myvtm/Module/mod_Initializer/InitializerConn.cpp

#include "stdafx2.h"
#include "InitializerConn.h"
#include "mod_Initializer.h"
#include "GetDevInfoHelper.h"
#include "fileutil.h"
#include "array.h"
#include "strutil.h"
#include "..\EventCode.h"
#pragma comment(lib, "crypt32.lib")

#define PUKFILENAME_RSA "RVCPubKey.ini"
#define PUKFILENAME_SM2 "RVCSM2PubKey.ini"
#include "MyBase64.h"
CInitializerConn::CInitializerConn(CEntityBase *pEntity)
:SpSecureClient(pEntity)
{
}

CInitializerConn::~CInitializerConn()
{
}

DWORD CInitializerConn::SendLoginPackage(const char *pUserID, const char *pPwd)
{
	LOG_FUNCTION();
	assert(IsConnectionOK());

	UserLoginReq req;
	memset(&req, 0, sizeof(req));

	CSystemStaticInfo si;
	m_pEntity->GetFunction()->GetSystemStaticInfo(si);
	Dbg("UserID[%s],PWD[%s], TerminalID[%s]",pUserID, pPwd, si.strTerminalID);

	// 设备号
	strncpy(&req.szTerminalNo[0], (const char*)si.strTerminalID, sizeof(req.szTerminalNo)-1);

	int nLen = strlen(pUserID);
	strncpy(req.szUser, pUserID, nLen > 16 ? 16 : nLen);

	nLen = strlen(pPwd);
	strncpy(req.szPassword, pPwd, nLen > 16 ? 16 : nLen);

	CSmartPointer<IPackage> package = CreateNewPackage("Login");
	package->AddStruct("LOGINREQ", false, false, (BYTE*)&req, sizeof(req));

	return SendPackage(package) != "" ? Error_Succeed : Error_Unexpect;
}

DWORD CInitializerConn::SendInitMKPackage()
{
	assert(IsConnectionOK());

	CSmartPointer<IEntityFunction> pFunc = m_pEntity->GetFunction();
	CSmartPointer<IPackage> package = CreateNewPackage("InitMK");

	auto pEntity = ((CInitializerEntity*)m_pEntity);
	
	// 如果有外置PinPad，则需要初始化主密钥
	if (pEntity->HasPinPad())
	{
		CSmartPointer<IConfigInfo> pConfig;
		DWORD rc = pFunc->OpenConfig(Config_CenterSetting, pConfig);
		if (rc != Error_Succeed)
		{
			LogWarn(Severity_Middle,(ErrorCodeEnum) rc, ERR_INITIALIZER_READ_WRITE_FILE,
				GetOutPutStr("%s%08X%s%s", "OpenConfig", rc,"File","Config_CenterSetting").c_str());
			rc = ERR_INITIALIZER_READ_WRITE_FILE;
			pEntity->m_strLastErrMsg = CSimpleStringA::Format("打开集中配置失败,请先下载集中配置!");
			return rc;
		}

		CSimpleStringA strSubBankNo, strBranchNo;
		rc = pConfig->ReadConfigValue("Initializer", "SubBankNo", strSubBankNo);	
		if (rc == Error_Succeed)
			rc = pConfig->ReadConfigValue("Initializer", "BranchNo", strBranchNo);

		if (rc != Error_Succeed)
		{
			LogWarn(Severity_Low,(ErrorCodeEnum) rc, ERR_INITIALIZER_READ_WRITE_FILE,
				GetOutPutStr("%s%08X%s%s", "ReadConfigValue", rc, "File", "SubBankNo & BranchNo").c_str());

			pEntity->m_strLastErrMsg = CSimpleStringA::Format("集中配置Initializer节点下没有找到SubBankNo和BranchNo配置项,请联系分行技术部!");
			rc = ERR_INITIALIZER_READ_WRITE_FILE;
			return rc;
		}
		//国产化之后不再使用原方法获取KMC密钥
		/*
		{
			// 1:3des only; 2: sm4 only; 3: both 3des and sm4
			int nCapability = pEntity->GetPinPadCapability();
			Dbg("pinpad capability: %d", nCapability);
			if (nCapability == 1 || nCapability == 3)
			{
				// support des key
				char buf[632];
				memset(buf, 0, 632);
				MKDownloadReq2* pReq2 = (MKDownloadReq2*)buf;
				strncpy(pReq2->szSubBankNo, (const char*)strSubBankNo, sizeof(pReq2->szSubBankNo) - 1);
				strncpy(pReq2->szBranchNo, (const char*)strBranchNo, sizeof(pReq2->szBranchNo) - 1);

				CBlob blob;
				blob.Refer(pReq2->kmcData, 600);

				rc = pEntity->CreateInitMKData(blob, false);
				if (rc != Error_Succeed)
				{
					LogWarn(Severity_Middle, (ErrorCodeEnum)rc, ERR_INITIALIZER_CREATE_INIT_MK,
						GetOutPutStr("%s%d", "CreateInitTMK", rc).c_str());
					rc = ERR_INITIALIZER_CREATE_INIT_MK;
					pEntity->m_strLastErrMsg = CSimpleStringA::Format("调用KMC接口CreateInitTMKReq(0)失败,错误信息[%s],返回值[%d],请联系维护人员!",
						(const char*)pEntity->GetKMCLastErrMsg(), rc);
					return rc;
				}

