Merge pull request !10009 from LR04.02_RVCTerminalPlus/cjl_accessNew_20230104

Module/mod_accessauth/AccessAuthConn.cpp

@@ -15,17 +15,6 @@ using namespace std;
 
 #define MY_ENCODING_TYPE  (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)
 //oiltest need to public function
-int HexBuf2StrBuf(PBYTE hexBuf, char** strBuf, DWORD len)
-{
-	char* tmpStr = *strBuf;
-	int count = 0;
-	for (int i = 0; i < len; ++i)
-	{
-		sprintf(tmpStr + count, "%0.2X", hexBuf[i]);
-		count += 2;
-	}
-	return 0;
-}
 CAccessAuthConn::CAccessAuthConn(CEntityBase *pEntity, CAccessAuthFSM *pFSM)
 	:SpSecureClient(pEntity), m_pFSM(pFSM)
 {	
@@ -100,7 +89,7 @@ DWORD CAccessAuthConn::HandleUpdateWKRet(const CSmartPointer<IPackage> &pRecvPkg
 	LOG_FUNCTION();
 	DWORD rc = Error_Unexpect;
 	DWORD dwSysCode, dwUserCode;
-	string strErrMsg;
+	/*string strErrMsg;
 	auto pEntity = (CAccessAuthEntity*)m_pEntity;
 	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
@@ -138,7 +127,7 @@ DWORD CAccessAuthConn::HandleUpdateWKRet(const CSmartPointer<IPackage> &pRecvPkg
 			rc = pEntity->LoadPinPadWK(true);
 		}
 	}
-	m_pFSM->PostEventFIFO(new FSMEvent(rc == Error_Succeed ? CAccessAuthFSM::Event_UpdateWKSucc : CAccessAuthFSM::Event_UpdateWKFail));
+	m_pFSM->PostEventFIFO(new FSMEvent(rc == Error_Succeed ? CAccessAuthFSM::Event_UpdateWKSucc : CAccessAuthFSM::Event_UpdateWKFail));*/
 	return rc;
 }
 
@@ -995,74 +984,74 @@ DWORD CAccessAuthConn::HandleSyncTimeRet(const CSmartPointer<IPackage> &pRecvPkg
 	int nAuthVersion = 1;		// 默认使用KMC准入
 	BYTE *pSessionKey = NULL;
 
-	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
-	{
-		rc = dwUserCode;
-		m_pFSM->doWarnMsg(rc, GetOutPutStr("%s%08X%s%s", "GetErrMsg", rc,"strErrMsg", strErrMsg.c_str()).c_str());
-
-	}
-	else
-	{
-		int nRetLen = pRecvPkg->GetStructLen("SYNC_A1");
-		if (nRetLen >0)
-		{
-			assert(nRetLen == sizeof(SyncTimeAns));
-			SyncTimeAns ret;
-			memset(&ret, 0, sizeof(ret));
-
-			int nArrayNum(0);
-			int nBufLen = sizeof(ret);
-			pRecvPkg->GetStructData("SYNC_A1", (BYTE*)&ret, &nBufLen, &nArrayNum);
-
-			// 比较终端和服务器时间， 时差小于3分钟不纠正	
-			DWORD dwTimeDiff = ret.nTimeDiff;
-			if (dwTimeDiff > 180)
-			{
-				DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("time diff is too large (%ds), sync time now", dwTimeDiff);
-
-				CSmallDateTime dtServerTime(CSmallDateTime::GetNow() + dwTimeDiff);
-				SYSTEMTIME stServerTime = dtServerTime.ToSystemTime();
-				
-#ifdef RVC_OS_WIN
-				if (SetLocalTime(&stServerTime))
-#else
-				if (set_system_time_by_sec(dwTimeDiff))
-#endif // RVC_OS_WIN
-					DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("sync time with server succeed, server time: [%s]", (const char*)dtServerTime.ToTimeString());
-				else
-				{
-					m_pFSM->doWarnMsg(ERR_ACCESSAUTH_SET_LOCALE_TIME, GetOutPutStr("%s%s", "设置本地时间错误", dtServerTime.ToTimeString()).c_str());
-					rc = ERR_ACCESSAUTH_SET_LOCALE_TIME;
-				}
-			}
-			else
-			{
-				DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("time diff is acceptable (%ds)", dwTimeDiff);
-			}
-
-			// 检查准入请求版本 //会话密钥缓存
-			Dbg("auth version: %d", ret.nAuthVersion);
-			if (ret.nAuthVersion == 1) {
-				rc = ERR_ACCESSAUTH_AUTH_VERSION;
-				auto pEntity = (CAccessAuthEntity*)m_pEntity;
-				pEntity->GetFunction()->ShowFatalError("时间同步时，获取准入加密版本错误，请先进行密钥初始化");
-				pEntity->SetAuthErrMsg("时间同步时，获取准入加密版本错误，请先进行密钥初始化");
-			}
-			else {
-				bool saveRet = ((CAccessAuthEntity*)m_pEntity)->SaveAuthVerAndKey(ret.nAuthVersion, ret.SessionKey);
-				if (!saveRet) {
-					Dbg("SaveAuthVerAndKey faild.");
-					rc = ERR_ACCESSAUTH_SYNC_TIME;
-				}
-			}
-		}
-		else
-		{
-			m_pFSM->doWarnMsg(ERR_ACCESSAUTH_SYNC_TIME,	GetOutPutStr("%s%d", "时间同步错误", nRetLen).c_str());
-			rc = ERR_ACCESSAUTH_SYNC_TIME;
-		}
-	}
-	m_pFSM->PostEventFIFO(new FSMEvent(rc == Error_Succeed ? CAccessAuthFSM::Event_EndSyncTime : CAccessAuthFSM::Event_CheckMD5Fail));
+//	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
+//	{
+//		rc = dwUserCode;
+//		m_pFSM->doWarnMsg(rc, GetOutPutStr("%s%08X%s%s", "GetErrMsg", rc,"strErrMsg", strErrMsg.c_str()).c_str());
+//
+//	}
+//	else
+//	{
+//		int nRetLen = pRecvPkg->GetStructLen("SYNC_A1");
+//		if (nRetLen >0)
+//		{
+//			assert(nRetLen == sizeof(SyncTimeAns));
+//			SyncTimeAns ret;
+//			memset(&ret, 0, sizeof(ret));
+//
+//			int nArrayNum(0);
+//			int nBufLen = sizeof(ret);
+//			pRecvPkg->GetStructData("SYNC_A1", (BYTE*)&ret, &nBufLen, &nArrayNum);
+//
+//			// 比较终端和服务器时间， 时差小于3分钟不纠正	
+//			DWORD dwTimeDiff = ret.nTimeDiff;
+//			if (dwTimeDiff > 180)
+//			{
+//				DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("time diff is too large (%ds), sync time now", dwTimeDiff);
+//
+//				CSmallDateTime dtServerTime(CSmallDateTime::GetNow() + dwTimeDiff);
+//				SYSTEMTIME stServerTime = dtServerTime.ToSystemTime();
+//				
+//#ifdef RVC_OS_WIN
+//				if (SetLocalTime(&stServerTime))
+//#else
+//				if (set_system_time_by_sec(dwTimeDiff))
+//#endif // RVC_OS_WIN
+//					DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("sync time with server succeed, server time: [%s]", (const char*)dtServerTime.ToTimeString());
+//				else
+//				{
+//					m_pFSM->doWarnMsg(ERR_ACCESSAUTH_SET_LOCALE_TIME, GetOutPutStr("%s%s", "设置本地时间错误", dtServerTime.ToTimeString()).c_str());
+//					rc = ERR_ACCESSAUTH_SET_LOCALE_TIME;
+//				}
+//			}
+//			else
+//			{
+//				DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("time diff is acceptable (%ds)", dwTimeDiff);
+//			}
+//
+//			// 检查准入请求版本 //会话密钥缓存
+//			Dbg("auth version: %d", ret.nAuthVersion);
+//			if (ret.nAuthVersion == 1) {
+//				rc = ERR_ACCESSAUTH_AUTH_VERSION;
+//				auto pEntity = (CAccessAuthEntity*)m_pEntity;
+//				pEntity->GetFunction()->ShowFatalError("时间同步时，获取准入加密版本错误，请先进行密钥初始化");
+//				pEntity->SetAuthErrMsg("时间同步时，获取准入加密版本错误，请先进行密钥初始化");
+//			}
+//			else {
+//				bool saveRet = ((CAccessAuthEntity*)m_pEntity)->SaveAuthVerAndKey(ret.nAuthVersion, ret.SessionKey);
+//				if (!saveRet) {
+//					Dbg("SaveAuthVerAndKey faild.");
+//					rc = ERR_ACCESSAUTH_SYNC_TIME;
+//				}
+//			}
+//		}
+//		else
+//		{
+//			m_pFSM->doWarnMsg(ERR_ACCESSAUTH_SYNC_TIME,	GetOutPutStr("%s%d", "时间同步错误", nRetLen).c_str());
+//			rc = ERR_ACCESSAUTH_SYNC_TIME;
+//		}
+//	}
+//	m_pFSM->PostEventFIFO(new FSMEvent(rc == Error_Succeed ? CAccessAuthFSM::Event_EndSyncTime : CAccessAuthFSM::Event_CheckMD5Fail));
 	
 	return rc;
 }
@@ -1330,14 +1319,14 @@ DWORD CAccessAuthConn::HandleCheckMD5Ret(const CSmartPointer<IPackage> &pRecvPkg
 	DWORD dwSysCode, dwUserCode;
 	string strErrMsg;
 
-	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
+	/*if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
 		rc = (ErrorCodeEnum)dwSysCode;
 		m_pFSM->doWarnMsg(dwUserCode, strErrMsg);
 		CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
 	}
 
-	m_pFSM->PostEventFIFO(new FSMEvent(rc==Error_Succeed ? CAccessAuthFSM::Event_CheckMD5Succ:CAccessAuthFSM::Event_CheckMD5Fail));
+	m_pFSM->PostEventFIFO(new FSMEvent(rc==Error_Succeed ? CAccessAuthFSM::Event_CheckMD5Succ:CAccessAuthFSM::Event_CheckMD5Fail));*/
 
 	return rc;
 }
@@ -1348,14 +1337,14 @@ DWORD CAccessAuthConn::HandleUpdateMD5Ret(const CSmartPointer<IPackage> &pRecvPk
 	DWORD dwSysCode, dwUserCode;
 	string strErrMsg;
 
-	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
+	/*if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
 	{
 		rc = (ErrorCodeEnum)dwSysCode;
 		m_pFSM->doWarnMsg(dwUserCode, strErrMsg);
 		CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
 	}
 
-	m_pFSM->PostEventFIFO(new FSMEvent(rc==Error_Succeed ? CAccessAuthFSM::Event_CheckMD5Succ:CAccessAuthFSM::Event_CheckMD5Fail));
+	m_pFSM->PostEventFIFO(new FSMEvent(rc==Error_Succeed ? CAccessAuthFSM::Event_CheckMD5Succ:CAccessAuthFSM::Event_CheckMD5Fail));*/
 
 	return rc;
 }
@@ -1420,38 +1409,34 @@ DWORD CAccessAuthConn::HandleGetToken(BYTE* enToken1, BYTE* sharedKey, BYTE* enT
 	auto pEntity = (CAccessAuthEntity*)m_pEntity;
 	pEntity->GetOrSetIsFirstSM(1);
 
-	
-	if (m_pFSM->m_bAccessACS) {
-		Dbg("retHash=%s", (char*)retHash);
-
-		char* enToken1_acs, * sharedKey_acs, * enToken2_acs, * hash_acs;
-		int enToken1_acs_len = 0, sharedKey_acs_len = 0, enToken2_acs_len = 0, hash_acs_len = 0;
-		enToken1_acs = Hex2Str((char*)enToken1, enToken1_acs_len);
-		sharedKey_acs = Hex2Str((char*)sharedKey, sharedKey_acs_len);
-		enToken2_acs = Hex2Str((char*)enToken2, enToken2_acs_len);
-		hash_acs = Hex2Str((char*)retHash, hash_acs_len);
-
-		Dbg("enToken1_acs_len=%d", enToken1_acs_len);
-		Dbg("sharedKey_acs_len=%d", sharedKey_acs_len);
-		Dbg("enToken2_acs_len=%d", enToken2_acs_len);
-		Dbg("hash_acs_len=%d", hash_acs_len);
-
-		memset(enToken1, 0, strlen((char*)enToken1));
-		memset(sharedKey, 0, strlen((char*)sharedKey));
-		memset(enToken2, 0, strlen((char*)enToken2));
-		memset(retHash, 0, strlen((char*)retHash));
-
-		memcpy(enToken1, enToken1_acs, enToken1_acs_len);
-		memcpy(sharedKey, sharedKey_acs, sharedKey_acs_len);
-		memcpy(enToken2, enToken2_acs, enToken2_acs_len);
-		memcpy(retHash, hash_acs, hash_acs_len);
-
-		delete enToken1_acs;
-		delete sharedKey_acs;
-		delete enToken2_acs;
-		delete hash_acs;
-
-	}
+	Dbg("retHash=%s", (char*)retHash);
+
+	char* enToken1_acs, * sharedKey_acs, * enToken2_acs, * hash_acs;
+	int enToken1_acs_len = 0, sharedKey_acs_len = 0, enToken2_acs_len = 0, hash_acs_len = 0;
+	enToken1_acs = Hex2Str((char*)enToken1, enToken1_acs_len);
+	sharedKey_acs = Hex2Str((char*)sharedKey, sharedKey_acs_len);
+	enToken2_acs = Hex2Str((char*)enToken2, enToken2_acs_len);
+	hash_acs = Hex2Str((char*)retHash, hash_acs_len);
+
+	Dbg("enToken1_acs_len=%d", enToken1_acs_len);
+	Dbg("sharedKey_acs_len=%d", sharedKey_acs_len);
+	Dbg("enToken2_acs_len=%d", enToken2_acs_len);
+	Dbg("hash_acs_len=%d", hash_acs_len);
+
+	memset(enToken1, 0, strlen((char*)enToken1));
+	memset(sharedKey, 0, strlen((char*)sharedKey));
+	memset(enToken2, 0, strlen((char*)enToken2));
+	memset(retHash, 0, strlen((char*)retHash));
+
+	memcpy(enToken1, enToken1_acs, enToken1_acs_len);
+	memcpy(sharedKey, sharedKey_acs, sharedKey_acs_len);
+	memcpy(enToken2, enToken2_acs, enToken2_acs_len);
+	memcpy(retHash, hash_acs, hash_acs_len);
+
+	delete enToken1_acs;
+	delete sharedKey_acs;
+	delete enToken2_acs;
+	delete hash_acs;
 
 	BYTE enToken[512 + 16] = { 0 };
 	memcpy(enToken, enToken1, 256);

Module/mod_accessauth/AccessAuthConn.h

@@ -245,6 +245,18 @@ class CAccessAuthConn : public SpSecureClient
 public:
 	CAccessAuthConn(CEntityBase *pEntity, CAccessAuthFSM *pFSM);
 
+	int HexBuf2StrBuf(PBYTE hexBuf, char** strBuf, DWORD len)
+	{
+		char* tmpStr = *strBuf;
+		int count = 0;
+		for (int i = 0; i < len; ++i)
+		{
+			sprintf(tmpStr + count, "%0.2X", hexBuf[i]);
+			count += 2;
+		}
+		return 0;
+	}
+
 	DWORD SendSyncTimePackage();
 	DWORD SendSyncTimePackageNew();
 	DWORD SendLockStatePackage();

Module/mod_accessauth/AccessAuthFSM.cpp

@@ -10,7 +10,7 @@
 #include  <stdio.h>
 #include  <stdlib.h>
 #include "comm.h"
-
+#include "fileutil.h"
 #include "CommEntityUtil.hpp"
 
 #ifdef WITH_CPPRESTSDK
@@ -21,7 +21,7 @@
 #endif
 
 CAccessAuthFSM::CAccessAuthFSM()
-	:m_pConnection(NULL),m_bAccessACS(false)
+	:m_pConnection(NULL),m_bAccessACS(false), m_fNetworkChecking(false)
 {
 	m_nAccessFailedCount = 0;
 }
@@ -208,6 +208,17 @@ struct TimeSynTask : ITaskSp {
 		if (m_fsm->GetmAccessAuthHost().IsNullOrEmpty())
 		{
 			LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_AccessAuth_NULL, "TimeSynTask：准入Url为空");
+            FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_ReqTokenCancel);
+            pEvent->param1 = AccessAuthorization_UserErrorCode_AccessAuth_NULL;
+            m_fsm->PostEventFIFO(pEvent);
+            CSimpleStringA strMsg(true);
+            if (!m_fsm->IsCenterSettingFilesExist()) {
+                strMsg = CSimpleStringA::Format("准入服务地址为空（集中配置文件不存在），请下载集中配置后重启应用");
+            }
+            else {
+                strMsg = CSimpleStringA::Format("准入服务地址为空，请下载集中配置或尝试重启应用");
+            }
+            m_fsm->doWarnMsg(AccessAuthorization_UserErrorCode_AccessAuth_NULL, strMsg.GetData(), true);
 			return;
 		}
 		CSystemStaticInfo si;
@@ -301,6 +312,10 @@ struct TimeSynTask : ITaskSp {
             m_fsm->doWarnMsg(ERROR_ACCESSAUTH_CONNECT_ACS,
                              GetOutPutStr("%s%s", "连接总行ACS准入服务失败（TimeSynTask）.", result.WhatError().c_str()).c_str(), true);
             DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("TimeSynTask Connect Failed.");
+
+            FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_ReqTokenCancel);
+            pEvent->param1 = AccessAuthorization_UserErrorCode_ACS_FAIL;
+            m_fsm->PostEventFIFO(pEvent);
 		}
 
 #else
@@ -350,6 +365,9 @@ struct TimeSynTask : ITaskSp {
 	}
 };
 
+
+
+
 struct LockStateTask : ITaskSp {
 	CAccessAuthFSM* m_fsm;
 	LockStateTask(CAccessAuthFSM* fsm) :m_fsm(fsm) {}
@@ -549,8 +567,8 @@ struct UpdateWKTask : ITaskSp {
                 DWORD rc = m_entity->LoadKeysToPinPadNew(updateWKAns.tmk, updateWKAns.tpk, updateWKAns.edk, updateWKAns.index);
                 if (rc == Error_Succeed) {
                     DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("UpdateWKTask LoadKeysToPinPadNew Success");
-                    FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_UpdateWKSucc);
-                    m_fsm->PostEventFIFO(pEvent);
+                    /*FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_UpdateWKSucc);
+                    m_fsm->PostEventFIFO(pEvent);*/
                     return;
                 } else {
                     DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("UpdateWKTask LoadKeysToPinPadNew error = %08X", rc);
@@ -583,7 +601,8 @@ struct UpdateWKTask : ITaskSp {
 
 		UpdateWKRetError:
 
-            FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_UpdateWKFail);
+            //FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_UpdateWKFail);
+            FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_ReqTokenCancel);
             m_fsm->PostEventFIFO(pEvent);
 #else
 
@@ -682,6 +701,17 @@ struct GetTokenTask : ITaskSp {
 		if (m_fsm->GetmAccessAuthHost().IsNullOrEmpty()) {
 
