myvtm/Module/mod_accessauth/AccessAuthFSM.cpp

#include "stdafx.h"
#include "AccessAuthFSM.h"
#include "mod_AccessAuth.h"
#include "Event.h"
#include "access_basefun.h"
#include "SpUtility.h"
#ifdef RVC_OS_WIN
#include  <io.h>
#endif
#include  <stdio.h>
#include  <stdlib.h>

#include "comm.h"

#define SAFE_DELETE_HTTPCLIENT(obj)	\
	do{if(obj != NULL) { obj->Destory(); obj = NULL; }}while(false)

CAccessAuthFSM::CAccessAuthFSM()
	:m_pConnection(NULL),m_bAccessACS(false)
{
	m_nAccessFailedCount = 0;
}

CAccessAuthFSM::~CAccessAuthFSM()
{
	m_iState = FSM_STATE_EXIT;		// 屏蔽退出ASSERT错误
}

void CAccessAuthFSM::OnStateTrans(int iSrcState, int iDstState)
{
	Dbg("trans from %s to %s", GetStateName(iSrcState), GetStateName(iDstState));
}

// 初始化PinPad及KMC
ErrorCodeEnum CAccessAuthFSM::OnInit()
{
	LOG_FUNCTION();
	AddStateHooker(this);
	m_finishAccess = 0;
	//设置初始锁定状态，0
	CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
	spFunction->SetSysVar("LockState", "0", true);
	
	ErrorCodeEnum Error = LoadCenterConfig();
	if (Error != Error_Succeed) 
	{
		LOG_TRACE("load CenterSetting.ini failed!");
	}	
	m_pConnection = new CAccessAuthConn(m_pEntity, this);
	return Error_Succeed;
}

ErrorCodeEnum CAccessAuthFSM::OnExit()
{
	RemoveStateHooker(this);
	return Error_Succeed;
}


ErrorCodeEnum CAccessAuthFSM::SecureClientConnect()
{
	if (m_pConnection != NULL && m_pConnection->IsConnectionOK())
		return Error_Succeed;

	SecureClientRelease();

	m_pConnection = new CAccessAuthConn(m_pEntity, this);
	if (m_pConnection->ConnectFromCentralSetting() && m_pConnection->IsConnectionOK())
		return Error_Succeed;

	SecureClientRelease();
	return Error_PeerReject;
}

ErrorCodeEnum CAccessAuthFSM::SecureClientRelease()
{
	if (m_pConnection != NULL)
	{
		m_pConnection->Close();
		m_pConnection->DecRefCount();
		m_pConnection = NULL;
	}

	return Error_Succeed;
}
std::mutex mut;
struct TimeOutTask : public ITaskSp {
	CAccessAuthFSM* m_fsm;
	long m_timeOut;//毫秒级
	TimeOutTask(CAccessAuthFSM* fsm,long timeOut) :m_fsm(fsm),m_timeOut(timeOut) {}

	void Process()
	{
		Sleep(m_timeOut);
		MyMutex myMut(&mut);
		if (!m_fsm->m_finishAccess) {
			Dbg("准入超时[%d]",m_fsm->m_finishAccess);
			m_fsm->PostEventFIFO(new FSMEvent(m_fsm->Event_ReqTokenCancel));
			m_fsm->m_finishAccess = 1;
		}
	}
};
void CAccessAuthFSM::HttpsLogCallBack(const char* logtxt) {
	Dbg("%s",logtxt);
}
vector<string> CAccessAuthFSM::GetSplitByChar(const char* content, int len, char spl) {
	vector<string> vec;
	vec.clear();
	char* tmp = new char[len + 1];
	memset(tmp, 0, len + 1);
	memcpy(tmp, content, len);
	char *pos = strtok(tmp, &spl);
	while (pos) {
		vec.push_back(pos);
		pos = strtok(NULL, &spl);
	}
	delete[] tmp;
	return vec;
}
bool CAccessAuthFSM::ACSAccessControl() {
	if (m_gateHost.IsNullOrEmpty())
	{
		LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_GateUrl_NULL, "灰度Url为空");
		return false;
	}
	bool bACS = false;
	CSystemStaticInfo si;
	GetEntityBase()->GetFunction()->GetSystemStaticInfo(si);
	//if (!m_terminalList.IsNullOrEmpty()) {
	//	/*int pos = m_terminalList.IndexOf(si.strTerminalID.GetData());
	//	if (pos == -1) {
	//		bACS = false;
	//	}*/
	//	auto vec = std::move(GetSplitByChar(m_terminalList.GetData(),m_terminalList.GetLength(),';'));
	//	int i;
	//	for (i= 0; i < vec.size(); i++) {
	//		if (vec[i].compare(si.strTerminalID.GetData()) == 0) {
	//			bACS = true;
	//			break;
	//		}
	//	}
	//	if(i==vec.size()) bACS = false;
	//}
	//else {
	//	bACS = true;
	//}
	//Dbg("m_bACS=%d", bACS);
	//if (bACS) {
	IHttpFunc* client;
	client = create_http(HttpsLogCallBack);

	CSimpleStringA branchNo = "";
	if (GetStrFromCS("Initializer", "SubBankNo", branchNo) != 0) {
		Dbg("get SubBankNO from CS error.");
		branchNo = 0755;
	}
	CAccessAuthHttpsGateReq gateReq(si.strTerminalID.GetData(), branchNo.GetData(), "AccessAuthorization2");
	CAccessAuthHttpsGateRet gateRet;
	gateReq.m_url = m_gateHost;
	//oiltest
	gateReq.m_printDbg = true;

	bool ret = client->Post(gateReq, gateRet);
	if (!ret)
	{
		doWarnMsg(ERROR_ACCESSAUTH_CONNECT_ACS, GetOutPutStr("%s%d%s", "访问灰度控制失败"
			,gateRet.m_sysCode, gateRet.m_userCode.c_str()));
		gateRet.m_bACS = false;
	}

	SAFE_DELETE_HTTPCLIENT(client);

	Dbg("m_bACS=%d", gateRet.m_bACS);
	bACS = gateRet.m_bACS;
	if (bACS)
		LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_ACS_TURE, "Gray say:come,come,come to ACS.");
	else
		LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_ACS_FALSE, "Gray access failed or Gray say don't call for ACS.");
	//
	CSmartPointer<IConfigInfo> pConfigRun;
	m_pEntity->GetFunction()->OpenConfig(Config_Run, pConfigRun);
	int lastAuthPath;
	pConfigRun->ReadConfigValueInt("Main", "LastAuthPath", lastAuthPath);
	if ((bACS && lastAuthPath == 0) || (!bACS && lastAuthPath == 1))
		LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_AuthPath_Change, "Auth path change.");
	int authPath = bACS ? 1 : 0;
	pConfigRun->WriteConfigValueInt("Main", "LastAuthPath", authPath);
	return bACS;
}

struct GateReqTask :public ITaskSp {
	CAccessAuthFSM* m_fsm;
	//string m_path;
	GateReqTask(CAccessAuthFSM* fsm) :m_fsm(fsm) {}

	void Process(){
		m_fsm->m_bAccessACS = m_fsm->ACSAccessControl();
	}
};

struct StageReportTask :public ITaskSp {
	CAccessAuthFSM* m_fsm;
	//string m_path;
	StageReportTask(CAccessAuthFSM* fsm) :m_fsm(fsm) {}

	void Process()
	{
		if (m_fsm->GetmAccessAuthHost().IsNullOrEmpty())
		{
			LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_AccessAuth_NULL, "准入Url为空");
			return;
		}
		IHttpFunc* client;
		client = create_http(m_fsm->HttpsLogCallBack);
		CAccessAuthStageReportReq stageReportReq;
		CAccessAuthStageReportRet stageReportRet;
		stageReportReq.m_url = m_fsm->GetmAccessAuthHost();
		stageReportReq.m_url += "/api/terminal/stagereport";
		bool ret = client->Post(stageReportReq, stageReportRet);
		
