pcacc
/
myvtm


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200
							#pragma once
#include "SpBase.h"
#ifdef RVC_OS_WIN
//#include "RVCCrypt.h"
#endif // RVC_OS_WIN
#include "AccessAuthorization_server_g.h"
using namespace AccessAuthorization;

#include "AccessAuthFSM.h"

int HexBuf2StrBuf(PBYTE hexBuf, char** strBuf, DWORD len);
int StrBuf2HexBuf(LPCTSTR strBuf, PBYTE* hexBuf);

class CAccessAuthEntity;

class CAccessAuthSession : public AccessAuthService_ServerSessionBase
{
public:
	CAccessAuthSession(CAccessAuthEntity* pEntity) : m_pEntity(pEntity) {}
	virtual ~CAccessAuthSession() {}

	virtual void Handle_Regist(SpOnewayCallContext<AccessAuthService_Regist_Info>::Pointer ctx);
	virtual void Handle_UpdateWK(SpOnewayCallContext<AccessAuthService_UpdateWK_Info>::Pointer ctx);
	virtual void Handle_InitializeNew(SpReqAnsContext<AccessAuthService_InitializeNew_Req, AccessAuthService_InitializeNew_Ans>::Pointer ctx);
	virtual void Handle_InitDev(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer ctx);
	virtual void Handle_GetNetMsg(SpReqAnsContext<AccessAuthService_GetNetMsg_Req, AccessAuthService_GetNetMsg_Ans>::Pointer ctx);
private:
	CAccessAuthEntity* m_pEntity;
};

class CAccessAuthEntity : public CEntityBase, public ISysVarListener
{
public:
	CAccessAuthEntity()
	{
		m_eErrNum = Error_Succeed;
		m_bNewSMFWB = false;
		m_iGetTermSysInfo = 0;
	}
	virtual ~CAccessAuthEntity()
	{
	}

	virtual const char* GetEntityName() const { return "AccessAuthorization"; }
	virtual bool IsService()const { return true; }

	virtual void OnStarted();
	virtual void OnPreStart(CAutoArray<CSimpleStringA> strArgs, CSmartPointer<ITransactionContext> pTransactionContext);
	virtual void OnPreClose(EntityCloseCauseEnum eCloseCause, CSmartPointer<ITransactionContext> pTransactionContext);
	virtual void OnSysVarEvent(const char* pszKey, const char* pszValue, const char* pszOldValue, const char* pszEntityName);

	virtual CServerSessionBase* OnNewSession(const char* /*pszRemoteEntityName*/, const char* /*pszClass*/)
	{
		return new CAccessAuthSession(this);
	}

	virtual void OnPrePause(CSmartPointer<ITransactionContext> pTransactionContext)
	{
		LOG_FUNCTION();

		ErrorCodeEnum result(Error_DataCheck);
		do
		{
			if (m_FSM.RtsMapToUserCode("RTS1705", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1705", 0)) {
				DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__);
				break;
			}
			if (m_FSM.RtsMapToUserCode("RTS1707", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1707", 0)) {
				DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__);
				break;
			}
			if (m_FSM.RtsMapToUserCode("RTS1711", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1711", 0)) {
				DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__);
				break;
			}
			if (m_FSM.RtsMapToUserCode("RTS1712", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1712", 0)) {
				DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__);
				break;
			}
			if (m_FSM.RtsMapToUserCode("RTS1713", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1713", 0)) {
				DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__);
				break;
			}
			if (m_FSM.RtsMapToUserCode("RTS1714", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1714", 0)) {
				DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__);
				break;
			}
			if (m_FSM.RtsMapToUserCode("RTS1715", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1715", 0)) {
				DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__);
				break;
			}
			if (m_FSM.RtsMapToUserCode("RTS1716", 0) != m_FSM.RtsMapToUserCodeBakup("RTS1716", 0)) {
				DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__);
				break;
			}
			if (m_FSM.RtsMapToUserCode("RTS1717", 1) == m_FSM.RtsMapToUserCodeBakup("RTS1717", 0)) {
				DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__);
				break;
			}
			if (m_FSM.RtsMapToUserCode("RTS1715", 0) == m_FSM.RtsMapToUserCodeBakup("RTS1707", 0)) {
				DbgWithLink(LOG_LEVEL_ERROR, LOG_TYPE_SYSTEM)("%d", __LINE__);
				break;
			}

			result = Error_Succeed;