				// 添加KMC信息
				package->AddStruct("MKD_REQ2", false, false, (BYTE*)buf, sizeof(MKDownloadReq2) + blob.m_iLength);
			}

			if (nCapability == 2 || nCapability == 3)
			{
				// support sm key
				char buf[632];
				memset(buf, 0, 632);
				SMMKDownloadReq2* pReq2 = (SMMKDownloadReq2*)buf;
				strncpy(pReq2->szSubBankNo, (const char*)strSubBankNo, sizeof(pReq2->szSubBankNo) - 1);
				strncpy(pReq2->szBranchNo, (const char*)strBranchNo, sizeof(pReq2->szBranchNo) - 1);

				CBlob blob;
				blob.Refer(pReq2->kmcData, 600);

				rc = pEntity->CreateInitMKData(blob, true);
				if (rc != Error_Succeed)
				{
					LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_CREATE_INIT_MK,
						GetOutPutStr("%s%d", "CreateInitTMK", rc).c_str());
					rc = ERR_INITIALIZER_CREATE_INIT_MK;
					pEntity->m_strLastErrMsg = CSimpleStringA::Format("调用KMC接口CreateInitTMKReq(0)失败,错误信息[%s],返回值[%d],请联系维护人员",
						(const char*)pEntity->GetKMCLastErrMsg(), rc);
					return rc;
				}

				// 添加KMC信息
				package->AddStruct("MKD_SMR2", false, false, (BYTE*)buf, sizeof(SMMKDownloadReq2) + blob.m_iLength);
			}
		}
		*/
	}
	else
	{
		Dbg("has no pinpad, not need init MK");
	}
	
	CSimpleStringA strPinPadID = "", strDeviceID = "";
	int nRet = pEntity->GetPinPadIDAndDeviceID(strPinPadID, strDeviceID);
	Dbg("GetPinPadIDAndDeviceID ret: %d, PinPadID: %s, DeviceID: %s", nRet, (const char*)strPinPadID, (const char*)strDeviceID);
	std::regex pattern(".+-[Ff][Ww][Bb]-.+");
	if (std::regex_match(strDeviceID.GetData(), pattern))
	{
		strDeviceID = "";
		strPinPadID = "";
	}
	Dbg("GetPinPadIDAndDeviceID ret: %d, PinPadID: %s, DeviceID: %s", nRet, (const char*)strPinPadID, (const char*)strDeviceID);
	// 从系统获取设备信息和硬件信息	
	// 变长结构初始化
	char buf2[512];
	memset(buf2, 0, 512);

	MKDownloadNew1 *pReq1 = (MKDownloadNew1 *)buf2;
	CSystemStaticInfo si;
	pFunc->GetSystemStaticInfo(si);
	strncpy(pReq1->szTerminalNo, (const char*)si.strTerminalID, sizeof(pReq1->szTerminalNo)-1);
	
	if (nRet ==2 || nRet ==3)
		strncpy(pReq1->szPadDeviceID, (const char*)strDeviceID, sizeof(pReq1->szPadDeviceID) - 1);

	strncpy(pReq1->szMachineType, (const char*)si.strMachineType, sizeof(pReq1->szMachineType)-1);
	strncpy(pReq1->szSite, (const char*)si.strSite, sizeof(pReq1->szSite) - 1);

	hostent *ent = gethostbyname(NULL);
	if (ent && ent->h_addr_list[0] != NULL)
	{
		int i = 0;
		for (; ent->h_addr_list[i] != NULL; ++i)
		{
			struct in_addr *in = (struct in_addr*)ent->h_addr_list[i];
			if (in->S_un.S_un_b.s_b1 == 99 || in->S_un.S_un_b.s_b1 == 10)
				break;
		}

		if (ent->h_addr_list[i] == NULL)
			i = 0;

		auto in = (struct in_addr*)ent->h_addr_list[i];
		pReq1->ip[0] = in->S_un.S_un_b.s_b1;
		pReq1->ip[1] = in->S_un.S_un_b.s_b2;
		pReq1->ip[2] = in->S_un.S_un_b.s_b3;
		pReq1->ip[3] = in->S_un.S_un_b.s_b4;
	}
	
	si.EnrolGPS.GetBinaryLongitude(&pReq1->enrolGPS[0]);
	si.EnrolGPS.GetBinaryLatitude(&pReq1->enrolGPS[4]);
	Dbg("GPS=%s",(char*)&pReq1->enrolGPS);
	strcpy(pReq1->szEnrolAddr, (const char*)si.strEnrolAddr);

	int nStructLen = sizeof(MKDownloadNew1)+strlen(pReq1->szEnrolAddr);		// 变长结构长度计算
	package->AddStruct("MKD_NEW1", false, false, (BYTE*)buf2, nStructLen);

	// 获取硬件信息
	CAutoArray<CSimpleStringA> devNames;
	DWORD rc = SpGetAllDevices(m_pEntity, devNames);
	if (rc != Error_Succeed)
	{
		LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_READ_WRITE_FILE,
				GetOutPutStr("%s%08X", "SpGetAllDevices", rc).c_str());
		rc = ERR_INITIALIZER_READ_WRITE_FILE;
		pEntity->m_strLastErrMsg = CSimpleStringA::Format("从root.ini读取硬件信息失败,错误码[0x%08X],请联系分行技术部", rc);
		return rc;
	}

	int nDevEntityCount = devNames.GetCount();
	if (nDevEntityCount >0)
	{
		int nBufLen = nDevEntityCount * sizeof(MKDownloadReq3);
		char *pBuf = new char[nBufLen];
		memset(pBuf, 0, nBufLen);