		Dbg("code=%d", stageReportRet.m_sysCode);
		if (ret)
		{
			Dbg("StageReport Connect Success.");
			if (stageReportRet.m_userCode.compare(ACS_SUCCESS)) {
				std::string errStr = SP::Utility::GBK2UTF8(stageReportRet.m_errMsg);
				m_fsm->doWarnMsg(ERR_ACCESSAUTH_REPORT_STATE,
					GetOutPutStr("%s%s%s%s", "StageReportTask", stageReportRet.m_userCode.c_str(), "message", errStr.c_str()).c_str());
				SAFE_DELETE_HTTPCLIENT(client);
				return;
			}
		}
		else {
			Dbg("StageReport Connect Failed(%d).",stageReportRet.m_sysCode);
			m_fsm->doWarnMsg(ERROR_ACCESSAUTH_CONNECT_ACS, GetOutPutStr("%s%d","连接总行ACS准入服务失败（StageReport）.", stageReportRet.m_sysCode).c_str());
			//m_fsm->doWarnMsg(stageReportRet.m_sysCode, "连接总行ACS准入服务失败（StageReport）.");
		}
		SAFE_DELETE_HTTPCLIENT(client);
	}
};

struct TimeSynTask : ITaskSp {
	CAccessAuthFSM* m_fsm;
	TimeSynTask(CAccessAuthFSM* fsm) :m_fsm(fsm) {}

	void Process()
	{
		if (m_fsm->GetmAccessAuthHost().IsNullOrEmpty())
		{
			LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_AccessAuth_NULL, "准入Url为空");
			return;
		}
		CSystemStaticInfo si;
		m_fsm->GetEntityBase()->GetFunction()->GetSystemStaticInfo(si);
		IHttpFunc* client;
		client = create_http(m_fsm->HttpsLogCallBack);
		CAccessAuthTimeSynReq timeSynReq(si.strTerminalID.GetData(), CSmallDateTime::GetNow().GetTime64());
		CAccessAuthTimeSynRet timeSynRet;
		timeSynReq.m_url = m_fsm->GetmAccessAuthHost();
		timeSynReq.m_url +="/api/sessionkey";

		bool ret = client->Post(timeSynReq, timeSynRet);
		
		Dbg("code=%d",timeSynRet.m_sysCode);
		if (ret)
		{
			Dbg("TimeSynTask Connect Success.");
			if (timeSynRet.m_userCode.compare(ACS_SUCCESS)) {
				std::string errStr = SP::Utility::GBK2UTF8(timeSynRet.m_errMsg);
				m_fsm->doWarnMsg(ERR_ACCESSAUTH_SYNC_TIME,
					GetOutPutStr("%s%s%s%s", "TimeSynTask", timeSynRet.m_userCode.c_str(), "message", errStr.c_str()).c_str(),true);
				SAFE_DELETE_HTTPCLIENT(client);
				return;
			}
			Dbg("sessionKey = %s", timeSynRet.data.sessionKey.c_str());
			int decodedSessionKeyLen = 0;
			char* decodedSessionKey = Hex2Str(timeSynRet.data.sessionKey.c_str(),decodedSessionKeyLen);
			Dbg("decodedSessionKey=%s,%d", decodedSessionKey, decodedSessionKeyLen);
			
			DWORD rc= m_fsm->m_pConnection->HandleTimeSyn(timeSynRet.data.timeDiff, timeSynRet.data.authVersion, (BYTE*)decodedSessionKey);
			delete decodedSessionKey;
			if (rc == Error_Succeed) {
				Dbg("TimeSynTask HandleTimeSyn Success");
				auto pEvent = new FSMEvent(CAccessAuthFSM::Event_EndSyncTime);
				m_fsm->PostEventFIFO(pEvent);
			}
			else {
				Dbg("TimeSynTask HandleTimeSyn error = %08X", rc);
			}
		}
		else {
			m_fsm->doWarnMsg(ERROR_ACCESSAUTH_CONNECT_ACS,
				GetOutPutStr("%s%d", "连接总行ACS准入服务失败（TimeSynTask）.", timeSynRet.m_sysCode).c_str(),true);
			Dbg("TimeSynTask Connect Failed.");
		}
		//oiltest@20211117 temp comment the following line
		/** revert it [Gifur@2021128]*/
		SAFE_DELETE_HTTPCLIENT(client);
	}
};

struct LockStateTask : ITaskSp {
	CAccessAuthFSM* m_fsm;
	LockStateTask(CAccessAuthFSM* fsm) :m_fsm(fsm) {}

	void Process()
	{
		if (m_fsm->GetmAccessAuthHost().IsNullOrEmpty())
		{
			LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_AccessAuth_NULL, "准入Url为空");
			return;
		}
		CSystemStaticInfo si;
		m_fsm->GetEntityBase()->GetFunction()->GetSystemStaticInfo(si);
		IHttpFunc* client;
		client = create_http(m_fsm->HttpsLogCallBack);
		CAccessAuthLockStateReq lockStateReq(si.strTerminalID.GetData());
		CAccessAuthLockStateRet lockStateRet;
		lockStateReq.m_url = m_fsm->GetmAccessAuthHost();
		lockStateReq.m_url += "/api/terminal/state";
		bool ret = client->Post(lockStateReq, lockStateRet);
		
		Dbg("code=%d", lockStateRet.m_sysCode);
		Dbg("code=%s", lockStateRet.m_userCode.c_str());
		if (ret)
		{
			Dbg("lockStateTask Connect Success.");
			if (lockStateRet.m_userCode.compare(ACS_SUCCESS)) {
				std::string errStr = SP::Utility::GBK2UTF8(lockStateRet.m_errMsg);
				m_fsm->doWarnMsg(ERR_ACCESSAUTH_SYNC_TIME,
					GetOutPutStr("%s%s%s%s", "LockStateTask", lockStateRet.m_userCode.c_str(), "message", errStr.c_str()).c_str());
				SAFE_DELETE_HTTPCLIENT(client);
				return;
			}
			Dbg("lock stat:%s", lockStateRet.data.lockState.c_str());
			DWORD rc = m_fsm->m_pConnection->HandleLockState(atoi(lockStateRet.data.lockState.c_str()));
			if (rc == Error_Succeed) {
				Dbg("lockStateTask HandleLockState Success");
			}
			else {
				Dbg("lockStateTask HandleLockState error = %08X", rc);
			}
		}
		else {
			m_fsm->doWarnMsg(ERROR_ACCESSAUTH_CONNECT_ACS,
				GetOutPutStr("%s%d", "连接总行ACS准入服务失败（lockStateTask）.", lockStateRet.m_sysCode).c_str(),true);
			Dbg("lockStateTask Connect Failed.");
		}
		SAFE_DELETE_HTTPCLIENT(client);
	}
};