 			LogWarn(Severity_Middle, Error_Unexpect, AccessAuthorization_UserErrorCode_AccessAuth_NULL, "GetTokenTask：准入Url为空");
+            FSMEvent* pEvent = new FSMEvent(CAccessAuthFSM::Event_ReqTokenCancel);
+            pEvent->param1 = AccessAuthorization_UserErrorCode_AccessAuth_NULL;
+            m_fsm->PostEventFIFO(pEvent);
+            CSimpleStringA strMsg(true);
+            if (!m_fsm->IsCenterSettingFilesExist()) {
+                strMsg = CSimpleStringA::Format("准入服务地址为空（集中配置文件不存在），请下载集中配置后重启应用");
+            }
+            else {
+                strMsg = CSimpleStringA::Format("准入服务地址为空，请下载集中配置或尝试重启应用");
+            }
+            m_fsm->doWarnMsg(AccessAuthorization_UserErrorCode_AccessAuth_NULL, strMsg.GetData(), true);
 			return;
 		}
 		CSystemStaticInfo si;
@@ -1136,6 +1166,32 @@ struct TerminalExitTask :public ITaskSp {
 #endif //WITH_CPPRESTSDK
 	}
 };
+
+struct NetworkCheckTask :public ITaskSp
+{
+    CAccessAuthFSM* m_fsm;
+    NetworkCheckTask(CAccessAuthFSM* fsm) :m_fsm(fsm) {
+        m_fsm->SetNetworkCheckingState();
+    }
+    ~NetworkCheckTask() {
+        m_fsm->SetNetworkCheckingState(false);
+    }
+
+    void Process()
+    {
+       // CSimpleStringA strMsg(true);
+        FSMEvent* pEvt = new FSMEvent(CAccessAuthFSM::Event_NetworkIllegal);
+        pEvt->param1 = pEvt->param2 = 0;
+        if (!m_fsm->DetectNetworkLegality()) {
+            auto pAccessAuth = dynamic_cast<CAccessAuthEntity*>(m_fsm->GetEntityBase());
+            pAccessAuth->SetAuthErrMsg("终端上网方式不符合规范要求");
+            pEvt->param1 = 1;
+        }
+        m_fsm->PostEventFIFO(pEvt);
+    }
+
+};
+
 void CAccessAuthFSM::doWarnMsg(int errReason, std::string errMsg, bool bNeedEvent, string varMsg) {
 	auto reasonStr = CSimpleString::Format("0x%X", errReason);
 	const std::string errMsgStr = SP::Utility::GBK2UTF8(errMsg);
@@ -1150,21 +1206,15 @@ void CAccessAuthFSM::doWarnMsg(int errReason, std::string errMsg, bool bNeedEven
 }
 void CAccessAuthFSM::s1_on_entry()
 {
-	SetSysVar("I");
-
-	if (GetStrFromCS("AccessAuthorization", "HostUrl",m_accessAuthHost ) != 0) {
-		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("get Host error.");
-		PostEventFIFO(new FSMEvent(Event_GetHsotFailed));
-		return;
-	}
-	if (GetStrFromCS("AccessAuthorization", "HostInitDeviceUrl", m_initDeviceHost) != 0) {
-		((CAccessAuthEntity*)m_pEntity)->SetAuthErrMsg("get HostInitDevice error.");
-		PostEventFIFO(new FSMEvent(Event_GetHsotFailed));
-		return;
-	}
-
-	LogWarn(Severity_Low, Error_Unexpect, AccessAuthorization_UserErrorCode_ACS_TURE, "Force gray say:come,come,come to ACS.");
-	m_bAccessACS = true;
+    CSimpleStringA strEntryStatus = GetEntryPermitSysVar();
+    if (strEntryStatus.Compare("L") == 0) {
+        PostEventFIFO(new FSMEvent(Event_AccessAuthSucc));
+    }
+    else {
+        DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("EntryStatus: %s", strEntryStatus.GetData());
+        SetEntryPermitSysVar("I");
+    }
+    GetEntityBase()->GetFunction()->SetSysVar("AccessHavePath", "Y");//oiltmp to delete
 }
 
 void CAccessAuthFSM::s1_on_exit()
@@ -1173,537 +1223,137 @@ void CAccessAuthFSM::s1_on_exit()
 
 unsigned int CAccessAuthFSM::s1_on_event(FSMEvent* pEvent)
 {
-	LOG_FUNCTION();
-	DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("s1_on_event: %d", pEvent->iEvt);
-	if (pEvent->iEvt == Event_ReportStage)
-	{
-		ReportStateEvent* pReportEvent = (ReportStateEvent*)pEvent;
-		if (!m_bAccessACS) {
-			
-			if (SecureClientConnect() == Error_Succeed)
-			{
-				m_pConnection->SendTerminalStagePackage(pReportEvent->cNewStage, pReportEvent->dwNewStageTime,
-					pReportEvent->cOldStage, pReportEvent->dwOldStageTime);
-			}
-		}
-		else {
-			CSmartPointer<StageReportTask> stageReport = new StageReportTask(this);
-			GetEntityBase()->GetFunction()->PostThreadPoolTask(stageReport.GetRawPointer());
-		}
-	}
-
-	return 0;
+    DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM).setAPI("s1_on_event")("s1_on_event: %d", pEvent->iEvt);
+    return 0;
 }
 void CAccessAuthFSM::s2_on_entry()
 {
-	LOG_FUNCTION();
+    LOG_FUNCTION();
 
-	if(!DetectNetworkLegality()) {
-		auto pAccessAuth = dynamic_cast<CAccessAuthEntity*>(GetEntityBase());
-		LOG_ASSERT(pAccessAuth != NULL);
-		pAccessAuth->SetAuthErrMsg("终端上网方式不符合规范要求");
-		PostEventFIFO(new FSMEvent(Event_NetworkIllegal));
-		return;
-	}
+    m_finishAccess = 0;
+    SetEntryPermitSysVar("C");
 
-	//[6/16/2020 9:51 @Gifur]
-	m_finishAccess = 0;
-	TimeOutTask* timeOutTask = new TimeOutTask(this,120 * 1000);// 设定 2 分钟准入超时
-	GetEntityBase()->GetFunction()->PostThreadPoolTask(timeOutTask);
-	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("启动了准入超时定时器2分钟[%d]",m_finishAccess);
-	GetEntityBase()->GetFunction()->ShowStartupInfo("正在进行准入...");
-
-	auto pEntity = (CAccessAuthEntity*)m_pEntity;
-	if (!m_bAccessACS) {
-		auto rc = pEntity->InitKMC();
-		if (rc != Error_Succeed)
-		{
-			doWarnMsg(ERR_ACCESSAUTH_INIT_KMC, GetOutPutStr("%s%08X", "调用KMC接口InitKMC错误", rc).c_str());
-			FSMEvent *pEvent = new FSMEvent(Event_UpdateWKFail);
-			PostEventFIFO(pEvent);
-			return;
-		}
-	}
-
-	SetSysVar("C");
-
-	if (!m_bAccessACS) {
-		ErrorCodeEnum rc;
-		if ((rc = SecureClientConnect()) != Error_Succeed)
-		{
-			// 启动定时器尝试重试
-			doWarnMsg(ERR_ACCESSAUTH_CONNECT_SERVER, GetOutPutStr("%s%08X", "连接分行服务失败，请检查网络连通情况或检查集中配置内容是否正常", rc).c_str(),true);
-			ScheduleTimer(1, 8000);
-			return;
-		}
-	}
-	PostEventFIFO(new FSMEvent(Event_ConnectionOK));
+    CSmartPointer<NetworkCheckTask> networkCheck = new NetworkCheckTask(this);
+    GetEntityBase()->GetFunction()->PostThreadPoolTask(networkCheck.GetRawPointer());
 }
 
 void CAccessAuthFSM::s2_on_exit()
 {
-	// 关闭连接
-	auto pEntity = (CAccessAuthEntity*)m_pEntity;
-	pEntity->ReleaseKMC();
-	SecureClientRelease();
-	CancelTimer(1);
-	GetEntityBase()->GetFunction()->ShowStartupInfo("");
 }
 
 // 会收到Event_UpdateWKResult和Event_ReqTokenResult和EVT_TIMER
 unsigned int CAccessAuthFSM::s2_on_event(FSMEvent* pEvent)
 {
-	DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("s2 pEvent:%d",pEvent->iEvt);
-	if (pEvent->iEvt == EVT_TIMER)
-	{
-		if (pEvent->param1 == 2)		// access timeout
-		{
-			// 重试超时
-			DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("access authorize timeout");
-			PostEventFIFO(new FSMEvent(Event_ReqTokenCancel));
-		}
-		else if (pEvent->param1 == 1 || pEvent->param1 == 3)	 // reconnect
-		{
-			if (!m_bAccessACS)
-			{
-				auto rc = SecureClientConnect();
-				if (rc != Error_Succeed)
-				{
-					// 启动定时器尝试重试
-					doWarnMsg(ERR_ACCESSAUTH_CONNECT_SERVER, GetOutPutStr("%s%08X", "连接分行服务失败，请检查网络连通情况或检查集中配置内容是否正常", rc).c_str(),true);
-					ScheduleTimer(1, 8000);
-					return 1;
-				}
-			}
-			PostEventFIFO(new FSMEvent(Event_ConnectionOK));
-			return 0;
-		}
-	}
-	else if (pEvent->iEvt == Event_ConnectionOK)
-	{
-		DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("判断是否第一次准入！");
-		auto pEntity = ((CAccessAuthEntity*)m_pEntity);
-		int isFirstAccessAfterSM = pEntity->GetOrSetIsFirstSM(0);
-		if (isFirstAccessAfterSM != 1) {
-			DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("非首次准入");
-			PostEventFIFO(new FSMEvent(Event_CheckMD5Succ));
-			return 0;
-		}
-		DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("第一次准入 !!!");
-		CSimpleStringA strInitState;
-		pEntity->GetFunction()->GetSysVar("InitState", strInitState);
-		if (strInitState == "1") {
-			//2020/5/29 删除了各个文件MD5检验的代码	
-			PostEventFIFO(new FSMEvent(Event_CheckMD5Succ));
-		} else {
-			ScheduleTimer(3, 1500);
-		}
-	}
-	else if (pEvent->iEvt == Event_CheckMD5Fail)
-	{
-		DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("Event_CheckMD5Fail");
-		return 0;
-	}
-	else if (pEvent->iEvt == Event_CheckMD5Succ)
-	{
-		DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("Event_CheckMD5Succ");
-		if (!m_bAccessACS)
-		{
-			DWORD rc = m_pConnection->SendSyncTimePackage();
-			if (rc != Error_Succeed)
-			{
-				FSMEvent* pEvent = new FSMEvent(Event_EndSyncTime);
-				PostEventFIFO(pEvent);
-				doWarnMsg(ERR_ACCESSAUTH_SYNC_TIME,
-					GetOutPutStr("%s%08X", "SendSyncTimePackage", rc).c_str(),true);
-			}
-
-			//获取终端锁定状态
-            rc = m_pConnection->SendLockStatePackage();
-            if (rc != Error_Succeed) {
-                doWarnMsg(rc, GetOutPutStr("%s%08X", "SendLockStatePackage", rc).c_str(), true);
-            }
-		}
-		else {
-			CSmartPointer<TimeSynTask> timeSynTask = new TimeSynTask(this);
-			GetEntityBase()->GetFunction()->PostThreadPoolTask(timeSynTask.GetRawPointer());
+    DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("s2_on_event")("s2 receives event id: %d", pEvent->iEvt);
 
-			CSmartPointer<LockStateTask> lockStateTask = new LockStateTask(this);
-			GetEntityBase()->GetFunction()->PostThreadPoolTask(lockStateTask.GetRawPointer());
-		}
-	}
-	else if (pEvent->iEvt == Event_EndSyncTime)
-	{		
-		DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("Event_EndSyncTime");
-		auto pEntity = ((CAccessAuthEntity*)m_pEntity);
-		
-		if (!pEntity->HasPinPad())
-		{
-			// 没有密码键盘，直接准入
-			DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("has no pinpad, ignore update wk");
-			PostEventFIFO(new FSMEvent(CAccessAuthFSM::Event_IgnoreUpdateWK));
-			return 0;
-		}
-		DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("to get last update time.");
-		int nWKLastSyncTime(0);
-		int nWKSyncFailCount(0);
-		
-		CSimpleStringA strWKSyncSuccTime = "";
-		CSimpleStringA strWKSyncFailCount = "";
-		// 检查上次密钥同步时间（一天只同步一次）
-		CSmartPointer<IConfigInfo> pConfigRun;
-		m_pEntity->GetFunction()->OpenConfig(Config_Run, pConfigRun);
-		pConfigRun->ReadConfigValueInt("Main", "WKSyncSuccTime", nWKLastSyncTime);
-		pConfigRun->ReadConfigValueInt("Main", "WKSyncFailCount", nWKSyncFailCount);
-
-		SYSTEMTIME stSyncTime = CSmallDateTime(nWKLastSyncTime).ToSystemTime();
-		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("last WK sync time: %04d-%02d-%02d %02d:%02d:%02d",
-			stSyncTime.wYear, stSyncTime.wMonth, stSyncTime.wDay,
-			stSyncTime.wHour, stSyncTime.wMinute, stSyncTime.wSecond);
-
-		SYSTEMTIME stNow = {};
-		GetLocalTimeRVC(stNow);
-		if (nWKLastSyncTime > 0 && stSyncTime.wYear == stNow.wYear
-			&& stSyncTime.wMonth == stNow.wMonth && stSyncTime.wDay == stNow.wDay
-			&& nWKSyncFailCount == 0)		// 最近一次同步成功，才能跳过
-		
-		{
-			DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("WK has been updated today");
-			FSMEvent *pEvent = new FSMEvent(Event_IgnoreUpdateWK);
-			PostEventFIFO(pEvent);	
-		}		
-		else
-		{	
-			DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("begin update WK now");
-			if (!m_bAccessACS) {
-				// 请求WK
-				DWORD rc = m_pConnection->SendWKUpdatePackage();
-				if (rc != Error_Succeed)
-				{
-					doWarnMsg(ERR_ACCESSAUTH_UPDATE_WK,
-						GetOutPutStr("%s%08X", "SendWKUpdatePackage", rc).c_str());
-					FSMEvent* pEvent = new FSMEvent(Event_UpdateWKFail);
-					PostEventFIFO(pEvent);
-				}
-			}
-			else {
-				if (pEntity->GetPinPadCapability() == 2 || pEntity->GetPinPadCapability() == 3)
-				{
-					CSmartPointer<UpdateWKTask> updateWKTask = new UpdateWKTask(this, pEntity);
-					GetEntityBase()->GetFunction()->PostThreadPoolTask(updateWKTask.GetRawPointer());
-				}
-				else
-				{
-					PostEventFIFO(new FSMEvent(CAccessAuthFSM::Event_IgnoreUpdateWK));
-					return 0;
-				}
-			}
-		}
-#if defined(RVC_OS_LINUX)
-		//if(lastTime != NULL) delete lastTime;
-		//if(currentTime != NULL) delete currentTime;
-#endif
-		return 0;
-	}
-	else if (pEvent->iEvt == Event_UpdateWKSucc)
-	{
-	DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("Event_UpdateWKSucc");
-		// 保存WK同步时间
-#ifdef RVC_OS_WIN
-		DWORD rc = m_pEntity->GetFunction()->SetSysVar("WKSyncSuccTime", (const char*)CSimpleStringA::Format("0x%08X", (DWORD)CSmallDateTime::GetNow()), true);
-#else
-		TIME* tim = get_system_time();
-		DWORD rc = m_pEntity->GetFunction()->SetSysVar("WKSyncSuccTime", time2str(tim).c_str(), true);
-		delete tim;
-#endif
-		assert(rc == Error_Succeed);
-		rc = m_pEntity->GetFunction()->SetSysVar("WKSyncFailCount", "0", true);
-		assert(rc == Error_Succeed);
+    if (pEvent->iEvt == Event_ConnectionOK) {
+        DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("s2_on_event")("开始第%d次准入", m_nAccessFailedCount);
+        pEvent->SetHandled();
 
-		// 请求Token
-		DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("begin get token now");
-		if (!m_bAccessACS)
-		{
-			// 上报状态
-			m_pConnection->SendReportStatePackage("UpdateWK", Error_Succeed, "更新工作密钥成功");
-			rc = SecureClientConnect();
-			if (rc == Error_Succeed)
-				rc = m_pConnection->SendGetTokenPackage();
-			if (rc != Error_Succeed)
-			{
-				FSMEvent* pEvent = new FSMEvent(Event_ReqTokenFail);
-				PostEventFIFO(pEvent);
-			}
-		}
-		else {
-			CSmartPointer<GetTokenTask> getTokenTask = new GetTokenTask(this, (CAccessAuthEntity*) m_pEntity);
-			GetEntityBase()->GetFunction()->PostThreadPoolTask(getTokenTask.GetRawPointer());
-		}
-		return 0;
-	}
-	else if (pEvent->iEvt == Event_IgnoreUpdateWK)
-	{
-		// 忽略同步WK，直接准入
-		DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("ignore update wk, get token now");
-		if (!m_bAccessACS)
-		{
-			DWORD rc = SecureClientConnect();
-			if (rc == Error_Succeed)
-				rc = m_pConnection->SendGetTokenPackage();
+        CSmartPointer<TimeSynTask> timeSynTask = new TimeSynTask(this);
+        GetEntityBase()->GetFunction()->PostThreadPoolTask(timeSynTask.GetRawPointer());
 
-			if (rc != Error_Succeed)
-			{
-				FSMEvent* pEvent = new FSMEvent(Event_ReqTokenFail);
-				PostEventFIFO(pEvent);
-			}
-		}
-		else {
-			CSmartPointer<GetTokenTask> getTokenTask = new GetTokenTask(this, (CAccessAuthEntity*)m_pEntity);
-			GetEntityBase()->GetFunction()->PostThreadPoolTask(getTokenTask.GetRawPointer());
-		}
-	}
-	else if (pEvent->iEvt == Event_UpdateWKFail)
-	{
-		DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("update pinpad WK fail");
+        /*CSmartPointer<LockStateTask> lockStateTask = new LockStateTask(this);
+        GetEntityBase()->GetFunction()->PostThreadPoolTask(lockStateTask.GetRawPointer());*/
 
-		// 上报状态
-		if (!m_bAccessACS) {
-			m_pConnection->SendReportStatePackage("UpdateWK", Error_Unexpect, ((CAccessAuthEntity*)m_pEntity)->GetAuthErrMsg());
-		}
+    }
+    else if (pEvent->iEvt == Event_EndSyncTime) {
+        DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("s2_on_event")("get token now");
+        pEvent->SetHandled();
 
-		// zl@20190624 WKSyncFailCount迁移到系统变量
-		CSimpleStringA strWKSyncFailCount = "";
-		auto rc = m_pEntity->GetFunction()->GetSysVar("WKSyncFailCount", strWKSyncFailCount);
-		assert(rc == Error_Succeed);
+        DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("Event_EndSyncTime");
+        CSmartPointer<GetTokenTask> getTokenTask = new GetTokenTask(this, (CAccessAuthEntity*)m_pEntity);
+        GetEntityBase()->GetFunction()->PostThreadPoolTask(getTokenTask.GetRawPointer());
+        //DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("UpdateWKTask DDDDD");
 
-		int nWKSyncFailCount = atoi(strWKSyncFailCount);
-		nWKSyncFailCount++;
+        return 0;
 
-		rc = m_pEntity->GetFunction()->SetSysVar("WKSyncFailCount", CSimpleStringA::Format("%d", nWKSyncFailCount), true);
-		assert(rc == Error_Succeed);
+    }
+    else if (pEvent->iEvt == Event_ReqTokenCancel) { //这里貌似会触发健康发起重试
 
-		// xkm@20150702 启用新准入方案，密钥同步失败不得准入
-		// xkm@20151116 失败3次以上应直接跳过同步，避免KMC故障时影响可视柜台准入
-		// xkm@20161220 更新密钥失败直接准入
-		
-		PostEventFIFO(new FSMEvent(CAccessAuthFSM::Event_IgnoreUpdateWK));
-	}
-	else if (pEvent->iEvt == Event_ReqTokenFail)
-	{
-		DbgWithLink(LOG_LEVEL_WARN, LOG_TYPE_SYSTEM)("Event_ReqTokenFail");
-		do {
-			MyMutex myMut(&mut);
-			if (m_finishAccess) return 0;
-			m_finishAccess = 1;
-			auto pEntity = (CAccessAuthEntity*)m_pEntity;
-			CSimpleStringA strErrMsg = CSimpleStringA::Format("准入失败(%d)", m_finishAccess);
-			pEntity->GetFunction()->ShowFatalError(strErrMsg);
-		} while (0);
-		// 上报状态
-		if (!m_bAccessACS) {
-			m_pConnection->SendReportStatePackage("AccessAuth", Error_Unexpect, ((CAccessAuthEntity*)m_pEntity)->GetAuthErrMsg());
-		}
-		return 0;
-	}
-	else if (pEvent->iEvt == Event_ReqTokenCancel)
-	{
-		auto pEntity = (CAccessAuthEntity*)m_pEntity;
-		CSimpleStringA strErrMsg = CSimpleStringA::Format("准入超时(%d)", m_finishAccess);
-		pEntity->GetFunction()->ShowFatalError(strErrMsg);
-		// 上报状态
-        if (!m_bAccessACS) {
-            if (m_pConnection != NULL && m_pConnection->IsConnectionOK()) {
-                m_pConnection->SendReportStatePackage("AccessAuth", Error_TimeOut, "准入超时");
-            }
+        auto pEntity = (CAccessAuthEntity*)m_pEntity;
+        if (pEvent->param1 == AccessAuthorization_UserErrorCode_AccessAuth_NULL) {
+            CSimpleStringA strMsg = CSimpleStringA::Format("准入Url为空（集中配置文件：%s）", IsCenterSettingFilesExist() ? "存在" : "不存在");
+            pEntity->SetAuthErrMsg(strMsg);
+        }
+        else if (pEvent->param1 == AccessAuthorization_UserErrorCode_ACS_FAIL) {
+            pEntity->SetAuthErrMsg("访问总行ACS失败 Connect ACS failed.");
+        }
+        else {
+            CSimpleStringA strErrMsg = CSimpleStringA::Format("准入超时(%d)", m_finishAccess);
+            pEntity->GetFunction()->ShowFatalError(strErrMsg);
         }
-		return 0;
-	}
-	else if (pEvent->iEvt == Event_ReqTokenSucc)
-	{
-	DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("Event_ReqTokenSucc"); 
-		do {
-			MyMutex myMut(&mut);
-			if (m_finishAccess) return 0;
-			m_finishAccess = 1;
-		} while (0);
-		if (!m_bAccessACS)
-		{
-			if (m_pConnection != NULL && m_pConnection->IsConnectionOK()) {
-				m_pConnection->SendReportStatePackage("AccessAuth", Error_Succeed, "准入成功");
-			}
-		}
-		return 0;
-	}
-	else if (pEvent->iEvt == Event_NetworkIllegal)
-	{
-		pEvent->SetHandled();
-		//禁止准入，如果关门有效，可以将上面这句显示在关门界面
-		GetEntityBase()->GetFunction()->ShowFatalError("终端上网方式不符合规范要求，请整改后重试！");
-		return 0;
-	}
-	return 0;
-}
-
-void CAccessAuthFSM::s3_on_entry()
-{
-	SetSysVar("F");
-
-	auto pEntity = (CAccessAuthEntity*)m_pEntity;
-	/** 即用AuthErrMsg环境变量，又用 m_strAuthErrMsg 存储 [Gifur@2022325]*/
-	CSimpleStringA strErrMsg = CSimpleStringA::Format("(%s)", (const char*)pEntity->GetAuthErrMsg());
-	if (strErrMsg.IsNullOrEmpty()) {
-		pEntity->GetFunction()->GetSysVar("AuthErrMsg", strErrMsg);
-		if (strErrMsg.IsNullOrEmpty()) {
-			strErrMsg = "Unknown";
-		}
-	}
-	doWarnMsg(EVENT_ACCESSAUTH_FAILED, strErrMsg.GetData(), true);
-	pEntity->GetFunction()->ShowFatalError(strErrMsg);
-	m_nAccessFailedCount = 0;
-}
 
