packages/kiran-authentication-devices
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
kiran-authentication-devices/0001-feature-ukey-The-UKey-device-is-adapted.patch
luoqing a5909fc6cb feature(ukey):The UKey device is adapted 
- 完成UKey设备适配
2023-04-19 10:59:04 +08:00

3102 lines
106 KiB
Diff
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

From 919d46a3371e4770ca13ac25e5ce3fd996710d9e Mon Sep 17 00:00:00 2001
From: luoqing <luoqing@kylinsec.com.cn>
Date: Thu, 13 Apr 2023 15:41:16 +0800
Subject: [PATCH] feature(ukey):The UKey device is adapted
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
- 完成UKey设备适配
---
data/drivers.conf | 6 +-
include/auth-enum.h | 4 +-
include/kiran-auth-device-i.h | 7 +
include/third-party-device.h | 5 +-
include/ukey-skf.h | 325 +++++++++++
src/CMakeLists.txt | 9 +-
src/auth-device-manager.cpp | 45 +-
src/auth-device-manager.h | 24 +-
src/context/context-factory.cpp | 25 +-
src/context/context-factory.h | 11 +-
src/context/finger-vein/fv-sd-context.cpp | 1 +
src/context/ukey/ukey-ft-context.cpp | 57 ++
src/context/ukey/ukey-ft-context.h | 27 +
src/device/auth-device.cpp | 228 ++++----
src/device/auth-device.h | 65 +--
src/device/bio-device.cpp | 104 ++++
src/device/bio-device.h | 47 ++
src/device/finger-vein/fv-sd-device.cpp | 28 +-
src/device/finger-vein/fv-sd-device.h | 10 +-
src/device/fingerprint/fp-device.cpp | 2 +-
src/device/fingerprint/fp-device.h | 4 +-
src/device/fingerprint/fp-zk-device.cpp | 22 +-
src/device/fingerprint/fp-zk-device.h | 7 +-
src/device/ukey/ukey-ft-device.cpp | 400 ++++++++++++++
src/device/ukey/ukey-ft-device.h | 68 +++
src/driver/ukey/ukey-skf-driver.cpp | 516 ++++++++++++++++++
src/driver/ukey/ukey-skf-driver.h | 62 +++
.../kiran-authentication-devices.zh_CN.ts | 82 ++-
28 files changed, 1916 insertions(+), 275 deletions(-)
create mode 100644 include/ukey-skf.h
create mode 100644 src/context/ukey/ukey-ft-context.cpp
create mode 100644 src/context/ukey/ukey-ft-context.h
create mode 100644 src/device/bio-device.cpp
create mode 100644 src/device/bio-device.h
create mode 100644 src/device/ukey/ukey-ft-device.cpp
create mode 100644 src/device/ukey/ukey-ft-device.h
create mode 100644 src/driver/ukey/ukey-skf-driver.cpp
create mode 100644 src/driver/ukey/ukey-skf-driver.h
diff --git a/data/drivers.conf b/data/drivers.conf
index e2be3f1..ef3f9f8 100644
--- a/data/drivers.conf
+++ b/data/drivers.conf
@@ -8,4 +8,8 @@ Type=0
[sdfv]
Enable=true
-Type=2
\ No newline at end of file
+Type=2
+
+[es_3000gm]