struct UpdateWKTask : ITaskSp {
	CAccessAuthFSM* m_fsm;
	CAccessAuthEntity* m_entity;
	UpdateWKTask(CAccessAuthFSM* fsm,CAccessAuthEntity *entity) :m_fsm(fsm), m_entity(entity) {}

	void Process()
	{
		if (m_fsm->GetmAccessAuthHost().IsNullOrEmpty())
		{
			LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_AccessAuth_NULL, "准入Url为空");
			return;
		}
		CSystemStaticInfo si;
		m_fsm->GetEntityBase()->GetFunction()->GetSystemStaticInfo(si);
		IHttpFunc* client;
		client = create_http(m_fsm->HttpsLogCallBack);
		CAccessAuthUpdateWKReq updateWKReq(si.strTerminalID.GetData());
		CAccessAuthUpdateWKRet updateWKRet;
		updateWKReq.m_url = m_fsm->GetmAccessAuthHost();
		updateWKReq.m_url += "/api/wkupdate";
		bool ret = client->Post(updateWKReq, updateWKRet);
		
		Dbg("code=%d", updateWKRet.m_sysCode);
		if (ret)
		{
			Dbg("UpdateWKTask Connect Success.");
			if (updateWKRet.m_userCode.compare(ACS_SUCCESS)) {
				std::string errStr = SP::Utility::GBK2UTF8(updateWKRet.m_errMsg);
				m_fsm->doWarnMsg(ERR_ACCESSAUTH_UPDATE_WK,
					GetOutPutStr("%s%s%s%s", "UpdateWKTask", updateWKRet.m_userCode.c_str(), "message", errStr.c_str()).c_str());
				SAFE_DELETE_HTTPCLIENT(client);
				return;
			}
			int len = 0;
			char *tmp = Hex2Str(updateWKRet.data.TMK.c_str(),len);
			int textLen = 2 * len;
			BYTE* text = new BYTE[textLen];
			memset(text, 0, textLen);
			if (!m_fsm->DecryptWithSessionKey((BYTE*)tmp, len, text, textLen)) {
				delete[] tmp;
				delete[] text;
				goto UpdateWKRetError;
			}
			updateWKRet.data.TMK.assign((char*)text);
			delete[] text;
			delete tmp;

			Dbg("tmk=%s %d", updateWKRet.data.TMK.c_str(), updateWKRet.data.TMK.size());
			Dbg("tpk=%s %d", updateWKRet.data.TPK.c_str(), updateWKRet.data.TPK.size());
			Dbg("edk=%s %d", updateWKRet.data.EDK.c_str(), updateWKRet.data.EDK.size());
			Dbg("index=%s %d", updateWKRet.data.index.c_str(), updateWKRet.data.index.size());

			DWORD rc = m_entity->LoadKeysToPinPadNew(updateWKRet.data.TMK, updateWKRet.data.TPK,
													 updateWKRet.data.EDK, updateWKRet.data.index);
			if (rc == Error_Succeed) {
				Dbg("UpdateWKTask LoadKeysToPinPadNew Success");
				FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_UpdateWKSucc);
				m_fsm->PostEventFIFO(pEvent);
				SAFE_DELETE_HTTPCLIENT(client);
				return;
			}
			else {
				Dbg("UpdateWKTask LoadKeysToPinPadNew error = %08X", rc);

			}
		}
		else {
			m_fsm->doWarnMsg(ERROR_ACCESSAUTH_CONNECT_ACS,
				GetOutPutStr("%s%d", "连接总行ACS准入服务失败（StageReport）.", updateWKRet.m_sysCode).c_str());
			Dbg("UpdateWKTask Connect Failed.");
		}
UpdateWKRetError:
		FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_UpdateWKFail);
		m_fsm->PostEventFIFO(pEvent);
		SAFE_DELETE_HTTPCLIENT(client);
	}
};

struct GetTokenTask : ITaskSp {
	CAccessAuthFSM* m_fsm;
	CAccessAuthEntity* m_entity;
	GetTokenTask(CAccessAuthFSM* fsm, CAccessAuthEntity* entity) :m_fsm(fsm), m_entity(entity) {}

	void Process()
	{
		if (m_fsm->GetmAccessAuthHost().IsNullOrEmpty())
		{
			LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_AccessAuth_NULL, "准入Url为空");
			return;
		}
		CSystemStaticInfo si;
		m_fsm->GetEntityBase()->GetFunction()->GetSystemStaticInfo(si);
		CAutoArray<CSimpleStringA> devNames;
		DWORD rc = m_fsm->m_pConnection->GetAllDevices(m_entity, devNames);
		IHttpFunc* client;
		client = create_http(m_fsm->HttpsLogCallBack);
		CAccessAuthGetTokenReq getTokenReq(devNames.GetCount());

		if (m_fsm->m_pConnection->GetTokenReq(&getTokenReq) != Error_Succeed)
		{
			FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_ReqTokenFail);
			m_fsm->PostEventFIFO(pEvent);
			SAFE_DELETE_HTTPCLIENT(client);
			return;
		}

		CAccessAuthGetTokenRet getTokenRet;
		getTokenReq.m_url = m_fsm->GetmAccessAuthHost();
		getTokenReq.m_url += "/api/access";
		bool ret = client->Post(getTokenReq, getTokenRet);
		
		Dbg("code=%d", getTokenRet.m_sysCode);
		if (ret)
		{
			Dbg("GetTokenTask userCode:%s,errMsg:%s", getTokenRet.m_userCode.c_str(), getTokenRet.m_errMsg.c_str());
			if (getTokenRet.m_userCode.compare(ACS_SUCCESS)) {
				std::string errStr = SP::Utility::GBK2UTF8(std::string(getTokenRet.m_errMsg));
				m_fsm->doWarnMsg(m_fsm->RtsMapToUserCode(getTokenRet.m_userCode.c_str(), ERR_ACCESSAUTH_TOKEN),
					GetOutPutStr("%s%s%s%s", "GetTokenTask", getTokenRet.m_userCode.c_str(), "message", errStr.c_str()).c_str(),true);
				SAFE_DELETE_HTTPCLIENT(client);
				return;
			}
			DWORD rc = m_fsm->m_pConnection->HandleGetToken((BYTE*)getTokenRet.data.sharedKey.enToken.c_str(), (BYTE*)getTokenRet.data.sharedKey.sharedSK.c_str(),
															(BYTE*)getTokenRet.data.accessToken.enToken.c_str() ,(BYTE*)getTokenRet.data.accessToken.retHash.c_str());
			if (rc == Error_Succeed) {
				Dbg("GetTokenTask HandleGetToken Success");
				FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_ReqTokenSucc);
				m_fsm->PostEventFIFO(pEvent);
				SAFE_DELETE_HTTPCLIENT(client);
				return;
			}
			else {
				Dbg("GetTokenTask HandleGetToken error = %08X", rc);
			}
		}
		else {
			m_fsm->doWarnMsg(ERROR_ACCESSAUTH_CONNECT_ACS, 
				GetOutPutStr("%s%d", "连接总行ACS准入服务失败（GetTokenTask）.", getTokenRet.m_sysCode).c_str());
			Dbg("GetTokenTask Connect Failed.");
		}
		FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_ReqTokenFail);
		m_fsm->PostEventFIFO(pEvent);
		SAFE_DELETE_HTTPCLIENT(client);
	}
};