-void CAccessAuthFSM::s3_on_exit()
-{
-}
+        SetEntryPermitSysVar("A");
+        m_nAccessFailedCount++;
+        pEvent->SetHandled();
 
-unsigned int CAccessAuthFSM::s3_on_event(FSMEvent* event)
-{
-	return 0;
-}
+    }
+    else if (pEvent->iEvt == Event_ReqTokenFail) {  //而这里不会触发健康发起重试
 
-void CAccessAuthFSM::s4_on_entry()
-{
-	SetSysVar("A");
-	// 发送准入超时事件
-	/*
-	if (m_nAccessFailedCount >= 2)
-	{
-		LogEvent(Severity_Middle, EVENT_ACCESSAUTH_TIMEOUT,
-			GetOutPutStr("%s%s", "准入", "超时").c_str());
-	}
-	*/
-	doWarnMsg(ERR_ACCESSAUTH_TIMEOUT, GetOutPutStr("%s%s", "准入", "超时").c_str(), true);
-	LogEvent(Severity_Middle, EVENT_ACCESSAUTH_TIMEOUT,
-		GetOutPutStr("%s%s", "准入", "超时").c_str());
+        SetEntryPermitSysVar("F");
+        pEvent->SetHandled();
 
-	// 切换到s1
-	PostEventFIFO(new FSMEvent(Event_StateTimeout));
+        auto pEntity = (CAccessAuthEntity*)m_pEntity;
+        CSimpleStringA strErrMsg = CSimpleStringA::Format("(%s)", (const char*)pEntity->GetAuthErrMsg());
+        // 发送准入失败事件,暂时不发送事件进去关门界面，原因关门界面显示中文乱码
+        doWarnMsg(EVENT_ACCESSAUTH_FAILED, strErrMsg.GetData(), true);
+        pEntity->GetFunction()->ShowFatalError(strErrMsg);
 
-	m_nAccessFailedCount++;
-}
+        m_nAccessFailedCount = 0;
 
-void CAccessAuthFSM::s4_on_exit()
-{
-}
+    }
+    else if (pEvent->iEvt == Event_ReqTokenSucc) {
 
-unsigned int CAccessAuthFSM::s4_on_event(FSMEvent* event)
-{
-	return 0;
-}
+        SetEntryPermitSysVar("L");
+        LogEvent(Severity_Middle, EVENT_ACCESSAUTH_SUCCEED, "终端准入成功");
+        m_pEntity->GetFunction()->ShowStartupInfo("准入成功");
+        m_nAccessFailedCount = 0;
+        pEvent->SetHandled();
+        PostEventFIFO(new FSMEvent(Event_AccessAuthSucc));
 
-void CAccessAuthFSM::s5_on_entry()
-{
-	SetSysVar("L");
-	LogEvent(Severity_Middle, EVENT_ACCESSAUTH_SUCCEED, "终端准入成功");
-	m_pEntity->GetFunction()->ShowStartupInfo("准入成功");
-	m_nAccessFailedCount = 0;
-}
+    }
+    else if (pEvent->iEvt == Event_NetworkIllegal) {
 
-void CAccessAuthFSM::s5_on_exit()
-{		
-}
+        pEvent->SetHandled();
 
-unsigned int CAccessAuthFSM::s5_on_event(FSMEvent* pEvent)
-{
-	if (pEvent->iEvt == Event_StartUnregist)
-	{
-		// 取出参数先保存
-		m_nExitReason = pEvent->param1;
-		m_nExitWay = pEvent->param2;
-	}
-	else if (pEvent->iEvt == Event_ReportStage)
-	{
-		// 上报状态
-		if (SecureClientConnect() == Error_Succeed)
-		{
-			ReportStateEvent *pReportEvent = (ReportStateEvent*)pEvent;
-			m_pConnection->SendTerminalStagePackage(pReportEvent->cNewStage, pReportEvent->dwNewStageTime,
-				pReportEvent->cOldStage, pReportEvent->dwOldStageTime);
-		}
-	}
-
-	return 0;
-}
-
-void CAccessAuthFSM::s6_on_entry()
-{
-	SetSysVar("E");
-
-	if (SecureClientConnect() != Error_Succeed)
-	{
-		// 启动定时器尝试重试
-		DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("connect to AccessAuthorization service fail, start timer(30s) to retry");
-		ScheduleTimer(2, 30000);
-		return;
-	}
-
-	PostEventFIFO(new FSMEvent(Event_ConnectionOK));
-}
-
-void CAccessAuthFSM::s6_on_exit()
-{
-	CancelTimer(2);
-}
+        if (pEvent->param1 == 0) {
+            PostEventFIFO(new FSMEvent(Event_ConnectionOK));
+        }
+        else {
+            PostEventFIFO(new FSMEvent(Event_ReqTokenFail));
+        }
 
-unsigned int CAccessAuthFSM::s6_on_event(FSMEvent* pEvent)
-{
-	if (pEvent->iEvt == EVT_TIMER)
-	{
-		if (!m_bAccessACS) {
-			if (SecureClientConnect() != Error_Succeed)
-			{
-				// 启动定时器尝试重试
-				DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("connect to AccessAuthorization service fail, start timer to retry");
-				ScheduleTimer(2, 30000);
-				return 1;
-			}
-		}
-		PostEventFIFO(new FSMEvent(Event_ConnectionOK));
-	}
-	else if (pEvent->iEvt == Event_ConnectionOK)
-	{
-		// 请求退出
-		if (!m_bAccessACS) {
-			if (m_pConnection != NULL && m_pConnection->IsConnectionOK()) {
-				m_pConnection->SendExitNoticePackage(m_nExitReason, m_nExitWay);
-			}
-		}
-		else {
-			CSmartPointer<TerminalExitTask> terminalExit = new TerminalExitTask(this);
-			GetEntityBase()->GetFunction()->PostThreadPoolTask(terminalExit.GetRawPointer());
-		}
-		// 切换到s1
-		PostEventFIFO(new FSMEvent(Event_StateTimeout));
-	}
+    }
+    else if (pEvent->iEvt == Event_NetworkRecover) {
 
-	return 0;
+        pEvent->SetHandled();
+        if (!IsNetworkChecking()) {
+            CSmartPointer<NetworkCheckTask> networkCheck = new NetworkCheckTask(this);
+            GetEntityBase()->GetFunction()->PostThreadPoolTask(networkCheck.GetRawPointer());
+        }
+        else {
+            DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("NetworkCheckTask is doing now!");
+        }
+    }
+    return 0;
 }
 
-void CAccessAuthFSM::s7_on_entry()
+void CAccessAuthFSM::s3_on_entry()
 {
-	SetSysVar("T");
-
-	// 过渡状态，立刻转入孤立状态
-	PostEventFIFO(new FSMEvent(Event_StateTimeout));
+    LOG_FUNCTION();
+    LogWarn(Severity_Low, Error_Debug, AccessAuthorization_UserErrorCode_Start, "终端准入成功");
 }
 
-void CAccessAuthFSM::s7_on_exit()
+void CAccessAuthFSM::s3_on_exit()
 {
 }
 
-unsigned int CAccessAuthFSM::s7_on_event(FSMEvent* event)
+unsigned int CAccessAuthFSM::s3_on_event(FSMEvent* event)
 {
-	return 0;
+	/*return 0;*/
+    DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("s3_on_event")("s3 receives event id: %d", event->iEvt);
+    return 0;
 }
 
 /** 这样的函数命名也写得出来，表意不明并且跟框架的接口重复，谁知道要设置那个系统变量 [10/16/2021 Gifur] */
@@ -1713,6 +1363,21 @@ ErrorCodeEnum CAccessAuthFSM::SetSysVar(const CSimpleStringA &newVal)
 	return spFunction->SetSysVar("EntryPermit", (const char*)newVal);
 }
 
+void CAccessAuthFSM::UpdateWK()
+{
+    LOG_FUNCTION();
+    auto pEntity = ((CAccessAuthEntity*)m_pEntity);
+    CSimpleStringA strPinPadID = "", strDeviceID = "";
+    bool bHasPinPad = false;
+    pEntity->GetPinPadIDAndDeviceID(strPinPadID, strDeviceID, bHasPinPad);
+    //int capability = pEntity->GetPinPadCapability();
+    //Dbg("GetPinPadCapability:%d", capability);
+    if (bHasPinPad) {
+        CSmartPointer<UpdateWKTask> updateWKTask = new UpdateWKTask(this, pEntity);
+        GetEntityBase()->GetFunction()->PostThreadPoolTask(updateWKTask.GetRawPointer());
+    }
+}
+
 DWORD CAccessAuthFSM::InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx)
 {
 	DWORD rc = 0;
@@ -1889,4 +1554,32 @@ int CAccessAuthFSM::RtsMapToUserCode(const char* pRtsCode, DWORD dwDefaultUserCo
 		return tmpUserCode;
 	else
 		return dwDefaultUserCode;
+}
+
+CSimpleStringA CAccessAuthFSM::GetEntryPermitSysVar()
+{
+    CSimpleStringA strValue(true);
+    CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
+    spFunction->GetSysVar("EntryPermit", strValue);
+    return strValue;
+}
+
+ErrorCodeEnum CAccessAuthFSM::SetEntryPermitSysVar(const CSimpleStringA& newVal)
+{
+    CSmartPointer<IEntityFunction> spFunction = m_pEntity->GetFunction();
+    DbgWithLink(LOG_LEVEL_DEBUG, LOG_TYPE_SYSTEM)("Set EntryPermit with %s", newVal.GetData());
+    return spFunction->SetSysVar("EntryPermit", (const char*)newVal);
+}
+
+
+BOOL CAccessAuthFSM::IsCenterSettingFilesExist()
+{
+    
+    BOOL result(FALSE);
+    CSimpleStringA strPath;
+    GetEntityBase()->GetFunction()->GetPath("CenterSetting", strPath);
+    if (!strPath.IsNullOrEmpty() && ExistsFileA(strPath)) {
+        result = TRUE;
+    }
+    return result;
 }

Module/mod_accessauth/AccessAuthFSM.h

@@ -459,11 +459,170 @@ typedef struct CAccessAuthExitRet : CHTTPRet {
 	}
 } CAccessAuthExitRet;
 
+
+
+typedef struct CInitlizerMKReq : CHTTPReq {
+	struct MKD_NEW1 {
+		string enrolAddr;
+		string enrolGPS;
+		string installVersion;
+		string ip;
+		string machineModel;
+		string machineType;
+		string padDeviceID;
+		string site;
+		string terminalNo;
+	}MKD_NEW1;
+	//"MKD_REQ1": {
+	//	"enrolAddr": "string",
+	//		"enrolGPS" : "string",
+	//		"ip" : "string",
+	//		"machineType" : "string",
+	//		"machineVersion" : "string",
+	//		"padDeviceID" : "string",
+	//		"terminalNo" : "string"
+	//},
+	struct MKD_REQ2 {
+		string branchNo;
+		string kmcData;
+		string subBankNo;
+	}MKD_REQ2;
+	struct MKD_REQ3 {
+		string factory;
+		string modal;
+		string type;
+		string version;
+	}**MKD_REQ3;
+	struct MKD_REQ4 {
+		string fingerPrint;
+		string fingerPrintSM;
+		string pinPadID;
+		string publicKey;
+		string reserverd;
+	}MKD_REQ4;
+	struct MKD_REQ5 {
+		int isFirstSM;
+		int isSM;
+	}MKD_REQ5;
+	struct MKD_SMR2 {
+		string branchNo;
+		string kmcData;
+		string subBankNo;
+	}MKD_SMR2;
+	int iReq3Count;
+	CInitlizerMKReq(int iReq3Count) : iReq3Count(iReq3Count) {
+		MKD_REQ3 = new struct MKD_REQ3* [iReq3Count];
+		for (int i = 0; i < iReq3Count; i++) {
+			MKD_REQ3[i] = new struct MKD_REQ3;
+		}
+	}
+	string ToJson() {
+		RVCJson rvcJson(true);
+		RVCJson* tokenJson[6];
+		for (int i = 0; i < 6; i++) {
+			if (i == 2)
+				tokenJson[i] = new RVCJson(false);
+			else
+				tokenJson[i] = new RVCJson(true);
+		}
+		tokenJson[0]->AddStringToObject(REFLECTION(enrolAddr), (char*)MKD_NEW1.enrolAddr.c_str());
+		tokenJson[0]->AddStringToObject(REFLECTION(enrolGPS), (char*)MKD_NEW1.enrolGPS.c_str());
+		tokenJson[0]->AddStringToObject(REFLECTION(installVersion), (char*)MKD_NEW1.installVersion.c_str());
+		tokenJson[0]->AddStringToObject(REFLECTION(ip), (char*)MKD_NEW1.ip.c_str());
+		tokenJson[0]->AddStringToObject(REFLECTION(machineModel), (char*)MKD_NEW1.machineModel.c_str());
+		tokenJson[0]->AddStringToObject(REFLECTION(machineType), (char*)MKD_NEW1.machineType.c_str());
+		tokenJson[0]->AddStringToObject(REFLECTION(padDeviceID), (char*)MKD_NEW1.padDeviceID.c_str());
+		tokenJson[0]->AddStringToObject(REFLECTION(site), (char*)MKD_NEW1.site.c_str());
+		tokenJson[0]->AddStringToObject(REFLECTION(terminalNo), (char*)MKD_NEW1.terminalNo.c_str());
+		Dbg("MKD_NEW1=%s", tokenJson[0]->GetJsonStr());
+
+		tokenJson[1]->AddStringToObject(REFLECTION(branchNo), (char*)MKD_REQ2.branchNo.c_str());
+		tokenJson[1]->AddStringToObject(REFLECTION(kmcData), (char*)MKD_REQ2.kmcData.c_str());
+		tokenJson[1]->AddStringToObject(REFLECTION(subBankNo), (char*)MKD_REQ2.subBankNo.c_str());
+		Dbg("MKD_REQ2=%s", tokenJson[1]->GetJsonStr());
+
+
+		for (int i = 0; i < iReq3Count; i++) {
+			RVCJson R3Json(true);
+			R3Json.AddStringToObject(REFLECTION(type), (char*)MKD_REQ3[i]->type.c_str());
+			R3Json.AddStringToObject(REFLECTION(modal), (char*)MKD_REQ3[i]->modal.c_str());
+			R3Json.AddStringToObject(REFLECTION(factory), (char*)MKD_REQ3[i]->factory.c_str());
+			R3Json.AddStringToObject(REFLECTION(version), (char*)MKD_REQ3[i]->version.c_str());
+			Dbg("R_=%s", R3Json.GetJsonStr());
+			tokenJson[2]->AddItemToArray(&R3Json);
+
+			R3Json.Destory();
+		}
+		Dbg("MKD_REQ3=%s", tokenJson[2]->GetJsonStr());
+
+		tokenJson[3]->AddStringToObject(REFLECTION(fingerPrint), (char*)MKD_REQ4.fingerPrint.c_str());
+		tokenJson[3]->AddStringToObject(REFLECTION(fingerPrintSM), (char*)MKD_REQ4.fingerPrintSM.c_str());
+		tokenJson[3]->AddStringToObject(REFLECTION(pinPadID), (char*)MKD_REQ4.pinPadID.c_str());
+		tokenJson[3]->AddStringToObject(REFLECTION(publicKey), (char*)MKD_REQ4.publicKey.c_str());
+		tokenJson[3]->AddStringToObject(REFLECTION(reserverd), (char*)MKD_REQ4.reserverd.c_str());
+		Dbg("MKD_REQ4=%s", tokenJson[3]->GetJsonStr());
+
+
+		tokenJson[4]->AddNumberToObject(REFLECTION(isFirstSM), MKD_REQ5.isFirstSM);
+		tokenJson[4]->AddNumberToObject(REFLECTION(isSM), MKD_REQ5.isSM);
+		Dbg("MKD_REQ5=%s", tokenJson[4]->GetJsonStr());
+
+		tokenJson[5]->AddStringToObject(REFLECTION(branchNo), (char*)MKD_SMR2.branchNo.c_str());
+		tokenJson[5]->AddStringToObject(REFLECTION(kmcData), (char*)MKD_SMR2.kmcData.c_str());
+		tokenJson[5]->AddStringToObject(REFLECTION(subBankNo), (char*)MKD_SMR2.subBankNo.c_str());
+		Dbg("MKD_SMR2=%s", tokenJson[5]->GetJsonStr());
+
+		rvcJson.AddItemToObject("MKD_NEW1", tokenJson[0]);
+		rvcJson.AddItemToObject("MKD_REQ2", tokenJson[1]);
+		rvcJson.AddItemToObject("MKD_REQ3", tokenJson[2]);
+		rvcJson.AddItemToObject("MKD_REQ4", tokenJson[3]);
+		rvcJson.AddItemToObject("MKD_REQ5", tokenJson[4]);
+		rvcJson.AddItemToObject("MKD_SMR2", tokenJson[5]);
+
+		char* tmp = rvcJson.GetJsonStr();
+		string ret(tmp);
+		delete tmp;
+		Dbg("req=%s at CAccessAuthGetTokenReq", ret.c_str());
+		for (int i = 0; i < 6; i++) {
+			tokenJson[i]->Destory();
+			delete tokenJson[i];
+		}
+		rvcJson.Destory();
+		return ret;
+	}
+} CInitlizerMKReq;
+
+typedef struct CInitlizerMKRet : CHTTPRet {
+	struct data {
+		string TMK;
+		string TPK;
+		string EDK;
+		string index;
+		string reserved;
+	} data;
+	bool Parse(string strData) {
+		Dbg("ret=%s at CInitlizerMKRet", strData.c_str());
+		if (m_userCode.compare(ACS_SUCCESS)) return true;
+		RVCJson rvcJson;
+		rvcJson.SetJson((char*)strData.c_str());
+		auto retJson = rvcJson.GetJsonValue(REFLECTION(data));
+		data.TMK = retJson->GetStringValue(REFLECTION(tmk));
+		data.TPK = retJson->GetStringValue(REFLECTION(tpk));
+		data.EDK = retJson->GetStringValue(REFLECTION(edk));
+		data.index = retJson->GetStringValue(REFLECTION(index));
+		rvcJson.Destory();
+		retJson->Destory();
+		delete retJson;
+		return true;
+	}
+} CInitlizerMKRet;
+
+
 class MyMutex;
 class CAccessAuthFSM : public FSMImpl<CAccessAuthFSM>, public IFSMStateHooker
 {
 public:	
-	struct ReportStateEvent : public FSMEvent
+	/*struct ReportStateEvent : public FSMEvent
 	{
 		ReportStateEvent(char cNewStage, DWORD dwNewStageTime, char cOldStage, DWORD dwOldStageTime):
 			FSMEvent(Event_ReportStage), cNewStage(cNewStage), dwNewStageTime(dwNewStageTime),
@@ -474,7 +633,7 @@ public:
 		char cOldStage;
 		DWORD dwNewStageTime;
 		DWORD dwOldStageTime;
-	};
+	};*/
 
 	CAccessAuthFSM();
 	virtual ~CAccessAuthFSM();
@@ -483,61 +642,89 @@ public:
 	virtual ErrorCodeEnum OnInit();
 	virtual ErrorCodeEnum OnExit();
 