		MKDownloadReq3 *pDevInfo = (MKDownloadReq3*)pBuf;

		for(int i=0; i<nDevEntityCount; i++)
		{
			CSimpleStringA strVersion, strModel, strVendor;
			rc = SpGetDeviceInfo(m_pEntity, devNames[i], strModel, strVendor, strVersion);
			if (rc == Error_Succeed)
			{

				strncpy(pDevInfo->szType, (const char*)devNames[i], sizeof(pDevInfo->szType)-1);
				strncpy(pDevInfo->szModal, (const char*)strModel, sizeof(pDevInfo->szModal)-1);
				strncpy(pDevInfo->szFactory,(const char*)strVendor, sizeof(pDevInfo->szFactory)-1);

				if (strVersion.GetLength() >0)
				{
					CAutoArray<CSimpleStringA> arr = strVersion.Split('.');
					for(int i=0; i<4 && i<arr.GetCount(); i++)
					{
						WORD w = (WORD) atoi(arr[i]);
						((BYTE*)pDevInfo->version)[i*2] = (w >> 8) & 0xFF;
						((BYTE*)pDevInfo->version)[i*2+1] = w & 0xFF;
					}
				}
			}

			pDevInfo++;
		}
		
		package->AddStruct("MKD_REQ3", false, false, (BYTE*)pBuf, nBufLen, nDevEntityCount);
		delete[] pBuf;		
	}		

	// 获取硬件指纹和公钥信息
	MKDownloadReq4  req4 = {};
	BYTE fingerPrint[32] = { 0 };
	int nBufLen = sizeof(fingerPrint);
	if (!pEntity->GetTerminalFingerPrint(fingerPrint, nBufLen))
	{
		LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_GET_TERMINAL_FINGERPRINT,
			GetOutPutStr("%s%s", "GetTerminalFingerPrint", "False").c_str());
		return ERR_INITIALIZER_GET_TERMINAL_FINGERPRINT;
	}
	memcpy(req4.FingerPrint,fingerPrint,16);
	memcpy(req4.FingerPrintSM, fingerPrint + 16, 16);

	nBufLen = sizeof(req4.PublicKey);
	Dbg("开始获取公钥。。。");
	memset(req4.PublicKey,0, nBufLen);
	Dbg("nBufLen=%d",nBufLen);
	if (!pEntity->GetTerminalPublicKey(req4.PublicKey, nBufLen))
	{
		LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_GET_TERMINAL_PUBKEY,
			GetOutPutStr("%s%s", "GetTerminalPublicKey", "False").c_str());
		return ERR_INITIALIZER_GET_TERMINAL_PUBKEY;
	}

	if (nRet == 1 || nRet == 3)
		strncpy(req4.PinPadID, (const char*)strPinPadID, sizeof(req4.PinPadID) - 1);

	package->AddStruct("MKD_REQ4", false, false, (BYTE*)&req4, sizeof(req4));

	//国密改造
	MKDownloadReq5 req5 = {};
	req5.isFirst = pEntity->GetOrSetIsFirstSM(0);
	req5.isSM = 1;
	package->AddStruct("MKD_REQ5", false, false, (BYTE*)& req5, sizeof(req5));
	Dbg("req5.isFirst=%d,req5.isSM=%d",req5.isFirst,req5.isSM);
	Dbg("send MK init request now");
	return SendPackage(package) != "" ? Error_Succeed : ERR_INITIALIZER_INIT_MK_SEND_PKG;
}

DWORD CInitializerConn::SendSyncPubKeyPackage()
{
	assert(IsConnectionOK());
	PubKeySyncReq0 req;
	req.isSM = 1;
	CSmartPointer<IEntityFunction> pFunc = m_pEntity->GetFunction();
	CSmartPointer<IPackage> package = CreateNewPackage("SyncPK");
	package->AddStruct("PKSY_R0", false, false, (BYTE*)& req, sizeof(req));
	return SendPackage(package) != "" ? Error_Succeed : Error_Unexpect;
}

DWORD CInitializerConn::SendGetKMCKey(string TerminalNo)
{
	LOG_FUNCTION();
	assert(IsConnectionOK());
	KMCKeyReq req;
	memset(req.TerminalNo,0,sizeof(req.TerminalNo));
	strcpy(req.TerminalNo,TerminalNo.c_str());
	//req.TerminalNo = TerminalNo;
	CSmartPointer<IEntityFunction> pFunc = m_pEntity->GetFunction();
	CSmartPointer<IPackage> package = CreateNewPackage("KMCKey");
	package->AddStruct("KMCKeyReq", false, false, (BYTE*)& req, sizeof(req));
	return SendPackage(package) != "" ? Error_Succeed : Error_Unexpect;
}

DWORD CInitializerConn::SendCloseTaskPackage(const char *pUserID)
{
	LOG_FUNCTION();
	assert(IsConnectionOK());
	CloseTaskReq req;
	memset(&req, 0, sizeof(req));

	CSystemStaticInfo si;
	m_pEntity->GetFunction()->GetSystemStaticInfo(si);

	CSimpleStringA strUserID = pUserID;
	Dbg("TerminalNo[%s],UserID[%s]",si.strTerminalID.GetData(), strUserID.GetData());

	// 设备号
	strncpy(&req.szTerminalNo[0], (const char*)si.strTerminalID, sizeof(req.szTerminalNo)-1);

	int nLen = strlen(pUserID);
	strncpy(req.szUser, pUserID, nLen > 16 ? 16 : nLen);

	CSmartPointer<IPackage> package = CreateNewPackage("ClsTask");
	package->AddStruct("CLOSETASKREQ", false, false, (BYTE*)&req, sizeof(req));

	Dbg("send close task request now");
	return SendPackage(package) != "" ? Error_Succeed : Error_Unexpect;
}