+Enable=true
+Type=5
\ No newline at end of file
diff --git a/include/auth-enum.h b/include/auth-enum.h
index 19f98d1..a29e9b5 100644
--- a/include/auth-enum.h
+++ b/include/auth-enum.h
@@ -93,7 +93,9 @@ enum IdentifyProcess
// 匹配
IDENTIFY_PROCESS_MACTCH,
// 不匹配
- IDENTIFY_PROCESS_NO_MATCH
+ IDENTIFY_PROCESS_NO_MATCH,
+ // PIN码不正确
+ IDENTIFY_PROCESS_PIN_INCORRECT
};
} // namespace Kiran
\ No newline at end of file
diff --git a/include/kiran-auth-device-i.h b/include/kiran-auth-device-i.h
index 8422eaf..89e4000 100644
--- a/include/kiran-auth-device-i.h
+++ b/include/kiran-auth-device-i.h
@@ -26,6 +26,11 @@ extern "C"
#define GENERAL_AUTH_DEVICE_DBUS_OBJECT_PATH "/com/kylinsec/Kiran/AuthDevice/Device"
#define GENERAL_AUTH_DEVICE_DBUS_INTERFACE_NAME "com.kylinsec.Kiran.AuthDevice.Device"
+#define AUTH_DEVICE_JSON_KEY_UKEY "ukey"
+#define AUTH_DEVICE_JSON_KEY_PIN "pin"
+#define AUTH_DEVICE_JSON_KEY_REBINDING "rebinding"
+#define AUTH_DEVICE_JSON_KEY_FEATURE_IDS "feature_ids"
+
// 录入结果
enum EnrollResult
{
@@ -37,6 +42,8 @@ extern "C"
ENROLL_RESULT_PASS,
// 因为扫描质量或者用户扫描过程中发生的问题引起
ENROLL_RESULT_RETRY,
+ // UKey已经存在绑定关系
+ ENROLL_RESULT_UKEY_EXIST_BINDING
};
// 识别结果
diff --git a/include/third-party-device.h b/include/third-party-device.h
index d06a4a2..2b118d3 100644
--- a/include/third-party-device.h
+++ b/include/third-party-device.h
@@ -19,7 +19,7 @@ namespace Kiran
{
#define ZK_ID_VENDOR "1b55"
#define SD_ID_VENDOR "05e3"
-
+#define FT_ID_VENDOR "096e"
static const struct ThirdPartyDeviceSupported
{
@@ -35,7 +35,8 @@ static const struct ThirdPartyDeviceSupported
QString description;
}ThirdPartyDeviceSupportedTable[] = {
{DEVICE_TYPE_FingerPrint,"1b55","0120","","ZK"},
- {DEVICE_TYPE_FingerVein,"05e3","0608","","SD"}
+ {DEVICE_TYPE_FingerVein,"05e3","0608","","SD"},
+ {DEVICE_TYPE_UKey,"096e","0309","","FT"}
};
}
\ No newline at end of file
diff --git a/include/ukey-skf.h b/include/ukey-skf.h
new file mode 100644
index 0000000..d1b6a6f
--- /dev/null
+++ b/include/ukey-skf.h
@@ -0,0 +1,325 @@
+/**
+ * Copyright (c) 2020 ~ 2021 KylinSec Co., Ltd.
+ * kiran-biometrics is licensed under Mulan PSL v2.
+ * You can use this software according to the terms and conditions of the Mulan PSL v2.
+ * You may obtain a copy of Mulan PSL v2 at:
+ * http://license.coscl.org.cn/MulanPSL2
+ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
+ * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
+ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
+ * See the Mulan PSL v2 for more details.
