mod_AccessAuth.cpp 50 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515
  1. #include "stdafx.h"
  2. #include "SpBase.h"
  3. #include "mod_AccessAuth.h"
  4. #include "RVCComm.h"
  5. #include "access_basefun.h"
  6. #include <fileutil.h>
  7. #include <iniutil.h>
  8. #include <cmath>
  9. #include "Event.h"
  10. #include "comm.h"
  11. #include "CommEntityRestful.hpp"
  12. #include "TokenKeeper_client_g.h"
  13. using namespace TokenKeeper;
  14. #include "PinPad_client_g.h"
  15. using namespace PinPad;
  16. #ifdef RVC_OS_WIN
  17. #include "WMIDeviceQuery.h"
  18. #include <WinCrypt.h>
  19. #include <Strsafe.h>
  20. #include "DeviceBaseClass.h"
  21. #include "MyBase64.h"
  22. #else
  23. #include "DeviceBaseClass.h"
  24. #endif
  25. //TODO: rm [Gifur@2025725]
  26. extern int HexBuf2StrBuf(PBYTE hexBuf, char** strBuf, DWORD len);
  27. //TODO: rm [Gifur@2025725]
  28. extern int StrBuf2HexBuf(LPCTSTR strBuf, PBYTE* hexBuf);
  29. struct InitializerInitMKTask : ITaskSp
  30. {
  31. CAccessAuthFSM* m_fsm;
  32. CAccessAuthEntity* m_entity;
  33. InitializerInitMKTask(CAccessAuthFSM* fsm, CAccessAuthEntity* entity) :m_fsm(fsm), m_entity(entity) {}
  34. void Process()
  35. {
  36. CSystemStaticInfo si;
  37. m_fsm->GetEntityBase()->GetFunction()->GetSystemStaticInfo(si);
  38. CInitlizerMKReq instanceReq;//oiltest dev module count
  39. bool initFlag = m_entity->SendInitMKReqACS(instanceReq);
  40. if (!initFlag)
  41. {
  42. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5204")("连接密码键盘异常");
  43. m_entity->EndInitMK(ERR_ACCESSAUTH_CONNECT_PINPAD, "连接密码键盘异常,请检查");//,待完善细化错误码oiltest
  44. return;
  45. }
  46. if (m_fsm->containsChinese(m_fsm->GetmAccessAuthHost().GetData()))
  47. {
  48. m_entity->EndInitMK(ERR_INITIALIZER_EXCEPTION, CSimpleStringA::Format("初始化服务连接失败,URL含中文。").GetData());
  49. return;
  50. }
  51. auto tmkpair = m_entity->GenerateTmkToKMC();
  52. instanceReq.encRandom = tmkpair.first;
  53. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("iniTerminalInfo: %s", instanceReq.iniTerminalInfo.c_str());
  54. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("auth:%s", instanceReq.auth.c_str());
  55. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("curEdkKeyCheck: %s", instanceReq.curEdkKeyCheck.c_str());
  56. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("curKeyIndex: %s", instanceReq.curKeyIndex.c_str());
  57. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("curTpkKeyCheck: %s", instanceReq.curTpkKeyCheck.c_str());
  58. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("encRandom: %s", instanceReq.encRandom.c_str());
  59. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("publicKey: %s", instanceReq.publicKey.c_str());
  60. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("terminalNo: %s", instanceReq.terminalNo.c_str());
  61. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("terminalVersion: %s", instanceReq.terminalVersion.c_str());
  62. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("user: %s", instanceReq.user.c_str());
  63. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("loginWay: %d", instanceReq.loginWay);
  64. CInitlizerMKAns instanceAns;
  65. HttpClientResponseResult result;
  66. HttpClientRequestConfig config(HttpRequestMethod::POST, m_entity->GetInitUrl().GetData(), &SpGetToken);
  67. config.SetChildUri("/api/v6/initmk");
  68. SP::Module::Restful::FulfillRequestJsonBody(&config, instanceReq);
  69. RestfulClient client = RestfulClient::getInstance();
  70. PROCESS_LINK_CONTEXT("LR0402502Initmk");
  71. config.PreDo();
  72. client.Do(&config, &result, &nextLink);
  73. if (result.ResponseOK()) {
  74. SP::Module::Restful::CommResponseJson responseStatus;
  75. SP::Module::Restful::GetStatusFromDebranchResponse(result.content, responseStatus);
  76. if (!responseStatus.IsOperatedOK()) {
  77. CSimpleStringA errMsg = CSimpleStringA::Format("%s|%s", responseStatus.errorCode.c_str(), responseStatus.errorMsg.c_str());
  78. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("initmk failed: %s", errMsg.GetData());
  79. m_entity->EndInitMK(ERR_INITIALIZER_EXCEPTION, errMsg.GetData());
  80. }
  81. else {
  82. //服务端返回成功再将数据写入AcessAuthourization.ini
  83. CSmartPointer<IConfigInfo> pConfig;
  84. auto rc = m_entity->GetFunction()->OpenConfig(Config_Run, pConfig);
  85. rc = pConfig->WriteConfigValue("TerminalPD", "PrivateKey", m_entity->m_privateKey);
  86. if (rc != Error_Succeed) {
  87. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("write pri key failed.");
  88. m_entity->EndInitMK(ERR_INITIALIZER_EXCEPTION, "私钥写入失败,请重新初始化。");
  89. return;
  90. }
  91. if (m_entity->HasPinPad()) {
  92. const bool testResult = SP::Module::Restful::ExtractDataFromDebranchResponse(result.content, instanceAns);
  93. if (m_entity->LoadKeysToPinPadACS(tmkpair.second, instanceAns.TPK, instanceAns.EDK, instanceAns.keyIndex, instanceAns.tpkKeyCheck, instanceAns.edkKeyCheck) == Error_Succeed) {
  94. m_entity->EndInitMK(Error_Succeed, "");
  95. }
  96. else {
  97. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5204")("连接密码键盘异常");
  98. m_entity->EndInitMK(ERR_ACCESSAUTH_CONNECT_PINPAD, "密钥加载失败,请检查密码键盘连接。");//,待完善细化错误码oiltest
  99. }
  100. }
  101. else {
  102. m_entity->EndInitMK(Error_Succeed, "");
  103. }
  104. }
  105. }
  106. else {
  107. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("post wk failed: %s", result.WhatError().c_str());
  108. m_entity->EndInitMK(ERR_INITIALIZER_EXCEPTION, CSimpleStringA::Format("初始化服务连接失败。%s", result.WhatError().c_str()).GetData());
  109. }
  110. }
  111. };
  112. struct GetTermSysInfoTask : ITaskSp
  113. {
  114. CAccessAuthEntity* m_entity;
  115. GetTermSysInfoTask(CAccessAuthEntity* entity) :m_entity(entity) {}
  116. void Process()
  117. {
  118. m_entity->GetHardWareInfo();
  119. }
  120. };
  121. typedef struct _REG_TZI_FORMAT
  122. {
  123. LONG Bias;
  124. LONG StandardBias;
  125. LONG DaylightBias;
  126. SYSTEMTIME StandardDate;
  127. SYSTEMTIME DaylightDate;
  128. } REG_TZI_FORMAT;
  129. void CAccessAuthSession::Handle_Regist(SpOnewayCallContext<AccessAuthService_Regist_Info>::Pointer ctx)
  130. {
  131. DbgToBeidou(ctx->link, __FUNCTION__)();
  132. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_USER).setAPI(__FUNCTION__)("call Handle_Regist");
  133. m_pEntity->Regist();
  134. }
  135. void CAccessAuthSession::Handle_UpdateWK(SpOnewayCallContext<AccessAuthService_UpdateWK_Info>::Pointer ctx)
  136. {
  137. DbgToBeidou(ctx->link, __FUNCTION__)();
  138. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_USER).setAPI(__FUNCTION__)("call Handle_UpdateWK");
  139. m_pEntity->UpdateWK();
  140. }
  141. void CAccessAuthSession::Handle_InitializeNew(SpReqAnsContext<AccessAuthService_InitializeNew_Req, AccessAuthService_InitializeNew_Ans>::Pointer ctx)
  142. {
  143. DbgToBeidou(ctx->link, __FUNCTION__)();
  144. DbgWithLink(LOG_LEVEL_INFO, ctx->link.checkEmpty() ? LOG_TYPE_SYSTEM : LOG_TYPE_USER).setAPI(__FUNCTION__)("Handle_InitializeNew");