ErrorCodeEnum CInitializerConn::GetFileHash(const BYTE *pFileContent, int iFileLen, BYTE hash[16])
{
	if ((NULL == pFileContent) || (0 == iFileLen))
	{
		return Error_Param;
	}

	HCRYPTPROV hCryptProv;
	int nReadLen = 0;
	ErrorCodeEnum rc = Error_Succeed;

	if (CryptAcquireContextA(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_MACHINE_KEYSET))
	{
		HCRYPTHASH hHash;
		if (CryptCreateHash(hCryptProv, CALG_MD5, 0, 0, &hHash))
		{
			if (!CryptHashData(hHash, pFileContent, iFileLen, 0))
			{
				rc = Error_Unexpect;
				//LogError(Severity_Low, rc, ERROR_ACCESSAUTH_GETFILEHASH, CSimpleStringA::Format("CryptHashData fail: %d", GetLastError()));
				LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_MD5_HASH,
					GetOutPutStr("%s%s%s%d", "CryptHashData", "False", "GetLastError", GetLastError()).c_str());
			}

			if (rc == Error_Succeed)
			{
				DWORD dwLen = 16;
				if (!CryptGetHashParam(hHash, HP_HASHVAL, (LPBYTE)&hash[0], &dwLen, 0))
				{
					rc = Error_Unexpect;
					//LogError(Severity_Low, rc, ERROR_ACCESSAUTH_GETFILEHASH, CSimpleStringA::Format("CryptGetHashParam fail: %d", GetLastError()));
					LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_MD5_HASH,
						GetOutPutStr("%s%s%s%d", "CryptGetHashParam", "False", "GetLastError", GetLastError()).c_str());
				}
			}

			CryptDestroyHash(hHash);
		}
		else
		{
			rc = Error_Unexpect;
			//LogError(Severity_Low, rc, ERROR_ACCESSAUTH_GETFILEHASH, CSimpleStringA::Format("CryptCreateHash fail: %d", GetLastError()));
			LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_MD5_HASH,
				GetOutPutStr("%s%s%s%d", "CryptCreateHash", "False", "GetLastError", GetLastError()).c_str());
		}
		CryptReleaseContext(hCryptProv, 0);
	}
	else
	{
		rc = Error_Unexpect;
		//LogError(Severity_Low, rc, ERROR_ACCESSAUTH_GETFILEHASH, CSimpleStringA::Format("CryptAcquireContextA fail: %d", GetLastError()));
		LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_MD5_HASH,
			GetOutPutStr("%s%s%s%d", "CryptAcquireContextA", "False", "GetLastError", GetLastError()).c_str());
	}

	return rc;
}

ErrorCodeEnum CInitializerConn::GetFileHashOld(const char *pFilePath, BYTE hash[16])
{
	if (!ExistsFileA(pFilePath))
		return Error_NotExist;

	FILE *pFile = fopen(pFilePath, "r");
	if (pFile == NULL)
		return Error_Unexpect;

	BYTE tmp[4096];
	HCRYPTPROV hCryptProv;
	int nReadLen = 0;
	ErrorCodeEnum rc = Error_Succeed;

	if (CryptAcquireContextA(&hCryptProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_MACHINE_KEYSET))
	{
		HCRYPTHASH hHash;
		if (CryptCreateHash(hCryptProv, CALG_MD5, 0, 0, &hHash))
		{
			while ((nReadLen = fread(tmp, 1, sizeof(tmp), pFile)) > 0)
			{
				if (!CryptHashData(hHash, tmp, nReadLen, 0))
				{
					rc = Error_Unexpect;
					//LogError(Severity_Low, rc, ERROR_ACCESSAUTH_GETFILEHASH, CSimpleStringA::Format("CryptHashData fail: %d", GetLastError()));
					LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_MD5_HASH,
						GetOutPutStr("%s%s%s%d", "CryptHashData", "False", "GetLastError", GetLastError()).c_str());
					break;
				}
			}

			if (rc == Error_Succeed)
			{
				DWORD dwLen = 16;
				if (!CryptGetHashParam(hHash, HP_HASHVAL, (LPBYTE)&hash[0], &dwLen, 0))
				{					
					rc = Error_Unexpect;
					//LogError(Severity_Low, rc, ERROR_ACCESSAUTH_GETFILEHASH, CSimpleStringA::Format("CryptGetHashParam fail: %d", GetLastError()));
					LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_MD5_HASH,
						GetOutPutStr("%s%s%s%d", "CryptGetHashParam", "False", "GetLastError", GetLastError()).c_str());
				}
			}

			CryptDestroyHash(hHash);
		}
		else
		{
			rc = Error_Unexpect;
			//LogError(Severity_Low, rc, ERROR_ACCESSAUTH_GETFILEHASH, CSimpleStringA::Format("CryptCreateHash fail: %d", GetLastError()));
			LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_MD5_HASH,
				GetOutPutStr("%s%s%s%d", "CryptCreateHash", "False", "GetLastError", GetLastError()).c_str());
		}
		CryptReleaseContext(hCryptProv, 0);
	}
	else
	{
		rc = Error_Unexpect;
		//LogError(Severity_Low, rc, ERROR_ACCESSAUTH_GETFILEHASH, CSimpleStringA::Format("CryptAcquireContextA fail: %d", GetLastError()));
		LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_MD5_HASH,
			GetOutPutStr("%s%s%s%d", "CryptAcquireContextA", "False", "GetLastError", GetLastError()).c_str());
	}

