|
|
+ //跟良瑜那边确定使用512的长度
|
|
|
CBlob token;
|
|
|
- token.Alloc(256);
|
|
|
- memcpy(token.m_pData, ret.enToken, 256);
|
|
|
+ token.Alloc(512);
|
|
|
+ memcpy(token.m_pData, enToken, 512);
|
|
|
|
|
|
CBlob sharedSK;
|
|
|
sharedSK.Alloc(16);
|
|
|
@@ -199,8 +266,8 @@ ErrorCodeEnum CAccessAuthConn::HandleReqTokenRet(const CSmartPointer<IPackage> &
|
|
|
{
|
|
|
((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("保存令牌失败");
|
|
|
spFunction->SetSysVar("AuthErrMsg", "保存令牌失败", true);
|
|
|
- //LogError(Severity_Low, rc, 0, "保存令牌失败");
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_TOKEN,
|
|
|
+
|
|
|
+ LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SAVE_TOKEN,
|
|
|
GetOutPutStr("%s%08X", "SaveTokenAndSharedSK", rc).c_str());
|
|
|
}
|
|
|
}
|
|
|
@@ -210,7 +277,6 @@ ErrorCodeEnum CAccessAuthConn::HandleReqTokenRet(const CSmartPointer<IPackage> &
|
|
|
rc = Error_Bug;
|
|
|
((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("返回令牌数据非法");
|
|
|
spFunction->SetSysVar("AuthErrMsg", "返回令牌数据非法", true);
|
|
|
- //LogError(Severity_Low, rc, 0, "返回令牌数据非法");
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_TOKEN,
|
|
|
GetOutPutStr("%s%d", "nRetLen", nRetLen).c_str());
|
|
|
}
|
|
|
@@ -220,7 +286,7 @@ ErrorCodeEnum CAccessAuthConn::HandleReqTokenRet(const CSmartPointer<IPackage> &
|
|
|
return rc;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::HandleTermExitRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
+DWORD CAccessAuthConn::HandleTermExitRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
DWORD dwSysCode, dwUserCode;
|
|
|
string strErrMsg;
|
|
|
@@ -228,7 +294,7 @@ ErrorCodeEnum CAccessAuthConn::HandleTermExitRet(const CSmartPointer<IPackage> &
|
|
|
if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
{
|
|
|
rc = (ErrorCodeEnum)dwSysCode;
|
|
|
- //LogError(Severity_Middle, rc, dwUserCode, strErrMsg.c_str());
|
|
|
+
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_TERM_EXIT,
|
|
|
GetOutPutStr("%s%08X%s%s", "GetErrMsg", dwSysCode, "strErrMsg", strErrMsg.c_str()).c_str());
|
|
|
return rc;
|
|
|
@@ -237,7 +303,7 @@ ErrorCodeEnum CAccessAuthConn::HandleTermExitRet(const CSmartPointer<IPackage> &
|
|
|
return rc;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::HandleReportStageRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
+DWORD CAccessAuthConn::HandleReportStageRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
DWORD dwSysCode, dwUserCode;
|
|
|
string strErrMsg;
|
|
|
@@ -254,16 +320,18 @@ ErrorCodeEnum CAccessAuthConn::HandleReportStageRet(const CSmartPointer<IPackage
|
|
|
return rc;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::SendWKUpdatePackage()
|
|
|
+DWORD CAccessAuthConn::SendWKUpdatePackage()
|
|
|
{
|
|
|
+ /*
|
|
|
assert(IsConnectionOK());
|
|
|
auto pEntity = (CAccessAuthEntity*)m_pEntity;
|
|
|
|
|
|
CSystemStaticInfo si;
|
|
|
pEntity->GetFunction()->GetSystemStaticInfo(si);
|
|
|
|
|
|
+
|
|
|
CSmartPointer<IPackage> package = CreateNewPackage("UpdateWK");
|
|
|
-
|
|
|
+
|
|
|
// 1:3des only; 2: sm4 only; 3: both 3des and sm4
|
|
|
int nCapability = pEntity->GetPinPadCapability();
|
|
|
if (nCapability == 1 || nCapability == 3)
|
|
|
@@ -303,16 +371,31 @@ ErrorCodeEnum CAccessAuthConn::SendWKUpdatePackage()
|
|
|
|
|
|
package->AddStruct("SMWKU_RQ", false, false, (BYTE*)buf, sizeof(SMWKUpdateReq)+nBufLen);
|
|
|
}
|
|
|
-
|
|
|
+
|
|
|
+ return SendPackage(package) != "" ? Error_Succeed : Error_Unexpect;
|
|
|
+ */
|
|
|
+ LOG_FUNCTION();
|
|
|
+ assert(IsConnectionOK());
|
|
|
+ KMCKeyReq req;
|
|
|
+ memset(req.TerminalNo,0,sizeof(req.TerminalNo));
|
|
|
+ CSystemStaticInfo si;
|
|
|
+ auto pEntity = (CAccessAuthEntity*)m_pEntity;
|
|
|
+ pEntity->GetFunction()->GetSystemStaticInfo(si);
|
|
|
+ strcpy(req.TerminalNo, si.strTerminalID.GetData());
|
|
|
+ //req.TerminalNo = TerminalNo;
|
|
|
+ CSmartPointer<IEntityFunction> pFunc = m_pEntity->GetFunction();