  145. m_pEntity->m_ctx = ctx;
  146. m_pEntity->m_strUserID = ctx->Req.strUserID.GetData();
  147. m_pEntity->m_strPassword = ctx->Req.strPassword.GetData();
  148. m_pEntity->BeginInitMKACS();
  149. }
  150. void CAccessAuthSession::Handle_InitDev(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer ctx)
  151. {
  152. DbgToBeidou(ctx->link, __FUNCTION__)();
  153. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_USER).setAPI(__FUNCTION__)("call Handle_InitDev");
  154. m_pEntity->InitDevice(ctx);
  155. }
  156. void CAccessAuthSession::Handle_GetNetMsg(SpReqAnsContext<AccessAuthService_GetNetMsg_Req, AccessAuthService_GetNetMsg_Ans>::Pointer ctx)
  157. {
  158. DbgToBeidou(ctx->link, __FUNCTION__)();
  159. m_pEntity->GetNetMsg(ctx);
  160. }
  161. void CAccessAuthEntity::OnStarted()
  162. {
  163. //设置时区为北京标准时区
  164. if (!SetLocalTimeZoneByKeyName("China Standard Time", FALSE))
  165. {
  166. m_FSM.doWarnMsg(ERR_ACCESSAUTH_SETTIMEZONE,GetOutPutStr("%s%s","设置时区错误","False").c_str());
  167. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5202")(GetOutPutStr("%s%s", "设置时区错误", "False").c_str());
  168. }
  169. m_FSM.Init(this);
  170. CSimpleStringA strErrMsg;
  171. CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
  172. memset(&m_info,0, sizeof(CSystemStaticInfo));
  173. auto rc = GetFunction()->GetSystemStaticInfo(m_info);
  174. if (rc != Error_Succeed)
  175. {
  176. strErrMsg = "GetSystemStaticInfo fail";
  177. SetAuthErrMsg((const char*)strErrMsg);
  178. m_FSM.doWarnMsg(ERR_ACCESSAUTH_GET_SYSTEM_STATIC_INFO,
  179. GetOutPutStr("%s%08X", "获取系统静态信息错误", rc).c_str(), strErrMsg.GetData());
  180. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)(GetOutPutStr("%s%08X", "获取系统静态信息错误", rc).c_str());
  181. }
  182. CSmartPointer<GetTermSysInfoTask> getTermSysInfoTask = new GetTermSysInfoTask(this);
  183. GetFunction()->PostThreadPoolTask(getTermSysInfoTask.GetRawPointer());
  184. }
  185. void CAccessAuthEntity::OnPreStart(CAutoArray<CSimpleStringA> strArgs,CSmartPointer<ITransactionContext> pTransactionContext)
  186. {
  187. ErrorCodeEnum Error = Error_Succeed;
  188. pTransactionContext->SendAnswer(Error) ;
  189. }
  190. void CAccessAuthEntity::OnPreClose(EntityCloseCauseEnum eCloseCause,CSmartPointer<ITransactionContext> pTransactionContext)
  191. {
  192. m_FSM.PostExitEvent();
  193. pTransactionContext->SendAnswer(Error_Succeed);
  194. }
  195. void CAccessAuthEntity::OnSysVarEvent(const char *pszKey, const char *pszValue,const char *pszOldValue,const char *pszEntityName)
  196. {
  197. }
  198. // 开始准入
  199. ErrorCodeEnum CAccessAuthEntity::Regist()
  200. {
  201. m_FSM.PostEventFIFO(new FSMEvent(CAccessAuthFSM::Event_StartRegist));
  202. return Error_Succeed;
  203. }
  204. string CAccessAuthEntity::ByteArrayToHexStr(BYTE *pBuf, int nBufLen)
  205. {
  206. char szBuf[1024];
  207. memset(szBuf, 0, sizeof(szBuf));
  208. for(int i=0; i<nBufLen; i++)
  209. {
  210. BYTE b1 = (pBuf[i] >> 4) & 0x0F;
  211. BYTE b2 = pBuf[i] & 0x0F;
  212. if (b1 <= 9)
  213. szBuf[i*2] = '0' + b1;
  214. else
  215. szBuf[i*2] = 'A' + b1 - 10;
  216. if (b2 <= 9)
  217. szBuf[i*2+1] = '0' + b2;
  218. else
  219. szBuf[i*2+1] = 'A' + b2 - 10;
  220. }
  221. return szBuf;
  222. }
  223. // 生成临时SM2密钥对
  224. DWORD CAccessAuthEntity::CreateSM2KeyPair(CBlob &pubKey, CBlob &priKey)
  225. {
  226. int nPubKeyLen = 256;
  227. int nPriKeyLen = 256;
  228. pubKey.Alloc(nPubKeyLen);
  229. priKey.Alloc(nPriKeyLen);
  230. if (!::CreateSM2KeyPair((BYTE*)(pubKey.m_pData), &nPubKeyLen, (BYTE*)(priKey.m_pData), &nPriKeyLen))
  231. {
  232. SetAuthErrMsg("创建SM2密钥对失败");
  233. CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
  234. m_FSM.doWarnMsg(ERR_ACCESSAUTH_CREATE_RSA_KEY_PAIR,
  235. GetOutPutStr("%s%s","CreateRsaKeyPair","False").c_str(), true, "创建SM2密钥对失败");
  236. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("创建SM2密钥对失败");
  237. return ERR_ACCESSAUTH_CREATE_RSA_KEY_PAIR;
  238. }
  239. pubKey.Resize(nPubKeyLen);
  240. priKey.Resize(nPriKeyLen);
  241. return Error_Succeed;
  242. }
  243. // 保存到令牌管理实体中
  244. DWORD CAccessAuthEntity::SaveSM2KeyPair(const CBlob &pubKey, const CBlob &priKey)
  245. {
  246. LOG_FUNCTION();
  247. CSimpleStringA strErrMsg;
  248. CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
  249. TokenService_ClientBase *pTokenServiceClient = new TokenService_ClientBase(this);
  250. DWORD rc = pTokenServiceClient->Connect();
  251. if (rc != Error_Succeed)
  252. {
  253. strErrMsg = "连接令牌管理实体失败";
  254. SetAuthErrMsg(strErrMsg.GetData());
  255. rc = ERR_ACCESSAUTH_CONNECT_TOKEN_SERVICE;
  256. m_FSM.doWarnMsg(rc,
  257. "连接令牌管理实体失败", true);
  258. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5206")
  259. (GetOutPutStr("%s%08X%s%s", "Connect", rc, "strErrMsg", strErrMsg.GetData()).c_str());
  260. pTokenServiceClient->SafeDelete();
  261. }
  262. else
  263. {
  264. TokenService_SetKeyPair_Req req;
  265. req.pub_key = pubKey;
  266. req.pri_key = priKey;
  267. TokenService_SetKeyPair_Ans ans;
  268. rc = pTokenServiceClient->SetKeyPair(req, ans, 3000);
  269. pTokenServiceClient->GetFunction()->CloseSession();
  270. if (rc != Error_Succeed)
  271. {
  272. strErrMsg = "保存密钥对失败";
  273. SetAuthErrMsg(strErrMsg.GetData());
  274. rc = ERR_ACCESSAUTH_FROM_TOKEN_SERVICE_SET_KEYS;
  275. m_FSM.doWarnMsg(rc,
  276. "保存密钥对失败", true);
  277. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5207")
  278. (GetOutPutStr("%s%08X%s%s", "SetKeyPair", rc, "strErrMsg", strErrMsg.GetData()).c_str());
  279. }
  280. }
  281. return rc;
  282. }
  283. ErrorCodeEnum CAccessAuthEntity::SaveTokenAndSharedSK(const CBlob &token, const CBlob &sharedSK)
  284. {
  285. LOG_FUNCTION();
  286. CSimpleStringA strErrMsg;
  287. CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
  288. TokenService_ClientBase *pTokenServiceClient = new TokenService_ClientBase(this);
  289. ErrorCodeEnum rc = pTokenServiceClient->Connect();
  290. if (rc != Error_Succeed)
  291. {
  292. strErrMsg = "连接令牌管理实体失败";
  293. SetAuthErrMsg(strErrMsg.GetData());
  294. string outStr = GetOutPutStr("%s%08X%s%s", "Connect", rc, "strErrMsg", strErrMsg.GetData());
  295. m_FSM.doWarnMsg(ERR_ACCESSAUTH_CONNECT_TOKEN_SERVICE, outStr.c_str());
  296. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)(outStr.c_str());
  297. pTokenServiceClient->SafeDelete();
  298. }
  299. else
  300. {
  301. TokenService_SetToken_Req req = {};
  302. req.token = token;
  303. TokenService_SetToken_Ans ans;
  304. rc = pTokenServiceClient->SetToken(req, ans, 5000);
  305. if (rc == Error_Succeed)
  306. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM).setAPI("SetToken")
  307. ("save token succ, token: [%s]", ByteArrayToHexStr((BYTE*)token.m_pData, token.m_iLength).c_str());
  308. else
  309. {
  310. strErrMsg = "保存令牌失败";
  311. SetAuthErrMsg(strErrMsg.GetData());
  312. string outStr = GetOutPutStr("%s%08X%s%s", "SetToken", rc, "strErrMsg", strErrMsg.GetData());