	fclose(pFile);
	return rc;
}

void CInitializerConn::OnDisconnect()
{
	Dbg("connection disconnected");
	auto pEntity = (CInitializerEntity*)m_pEntity;
	pEntity->OnSecureClientDisconnect();
}

void CInitializerConn::OnPkgAnswer(const CSmartPointer<IPackage> &pRecvPkg)
{
	LOG_FUNCTION();
	string serviceCode = pRecvPkg->GetServiceCode();
	Dbg("serviceCode=%s",serviceCode.c_str());
	if (serviceCode == "Login")
	{
		HandleLoginRet(pRecvPkg);
	}
	else if (serviceCode == "InitMK")
	{
		HandleInitMKRet(pRecvPkg);
	}
	else if (serviceCode == "SyncPK")
	{
		HandleSyncPubKeyRet(pRecvPkg);
	}
	else if (serviceCode == "RepState")
	{
		HandleReportStateRet(pRecvPkg);
	}
	else if (serviceCode == "ClsTask")
	{
		HandleCloseTaskRet(pRecvPkg);
	}
	else if (serviceCode == "KMCKey") {
		HandleGetKMCKey(pRecvPkg);
	}
	else
	{
		LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_UNKOWN,
			    GetOutPutStr("%s%s", "UnKown", serviceCode.c_str()).c_str());
	}
}

DWORD CInitializerConn::HandleLoginRet(const CSmartPointer<IPackage> &pRecvPkg)
{
	LOG_FUNCTION();
	DWORD rc = Error_Succeed;
	DWORD dwSysCode, dwUserCode;
	string strErrMsg;
	
	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
	{
		//在分行服务定义的错误码，值与EventCode.h中的对应
		LogWarn(Severity_Middle,(ErrorCodeEnum) dwSysCode, dwUserCode,
			GetOutPutStr("%s%08X%s%s", "GetErrMsg", dwSysCode,"strErrMsg", strErrMsg.c_str()).c_str());
		rc = dwUserCode;
	}
	
	((CInitializerEntity*)m_pEntity)->EndLogin(rc, strErrMsg.c_str());
	return rc;
}

DWORD CInitializerConn::HandleCloseTaskRet(const CSmartPointer<IPackage> &pRecvPkg)
{
	DWORD rc = Error_Succeed;
	DWORD dwSysCode, dwUserCode;
	string strErrMsg;

	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
	{
		rc = dwUserCode;
		
		LogWarn(Severity_Middle, Error_Unexpect, rc,
			GetOutPutStr("%s%08X%s%s", "GetErrMsg", rc, "strErrMsg", strErrMsg.c_str()).c_str());
	}

	((CInitializerEntity*)m_pEntity)->SecureClientRelease();

	return rc;
}

DWORD CInitializerConn::HandleInitMKRet(const CSmartPointer<IPackage> &pRecvPkg)
{
	DWORD rc = Error_Succeed;
	DWORD dwSysCode, dwUserCode;
	string strErrMsg;
	
	auto pEntity = (CInitializerEntity*)m_pEntity;
	CSimpleStringA strRetErrMsg;

	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
	{
		rc = dwUserCode;
		LogWarn(Severity_Middle, (ErrorCodeEnum) rc, dwUserCode,
			GetOutPutStr("%s%08X%s%s", "dwSysCode", rc, "strErrMsg", strErrMsg).c_str());

		strRetErrMsg = strErrMsg.c_str();
	}
	else if (pEntity->HasPinPad())	// 有PinPad
	{
		//国产化不再使用原方法生成KMC密钥
		/*
		{
			// 主密钥初始返回
			int nRetLen = pRecvPkg->GetStructLen("MKD_RET");
			if (nRetLen > 0)
			{
				// support des key
				BYTE* pBuf = new BYTE[nRetLen];
				memset(pBuf, 0, nRetLen);

				int nArrayNum(0);
				pRecvPkg->GetStructData("MKD_RET", pBuf, &nRetLen, &nArrayNum);

				// 调用KMC解析返回
				CBlob blob;
				blob.Refer(pBuf, nRetLen);
				rc = pEntity->ParseInitMKResult(blob, false);
				delete pBuf;

				if (rc == Error_Succeed)
				{
					Dbg("parse des tmk succ");
					rc = pEntity->LoadKeysToPinPad(false);
					if (rc != Error_Succeed)
					{
						strRetErrMsg = "加载DES主密钥到密码键盘失败";
						LogWarn(Severity_Middle, (ErrorCodeEnum)rc, ERR_INITIALIZER_LOAD_KEYS_TO_PINPAD,
							GetOutPutStr("%s%08X%s%s", "LoadKeysToPinPad", rc, "strRetErrMsg", strRetErrMsg).c_str());
						//rc = ERR_INITIALIZER_LOAD_KEYS_TO_PINPAD;
					}

					else
						strRetErrMsg = "加载DES主密钥成功。";
				}
				else
				{
					strRetErrMsg = "解析DES主密钥返回数据失败";
					LogWarn(Severity_Middle, (ErrorCodeEnum)rc, ERR_INITIALIZER_PARSE_INIT_MK,
						GetOutPutStr("%s%08X%s%s", "ParseInitMKResult", rc, "strRetErrMsg", strRetErrMsg).c_str());
					rc = ERR_INITIALIZER_PARSE_INIT_MK;
				}
			}

			nRetLen = pRecvPkg->GetStructLen("MKD_SMT");
			if (nRetLen > 0)
			{
				Dbg("正在加载国密密钥至pinpad");
				// support sm key
				BYTE* pBuf = new BYTE[nRetLen];
				memset(pBuf, 0, nRetLen);

				int nArrayNum(0);
				pRecvPkg->GetStructData("MKD_SMT", pBuf, &nRetLen, &nArrayNum);