struct InitDeviceTask :public ITaskSp {
	CAccessAuthFSM* m_fsm;
	InitDeviceReq m_req;
	//string m_path;
	InitDeviceTask(CAccessAuthFSM* fsm, InitDeviceReq req) :m_fsm(fsm), m_req(req) {}

	void Process()
	{
		if (m_fsm->GetmInitDeviceHost().IsNullOrEmpty())
		{
			LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_InitDev_NULL, "加密通道Url为空");
			return;
		}
		IHttpFunc* client;
		client = create_http(m_fsm->HttpsLogCallBack);
		CAccessAuthInitDeviceReq initDeviceReq;
		initDeviceReq.cr1 = m_req.vtmCR1;
		initDeviceReq.cr3 = m_req.vtmCR3;
		initDeviceReq.cDevPubKey = m_req.CDevPubKey;
		initDeviceReq.r2 = m_req.R2;
		initDeviceReq.vendor = m_req.Verdor;
		CSystemStaticInfo si;
		m_fsm->GetEntityBase()->GetFunction()->GetSystemStaticInfo(si);
		initDeviceReq.terminalNo = si.strTerminalID;
		CAccessAuthInitDeviceRet initDeviceRet;
		initDeviceReq.m_url = m_fsm->GetmInitDeviceHost();
		initDeviceReq.m_url = initDeviceReq.m_url + "/api/initdevice";
		bool ret = client->Post(initDeviceReq, initDeviceRet);

		Dbg("code=%d,usercode:%s", initDeviceRet.m_sysCode, initDeviceRet.m_userCode.c_str());
		if (ret)
		{
			Dbg("InitDeviceTask Connect Success.");
			if (initDeviceRet.m_userCode.compare(ACS_SUCCESS)) {
				std::string errStr = SP::Utility::GBK2UTF8(initDeviceRet.m_errMsg);
				m_fsm->doWarnMsg(ERR_ACCESSAUTH_INIT_DEV,
					GetOutPutStr("%s%s%s%s", "InitDeviceTask", initDeviceRet.m_userCode.c_str(), "message", errStr.c_str()).c_str());
			}
			else {
				if (m_fsm->m_pConnection->m_ctxInitDev != NULL)
				{
					m_fsm->m_pConnection->m_ctxInitDev->Ans.R1 = initDeviceRet.data.r1.c_str();
					m_fsm->m_pConnection->m_ctxInitDev->Ans.EncR2 = initDeviceRet.data.cr2.c_str();
					m_fsm->m_pConnection->m_ctxInitDev->Ans.R3 = initDeviceRet.data.r3.c_str();
					m_fsm->m_pConnection->m_ctxInitDev->Answer(Error_Succeed);
					m_fsm->m_pConnection->m_ctxInitDev.Clear();
					Dbg("InitDeviceTask success.");
				}
			}
		}
		else {
			m_fsm->doWarnMsg(ERROR_ACCESSAUTH_CONNECT_ACS,
				GetOutPutStr("%s%d", "连接总行ACS准入服务失败（InitDeviceTask）.", initDeviceRet.m_sysCode).c_str());
			Dbg("InitDeviceTask Connect Failed.");
		}
		SAFE_DELETE_HTTPCLIENT(client);
	}
};

struct TerminalExitTask :public ITaskSp {
	CAccessAuthFSM* m_fsm;
	//string m_path;
	TerminalExitTask(CAccessAuthFSM* fsm) :m_fsm(fsm) {}

	void Process()
	{
		if (m_fsm->GetmAccessAuthHost().IsNullOrEmpty())
		{
			LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_AccessAuth_NULL, "准入Url为空");
			return;
		}
		IHttpFunc* client;
		client = create_http(m_fsm->HttpsLogCallBack);
		CAccessAuthExitReq terminalExitReq;

		CSystemStaticInfo si;
		m_fsm->GetEntityBase()->GetFunction()->GetSystemStaticInfo(si);
		terminalExitReq.terminalNo = si.strTerminalID.GetData();
		terminalExitReq.rebootWay = m_fsm->GetmnExitWay();
		terminalExitReq.triggerReason = m_fsm->GetmnExitReason();
		terminalExitReq.terminalStage = 'T';

		CAccessAuthExitRet terminalExitRet;
		terminalExitReq.m_url = m_fsm->GetmAccessAuthHost();
		terminalExitReq.m_url += "/api/exitnotice";
		bool ret = client->Post(terminalExitReq, terminalExitRet);

		Dbg("code=%d", terminalExitRet.m_sysCode);
		if (ret)
		{
			Dbg("TerminalExitTask Connect Success.");
			if (terminalExitRet.m_userCode.compare(ACS_SUCCESS)) {
				std::string errStr = SP::Utility::GBK2UTF8(terminalExitRet.m_errMsg);
				m_fsm->doWarnMsg(ERR_ACCESSAUTH_TERM_EXIT,
					GetOutPutStr("%s%s%s%s", "InitDeviceTask", terminalExitRet.m_userCode.c_str(), "message", errStr.c_str()).c_str());
			}
			else {
				Dbg("TerminalExitTask Success.");
			}
		}
		else {
			m_fsm->doWarnMsg(ERROR_ACCESSAUTH_CONNECT_ACS,
				GetOutPutStr("%s%d", "连接总行ACS准入服务失败（InitDeviceTask）.", terminalExitRet.m_sysCode).c_str());
			Dbg("TerminalExitTask Connect Failed.");
		}
		SAFE_DELETE_HTTPCLIENT(client);
	}
};
void CAccessAuthFSM::doWarnMsg(int errReason, std::string errMsg, bool bNeedEvent, string varMsg) {
	auto reasonStr = CSimpleString::Format("0x%X", errReason);
	const std::string errMsgStr = SP::Utility::GBK2UTF8(errMsg);
	const std::string varMsgStr = SP::Utility::GBK2UTF8(varMsg);
	Dbg("oiltest:%s,%s", errMsgStr.c_str(), varMsgStr.c_str());
	auto fullErrMsg = std::string(reasonStr.GetData()) + "|" + (varMsgStr.length() > 0 ? varMsgStr : errMsgStr);
	if (bNeedEvent)
	{
		m_pEntity->GetFunction()->SetSysVar("AuthErrMsg", fullErrMsg.c_str(), true);
		//oiltest@20211124
		LogEvent(Severity_Middle, checkErrType(errReason), errMsg.c_str());
		//LogEvent(Severity_Middle, CONTROL_ACCESSAUTH_NORETRY_NORESTART, errMsgStr.c_str());
	}
	LogWarn(Severity_Middle, Error_Unexpect, errReason, errMsgStr.c_str());
}
void CAccessAuthFSM::s1_on_entry()
{
	SetSysVar("I");
	if (GetStrFromCS("Common","GrayLaunchUrl",m_gateHost) != 0) {
		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("get GrayLaunchUrl error.");
		PostEventFIFO(new FSMEvent(Event_GetHsotFailed));
		return;
	}
	if (GetStrFromCS("AccessAuthorization", "HostUrl",m_accessAuthHost ) != 0) {
		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("get Host error.");
		PostEventFIFO(new FSMEvent(Event_GetHsotFailed));
		return;
	}
	if (GetStrFromCS("AccessAuthorization", "HostInitDeviceUrl", m_initDeviceHost) != 0) {
		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("get HostInitDevice error.");
		PostEventFIFO(new FSMEvent(Event_GetHsotFailed));
		return;
	}
	//oilyang@20210602 according to WangQiang,no need to use this list.It's only used in trial operation.
	//if (GetStrFromCS("AccessAuthorization", "TerminalList", m_terminalList) != 0) {
	//	((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("get Terminals error.");
	//	PostEventFIFO(new FSMEvent(Event_GetHsotFailed));
	//	return;
	//}
	CSmartPointer<GateReqTask> gateReqTask = new GateReqTask(this);
	GetEntityBase()->GetFunction()->PostThreadPoolTask(gateReqTask.GetRawPointer());
	//m_bAccessACS = ACSAccessControl();
}