  313. m_FSM.doWarnMsg(ERR_ACCESSAUTH_FROM_TOKEN_SERVICE_SET_TOKEN, outStr.c_str());
  314. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)(outStr.c_str());
  315. }
  316. TokenService_SetSharedSK_Req req2 = {};
  317. req2.ssk = sharedSK;
  318. TokenService_SetSharedSK_Ans ans2 = {};
  319. rc = pTokenServiceClient->SetSharedSK(req2, ans2, 5000);
  320. if (rc != Error_Succeed)
  321. {
  322. strErrMsg = "保存会话密钥失败";
  323. SetAuthErrMsg(strErrMsg.GetData());
  324. string outStr = GetOutPutStr("%s%08X%s%s", "SetSharedSK", rc, "strErrMsg", strErrMsg.GetData());
  325. m_FSM.doWarnMsg(ERR_ACCESSAUTH_FROM_TOKEN_SERVICE_SET_SHAREKEY, outStr.c_str());
  326. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)(outStr.c_str());
  327. }
  328. pTokenServiceClient->GetFunction()->CloseSession();
  329. }
  330. return rc;
  331. }
  332. bool CAccessAuthEntity::HasPinPad()
  333. {
  334. CSimpleStringA strErrMsg;
  335. CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
  336. //oilyang@20210514
  337. if (!IsMachineTypeConfigurePinPad(m_info.strMachineType))
  338. {
  339. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("MachineType[%s], not exist pinpad", m_info.strMachineType.GetData());
  340. return false;
  341. }
  342. else
  343. {
  344. // 其它VTM机型,全部有内置密码键盘
  345. return true;
  346. }
  347. }
  348. // 1:3des only; 2: sm4 only; 3: both 3des and sm4
  349. // 由当前已初始化的密钥文件决定,兼容旧版本终端
  350. int CAccessAuthEntity::GetPinPadCapability()
  351. {
  352. LOG_FUNCTION();
  353. int nCapability = 0;
  354. if (!IsMachineTypeConfigurePinPad(m_info.strMachineType))
  355. return nCapability;
  356. PinPadService_ClientBase *pPinPad = new PinPadService_ClientBase(this);
  357. auto rc = pPinPad->Connect();
  358. if (rc == Error_Succeed)
  359. {
  360. PinPadService_QueryFunc_Req req;
  361. PinPadService_QueryFunc_Ans ans;
  362. rc = pPinPad->QueryFunc(req, ans, 3000);
  363. if (rc == Error_Succeed)
  364. {
  365. nCapability = ans.encryptkey;
  366. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("QueryFunc from pinpad succ, nCapability[%d]", nCapability);
  367. }
  368. else if (rc != Error_DevNotAvailable)
  369. {
  370. SetAuthErrMsg("从PinPad获取主密钥类型失败");
  371. CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
  372. m_FSM.doWarnMsg(ERR_ACCESSAUTH_FROM_PINPAD,
  373. GetOutPutStr("%s%s%s%s", "QueryFunc", "False", "AuthErrMsg", "从PinPad获取主密钥类型失败").c_str());
  374. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5205")
  375. (GetOutPutStr("%s%s%s%s", "QueryFunc", "False", "AuthErrMsg", "从PinPad获取主密钥类型失败").c_str());
  376. }
  377. pPinPad->GetFunction()->CloseSession();
  378. }
  379. else
  380. {
  381. SetAuthErrMsg("连接PinPad实体失败");
  382. CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
  383. m_FSM.doWarnMsg(ERR_ACCESSAUTH_CONNECT_PINPAD,
  384. GetOutPutStr("%s%08X%s%s", "Connect", rc,"AuthErrMsg", "连接PinPad实体失败").c_str());
  385. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)(GetOutPutStr("%s%08X%s%s", "Connect", rc, "AuthErrMsg", "连接PinPad实体失败").c_str());
  386. pPinPad->SafeDelete();
  387. }
  388. return nCapability;
  389. }
  390. void CAccessAuthEntity::printPasswdError(const string& strErrMsg){
  391. SetAuthErrMsg(strErrMsg.c_str());
  392. GetFunction()->SetSysVar("AuthErrMsg", strErrMsg.c_str());
  393. m_FSM.doWarnMsg( ERROR_ACCESSAUTH_OPENCRYPTCONTEXT, strErrMsg.c_str(),true, strErrMsg);
  394. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA520C")(strErrMsg.c_str());
  395. }
  396. int Char2Int(char * ch) {
  397. int num = 0;
  398. for (int i = 0;i < strlen(ch);i++) {
  399. num += ((int)(ch[i] - '0')) * pow((float)10, (float)(strlen(ch) - i - 1));
  400. }
  401. return num;
  402. }
  403. bool CAccessAuthEntity::SaveAuthKey(BYTE *pKey)
  404. {
  405. memset(m_AuthSessionKey, 0, 140);
  406. CSimpleStringA runInfoPath, iniPath;
  407. auto rc = GetFunction()->GetPath("runinfo", runInfoPath);
  408. if (rc != Error_Succeed) {
  409. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("GetPath runinfo error=%d.", rc);
  410. return false;
  411. }
  412. char privateKey[BUF_SIZE] = { 0 };
  413. iniPath = runInfoPath + SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "AccessAuthorization.ini";
  414. char* tmp = inifile_read_str(iniPath.GetData(), "TerminalPD", "PrivateKey", "");
  415. strcpy(privateKey, tmp);
  416. delete tmp;
  417. if (strlen(privateKey) <= 0) {
  418. iniPath = runInfoPath + SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "Initializer.ini";
  419. char* tmp2 = inifile_read_str(iniPath.GetData(), "TerminalPD", "PrivateKey", "");
  420. strcpy(privateKey, tmp2);
  421. delete tmp2;
  422. if (strlen(privateKey) <= 0)
  423. {
  424. printPasswdError("私钥为空,请重置秘钥进行初始化");
  425. return false;
  426. }
  427. }
  428. int decodedPrivateKeyLen;
  429. char* pDecodedPrivateKey = Hex2Str(privateKey, decodedPrivateKeyLen);
  430. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("privateKey len:%d, decodedPrivateKeyLen=%d", strlen(privateKey), decodedPrivateKeyLen);
  431. char pDecryptPrivateKey[BUF_SIZE] = { 0 };
  432. int decryprtLen = BUF_SIZE;
  433. if (!DecWithSM4_ECB("s5da69gnh4!963@6s5da69gnh4!963@6", (BYTE*)pDecodedPrivateKey, decodedPrivateKeyLen, (BYTE*)pDecryptPrivateKey, &decryprtLen)) {
  434. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("DecWithSM4_ECB decrypt privateKey error. SM4解密私钥失败");
  435. printPasswdError("终端初始化未完成,请重置秘钥进行初始化");
  436. delete[] pDecodedPrivateKey;
  437. return false;
  438. }
  439. delete[] pDecodedPrivateKey;
  440. char pPlainKey[KEY_SIZE];
  441. int plainKeyLen = KEY_SIZE;
  442. char pKeyLen[4] = { 0 };
  443. memcpy(pKeyLen, pKey, 4);
  444. int kenLen = Char2Int(pKeyLen);
  445. char* pEncodeKey = Str2Hex((char*)pKey, kenLen + 4);
  446. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("kenLen=%d", kenLen);
  447. delete pEncodeKey;
  448. char* key = new char[kenLen + 1];
  449. memset(key, 0, kenLen + 1);
  450. memcpy(key, pKey + 4, kenLen);
  451. if (!DecWithSM2PriKey((BYTE*)key, kenLen, (BYTE*)pPlainKey, &plainKeyLen, (BYTE*)pDecryptPrivateKey, decryprtLen)) {
  452. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("使用私钥解密失败!");
  453. printPasswdError("终端初始化未完成,请重置秘钥进行初始化");
  454. return false;
  455. }
  456. if (plainKeyLen != KEY_SIZE) {
  457. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setAPI("SaveAuthVerAndKey")("私钥解密后的会话密钥长度不等于16!");
  458. }
  459. memcpy(m_AuthSessionKey, pPlainKey, KEY_SIZE);
  460. return true;
  461. }
  462. static BYTE* ConvertHexStrToBytes(const char *pszStr)
  463. {
  464. if (pszStr == NULL || strlen(pszStr) == 0)
  465. return NULL;
  466. int nLen = strlen(pszStr) / 2;
  467. BYTE *pRet = (BYTE*)malloc(nLen);
  468. memset(pRet, 0, nLen);
  469. for (int i = 0; i < nLen; i++)
  470. {
  471. int nTmp(0);
  472. if (sscanf(&pszStr[i * 2], "%2X", &nTmp) != 1)
  473. {
  474. free(pRet);
  475. return NULL;
  476. }
  477. pRet[i] = (BYTE)nTmp;
  478. }
  479. return pRet;
  480. }
  481. // 使用密钥加密