				// 调用KMC解析返回
				CBlob blob;
				blob.Refer(pBuf, nRetLen);
				rc = pEntity->ParseInitMKResult(blob, true);
				delete pBuf;

				if (rc == Error_Succeed)
				{
					Dbg("parse sm4 tmk succ");

					rc = pEntity->LoadKeysToPinPad(true);
					if (rc != Error_Succeed)
					{
						strRetErrMsg = "加载SM主密钥到密码键盘失败";
						LogWarn(Severity_Middle, (ErrorCodeEnum)rc, ERR_INITIALIZER_LOAD_KEYS_TO_PINPAD,
							GetOutPutStr("%s%08X%s%s", "LoadKeysToPinPad", rc, "strRetErrMsg", strRetErrMsg).c_str());
						rc = ERR_INITIALIZER_LOAD_KEYS_TO_PINPAD;
					}
					else
						strRetErrMsg += "加载SM主密钥成功。";
				}
				else
				{
					strRetErrMsg = "解析SM主密钥返回数据失败";
					LogWarn(Severity_Middle, (ErrorCodeEnum)rc, ERR_INITIALIZER_PARSE_INIT_MK,
						GetOutPutStr("%s%08X%s%s", "ParseInitMKResult", rc, "strRetErrMsg", strRetErrMsg).c_str());
					rc = ERR_INITIALIZER_PARSE_INIT_MK;
				}
			}
		}
		*/
		//只支持国密
		rc = pEntity->LoadKeysToPinPad(true);
		if (rc != Error_Succeed)
		{
			strRetErrMsg = "加载SM密钥到密码键盘失败";
			LogWarn(Severity_Middle, (ErrorCodeEnum)rc, ERR_INITIALIZER_LOAD_KEYS_TO_PINPAD,
				GetOutPutStr("%s%08X%s%s", "LoadKeysToPinPad", rc, "strRetErrMsg", strRetErrMsg).c_str());
		}
		if (rc != Error_Succeed) {
			Dbg("%s", strRetErrMsg.GetData());
			//当为国密改造之后的第一次准入，直接认为初始化成功
			//因为自动初始化时，pinpad有可能没有准备好，但是初始化不能中断，只打日志，不上报错误
			if (pEntity->m_afterSMIsFirst) {
				Dbg("国密改造之后的第一次准入");
				rc = Error_Succeed;
			}
		}
	}

	if (!pEntity->GetOrSetIsFirstSM(1)) {
		rc = Error_Unexpect;
		strRetErrMsg = "设置IsFirstSM失败。。。";
	}
	pEntity->EndInitMK(rc, strRetErrMsg);

	return rc;	
}

ErrorCodeEnum GetPukeyValue(BYTE* pPukeyContent, int nPuKeyContentLen, int nKeyType, BYTE* pPukeyValue, int* PukeyValueLen)
{
	if (NULL == pPukeyContent || 0 == nPuKeyContentLen || (DES != nKeyType && SM4 != nKeyType) || NULL == pPukeyValue || NULL == PukeyValueLen)
	{
		return Error_Param;
	}

	ErrorCodeEnum rc = Error_Succeed;

	CSimpleStringA strContent((const char*)pPukeyContent, nPuKeyContentLen);
	Dbg("pukeyVule[%s]", strContent.GetData());
	int nStartPos = strContent.IndexOf("]");
	strContent = strContent.SubString(nStartPos+1, strContent.GetLength()-6);
	Dbg("pukeyVule[%s]", strContent.GetData());

	if (DES == nKeyType)
	{
		nStartPos = strContent.IndexOf("PublicKey=");
		strContent = strContent.SubString(nStartPos+10, strContent.GetLength()-10);
	}
	else if (SM4 == nKeyType)
	{
		nStartPos = strContent.IndexOf("PublicKeySM2=");
		strContent = strContent.SubString(nStartPos+13, strContent.GetLength()-13);
	}
	
	Dbg("pukeyVule[%s]", strContent.GetData());
	
	int nEndPos = strContent.IndexOf("[");
	strContent = strContent.SubString(0, nEndPos-1);
	Dbg("pukeyVule[%s]", strContent.GetData());
	memcpy(pPukeyValue, strContent.GetData(), strContent.GetLength());

	*PukeyValueLen = strContent.GetLength()-1;

	return rc;
}

DWORD CInitializerConn::HandleGetKMCKey(const CSmartPointer<IPackage>& pRecvPkg) {
	LOG_FUNCTION();
	DWORD rc = Error_Succeed;
	DWORD dwSysCode, dwUserCode;
	string strErrMsg;
	auto pEntity = (CInitializerEntity*)m_pEntity;
	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
	{
		rc = dwUserCode;
		rc = dwUserCode;
		LogWarn(Severity_Middle, (ErrorCodeEnum)dwSysCode, dwUserCode,
			GetOutPutStr("%s%08X%s%s", "GetErrMsg", rc, "strErrMsg", strErrMsg).c_str());
		pEntity->m_bGetKMCKey = false;
	}
	else
	{
		int nLen = pRecvPkg->GetStructLen("KMCKeyRet");
		if (nLen <= 0)
		{
			strErrMsg = "KMCKeyRet返回数据为空。";
			Dbg("KMCKeyRet返回数据为空。");
			pEntity->m_bGetKMCKey = false;
			rc = ERR_INITIALIZER_GET_KMC_KEY_NULL;
		}
		else
		{
			pEntity->m_bGetKMCKey = true;
			BYTE* pBuf = new BYTE[nLen];
			memset(pBuf, 0, nLen);
			int nArrayNum = 0;
			bool bSuc = pRecvPkg->GetStructData("KMCKeyRet", (BYTE*)pBuf, &nLen, &nArrayNum);
			assert(bSuc);
			assert(nLen % sizeof(KMCKeyRet) == 0);
			KMCKeyRet* ret = (KMCKeyRet*)pBuf;
			pEntity->m_TMK = ret->TMK;
			pEntity->m_TPK = ret->TPK;
			pEntity->m_EDK = ret->EDK;
			pEntity->m_index = ret->Index;
			Dbg("TMK=%s", pEntity->m_TMK.c_str());
			Dbg("TPK=%s", pEntity->m_TPK.c_str());
			Dbg("EDK=%s", pEntity->m_EDK.c_str());
			Dbg("Index=%s", pEntity->m_index.c_str());
		}
	}
	