-	enum{s1, s2, s3, s4, s5, s6, s7};
+	//enum{s1, s2, s3, s4, s5, s6, s7};
+
+	//enum
+	//{
+	//	Event_StartRegist = EVT_USER+1,
+	//	Event_StartReregist,	
+	//	Event_ConnectionOK,
+	//	Event_EndSyncTime,
+	//	Event_UpdateWKSucc,
+	//	Event_IgnoreUpdateWK,
+	//	Event_UpdateWKFail,
+	//	Event_ReqTokenSucc,
+	//	Event_ReqTokenFail,
+	//	Event_ReqTokenCancel,
+	//	Event_StartUnregist,
+	//	Event_LostTrust,
+	//	Event_StateTimeout,		// 临时状态超时
+	//	Event_ReportStage,
+	//	Event_CheckMD5Succ,
+	//	Event_CheckMD5Fail,
+	//	Event_InitFinishOK,
+	//	Event_GetHsotFailed,
+	//	Event_NetworkIllegal,
+	//	Event_SyncTimeFailed  //同步时间失败
+	//};
+
+	//BEGIN_FSM_STATE(CAccessAuthFSM)
+	//	FSM_STATE_ENTRY(s1, "Isolate",s1_on_entry,s1_on_exit,s1_on_event)
+	//	FSM_STATE_ENTRY(s2, "Checking",s2_on_entry,s2_on_exit,s2_on_event) //开始准入
+	//	FSM_STATE_ENTRY(s3, "Failure",s3_on_entry,s3_on_exit,s3_on_event) //准入失败
+	//	FSM_STATE_ENTRY(s4, "Cancel", s4_on_entry, s4_on_exit, s4_on_event) //准入超时
+	//	FSM_STATE_ENTRY(s5, "Login", s5_on_entry, s5_on_exit, s5_on_event) //准入成功
+	//	FSM_STATE_ENTRY(s6, "Leaving", s6_on_entry, s6_on_exit, s6_on_event)
+	//	FSM_STATE_ENTRY(s7, "LostTrust", s7_on_entry, s7_on_exit, s7_on_event)
+	//END_FSM_STATE()
+
+	//BEGIN_FSM_RULE(CAccessAuthFSM,s1)
+	//	FSM_RULE_ENTRY_ANY(s1, s2, Event_StartRegist)
+	//	FSM_RULE_ENTRY_ANY(s1, s3, Event_GetHsotFailed)
+	//	//FSM_RULE_ENTRY_ANY(s2, s3, Event_UpdateWKFail)
+	//	FSM_RULE_ENTRY_ANY(s2, s3, Event_ReqTokenFail)
+	//	FSM_RULE_ENTRY_ANY(s2, s3, Event_CheckMD5Fail)
+	//	FSM_RULE_ENTRY_ANY(s2, s3, Event_NetworkIllegal)
+	//	FSM_RULE_ENTRY_ANY(s2, s4, Event_ReqTokenCancel)
+	//	FSM_RULE_ENTRY_ANY(s2, s5, Event_ReqTokenSucc)
+	//	FSM_RULE_ENTRY_ANY(s2, s3, Event_SyncTimeFailed)
+	//	FSM_RULE_ENTRY_ANY(s3, s2, Event_StartRegist)
+	//	FSM_RULE_ENTRY_ANY(s4, s1, Event_StateTimeout)
+	//	FSM_RULE_ENTRY_ANY(s5, s6, Event_StartUnregist)			
+	//	FSM_RULE_ENTRY_ANY(s5, s2, Event_StartReregist)
+	//	FSM_RULE_ENTRY_ANY(s5, s2, Event_StartRegist)
+	//	FSM_RULE_ENTRY_ANY(s5, s7, Event_LostTrust)
+	//	FSM_RULE_ENTRY_ANY(s6, s1, Event_StateTimeout)
+	//	FSM_RULE_ENTRY_ANY(s7, s1, Event_StateTimeout)		
+	//END_FSM_RULE()
+
+	enum { s1, s2, s3 };
 
 	enum
 	{
-		Event_StartRegist = EVT_USER+1,
-		Event_StartReregist,	
+		Event_StartRegist = EVT_USER + 1,
 		Event_ConnectionOK,
 		Event_EndSyncTime,
-		Event_UpdateWKSucc,
-		Event_IgnoreUpdateWK,
-		Event_UpdateWKFail,
-		Event_ReqTokenSucc,
 		Event_ReqTokenFail,
+		Event_ReqTokenSucc,
 		Event_ReqTokenCancel,
-		Event_StartUnregist,
-		Event_LostTrust,
-		Event_StateTimeout,		// 临时状态超时
-		Event_ReportStage,
-		Event_CheckMD5Succ,
-		Event_CheckMD5Fail,
-		Event_InitFinishOK,
-		Event_GetHsotFailed,
 		Event_NetworkIllegal,
-		Event_SyncTimeFailed  //同步时间失败
+		Event_NetworkRecover,
+		Event_AccessAuthSucc
 	};
 
 	BEGIN_FSM_STATE(CAccessAuthFSM)
-		FSM_STATE_ENTRY(s1, "Isolate",s1_on_entry,s1_on_exit,s1_on_event)
-		FSM_STATE_ENTRY(s2, "Checking",s2_on_entry,s2_on_exit,s2_on_event) //开始准入
-		FSM_STATE_ENTRY(s3, "Failure",s3_on_entry,s3_on_exit,s3_on_event) //准入失败
-		FSM_STATE_ENTRY(s4, "Cancel", s4_on_entry, s4_on_exit, s4_on_event) //准入超时
-		FSM_STATE_ENTRY(s5, "Login", s5_on_entry, s5_on_exit, s5_on_event) //准入成功
-		FSM_STATE_ENTRY(s6, "Leaving", s6_on_entry, s6_on_exit, s6_on_event)
-		FSM_STATE_ENTRY(s7, "LostTrust", s7_on_entry, s7_on_exit, s7_on_event)
-	END_FSM_STATE()
-
-	BEGIN_FSM_RULE(CAccessAuthFSM,s1)
+		FSM_STATE_ENTRY(s1, "Isolate", s1_on_entry, s1_on_exit, s1_on_event)
+		FSM_STATE_ENTRY(s2, "Checking", s2_on_entry, s2_on_exit, s2_on_event)
+		FSM_STATE_ENTRY(s3, "Authorized", s3_on_entry, s3_on_exit, s3_on_event)
+		END_FSM_STATE()
+
+		BEGIN_FSM_RULE(CAccessAuthFSM, s1)
 		FSM_RULE_ENTRY_ANY(s1, s2, Event_StartRegist)
-		FSM_RULE_ENTRY_ANY(s1, s3, Event_GetHsotFailed)
-		//FSM_RULE_ENTRY_ANY(s2, s3, Event_UpdateWKFail)
-		FSM_RULE_ENTRY_ANY(s2, s3, Event_ReqTokenFail)
-		FSM_RULE_ENTRY_ANY(s2, s3, Event_CheckMD5Fail)
-		FSM_RULE_ENTRY_ANY(s2, s3, Event_NetworkIllegal)
-		FSM_RULE_ENTRY_ANY(s2, s4, Event_ReqTokenCancel)
-		FSM_RULE_ENTRY_ANY(s2, s5, Event_ReqTokenSucc)
-		FSM_RULE_ENTRY_ANY(s2, s3, Event_SyncTimeFailed)
-		FSM_RULE_ENTRY_ANY(s3, s2, Event_StartRegist)
-		FSM_RULE_ENTRY_ANY(s4, s1, Event_StateTimeout)
-		FSM_RULE_ENTRY_ANY(s5, s6, Event_StartUnregist)			
-		FSM_RULE_ENTRY_ANY(s5, s2, Event_StartReregist)
-		FSM_RULE_ENTRY_ANY(s5, s2, Event_StartRegist)
-		FSM_RULE_ENTRY_ANY(s5, s7, Event_LostTrust)
-		FSM_RULE_ENTRY_ANY(s6, s1, Event_StateTimeout)
-		FSM_RULE_ENTRY_ANY(s7, s1, Event_StateTimeout)		
-	END_FSM_RULE()
+		FSM_RULE_ENTRY_ANY(s1, s3, Event_AccessAuthSucc)
+		FSM_RULE_ENTRY_ANY(s2, s1, Event_ReqTokenCancel)
+		FSM_RULE_ENTRY_ANY(s2, s3, Event_AccessAuthSucc)
+		END_FSM_RULE()
 
 	void s1_on_entry();
 	void s1_on_exit();
@@ -551,7 +738,7 @@ public:
 	void s3_on_exit();
 	unsigned int s3_on_event(FSMEvent* event);
 
-	void s4_on_entry();
+	/*void s4_on_entry();
 	void s4_on_exit();
 	unsigned int s4_on_event(FSMEvent* event);
 
@@ -565,9 +752,10 @@ public:
 
 	void s7_on_entry();
 	void s7_on_exit();
-	unsigned int s7_on_event(FSMEvent* event);
+	unsigned int s7_on_event(FSMEvent* event);*/
 
 public:
+	void UpdateWK();
 	DWORD InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx);
 	DWORD SyncTime();
 	int m_finishAccess;
@@ -584,6 +772,20 @@ public:
 	//no need to throw event defaultly except the KEY error to call for Close Page
 	void doWarnMsg(int errReason, std::string errMsg, bool bNeedEvent = false,string varMsg = "");
 	int RtsMapToUserCode(const char* pRtsCode,DWORD dwDefaultUserCode = ERR_ACCESSAUTH_UNKOWN);
+
+
+	CSimpleStringA GetEntryPermitSysVar();
+	ErrorCodeEnum SetEntryPermitSysVar(const CSimpleStringA& newVal);
+
+	void SetNetworkCheckingState(bool busing = true)
+	{
+		m_fNetworkChecking = busing;
+	}
+
+	/*True: Legal; False: illegal*/
+	BOOL DetectNetworkLegality();
+	BOOL IsCenterSettingFilesExist();
+
 private:
 	
 	ErrorCodeEnum SetSysVar(const CSimpleStringA &newVal);
@@ -591,10 +793,8 @@ private:
 	ErrorCodeEnum SecureClientRelease();
 
 	ErrorCodeEnum LoadCenterConfig();
-	
 
-	/*True: Legal; False: illegal*/
-	BOOL DetectNetworkLegality();
+	bool IsNetworkChecking() const { return m_fNetworkChecking; }
 
 	int m_nExitReason;
 	int m_nExitWay;
@@ -610,6 +810,8 @@ private:
 	int m_nCheckMD5;
 	//oilyang@20210813 实际上上次关门页改造应该把这个去掉，已经有了(不）重试(不）重启的模式组合
 	int m_nAccessFailedCount;
+
+	bool m_fNetworkChecking;
 };
 class MyMutex {
 public:

Module/mod_accessauth/AccessAuthorization.xml

@@ -7,14 +7,6 @@
         <param name="nReason" type="int"/>
         <param name="nWay" type="int"/>
     </oneway>
-    <oneway name="Reregist" overlap="true">
-    </oneway>
-    <oneway name="PushTerminalStage" overlap="true">
-        <param name="cNewStage" type="char"/>
-        <param name="dwNewStageTime" type="uint"/>
-        <param name="cOldStage" type="char"/>
-        <param name="dwOldStageTime" type="uint"/>
-    </oneway>
     <twoway name="InitDev" overlap="true">
       <req>
         <param name="EncR1" type="string"/>
@@ -29,6 +21,19 @@
         <param name="EncR2" type="string"/>
       </res>
     </twoway>
+    <oneway name="UpdateWK" overlap="true">
+    </oneway>
+    <twoway name="InitializeNew" overlap="true">
+      <req>
+        <param name="strAuthServer" type="string"/>
+        <param name="strUserID" type="string"/>
+        <param name="strPassword" type="string"/>
+      </req>
+      <res>
+        <param name="Errcode" type="double"/>
+        <param name="ErrMsg" type="string"/>
+      </res>
+    </twoway>
     <oneway name="SyncTime" overlap="true">
     </oneway>
   </class>

Module/mod_accessauth/AccessAuthorization_client_g.h

@@ -74,33 +74,55 @@ public:
 		return ret;
 	}
 
-	ErrorCodeEnum Reregist()
+	ErrorCodeEnum InitDev(AccessAuthService_InitDev_Req &Req, CSmartPointer<IAsynWaitSp> &spAsyncWait, DWORD dwTimeout)
 	{
 		CSmartPointer<IClientSessionFunction> pFunc = GetFunction();
-		return pFunc->OnewayCall(AccessAuthService_Method_Reregist, AccessAuthService_MethodSignature_Reregist, m_context);
+		CAutoBuffer Buf = SpObject2Buffer(Req);
+		auto ret = pFunc->AsyncRequest(AccessAuthService_Method_InitDev, AccessAuthService_MethodSignature_InitDev, Buf, spAsyncWait, m_context, dwTimeout);
+		m_context.clear();
+		return ret;
+	}
+	ErrorCodeEnum InitDev(AccessAuthService_InitDev_Req &Req, AccessAuthService_InitDev_Ans &Ans, DWORD dwTimeout)
+	{
+		CSmartPointer<IAsynWaitSp> spAsyncWait;
+		ErrorCodeEnum Error = InitDev(Req, spAsyncWait, dwTimeout);
+		if (Error == Error_Succeed) {
+			bool bEnd = false;
+			Error = SpWaitAnswerObject(spAsyncWait, Ans, bEnd, dwTimeout);
+			LOG_ASSERT(Error || bEnd);
+		}
+		return Error;
+	}
+	ErrorCodeEnum InitDev(AccessAuthService_InitDev_Req &Req, AccessAuthService_InitDev_Ans &Ans, DWORD dwTimeout, DWORD &dwUserError)
+	{
+		CSmartPointer<IAsynWaitSp> spAsyncWait;
+		ErrorCodeEnum Error = InitDev(Req, spAsyncWait, dwTimeout);
+		if (Error == Error_Succeed) {
+			bool bEnd = false;
+			Error = SpWaitAnswerObject(spAsyncWait, Ans, bEnd, dwUserError, dwTimeout);
+			LOG_ASSERT(Error || bEnd);
+		}
+		return Error;
 	}
 
-	ErrorCodeEnum PushTerminalStage(AccessAuthService_PushTerminalStage_Info &Info)
+	ErrorCodeEnum UpdateWK()
 	{
 		CSmartPointer<IClientSessionFunction> pFunc = GetFunction();
-		CAutoBuffer Buf = SpObject2Buffer(Info);
-		auto ret = pFunc->OnewayCall(AccessAuthService_Method_PushTerminalStage, AccessAuthService_MethodSignature_PushTerminalStage, Buf, m_context);
-		m_context.clear();
-		return ret;
+		return pFunc->OnewayCall(AccessAuthService_Method_UpdateWK, AccessAuthService_MethodSignature_UpdateWK, m_context);
 	}
 
-	ErrorCodeEnum InitDev(AccessAuthService_InitDev_Req &Req, CSmartPointer<IAsynWaitSp> &spAsyncWait, DWORD dwTimeout)
+	ErrorCodeEnum InitializeNew(AccessAuthService_InitializeNew_Req &Req, CSmartPointer<IAsynWaitSp> &spAsyncWait, DWORD dwTimeout)
 	{
 		CSmartPointer<IClientSessionFunction> pFunc = GetFunction();
 		CAutoBuffer Buf = SpObject2Buffer(Req);
-		auto ret = pFunc->AsyncRequest(AccessAuthService_Method_InitDev, AccessAuthService_MethodSignature_InitDev, Buf, spAsyncWait, m_context, dwTimeout);
+		auto ret = pFunc->AsyncRequest(AccessAuthService_Method_InitializeNew, AccessAuthService_MethodSignature_InitializeNew, Buf, spAsyncWait, m_context, dwTimeout);
 		m_context.clear();
 		return ret;
 	}
-	ErrorCodeEnum InitDev(AccessAuthService_InitDev_Req &Req, AccessAuthService_InitDev_Ans &Ans, DWORD dwTimeout)
+	ErrorCodeEnum InitializeNew(AccessAuthService_InitializeNew_Req &Req, AccessAuthService_InitializeNew_Ans &Ans, DWORD dwTimeout)
 	{
 		CSmartPointer<IAsynWaitSp> spAsyncWait;
-		ErrorCodeEnum Error = InitDev(Req, spAsyncWait, dwTimeout);
+		ErrorCodeEnum Error = InitializeNew(Req, spAsyncWait, dwTimeout);
 		if (Error == Error_Succeed) {
 			bool bEnd = false;
 			Error = SpWaitAnswerObject(spAsyncWait, Ans, bEnd, dwTimeout);
@@ -108,10 +130,10 @@ public:
 		}
 		return Error;
 	}
-	ErrorCodeEnum InitDev(AccessAuthService_InitDev_Req &Req, AccessAuthService_InitDev_Ans &Ans, DWORD dwTimeout, DWORD &dwUserError)
+	ErrorCodeEnum InitializeNew(AccessAuthService_InitializeNew_Req &Req, AccessAuthService_InitializeNew_Ans &Ans, DWORD dwTimeout, DWORD &dwUserError)
 	{
 		CSmartPointer<IAsynWaitSp> spAsyncWait;
-		ErrorCodeEnum Error = InitDev(Req, spAsyncWait, dwTimeout);
+		ErrorCodeEnum Error = InitializeNew(Req, spAsyncWait, dwTimeout);
 		if (Error == Error_Succeed) {
 			bool bEnd = false;
 			Error = SpWaitAnswerObject(spAsyncWait, Ans, bEnd, dwUserError, dwTimeout);

Module/mod_accessauth/AccessAuthorization_def_g.h

@@ -14,17 +14,17 @@ namespace AccessAuthorization {
 
 #define AccessAuthService_Method_Regist 0
 #define AccessAuthService_Method_Unregist 1
-#define AccessAuthService_Method_Reregist 2
-#define AccessAuthService_Method_PushTerminalStage 3
-#define AccessAuthService_Method_InitDev 4
+#define AccessAuthService_Method_InitDev 2
+#define AccessAuthService_Method_UpdateWK 3
+#define AccessAuthService_Method_InitializeNew 4
 #define AccessAuthService_Method_SyncTime 5
 
 #define AccessAuthService_MethodSignature_Regist -1850909100
 #define AccessAuthService_MethodSignature_Unregist 667273038
-#define AccessAuthService_MethodSignature_Reregist 244018505
-#define AccessAuthService_MethodSignature_PushTerminalStage 140018436
 #define AccessAuthService_MethodSignature_InitDev 261099284
-#define AccessAuthService_MethodSignature_SyncTime -1916221832
+#define AccessAuthService_MethodSignature_UpdateWK 949758137
+#define AccessAuthService_MethodSignature_InitializeNew 1851143282
+#define AccessAuthService_MethodSignature_SyncTime 1195907872
 
 struct AccessAuthService_Regist_Info
 {
@@ -47,53 +47,64 @@ struct AccessAuthService_Unregist_Info
 
 };
 
-struct AccessAuthService_Reregist_Info
+struct AccessAuthService_InitDev_Req
 {
+	CSimpleStringA EncR1;
+	CSimpleStringA EncR3;
+	CSimpleStringA R2;
+	CSimpleStringA EncDevPubKey;
+	CSimpleStringA Vendor;
 
 	void Serialize(SpBuffer &Buf)
 	{
+		auto & buf = Buf & EncR1 & EncR3 & R2 & EncDevPubKey & Vendor;
 	}
 
 };
 
-struct AccessAuthService_PushTerminalStage_Info
+struct AccessAuthService_InitDev_Ans
 {
-	char cNewStage;
-	unsigned int dwNewStageTime;
-	char cOldStage;
-	unsigned int dwOldStageTime;
+	CSimpleStringA R1;
+	CSimpleStringA R3;
+	CSimpleStringA EncR2;
 
 	void Serialize(SpBuffer &Buf)
 	{
-		auto & buf = Buf & cNewStage & dwNewStageTime & cOldStage & dwOldStageTime;
+		auto & buf = Buf & R1 & R3 & EncR2;
 	}
 
 };
 
-struct AccessAuthService_InitDev_Req
+struct AccessAuthService_UpdateWK_Info
 {
-	CSimpleStringA EncR1;
-	CSimpleStringA EncR3;
-	CSimpleStringA R2;
-	CSimpleStringA EncDevPubKey;
-	CSimpleStringA Vendor;
 
 	void Serialize(SpBuffer &Buf)
 	{
-		auto & buf = Buf & EncR1 & EncR3 & R2 & EncDevPubKey & Vendor;
 	}
 
 };
 
-struct AccessAuthService_InitDev_Ans
+struct AccessAuthService_InitializeNew_Req
 {
-	CSimpleStringA R1;
-	CSimpleStringA R3;
-	CSimpleStringA EncR2;
+	CSimpleStringA strAuthServer;
+	CSimpleStringA strUserID;
+	CSimpleStringA strPassword;
 
 	void Serialize(SpBuffer &Buf)
 	{
-		auto & buf = Buf & R1 & R3 & EncR2;
+		auto & buf = Buf & strAuthServer & strUserID & strPassword;
+	}
+
+};
+
+struct AccessAuthService_InitializeNew_Ans
+{
+	double Errcode;
+	CSimpleStringA ErrMsg;
+
+	void Serialize(SpBuffer &Buf)
+	{
+		auto & buf = Buf & Errcode & ErrMsg;
 	}
 
 };