  482. ErrorCodeEnum CAccessAuthEntity::EncryptDataWithKey(const CBlob &raw, CBlob &enc, BYTE* key)
  483. {
  484. LOG_FUNCTION();
  485. //这里不需要delete,由CBlob析构函数去执行
  486. BYTE* pEncData = new BYTE[1024];
  487. int pEncDataSize = 1024;
  488. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("pEncDataSize=%d", pEncDataSize);
  489. char* pPlainInfo = Str2Hex((char*)raw.m_pData, raw.m_iLength);
  490. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("raw Length=%d", raw.m_iLength);
  491. delete[] pPlainInfo;
  492. if (!EncWithSM4_ECB(key, (BYTE*)(raw.m_pData), raw.m_iLength, pEncData, &pEncDataSize)) {
  493. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("会话密钥加密准入信息失败!");
  494. SetAuthErrMsg("会话密钥加密准入信息失败");
  495. return Error_Unexpect;
  496. }
  497. enc.Attach(pEncData,pEncDataSize);
  498. char* tmp = Str2Hex((char*)pEncData, pEncDataSize);
  499. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("pEncData size:%d", pEncDataSize);
  500. delete[] tmp;
  501. tmp = Str2Hex((char*)enc.m_pData, enc.m_iLength);
  502. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("EncWithSM4_ECB data size:%d", enc.m_iLength);
  503. delete[] tmp;
  504. return Error_Succeed;
  505. }
  506. // 生成RSA密钥对,并导出公钥
  507. bool CAccessAuthEntity::GetTerminalPublicKey(BYTE* pBuf, int& nBufLen, string& pubkey)
  508. {
  509. LOG_FUNCTION();
  510. CSimpleString runInfoPath;
  511. auto rc = GetFunction()->GetPath("runinfo", runInfoPath);
  512. if (rc != Error_Succeed) {
  513. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("GetPath runinfo error=%d.", rc);
  514. return false;
  515. }
  516. runInfoPath += SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR;
  517. #ifdef RVC_OS_WIN
  518. DWORD dwAttr = GetFileAttributes(runInfoPath.GetData());
  519. if (dwAttr == 0xFFFFFFFF) //目录不存在则创建
  520. {
  521. if (!CreateDirectory(runInfoPath.GetData(), NULL))
  522. {
  523. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("Create %s dir failed!", runInfoPath.GetData());
  524. }
  525. }
  526. #else
  527. if (!dir_is_exist(runInfoPath.GetData()))
  528. {
  529. if (dir_create(runInfoPath.GetData()) != 0)
  530. {
  531. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("Create %s dir failed!", runInfoPath.GetData());
  532. }
  533. }
  534. #endif // RVC_OS_WIN
  535. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("Dir=%s", runInfoPath.GetData());
  536. CSmartPointer<IConfigInfo> pConfig;
  537. rc = GetFunction()->OpenConfig(Config_Run, pConfig);
  538. if (rc != Error_Succeed) {
  539. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("OpenConfig Config_Run error=%d.", rc);
  540. return false;
  541. }
  542. CSimpleString publicKey;
  543. rc = pConfig->ReadConfigValue("TerminalPD", "PublicKey", publicKey);
  544. if (rc != Error_Succeed || publicKey.IsNullOrEmpty()) {
  545. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("ReadConfig publicKey error=%d or publicKey is NULL.", rc);
  546. }
  547. BYTE btPublicKey[BUF_SIZE] = { 0 }, btPrivateKey[BUF_SIZE] = { 0 };
  548. int iPublicKeyLen = sizeof(btPublicKey);
  549. int iPrivateKeyLen = sizeof(btPrivateKey);
  550. if (!::CreateSM2KeyPair(btPublicKey, &iPublicKeyLen, btPrivateKey, &iPrivateKeyLen)) {
  551. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("Create SM2 key pair error.");
  552. return false;
  553. }
  554. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("iPublicKeyLen=%d,iPrivateKeyLen=%d", iPublicKeyLen, iPrivateKeyLen);
  555. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("[btPublicKey=%s]", (char*)btPublicKey);
  556. char* pEncode = Str2Hex((char*)btPublicKey, iPublicKeyLen);
  557. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("pEncode=%s,%d", pEncode, strlen(pEncode));
  558. /*rc = pConfig->WriteConfigValue("TerminalPD", "PublicKey", pEncode);
  559. assert(rc == Error_Succeed);*/
  560. m_publicKey = pEncode;
  561. pubkey = pEncode;
  562. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("write public key success.");
  563. BYTE pCryptPrivateKey[BUF_SIZE] = { 0 };
  564. int cryptPrivateKeyLen = BUF_SIZE;
  565. if (!EncWithSM4_ECB("s5da69gnh4!963@6s5da69gnh4!963@6", btPrivateKey, iPrivateKeyLen, pCryptPrivateKey, &cryptPrivateKeyLen)) {
  566. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("sm4 crypt privateKey error.");
  567. /*rc = pConfig->WriteConfigValue("TerminalPD", "PublicKey", "");*/
  568. m_publicKey = "";
  569. delete[] pEncode;
  570. return false;
  571. }
  572. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("sm4 encrypt pri key success.");
  573. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("cryptPrivateKeyLen=%d", cryptPrivateKeyLen);
  574. char* pEncodedCryptPrivateKey = Str2Hex((char*)pCryptPrivateKey, cryptPrivateKeyLen);
  575. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("encode pri key success.");
  576. m_privateKey = pEncodedCryptPrivateKey;
  577. /*//不在这里写入私钥,将逻辑修改到函数外部,等服务端返回成功后再写入私钥
  578. rc = pConfig->WriteConfigValue("TerminalPD", "PrivateKey", pEncodedCryptPrivateKey);
  579. if (rc != Error_Succeed) {
  580. rc = pConfig->WriteConfigValue("TerminalPD", "PublicKey", "");
  581. delete[] pEncodedCryptPrivateKey;
  582. return false;
  583. }
  584. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("write pri key success.");*/
  585. publicKey = pEncode;
  586. delete[] pEncode;
  587. delete[] pEncodedCryptPrivateKey;
  588. char* pDecode = Hex2Str(publicKey.GetData(), nBufLen);
  589. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("pDecode=[%s],len=%d", pDecode, nBufLen);
  590. memcpy(pBuf, pDecode, nBufLen);
  591. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("GetTerminalPublicKey")("pBuf[0]=%02X,nBufLen=%d", pBuf[0], nBufLen);
  592. return true;
  593. }
  594. ErrorCodeEnum CAccessAuthEntity::GetPinPadModel(CSimpleStringA& pinpadModel, bool& bPinPadOnline)
  595. {
  596. bPinPadOnline = false;
  597. int waitMS = 0;
  598. CSmartPointer<IConfigInfo> spConfig;
  599. ErrorCodeEnum Error = GetFunction()->OpenConfig(Config_CenterSetting, spConfig);
  600. ErrorCodeEnum errCode = spConfig->ReadConfigValueInt("AccessAuthorization", "WaitPinPadMS", waitPinPadMS);
  601. if (waitPinPadMS <= 0)
  602. {
  603. waitPinPadMS = DEFALT_WAIT_PINPAD_MS; //默认不等待
  604. }
  605. CSimpleStringA strErrMsg;
  606. CSmartPointer<IEntityFunction> spFunction = this->GetFunction();
  607. std::map<std::string, std::string> errInfo;
  608. //oilyang@20210514
  609. if (!IsMachineTypeConfigurePinPad(m_info.strMachineType))
  610. {
  611. pinpadModel = "";
  612. return Error_Succeed;
  613. }
  614. ErrorCodeEnum nRet = Error_Unexpect;
  615. ErrorCodeEnum rc = Error_Unexpect;
  616. do
  617. {
  618. auto pPinPadClient = new PinPadService_ClientBase(this);
  619. if ((rc = pPinPadClient->Connect()) == Error_Succeed)
  620. {
  621. PinPadService_GetDevInfo_Req req = {};
  622. PinPadService_GetDevInfo_Ans ans = {};
  623. rc = pPinPadClient->GetDevInfo(req, ans, 3000);
  624. if (rc == Error_Succeed)
  625. {
  626. bPinPadOnline = true;
  627. nRet = Error_Succeed;
