myvtm/Module/mod_accessauth/mod_AccessAuth.h

#pragma once
#include "SpBase.h"
#include "RVCCrypt.h"
#include "AccessAuthorization_server_g.h"
using namespace AccessAuthorization;

#include "..\EventCode.h"
#include "AccessAuthFSM.h"
//
//#include <string>
//using namespace std;

// 准入服务 0x502
class CAccessAuthEntity;

class CAccessAuthSession : public AccessAuthService_ServerSessionBase
{
public:
	CAccessAuthSession(CAccessAuthEntity *pEntity) : m_pEntity(pEntity) {}
	virtual ~CAccessAuthSession() {}

	virtual void Handle_Regist(SpOnewayCallContext<AccessAuthService_Regist_Info>::Pointer ctx);	
	virtual void Handle_Unregist(SpOnewayCallContext<AccessAuthService_Unregist_Info>::Pointer ctx);
	virtual void Handle_Reregist(SpOnewayCallContext<AccessAuthService_Reregist_Info>::Pointer ctx);
	virtual void Handle_PushTerminalStage(SpOnewayCallContext<AccessAuthService_PushTerminalStage_Info>::Pointer ctx);
	virtual void Handle_InitDev(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer ctx);
	virtual void Handle_SyncTime(SpOnewayCallContext<AccessAuthService_SyncTime_Info>::Pointer ctx);	
	
private:
	CAccessAuthEntity *m_pEntity;
};

//class PinPadClass;
class CAccessAuthEntity : public CEntityBase, public ISysVarListener
{
public:
	CAccessAuthEntity() :m_nAuthVersion(1) {}
	virtual ~CAccessAuthEntity() 
	{
		/*if (NULL != m_pkeys)
		{
			delete m_pkeys;
			m_pkeys = NULL;
		}*/
	}

	virtual const char *GetEntityName() const { return "AccessAuthorization"; }
	virtual bool IsService()const{return true;}

	virtual void OnStarted();
	virtual void OnPreStart(CAutoArray<CSimpleStringA> strArgs,CSmartPointer<ITransactionContext> pTransactionContext); 
	virtual void OnPreClose(EntityCloseCauseEnum eCloseCause,CSmartPointer<ITransactionContext> pTransactionContext);
	virtual void OnSysVarEvent(const char *pszKey, const char *pszValue,const char *pszOldValue,const char *pszEntityName);
		
	virtual CServerSessionBase *OnNewSession(const char* /*pszRemoteEntityName*/, const char * /*pszClass*/)
	{
		//LOG_FUNCTION();
		return new CAccessAuthSession(this);
	}

	// 开始准入
	ErrorCodeEnum Regist();

	// 重新准入
	ErrorCodeEnum Reregist();

	// 准入退出
	ErrorCodeEnum Unregist(int nReason, int nWay);

	// 时间同步
	ErrorCodeEnum SyncTime();

	// 状态上报
	ErrorCodeEnum PushTerminalStage(char cNewStage, DWORD dwNewStageTime, char cOldStage, DWORD dwOldStageTime);

	// KMC初始化
	ErrorCodeEnum InitKMC();
		
	// 获取WK更新请求包
	// @nAlgFlag:  1:3des only; 2: sm4 only; 3: both 3des and sm4
	ErrorCodeEnum GetKmcWKUpdateData(char *pBuf, int &nLen, int  nAlgFlag);

	// 解析WK
	// @nAlgFlag:  1:3des only; 2: sm4 only; 3: both 3des and sm4
	ErrorCodeEnum ParseWKUpdateResult(char *pBuf, int nLen, int  nAlgFlag);

	// 获取KMC错误
	CSimpleStringA GetKMCLastErrMsg();

	// 释放KMC
	ErrorCodeEnum ReleaseKMC();

	//ErrorCodeEnum PrintAllKeys(bool bSM);

	// 加载新WK
	ErrorCodeEnum LoadPinPadWK(bool bSM);
	
	bool HexStrToByteArray(const char* pHex, BYTE *pBuf, int *pBufLen);
	string ByteArrayToHexStr(BYTE *pBuf, int nBufLen);

	// 调用PinPad加密(只支持DES加密，不支持SM)
	ErrorCodeEnum EncryptDataWithPinPad(const CBlob &raw, CBlob &enc);

	// 生成RSA密钥对
	ErrorCodeEnum CreateRsaKeyPair(CBlob &pubKey, CBlob &priKey);

	// 保存密钥对到令牌实体
	ErrorCodeEnum SaveRsaKeyPair(const CBlob &pubKey, const CBlob &priKey);

	// 保存Token和共享会话密钥到令牌实体
	ErrorCodeEnum SaveTokenAndSharedSK(const CBlob &token, const CBlob &sharedSK);

	// 是否使用PinPad
	bool HasPinPad();

	int GetPinPadCapability();

	// 保存准入版本及会话密钥
	bool SaveAuthVerAndKey(int nAuthVer, BYTE *pKey);

	inline int  GetAuthVersion(){ return m_nAuthVersion; }

	// 调用准入会话密钥加密
	ErrorCodeEnum EncryptDataWithSessionKey(const CBlob &raw, CBlob &enc);

	bool GetTerminalFingerPrint(BYTE *pBuf, int &nBufLen);
	bool GetTerminalPublicKey(BYTE *pBuf, int &nBufLen);
	bool GetMD5Hash(const char *pStr, BYTE md5[16]);
	
	ErrorCodeEnum InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx);

	void SetAuthErrMsg(const char *pszErrMsg) { m_strAuthErrMsg = pszErrMsg; }
	const char *GetAuthErrMsg() { return m_strAuthErrMsg; }

	// 获取密码键盘ID和外设ID
	// 返回1：只有PinPadID；2：只有DeviceID；3：两者都有；0：失败
	int GetPinPadIDAndDeviceID(CSimpleStringA &strPinPadID, CSimpleStringA &strDeviceID);

	// 密码键盘是否支持校验码
	bool HasCkCodeFlg();

	// 设置时区
	wstring ANSIToUnicode(const string& str);
	BOOL SetLocalTimeZoneByKeyName(const TCHAR* szTimeZoneKeyName, BOOL isDaylightSavingTime);


protected:
	CAccessAuthFSM m_FSM;

	int m_nAuthVersion;		// 准入请求版本： 1 借助KMC密钥验证；2 借助终端密钥动态生成会话密钥验证
	BYTE m_AuthSessionKey[140];

	CSimpleStringA m_strAuthErrMsg;
	EncKeys* m_pkeys;
};