Module/mod_accessauth/AccessAuthorization_server_g.h

@@ -44,22 +44,22 @@ public:
 				Error = Error_MethodSignatureFailed;
 			}
 			break;
-		case AccessAuthService_Method_Reregist:
-			if (dwSignature == AccessAuthService_MethodSignature_Reregist) {
+		case AccessAuthService_Method_InitDev:
+			if (dwSignature == AccessAuthService_MethodSignature_InitDev) {
 				bOverlap = true;
 			} else {
 				Error = Error_MethodSignatureFailed;
 			}
 			break;
-		case AccessAuthService_Method_PushTerminalStage:
-			if (dwSignature == AccessAuthService_MethodSignature_PushTerminalStage) {
+		case AccessAuthService_Method_UpdateWK:
+			if (dwSignature == AccessAuthService_MethodSignature_UpdateWK) {
 				bOverlap = true;
 			} else {
 				Error = Error_MethodSignatureFailed;
 			}
 			break;
-		case AccessAuthService_Method_InitDev:
-			if (dwSignature == AccessAuthService_MethodSignature_InitDev) {
+		case AccessAuthService_Method_InitializeNew:
+			if (dwSignature == AccessAuthService_MethodSignature_InitializeNew) {
 				bOverlap = true;
 			} else {
 				Error = Error_MethodSignatureFailed;
@@ -93,18 +93,18 @@ public:
 				Error = Error_MethodSignatureFailed;
 			}
 			break;
-		case AccessAuthService_Method_Reregist:
-			if (dwSignature != AccessAuthService_MethodSignature_Reregist) {
+		case AccessAuthService_Method_InitDev:
+			if (dwSignature != AccessAuthService_MethodSignature_InitDev) {
 				Error = Error_MethodSignatureFailed;
 			}
 			break;
-		case AccessAuthService_Method_PushTerminalStage:
-			if (dwSignature != AccessAuthService_MethodSignature_PushTerminalStage) {
+		case AccessAuthService_Method_UpdateWK:
+			if (dwSignature != AccessAuthService_MethodSignature_UpdateWK) {
 				Error = Error_MethodSignatureFailed;
 			}
 			break;
-		case AccessAuthService_Method_InitDev:
-			if (dwSignature != AccessAuthService_MethodSignature_InitDev) {
+		case AccessAuthService_Method_InitializeNew:
+			if (dwSignature != AccessAuthService_MethodSignature_InitializeNew) {
 				Error = Error_MethodSignatureFailed;
 			}
 			break;
@@ -130,17 +130,17 @@ public:
 	/// override by user
 	}
 
-	virtual void Handle_Reregist(SpOnewayCallContext<AccessAuthService_Reregist_Info>::Pointer ctx)
+	virtual void Handle_InitDev(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer ctx)
 	{
 	/// override by user
 	}
 
-	virtual void Handle_PushTerminalStage(SpOnewayCallContext<AccessAuthService_PushTerminalStage_Info>::Pointer ctx)
+	virtual void Handle_UpdateWK(SpOnewayCallContext<AccessAuthService_UpdateWK_Info>::Pointer ctx)
 	{
 	/// override by user
 	}
 
-	virtual void Handle_InitDev(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer ctx)
+	virtual void Handle_InitializeNew(SpReqAnsContext<AccessAuthService_InitializeNew_Req, AccessAuthService_InitializeNew_Ans>::Pointer ctx)
 	{
 	/// override by user
 	}
@@ -184,31 +184,31 @@ public:
 						Handle_Unregist(ctx);
 					}
 					break;
-				case AccessAuthService_Method_Reregist:
+				case AccessAuthService_Method_InitDev:
 					{
-						SpOnewayCallContext<AccessAuthService_Reregist_Info>::Pointer ctx;
-						ctx.Attach(new SpOnewayCallContext<AccessAuthService_Reregist_Info>());
-						SpBuffer2Object(Buf, ctx->Info);
+						SpReqAnsContext<AccessAuthService_InitDev_Req,AccessAuthService_InitDev_Ans>::Pointer ctx;
+						ctx.Attach(new SpReqAnsContext<AccessAuthService_InitDev_Req,AccessAuthService_InitDev_Ans>(pTransactionContext));
+						SpBuffer2Object(Buf, ctx->Req);
 						pTransactionContext->GetLinkContext(ctx->link);
-						Handle_Reregist(ctx);
+						Handle_InitDev(ctx);
 					}
 					break;
-				case AccessAuthService_Method_PushTerminalStage:
+				case AccessAuthService_Method_UpdateWK:
 					{
-						SpOnewayCallContext<AccessAuthService_PushTerminalStage_Info>::Pointer ctx;
-						ctx.Attach(new SpOnewayCallContext<AccessAuthService_PushTerminalStage_Info>());
+						SpOnewayCallContext<AccessAuthService_UpdateWK_Info>::Pointer ctx;
+						ctx.Attach(new SpOnewayCallContext<AccessAuthService_UpdateWK_Info>());
 						SpBuffer2Object(Buf, ctx->Info);
 						pTransactionContext->GetLinkContext(ctx->link);
-						Handle_PushTerminalStage(ctx);
+						Handle_UpdateWK(ctx);
 					}
 					break;
-				case AccessAuthService_Method_InitDev:
+				case AccessAuthService_Method_InitializeNew:
 					{
-						SpReqAnsContext<AccessAuthService_InitDev_Req,AccessAuthService_InitDev_Ans>::Pointer ctx;
-						ctx.Attach(new SpReqAnsContext<AccessAuthService_InitDev_Req,AccessAuthService_InitDev_Ans>(pTransactionContext));
+						SpReqAnsContext<AccessAuthService_InitializeNew_Req,AccessAuthService_InitializeNew_Ans>::Pointer ctx;
+						ctx.Attach(new SpReqAnsContext<AccessAuthService_InitializeNew_Req,AccessAuthService_InitializeNew_Ans>(pTransactionContext));
 						SpBuffer2Object(Buf, ctx->Req);
 						pTransactionContext->GetLinkContext(ctx->link);
-						Handle_InitDev(ctx);
+						Handle_InitializeNew(ctx);
 					}
 					break;
 				case AccessAuthService_Method_SyncTime:

Module/mod_accessauth/Event.h

@@ -1,9 +1,23 @@
 enum AccessAuthorization_UserErrorCode {
 	AccessAuthorization_UserErrorCode_Start = 0x50200200,
-	AccessAuthorization_UserErrorCode_GateUrl_NULL,			//灰度配置为空
-	AccessAuthorization_UserErrorCode_AccessAuth_NULL,		//准入配置为空
-	AccessAuthorization_UserErrorCode_InitDev_NULL,			//加密通道配置为空
-	AccessAuthorization_UserErrorCode_ACS_TURE,				//灰度告知准入走总行ACS
-	AccessAuthorization_UserErrorCode_ACS_FALSE,			//访问灰度失败or灰度告知不走ACS
-	AccessAuthorization_UserErrorCode_AuthPath_Change,		//总/分行切换
+	AccessAuthorization_UserErrorCode_GateUrl_NULL = 0x50200201,			//灰度配置为空
+	AccessAuthorization_UserErrorCode_AccessAuth_NULL = 0x50200202,		//准入配置为空
+	AccessAuthorization_UserErrorCode_InitDev_NULL = 0x50200203,			//加密通道配置为空
+	AccessAuthorization_UserErrorCode_ACS_TURE = 0x50200204,				//灰度告知准入走总行ACS
+	AccessAuthorization_UserErrorCode_ACS_FALSE = 0x50200205,			//灰度告知不走ACS
+	AccessAuthorization_UserErrorCode_AuthPath_Change = 0x50200206,		//总/分行切换
+	AccessAuthorization_UserErrorCode_GRAY_FAIL_CSCfg_TRUE = 0x50200207,	//灰度访问失败，集中配置走总行
+	AccessAuthorization_UserErrorCode_GRAY_FAIL_CSCfg_FALSE = 0x50200208,//灰度访问失败，集中配置走分行
+	AccessAuthorization_UserErrorCode_IPS_WHILE_GRAY = 0x50200209,		//灰度访问的本地ip
+	AccessAuthorization_UserErrorCode_Detect_Blocked = 0x5020020A,		//网络探测不通
+	AccessAuthorization_UserErrorCode_Detect_DelayTime = 0x5020020B,		//网络探测时延
+	AccessAuthorization_UserErrorCode_ACS_FAIL = 0x5020020C,				//访问总行ACS失败
+	AccessAuthorization_UserErrorCode_CMBCHINAURL_TEST_SUCC = 0x5020020D,
+	AccessAuthorization_UserErrorCode_CMBCHINAURL_TEST_FAIL = 0x5020020E,
+	AccessAuthorization_UserErrorCode_ERRORTIPS_UPDATE = 0x5020020F,
+	AccessAuthorization_UserErrorCode_MULTI_NETADAPTERS = 0x50200210,
+	AccessAuthorization_UserErrorCode_GetTermCostTooLong = 0x50200211,	//获取系统信息（cpu、主板、硬盘）超5秒
+	AccessAuthorization_UserErrorCode_Init_From_ClosePage = 0x50200212,
+	AccessAuthorization_UserErrorCode_Sync_Time_Succ = 0x50200213,
+	AccessAuthorization_UserErrorCode_Sync_Time_Failed = 0x50200214
 };

Module/mod_accessauth/mod_AccessAuth.cpp

@@ -19,11 +19,240 @@ using namespace PinPad;
 #include <Strsafe.h>
 #endif
 
+#ifdef WITH_CPPRESTSDK
+#include "CommEntityRestful.hpp"
+#else
+#define SAFE_DELETE_HTTPCLIENT(obj)	\
+	do{if(obj != NULL) { obj->Destory(); obj = NULL; }}while(false)
+#endif
+
 #define KEY_SIZE 16
 #define BUF_SIZE 256
 /** TODO(gifur): expand the time to 10s*/
 #define DEFUALT_INVOKE_PINPAD_TIMEOUT 3000
 
+
+struct InitializerInitMKTask : ITaskSp {
+	CAccessAuthFSM* m_fsm;
+	CAccessAuthEntity* m_entity;
+	InitializerInitMKTask(CAccessAuthFSM* fsm, CAccessAuthEntity* entity) :m_fsm(fsm), m_entity(entity) {}
+
+	void Process()
+	{
+		CSystemStaticInfo si;
+		m_fsm->GetEntityBase()->GetFunction()->GetSystemStaticInfo(si);
+		CInitlizerMKReq initMKReq(1);//oiltest dev module count
+		m_entity->SendInitMKReqACS(initMKReq);
+
+#ifdef WITH_CPPRESTSDK
+
+		struct MKD_NEW1JSON
+		{
+			string enrolAddr;
+			string enrolGPS;
+			string installVersion;
+			string ip;
+			string machineModel;
+			string machineType;
+			string padDeviceID;
+			string site;
+			string terminalNo;
+
+			JSONCONVERT2OBJECT_MEMEBER_REGISTER(enrolAddr, enrolGPS, installVersion, ip, machineModel, machineType, padDeviceID, site, terminalNo)
+
+		};
+
+		struct MKD_REQ2JSON
+		{
+			string branchNo;
+			string kmcData;
+			string subBankNo;
+
+			JSONCONVERT2OBJECT_MEMEBER_REGISTER(branchNo, kmcData, subBankNo)
+
+		};
+
+		struct MKD_REQ3JSON
+		{
+			string factory;
+			string modal;
+			string type;
+			string version;
+
+			JSONCONVERT2OBJECT_MEMEBER_REGISTER(factory, modal, type, version)
+
+		};
+
+		struct MKD_REQ4JSON
+		{
+			string fingerPrint;
+			string fingerPrintSM;
+			string pinPadID;
+			string publicKey;
+			string reserverd;
+
+			JSONCONVERT2OBJECT_MEMEBER_REGISTER(fingerPrint, fingerPrintSM, pinPadID, publicKey, reserverd)
+
+		};
+
+		struct MKD_REQ5JSON
+		{
+			int isFirstSM;
+			int isSM;
+
+			JSONCONVERT2OBJECT_MEMEBER_REGISTER(isFirstSM, isSM)
+		};
+
+		struct MKD_SMR2JSON
+		{
+			string branchNo;
+			string kmcData;
+			string subBankNo;
+
+			JSONCONVERT2OBJECT_MEMEBER_REGISTER(branchNo, kmcData, subBankNo)
+
+		};
+
+		struct InstanceReqJson
+		{
+			MKD_NEW1JSON MKD_NEW1;
+			MKD_REQ2JSON MKD_REQ2;
+			std::vector<MKD_REQ3JSON> MKD_REQ3;
+			MKD_REQ4JSON MKD_REQ4;
+			MKD_REQ5JSON MKD_REQ5;
+			MKD_SMR2JSON MKD_SMR2;
+
+			JSONCONVERT2OBJECT_MEMEBER_REGISTER(MKD_NEW1, MKD_REQ2, MKD_REQ3, MKD_REQ4, MKD_REQ5, MKD_SMR2)
+
+		} instanceReq;
+
+		instanceReq.MKD_NEW1.enrolAddr = initMKReq.MKD_NEW1.enrolAddr;
+		instanceReq.MKD_NEW1.enrolGPS = initMKReq.MKD_NEW1.enrolGPS;
+		instanceReq.MKD_NEW1.installVersion = initMKReq.MKD_NEW1.installVersion;
+		instanceReq.MKD_NEW1.ip = initMKReq.MKD_NEW1.ip;
+		instanceReq.MKD_NEW1.machineModel = initMKReq.MKD_NEW1.machineModel;
+		instanceReq.MKD_NEW1.machineType = initMKReq.MKD_NEW1.machineType;
+		instanceReq.MKD_NEW1.padDeviceID = initMKReq.MKD_NEW1.padDeviceID;
+		instanceReq.MKD_NEW1.site = initMKReq.MKD_NEW1.site;
+		instanceReq.MKD_NEW1.terminalNo = initMKReq.MKD_NEW1.terminalNo;
+
+		instanceReq.MKD_REQ2.branchNo = initMKReq.MKD_REQ2.branchNo;
+		instanceReq.MKD_REQ2.kmcData = initMKReq.MKD_REQ2.kmcData;
+		instanceReq.MKD_REQ2.subBankNo = initMKReq.MKD_REQ2.subBankNo;
+
+		for (int i = 0; i < initMKReq.iReq3Count; ++i) {
+			MKD_REQ3JSON item;
+			item.type = initMKReq.MKD_REQ3[i]->type;
+			item.modal = initMKReq.MKD_REQ3[i]->modal;
+			item.factory = initMKReq.MKD_REQ3[i]->factory;
+			item.version = initMKReq.MKD_REQ3[i]->version;
+
+			instanceReq.MKD_REQ3.push_back(item);
+		}
+
+		instanceReq.MKD_REQ4.fingerPrint = initMKReq.MKD_REQ4.fingerPrint;
+		instanceReq.MKD_REQ4.fingerPrintSM = initMKReq.MKD_REQ4.fingerPrintSM;
+		instanceReq.MKD_REQ4.pinPadID = initMKReq.MKD_REQ4.pinPadID;
+		instanceReq.MKD_REQ4.publicKey = initMKReq.MKD_REQ4.publicKey;
+		instanceReq.MKD_REQ4.reserverd = initMKReq.MKD_REQ4.reserverd;
+
+		instanceReq.MKD_REQ5.isFirstSM = initMKReq.MKD_REQ5.isFirstSM;
+		instanceReq.MKD_REQ5.isSM = initMKReq.MKD_REQ5.isSM;
+
+		instanceReq.MKD_SMR2.branchNo = initMKReq.MKD_SMR2.branchNo;
+		instanceReq.MKD_SMR2.subBankNo = initMKReq.MKD_SMR2.subBankNo;
+		instanceReq.MKD_SMR2.kmcData = initMKReq.MKD_SMR2.kmcData;
+
+		struct InstanceAnsJson
+		{
+			string TMK;
+			string TPK;
+			string EDK;
+			string index;
+			string reserved;
+			JSONCONVERT2OBJECT_MEMEBER_REGISTER(TMK, TPK, EDK, index)
+				JSONCONVERT2OBJECT_MEMEBER_RENAME_REGISTER("tmk", "tpk", "edk", "index")
+
+
+		} instanceAns;
+
+		HttpClientResponseResult result;
+		HttpClientRequestConfig config(HttpRequestMethod::POST, m_entity->GetInitUrl().GetData());
+		config.SetChildUri("/api/initmk");
+		SP::Module::Restful::FulfillRequestJsonBody(&config, instanceReq);
+
+		RestfulClient client = RestfulClient::getInstance();
+		config.PreDo();
+		client.Do(&config, &result);
+		if (result.ResponseOK()) {
+
+			Dbg("InitializerInitMKTask Connect Success.");
+			SP::Module::Restful::CommResponseJson responseStatus;
+			SP::Module::Restful::GetStatusFromDebranchResponse(result.content, responseStatus);
+			if (!responseStatus.IsOperatedOK()) {
+				Dbg("update wk failed: %s", responseStatus.errorMsg.c_str());
+				m_entity->EndInitMK(ERR_INITIALIZER_INIT_EXCEPTION, responseStatus.errorMsg.c_str());
+			}
+			else {
+				if (m_entity->HasPinPad()) {
+					const bool testResult = SP::Module::Restful::ExtractDataFromDebranchResponse(result.content, instanceAns);
+					Dbg("ExtractDataFromDebranchResponse returned: %d", testResult);
+					if (m_entity->LoadKeysToPinPadACS(instanceAns.TMK, instanceAns.TPK, instanceAns.EDK, instanceAns.index) == Error_Succeed) {
+						m_entity->EndInitMK(Error_Succeed, "");
+					}
+					else {
+						m_entity->EndInitMK(ERR_INITIALIZER_INIT_EXCEPTION, "加载秘钥到密码键盘失败");//，待完善细化错误码oiltest
+					}
+				}
+				else {
+					m_entity->EndInitMK(Error_Succeed, "");
+				}
+			}
+		}
+		else {
+			Dbg("post wk failed: %s", result.WhatError().c_str());
+			m_entity->EndInitMK(ERR_INITIALIZER_INIT_EXCEPTION, result.WhatError().c_str());
+		}
+
+#else
+
+		IHttpFunc* client;
+		client = create_http(m_fsm->HttpsLogCallBack);
+		initMKReq.m_bTransCode = false;
+		CInitlizerMKRet initMKRet;
+		initMKReq.m_url = m_entity->GetInitUrl();
+		initMKReq.m_url += "/api/initmk";
+		bool ret = client->Post(initMKReq, initMKRet);
+		Dbg("code=%d", initMKRet.m_sysCode);
+		if (ret) {
+			Dbg("InitializerInitMKTask Connect Success.");
+			if (initMKRet.m_userCode.compare(ACS_SUCCESS)) {
+				Dbg("update wk failed: %s", initMKRet.m_errMsg.c_str());
+				std::string errStr("#ACS#");
+				errStr += initMKRet.m_errMsg;
+				m_entity->EndInitMK(ERR_INITIALIZER_INIT_EXCEPTION, errStr.c_str());
+				SAFE_DELETE_HTTPCLIENT(client);
+				return;
+			}
+			if (m_entity->HasPinPad()) {
+				if (m_entity->LoadKeysToPinPadACS(initMKRet.data.TMK, initMKRet.data.TPK, initMKRet.data.EDK, initMKRet.data.index) == Error_Succeed)
+					m_entity->EndInitMK(Error_Succeed, "");
+				else
+					m_entity->EndInitMK(ERR_INITIALIZER_INIT_EXCEPTION, "加载秘钥到密码键盘失败");//，待完善细化错误码oiltest
+			}
+			else
+				m_entity->EndInitMK(Error_Succeed, "");
+		}
+		else {
+			Dbg("UpdateWKTask Connect Failed.");
+		}
+		SAFE_DELETE_HTTPCLIENT(client);
+
+#endif //WITH_CPPRESTSDK
+
+	}
+};
+
 typedef struct _REG_TZI_FORMAT
 {
 	LONG Bias;
@@ -33,6 +262,8 @@ typedef struct _REG_TZI_FORMAT
 	SYSTEMTIME DaylightDate;
 } REG_TZI_FORMAT;
 
+
+
 void CAccessAuthSession::Handle_Regist(SpOnewayCallContext<AccessAuthService_Regist_Info>::Pointer ctx)
 {
 	m_pEntity->Regist();
@@ -43,19 +274,16 @@ void CAccessAuthSession::Handle_Unregist(SpOnewayCallContext<AccessAuthService_U
 	m_pEntity->Unregist(ctx->Info.nReason, ctx->Info.nWay);
 }
 
-void CAccessAuthSession::Handle_Reregist(SpOnewayCallContext<AccessAuthService_Reregist_Info>::Pointer ctx)
-{
-	m_pEntity->Reregist();
-}
 
-void CAccessAuthSession::Handle_PushTerminalStage(SpOnewayCallContext<AccessAuthService_PushTerminalStage_Info>::Pointer ctx)
+void CAccessAuthSession::Handle_InitDev(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer ctx)
 {
-	m_pEntity->PushTerminalStage(ctx->Info.cNewStage, ctx->Info.dwNewStageTime, ctx->Info.cOldStage, ctx->Info.dwOldStageTime);
+	m_pEntity->InitDevice(ctx);
 }
 