+ *
+ * Author: luoqing <luoqing@kylinsec.com.cn>
+ */
+
+#pragma once
+#include <stdint.h>
+#include <QString>
+
+#ifdef __cplusplus
+extern "C"
+{
+#endif
+
+typedef int8_t INT8;
+typedef int16_t INT16;
+typedef int32_t INT32;
+typedef unsigned char UINT8;
+typedef uint16_t UINT16;
+typedef uint32_t UINT32;
+typedef long BOOL;
+
+typedef UINT8 BYTE;
+typedef UINT8 CHAR;
+typedef INT16 SHORT;
+typedef UINT16 USHORT;
+typedef INT32 LONG;
+typedef UINT32 ULONG;
+typedef UINT32 UINT;
+typedef UINT16 WORD;
+typedef UINT32 DWORD;
+typedef UINT32 FLAGS;
+typedef CHAR *LPSTR;
+typedef void *HANDLE;
+typedef HANDLE DEVHANDLE;
+typedef HANDLE HAPPLICATION;
+typedef HANDLE HCONTAINER;
+
+#define MAX_RSA_MODULUS_LEN 256
+#define MAX_RSA_EXPONENT_LEN 4
+#define ECC_MAX_XCOORDINATE_BITS_LEN 512
+#define ECC_MAX_YCOORDINATE_BITS_LEN 512
+#define ECC_MAX_MODULUS_BITS_LEN 512
+
+#define MAX_IV_LEN 32
+#define MAX_FILE_NAME_SIZE 32
+#define MAX_FILE_CONTAINER_NAME_SIZE 64
+
+/*Permission type*/
+#define SECURE_NEVER_ACCOUNT 0x00000000
+#define SECURE_ADM_ACCOUNT 0x00000001
+#define SECURE_USER_ACCOUNT 0x00000010
+#define SECURE_ANYONE_ACCOUNT 0x000000FF
+
+#ifndef FALSE
+#define FALSE 0x00000000
+#endif
+
+#ifndef TRUE
+#define TRUE 0x00000001
+#endif
+
+#ifndef ADMIN_TYPE
+#define ADMIN_TYPE 0
+#endif
+
+#ifndef USER_TYPE
+#define USER_TYPE 1
+#endif
+
+/* public key usage */
+#define SGD_PK_SIGN 0x0100
+#define SGD_PK_DH 0x0200
+#define SGD_PK_ENC 0x0400
+
+/* public key types */
+#define SGD_RSA 0x00010000
+#define SGD_RSA_SIGN (SGD_RSA | SGD_PK_SIGN)
+#define SGD_RSA_ENC (SGD_RSA | SGD_PK_ENC)
+#define SGD_SM2 0x00020000
+#define SGD_SM2_1 (SGD_SM2 | SGD_PK_SIGN)
+#define SGD_SM2_2 (SGD_SM2 | SGD_PK_DH)
+#define SGD_SM2_3 (SGD_SM2 | SGD_PK_ENC)
+
+/* hash */
+#define SGD_SM3 0x00000001
+#define SGD_SHA1 0x00000002
+#define SGD_SHA256 0x00000004
+#define SGD_HASH_FROM 0x00000008
+#define SGD_HASH_TO 0x000000FF
+
+/* signatue schemes */
+#define SGD_SM3_RSA (SGD_SM3|SGD_RSA)
+#define SGD_SHA1_RSA (SGD_SHA1|SGD_RSA)
+#define SGD_SHA256_RSA (SGD_SHA256|SGD_RSA)
+#define SGD_SM3_SM2 (SGD_SM3|SGD_SM2)
+#define SGD_SIG_FROM 0x00040000
+#define SGD_SIG_TO 0x800000FF
+
+#pragma pack(1)
+ typedef struct Struct_Version
+ {
+ BYTE major;
+ BYTE minor;
+ } VERSION;
+
+ typedef struct Struct_DEVINFO
+ {
+ VERSION Version;
+ CHAR Manufacturer[64];
+ CHAR Issuer[64];
+ CHAR Label[32];
+ CHAR SerialNumber[32];
+ VERSION HWVersion;
+ VERSION FirmwareVersion;
+ ULONG AlgSymCap;
+ ULONG AlgAsymCap;
+ ULONG AlgHashCap;
+ ULONG DevAuthAlgId;
+ ULONG TotalSpace;
+ ULONG FreeSpace;
+ ULONG MaxECCBufferSize;
+ ULONG MaxBufferSize;