  628. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("pinpad model: %s", ans.model.GetData());
  629. // CM = V2.0#PM = V1.0#MID = 75500001#PID = 12345678#FWID = V1234567#Vendor = nantian
  630. // 密码键盘ID,PID,8到16字节; 设备ID,MID,8到16字节; 固件版本号,FWID,8字节
  631. pinpadModel = ans.model;
  632. pPinPadClient->GetFunction()->CloseSession();
  633. pPinPadClient->SafeDelete();
  634. pPinPadClient = NULL;
  635. break;
  636. }
  637. pPinPadClient->GetFunction()->CloseSession();
  638. }
  639. pPinPadClient->SafeDelete();
  640. pPinPadClient = NULL;
  641. waitMS += INTERVAL_WAIT_PINPAD_MS;
  642. if (waitPinPadMS > 0) //配置有效时才进行等待,不然直接跳出循环
  643. {
  644. Sleep(INTERVAL_WAIT_PINPAD_MS); //等待200ms
  645. }
  646. }
  647. while (bPinPadOnline == false && waitMS < waitPinPadMS); //获取pinpad成功,或者时间超过阈值跳出
  648. if (rc == Error_NotInit)
  649. {
  650. strErrMsg = "PinPad超时未打开";
  651. SetAuthErrMsg(strErrMsg.GetData());
  652. string outStr = GetOutPutStr("%s%08X%s%s", "GetDevInfo", rc, "strErrMsg", strErrMsg.GetData());
  653. m_FSM.doWarnMsg(ERR_ACCESSAUTH_PINPAD_OPEN_OVERTIME, outStr.c_str());
  654. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5204")(outStr.c_str());
  655. errInfo["errcode"] = "RTA5204";
  656. errInfo["msg"] = "PinPad超时未打开";
  657. errInfo["getLastErr"] = GetLastError();
  658. pinpadModel = generateJsonStr(errInfo).second.c_str();
  659. }
  660. else if(rc == Error_DevNotAvailable)
  661. {
  662. strErrMsg = "PinPad打开失败";
  663. SetAuthErrMsg(strErrMsg.GetData());
  664. string outStr = GetOutPutStr("%s%08X%s%s", "GetDevInfo", rc, "strErrMsg", strErrMsg.GetData());
  665. m_FSM.doWarnMsg(ERR_ACCESSAUTH_PINPAD_OPEN_FAILED, outStr.c_str());
  666. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5218")(outStr.c_str());
  667. errInfo["errcode"] = "RTA5218";
  668. errInfo["msg"] = "PinPad打开失败";
  669. errInfo["getLastErr"] = GetLastError();
  670. pinpadModel = generateJsonStr(errInfo).second.c_str();
  671. }
  672. else if(rc != Error_Succeed)
  673. {
  674. strErrMsg = "连接PinPad取数据异常";
  675. SetAuthErrMsg(strErrMsg.GetData());
  676. string outStr = GetOutPutStr("%s%08X%s%s", "GetPinPadModel", rc, "strErrMsg", strErrMsg.GetData());
  677. m_FSM.doWarnMsg(ERR_ACCESSAUTH_PINPAD_GETDATA_FAILED, outStr.c_str());
  678. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5205")(outStr.c_str());
  679. errInfo["errcode"] = "RTA5205";
  680. errInfo["msg"] = "连接PinPad取数据异常";
  681. errInfo["getLastErr"] = GetLastError();
  682. pinpadModel = generateJsonStr(errInfo).second.c_str();
  683. }
  684. return nRet;
  685. }
  686. wstring CAccessAuthEntity::ANSIToUnicode(const string& str)
  687. {
  688. int len = 0;
  689. len = str.length();
  690. int unicodeLen = ::MultiByteToWideChar(CP_ACP,
  691. 0,
  692. str.c_str(),
  693. -1,
  694. NULL,
  695. 0);
  696. wchar_t * pUnicode;
  697. pUnicode = new wchar_t[unicodeLen+1];
  698. memset(pUnicode,0,(unicodeLen+1)*sizeof(wchar_t));
  699. ::MultiByteToWideChar( CP_ACP,
  700. 0,
  701. str.c_str(),
  702. -1,
  703. (LPWSTR)pUnicode,
  704. unicodeLen);
  705. wstring rt;
  706. rt = (wchar_t*)pUnicode;
  707. delete pUnicode;
  708. return rt;
  709. }
  710. //China Standard Time
  711. BOOL CAccessAuthEntity::SetLocalTimeZoneByKeyName(const TCHAR* szTimeZoneKeyName, BOOL isDaylightSavingTime)
  712. {
  713. #ifdef RVC_OS_WIN
  714. HKEY hKey;
  715. LONG ErrorCode;
  716. TCHAR szSubKey[256];
  717. TCHAR szStandardName[32];
  718. TCHAR szDaylightName[32];
  719. REG_TZI_FORMAT regTZI;
  720. DWORD dwByteLen;
  721. // 检测入口参数
  722. if ((szTimeZoneKeyName == NULL) || (strlen(szTimeZoneKeyName) == 0))
  723. {
  724. // 时区标识符不能为空
  725. return FALSE;
  726. }
  727. StringCchCopy(szSubKey, 256, TEXT("Software\\Microsoft\\Windows NT\\CurrentVersion\\Time Zones\\"));
  728. StringCchCat(szSubKey, 256, szTimeZoneKeyName);
  729. ErrorCode = RegOpenKeyEx(HKEY_LOCAL_MACHINE, szSubKey, 0, KEY_QUERY_VALUE, &hKey);
  730. if (ErrorCode != ERROR_SUCCESS)
  731. {
  732. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("RegOpenKeyEx Software\\Microsoft\\Windows NT\\CurrentVersion\\Time Zones\\China Standard Time fail");
  733. return FALSE;
  734. }
  735. // 标准名
  736. dwByteLen = sizeof(szStandardName);
  737. ErrorCode = RegQueryValueEx(hKey, TEXT("Std"), NULL, NULL, reinterpret_cast<LPBYTE>(&szStandardName), &dwByteLen);
  738. if (ErrorCode != ERROR_SUCCESS)
  739. {
  740. RegCloseKey(hKey);
  741. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("RegQueryValueEx Software\\Microsoft\\Windows NT\\CurrentVersion\\Time Zones\\China Standard Time\\Std fail");
  742. return FALSE;
  743. }
  744. // 夏时制名
  745. dwByteLen = sizeof(szDaylightName);
  746. ErrorCode = RegQueryValueEx(hKey, TEXT("Dlt"), NULL, NULL, reinterpret_cast<LPBYTE>(&szDaylightName), &dwByteLen);
  747. if (ErrorCode != ERROR_SUCCESS)
  748. {
  749. RegCloseKey(hKey);
  750. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("RegQueryValueEx Software\\Microsoft\\Windows NT\\CurrentVersion\\Time Zones\\China Standard Time\\Dlt fail");
  751. return FALSE;
  752. }
  753. // 时区信息
  754. dwByteLen = sizeof(regTZI);
  755. ErrorCode = RegQueryValueEx(hKey, TEXT("TZI"), NULL, NULL, reinterpret_cast<LPBYTE>(&regTZI), &dwByteLen);
  756. RegCloseKey(hKey);
  757. if ((ErrorCode != ERROR_SUCCESS) || (dwByteLen > sizeof(regTZI)))
  758. {
  759. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("RegQueryValueEx Software\\Microsoft\\Windows NT\\CurrentVersion\\Time Zones\\China Standard Time\\TZI fail");
  760. return FALSE;
  761. }
  762. // 开启权限
  763. HANDLE hToken;
  764. TOKEN_PRIVILEGES tkp;
  765. BOOL isOK;
  766. if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken))
  767. {
  768. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("OpenProcessToken Standard Time\\Dlt fail");
  769. return FALSE;
  770. }
  771. LookupPrivilegeValue(NULL, SE_TIME_ZONE_NAME, &tkp.Privileges[0].Luid);
  772. tkp.PrivilegeCount = 1;
  773. tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
  774. AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES)NULL, 0);
  775. if (GetLastError() != ERROR_SUCCESS)
  776. {
  777. CloseHandle(hToken);
  778. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("AdjustTokenPrivileges fail");
  779. return FALSE;
  780. }
  781. // 设置新时区
  782. DYNAMIC_TIME_ZONE_INFORMATION tzi;
  783. tzi.Bias = regTZI.Bias;
  784. tzi.StandardDate = regTZI.StandardDate;
  785. tzi.StandardBias = regTZI.StandardBias;
  786. tzi.DaylightDate = regTZI.DaylightDate;
  787. tzi.DaylightBias = regTZI.DaylightBias;
  788. tzi.DynamicDaylightTimeDisabled = !isDaylightSavingTime;
  789. wcscpy(tzi.StandardName, ANSIToUnicode(szStandardName).c_str());
  790. wcscpy(tzi.DaylightName, ANSIToUnicode(szDaylightName).c_str());
  791. wcscpy(tzi.TimeZoneKeyName, ANSIToUnicode(szTimeZoneKeyName).c_str());
  792. isOK = SetDynamicTimeZoneInformation(&tzi); // 设置动态时区
  793. if (!isOK)
  794. {
  795. DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("SetDynamicTimeZoneInformation fail");