|
|
|
+ CSmartPointer<IPackage> package = CreateNewPackage("KMCKey");
|
|
|
+ package->AddStruct("KMCKeyReq", false, false, (BYTE*)& req, sizeof(req));
|
|
|
return SendPackage(package) != "" ? Error_Succeed : Error_Unexpect;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::SendGetTokenPackage()
|
|
|
+DWORD CAccessAuthConn::SendGetTokenPackage()
|
|
|
{
|
|
|
+ LOG_FUNCTION();
|
|
|
assert(IsConnectionOK());
|
|
|
|
|
|
CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
|
|
|
-
|
|
|
+ CSmartPointer<IPackage> package = CreateNewPackage("ReqToken");
|
|
|
// 获取外设及PinPadID
|
|
|
CSimpleStringA strPinPadID = "", strDeviceID = "";
|
|
|
int nRet = ((CAccessAuthEntity*)m_pEntity)->GetPinPadIDAndDeviceID(strPinPadID, strDeviceID);
|
|
|
@@ -327,12 +410,14 @@ ErrorCodeEnum CAccessAuthConn::SendGetTokenPackage()
|
|
|
// 生成临时RSA密钥对
|
|
|
CBlob pubKey;
|
|
|
CBlob priKey;
|
|
|
- ErrorCodeEnum rc = ((CAccessAuthEntity*)m_pEntity)->CreateRsaKeyPair(pubKey, priKey);
|
|
|
+ char* smVer = GetSMVersion();
|
|
|
+ Dbg("sm vetsion=%s",smVer);
|
|
|
+ DWORD rc = ((CAccessAuthEntity*)m_pEntity)->CreateSM2KeyPair(pubKey, priKey);
|
|
|
if (rc != Error_Succeed)
|
|
|
return rc;
|
|
|
|
|
|
// 保存到令牌管理实体中
|
|
|
- rc = ((CAccessAuthEntity*)m_pEntity)->SaveRsaKeyPair(pubKey, priKey);
|
|
|
+ rc = ((CAccessAuthEntity*)m_pEntity)->SaveSM2KeyPair(pubKey, priKey);
|
|
|
if (rc != Error_Succeed)
|
|
|
return rc;
|
|
|
|
|
|
@@ -349,8 +434,20 @@ ErrorCodeEnum CAccessAuthConn::SendGetTokenPackage()
|
|
|
strncpy(&req1.szTerminalNo[0], (const char*)si.strTerminalID, sizeof(req1.szTerminalNo)-1);
|
|
|
|
|
|
// 拷贝临时公钥
|
|
|
- memcpy_s(&req1.tpk[0], sizeof(req1.tpk), pubKey.m_pData, pubKey.m_iLength);
|
|
|
-
|
|
|
+ memset(req1.tpk,0,sizeof(req1.tpk));
|
|
|
+ if (pubKey.m_iLength > 70 ) {
|
|
|
+ Dbg("临时公钥长度(%d)大于70。。。", pubKey.m_iLength);
|
|
|
+ return Error_TooSmallBuffer;
|
|
|
+ }
|
|
|
+ memcpy_s(&req1.tpk[0], sizeof(req1.tpk) - 70, pubKey.m_pData, pubKey.m_iLength);
|
|
|
+ //memcpy(req1.tpk, pubKey.m_pData , pubKey.m_iLength);
|
|
|
+ // 拷贝临时私钥
|
|
|
+ if (priKey.m_iLength > 70) {
|
|
|
+ Dbg("临时私钥长度(%d)大于70。。。", priKey.m_iLength);
|
|
|
+ return Error_TooSmallBuffer;
|
|
|
+ }
|
|
|
+ memcpy_s(&req1.tpk[70], sizeof(req1.tpk) - 70 , priKey.m_pData,priKey.m_iLength);
|
|
|
+ //memcpy(req1.tpk + 70, priKey.m_pData, priKey.m_iLength);
|
|
|
// 获取设备信息
|
|
|
BYTE *pBuf = (BYTE*)&req1.encTerminalInfo;
|
|
|
|
|
|
@@ -412,10 +509,9 @@ ErrorCodeEnum CAccessAuthConn::SendGetTokenPackage()
|
|
|
rc = m_pEntity->GetFunction()->GetSysVar("TerminalStage", ts);
|
|
|
if (rc != Error_Succeed)
|
|
|
{
|
|
|
- //LogError(Severity_Middle, rc, ERROR_ACCESSAUTH_GETSYSVAR, "GetSysVar(\"TerminalStage\") fail");
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_SYS_VAR,
|
|
|
GetOutPutStr("%s%08X%s%s", "GetSysVar", rc,"TerminalStage",ts).c_str());
|
|
|
- return rc;
|
|
|
+ return ERR_ACCESSAUTH_GET_SYS_VAR;
|
|
|
}
|
|
|
assert(ts.GetLength() >=1);
|
|
|
pInfo->chTerminalState = ts[0];
|
|
|
@@ -424,10 +520,9 @@ ErrorCodeEnum CAccessAuthConn::SendGetTokenPackage()
|
|
|
rc = m_pEntity->GetFunction()->GetSysVar("RunState", rs);
|
|
|
if (rc != Error_Succeed)
|
|
|
{
|
|
|
- //LogError(Severity_Middle, rc, ERROR_ACCESSAUTH_GETSYSVAR, "GetSysVar(\"RunState\") fail");
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_SYS_VAR,
|
|
|
GetOutPutStr("%s%08X%s%s", "GetSysVar", rc,"RunState", rs).c_str());
|
|
|
- return rc;
|
|
|
+ return ERR_ACCESSAUTH_GET_SYS_VAR;
|
|
|
}
|
|
|
assert(rs.GetLength() >=1);
|
|
|
pInfo->chRunState = rs[0];
|
|
|
@@ -439,11 +534,13 @@ ErrorCodeEnum CAccessAuthConn::SendGetTokenPackage()
|
|
|
if (pEntity->GetAuthVersion() == 2)
|
|
|
{
|
|
|
// 使用会话密钥加密
|
|
|
+ Dbg("使用会话密钥加密。。。");
|
|
|
raw.Refer(pBuf, sizeof(RequestTokenInfo)+4);
|
|
|
rc = pEntity->EncryptDataWithSessionKey(raw, enc);
