#pragma once #include "SpBase.h" #include "RVCCrypt.h" #include "AccessAuthorization_server_g.h" using namespace AccessAuthorization; #include "..\EventCode.h" #include "AccessAuthFSM.h" // //#include //using namespace std; // 准入服务 0x502 class CAccessAuthEntity; class CAccessAuthSession : public AccessAuthService_ServerSessionBase { public: CAccessAuthSession(CAccessAuthEntity *pEntity) : m_pEntity(pEntity) {} virtual ~CAccessAuthSession() {} virtual void Handle_Regist(SpOnewayCallContext::Pointer ctx); virtual void Handle_Unregist(SpOnewayCallContext::Pointer ctx); virtual void Handle_Reregist(SpOnewayCallContext::Pointer ctx); virtual void Handle_PushTerminalStage(SpOnewayCallContext::Pointer ctx); virtual void Handle_InitDev(SpReqAnsContext::Pointer ctx); virtual void Handle_SyncTime(SpOnewayCallContext::Pointer ctx); private: CAccessAuthEntity *m_pEntity; }; //class PinPadClass; class CAccessAuthEntity : public CEntityBase, public ISysVarListener { public: CAccessAuthEntity() :m_nAuthVersion(1) {} virtual ~CAccessAuthEntity() { /*if (NULL != m_pkeys) { delete m_pkeys; m_pkeys = NULL; }*/ } virtual const char *GetEntityName() const { return "AccessAuthorization"; } virtual bool IsService()const{return true;} virtual void OnStarted(); virtual void OnPreStart(CAutoArray strArgs,CSmartPointer pTransactionContext); virtual void OnPreClose(EntityCloseCauseEnum eCloseCause,CSmartPointer pTransactionContext); virtual void OnSysVarEvent(const char *pszKey, const char *pszValue,const char *pszOldValue,const char *pszEntityName); virtual CServerSessionBase *OnNewSession(const char* /*pszRemoteEntityName*/, const char * /*pszClass*/) { //LOG_FUNCTION(); return new CAccessAuthSession(this); } // 开始准入 ErrorCodeEnum Regist(); // 重新准入 ErrorCodeEnum Reregist(); // 准入退出 ErrorCodeEnum Unregist(int nReason, int nWay); // 时间同步 ErrorCodeEnum SyncTime(); // 状态上报 ErrorCodeEnum PushTerminalStage(char cNewStage, DWORD dwNewStageTime, char cOldStage, DWORD dwOldStageTime); // KMC初始化 ErrorCodeEnum InitKMC(); // 获取WK更新请求包 // @nAlgFlag: 1:3des only; 2: sm4 only; 3: both 3des and sm4 ErrorCodeEnum GetKmcWKUpdateData(char *pBuf, int &nLen, int nAlgFlag); // 解析WK // @nAlgFlag: 1:3des only; 2: sm4 only; 3: both 3des and sm4 ErrorCodeEnum ParseWKUpdateResult(char *pBuf, int nLen, int nAlgFlag); // 获取KMC错误 CSimpleStringA GetKMCLastErrMsg(); // 释放KMC ErrorCodeEnum ReleaseKMC(); //ErrorCodeEnum PrintAllKeys(bool bSM); // 加载新WK ErrorCodeEnum LoadPinPadWK(bool bSM); bool HexStrToByteArray(const char* pHex, BYTE *pBuf, int *pBufLen); string ByteArrayToHexStr(BYTE *pBuf, int nBufLen); // 调用PinPad加密(只支持DES加密,不支持SM) ErrorCodeEnum EncryptDataWithPinPad(const CBlob &raw, CBlob &enc); // 生成RSA密钥对 ErrorCodeEnum CreateRsaKeyPair(CBlob &pubKey, CBlob &priKey); // 保存密钥对到令牌实体 ErrorCodeEnum SaveRsaKeyPair(const CBlob &pubKey, const CBlob &priKey); // 保存Token和共享会话密钥到令牌实体 ErrorCodeEnum SaveTokenAndSharedSK(const CBlob &token, const CBlob &sharedSK); // 是否使用PinPad bool HasPinPad(); int GetPinPadCapability(); // 保存准入版本及会话密钥 bool SaveAuthVerAndKey(int nAuthVer, BYTE *pKey); inline int GetAuthVersion(){ return m_nAuthVersion; } // 调用准入会话密钥加密 ErrorCodeEnum EncryptDataWithSessionKey(const CBlob &raw, CBlob &enc); bool GetTerminalFingerPrint(BYTE *pBuf, int &nBufLen); bool GetTerminalPublicKey(BYTE *pBuf, int &nBufLen); bool GetMD5Hash(const char *pStr, BYTE md5[16]); ErrorCodeEnum InitDevice(SpReqAnsContext::Pointer &ctx); void SetAuthErrMsg(const char *pszErrMsg) { m_strAuthErrMsg = pszErrMsg; } const char *GetAuthErrMsg() { return m_strAuthErrMsg; } // 获取密码键盘ID和外设ID // 返回1:只有PinPadID;2:只有DeviceID;3:两者都有;0:失败 int GetPinPadIDAndDeviceID(CSimpleStringA &strPinPadID, CSimpleStringA &strDeviceID); // 密码键盘是否支持校验码 bool HasCkCodeFlg(); // 设置时区 wstring ANSIToUnicode(const string& str); BOOL SetLocalTimeZoneByKeyName(const TCHAR* szTimeZoneKeyName, BOOL isDaylightSavingTime); protected: CAccessAuthFSM m_FSM; int m_nAuthVersion; // 准入请求版本: 1 借助KMC密钥验证;2 借助终端密钥动态生成会话密钥验证 BYTE m_AuthSessionKey[140]; CSimpleStringA m_strAuthErrMsg; EncKeys* m_pkeys; };