  796. }
  797. // 关闭权限
  798. tkp.Privileges[0].Attributes = 0;
  799. AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES)NULL, 0);
  800. CloseHandle(hToken);
  801. return isOK;
  802. #else
  803. //temporarily not relased at linux
  804. return TRUE;
  805. #endif // RVC_OS_WIN
  806. }
  807. bool CAccessAuthEntity::IsMachineTypeConfigurePinPad(CSimpleStringA strMachineType)
  808. {
  809. CSmartPointer<IConfigInfo> spConfig;
  810. ErrorCodeEnum Error = GetFunction()->OpenConfig(Config_CenterSetting, spConfig);
  811. CSimpleStringA mcType = CSimpleStringA("CoreBootList.") + strMachineType;
  812. CSimpleStringA loaderConifg("");
  813. ErrorCodeEnum errCode = spConfig->ReadConfigValue("VtmLoader", mcType.GetData(), loaderConifg);
  814. if (errCode != Error_Succeed)
  815. {
  816. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("Get VtmLoader config failed!");
  817. }
  818. if (string(loaderConifg.GetData()).find("PinPad") != string::npos) //集中配置配了启动pinpad实体
  819. {
  820. return true;
  821. }
  822. else
  823. {
  824. return false;
  825. }
  826. }
  827. void CAccessAuthEntity::UpdateWK()
  828. {
  829. m_FSM.UpdateWK();
  830. }
  831. void CAccessAuthEntity::BeginInitMKACS()
  832. {
  833. LOG_FUNCTION();
  834. // 1:3des only; 2: sm4 only; 3: both 3des and sm4
  835. int nCapability = GetPinPadCapability();
  836. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("pinpad capability: %d", nCapability);
  837. CSmartPointer<IConfigInfo> spConfig;
  838. ErrorCodeEnum Error = GetFunction()->OpenConfig(Config_CenterSetting, spConfig);
  839. if (Error_Succeed == Error)
  840. {
  841. Error = spConfig->ReadConfigValue("AccessAuthorization", "HostInitUrl", m_strInitUrl);
  842. if (Error_Succeed != Error)
  843. {
  844. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("get InitUrl from CenterSetting failed");
  845. return;
  846. }
  847. } else {
  848. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("open InitUrl from CenterSetting.ini failed");
  849. return;
  850. }
  851. CSmartPointer<InitializerInitMKTask> initUpdateWKTask = new InitializerInitMKTask(&this->m_FSM, this);
  852. GetFunction()->PostThreadPoolTask(initUpdateWKTask.GetRawPointer());
  853. }
  854. bool CAccessAuthEntity::SendInitMKReqACS(CInitlizerMKReq& initMKReq)
  855. {
  856. LOG_FUNCTION();
  857. CSmartPointer<IEntityFunction> pFunc = GetFunction();
  858. ErrorCodeEnum nRet = Error_Unexpect;
  859. CBlob encInfo;
  860. char* hexStr = "21009872C31CBC00D0C8F421D09CF707";
  861. BYTE key[KEY_SIZE] = { 0 };
  862. memcpy(key, ConvertHexStrToBytes(hexStr), KEY_SIZE);
  863. //char key[KEY_SIZE] = { 0 };
  864. //memcpy(key, "1234567890123456234", KEY_SIZE);
  865. nRet = (ErrorCodeEnum)m_FSM.GetEncTerminalInfoWithKey(encInfo, key);
  866. if (nRet != Error_Succeed)
  867. {
  868. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("GetEncTerminalInfo failed:%d", nRet);
  869. return false;
  870. }
  871. char* pTmp = Str2Hex((char*)encInfo.m_pData, encInfo.m_iLength);
  872. initMKReq.iniTerminalInfo = pTmp;
  873. CSystemStaticInfo si;
  874. pFunc->GetSystemStaticInfo(si);
  875. initMKReq.terminalVersion = si.InstallVersion.ToString();
  876. initMKReq.terminalNo = si.strTerminalID.GetData();
  877. BYTE xPublicKey[148];
  878. int nBufLen = sizeof(xPublicKey);
  879. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("SendInitMKReqACS")("开始获取公钥。。。");
  880. memset(xPublicKey, 0, nBufLen);
  881. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("SendInitMKReqACS")("nBufLen=%d", nBufLen);
  882. if (!GetTerminalPublicKey(xPublicKey, nBufLen, initMKReq.publicKey))
  883. {
  884. LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_PUBKEY,
  885. GetOutPutStr("%s%s", "GetTerminalPublicKey", "False").c_str());
  886. return false;
  887. }
  888. initMKReq.user = m_strUserID.GetData();
  889. if (!m_strUserID.IsNullOrEmpty() && !m_strPassword.IsNullOrEmpty())
  890. {
  891. LogWarn(Severity_Low, Error_Succeed, AccessAuthorization_UserErrorCode_Init_From_ClosePage, "Init by ClosePage.");
  892. initMKReq.loginWay = 1;
  893. }
  894. else
  895. {
  896. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("no need to call login again as User Desktop have logined.");
  897. initMKReq.loginWay = 0;
  898. }
  899. PinPadService_ClientBase* pPinPad = new PinPadService_ClientBase(this);
  900. auto errRc = pPinPad->Connect();
  901. if (errRc == Error_Succeed)
  902. {
  903. PinPadService_GetCheckCode_Req req = {};
  904. PinPadService_GetCheckCode_Ans ans = {};
  905. req.mSN.Init(1);
  906. req.wSN.Init(1);
  907. req.mSN[0] = 1;
  908. req.wSN[0] = 0;
  909. errRc = (*pPinPad)(EntityResource::getLink().upgradeLink())->GetCheckCode(req, ans, 10000);
  910. if (errRc == Error_Succeed)
  911. {
  912. initMKReq.curTpkKeyCheck = ans.checkcode[0].GetData();
  913. initMKReq.curKeyIndex = ans.index[0].GetData();
  914. }
  915. else
  916. {
  917. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("Get keyChek && keyIndex failed.");
  918. }
  919. pPinPad->GetFunction()->CloseSession();
  920. }
  921. else
  922. {
  923. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("connect to pinpad failed.error code:%d", errRc);
  924. }
  925. return true;
  926. }
  927. void CAccessAuthEntity::EndInitMK(DWORD rc, const char *pszErrMsg)
  928. {
  929. LOG_FUNCTION();
  930. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setLogCode(AccessAuthService_LogCode_InitializeNew)
  931. ("EndInitMK:rc:%d,errMsg:%s", rc, pszErrMsg);
  932. GetFunction()->KillTimer(22);
  933. m_strLastErrMsg = pszErrMsg;
  934. if (rc != Error_Succeed)
  935. {
  936. LogWarn(Severity_Middle, Error_Unexpect, rc,
  937. GetOutPutStr("%s%08X%s%s", "EndInitMK", rc,"pszErrMsg", pszErrMsg).c_str());
  938. GetFunction()->ShowFatalError(pszErrMsg);
  939. }
  940. else
  941. {
  942. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("初始化成功。。。");
  943. }
  944. m_eErrNum = rc;
  945. bool bSuc = rc == Error_Succeed;
  946. // 通知UI窗口
  947. if (m_ctx != NULL) {
  948. m_ctx->Ans.Errcode = rc;
  949. m_ctx->Ans.ErrMsg = m_strLastErrMsg;
  950. m_ctx->Answer(Error_Succeed);
  951. }
  952. }
  953. ErrorCodeEnum CAccessAuthEntity::LoadKeysToPinPadACS(string TMK, string TPK, string EDK, string index, string tpkCheck, string edkCheck)
  954. {
  955. LOG_FUNCTION();
  956. //加载到密码键盘
  957. PinPadService_ClientBase* pPinPad = new PinPadService_ClientBase(this);
  958. auto rc = pPinPad->Connect();
  959. if (rc == Error_Succeed)
  960. {
  961. PinPadService_LoadKeysSM_Req req = {};
  962. req.initializeflag = true;
  963. req.smflag = 1;
  964. req.masterkey = TMK.c_str();
  965. req.workingkey1 = TPK.c_str();
  966. req.workingkey2 = EDK.c_str();
  967. req.reserved3 = index.c_str();
  968. req.reserved4 = tpkCheck.c_str();
  969. if (!req.initializeflag) DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("LoadKeysToPinPadACS")("initializeflag is false");
  970. PinPadService_LoadKeysSM_Ans ans = {};