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
+ Dbg("使用密码键盘加密。。。");
|
|
|
//add by zl 20190102 简版没有密码键盘单独处理(在终端被注销,DB中公钥被删除时会出现此种情况)
|
|
|
if (si.strMachineType.IsStartWith("RVC.IL", true))
|
|
|
{
|
|
|
@@ -462,15 +559,14 @@ ErrorCodeEnum CAccessAuthConn::SendGetTokenPackage()
|
|
|
|
|
|
if (rc != Error_Succeed)
|
|
|
{
|
|
|
- //LogError(Severity_Low, rc, 0, "加密准入请求数据失败");
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_ENCRYPT_KEY,
|
|
|
GetOutPutStr("%s%08X", "CryptEncrypt", rc).c_str());
|
|
|
- return rc;
|
|
|
+ return ERR_ACCESSAUTH_ENCRYPT_KEY;
|
|
|
}
|
|
|
|
|
|
memcpy(pBuf, enc.m_pData, enc.m_iLength);
|
|
|
|
|
|
- CSmartPointer<IPackage> package = CreateNewPackage("ReqToken");
|
|
|
+
|
|
|
package->AddStruct("TOKEN_R1", false, false, (BYTE*)&req1, sizeof(RequestTokenReq1));
|
|
|
|
|
|
// 获取硬件信息
|
|
|
@@ -480,12 +576,11 @@ ErrorCodeEnum CAccessAuthConn::SendGetTokenPackage()
|
|
|
{
|
|
|
((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("从root.ini获取终端设备信息失败");
|
|
|
spFunction->SetSysVar("AuthErrMsg", "从root.ini获取终端设备信息失败", true);
|
|
|
- //LogError(Severity_Middle, rc, ERROR_ACCESSAUTH_GETSYSVAR, "从root.ini获取终端设备信息失败");
|
|
|
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE,
|
|
|
GetOutPutStr("%s%08X", "SpGetAllDevices", rc).c_str());
|
|
|
|
|
|
- return rc;
|
|
|
+ return ERR_ACCESSAUTH_READ_WRITE_CONFIG_FILE;
|
|
|
}
|
|
|
|
|
|
int nDevEntityCount = devNames.GetCount();
|
|
|
@@ -550,47 +645,52 @@ ErrorCodeEnum CAccessAuthConn::SendGetTokenPackage()
|
|
|
if (1 == nVerifyCodeSign)
|
|
|
{
|
|
|
if (GetSpBaseSignCertHash(strHash1))
|
|
|
+ {
|
|
|
strncpy(req3.szSignCertHash, strHash1, 40);
|
|
|
+ Dbg("spshell hash value=%s",req3.szSignCertHash);
|
|
|
+ }
|
|
|
+
|
|
|
else
|
|
|
{
|
|
|
- //LogError(Severity_Middle, rc, ERROR_ACCESSAUTH_GETSIGN, "获取spbase.dll签名失败");
|
|
|
-
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_SPSHELL_HASH,
|
|
|
- GetOutPutStr("%s%s", "GetSpBaseSignCertHash", "False").c_str());
|
|
|
-
|
|
|
+ GetOutPutStr("%s%s", "GetSpBaseSignCertHash", "False").c_str());
|
|
|
}
|
|
|
}
|
|
|
|
|
|
CSimpleStringA strHash2;
|
|
|
if (GetUKeyRootCertHash(strHash2))
|
|
|
- strncpy(req3.szUKeyRootHash, strHash2, 40);
|
|
|
- /*else
|
|
|
- {
|
|
|
- LogError(Severity_Middle, rc, ERROR_ACCESSAUTH_GETSIGN, "获取RootCert.pem签名失败");
|
|
|
- }*/
|
|
|
+ strncpy(req3.szUKeyRootHash, strHash2, strHash2.GetLength());
|
|
|
|
|
|
req3.nAuthVersion = pEntity->GetAuthVersion();
|
|
|
|
|
|
// 上报指纹用于准入校验
|
|
|
- int nBufLen = sizeof(req3.FingerPrint);
|
|
|
- if (!pEntity->GetTerminalFingerPrint(req3.FingerPrint, nBufLen))
|
|
|
+ // 更改了指纹大小,16->32,另外16字节通过REQ0上传
|
|
|
+ BYTE fingerPrint[32] = { 0 };
|
|
|
+ int nBufLen = sizeof(fingerPrint);
|
|
|
+ if (!pEntity->GetTerminalFingerPrint(fingerPrint, nBufLen))
|
|
|
{
|
|
|
- //LogError(Severity_Middle, rc, ERROR_INITIALIZER_FINGERPINT, "获取终端指纹失败");
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
|
|
|
- GetOutPutStr("%s%s", "GetTerminalFingerPrint", "False").c_str());
|
|
|
- return Error_Unexpect;
|
|
|
+ GetOutPutStr("%s%s", "GetTerminalFingerPrint", "False").c_str());
|
|
|
+ return ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT;
|
|
|
}
|
|
|
-
|
|
|
+ memcpy(req3.FingerPrint, fingerPrint, 16);
|
|
|
+
|
|
|
+ //告知服务器终端是否进行过国密改造
|
|
|
+ RequestTokenReq0 req0;
|
|
|
+ memcpy(req0.FingerPrintSM, fingerPrint + 16, 16);
|
|
|
+ req0.isSM = 1;
|
|
|
+ req0.isFirst = ((CAccessAuthEntity*)m_pEntity)->GetOrSetIsFirstSM(0);
|
|
|
+ package->AddStruct("TOKEN_R0", false, false, (BYTE*)& req0, sizeof(RequestTokenReq0));
|
|
|
if (req3.nAuthVersion ==1)
|
|
|
{
|
|
|
// 非自定义密钥准入,需主动上报设备公钥
|
|
|
nBufLen = sizeof(req3.PublicKey);
|
|
|
+ memset(req3.PublicKey,0,nBufLen);
|
|
|
if (!pEntity->GetTerminalPublicKey(req3.PublicKey, nBufLen))
|
|
|
{
|
|
|
- //LogError(Severity_Middle, rc, ERROR_INITIALIZER_GETPUBKEY, "获取终端公钥失败");