-void CAccessAuthSession::Handle_InitDev(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer ctx)
+void CAccessAuthSession::Handle_UpdateWK(SpOnewayCallContext<AccessAuthService_UpdateWK_Info>::Pointer ctx)
 {
-	m_pEntity->InitDevice(ctx);
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_USER).setAPI("UpdateWK")("call Handle_UpdateWK");
+	m_pEntity->UpdateWK();
 }
 
 void CAccessAuthSession::Handle_SyncTime(SpOnewayCallContext<AccessAuthService_SyncTime_Info>::Pointer ctx)
@@ -63,6 +291,19 @@ void CAccessAuthSession::Handle_SyncTime(SpOnewayCallContext<AccessAuthService_S
 	m_pEntity->SyncTime();
 }
 
+
+void CAccessAuthSession::Handle_InitializeNew(SpReqAnsContext<AccessAuthService_InitializeNew_Req, AccessAuthService_InitializeNew_Ans>::Pointer ctx)
+{
+	DbgWithLink(LOG_LEVEL_INFO, ctx->link.checkEmpty() ? LOG_TYPE_SYSTEM : LOG_TYPE_USER).setAPI("StartInitializeNew")("Handle_InitializeNew");
+	m_pEntity->m_ctx = ctx;
+
+	m_pEntity->m_strUserID = ctx->Req.strUserID.GetData();
+	m_pEntity->m_strPassword = ctx->Req.strPassword.GetData();
+
+	m_pEntity->BeginInitMKACS(); 
+}
+
+
 void CAccessAuthEntity::OnStarted()
 {
 	//设置时区为北京标准时区
@@ -113,17 +354,17 @@ ErrorCodeEnum CAccessAuthEntity::Regist()
 // 重新准入
 ErrorCodeEnum CAccessAuthEntity::Reregist()
 {
-	m_FSM.PostEventFIFO(new FSMEvent(CAccessAuthFSM::Event_StartReregist));
+	//m_FSM.PostEventFIFO(new FSMEvent(CAccessAuthFSM::Event_StartReregist));
 	return Error_Succeed;
 }
 
 // 准入退出
 ErrorCodeEnum CAccessAuthEntity::Unregist(int nReason, int nWay)
 {
-	FSMEvent *pEvent = new FSMEvent(CAccessAuthFSM::Event_StartUnregist);
+	/*FSMEvent *pEvent = new FSMEvent(CAccessAuthFSM::Event_StartUnregist);
 	pEvent->param1 = nReason;
 	pEvent->param2 = nWay;
-	m_FSM.PostEventFIFO(pEvent);
+	m_FSM.PostEventFIFO(pEvent);*/
 	return Error_Succeed;
 }
 
@@ -135,8 +376,8 @@ DWORD CAccessAuthEntity::SyncTime()
 ErrorCodeEnum CAccessAuthEntity::PushTerminalStage(char cNewStage, DWORD dwNewStageTime, char cOldStage, DWORD dwOldStageTime)
 {
 	Dbg("on PushTerminalStage, cNewStage: %c", cNewStage);
-	CAccessAuthFSM::ReportStateEvent *pEvent = new CAccessAuthFSM::ReportStateEvent(cNewStage, dwNewStageTime, cOldStage, dwOldStageTime);
-	m_FSM.PostEventFIFO(pEvent);
+	/*CAccessAuthFSM::ReportStateEvent *pEvent = new CAccessAuthFSM::ReportStateEvent(cNewStage, dwNewStageTime, cOldStage, dwOldStageTime);
+	m_FSM.PostEventFIFO(pEvent);*/
 	return Error_Succeed;
 }
 
@@ -658,7 +899,7 @@ void CAccessAuthEntity::printPasswdError(){
 	string strErrMsg = "密钥集丢失，请重新初始化密钥!";
 	SetAuthErrMsg(strErrMsg.c_str());
 	GetFunction()->SetSysVar("AuthErrMsg", strErrMsg.c_str(), true);
-	m_FSM.doWarnMsg( ERROR_ACCESSAUTH_OPENCRYPTCONTEXT, strErrMsg.c_str(),false, strErrMsg);
+	m_FSM.doWarnMsg( ERROR_ACCESSAUTH_OPENCRYPTCONTEXT, strErrMsg.c_str(),true, strErrMsg);
 }
 int Char2Int(char * ch) {
 	int num = 0;
@@ -676,7 +917,7 @@ bool CAccessAuthEntity::SaveAuthVerAndKey(int nAuthVer, BYTE *pKey)
 
 	if (m_nAuthVersion == 2)
 	{
-		CSimpleString runInfoPath;
+		CSimpleString runInfoPath, iniPath;
 		auto rc = GetFunction()->GetPath("runinfo", runInfoPath);
 		if (rc != Error_Succeed) {
 			Dbg("GetPath runinfo error=%d.", rc);
@@ -684,20 +925,29 @@ bool CAccessAuthEntity::SaveAuthVerAndKey(int nAuthVer, BYTE *pKey)
 		}
 		
 		char privateKey[BUF_SIZE] = { 0 };
-        runInfoPath += SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "Initializer.ini";
+		iniPath = runInfoPath + SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "AccessAuthorization.ini";
+        //runInfoPath += SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "Initializer.ini";
 
 #ifdef RVC_OS_WIN
 		GetPrivateProfileString("TerminalPD", "PrivateKey", "", privateKey, BUF_SIZE, runInfoPath.GetData());
 #else
-		Dbg("path ex：%s", runInfoPath.GetData());
-		char* tmp = inifile_read_str(runInfoPath.GetData(),"TerminalPD", "PrivateKey", "");
+		Dbg("path ex：%s", iniPath.GetData());
+		char* tmp = inifile_read_str(iniPath.GetData(),"TerminalPD", "PrivateKey", "");
 		strcpy(privateKey, tmp);
 		delete tmp;
 #endif // RVC_OS_WIN
 		
 		if (strlen(privateKey) <= 0) {
-			printPasswdError();
-			return false;
+			iniPath = runInfoPath + SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "Initializer.ini";
+			char* tmp2 = inifile_read_str(iniPath.GetData(), "TerminalPD", "PrivateKey", "");
+			strcpy(privateKey, tmp2);
+			delete tmp2;
+
+			if (strlen(privateKey) <= 0)
+			{
+				printPasswdError();
+				return false;
+			}
 		}
 		Dbg("privateKey=%s,%d", privateKey, strlen(privateKey));
 
@@ -964,26 +1214,36 @@ bool CAccessAuthEntity::GetTerminalFingerPrint(BYTE *pBuf, int &nBufLen)
 // 生成SM2密钥对，并导出公钥
 bool CAccessAuthEntity::GetTerminalPublicKey(BYTE *pBuf, int &nBufLen)
 {
-	CSimpleString runInfoPath;
+	CSimpleString runInfoPath, iniPath;
 	auto rc = GetFunction()->GetPath("runinfo", runInfoPath);
 	if (rc != Error_Succeed) {
 		Dbg("GetPath runinfo error=%d.", rc);
 		return false;
 	}
-	runInfoPath += SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "Initializer.ini";
+
+	iniPath = runInfoPath + SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "AccessAuthorization.ini";
+	//runInfoPath += SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "Initializer.ini";
 	char publicKey[BUF_SIZE] = { 0 };
 	
 #ifdef RVC_OS_WIN
 	GetPrivateProfileString("TerminalPD", "PublicKey", "", publicKey, BUF_SIZE, runInfoPath.GetData());
 #else
-	char* tmp = inifile_read_str(runInfoPath.GetData(), "TerminalPD", "PublicKey", "");
+	char* tmp = inifile_read_str(iniPath.GetData(), "TerminalPD", "PublicKey", "");
 	strcpy(publicKey, tmp);
 	delete tmp;
 #endif // RVC_OS_WIN
 	if (strlen(publicKey) <= 0) {
-		Dbg("读取公钥失败，公钥长度小于等于零！");
-		printPasswdError();
-		return false;
+		iniPath = runInfoPath + SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR "Initializer.ini";
+		char* tmp2 = inifile_read_str(iniPath.GetData(), "TerminalPD", "PublicKey", "");
+		strcpy(publicKey, tmp2);
+		delete tmp2;
+
+		if (strlen(publicKey) <= 0) 
+		{
+			Dbg("读取公钥失败，公钥长度小于等于零！");
+			printPasswdError();
+			return false;
+		}
 	}
 	Dbg("publickey=%s,%d",publicKey,strlen(publicKey));
 	
@@ -995,6 +1255,119 @@ bool CAccessAuthEntity::GetTerminalPublicKey(BYTE *pBuf, int &nBufLen)
 	return true;
 }
 
+// 生成RSA密钥对，并导出公钥
+bool CAccessAuthEntity::GetTerminalPublicKey(BYTE *pBuf, int &nBufLen,string &pubkey)
+{
+	LOG_FUNCTION();
+	CSimpleString runInfoPath;
+	auto rc = GetFunction()->GetPath("runinfo", runInfoPath);
+	if (rc != Error_Succeed) {
+		Dbg("GetPath runinfo error=%d.",rc);
+		return false;
+	}
+	runInfoPath += SPLIT_SLASH_STR "runcfg" SPLIT_SLASH_STR;
+	/*if (!boost::filesystem::exists(runInfoPath.GetData())) {
+		boost::filesystem::create_directories(runInfoPath.GetData());
+	}*/
+#ifdef RVC_OS_WIN
+	DWORD dwAttr = GetFileAttributes(runInfoPath.GetData());
+	if (dwAttr == 0xFFFFFFFF)  //目录不存在则创建   
+	{
+		if (!CreateDirectory(runInfoPath.GetData(), NULL))
+#else
+	if(!dir_is_exist(runInfoPath.GetData()))
+	{
+		if(dir_create(runInfoPath.GetData()) != 0)
+#endif
+		{
+			Dbg("Create %s dir failed!", runInfoPath.GetData());
+		}
+	}
+	Dbg("Dir=%s", runInfoPath.GetData());
+	//CSimpleString runFile = runInfoPath + GetEntityName();
+	CSmartPointer<IConfigInfo> pConfig;
+	rc = GetFunction()->OpenConfig(Config_Run, pConfig);
+	if (rc != Error_Succeed) {
+		Dbg("OpenConfig Config_Run error=%d.", rc);
+		return false;
+	}
+	CSimpleString publicKey;
+	rc = pConfig->ReadConfigValue("TerminalPD","PublicKey",publicKey);
+	if (rc != Error_Succeed || publicKey.IsNullOrEmpty()) {
+		Dbg("ReadConfig publicKey error=%d or publicKey is NULL.", rc);
+		BYTE btPublicKey[BUF_SIZE] = { 0 }, btPrivateKey[BUF_SIZE] = { 0 };
+		int iPublicKeyLen = sizeof(btPublicKey);
+		int iPrivateKeyLen = sizeof(btPrivateKey);
+		if (!::CreateSM2KeyPair(btPublicKey, &iPublicKeyLen, btPrivateKey, &iPrivateKeyLen)) {
+			Dbg("Create SM2 key pair error.");
+			return false;
+		}
+		Dbg("iPublicKeyLen=%d,iPrivateKeyLen=%d", iPublicKeyLen, iPrivateKeyLen);
+		Dbg("[btPublicKey=%s]", (char*)btPublicKey);
+	
+		char* pEncode = Str2Hex((char*)btPublicKey,iPublicKeyLen);
+		Dbg("pEncode=%s,%d", pEncode,strlen(pEncode));
+		//尝试解码
+		/*int pDecodeLen = 0;
+		char* pDecode = Hex2Str(pEncode,pDecodeLen);
+		Dbg("pDecode=%s", pDecode);
+		Dbg("pDecodeLen=%d", pDecodeLen);
+		char *ret = Str2Hex(pDecode, pDecodeLen);
+		Dbg("ret=%s,%d", ret, strlen(ret));
+		
+		if (strcmp(ret, pEncode)!=0) {
+			
+			Dbg("No");
+			return false;
+		}
+		Dbg("Yes");
+		delete[] pDecode;
+		delete[] ret;*/
+
+		rc = pConfig->WriteConfigValue("TerminalPD", "PublicKey", pEncode);
+		assert(rc == Error_Succeed);
+		pubkey = pEncode;
+		Dbg("write public key success.");
+
+		BYTE pCryptPrivateKey[BUF_SIZE] = { 0 };
+		int cryptPrivateKeyLen = BUF_SIZE;
+		if (!EncWithSM4_ECB("s5da69gnh4!963@6s5da69gnh4!963@6", btPrivateKey, iPrivateKeyLen, pCryptPrivateKey, &cryptPrivateKeyLen)) {
+			Dbg("sm4 crypt privateKey error.");
+			rc = pConfig->WriteConfigValue("TerminalPD", "PublicKey", "");
+			delete[] pEncode;
+			return false;
+		}
+		
+		Dbg("sm4 encrypt pri key success.");
+		Dbg("cryptPrivateKeyLen=%d", cryptPrivateKeyLen);
+		
+		char* pEncodedCryptPrivateKey = Str2Hex((char*)pCryptPrivateKey, cryptPrivateKeyLen);
+		Dbg("encode pri key success.");
+
+		rc = pConfig->WriteConfigValue("TerminalPD", "PrivateKey", pEncodedCryptPrivateKey);
+		if (rc != Error_Succeed) {
+			rc = pConfig->WriteConfigValue("TerminalPD", "PublicKey", "");
+			delete[] pEncodedCryptPrivateKey;
+			return false;
+		}
+		Dbg("write pri key success.");
+		publicKey = pEncode;
+		delete[] pEncode;
+		delete[] pEncodedCryptPrivateKey;
+	}
+	else
+	{ 
+		pubkey = publicKey;
+	}
+	Dbg("PublicKey: %s(%d)", publicKey.GetData(), publicKey.GetLength());
+	char *pDecode = Hex2Str(publicKey.GetData(),nBufLen);
+	
+	memcpy(pBuf, pDecode, nBufLen);
+	Dbg("pBuf[0]=%02X,nBufLen=%d", pBuf[0], nBufLen);
+	return true;
+}
+
+
 DWORD CAccessAuthEntity::InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx)
 {
 	return m_FSM.InitDevice(ctx);
@@ -1436,6 +1809,356 @@ bool CAccessAuthEntity::IsMachineTypeConfigurePinPad(CSimpleStringA strMachineTy
 	else
 		return true;
 }
+
+void CAccessAuthEntity::UpdateWK()
+{
+	m_FSM.UpdateWK();
+}
+
+void CAccessAuthEntity::BeginInitMKACS()
+{
+	LOG_FUNCTION();
+	// 1:3des only; 2: sm4 only; 3: both 3des and sm4
+	int nCapability = GetPinPadCapability();
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("BeginInitMKACS")("pinpad capability: %d", nCapability);
+
+	CSmartPointer<IConfigInfo> spConfig;
+	ErrorCodeEnum Error = GetFunction()->OpenConfig(Config_CenterSetting, spConfig);
+	if (Error_Succeed == Error)
+	{
+		Error = spConfig->ReadConfigValue("AccessAuthorization", "HostInitUrl", m_strInitUrl);
+		if (Error_Succeed == Error)
+		{
+			DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("BeginLoginACS")("get InitUrl=%s from CenterSetting.ini", m_strInitUrl);
+		}
+		else
+		{
+			DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("BeginLoginACS")("get InitUrl from CenterSetting.ini failed");
+			return;
+		}
+
+	}
+	CSmartPointer<InitializerInitMKTask> initUpdateWKTask = new InitializerInitMKTask(&this->m_FSM, this);
+	GetFunction()->PostThreadPoolTask(initUpdateWKTask.GetRawPointer());
+}
+
+
+ErrorCodeEnum CAccessAuthEntity::LoadKeysToPinPadACS(string TMK, string TPK, string EDK, string index)
+{
+	LOG_FUNCTION();
+	//获取私钥
+	CSmartPointer<IConfigInfo> pConfigRun;
+	auto rc = GetFunction()->OpenConfig(Config_Run, pConfigRun);
+	if (rc != Error_Succeed) {
+		Dbg("OpenConfig Config_Run error=%d.", rc);
+		return Error_Unexpect;
+	}
+	CSimpleStringA csPrivateKey("");
+	pConfigRun->ReadConfigValue("TerminalPD", "PrivateKey", csPrivateKey);
+	Dbg("privateKey len:%d", csPrivateKey.GetLength());
+
+	int decodedPrivateKeyLen;
+
+	char* pDecodedPrivateKey = Hex2Str(csPrivateKey.GetData(), decodedPrivateKeyLen);
+	Dbg("decodedPrivateKeyLen=%d", decodedPrivateKeyLen);
+
+	char pDecryptPrivateKey[BUF_SIZE] = { 0 };
+	int decryprtLen = BUF_SIZE;
+	if (!DecWithSM4_ECB("s5da69gnh4!963@6s5da69gnh4!963@6", (BYTE*)pDecodedPrivateKey, decodedPrivateKeyLen, (BYTE*)pDecryptPrivateKey, &decryprtLen)) {
+		Dbg("DecWithSM4_ECB decrypt privateKey error.");
+		delete[] pDecodedPrivateKey;
+		return Error_Unexpect;
+	}
+	delete[] pDecodedPrivateKey;
+	Dbg("DecWithSM4_ECB succeess.len:%d.", decryprtLen);
+
+	char pPlainTMK[BUF_SIZE], pPlainTPK[BUF_SIZE], pPlainEDK[BUF_SIZE];
+	memset(pPlainTMK, 0, BUF_SIZE);
+	memset(pPlainTPK, 0, BUF_SIZE);
+	memset(pPlainEDK, 0, BUF_SIZE);
+	int plainKeyLen = BUF_SIZE;
+
+	char* pxx = new char[1024];
+	memset(pxx, 0, 1024);
+	HexBuf2StrBuf((BYTE*)pDecryptPrivateKey, &pxx, decryprtLen);
+	PBYTE pBt = new BYTE[512];
+	memset(pBt, 0, 512);
+	StrBuf2HexBuf(TMK.c_str(), &pBt);
+
+	if (!DecWithSM2PriKey(pBt, TMK.size() / 2, (BYTE*)pPlainTMK, &plainKeyLen, (BYTE*)pDecryptPrivateKey, decryprtLen)) {
+		Dbg("使用私钥解密TMK失败！");
+		return Error_Unexpect;
+	}
+	//char* pEncodeTPK = MyBase64::Str2Hex(TPK.c_str(), TPK.size());
+	PBYTE pTPK = new BYTE[512];
+	memset(pTPK, 0, 512);
+	int len = StrBuf2HexBuf(TPK.c_str(), &pTPK);
+	plainKeyLen = BUF_SIZE;
+	Dbg("001,len:%d", len);
+	if (!DecWithSM2PriKey(pTPK, TPK.size() / 2, (BYTE*)pPlainTPK, &plainKeyLen, (BYTE*)pDecryptPrivateKey, decryprtLen)) {
+		Dbg("使用私钥解密TPK失败！");
+		//delete[]pEncodeTPK;
+		return Error_Unexpect;
+	}
+	//char* pEncodeEDK = MyBase64::Str2Hex(EDK.c_str(), EDK.size());
+	PBYTE pEDK = new BYTE[512];
+	memset(pEDK, 0, 512);
+	StrBuf2HexBuf(EDK.c_str(), &pEDK);
+	plainKeyLen = BUF_SIZE;
+	if (!DecWithSM2PriKey(pEDK, EDK.size() / 2, (BYTE*)pPlainEDK, &plainKeyLen, (BYTE*)pDecryptPrivateKey, decryprtLen)) {
+		Dbg("使用私钥解密EDK失败！");
+		//delete[]pEncodeEDK;
+		return Error_Unexpect;
+	}
+	Dbg("解密秘钥成功");
+	//加载到密码键盘
+	Dbg("load sm key to pinpad...");
+
+	PinPadService_ClientBase* pPinPad = new PinPadService_ClientBase(this);
+	rc = pPinPad->Connect();
+	if (rc == Error_Succeed)
+	{
+		PinPadService_LoadKeysSM_Req req = {};
+		req.initializeflag = true;
+		req.smflag = 1;
+
+
+		Dbg("使用云接口获取的KMC密钥");
+		req.masterkey = pPlainTMK;
+		req.workingkey1 = pPlainTPK;
+		req.workingkey2 = pPlainEDK;
+		req.reserved3 = index.c_str();
+
+		if (req.initializeflag) Dbg("initializeflag is true");
+		else Dbg("initializeflag is false");
+		Dbg("req.smflag=%d", req.smflag);
+		Dbg("req.masterkey=%s", req.masterkey.GetData());
+		Dbg("req.workingkey1=%s", req.workingkey1.GetData());
+		Dbg("req.workingkey2=%s", req.workingkey2.GetData());
+		Dbg("req.reserved3=%s", req.reserved3.GetData());
+
+		PinPadService_LoadKeysSM_Ans ans = {};
+		rc = pPinPad->LoadKeysSM(req, ans, 30000);
+		if (rc == Error_Succeed)
+			Dbg("load sm key to pinpad succ");
+		else
+		{
+			Dbg("load sm key to pinpad failed.");
+			return Error_Unexpect;
+			//SetAuthErrMsg("加载SM密钥到PinPad失败");
+			//doWarnMsg(ERR_INITIALIZER_LOAD_KEYS_TO_PINPAD,
+			//	GetOutPutStr("%s%08x%s%s", "LoadKeys", rc, "strErrMsg", "加载SM密钥到PinPad失败").c_str());
+
+			//rc = ERR_INITIALIZER_LOAD_KEYS_TO_PINPAD;
+		}
+
+		pPinPad->GetFunction()->CloseSession();
+	}
+	else
+	{
+		Dbg("oiltest connect to pinpad failed.");
+		return Error_Unexpect;
+	}
+
+	return Error_Succeed;
+}
+
+bool CAccessAuthEntity::SendInitMKReqACS(CInitlizerMKReq& initMKReq)
+{
+	LOG_FUNCTION();
+	CSmartPointer<IEntityFunction> pFunc = GetFunction();
+
+	//auto pEntity = ((CInitializerEntity*)m_pEntity);
+
+	// 如果有外置PinPad，则需要初始化主密钥
+	if (HasPinPad())
+	{
+		CSmartPointer<IConfigInfo> pConfig;
+		DWORD rc = pFunc->OpenConfig(Config_CenterSetting, pConfig);
+		if (rc != Error_Succeed)
+		{
+			LogWarn(Severity_Middle, (ErrorCodeEnum)rc, ERR_INITIALIZER_READ_WRITE_FILE,
+				GetOutPutStr("%s%08X%s%s", "OpenConfig", rc, "File", "Config_CenterSetting").c_str());
+			rc = ERR_INITIALIZER_READ_WRITE_FILE;
+			return rc;
+		}
+
+		CSimpleStringA strSubBankNo, strBranchNo;
+		rc = pConfig->ReadConfigValue("Initializer", "SubBankNo", strSubBankNo);
+		if (rc == Error_Succeed)
+			rc = pConfig->ReadConfigValue("Initializer", "BranchNo", strBranchNo);
+
+		if (rc != Error_Succeed)
+		{
+			LogWarn(Severity_Low, (ErrorCodeEnum)rc, ERR_INITIALIZER_READ_WRITE_FILE,
+				GetOutPutStr("%s%08X%s%s", "ReadConfigValue", rc, "File", "SubBankNo & BranchNo").c_str());
+			rc = ERR_INITIALIZER_READ_WRITE_FILE;
+			return rc;
+		}
+
+		// 1:3des only; 2: sm4 only; 3: both 3des and sm4
+		int nCapability = GetPinPadCapability();
+		Dbg("pinpad capability: %d", nCapability);
+
+		//gui console中，用户桌面，蓝牙多合一绑定时的初始化会重置kmc密钥，自动初始化不会重置密钥，自动初始化的目的仅用在非国密
+		//版本到国密版本的升级无缝切换
+		//if (m_bHandWork && !m_afterSMIsFirst) {
+		if (false) {//oiltest@20211113
+			Dbg("初始化开始重置密钥。。。");
+			if (nCapability == 1 || nCapability == 3)
+			{
+				// support des key
+				initMKReq.MKD_REQ2.branchNo = strSubBankNo;
+				initMKReq.MKD_REQ2.subBankNo = strBranchNo;
+			}
+
+			if (nCapability == 2 || nCapability == 3)
+			{
+				// support sm key
+				initMKReq.MKD_SMR2.branchNo = strSubBankNo;
+				initMKReq.MKD_SMR2.subBankNo = strBranchNo;
+			}
+		}
+	}
+	else
+	{
+		Dbg("has no pinpad, not need init MK");
+	}
+
+	bool bHasPinPad = false;
+	CSimpleStringA strPinPadID = "", strDeviceID = "";
+	int nRet = GetPinPadIDAndDeviceID(strPinPadID, strDeviceID, bHasPinPad);
+	Dbg("GetPinPadIDAndDeviceID ret: %d, PinPadID: %s, DeviceID: %s", nRet, (const char*)strPinPadID, (const char*)strDeviceID);
+	// 从系统获取设备信息和硬件信息	
+	// 变长结构初始化
+	char buf2[512];
+	memset(buf2, 0, 512);
+
+	CSystemStaticInfo si;
+	pFunc->GetSystemStaticInfo(si);
+	initMKReq.MKD_NEW1.terminalNo = si.strTerminalID;
+	initMKReq.MKD_NEW1.installVersion = si.InstallVersion.ToString();
+	if (nRet == 2 || nRet == 3) {
+		initMKReq.MKD_NEW1.padDeviceID = strDeviceID;
+	}
+
+	initMKReq.MKD_NEW1.machineType = si.strMachineType;
+	initMKReq.MKD_NEW1.site = si.strSite;
+	BYTE xIP[64] = {};
+#ifdef RVC_OS_WIN
+	hostent* ent = gethostbyname(NULL);
+	if (ent && ent->h_addr_list[0] != NULL)
+	{
+		int i = 0;
+		for (; ent->h_addr_list[i] != NULL; ++i)
+		{
+			struct in_addr* in = (struct in_addr*)ent->h_addr_list[i];
+			if (in->S_un.S_un_b.s_b1 == 99 || in->S_un.S_un_b.s_b1 == 10)
+				break;
+		}
+
+		if (ent->h_addr_list[i] == NULL)
+			i = 0;
+
+		auto in = (struct in_addr*)ent->h_addr_list[i];
+
+		sprintf(xIP, "%d.%d.%d.%d", in->S_un.S_un_b.s_b1, in->S_un.S_un_b.s_b2, in->S_un.S_un_b.s_b3, in->S_un.S_un_b.s_b4);
+		initMKReq.MKD_NEW1.ip = xIP;
+		Dbg("ip:%s", xIP);
+	}
+#else
+	char ip[32] = { 0 };
+	if (getIPFromLinux(ip)) Dbg("Get IP From Linux Error ex.");
+	else {
+		if (ip2byte(ip, xIP)) Dbg("Ip 2 Byte Error");
+		else {
+			for (int i = 0; i < 4; i++) {
+				Dbg("ip[%d]=%d", i, xIP[i]);
+			}
+			char strIP[64];
+			memset(strIP, 0, 64);
+			sprintf(strIP, "%d.%d.%d.%d", xIP[0], xIP[1], xIP[2], xIP[3]);
+			initMKReq.MKD_NEW1.ip = strIP;
+		}
+	}
+#endif //RVC_OS_WIN
+
+	initMKReq.MKD_NEW1.enrolGPS = "00000A4500000A4E";//oiltmp
+	initMKReq.MKD_NEW1.enrolAddr = si.strEnrolAddr;
+
+	initMKReq.MKD_REQ3[0]->modal = "";
+	initMKReq.MKD_REQ3[0]->factory = "";
+	initMKReq.MKD_REQ3[0]->type = "";
+	initMKReq.MKD_REQ3[0]->version = "";
+	BYTE fingerPrint[32] = { 0 };
+	int nBufLen = sizeof(fingerPrint);
+	if (!GetTerminalFingerPrint(fingerPrint, nBufLen))
+	{
+		LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_GET_TERMINAL_FINGERPRINT,
+			GetOutPutStr("%s%s", "GetTerminalFingerPrint", "False").c_str());
+		return ERR_INITIALIZER_GET_TERMINAL_FINGERPRINT;
+	}
+	string xFingerPrint = ConvertBytesToHexStr(fingerPrint, nBufLen);
+	initMKReq.MKD_REQ4.fingerPrint = xFingerPrint.substr(0, 32);
+	initMKReq.MKD_REQ4.fingerPrintSM = xFingerPrint.substr(32, 64);
+
+	BYTE xPublicKey[148];
+	nBufLen = sizeof(xPublicKey);
+	Dbg("开始获取公钥。。。");
+	memset(xPublicKey, 0, nBufLen);
+	Dbg("nBufLen=%d", nBufLen);
+	if (!GetTerminalPublicKey(xPublicKey, nBufLen, initMKReq.MKD_REQ4.publicKey))
+	{
+		LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_GET_TERMINAL_PUBKEY,
+			GetOutPutStr("%s%s", "GetTerminalPublicKey", "False").c_str());
+		return ERR_INITIALIZER_GET_TERMINAL_PUBKEY;
+	}
+
+	if (nRet == 1 || nRet == 3)
+		//strncpy(req4.PinPadID, (const char*)strPinPadID, sizeof(req4.PinPadID) - 1);
+		initMKReq.MKD_REQ4.pinPadID = strPinPadID;
+
+	//国密改造
+	initMKReq.MKD_REQ5.isFirstSM = GetOrSetIsFirstSM(0);
+	initMKReq.MKD_REQ5.isSM = 1;
+	Dbg("rinitMKReq.MKD_REQ5.isFirstSM=%d", initMKReq.MKD_REQ5.isFirstSM);
+	return true;
+}
+
+void CAccessAuthEntity::EndInitMK(DWORD rc, const char *pszErrMsg)
+{
+	LOG_FUNCTION();
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("EndInitMK")("EndInitMK:rc:%d,errMsg:%s", rc, pszErrMsg);
+	GetFunction()->KillTimer(22);
+
+	m_strLastErrMsg = pszErrMsg;
+
+	if (rc != Error_Succeed)
+	{
+		LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_INIT_MK,
+			GetOutPutStr("%s%08X%s%s", "EndInitMK", rc,"pszErrMsg", pszErrMsg).c_str());
+
+		GetFunction()->ShowFatalError(pszErrMsg);
+	}
+	else
+	{
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("EndInitMK")("初始化成功。。。");
+	}
+
+	m_eErrNum = rc;
+
+	bool bSuc = rc == Error_Succeed;
+
+	// 通知UI窗口
+	if (m_ctx != NULL) {
+		Dbg("success");
+		m_ctx->Ans.Errcode = rc;
+		m_ctx->Ans.ErrMsg = m_strLastErrMsg;
+		m_ctx->Answer(Error_Succeed);
+	}
+
+}
+
 SP_BEGIN_ENTITY_MAP()
 	SP_ENTITY(CAccessAuthEntity)
 SP_END_ENTITY_MAP()