		} while (false);

		pTransactionContext->SendAnswer(result);
	}

	virtual void OnPreContinue(CSmartPointer<ITransactionContext> pTransactionContext)
	{
		pTransactionContext->SendAnswer(Error_Succeed);
	}

	// 开始准入
	ErrorCodeEnum Regist();
	void UpdateWK();

	string ByteArrayToHexStr(BYTE* pBuf, int nBufLen);

	// 生成SM2密钥对
	DWORD CreateSM2KeyPair(CBlob& pubKey, CBlob& priKey);

	// 保存密钥对到令牌实体
	DWORD SaveSM2KeyPair(const CBlob& pubKey, const CBlob& priKey);

	// 保存Token和共享会话密钥到令牌实体
	ErrorCodeEnum SaveTokenAndSharedSK(const CBlob& token, const CBlob& sharedSK);

	// 是否使用PinPad
	bool HasPinPad();
	// 机型是否配置密码键盘
	bool IsMachineTypeConfigurePinPad(CSimpleStringA strMachineType);

	int GetPinPadCapability();

	// 保存会话密钥
	bool SaveAuthKey(BYTE* pKey);

	// 调用准入会话密钥加密
	ErrorCodeEnum EncryptDataWithSessionKey(const CBlob& raw, CBlob& enc);

	bool GetTerminalFingerPrint(BYTE* pBuf, int& nBufLen);
	bool GetTerminalPublicKey(BYTE* pBuf, int& nBufLen);
	bool GetTerminalPublicKey(BYTE* pBuf, int& nBufLen, string& pubkey);

	void SetAuthErrMsg(const char* pszErrMsg) { m_strAuthErrMsg = pszErrMsg; }
	const char* GetAuthErrMsg() { return m_strAuthErrMsg; }

	// 获取密码键盘ID和外设ID
	//oilyang@20210510 add:in order to avoid getting info out of async, check if has pinpad while getting info
	// 返回1：只有PinPadID；2：只有DeviceID；3：两者都有；0：失败
	int GetPinPadIDAndDeviceID(CSimpleStringA& strPinPadID, CSimpleStringA& strDeviceID, bool& bHasPinPad);

	// 设置时区
	wstring ANSIToUnicode(const string& str);
	BOOL SetLocalTimeZoneByKeyName(const TCHAR* szTimeZoneKeyName, BOOL isDaylightSavingTime);

	void printPasswdError(const string& strErrMsg);
	BYTE m_AuthSessionKey[140];
	virtual void OnSelfTest(EntityTestEnum eTestType, CSmartPointer<ITransactionContext> pTransactionContext)
	{
		pTransactionContext->SendAnswer(Error_Succeed);
	}

	void BeginInitMKACS();
	bool SendInitMKReqACS(CInitlizerMKReq& initMKReq);
	CSimpleStringA GetInitUrl()
	{
		return m_strInitUrl;
	}
	void EndInitMK(DWORD rc, const char* pszErrMsg);
	ErrorCodeEnum LoadKeysToPinPadACS(string TMK, string TPK, string EDK, string index);
	DWORD InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer& ctx);
	void GetNetMsg(SpReqAnsContext<AccessAuthService_GetNetMsg_Req, AccessAuthService_GetNetMsg_Ans>::Pointer& ctx);
	DWORD m_eErrNum;
	CSimpleStringA m_strLastErrMsg;
	CSimpleStringA m_strUserID, m_strPassword, m_strInitUrl;
	SpReqAnsContext<AccessAuthService_InitializeNew_Req, AccessAuthService_InitializeNew_Ans>::Pointer m_ctx;
	pair<string, string> GenerateTmkToKMC();
	pair<string, string> GenerateTmkToDevice();
	pair<string, string> EncryptedByPubKey(CSimpleStringA pubKey, bool bNeed04Head = false);
	void GetTermSysInfo();

	CSimpleStringA m_publicKey;
	CSimpleStringA m_privateKey;

protected:
	CAccessAuthFSM m_FSM;
	CSystemStaticInfo m_info;
	CSimpleStringA m_strAuthErrMsg;

private:
	bool GenerateRandomNum();
	bool m_bNewSMFWB;
	BYTE m_btRam[16], m_btTermSysInfoSM3[32];
	int m_iGetTermSysInfo;//0:初始值，尚未完成获取过程 1:成功 -1:失败
};