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_PUBKEY,
|
|
|
GetOutPutStr("%s%s", "GetTerminalPublicKey", "False").c_str());
|
|
|
- return Error_Unexpect;
|
|
|
+ return ERR_ACCESSAUTH_GET_TERMINAL_PUBKEY;
|
|
|
}
|
|
|
}
|
|
|
|
|
|
@@ -623,7 +723,7 @@ ErrorCodeEnum CAccessAuthConn::SendGetTokenPackage()
|
|
|
return Error_Succeed;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::SendExitNoticePackage(int nReason, int nWay)
|
|
|
+DWORD CAccessAuthConn::SendExitNoticePackage(int nReason, int nWay)
|
|
|
{
|
|
|
assert(IsConnectionOK());
|
|
|
|
|
|
@@ -650,7 +750,7 @@ ErrorCodeEnum CAccessAuthConn::SendExitNoticePackage(int nReason, int nWay)
|
|
|
return Error_Succeed;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::SendTerminalStagePackage(char cNewStage, CSmallDateTime dtNewStageTime,
|
|
|
+DWORD CAccessAuthConn::SendTerminalStagePackage(char cNewStage, CSmallDateTime dtNewStageTime,
|
|
|
char cOldStage, CSmallDateTime dtOldStageTime)
|
|
|
{
|
|
|
assert(IsConnectionOK());
|
|
|
@@ -829,19 +929,25 @@ bool CAccessAuthConn::GetUKeyRootCertHash(CSimpleStringA &strHash)
|
|
|
long nRetLen = 2048;
|
|
|
base64_decode((BYTE*)pCert, nLen, buf, nRetLen);
|
|
|
|
|
|
- BYTE hash[20] = {};
|
|
|
- if (Sha1Hash(buf, nRetLen, hash))
|
|
|
+ BYTE hash[32] = {0};
|
|
|
+ //if (Sha1Hash(buf, nRetLen, hash))
|
|
|
+ if(SM3Hash(buf,nRetLen,hash))
|
|
|
{
|
|
|
- char szBuf[64] = {};
|
|
|
- for (int i = 0; i < 20; i++)
|
|
|
- sprintf(szBuf, "%s%02x", szBuf, hash[i]);
|
|
|
+ char* szBuf;
|
|
|
+
|
|
|
+ szBuf = MyBase64::Str2Hex((char *)hash,32);
|
|
|
+ //for (int i = 0; i < 32; i++)
|
|
|
+ //sprintf(szBuf, "%s%02x", szBuf, hash[i]);
|
|
|
|
|
|
strHash = szBuf;
|
|
|
+ delete[] szBuf;
|
|
|
+ Dbg("Ex RootCert.pem hash=%s",strHash.GetData());
|
|
|
bRet = true;
|
|
|
+
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSH1HASH, "get RootCert.pem sha1 value fail");
|
|
|
+
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_HASH,
|
|
|
GetOutPutStr("%s%s", "Sha1Hash", "False").c_str());
|
|
|
}
|
|
|
@@ -853,9 +959,9 @@ bool CAccessAuthConn::GetUKeyRootCertHash(CSimpleStringA &strHash)
|
|
|
return bRet;
|
|
|
}
|
|
|
|
|
|
-bool CAccessAuthConn::Sha1Hash(BYTE *pData, int nDataLen, BYTE hash[20])
|
|
|
+bool CAccessAuthConn::Sha1Hash(BYTE *pData, int nDataLen, BYTE hash[])
|
|
|
{
|
|
|
- bool bRet = false;
|
|
|
+ /*bool bRet = false;
|
|
|
HCRYPTPROV hCryptProv;
|
|
|
if (CryptAcquireContextA(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_MACHINE_KEYSET)) {
|
|
|
HCRYPTHASH hHash;
|
|
|
@@ -863,9 +969,7 @@ bool CAccessAuthConn::Sha1Hash(BYTE *pData, int nDataLen, BYTE hash[20])
|
|
|
{
|
|
|
if (!CryptHashData(hHash, pData, nDataLen, 0))
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSH1HASH, CSimpleStringA::Format("CryptHashData fail: %d", GetLastError()));
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SHA1_HASH,
|
|
|
- GetOutPutStr("%s%s%s%d", "CryptHashData", "False","GetLastError", GetLastError()).c_str());
|
|
|
+ LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSH1HASH, CSimpleStringA::Format("CryptHashData fail: %d", GetLastError()));
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
@@ -874,9 +978,7 @@ bool CAccessAuthConn::Sha1Hash(BYTE *pData, int nDataLen, BYTE hash[20])
|
|
|
bRet = true;
|
|
|
else
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSH1HASH, CSimpleStringA::Format("CryptGetHashParam fail: %d", GetLastError()));
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SHA1_HASH,
|
|
|
- GetOutPutStr("%s%s%s%d", "CryptGetHashParam", "False", "GetLastError", GetLastError()).c_str());
|
|
|
+ LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSH1HASH, CSimpleStringA::Format("CryptGetHashParam fail: %d", GetLastError()));
|
|
|
}
|
|
|
|
|
|
}
|
|
|
@@ -884,24 +986,26 @@ bool CAccessAuthConn::Sha1Hash(BYTE *pData, int nDataLen, BYTE hash[20])