Module/mod_accessauth/mod_AccessAuth.h

@@ -18,9 +18,9 @@ public:
 
 	virtual void Handle_Regist(SpOnewayCallContext<AccessAuthService_Regist_Info>::Pointer ctx);	
 	virtual void Handle_Unregist(SpOnewayCallContext<AccessAuthService_Unregist_Info>::Pointer ctx);
-	virtual void Handle_Reregist(SpOnewayCallContext<AccessAuthService_Reregist_Info>::Pointer ctx);
-	virtual void Handle_PushTerminalStage(SpOnewayCallContext<AccessAuthService_PushTerminalStage_Info>::Pointer ctx);
 	virtual void Handle_InitDev(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer ctx);
+	virtual void Handle_UpdateWK(SpOnewayCallContext<AccessAuthService_UpdateWK_Info>::Pointer ctx);
+	virtual void Handle_InitializeNew(SpReqAnsContext<AccessAuthService_InitializeNew_Req, AccessAuthService_InitializeNew_Ans>::Pointer ctx);
 	virtual void Handle_SyncTime(SpOnewayCallContext<AccessAuthService_SyncTime_Info>::Pointer ctx);	
 	
 private:
@@ -49,6 +49,7 @@ public:
 
 	// 开始准入
 	ErrorCodeEnum Regist();
+	void UpdateWK();
 
 	// 重新准入
 	ErrorCodeEnum Reregist();
@@ -114,6 +115,8 @@ public:
 
 	bool GetTerminalFingerPrint(BYTE *pBuf, int &nBufLen);
 	bool GetTerminalPublicKey(BYTE *pBuf, int &nBufLen);
+	bool GetTerminalPublicKey(BYTE* pBuf, int& nBufLen, string& pubkey);
+
 	bool GetMD5Hash(const char *pStr, BYTE md5[16]);
 	
 	DWORD InitDevice(SpReqAnsContext<AccessAuthService_InitDev_Req, AccessAuthService_InitDev_Ans>::Pointer &ctx);
@@ -150,6 +153,57 @@ public:
 	string m_EDK;
 	string m_index;
 	bool m_bGetKMCKey;
+
+	CSimpleStringA m_strUserID, m_strPassword, m_strInitUrl;
+	SpReqAnsContext<AccessAuthService_InitializeNew_Req, AccessAuthService_InitializeNew_Ans>::Pointer m_ctx;
+
+	void BeginInitMKACS();
+	bool SendInitMKReqACS(CInitlizerMKReq& initMKReq);
+	CSimpleStringA GetInitUrl()
+	{
+		return m_strInitUrl;
+	}
+	void EndInitMK(DWORD rc, const char* pszErrMsg);
+	ErrorCodeEnum LoadKeysToPinPadACS(string TMK, string TPK, string EDK, string index);
+	DWORD m_eErrNum;
+	CSimpleStringA m_strLastErrMsg;
+
+	int HexBuf2StrBuf(PBYTE hexBuf, char** strBuf, DWORD len)
+	{
+		char* tmpStr = *strBuf;
+		int count = 0;
+		for (int i = 0; i < len; ++i)
+		{
+			sprintf(tmpStr + count, "%0.2X", hexBuf[i]);
+			count += 2;
+		}
+		return 0;
+	}
+
+
+	int StrBuf2HexBuf(LPCTSTR strBuf, PBYTE* hexBuf)
+	{
+		int len = strlen(strBuf);
+		if (len == 0 || len % 2 != 0)
+			return 0;
+		BYTE* buf = new BYTE[len / 2];
+		if (buf == NULL)
+			return 0;
+		int j = 0;
+		for (int i = 0; i < len;)
+		{
+			int tmpVal;
+			sscanf(strBuf + i, "%2X", &tmpVal);
+			buf[j] = tmpVal;
+			//buf[j] = char2int(strBuf[i])*16 + char2int(strBuf[i+1]);
+			i += 2;
+			j++;
+		}
+		//memcpy(buf,strBuf,len);
+		*hexBuf = buf;
+		return j;
+	}
+
 protected:
 	CAccessAuthFSM m_FSM;
 

Module/mod_guiconsole/guitask.cpp

@@ -217,7 +217,7 @@ ErrorCodeEnum GUITask::BeginAccessAuth()
 
 ErrorCodeEnum GUITask::BeginInitialize()
 {
-	InitializerService_ClientBase *pClient = new InitializerService_ClientBase(m_pEntity);
+	/*InitializerService_ClientBase *pClient = new InitializerService_ClientBase(m_pEntity);
 	auto rc = pClient->Connect();
 	if (rc == Error_Succeed)
 	{
@@ -231,7 +231,9 @@ ErrorCodeEnum GUITask::BeginInitialize()
 		pClient->SafeDelete();
 	}
 	
-	return rc;
+	return rc;*/
+
+	return Error_Succeed;
 }
 
 ErrorCodeEnum GUITask::ShowMobileDialog()

Module/mod_healthmanager/HealthManagerFSM.cpp

@@ -222,6 +222,13 @@ ErrorCodeEnum CHealthManagerFSM::Initial()
     }
 #endif //RVC_OS_LINUX
 
+	CSmartPointer<IConfigInfo> spCerConfig;
+	GetEntityBase()->GetFunction()->OpenConfig(Config_CenterSetting, spCerConfig);
+	spCerConfig->ReadConfigValueInt(GetEntityBase()->GetEntityName(), "WKUpdatePeriod", m_wkUpdatePeriod);
+	if (m_wkUpdatePeriod < 0 || m_wkUpdatePeriod > 365)
+		m_wkUpdatePeriod = 30;//default
+	spCerConfig->ReadConfigValueInt(GetEntityBase()->GetEntityName(), "DoNotUpdateWKDaily", m_iDoNotUpdateWKDaily);
+
 	GetEntityBase()->GetFunction()->SetSysVar("TerminalStage", "X");
     WaitDeamonFinishTask* task = new WaitDeamonFinishTask(this);
     GetEntityBase()->GetFunction()->PostThreadPoolTask(task);
@@ -1347,55 +1354,55 @@ int CHealthManagerFSM::WaitDeamonFinish()
 	}
 	return 0;
 }
-int CHealthManagerFSM::DoInitialization()
-{
-	LOG_FUNCTION();
-
-	ErrorCodeEnum eErr;
-	CSmartPointer<IEntityFunction> pFunc = GetEntityBase()->GetFunction();
-	CSmartPointer<IEntityFunctionPrivilege> pFuncPrivilege = pFunc.ConvertCase<IEntityFunctionPrivilege>();
-	CEntityRunInfo acInfo;
-	eErr = pFunc->GetEntityRunInfo("Initializer",acInfo);
-	Dbg("Initializer state return %d",eErr);
-	if (eErr == Error_Succeed && (acInfo.eState == EntityState_NoStart || acInfo.eState == EntityState_Idle))
-	{
-		if (acInfo.eState == EntityState_NoStart)
-		{
-			CSmartPointer<IAsynWaitSp> spWaitInit;
-			eErr = pFuncPrivilege->StartEntity("Initializer",NULL,spWaitInit);
-			if (eErr == Error_Succeed)
-				eErr = spWaitInit->WaitAnswer(MAX_AYSNC_TIMEOUT);
-			eErr = pFunc->GetEntityRunInfo("Initializer",acInfo);
-			if (eErr != Error_Succeed || acInfo.eState != EntityState_Idle)
-			{
-				Dbg("start Initializer failed(%d,%d).",eErr,acInfo.eState);
-				return 1;
-			}
-		}
-		if (m_pInitClient == NULL)
-		{
-			m_pInitClient = new InitializerService_ClientBase(this->GetEntityBase());
-			eErr = m_pInitClient->Connect();
-			if (eErr != Error_Succeed) {
-				Dbg("Initializer connected failed.");
-				m_pInitClient->SafeDelete();
-				m_pInitClient = NULL;
-				return 2;
-			}
-			else
-				Dbg("Initializer connected.");
-		}
-		InitializerService_Initialize_Info initInfo;
-		m_pInitClient->Initialize(initInfo);
-		//no need to wait,just go
-		return 0;
-	}
-	else
-	{
-		Dbg("Get Initializer RunInfo failed(%d).",eErr);
-		return 3;
-	}
-}
+//int CHealthManagerFSM::DoInitialization()
+//{
+//	LOG_FUNCTION();
+//
+//	ErrorCodeEnum eErr;
+//	CSmartPointer<IEntityFunction> pFunc = GetEntityBase()->GetFunction();
+//	CSmartPointer<IEntityFunctionPrivilege> pFuncPrivilege = pFunc.ConvertCase<IEntityFunctionPrivilege>();
+//	CEntityRunInfo acInfo;
+//	eErr = pFunc->GetEntityRunInfo("Initializer",acInfo);
+//	Dbg("Initializer state return %d",eErr);
+//	if (eErr == Error_Succeed && (acInfo.eState == EntityState_NoStart || acInfo.eState == EntityState_Idle))
+//	{
+//		if (acInfo.eState == EntityState_NoStart)
+//		{
+//			CSmartPointer<IAsynWaitSp> spWaitInit;
+//			eErr = pFuncPrivilege->StartEntity("Initializer",NULL,spWaitInit);
+//			if (eErr == Error_Succeed)
+//				eErr = spWaitInit->WaitAnswer(MAX_AYSNC_TIMEOUT);
+//			eErr = pFunc->GetEntityRunInfo("Initializer",acInfo);
+//			if (eErr != Error_Succeed || acInfo.eState != EntityState_Idle)
+//			{
+//				Dbg("start Initializer failed(%d,%d).",eErr,acInfo.eState);
+//				return 1;
+//			}
+//		}
+//		if (m_pInitClient == NULL)
+//		{
+//			m_pInitClient = new InitializerService_ClientBase(this->GetEntityBase());
+//			eErr = m_pInitClient->Connect();
+//			if (eErr != Error_Succeed) {
+//				Dbg("Initializer connected failed.");
+//				m_pInitClient->SafeDelete();
+//				m_pInitClient = NULL;
+//				return 2;
+//			}
+//			else
+//				Dbg("Initializer connected.");
+//		}
+//		InitializerService_Initialize_Info initInfo;
+//		m_pInitClient->Initialize(initInfo);
+//		//no need to wait,just go
+//		return 0;
+//	}
+//	else
+//	{
+//		Dbg("Get Initializer RunInfo failed(%d).",eErr);
+//		return 3;
+//	}
+//}
 