	pEntity->EndGetKMCKey(rc, strErrMsg.c_str());
	return rc;
}

DWORD CInitializerConn::HandleSyncPubKeyRet(const CSmartPointer<IPackage> &pRecvPkg)
{
	DWORD rc = Error_Succeed;
	DWORD dwSysCode, dwUserCode;
	string strErrMsg;
	BOOL bSyncPK = FALSE;

	auto pEntity = (CInitializerEntity*)m_pEntity;
	pEntity->m_iTDESPukeyLen = 0;
	pEntity->m_iSM2Pukeylen = 0;

	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
	{
		rc = dwUserCode;
		LogWarn(Severity_Middle,(ErrorCodeEnum) dwSysCode, dwUserCode,
			    GetOutPutStr("%s%08X", "GetErrMsg", rc).c_str());
	}
	else
	{
		int nLen =  pRecvPkg->GetStructLen("KEYSYN_A");
		if (nLen <= 0)
		{
			Dbg("key file all same");			
		}
		else
		{   
			Dbg("写入缓存。。。");
			assert(nLen % sizeof(PubKeySyncRet) == 0);

			BYTE *pBuf = new BYTE[nLen];
			memset(pBuf, 0, nLen);
			int nArrayNum = 0;
			bool bSuc = pRecvPkg->GetStructData("KEYSYN_A", (BYTE*)pBuf, &nLen, &nArrayNum);
			assert(bSuc);
			assert(nLen % sizeof(PubKeySyncRet) == 0);

			PubKeySyncRet *pRet = (PubKeySyncRet*)pBuf;
			//计算密钥校验码
			if (pEntity->HasCkCodeFlg())
			{
				Dbg("缓存公钥。。。");
				BYTE hash[32] = { 0 };

				//缓存存储公钥
				for (int i = 0; i < nArrayNum; i++)
				{
					Dbg("file %s not same, sync...", pRet[i].FileName);
					if (0 == strcmp(pRet[i].FileName, PUKFILENAME_RSA))
					{
						//if (GetFileHash(pRet[i].Content, pRet[i].FileLen, hash) != Error_Succeed)
						if(!SM3Hash(pRet[i].Content,pRet[i].FileLen,hash))
						{
							LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_GET_FILE_HASH,
								GetOutPutStr("%s%08X%s%s", "GetFileHash", Error_Unexpect,"File", pRet[i].FileName).c_str());
							strErrMsg = "RSA公钥文件摘要失败";
							rc = ERR_INITIALIZER_GET_FILE_HASH;
							break;
						}

						memset(pEntity->m_cTDESPukey, 0, 2048);
						GetPukeyValue(pRet[i].Content, pRet[i].FileLen, DES, pEntity->m_cTDESPukey, &(pEntity->m_iTDESPukeyLen));

						if (memcmp(hash, pRet[i].FileHash, 16) != 0 || memcmp(hash+16,pRet->FileHashSM,16) != 0)
						{
							LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_CHECK_HASH,GetOutPutStr("%s%s", "File", pRet[i].FileName).c_str());
							strErrMsg = "RSA公钥文件校验不通过";
							rc = ERR_INITIALIZER_CHECK_HASH;
							break;
						}

						bSyncPK = TRUE;
					}
					else if (0 == strcmp(pRet[i].FileName, PUKFILENAME_SM2))
					{
						//if (GetFileHash(pRet[i].Content, pRet[i].FileLen, hash) != Error_Succeed)
						if(!SM3Hash(pRet[i].Content,pRet[i].FileLen,hash))
						{
							LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_GET_FILE_HASH,
								GetOutPutStr("%s%08X%s%s", "GetFileHash", Error_Unexpect, "File", pRet[i].FileName).c_str());
							strErrMsg = "SM2公钥文件摘要失败";
							rc = ERR_INITIALIZER_GET_FILE_HASH;
							break;
						}

						memset(pEntity->m_cSM2Pukey, 0, 2048);
						GetPukeyValue(pRet[i].Content, pRet[i].FileLen, SM4, pEntity->m_cSM2Pukey, &(pEntity->m_iSM2Pukeylen));

						if (memcmp(hash, pRet[i].FileHash, 16) != 0 || memcmp(hash + 16, pRet[i].FileHashSM, 16) != 0)
						{
							LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_CHECK_HASH, GetOutPutStr("%s%s", "File", pRet[i].FileName).c_str());
							strErrMsg = "SM2公钥文件校验不通过";
							rc = ERR_INITIALIZER_CHECK_HASH;
							break;
						}

						bSyncPK = TRUE;
					}
					else
					{
						//从分行服务下载下来的其它密钥文件，直接忽略，不报错
						Dbg("其它密钥文件：%s", pRet[i].FileName);
					}