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSH1HASH, CSimpleStringA::Format("CryptCreateHash fail: %d", GetLastError()));
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SHA1_HASH,
|
|
|
- GetOutPutStr("%s%s%s%d", "CryptCreateHash", "False", "GetLastError", GetLastError()).c_str());
|
|
|
+ LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSH1HASH, CSimpleStringA::Format("CryptCreateHash fail: %d", GetLastError()));
|
|
|
}
|
|
|
|
|
|
CryptReleaseContext(hCryptProv, 0);
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSH1HASH, CSimpleStringA::Format("CryptAcquireContextA fail: %d", GetLastError()));
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SHA1_HASH,
|
|
|
- GetOutPutStr("%s%s%s%d", "CryptAcquireContextA", "False", "GetLastError", GetLastError()).c_str());
|
|
|
+ LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSH1HASH, CSimpleStringA::Format("CryptAcquireContextA fail: %d", GetLastError()));
|
|
|
}
|
|
|
+ return bRet;*/
|
|
|
|
|
|
- return bRet;
|
|
|
+ /*if (!SM3Hash(pData, nDataLen, hash)) {
|
|
|
+ LogWarn(Severity_Middle,Error_Unexpect, ERROR_ACCESSAUTH_GETSH1HASH,"Sha1hash failed.");
|
|
|
+ return false;
|
|
|
+ }*/
|
|
|
+ return true;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::SendSyncTimePackage()
|
|
|
+//同步时间
|
|
|
+DWORD CAccessAuthConn::SendSyncTimePackage()
|
|
|
{
|
|
|
assert(IsConnectionOK());
|
|
|
|
|
|
@@ -916,21 +1020,26 @@ ErrorCodeEnum CAccessAuthConn::SendSyncTimePackage()
|
|
|
|
|
|
// 终端时间
|
|
|
req.dwCurTime = (DWORD)CSmallDateTime::GetNow();
|
|
|
+
|
|
|
+ SyncTimeReq2 req2;
|
|
|
+ req2.isSm = 1;
|
|
|
|
|
|
CSmartPointer<IPackage> package = CreateNewPackage("SyncTime");
|
|
|
package->AddStruct("SYNC_R1", false, false, (BYTE*)&req, sizeof(req));
|
|
|
+ package->AddStruct("SYNC_R2", false, false, (BYTE*)&req2, sizeof(req2));
|
|
|
Dbg("send sync time package");
|
|
|
return SendPackage(package) == "" ? Error_Unexpect : Error_Succeed;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::SendSyncTimePackageNew()
|
|
|
+
|
|
|
+DWORD CAccessAuthConn::SendSyncTimePackageNew()
|
|
|
{
|
|
|
Dbg("SendSyncTimePackageNew");
|
|
|
|
|
|
assert(IsConnectionOK());
|
|
|
DWORD dwSysCode, dwUserCode;
|
|
|
string strErrMsg;
|
|
|
- ErrorCodeEnum rc = Error_Succeed;
|
|
|
+ DWORD rc = Error_Succeed;
|
|
|
SyncTimeReq req;
|
|
|
memset(&req, 0, sizeof(req));
|
|
|
|
|
|
@@ -963,10 +1072,10 @@ ErrorCodeEnum CAccessAuthConn::SendSyncTimePackageNew()
|
|
|
|
|
|
if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
{
|
|
|
- rc = (ErrorCodeEnum)dwSysCode;
|
|
|
+ rc = dwUserCode;
|
|
|
//LogError(Severity_Middle, (ErrorCodeEnum)dwSysCode, dwUserCode, strErrMsg.c_str());
|
|
|
//Dbg("GetErrMsg error at SendSyncTimePackageNew,dwSysCode=%08X,strErrMsg=%s",dwUserCode, strErrMsg.c_str());
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SYNC_TIME,
|
|
|
+ LogWarn(Severity_Middle, Error_Unexpect, rc,
|
|
|
GetOutPutStr("%s%08X%s%s", "GetErrMsg", rc, "strErrMsg", strErrMsg.c_str()).c_str());
|
|
|
}
|
|
|
else
|
|
|
@@ -995,10 +1104,9 @@ ErrorCodeEnum CAccessAuthConn::SendSyncTimePackageNew()
|
|
|
Dbg("sync time with server succeed, server time: [%s]", (const char*)dtServerTime.ToTimeString());
|
|
|
else
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, 0, CSimpleStringA::Format("SetLocalTime(%s),sync time with server fail: %d", dtServerTime.ToTimeString(), GetLastError()));
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SET_LOCALE_TIME,
|
|
|
GetOutPutStr("%s%s", "stServerTime", dtServerTime.ToTimeString()).c_str());
|
|
|
- rc = Error_Unexpect;
|
|
|
+ rc = ERR_ACCESSAUTH_SET_LOCALE_TIME;
|
|
|
}
|
|
|
}
|
|
|
else
|
|
|
@@ -1008,29 +1116,29 @@ ErrorCodeEnum CAccessAuthConn::SendSyncTimePackageNew()
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, 0, "GetStructLen [SYNC_A1] fail!");
|
|
|
+
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SYNC_TIME,