void CAccessAuthFSM::s1_on_exit()
{
}

unsigned int CAccessAuthFSM::s1_on_event(FSMEvent* pEvent)
{
	LOG_FUNCTION();
	Dbg("s1_on_event: %d", pEvent->iEvt);
	if (pEvent->iEvt == Event_ReportStage)
	{
		ReportStateEvent* pReportEvent = (ReportStateEvent*)pEvent;
		if (!m_bAccessACS) {
			
			if (SecureClientConnect() == Error_Succeed)
			{
				m_pConnection->SendTerminalStagePackage(pReportEvent->cNewStage, pReportEvent->dwNewStageTime,
					pReportEvent->cOldStage, pReportEvent->dwOldStageTime);
			}
		}
		else {
			CSmartPointer<StageReportTask> stageReport = new StageReportTask(this);
			GetEntityBase()->GetFunction()->PostThreadPoolTask(stageReport.GetRawPointer());
		}
	}

	return 0;
}
void CAccessAuthFSM::s2_on_entry()
{
	LOG_FUNCTION();

	if(!DetectNetworkLegality()) {
		auto pAccessAuth = dynamic_cast<CAccessAuthEntity*>(GetEntityBase());
		LOG_ASSERT(pAccessAuth != NULL);
		pAccessAuth->SetAuthErrMsg("终端上网方式不符合规范要求");
		PostEventFIFO(new FSMEvent(Event_NetworkIllegal));
		return;
	}

	//[6/16/2020 9:51 @Gifur]
	m_finishAccess = 0;
	TimeOutTask* timeOutTask = new TimeOutTask(this,120 * 1000);// 设定 2 分钟准入超时
	GetEntityBase()->GetFunction()->PostThreadPoolTask(timeOutTask);
	Dbg("启动了准入超时定时器2分钟[%d]",m_finishAccess);
	GetEntityBase()->GetFunction()->ShowStartupInfo("正在进行准入...");

	auto pEntity = (CAccessAuthEntity*)m_pEntity;
	if (!m_bAccessACS) {
		auto rc = pEntity->InitKMC();
		if (rc != Error_Succeed)
		{
			doWarnMsg(ERR_ACCESSAUTH_INIT_KMC, GetOutPutStr("%s%08X", "调用KMC接口InitKMC错误", rc).c_str());
			FSMEvent *pEvent = new FSMEvent(Event_UpdateWKFail);
			PostEventFIFO(pEvent);
			return;
		}
	}

	SetSysVar("C");

	if (!m_bAccessACS) {
		ErrorCodeEnum rc;
		if ((rc = SecureClientConnect()) != Error_Succeed)
		{
			// 启动定时器尝试重试
			doWarnMsg(ERR_ACCESSAUTH_CONNECT_SERVER, GetOutPutStr("%s%08X", "请先检查网络是否连通，如果网络连通则检查集中配置是否正常。", rc).c_str(),true);
			ScheduleTimer(1, 8000);
			return;
		}
	}
	PostEventFIFO(new FSMEvent(Event_ConnectionOK));
}

void CAccessAuthFSM::s2_on_exit()
{
	// 关闭连接
	auto pEntity = (CAccessAuthEntity*)m_pEntity;
	pEntity->ReleaseKMC();
	SecureClientRelease();
	CancelTimer(1);
	GetEntityBase()->GetFunction()->ShowStartupInfo("");
}

// 会收到Event_UpdateWKResult和Event_ReqTokenResult和EVT_TIMER
unsigned int CAccessAuthFSM::s2_on_event(FSMEvent* pEvent)
{
	Dbg("s2 pEvent:%d",pEvent->iEvt);
	if (pEvent->iEvt == EVT_TIMER)
	{
		if (pEvent->param1 == 2)		// access timeout
		{
			// 重试超时
			Dbg("access authorize timeout");
			PostEventFIFO(new FSMEvent(Event_ReqTokenCancel));
		}
		else if (pEvent->param1 == 1 || pEvent->param1 == 3)	 // reconnect
		{
			if (!m_bAccessACS)
			{
				auto rc = SecureClientConnect();
				if (rc != Error_Succeed)
				{
					// 启动定时器尝试重试
					doWarnMsg(ERR_ACCESSAUTH_CONNECT_SERVER, GetOutPutStr("%s%08X", "请先检查网络是否连通，如果网络连通则检查集中配置是否正常。", rc).c_str(),true);
					ScheduleTimer(1, 8000);
					return 1;
				}
			}
			PostEventFIFO(new FSMEvent(Event_ConnectionOK));
			return 0;
		}
	}
	else if (pEvent->iEvt == Event_ConnectionOK)
	{
		Dbg("判断是否第一次准入！");
		auto pEntity = ((CAccessAuthEntity*)m_pEntity);
		int isFirstAccessAfterSM = pEntity->GetOrSetIsFirstSM(0);
		if (isFirstAccessAfterSM != 1) {
			Dbg("非首次准入");
			PostEventFIFO(new FSMEvent(Event_CheckMD5Succ));
			return 0;
		}
		Dbg("第一次准入 !!!");
		CSimpleStringA strInitState;
		pEntity->GetFunction()->GetSysVar("InitState", strInitState);
		if (strInitState == "1") {
			//2020/5/29 删除了各个文件MD5检验的代码	
			PostEventFIFO(new FSMEvent(Event_CheckMD5Succ));
		} else {
			ScheduleTimer(3, 1500);
		}
	}
	else if (pEvent->iEvt == Event_CheckMD5Fail)
	{
		Dbg("Event_CheckMD5Fail");
		// 上报状态
		//m_pConnection->SendReportStatePackage("CheckMD5", Error_Unexpect, ((CAccessAuthEntity*)m_pEntity)->GetAuthErrMsg());
		return 0;
	}
	else if (pEvent->iEvt == Event_CheckMD5Succ)
	{
		Dbg("Event_CheckMD5Succ");
		if (!m_bAccessACS)
		{
			DWORD rc = m_pConnection->SendSyncTimePackage();
			if (rc != Error_Succeed)
			{
				FSMEvent* pEvent = new FSMEvent(Event_EndSyncTime);
				PostEventFIFO(pEvent);
				doWarnMsg(ERR_ACCESSAUTH_SYNC_TIME,
					GetOutPutStr("%s%08X", "SendSyncTimePackage", rc).c_str(),true);
			}