 //0:auth suc or have already authed;1:auth failed;
 int CHealthManagerFSM::AccessAuthDoWork()
@@ -1421,7 +1428,7 @@ int CHealthManagerFSM::AccessAuthDoWork()
 	bool bToDoInit = false;
 	if (eErr == Error_Succeed)
 	{
-		if (csTermStage[0] == 'U')
+		/*if (csTermStage[0] == 'U')
 		{
 			bToDoInit = true;
 			int initTime = 0;
@@ -1452,7 +1459,7 @@ INITIALIZATION:
 						break;
 				}
 			}
-		}
+		}*/
 	}
 	else
 	{
@@ -2502,6 +2509,7 @@ void CHealthManagerFSM::JudgeIfNeedInitFWB()
 }
 void CHealthManagerFSM::FWBDoInit()
 {
+#ifdef RVC_OS_WIN
 	LOG_FUNCTION();
 	Sleep(2000);
 	CSimpleStringA currCheckCode(""), runcfgCkCode("");
@@ -2567,7 +2575,9 @@ void CHealthManagerFSM::FWBDoInit()
 		LogWarn(Severity_Low, Error_Unexpect, HealthManager_UserErrorCode_InitForFWB_GetAuthAddr_Fail, "Init for fwb,get authaccess address suc.");
 	}
 	return;
+#endif
 }
+
 bool CHealthManagerFSM::IsCutIEBrowser()
 {
 	LOG_FUNCTION();
@@ -2589,3 +2599,177 @@ bool CHealthManagerFSM::IsCutIEBrowser()
 	//else
 	//	return false;
 }
+void CHealthManagerFSM::AutoDoInitForAll()
+{
+	LOG_FUNCTION();
+	m_bDoingAutoInit = true;
+	ErrorCodeEnum eErr;
+	if (m_pACClient == NULL || m_pACClient->QuerySessionClosed())
+	{
+		m_pACClient = new AccessAuthService_ClientBase(this->GetEntityBase());
+		eErr = m_pACClient->Connect();
+		if (eErr != Error_Succeed) {
+			m_bDoingAutoInit = false;
+			DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("AutoDoInitForAll")("AccessAuth connected failed.");
+			m_pACClient->SafeDelete();
+			m_pACClient = NULL;
+			return;
+		}
+		else {
+			DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("AutoDoInitForAll")("AccessAuth connected.");
+		}
+	}
+
+	AccessAuthService_InitializeNew_Req initReq;
+	AccessAuthService_InitializeNew_Ans initAns;
+	initReq.strAuthServer = "";
+	initReq.strUserID = "admin";
+	initReq.strPassword = "";
+	eErr = m_pACClient->InitializeNew(initReq, initAns, 60000);
+	m_autoDoInitCount++;
+	if (eErr == Error_Succeed)
+	{
+		//Dbg("Auto Init suc.");
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("AutoDoInitForAll")("Auto Init suc.");
+		LogWarn(Severity_Low, Error_Unexpect, HealthManager_UserErrorCode_AutoDoInit_Suc, "Auto Init suc.");
+		m_bDoingAutoInit = false;
+	}
+	else
+	{
+		//Dbg("Auto Init failed:%d", eErr);
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("AutoDoInitForAll")("Auto Init failed:%d", eErr);
+		LogWarn(Severity_Low, Error_Unexpect, HealthManager_UserErrorCode_AutoDoInit_Fail, "Auto Init failed.");
+	}
+
+	m_bDoingAutoInit = false;
+	return;
+}
+void CHealthManagerFSM::CheckIfNeedAutoInit()
+{
+	ErrorCodeEnum eErr = Error_Unexpect;
+	bool bNeedAutoInit = false;
+	PinPadService_ClientBase* pClient = new PinPadService_ClientBase(this->m_pEntity);
+	if (pClient != NULL)
+	{
+		eErr = pClient->Connect();
+		if (eErr == Error_Succeed)
+		{
+			PinPadService_QueryFunc_Req reqQ;
+			PinPadService_QueryFunc_Ans ansQ;
+			eErr = pClient->QueryFunc(reqQ, ansQ, 5000);
+			if (eErr == Error_Succeed)
+			{
+				if ((ansQ.encryptkey == 3 || ansQ.encryptkey == 2) && ansQ.reserved1 == 1)
+				{
+					bNeedAutoInit = true;
+				}
+			}
+			else {
+				//Dbg("QueryFunc failed.error code:%d", eErr);
+				DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("CheckIfNeedAutoInit")("QueryFunc failed.error code:%d", eErr);
+			}
+		}
+		else {
+			//Dbg("connect to pinpad failed.error code:%d", eErr);
+			DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("CheckIfNeedAutoInit")("connect to pinpad failed.error code:%d", eErr);
+		}
+	}
+	if (bNeedAutoInit && !m_bDoingAutoInit && m_autoDoInitCount < 2)
+	{
+		AutoDoInitForAllTask* pTask = new AutoDoInitForAllTask(this);
+		GetEntityBase()->GetFunction()->PostThreadPoolTask(pTask);
+	}
+}
+
+void CHealthManagerFSM::WKUpdatePeriod()
+{
+	auto pEntity = ((CHealthManagerEntity*)m_pEntity);
+	//oilyang@20220421 if have init fwb from HealthManager start,no need to update working key
+	//oilyang@20220413 control update working key by CenterSetting
+	CSimpleStringA xInitFWBFlag("N");
+	GetEntityBase()->GetFunction()->GetSysVar("InitFWBFromStart", xInitFWBFlag);
+	if (m_iDoNotUpdateWKDaily == 1 || xInitFWBFlag.Compare("Y") == 0)
+	{
+		// 没有密码键盘或集中配置告知无需更新或蓝牙多合一正在更新，无需更新
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("WKUpdatePeriod")
+			(CSimpleStringA::Format("DoNotUpdateWKDaily:%d or InitFWB:%s, ignore update wk"
+				, m_iDoNotUpdateWKDaily, xInitFWBFlag.GetData()));
+		return;
+	}
+
+	// 检查上次密钥同步时间（一天只同步一次）
+	CSmartPointer<IConfigInfo> pConfigRun;
+	m_pEntity->GetFunction()->OpenConfig(Config_Run, pConfigRun);
+
+	int nWKLastSyncTime(0);
+	pConfigRun->ReadConfigValueInt("Main", "WKSyncSuccTime", nWKLastSyncTime);
+	int nWKSyncFailCount(0);
+	pConfigRun->ReadConfigValueInt("Main", "WKSyncFailCount", nWKSyncFailCount);
+
+	SYSTEMTIME stSyncTime = CSmallDateTime(nWKLastSyncTime).ToSystemTime();
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("WKUpdatePeriod")
+		("last WK sync time: %04d-%02d-%02d %02d:%02d:%02d",
+			stSyncTime.wYear, stSyncTime.wMonth, stSyncTime.wDay,
+			stSyncTime.wHour, stSyncTime.wMinute, stSyncTime.wSecond);
+
+	SYSTEMTIME stNow = {};
+	GetLocalTime(&stNow);
+	int lastUpdateDays = sumday(stSyncTime.wYear, stSyncTime.wMonth, stSyncTime.wDay);
+	int todayDays = sumday(stNow.wYear, stNow.wMonth, stNow.wDay);
+	DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM)("lastUpdateDays:%d,todayDays:%d,x:%d", lastUpdateDays, todayDays, todayDays - lastUpdateDays);
+	//if ((nWKLastSyncTime > 0 && stSyncTime.wYear == stNow.wYear
+	//	&& stSyncTime.wMonth == stNow.wMonth && stSyncTime.wDay == stNow.wDay
+	//	&& nWKSyncFailCount == 0))	// 最近一次同步成功，才能跳过
+	if (todayDays - lastUpdateDays < m_wkUpdatePeriod)
+	{
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("WKUpdatePeriod")
+			("WK has been updated, last sync time: %s", (const char*)CSmallDateTime(nWKLastSyncTime).ToTimeString());
+	}
+	else
+	{
+		DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("WKUpdatePeriod")("begin update WK now");
+		ErrorCodeEnum eErrCode = Error_Succeed;
+		if (m_pACClient == NULL)
+		{
+			m_pACClient = new AccessAuthService_ClientBase(this->GetEntityBase());
+			eErrCode = m_pACClient->Connect();
+			if (eErrCode != Error_Succeed) {
+				DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("WKUpdatePeriod")("accessauth connected failed.");
+				m_pACClient->SafeDelete();
+				m_pACClient = NULL;
+				m_bInAccessAuthDoWork = false;
+				return;
+			}
+			else {
+				DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("WKUpdatePeriod")("accessauth connected.");
+			}
+		}
+
+		eErrCode = m_pACClient->UpdateWK();
+		if (Error_Succeed == eErrCode)
+		{
+			DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("WKUpdatePeriod")("accessauth updatewk succ.");
+			pConfigRun->WriteConfigValue("Main", "WKSyncSuccTime",
+				(const char*)CSimpleStringA::Format("0x%08X", (DWORD)CSmallDateTime::GetNow()));
+			pConfigRun->WriteConfigValueInt("Main", "WKSyncFailCount", 0);
+
+		}
+		else
+		{
+			DbgWithLink(LOG_LEVEL_INFO, LOG_TYPE_SYSTEM).setAPI("WKUpdatePeriod")("accessauth updatewk failed.");
+			nWKSyncFailCount++;
+			pConfigRun->WriteConfigValueInt("Main", "WKSyncFailCount", nWKSyncFailCount);
+		}
+	}
+}
+
+int CHealthManagerFSM::sumday(int year, int month, int day)
+{
+	int days[2][13] = { {0,31,59,90,120,151,181,212,243,273,304,334,365},{0,31,60,91,121,152,182,213,244,274,305,335,366} };
+	int iLeapYear = 0;
+	if ((year % 4 == 0 && year % 100 != 0) || year % 400 == 0)
+		iLeapYear = 1;
+	int yearday = year * 365 + year / 4 - year / 100 + year / 400;
+	int monthday = days[iLeapYear][month - 1];
+	return yearday + monthday + day;
+}

Module/mod_healthmanager/HealthManagerFSM.h

@@ -212,7 +212,8 @@ public:
 	, m_bIdleToMaintain(false), m_custMngerState(0), m_pDevCtrlClient(NULL), m_bHasAuthEver(false)
 	, m_checkCode(""), m_accessAuthCheckMD5(0), m_havReceiveMD5OK(0), m_bFirstAccessAuth(true), m_bEverAuthSucWithDevice(false)
 	, m_bIEBeforeHealth(false), m_hasCfgGpioInRootIni(false), m_csErrEntity(""), m_bInAccessAuthDoWork(false)
-	, m_bEntityNewStart(true), mCofigMode(false){}
+	, m_bEntityNewStart(true), m_autoDoInitCount(0), m_bDoingAutoInit(false), m_iDoNotUpdateWKDaily(0)
+	, mCofigMode(false){}
 	~CHealthManagerFSM(){}
 	virtual ErrorCodeEnum OnInit();
 	virtual ErrorCodeEnum OnExit();
@@ -310,6 +311,11 @@ public:
 	void JudgeIfNeedInitFWB();
 	void FWBDoInit();
 	bool IsCutIEBrowser();
+	void AutoDoInitForAll();
+	void CheckIfNeedAutoInit();
+
+	void WKUpdatePeriod();
+
 private:
 	
 	virtual ErrorCodeEnum AsyncStartEntity(const char *entity_name, const char *cmdline, void *pData);
@@ -324,6 +330,8 @@ private:
 	void SaveOsVersion();
 	CSimpleStringA GetOsVersion();
 	
+	int sumday(int year, int month, int day);//计算天数
+
 	void UploadEntityStartComsumeTime();
 
 	/*获取启动失败实体的最后的错误信息并抛送到错误页，注意仅核心实体启动失败才需要执行此函数*/
@@ -342,11 +350,12 @@ private:
 	map<CSimpleStringA,EntityLoadFault> m_safeLoadFault;
 	map<CSimpleStringA,EntityLoadFault> m_operatingFault;
 	int m_devCfgNum, m_AccessAuthTries, m_InitTries, m_fsmState, m_stateBeforeMaintain, m_custMngerState, m_preFsmState, m_accessAuthCheckMD5
-		,m_havReceiveMD5OK;
+		, m_havReceiveMD5OK, m_autoDoInitCount, m_sleepEnterOpMS/*启动第三阶段等待时间，单位毫秒*/, m_sleepColdBootMS/*冷启动等待时间，单位毫秒*/
+		, m_iAccessAuth/*-1 未准入; 0 准入失败；1 准入成功*/, m_iDoNotUpdateWKDaily, m_wkUpdatePeriod;
 	AccessAuthService_ClientBase *m_pACClient;
 	InitializerService_ClientBase *m_pInitClient;
 	bool m_bAccessAuth,m_bACFailed,m_bInitSuc,m_bInitFail,m_bIdleToMaintain,m_bHasAuthEver,m_bFirstAccessAuth,m_bEverAuthSucWithDevice
-		,m_bIEBeforeHealth, m_hasCfgGpioInRootIni,m_bInAccessAuthDoWork,m_bEntityNewStart;
+		,m_bIEBeforeHealth, m_hasCfgGpioInRootIni,m_bInAccessAuthDoWork,m_bEntityNewStart, m_bDoingAutoInit;
 	DWORD m_AccessAuthTimeout,m_InitializationTimeout;
 	DeviceControlService_ClientBase *m_pDevCtrlClient;
 	HANDLE m_hMD5OKEvt;
@@ -433,4 +442,14 @@ struct FWBDoInitTask : public ITaskSp
 		fsm->FWBDoInit();
 	}
 };
+
+struct AutoDoInitForAllTask : public ITaskSp
+{
+	CHealthManagerFSM* fsm;
+	AutoDoInitForAllTask(CHealthManagerFSM* f) : fsm(f) {}
+	void Process()
+	{
+		fsm->AutoDoInitForAll();
+	}
+};
 #endif // __HEALTHMANAGER_FSM_H

Module/mod_healthmanager/mod_healthmanager.cpp

@@ -829,12 +829,31 @@ void CHealthManagerEntity::OnCheckTimeTimeout()
 	}
 	SYSTEMTIME localTime;
 	GetLocalTimeRVC(localTime);
+	ErrorCodeEnum eErr = Error_Unexpect;
+	//oilyang@20211229 add for Initializer automaticly
+	if (m_bInMainPage)
+	{
+		//not work time
+		CSmartPointer<IConfigInfo> spCerConfig;
+		eErr = GetFunction()->OpenConfig(Config_CenterSetting, spCerConfig);
+		int xTmpWorktime = 0;
+		spCerConfig->ReadConfigValueInt(GetEntityName(), "WorkTimeStart", xTmpWorktime);
+		if (xTmpWorktime >= 0 && xTmpWorktime <= 24)
+			m_worktimeStart = xTmpWorktime;
+		spCerConfig->ReadConfigValueInt(GetEntityName(), "WorkTimeEnd", xTmpWorktime);
+		if (xTmpWorktime >= 0 && xTmpWorktime <= 24)
+			m_worktimeEnd = xTmpWorktime;
+		if (!(m_worktimeStart <= localTime.wHour && localTime.wHour < m_worktimeEnd))
+			m_fsm.CheckIfNeedAutoInit();
+	}
+
+
 	//99 is initial value of m_preDay
 	if (m_preDay != 99 && m_preDay != localTime.wDayOfWeek && m_bNeedToRestartPAD == false)
 		m_bNeedToRestartPAD = true;
 	m_preDay = localTime.wDayOfWeek;
 	CSmartPointer<IConfigInfo> spConfigRun;
-	ErrorCodeEnum eErr = GetFunction()->OpenConfig(Config_Run, spConfigRun);
+	eErr = GetFunction()->OpenConfig(Config_Run, spConfigRun);
 	if (eErr != Error_Succeed)
 		Dbg("timer open cfg file failed!");
 	else
@@ -3220,7 +3239,7 @@ void CHealthManagerEntity::DeployTerminal(SpReqAnsContext<HealthManagerService_D
 		GetFunction()->OpenConfig(Config_Cache, pConfig);
 
         Dbg("to connect initializer...%s::%d", serverIP.GetData(), nPort);
-        auto pClient = new InitializerService_ClientBase(this);
+        auto pClient = new AccessAuthService_ClientBase(this);
         ec = pClient->Connect();
         if (ec != Error_Succeed) {
             tmpMsg = CSimpleStringA::Format("连接初始化模块失败: %s", SpStrError(ec));
@@ -3228,13 +3247,13 @@ void CHealthManagerEntity::DeployTerminal(SpReqAnsContext<HealthManagerService_D
             Dbg("connect to initializer module failed: %s", SpStrError(ec));
             tmpResult = ec;
         } else {
-            InitializerService_InitializeNew_Req req = {};
+			AccessAuthService_InitializeNew_Req req = {};
             req.strAuthServer = serverIP;
-            req.nAuthPort = nPort;
+            //req.nAuthPort = nPort;
             req.strUserID = strUsername;
             req.strPassword = strPassword;
 
-            InitializerService_InitializeNew_Ans ans = {};
+			AccessAuthService_InitializeNew_Ans ans = {};
             Dbg("to initializer...");
             ec = pClient->InitializeNew(req, ans, 60000);
             if (ec != Error_Succeed) {

Module/mod_healthmanager/mod_healthmanager.h

@@ -113,6 +113,7 @@ public:
 		, m_bEnterMainPageEver(false), m_connectStatus(0), m_bAccessSuc(false),m_bHaveThrowMainPage(false)
 		,m_bNeedAuthRetry(false), m_bNeedGuardianRestart(true), m_bNeedGuardian(true)
 		,m_pfShake(NULL),m_pfUpgradeRestart(NULL), m_fConfigMode(false)
+		, m_worktimeStart(9), m_worktimeEnd(17)
 	{}
 	virtual ~CHealthManagerEntity() {}
 	
@@ -278,7 +279,7 @@ private:
 		, m_bInMainPage, m_bEnterMainPageEver,m_bAccessSuc,m_bHaveThrowMainPage;
 	bool m_bNeedAuthRetry/*需要重试准入*/, m_bNeedGuardianRestart/*需要重启*/, m_bNeedGuardian;
 	DWORD m_wDayOfWeek,m_MCStart,m_MCEnd;
-	int xxx,m_upsStateCount,m_upsNoElectorCount;
+	int xxx, m_upsStateCount, m_upsNoElectorCount, m_worktimeStart, m_worktimeEnd, m_maxWaitMainpageTime;
 	RebootTriggerEnum m_eRebootTrigger;
 	RebootWayEnum m_eRebootWay;
 	CSimpleStringA m_menuChoice,m_currentVer,m_menuPre,m_netState;

addin/cfg/HealthManager.ini

@@ -10,7 +10,7 @@ CustMngrAuth=0
 ;TestDeamon=0
 Chromium=0
 [SafeLoad.RVC.Stand2S]
-Initializer=2
+;Initializer=2
 CenterSetting=2
 AccessAuthorization=2
 SelfChecker=2

addin/res/ManagerDesktop/js/entityService.js

@@ -298,6 +298,43 @@ var InitializerService = {
     },
 };
 
+//注册AccessAuthService
+var AccessAuthService = {
+    _serviceBase: {
+        entityName: 'AccessAuthorization',
+        className: 'AccessAuthService'
+    },
+    _methodID: {
+        InitializeNew: 4
+    },
+
+    _methodSignature: {
+        InitializeNew: 1851143282
+    },
+    init: function () {
+        //start session
+        var sessionMsg = new Session();
+        sessionMsg.entity = this._serviceBase.entityName;
+        sessionMsg.class = this._serviceBase.className;
+        WebSocketBase.startSession(sessionMsg, function () {
+            console.log('AccessAuthService startSession callback')
+            logEvent("AccessAuthService startSession callback");
+        });
+    },
+    InitializeNew: function (req, callback) {
+        req.entity = this._serviceBase.entityName;
+        req.class = this._serviceBase.className;
+        req.methodID = this._methodID.InitializeNew;
+        req.signature = this._methodSignature.InitializeNew;
+        console.log('AccessAuthService startSession callback', req)
+
+        WebSocketBase.sendMsg(req, function (data) {
+            var jsondata = JSON.parse(data);
+            callback(jsondata);
+        });
+    }
+};
+
 //注册CenterSettingService
 var CenterSettingService = {
     _serviceBase:{

addin/res/ManagerDesktop/js/initPsd.js

@@ -10,7 +10,8 @@ window.onload=function(){
 	}
 	DeviceControlService.init();
 	CenterSettingService.init();
-	InitializerService.init();
+	//InitializerService.init();
+	AccessAuthService.init();
 
 	WebSocketBase.socket.onerror = function () {
 		logEvent("DeviceControlService startSession callback");
@@ -218,7 +219,7 @@ function ResetRSA(){
 
     let req = new Request(),reqIn={};
     reqIn.strAuthServer = data['accessAddr'].value
-    reqIn.nAuthPort = Number( data['accessPort'].value)  
+    //reqIn.nAuthPort = Number( data['accessPort'].value)  
     reqIn.strUserID =  data['account'].value 
 		let agentId = data['account'].value;
 		if(Number(reqIn.strUserID) ){
@@ -253,10 +254,10 @@ function ResetRSA(){
 			ModalStyle(tips,'pathN')
 			console.log('timeoutFn--ReadCenterConfig-setTimeout222->')
 		},timeout)
-		logEvent("InitializerService->InitializeNew");
+		logEvent("AccessAuthService->InitializeNew");
 
     //重置密钥
-		InitializerService.InitializeNew(req,  function(ret) {
+		AccessAuthService.InitializeNew(req,  function(ret) {
 			logEvent("InitializeNew ret: "+JSON.stringify(ret));
 			console.log("InitializeNew ret: "+JSON.stringify(ret));