|
|
|
GetOutPutStr("%s%d", "GetStructLen", nRetLen).c_str());
|
|
|
- rc = Error_Bug;
|
|
|
+ rc = ERR_ACCESSAUTH_SYNC_TIME;
|
|
|
}
|
|
|
}
|
|
|
|
|
|
return rc;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::HandleSyncTimeRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
+DWORD CAccessAuthConn::HandleSyncTimeRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
+ LOG_FUNCTION();
|
|
|
DWORD dwSysCode, dwUserCode;
|
|
|
string strErrMsg;
|
|
|
- ErrorCodeEnum rc = Error_Succeed;
|
|
|
+ DWORD rc = Error_Succeed;
|
|
|
int nAuthVersion = 1; // 默认使用KMC准入
|
|
|
BYTE *pSessionKey = NULL;
|
|
|
|
|
|
if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
{
|
|
|
- rc = (ErrorCodeEnum)dwSysCode;
|
|
|
- //LogError(Severity_Middle, (ErrorCodeEnum)dwSysCode, dwUserCode, strErrMsg.c_str());
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SYNC_TIME,
|
|
|
+ rc = dwUserCode;
|
|
|
+ LogWarn(Severity_Middle, Error_Unexpect, rc,
|
|
|
GetOutPutStr("%s%08X%s%s", "GetErrMsg", rc,"strErrMsg", strErrMsg.c_str()).c_str());
|
|
|
}
|
|
|
else
|
|
|
@@ -1059,9 +1167,9 @@ ErrorCodeEnum CAccessAuthConn::HandleSyncTimeRet(const CSmartPointer<IPackage> &
|
|
|
Dbg("sync time with server succeed, server time: [%s]", (const char*)dtServerTime.ToTimeString());
|
|
|
else
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_SYNCTIME, CSimpleStringA::Format("SetLocalTime(%s),sync time with server fail: %d", dtServerTime.ToTimeString(), GetLastError()));
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SET_LOCALE_TIME,
|
|
|
GetOutPutStr("%s%s", "stServerTime", dtServerTime.ToTimeString()).c_str());
|
|
|
+ rc = ERR_ACCESSAUTH_SET_LOCALE_TIME;
|
|
|
}
|
|
|
}
|
|
|
else
|
|
|
@@ -1070,24 +1178,30 @@ ErrorCodeEnum CAccessAuthConn::HandleSyncTimeRet(const CSmartPointer<IPackage> &
|
|
|
}
|
|
|
|
|
|
// 检查准入请求版本 //会话密钥缓存
|
|
|
- Dbg("auth version: %d", ret.nAuthVersion);
|
|
|
- ((CAccessAuthEntity*)m_pEntity)->SaveAuthVerAndKey(ret.nAuthVersion, ret.SessionKey);
|
|
|
+ Dbg("auth version: %d", ret.nAuthVersion);
|
|
|
+ if (ret.nAuthVersion == 1) {
|
|
|
+ rc = ERR_ACCESSAUTH_AUTH_VERSION;
|
|
|
+ auto pEntity = (CAccessAuthEntity*)m_pEntity;
|
|
|
+ pEntity->GetFunction()->ShowFatalError("时间同步时,获取准入加密版本错误,请先进行密钥初始化");
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ ((CAccessAuthEntity*)m_pEntity)->SaveAuthVerAndKey(ret.nAuthVersion, ret.SessionKey);
|
|
|
+ }
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSTRUCTLEN, "GetStructLen [SYNC_A1] fail!");
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_SYNC_TIME,
|
|
|
GetOutPutStr("%s%d", "GetStructLen", nRetLen).c_str());
|
|
|
- rc = Error_Bug;
|
|
|
+ rc = ERR_ACCESSAUTH_SYNC_TIME;
|
|
|
}
|
|
|
}
|
|
|
-
|
|
|
- auto pEvent = new FSMEvent(CAccessAuthFSM::Event_EndSyncTime);
|
|
|
+
|
|
|
+ auto pEvent = new FSMEvent(rc == Error_Succeed?CAccessAuthFSM::Event_EndSyncTime: CAccessAuthFSM::Event_SyncTimeFailed);
|
|
|
m_pFSM->PostEventFIFO(pEvent);
|
|
|
return rc;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::SendInitDevicePackage(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx)
|
|
|
+DWORD CAccessAuthConn::SendInitDevicePackage(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx)
|
|
|
{
|
|
|
assert(IsConnectionOK());
|
|
|
|
|
|
@@ -1104,22 +1218,20 @@ ErrorCodeEnum CAccessAuthConn::SendInitDevicePackage(SpReqAnsContext<AccessAuthS
|
|
|
package->AddStruct("InitDevR", false, false, (BYTE*)&req, sizeof(req));
|
|
|
if (SendPackage(package) == "")
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_SENDPACK, "SendPackage failed, send init device req fail");
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_INIT_DEV,
|
|
|
+ LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_INIT_DEV_SEND_PKG,
|
|
|
GetOutPutStr("%s%s", "SendInitDevicePackage", "").c_str());
|
|
|
- return Error_Unexpect;
|
|
|
+ return ERR_ACCESSAUTH_INIT_DEV_SEND_PKG;