			//获取终端锁定状态
			rc = m_pConnection->SendLockStatePackage();
			if (rc != Error_Succeed)
			{
				doWarnMsg(rc,
					GetOutPutStr("%s%08X", "SendLockStatePackage", rc).c_str(),true);
			}
		}
		else {
			CSmartPointer<TimeSynTask> timeSynTask = new TimeSynTask(this);
			GetEntityBase()->GetFunction()->PostThreadPoolTask(timeSynTask.GetRawPointer());

			CSmartPointer<LockStateTask> lockStateTask = new LockStateTask(this);
			GetEntityBase()->GetFunction()->PostThreadPoolTask(lockStateTask.GetRawPointer());
		}
	}
	else if (pEvent->iEvt == Event_EndSyncTime)
	{		
		Dbg("Event_EndSyncTime");
		auto pEntity = ((CAccessAuthEntity*)m_pEntity);
		
		if (!pEntity->HasPinPad())
		{
			// 没有密码键盘，直接准入
			Dbg("has no pinpad, ignore update wk");
			PostEventFIFO(new FSMEvent(CAccessAuthFSM::Event_IgnoreUpdateWK));
			return 0;
		}
		Dbg("to get last update time.");
		int nWKLastSyncTime(0);
		int nWKSyncFailCount(0);
		
		CSimpleStringA strWKSyncSuccTime = "";
		CSimpleStringA strWKSyncFailCount = "";
		// 检查上次密钥同步时间（一天只同步一次）
		CSmartPointer<IConfigInfo> pConfigRun;
		m_pEntity->GetFunction()->OpenConfig(Config_Run, pConfigRun);
		pConfigRun->ReadConfigValueInt("Main", "WKSyncSuccTime", nWKLastSyncTime);
		pConfigRun->ReadConfigValueInt("Main", "WKSyncFailCount", nWKSyncFailCount);

		SYSTEMTIME stSyncTime = CSmallDateTime(nWKLastSyncTime).ToSystemTime();
		Dbg("last WK sync time: %04d-%02d-%02d %02d:%02d:%02d",
			stSyncTime.wYear, stSyncTime.wMonth, stSyncTime.wDay,
			stSyncTime.wHour, stSyncTime.wMinute, stSyncTime.wSecond);

		SYSTEMTIME stNow = {};
		GetLocalTimeRVC(stNow);
		if (nWKLastSyncTime > 0 && stSyncTime.wYear == stNow.wYear
			&& stSyncTime.wMonth == stNow.wMonth && stSyncTime.wDay == stNow.wDay
			&& nWKSyncFailCount == 0)		// 最近一次同步成功，才能跳过
		
		{
			Dbg("WK has been updated today");
			FSMEvent *pEvent = new FSMEvent(Event_IgnoreUpdateWK);
			PostEventFIFO(pEvent);	
		}		
		else
		{	
			Dbg("begin update WK now");
			if (!m_bAccessACS) {
				// 请求WK
				DWORD rc = m_pConnection->SendWKUpdatePackage();
				if (rc != Error_Succeed)
				{
					doWarnMsg(ERR_ACCESSAUTH_UPDATE_WK,
						GetOutPutStr("%s%08X", "SendWKUpdatePackage", rc).c_str());
					FSMEvent* pEvent = new FSMEvent(Event_UpdateWKFail);
					PostEventFIFO(pEvent);
				}
			}
			else {
				if (pEntity->GetPinPadCapability() == 2 || pEntity->GetPinPadCapability() == 3)
				{
					CSmartPointer<UpdateWKTask> updateWKTask = new UpdateWKTask(this, pEntity);
					GetEntityBase()->GetFunction()->PostThreadPoolTask(updateWKTask.GetRawPointer());
				}
				else
				{
					PostEventFIFO(new FSMEvent(CAccessAuthFSM::Event_IgnoreUpdateWK));
					return 0;
				}
			}
		}
#if defined(RVC_OS_LINUX)
		//if(lastTime != NULL) delete lastTime;
		//if(currentTime != NULL) delete currentTime;
#endif
		return 0;
	}
	else if (pEvent->iEvt == Event_UpdateWKSucc)
	{
	Dbg("Event_UpdateWKSucc");
		// 上报状态
		//m_pConnection->SendReportStatePackage("UpdateWK", Error_Succeed, "更新工作密钥成功");

		// 保存WK同步时间
#ifdef RVC_OS_WIN
		DWORD rc = m_pEntity->GetFunction()->SetSysVar("WKSyncSuccTime", (const char*)CSimpleStringA::Format("0x%08X", (DWORD)CSmallDateTime::GetNow()), true);
#else
		TIME* tim = get_system_time();
		
		DWORD rc = m_pEntity->GetFunction()->SetSysVar("WKSyncSuccTime", time2str(tim).c_str(), true);

		delete tim;
#endif
		assert(rc == Error_Succeed);
		rc = m_pEntity->GetFunction()->SetSysVar("WKSyncFailCount", "0", true);
		assert(rc == Error_Succeed);

		// 请求Token
		Dbg("begin get token now");
		if (!m_bAccessACS)
		{
			// 上报状态
			m_pConnection->SendReportStatePackage("UpdateWK", Error_Succeed, "更新工作密钥成功");

			rc = SecureClientConnect();
			if (rc == Error_Succeed)
				rc = m_pConnection->SendGetTokenPackage();

			if (rc != Error_Succeed)
			{
				FSMEvent* pEvent = new FSMEvent(Event_ReqTokenFail);
				PostEventFIFO(pEvent);
			}
		}
		else {
			CSmartPointer<GetTokenTask> getTokenTask = new GetTokenTask(this, (CAccessAuthEntity*) m_pEntity);
			GetEntityBase()->GetFunction()->PostThreadPoolTask(getTokenTask.GetRawPointer());
		}
		

		return 0;
	}
	else if (pEvent->iEvt == Event_IgnoreUpdateWK)
	{
		// 忽略同步WK，直接准入
		Dbg("ignore update wk, get token now");
		if (!m_bAccessACS)
		{
			DWORD rc = SecureClientConnect();
			if (rc == Error_Succeed)
				rc = m_pConnection->SendGetTokenPackage();

			if (rc != Error_Succeed)
			{
				FSMEvent* pEvent = new FSMEvent(Event_ReqTokenFail);
				PostEventFIFO(pEvent);
			}
		}
		else {
			CSmartPointer<GetTokenTask> getTokenTask = new GetTokenTask(this, (CAccessAuthEntity*)m_pEntity);
			GetEntityBase()->GetFunction()->PostThreadPoolTask(getTokenTask.GetRawPointer());
		}
	}
	else if (pEvent->iEvt == Event_UpdateWKFail)
	{
		Dbg("update pinpad WK fail");

		// 上报状态
		if (!m_bAccessACS) {
			m_pConnection->SendReportStatePackage("UpdateWK", Error_Unexpect, ((CAccessAuthEntity*)m_pEntity)->GetAuthErrMsg());
		}