					Dbg("file %s sm2 check succ,save as buf", pRet[i].FileName);
				}

				if (!bSyncPK)
				{
					LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_PUBKEY_FILE,
							GetOutPutStr("%s%s", "bSyncPK", "False").c_str());
					Dbg("分行服务KMC目录不存在正确的公钥文件");
					strErrMsg = "分行服务不存在正确的公钥文件";
					rc = ERR_INITIALIZER_PUBKEY_FILE;
				}
			}
			else
			{		
				Dbg("保存公钥。。。");
				CSimpleStringA strPath;
				m_pEntity->GetFunction()->GetPath("RunInfo", strPath);
				strPath += "\\kmc\\";

				if (!ExistsDirA(strPath))
					CreateDirA(strPath, TRUE);

				for (int i = 0; i < nArrayNum; i++)
				{
					Dbg("file %s not same, sync...", pRet[i].FileName);

					CSimpleStringA strFilePath = strPath + pRet[i].FileName;
					FILE* pFile = fopen(strFilePath, "wb");
					if (pFile == NULL)
					{
						LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_READ_WRITE_FILE,
							GetOutPutStr("%s%s%s%s", "fopen", "w","strFilePath", strFilePath.GetData()).c_str());
						strErrMsg = "打开公钥文件失败";
						rc = ERR_INITIALIZER_READ_WRITE_FILE;
						break;
					}
					Dbg("pRet[i].Content=%s,%d",(char*) pRet[i].Content,pRet[i].FileLen);
					auto nWriteLen = fwrite(pRet[i].Content, 1, pRet[i].FileLen, pFile);
					if (nWriteLen != pRet[i].FileLen)
					{
						LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_READ_WRITE_FILE,
							GetOutPutStr("%s%d%s%s", "fwrite", nWriteLen, "FileName", pRet[i].FileName).c_str());
						//LogError(Severity_Low, Error_Unexpect, ERROR_INITIALIZER_SYNCPUBKEY, CSimpleStringA::Format("write file %s fail", pRet[i].FileName));
						fclose(pFile);
						strErrMsg = "写入公钥文件失败";
						rc = ERR_INITIALIZER_READ_WRITE_FILE;
						break;
					}

					fclose(pFile);


					BYTE hash[32] = { 0 };
					//if (GetFileHashOld(strFilePath, hash) != Error_Succeed)
					if(!SM3File((char*)strFilePath.GetData(), hash))
					{
						LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_GET_FILE_HASH,
							GetOutPutStr("%s%08X%s%s", "GetFileHashOld", Error_Unexpect, "File", strFilePath).c_str());

						strErrMsg = "公钥文件摘要失败";
						rc = ERR_INITIALIZER_GET_FILE_HASH;
						break;
					}
					Dbg("strFilePath=%s", strFilePath.GetData());
					Dbg("file hash=%s", MyBase64::Str2Hex((char*)hash, 32));
					Dbg("hash=%s", MyBase64::Str2Hex((char*)pRet[i].FileHash, 16));
					Dbg("hashsm=%s", MyBase64::Str2Hex((char*)pRet[i].FileHashSM, 16));
					if (memcmp(hash, pRet[i].FileHash, 16) != 0 || memcmp(hash + 16, pRet[i].FileHashSM, 16) != 0)
					{
						LogWarn(Severity_Middle, Error_Unexpect, ERR_INITIALIZER_CHECK_HASH, GetOutPutStr("%s%s", "File", pRet[i].FileName).c_str());
						strErrMsg = "公钥文件校验不通过";
						rc = ERR_INITIALIZER_CHECK_HASH;
						break;
					}

					Dbg("file %s sync succ", pRet[i].FileName);
				}
			}
			
			delete[] pBuf;
		}
	}

	// notify sync result to entity
	((CInitializerEntity*)m_pEntity)->EndSyncPK(rc, strErrMsg.c_str());
	return rc;
}

DWORD CInitializerConn::SendReportStatePackage(const char*pszEventType, const char *pszUserID, DWORD dwErrCode, const char *pszErrMsg)
{
	auto pFunc = m_pEntity->GetFunction();

	CSystemStaticInfo ssInfo;
	pFunc->GetSystemStaticInfo(ssInfo);
	
	ReportStateReq req = {};
	strncpy(req.TerminalNo, ssInfo.strTerminalID, sizeof(req.TerminalNo) - 1);
	strncpy(req.EventType, pszEventType, sizeof(req.EventType) - 1);

	if (pszUserID != NULL)
		strncpy(req.UserID, pszUserID, sizeof(req.UserID) - 1);

	req.ErrorCode = dwErrCode;

	if (pszErrMsg != NULL)
		strncpy(req.ErrorMsg, pszErrMsg, sizeof(req.ErrorMsg) - 1);

	auto package = CreateNewPackage("RepState");
	package->AddStruct("REPSTA_R", false, false, (BYTE*)&req, sizeof(req));

	return SendPackage(package) != "" ? Error_Succeed : Error_Unexpect;
}

DWORD CInitializerConn::HandleReportStateRet(const CSmartPointer<IPackage> &pRecvPkg)
{
	DWORD rc = Error_Succeed;
	DWORD dwSysCode, dwUserCode;
	string strErrMsg;

	if (pRecvPkg->GetErrMsg(dwSysCode, dwUserCode, strErrMsg))
	{
		rc = dwUserCode;
		LogWarn(Severity_Middle, Error_Unexpect, rc,
				GetOutPutStr("%s%08X", "GetErrMsg", rc).c_str());
	}

	return rc;
}