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
//Dbg("send init device req succ, CR1:%s, R2:%s, CR3:%s, CDevPubKey:%s", (const char*)ctx->Req.EncR1,
|
|
|
// (const char*)ctx->Req.R2, (const char*)ctx->Req.EncR3, (const char*)ctx->Req.EncDevPubKey);
|
|
|
-
|
|
|
m_ctxInitDev = ctx;
|
|
|
return Error_Succeed;
|
|
|
}
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::HandleInitDeviceRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
+DWORD CAccessAuthConn::HandleInitDeviceRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
DWORD dwSysCode, dwUserCode;
|
|
|
string strErrMsg;
|
|
|
@@ -1128,7 +1240,7 @@ ErrorCodeEnum CAccessAuthConn::HandleInitDeviceRet(const CSmartPointer<IPackage>
|
|
|
if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
{
|
|
|
rc = (ErrorCodeEnum)dwSysCode;
|
|
|
- //LogError(Severity_Middle, (ErrorCodeEnum)dwSysCode, dwUserCode, strErrMsg.c_str());
|
|
|
+
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_INIT_DEV,
|
|
|
GetOutPutStr("%s%08X%s%s", "GetErrMsg", rc,"strErrMsg", strErrMsg.c_str()).c_str());
|
|
|
}
|
|
|
@@ -1175,7 +1287,8 @@ ErrorCodeEnum CAccessAuthConn::HandleInitDeviceRet(const CSmartPointer<IPackage>
|
|
|
return rc;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::SendReportStatePackage(const char*pszEventType, DWORD dwErrCode, const char *pszErrMsg)
|
|
|
+//上报状态
|
|
|
+DWORD CAccessAuthConn::SendReportStatePackage(const char*pszEventType, DWORD dwErrCode, const char *pszErrMsg)
|
|
|
{
|
|
|
auto pFunc = m_pEntity->GetFunction();
|
|
|
|
|
|
@@ -1195,36 +1308,35 @@ ErrorCodeEnum CAccessAuthConn::SendReportStatePackage(const char*pszEventType, D
|
|
|
return SendPackage(package) != "" ? Error_Succeed : Error_Unexpect;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::HandleReportStateRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
+DWORD CAccessAuthConn::HandleReportStateRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
- ErrorCodeEnum rc = Error_Succeed;
|
|
|
+ DWORD rc = Error_Succeed;
|
|
|
DWORD dwSysCode, dwUserCode;
|
|
|
string strErrMsg;
|
|
|
|
|
|
if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
{
|
|
|
- rc = (ErrorCodeEnum)dwSysCode;
|
|
|
- //LogError(Severity_Middle, rc, ERROR_ACCESSAUTH_SERVERRETURN, CSimpleStringA::Format("HandleReportStateRet,report state fail, %s", strErrMsg.c_str()));
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_REPORT_STATE,
|
|
|
+ rc = dwUserCode;
|
|
|
+ LogWarn(Severity_Middle, Error_Unexpect, rc,
|
|
|
GetOutPutStr("%s%08X%s%s", "GetErrMsg", dwSysCode,"strErrMsg", strErrMsg.c_str()).c_str());
|
|
|
}
|
|
|
|
|
|
return rc;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::SendLockStatePackage()
|
|
|
+//同步锁定状态
|
|
|
+DWORD CAccessAuthConn::SendLockStatePackage()
|
|
|
{
|
|
|
LockStateReq req = {0};
|
|
|
|
|
|
auto pFunc = m_pEntity->GetFunction();
|
|
|
CSystemStaticInfo info;
|
|
|
- auto rc = pFunc->GetSystemStaticInfo(info);
|
|
|
+ DWORD rc = pFunc->GetSystemStaticInfo(info);
|
|
|
if (rc != Error_Succeed)
|
|
|
{
|
|
|
- //LogError(Severity_Middle, rc, ERROR_ACCESSAUTH_GETSTATICINFO, "SendLockStatePackage()=>GetSystemStaticInfo() fail");
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_SYSTEM_STATIC_INFO,
|
|
|
GetOutPutStr("%s%08X", "GetSystemStaticInfo", rc).c_str());
|
|
|
- return rc;
|
|
|
+ return ERR_ACCESSAUTH_GET_SYSTEM_STATIC_INFO;
|
|
|
}
|
|
|
strncpy(req.TerminalNo, (const char*)info.strTerminalID, sizeof(req.TerminalNo)-1);
|
|
|
|
|
|
@@ -1232,10 +1344,9 @@ ErrorCodeEnum CAccessAuthConn::SendLockStatePackage()
|
|
|
pkt->AddStruct("LockStateReq", false, false, (LPBYTE)&req, sizeof(LockStateReq));
|
|
|
if (SendPackage(pkt) == "")
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_SENDPACK, "SendPackage failed, send Lock State req fail");
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_LOCK_STATE,
|
|
|
+ LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_LOCK_SEND_PKG,
|
|
|
GetOutPutStr("%s%08X", "SendLockStatePackage", Error_Unexpect).c_str());
|
|
|
- return Error_Unexpect;
|
|
|
+ return ERR_ACCESSAUTH_LOCK_SEND_PKG;
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
@@ -1245,22 +1356,21 @@ ErrorCodeEnum CAccessAuthConn::SendLockStatePackage()
|
|
|
return Error_Succeed;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::HandleLockStateRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
+DWORD CAccessAuthConn::HandleLockStateRet(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
- ErrorCodeEnum rc = Error_Succeed;
|
|
|
+ DWORD rc = Error_Succeed;
|
|
|
DWORD dwSysCode, dwUserCode;
|
|
|
string strErrMsg;
|
|
|
|
|
|
if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
|
|
|
{
|
|
|
- rc = (ErrorCodeEnum)dwSysCode;
|
|
|
- //LogError(Severity_Middle, (ErrorCodeEnum)dwSysCode, dwUserCode, strErrMsg.c_str());
|
|
|
+ rc = dwUserCode;
|
|
|
((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg(strErrMsg.c_str());
|
|
|
CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
|
|
|
spFunction->SetSysVar("AuthErrMsg", strErrMsg.c_str(), true);
|
|
|
|
|
|
- LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_LOCK_STATE,
|
|
|
- GetOutPutStr("%s%08X%s%s", "GetErrMsg", dwSysCode,"AuthErrMsg", strErrMsg.c_str()).c_str());
|
|
|
+ LogWarn(Severity_Middle, Error_Unexpect, rc,
|
|
|
+ GetOutPutStr("%s%08X%s%s", "GetErrMsg", rc,"AuthErrMsg", strErrMsg.c_str()).c_str());
|
|
|
|
|
|
return rc;
|
|
|
}
|
|
|
@@ -1293,25 +1403,23 @@ ErrorCodeEnum CAccessAuthConn::HandleLockStateRet(const CSmartPointer<IPackage>
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSTRUCTDATA, "GetStructData LockStateAns fail!");
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_LOCK_STATE,
|
|
|
GetOutPutStr("%s%s", "GetStructLen", "False").c_str());
|
|
|
- return Error_Param;
|
|
|
+ return ERR_ACCESSAUTH_LOCK_STATE;
|
|
|
}
|
|
|
delete pBuf;
|
|
|
}
|
|
|
else
|
|
|
{
|
|
|
- //LogError(Severity_Middle, Error_Unexpect, ERROR_ACCESSAUTH_GETSTRUCTLEN, "GetStructLen LockStateAns fail!");
|
|
|
LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_LOCK_STATE,
|
|
|
GetOutPutStr("%s%s%s%d", "GetStructData", "False","nLen", nLen).c_str());
|
|
|
- return Error_Param;
|
|
|
+ return ERR_ACCESSAUTH_LOCK_STATE;
|
|
|
}
|
|
|
|
|
|
return rc;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::SendCheckMD5Package(const char* pMD5Value)
|
|
|
+DWORD CAccessAuthConn::SendCheckMD5Package(const char* pMD5Value)
|
|
|
{
|
|
|
assert(IsConnectionOK());
|
|
|
CheckMD5Req req;
|
|
|
@@ -1333,7 +1441,7 @@ ErrorCodeEnum CAccessAuthConn::SendCheckMD5Package(const char* pMD5Value)
|
|
|
return SendPackage(pkt) != "" ? Error_Succeed : Error_Unexpect;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::SendUpdateMD5Package(const char* pMD5Value)
|
|
|
+DWORD CAccessAuthConn::SendUpdateMD5Package(const char* pMD5Value)
|
|
|
{
|
|
|
assert(IsConnectionOK());
|
|
|
CheckMD5Req req;
|
|
|
@@ -1355,7 +1463,7 @@ ErrorCodeEnum CAccessAuthConn::SendUpdateMD5Package(const char* pMD5Value)
|
|
|
return SendPackage(pkt) != "" ? Error_Succeed : Error_Unexpect;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::HandleCheckMD5Ret(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
+DWORD CAccessAuthConn::HandleCheckMD5Ret(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
ErrorCodeEnum rc = Error_Succeed;
|
|
|
DWORD dwSysCode, dwUserCode;
|
|
|
@@ -1375,7 +1483,7 @@ ErrorCodeEnum CAccessAuthConn::HandleCheckMD5Ret(const CSmartPointer<IPackage> &
|
|
|
return rc;
|
|
|
}
|
|
|
|
|
|
-ErrorCodeEnum CAccessAuthConn::HandleUpdateMD5Ret(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
+DWORD CAccessAuthConn::HandleUpdateMD5Ret(const CSmartPointer<IPackage> &pRecvPkg)
|
|
|
{
|
|
|
ErrorCodeEnum rc = Error_Succeed;
|
|
|
DWORD dwSysCode, dwUserCode;
|
雷志明80280620