		// zl@20190624 WKSyncFailCount迁移到系统变量
		CSimpleStringA strWKSyncFailCount = "";
		auto rc = m_pEntity->GetFunction()->GetSysVar("WKSyncFailCount", strWKSyncFailCount);
		assert(rc == Error_Succeed);

		int nWKSyncFailCount = atoi(strWKSyncFailCount);
		nWKSyncFailCount++;

		rc = m_pEntity->GetFunction()->SetSysVar("WKSyncFailCount", CSimpleStringA::Format("%d", nWKSyncFailCount), true);
		assert(rc == Error_Succeed);

		// xkm@20150702 启用新准入方案，密钥同步失败不得准入
		// xkm@20151116 失败3次以上应直接跳过同步，避免KMC故障时影响可视柜台准入
		// xkm@20161220 更新密钥失败直接准入
		
		PostEventFIFO(new FSMEvent(CAccessAuthFSM::Event_IgnoreUpdateWK));
	}
	else if (pEvent->iEvt == Event_ReqTokenFail)
	{
	Dbg("Event_ReqTokenFail");
		do {
			MyMutex myMut(&mut);
			if (m_finishAccess) return 0;
			m_finishAccess = 1;
			auto pEntity = (CAccessAuthEntity*)m_pEntity;
			CSimpleStringA strErrMsg = CSimpleStringA::Format("准入失败(%d)", m_finishAccess);
			pEntity->GetFunction()->ShowFatalError(strErrMsg);
		} while (0);
		// 上报状态
		if (!m_bAccessACS)
		{
			m_pConnection->SendReportStatePackage("AccessAuth", Error_Unexpect, ((CAccessAuthEntity*)m_pEntity)->GetAuthErrMsg());
		}

		return 0;
	}
	else if (pEvent->iEvt == Event_ReqTokenCancel)
	{
		auto pEntity = (CAccessAuthEntity*)m_pEntity;
		CSimpleStringA strErrMsg = CSimpleStringA::Format("准入超时(%d)", m_finishAccess);
		pEntity->GetFunction()->ShowFatalError(strErrMsg);
		// 上报状态
		if (!m_bAccessACS)
		{
			if (m_pConnection != NULL && m_pConnection->IsConnectionOK())
			{
				m_pConnection->SendReportStatePackage("AccessAuth", Error_TimeOut, "准入超时");
			}
		}	
		return 0;
	}
	else if (pEvent->iEvt == Event_ReqTokenSucc)
	{
	Dbg("Event_ReqTokenSucc"); 
		do {
			MyMutex myMut(&mut);
			if (m_finishAccess) return 0;
			m_finishAccess = 1;
		} while (0);
		if (!m_bAccessACS)
		{
			m_pConnection->SendReportStatePackage("AccessAuth", Error_Succeed, "准入成功");
		}
		return 0;
	}
	else if (pEvent->iEvt == Event_NetworkIllegal)
	{
		pEvent->SetHandled();
		//禁止准入，如果关门有效，可以将上面这句显示在关门界面
		GetEntityBase()->GetFunction()->ShowFatalError("终端上网方式不符合规范要求，请整改后重试！");
		return 0;
	}
	return 0;
}

void CAccessAuthFSM::s3_on_entry()
{
	SetSysVar("F");

	auto pEntity = (CAccessAuthEntity*)m_pEntity;
	CSimpleStringA strErrMsg = CSimpleStringA::Format("(%s)", (const char*)pEntity->GetAuthErrMsg());
	
	// 发送准入失败事件,暂时不发送事件进去关门界面，原因关门界面显示中文乱码
	//LogEvent(Severity_Middle, EVENT_ACCESSAUTH_FAILED, strErrMsg.GetData());
	doWarnMsg(EVENT_ACCESSAUTH_FAILED, strErrMsg.GetData(), true);

	pEntity->GetFunction()->ShowFatalError(strErrMsg);

	m_nAccessFailedCount = 0;
}

void CAccessAuthFSM::s3_on_exit()
{
}

unsigned int CAccessAuthFSM::s3_on_event(FSMEvent* event)
{
	return 0;
}

void CAccessAuthFSM::s4_on_entry()
{
	SetSysVar("A");
	// 发送准入超时事件
	/*
	if (m_nAccessFailedCount >= 2)
	{
		LogEvent(Severity_Middle, EVENT_ACCESSAUTH_TIMEOUT,
			GetOutPutStr("%s%s", "准入", "超时").c_str());
	}
	*/
	doWarnMsg(ERR_ACCESSAUTH_TIMEOUT, GetOutPutStr("%s%s", "准入", "超时").c_str(), true);
	LogEvent(Severity_Middle, EVENT_ACCESSAUTH_TIMEOUT,
		GetOutPutStr("%s%s", "准入", "超时").c_str());

	// 切换到s1
	PostEventFIFO(new FSMEvent(Event_StateTimeout));

	m_nAccessFailedCount++;
}

void CAccessAuthFSM::s4_on_exit()
{
}

unsigned int CAccessAuthFSM::s4_on_event(FSMEvent* event)
{
	return 0;
}

void CAccessAuthFSM::s5_on_entry()
{
	SetSysVar("L");
	LogEvent(Severity_Middle, EVENT_ACCESSAUTH_SUCCEED, "终端准入成功");
	m_pEntity->GetFunction()->ShowStartupInfo("准入成功");
	m_nAccessFailedCount = 0;
}

void CAccessAuthFSM::s5_on_exit()
{		
}

unsigned int CAccessAuthFSM::s5_on_event(FSMEvent* pEvent)
{
	if (pEvent->iEvt == Event_StartUnregist)
	{
		// 取出参数先保存
		m_nExitReason = pEvent->param1;
		m_nExitWay = pEvent->param2;
	}
	else if (pEvent->iEvt == Event_ReportStage)
	{
		// 上报状态
		if (SecureClientConnect() == Error_Succeed)
		{
			ReportStateEvent *pReportEvent = (ReportStateEvent*)pEvent;
			m_pConnection->SendTerminalStagePackage(pReportEvent->cNewStage, pReportEvent->dwNewStageTime,
				pReportEvent->cOldStage, pReportEvent->dwOldStageTime);
		}
	}

	return 0;
}

void CAccessAuthFSM::s6_on_entry()
{
	SetSysVar("E");

	if (SecureClientConnect() != Error_Succeed)
	{
		// 启动定时器尝试重试
		Dbg("connect to AccessAuthorization service fail, start timer(30s) to retry");
		ScheduleTimer(2, 30000);
		return;
	}

	PostEventFIFO(new FSMEvent(Event_ConnectionOK));
}

void CAccessAuthFSM::s6_on_exit()
{
	CancelTimer(2);
}

unsigned int CAccessAuthFSM::s6_on_event(FSMEvent* pEvent)
{
	if (pEvent->iEvt == EVT_TIMER)
	{
		if (!m_bAccessACS) {
			if (SecureClientConnect() != Error_Succeed)
			{
				// 启动定时器尝试重试
				Dbg("connect to AccessAuthorization service fail, start timer to retry");
				ScheduleTimer(2, 30000);
				return 1;
			}
		}
		PostEventFIFO(new FSMEvent(Event_ConnectionOK));
	}
	else if (pEvent->iEvt == Event_ConnectionOK)
	{
		// 请求退出
		if (!m_bAccessACS) {
			DWORD rc = m_pConnection->SendExitNoticePackage(m_nExitReason, m_nExitWay);
		}
		else {
			CSmartPointer<TerminalExitTask> terminalExit = new TerminalExitTask(this);
			GetEntityBase()->GetFunction()->PostThreadPoolTask(terminalExit.GetRawPointer());
		}
		// 切换到s1
		PostEventFIFO(new FSMEvent(Event_StateTimeout));
	}

	return 0;
}

void CAccessAuthFSM::s7_on_entry()
{
	SetSysVar("T");