  971. rc = pPinPad->LoadKeysSM(req, ans, 30000);
  972. if (rc != Error_Succeed)
  973. {
  974. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("load sm key to pinpad failed.");
  975. return Error_Unexpect;
  976. }
  977. pPinPad->GetFunction()->CloseSession();
  978. }
  979. else
  980. {
  981. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("connect to pinpad failed %x", rc);
  982. return Error_Unexpect;
  983. }
  984. return Error_Succeed;
  985. }
  986. DWORD CAccessAuthEntity::InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer& ctx)
  987. {
  988. return m_FSM.InitDevice(ctx);
  989. }
  990. void CAccessAuthEntity::GetNetMsg(SpReqAnsContext<AccessAuthService_GetNetMsg_Req, AccessAuthService_GetNetMsg_Ans>::Pointer& ctx)
  991. {
  992. m_FSM.GetNetMsg(ctx);
  993. return;
  994. }
  995. bool CAccessAuthEntity::GenerateRandomNum()
  996. {
  997. LOG_FUNCTION();
  998. const int MAX_KEY_SIZE = 256;
  999. //get public key-->send random number --> set working key
  1000. int ret1, ret2, ret3, ret4;
  1001. unsigned int ram[4];
  1002. #ifdef RVC_OS_WIN
  1003. ret1 = rand_s(&ram[0]);
  1004. ret2 = rand_s(&ram[1]);
  1005. ret3 = rand_s(&ram[2]);
  1006. ret4 = rand_s(&ram[3]);
  1007. if ((ret1 != 0) || (ret2 != 0) || (ret3 != 0) || (ret4 != 0))
  1008. return false;
  1009. ZeroMemory(m_btRam, 16);
  1010. #else
  1011. ram[0] = rand();
  1012. ram[1] = rand();
  1013. ram[2] = rand();
  1014. ram[3] = rand();
  1015. memset(m_btRam, 0, 16);
  1016. #endif // RVC_OS_WIN
  1017. for (int i = 0, j = 0; j < 4; ++j)
  1018. {
  1019. m_btRam[i + 0] = ((ram[j] & 0xff000000) >> 24);
  1020. m_btRam[i + 1] = ((ram[j] & 0x00ff0000) >> 16);
  1021. m_btRam[i + 2] = ((ram[j] & 0x0000ff00) >> 8);
  1022. m_btRam[i + 3] = (ram[j] & 0x000000ff);
  1023. i += 4;
  1024. }
  1025. return true;
  1026. }
  1027. pair<string, string> CAccessAuthEntity::GenerateTmkToKMC()
  1028. {
  1029. LOG_FUNCTION();
  1030. if (!GenerateRandomNum())
  1031. return make_pair("", "");
  1032. #ifdef DEVOPS_ON_ST /*DevOps流水线编译,ST环境*/
  1033. CSimpleStringA tmpPubKey = "0445FAF2B721207A39A9F3DEE3B3D89E2EF8924882968D31FC54FDA4F41D3D94AED4DA1B3C38B17193AD2952BD24407B7C01A80E65630A2FAD5073691613EAA814";
  1034. #elif defined(DEVOPS_ON_UAT)/*DevOps流水线编译,UAT环境*/
  1035. CSimpleStringA tmpPubKey = "040AEC50A1FC9C5E9B1162FE4520C9E18E6F471A3F6DB77B147F0A464B5BFD0EDBE08AE8377C458CA204456E7A86568AAA9240F1C843E47988A6A197B232539DC8";
  1036. #elif defined(DEVOPS_ON_PRD)/*DevOps流水线编译,PRD环境*/
  1037. CSimpleStringA tmpPubKey = "04E0A4FDA2484A1A0FAB0844F59110AEB7A08D314B5E451E816FC0E78CBA383B461474E1167B86FC48D704CB482DD5164A73AB9E019CCE26EE382B89C394B5ACE1";
  1038. #elif defined(DEVOPS_ON_DEV)/*DevOps流水线编译,Dev环境*/
  1039. CSimpleStringA tmpPubKey = "0445FAF2B721207A39A9F3DEE3B3D89E2EF8924882968D31FC54FDA4F41D3D94AED4DA1B3C38B17193AD2952BD24407B7C01A80E65630A2FAD5073691613EAA814";
  1040. #else/*本地编译等非DevOps环境编译的版本*/
  1041. CSimpleStringA tmpPubKey = "0445FAF2B721207A39A9F3DEE3B3D89E2EF8924882968D31FC54FDA4F41D3D94AED4DA1B3C38B17193AD2952BD24407B7C01A80E65630A2FAD5073691613EAA814";
  1042. #endif
  1043. return EncryptedByPubKey(tmpPubKey);
  1044. }
  1045. pair<string, string> CAccessAuthEntity::EncryptedByPubKey(CSimpleStringA pubKey, bool bNeed04Head)
  1046. {
  1047. LOG_FUNCTION();
  1048. if (pubKey.GetLength() <= 0)
  1049. return make_pair("", "");
  1050. PCHAR strRam = new CHAR[512];
  1051. memset(strRam, 0, 512);
  1052. memcpy(strRam, &(m_btRam[0]), 16);
  1053. HexBuf2StrBuf((PBYTE)m_btRam, &strRam, 16);
  1054. const int MAX_KEY_SIZE = 256;
  1055. char random_enc_bypbk[MAX_KEY_SIZE];
  1056. memset(random_enc_bypbk, 0, MAX_KEY_SIZE);
  1057. //公钥加密随机数
  1058. int outMsgLen = MAX_KEY_SIZE;
  1059. PBYTE pxxKey = new BYTE[256];
  1060. PBYTE pOldPubKey = new BYTE[256];
  1061. memset(pOldPubKey, 0, 256);
  1062. memset(pxxKey, 0, 256);
  1063. int size = StrBuf2HexBuf(pubKey.GetData(), &pOldPubKey);
  1064. if (bNeed04Head)
  1065. {
  1066. pxxKey[0] = 0x04;
  1067. memcpy(pxxKey + 1, pOldPubKey, size);
  1068. }
  1069. else
  1070. memcpy(pxxKey, pOldPubKey, 65);
  1071. int retSM2 = EncWithSM2PubKey((unsigned char*)m_btRam, 16, (unsigned char*)random_enc_bypbk, &outMsgLen, (unsigned char*)pxxKey, 65);
  1072. if (!retSM2 || outMsgLen != 113)
  1073. {
  1074. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("EncWithSM2PubKey failed outMsgLen:%d.", outMsgLen);
  1075. return make_pair("", "");
  1076. }
  1077. PBYTE tmp_enc_bypbk = new BYTE[112];
  1078. memset(tmp_enc_bypbk, 0, 112);
  1079. if (bNeed04Head)
  1080. {
  1081. memcpy(tmp_enc_bypbk, &(random_enc_bypbk[1]), 112);
  1082. }
  1083. else
  1084. {
  1085. memcpy(tmp_enc_bypbk, &(random_enc_bypbk[1]), 64);
  1086. memcpy(tmp_enc_bypbk + 64, &(random_enc_bypbk[97]), 16);
  1087. memcpy(tmp_enc_bypbk + 80, &(random_enc_bypbk[65]), 32);
  1088. }
  1089. PCHAR pBlock = new CHAR[512];
  1090. memset(pBlock, 0, 512);
  1091. BYTE tmpRandomEnc[512];
  1092. memset(tmpRandomEnc, 0, 512);
  1093. memcpy(tmpRandomEnc, &(tmp_enc_bypbk[0]), outMsgLen - 1);
  1094. size = HexBuf2StrBuf((PBYTE)tmpRandomEnc, &pBlock, 112);
  1095. return make_pair(pBlock, strRam);
  1096. }
  1097. void CAccessAuthEntity::GetHardWareInfo()
  1098. {
  1099. std::map<std::string, std::string> errInfo;
  1100. //oilyang@20231008 to get system info from runcfg first
  1101. //no matter calculating from runcfg succeed or not,we also get system info from system api for update runcfg
  1102. bool bGetFromRunCfg = false;
  1103. CSimpleString csInfo, strErrMsg, strRet;
  1104. CSmartPointer<IConfigInfo> pConfigRun;
  1105. ErrorCodeEnum eErr = GetFunction()->OpenConfig(Config_Run, pConfigRun);
  1106. if (eErr == Error_Succeed && pConfigRun->ReadConfigValue("system", "info", csInfo) == Error_Succeed && !csInfo.IsNullOrEmpty()) {
  1107. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("read device info from runcfg: [%s]", csInfo.GetData());
  1108. CAutoArray<CSimpleStringA> sysInfo = csInfo.Split('|');
  1109. if (sysInfo.GetCount() == 3)
  1110. {
  1111. m_cpuId = sysInfo[0];
  1112. m_mainBoardId = sysInfo[1];
  1113. m_hardDiskId = sysInfo[2];
  1114. bGetFromRunCfg = true;
  1115. m_iGetTermSysInfo = 1;
  1116. }
  1117. else
  1118. {
  1119. m_iGetTermSysInfo = -1;
  1120. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setAPI("GetTerminalFingerPrint")("get sm3 hash as fingerprint fail");
  1121. }
  1122. }
  1123. else
  1124. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("GetTermSysInfo, OpenConfig Config_Run error=%d.", eErr);
  1125. #ifdef RVC_OS_LINUX
  1126. char szTmp[1024] = {};
  1127. string strTmp;
  1128. int nTmpBufLen = 1024;
  1129. CSimpleStringA runInfoPath;
  1130. auto rc = GetFunction()->GetPath("runinfo", runInfoPath);
  1131. if (rc != Error_Succeed) {
  1132. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("GetPath runinfo error=%d.", rc);
  1133. return;
  1134. }
  1135. runInfoPath += SPLIT_SLASH_STR "runcfg";
  1136. //CPU
