#pragma once #include "SpBase.h" #ifdef RVC_OS_WIN //#include "RVCCrypt.h" #endif // RVC_OS_WIN #include "AccessAuthorization_server_g.h" using namespace AccessAuthorization; #include "AccessAuthFSM.h" int HexBuf2StrBuf(PBYTE hexBuf, char** strBuf, DWORD len); int StrBuf2HexBuf(LPCTSTR strBuf, PBYTE* hexBuf); class CAccessAuthEntity; class CAccessAuthSession : public AccessAuthService_ServerSessionBase { public: CAccessAuthSession(CAccessAuthEntity* pEntity) : m_pEntity(pEntity) {} virtual ~CAccessAuthSession() {} virtual void Handle_Regist(SpOnewayCallContext::Pointer ctx); virtual void Handle_UpdateWK(SpOnewayCallContext::Pointer ctx); virtual void Handle_InitializeNew(SpReqAnsContext::Pointer ctx); virtual void Handle_InitDev(SpReqAnsContext::Pointer ctx); virtual void Handle_GetNetMsg(SpReqAnsContext::Pointer ctx); private: CAccessAuthEntity* m_pEntity; }; class CAccessAuthEntity : public CEntityBase, public ISysVarListener { public: CAccessAuthEntity() { m_eErrNum = Error_Succeed; m_iGetTermSysInfo = 0; } virtual ~CAccessAuthEntity() { } virtual const char* GetEntityName() const { return "AccessAuthorization"; } virtual bool IsService()const { return true; } virtual void OnStarted(); virtual void OnPreStart(CAutoArray strArgs, CSmartPointer pTransactionContext); virtual void OnPreClose(EntityCloseCauseEnum eCloseCause, CSmartPointer pTransactionContext); virtual void OnSysVarEvent(const char* pszKey, const char* pszValue, const char* pszOldValue, const char* pszEntityName); virtual CServerSessionBase* OnNewSession(const char* /*pszRemoteEntityName*/, const char* /*pszClass*/) { return new CAccessAuthSession(this); } virtual void OnPrePause(CSmartPointer pTransactionContext) { LOG_FUNCTION(); ErrorCodeEnum result(Error_DataCheck); do { if (m_FSM.RtsMapToUserCode("RTS1705", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1705", 0)) { DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__); break; } if (m_FSM.RtsMapToUserCode("RTS1707", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1707", 0)) { DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__); break; } if (m_FSM.RtsMapToUserCode("RTS1711", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1711", 0)) { DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__); break; } if (m_FSM.RtsMapToUserCode("RTS1712", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1712", 0)) { DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__); break; } if (m_FSM.RtsMapToUserCode("RTS1713", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1713", 0)) { DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__); break; } if (m_FSM.RtsMapToUserCode("RTS1714", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1714", 0)) { DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__); break; } if (m_FSM.RtsMapToUserCode("RTS1715", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1715", 0)) { DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__); break; } if (m_FSM.RtsMapToUserCode("RTS1716", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1716", 0)) { DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__); break; } if (m_FSM.RtsMapToUserCode("RTS1717", 1) == m_FSM.RtsMapToUserCodeBakup("RTS1717", 0)) { DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__); break; } if (m_FSM.RtsMapToUserCode("RTS1715", 0) == m_FSM.RtsMapToUserCodeBakup("RTS1707", 0)) { DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__); break; } result = Error_Succeed; } while (false); pTransactionContext->SendAnswer(result); } virtual void OnPreContinue(CSmartPointer pTransactionContext) { pTransactionContext->SendAnswer(Error_Succeed); } // 开始准入 ErrorCodeEnum Regist(); void UpdateWK(); string ByteArrayToHexStr(BYTE* pBuf, int nBufLen); // 生成SM2密钥对 DWORD CreateSM2KeyPair(CBlob& pubKey, CBlob& priKey); // 保存密钥对到令牌实体 DWORD SaveSM2KeyPair(const CBlob& pubKey, const CBlob& priKey); // 保存Token和共享会话密钥到令牌实体 ErrorCodeEnum SaveTokenAndSharedSK(const CBlob& token, const CBlob& sharedSK); // 是否使用PinPad bool HasPinPad(); // 机型是否配置密码键盘 bool IsMachineTypeConfigurePinPad(CSimpleStringA strMachineType); int GetPinPadCapability(); // 保存会话密钥 bool SaveAuthKey(BYTE* pKey); // 调用准入会话密钥加密 ErrorCodeEnum EncryptDataWithSessionKey(const CBlob& raw, CBlob& enc); bool GetTerminalFingerPrint(BYTE* pBuf, int& nBufLen); bool GetTerminalPublicKey(BYTE* pBuf, int& nBufLen, string& pubkey); void SetAuthErrMsg(const char* pszErrMsg) { m_strAuthErrMsg = pszErrMsg; } const char* GetAuthErrMsg() { return m_strAuthErrMsg; } // 获取密码键盘ID和外设ID //oilyang@20210510 add:in order to avoid getting info out of async, check if has pinpad while getting info // 返回1:只有PinPadID;2:只有DeviceID;3:两者都有;0:失败 int GetPinPadIDAndDeviceID(CSimpleStringA& strPinPadID, CSimpleStringA& strDeviceID, bool& isPinPadMac, bool& bPinPadOnline); // 设置时区 wstring ANSIToUnicode(const string& str); BOOL SetLocalTimeZoneByKeyName(const TCHAR* szTimeZoneKeyName, BOOL isDaylightSavingTime); void printPasswdError(const string& strErrMsg); BYTE m_AuthSessionKey[140]; virtual void OnSelfTest(EntityTestEnum eTestType, CSmartPointer pTransactionContext) { pTransactionContext->SendAnswer(Error_Succeed); } void BeginInitMKACS(); bool SendInitMKReqACS(CInitlizerMKReq& initMKReq); CSimpleStringA GetInitUrl() { return m_strInitUrl; } void EndInitMK(DWORD rc, const char* pszErrMsg); ErrorCodeEnum LoadKeysToPinPadACS(string TMK, string TPK, string EDK, string index, string tpkCheck, string edkCheck); DWORD InitDevice(SpReqAnsContext::Pointer& ctx); void GetNetMsg(SpReqAnsContext::Pointer& ctx); DWORD m_eErrNum; CSimpleStringA m_strLastErrMsg; CSimpleStringA m_strUserID, m_strPassword, m_strInitUrl; SpReqAnsContext::Pointer m_ctx; pair GenerateTmkToKMC(); pair GenerateTmkToDevice(); pair EncryptedByPubKey(CSimpleStringA pubKey, bool bNeed04Head = false); void GetTermSysInfo(); CSimpleStringA m_publicKey; CSimpleStringA m_privateKey; protected: CAccessAuthFSM m_FSM; CSystemStaticInfo m_info; CSimpleStringA m_strAuthErrMsg; private: bool GenerateRandomNum(); BYTE m_btRam[16], m_btTermSysInfoSM3[32]; int m_iGetTermSysInfo;//0:初始值,尚未完成获取过程 1:成功 -1:失败 };