	// 过渡状态，立刻转入孤立状态
	PostEventFIFO(new FSMEvent(Event_StateTimeout));
}

void CAccessAuthFSM::s7_on_exit()
{
}

unsigned int CAccessAuthFSM::s7_on_event(FSMEvent* event)
{
	return 0;
}

/** 这样的函数命名也写得出来，表意不明并且跟框架的接口重复，谁知道要设置那个系统变量 [10/16/2021 Gifur] */
ErrorCodeEnum CAccessAuthFSM::SetSysVar(const CSimpleStringA &newVal)
{
	CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
	return spFunction->SetSysVar("EntryPermit", (const char*)newVal);
}

DWORD CAccessAuthFSM::InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx)
{
	DWORD rc = 0;
	if (!m_bAccessACS) {
		rc = SecureClientConnect();

		if (rc == Error_Succeed)
			rc = m_pConnection->SendInitDevicePackage(ctx);
		else
			Dbg("secure connect fail");

		if (rc != Error_Succeed)
		{
			ctx->Answer(rc ? Error_Unexpect : Error_Succeed);
			return rc;
		}
	}
	else{
		InitDeviceReq req;
		memset(&req, 0, sizeof(req));
		strncpy(req.vtmCR1, (const char*)ctx->Req.EncR1, sizeof(req.vtmCR1));
		strncpy(req.R2, (const char*)ctx->Req.R2, sizeof(req.R2));
		strncpy(req.vtmCR3, (const char*)ctx->Req.EncR3, sizeof(req.vtmCR3));
		strncpy(req.CDevPubKey, (const char*)ctx->Req.EncDevPubKey, sizeof(req.CDevPubKey));
		strncpy(req.Verdor, (const char*)ctx->Req.Vendor, sizeof(req.Verdor));

		m_pConnection->m_ctxInitDev = ctx;
		CSmartPointer<InitDeviceTask> initDeviceTask = new InitDeviceTask(this, req);
		GetEntityBase()->GetFunction()->PostThreadPoolTask(initDeviceTask.GetRawPointer());
	}


	return Error_Succeed;
}

DWORD CAccessAuthFSM::SyncTime()
{
	auto rc = SecureClientConnect();
	if (rc == Error_Succeed)
	{
		return m_pConnection->SendSyncTimePackageNew();
	}
	else
	{
		Dbg("secure connect fail");
		return rc;
	}	
}

ErrorCodeEnum CAccessAuthFSM::LoadCenterConfig()
{
	CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
	CSmartPointer<IConfigInfo> spConfig;
	ErrorCodeEnum Error = spFunction->OpenConfig(Config_CenterSetting, spConfig);
	if (Error_Succeed == Error) 
	{
		Error = spConfig->ReadConfigValueInt("AccessAuthorization", "CheckMD5", m_nCheckMD5);
		if (Error_Succeed == Error)
		{
			Dbg("get CheckMD5=%d from CenterSetting.ini", m_nCheckMD5);
		} 
		else
		{
			Dbg("get CheckMD5 from CenterSetting.ini failed");
		}
	}

	return Error;
}

BOOL CAccessAuthFSM::DetectNetworkLegality()
{
	LOG_FUNCTION();

	CSystemStaticInfo sysInfo;
	CSmartPointer<IEntityFunction> spFunction = this->GetEntityBase()->GetFunction();
	ErrorCodeEnum eErr = spFunction->GetSystemStaticInfo(sysInfo);
	if(eErr != Error_Succeed) {
		return TRUE;
	}

	//只针对行外PAD
	if(0 != sysInfo.strMachineType.Compare("RVC.Pad", true) ||  0 != sysInfo.strSite.Compare("cmb.FLB", true)) {
		return TRUE;
	}

	CSimpleStringA csStatus;
	unsigned int curTimes = 0;
	const unsigned int maxTimes = 10;
	do 
	{
		csStatus.Clear();
		eErr = spFunction->GetSysVar("NetState", csStatus);
		if(eErr != Error_Succeed) {
			return TRUE;
		}

		if(curTimes++ != 0) {
			Sleep(300);
		}

	} while (csStatus.Compare("N") == 0 && curTimes <= maxTimes);

	return (csStatus.Compare("F") != 0);
}
ErrorCodeEnum CAccessAuthFSM::GetIntFromCS(const char* pcSection, const char* pcKey, int& retInt) {
	CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
	CSmartPointer<IConfigInfo> spConfig;
	ErrorCodeEnum Error = spFunction->OpenConfig(Config_CenterSetting, spConfig);
	if (Error_Succeed == Error)
	{
		
		Error = spConfig->ReadConfigValueInt(pcSection, pcKey, retInt);
		if (Error_Succeed == Error)
		{
			Dbg("get retInt=%d from CenterSetting.ini", retInt);
		}
		else
		{
			Dbg("get retInt from CenterSetting.ini failed");
		}
	}
	return Error;
}
ErrorCodeEnum CAccessAuthFSM::GetStrFromCS(const char* pcSection, const char* pcKey, CSimpleStringA& retStr) {
	retStr = "";
	CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
	CSmartPointer<IConfigInfo> spConfig;
	ErrorCodeEnum Error = spFunction->OpenConfig(Config_CenterSetting, spConfig);
	if (Error_Succeed == Error)
	{
		
			Error = spConfig->ReadConfigValue(pcSection, pcKey, retStr);
			if (Error_Succeed == Error)
			{
				Dbg("get retStr=%s from CenterSetting.ini", retStr);
			}
			else
			{
				Dbg("get retStr from CenterSetting.ini failed");
			}
		
	}

	return Error;
}

bool CAccessAuthFSM::DecryptWithSessionKey(BYTE* encText, int encTextLen, BYTE * decTest,int &decTestLen) {
	BYTE key[16] = { 0 };
	memcpy(key, ((CAccessAuthEntity*)m_pEntity)->m_AuthSessionKey,16);
	char* keyTmp = Str2Hex((char *)key,16);
	Dbg("keyTmp=%s",keyTmp);
	delete keyTmp;
	
	
	if (!DecWithSM4_ECB(key, encText, encTextLen, decTest, &decTestLen)) {
		Dbg("DecryptWithSessionKey ECB error.");
		return false;
	}
	keyTmp = Str2Hex((char*)decTest, decTestLen);
	Dbg("keyTmp=%s", keyTmp);
	delete keyTmp;
	return true;
}
int CAccessAuthFSM::RtsMapToUserCode(const char* pRtsCode, DWORD dwDefaultUserCode)
{
	LOG_FUNCTION();
	Dbg("RtsCode:%s",pRtsCode);
	CSmartPointer<IConfigInfo> pConfig;
	m_pEntity->GetFunction()->OpenConfig(Config_Software, pConfig);
	int tmpUserCode = 0;
	pConfig->ReadConfigValueInt("RtsToUserCode", pRtsCode, tmpUserCode);
	if (tmpUserCode > 0)
		return tmpUserCode;
	else
		return dwDefaultUserCode;
}