  1137. if (!get_cpu_id_by_system(strTmp, runInfoPath.GetData()))
  1138. {
  1139. if (!bGetFromRunCfg)
  1140. {
  1141. errInfo["errcode"] = "RTA5213";
  1142. errInfo["msg"] = "调用系统api获取CPU序号失败";
  1143. errInfo["getLastErr"] = GetLastError();
  1144. m_cpuId = generateJsonStr(errInfo).second.c_str();
  1145. m_iGetTermSysInfo = -1;
  1146. }
  1147. strErrMsg = CSimpleStringA::Format("查询CPU ID失败,请重启机器并重新初始化");
  1148. SetAuthErrMsg((const char*)strErrMsg);
  1149. LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
  1150. GetOutPutStr("%s%s%s%d", "QueryWMIDevice", "False", "Processor", GetLastError()).c_str());
  1151. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5213")
  1152. (GetOutPutStr("%s%s", "Processor", "False").c_str());
  1153. return;
  1154. }
  1155. m_cpuId = strTmp.c_str();
  1156. strRet = strTmp.c_str();
  1157. strTmp.clear();
  1158. //主板
  1159. if (!get_board_serial_by_system(strTmp, runInfoPath.GetData()))
  1160. {
  1161. if (!bGetFromRunCfg)
  1162. {
  1163. errInfo["errcode"] = "RTA5214";
  1164. errInfo["msg"] = "调用系统api获取主板ID号失败";
  1165. errInfo["getLastErr"] = GetLastError();
  1166. m_mainBoardId = generateJsonStr(errInfo).second.c_str();
  1167. m_iGetTermSysInfo = -1;
  1168. }
  1169. strErrMsg = CSimpleStringA::Format("查询主板序列号失败, 请重启机器并重新初始化");
  1170. SetAuthErrMsg((const char*)strErrMsg);
  1171. LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
  1172. GetOutPutStr("%s%s%s%d", "QueryWMIDevice", "False", "BaseBoard", GetLastError()).c_str());
  1173. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5214")
  1174. (GetOutPutStr("%s%s", "BaseBoard", "False").c_str());
  1175. return;
  1176. }
  1177. m_mainBoardId = strTmp.c_str();
  1178. strRet += "|";
  1179. strRet += strTmp.c_str();
  1180. //硬盘
  1181. vector<string> diskArr;
  1182. int errCode = 0;
  1183. if (!get_disk_serial_by_system(diskArr, errCode, runInfoPath.GetData()))
  1184. {
  1185. if (!bGetFromRunCfg)
  1186. {
  1187. errInfo["errcode"] = "RTA5215";
  1188. errInfo["msg"] = "调用系统api获取硬盘ID号失败";
  1189. errInfo["getLastErr"] = GetLastError();
  1190. m_hardDiskId = generateJsonStr(errInfo).second.c_str();
  1191. m_iGetTermSysInfo = -1;
  1192. }
  1193. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("get_disk_serial_by_system errCode:%d", errCode);
  1194. strErrMsg = CSimpleStringA::Format("查询磁盘序列号失败, 请重启机器并重新初始化");
  1195. SetAuthErrMsg((const char*)strErrMsg);
  1196. LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
  1197. GetOutPutStr("%s%s%s%d", "QueryWMIDevice", "False", "BaseBoard", GetLastError()).c_str());
  1198. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5215")
  1199. (GetOutPutStr("%s%s", "DiskDrive", "False").c_str());
  1200. return;
  1201. }
  1202. strRet += "|";
  1203. strTmp = "";
  1204. vector<string>::iterator it = diskArr.begin();
  1205. while (it != diskArr.end()) {
  1206. strTmp += *it;
  1207. it++;
  1208. }
  1209. strRet += strTmp.c_str();
  1210. m_hardDiskId = strTmp.c_str();
  1211. #else
  1212. ULONGLONG ullStart = GetTickCount64();
  1213. char szTmp[1024] = {};
  1214. int nTmpBufLen = 1024;
  1215. if (!QueryWMIDevice(Processor, "ProcessorId", szTmp, &nTmpBufLen))
  1216. {
  1217. if (!bGetFromRunCfg)
  1218. {
  1219. errInfo["errcode"] = "RTA5213";
  1220. errInfo["msg"] = "调用系统api获取CPU序号失败";
  1221. errInfo["getLastErr"] = GetLastError();
  1222. m_cpuId = generateJsonStr(errInfo).second.c_str();
  1223. m_iGetTermSysInfo = -1;
  1224. }
  1225. strErrMsg = CSimpleStringA::Format("查询 cpu id 失败: %d, 请尝试重启应用", GetLastError());
  1226. SetAuthErrMsg((const char*)strErrMsg);
  1227. LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
  1228. GetOutPutStr("%s%s%s%d", "QueryWMIDevice", "False", "Processor", GetLastError()).c_str());
  1229. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5213")
  1230. (GetOutPutStr("%s%s%s%d", "QueryWMIDevice", "False", "Processor", GetLastError()).c_str());
  1231. return;
  1232. }
  1233. strRet = szTmp;
  1234. m_cpuId = szTmp;
  1235. nTmpBufLen = 1024;
  1236. memset(szTmp, 0, sizeof(szTmp));
  1237. if (!QueryWMIDevice(BaseBoard, "SerialNumber", szTmp, &nTmpBufLen))
  1238. {
  1239. if (!bGetFromRunCfg)
  1240. {
  1241. errInfo["errcode"] = "RTA5214";
  1242. errInfo["msg"] = "调用系统api获取主板ID号失败";
  1243. errInfo["getLastErr"] = GetLastError();
  1244. m_mainBoardId = generateJsonStr(errInfo).second.c_str();
  1245. m_iGetTermSysInfo = -1;
  1246. }
  1247. strErrMsg = CSimpleStringA::Format("查询 baseboard sn 失败: %d, 请尝试重启应用", GetLastError());
  1248. SetAuthErrMsg((const char*)strErrMsg);
  1249. LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
  1250. GetOutPutStr("%s%s%s%d", "QueryWMIDevice", "False", "BaseBoard", GetLastError()).c_str());
  1251. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5214")
  1252. (GetOutPutStr("%s%s%s%d", "QueryWMIDevice", "False", "BaseBoard", GetLastError()).c_str());
  1253. return;
  1254. }
  1255. strRet += "|";
  1256. strRet += szTmp;
  1257. m_mainBoardId = szTmp;
  1258. nTmpBufLen = 1024;
  1259. memset(szTmp, 0, sizeof(szTmp));
  1260. if (!QueryWMIDevice(DiskDrive, "SerialNumber", szTmp, &nTmpBufLen))
  1261. {
  1262. if (!bGetFromRunCfg)
  1263. {
  1264. errInfo["errcode"] = "RTA5215";
  1265. errInfo["msg"] = "调用系统api获取硬盘ID号失败";
  1266. errInfo["getLastErr"] = GetLastError();
  1267. m_hardDiskId = generateJsonStr(errInfo).second.c_str();
  1268. m_iGetTermSysInfo = -1;
  1269. }
  1270. strErrMsg = CSimpleStringA::Format("查询 harddisk sn 失败: %d, 请尝试重启应用", GetLastError());
  1271. SetAuthErrMsg((const char*)strErrMsg);
  1272. LogWarn(Severity_Middle, Error_Unexpect, ERR_ACCESSAUTH_GET_TERMINAL_FINGERPRINT,
  1273. GetOutPutStr("%s%s%s%d", "QueryWMIDevice", "False", "DiskDrive", GetLastError()).c_str());
  1274. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5215")
  1275. (GetOutPutStr("%s%s", "DiskDrive", "False").c_str());
  1276. return;
  1277. }
  1278. strRet += "|";
  1279. strRet += szTmp;
  1280. m_hardDiskId = szTmp;
  1281. ULONGLONG ullEnd = GetTickCount64();
  1282. if (ullEnd - ullStart > 5000)
  1283. {
  1284. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM).setResultCode("RTA5201")
  1285. ("获取系统信息耗时过长:%d秒", (ullEnd - ullStart) / 1000);
  1286. LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_GetTermCostTooLong,
  1287. CSimpleStringA::Format("获取系统信息耗时过长:%d秒", (ullEnd - ullStart) / 1000));
  1288. }
  1289. #endif // RVC_OS_LINUX
  1290. if (!bGetFromRunCfg || csInfo.Compare(strRet) != 0)
  1291. {
  1292. eErr = pConfigRun->WriteConfigValue("system", "info", strRet.GetData());
  1293. DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("device info changed,before[%s],current[%s],write to runcfg:%d"
  1294. , csInfo.GetData(), strRet.GetData(), eErr);
  1295. }
  1296. else
  1297. DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("device info: [%s]", strRet.GetData());
  1298. m_iGetTermSysInfo = 1;
  1299. return;
  1300. }
  1301. SP_BEGIN_ENTITY_MAP()
  1302. SP_ENTITY(CAccessAuthEntity)
  1303. SP_END_ENTITY_MAP()