+ BYTE Reserved[64];
+ } DEVINFO, *PDEVINFO;
+
+ typedef struct Struct_RSAPUBLICKEYBLOB
+ {
+ ULONG AlgID;
+ ULONG BitLen;
+ BYTE Modulus[MAX_RSA_MODULUS_LEN];
+ BYTE PublicExponent[MAX_RSA_EXPONENT_LEN];
+ } RSAPUBLICKEYBLOB, *PRSAPUBLICKEYBLOB;
+
+ typedef struct Struct_RSAPRIVATEKEYBLOB
+ {
+ ULONG AlgID;
+ ULONG BitLen;
+ BYTE Modulus[MAX_RSA_MODULUS_LEN];
+ BYTE PublicExponent[MAX_RSA_EXPONENT_LEN];
+ BYTE PrivateExponent[MAX_RSA_MODULUS_LEN];
+ BYTE Prime1[MAX_RSA_MODULUS_LEN / 2];
+ BYTE Prime2[MAX_RSA_MODULUS_LEN / 2];
+ BYTE Prime1Exponent[MAX_RSA_MODULUS_LEN / 2];
+ BYTE Prime2Exponent[MAX_RSA_MODULUS_LEN / 2];
+ BYTE Coefficient[MAX_RSA_MODULUS_LEN / 2];
+ } RSAPRIVATEKEYBLOB, *PRSAPRIVATEKEYBLOB;
+
+ typedef struct Struct_ECCPUBLICKEYBLOB
+ {
+ ULONG BitLen;
+ BYTE XCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN / 8];
+ BYTE YCoordinate[ECC_MAX_YCOORDINATE_BITS_LEN / 8];
+ } ECCPUBLICKEYBLOB, *PECCPUBLICKEYBLOB;
+
+ typedef struct Struct_ECCPRIVATEKEYBLOB
+ {
+ ULONG BitLen;
+ BYTE PrivateKey[ECC_MAX_MODULUS_BITS_LEN / 8];
+ } ECCPRIVATEKEYBLOB, *PECCPRIVATEKEYBLOB;
+
+ typedef struct Struct_ECCCIPHERBLOB
+ {
+ BYTE XCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN / 8];
+ BYTE YCoordinate[ECC_MAX_XCOORDINATE_BITS_LEN / 8];
+ BYTE HASH[32];
+ ULONG CipherLen;
+ BYTE Cipher[1];
+ } ECCCIPHERBLOB, *PECCCIPHERBLOB;
+
+ typedef struct Struct_ECCSIGNATUREBLOB
+ {
+ BYTE r[ECC_MAX_XCOORDINATE_BITS_LEN / 8];
+ BYTE s[ECC_MAX_XCOORDINATE_BITS_LEN / 8];
+ } ECCSIGNATUREBLOB, *PECCSIGNATUREBLOB;
+
+ typedef struct Struct_BLOCKCIPHERPARAM
+ {
+ BYTE IV[MAX_IV_LEN];
+ ULONG IVLen;
+ ULONG PaddingType;
+ ULONG FeedBitLen;
+ } BLOCKCIPHERPARAM, *PBLOCKCIPHERPARAM;
+
+ typedef struct SKF_ENVELOPEDKEYBLOB
+ {
+ ULONG Version;
+ ULONG ulSymmAlgID;
+ ULONG ulBits;
+ BYTE cbEncryptedPriKey[64];
+ ECCPUBLICKEYBLOB PubKey;
+ ECCCIPHERBLOB ECCCipherBlob;
+ } ENVELOPEDKEYBLOB, *PENVELOPEDKEYBLOB;
+
+ typedef struct Struct_FILEATTRIBUTE
+ {
+ CHAR FileName[MAX_FILE_NAME_SIZE];
+ ULONG FileSize;
+ ULONG ReadRights;
+ ULONG WriteRights;
+ } FILEATTRIBUTE, *PFILEATTRIBUTE;
+#pragma pack()
+
+#define SAR_OK 0x00000000
+#define SAR_FAIL 0x0A000001
+#define SAR_UNKNOWNERR 0x0A000002
+#define SAR_NOTSUPPORTYETERR 0x0A000003
+#define SAR_FILEERR 0x0A000004
+#define SAR_INVALIDHANDLEERR 0x0A000005
+#define SAR_INVALIDPARAMERR 0x0A000006
+#define SAR_READFILEERR 0x0A000007
+#define SAR_WRITEFILEERR 0x0A000008
+#define SAR_NAMELENERR 0x0A000009
+#define SAR_KEYUSAGEERR 0x0A00000A
+#define SAR_MODULUSLENERR 0x0A00000B
+#define SAR_NOTINITIALIZEERR 0x0A00000C
+#define SAR_OBJERR 0x0A00000D
+#define SAR_MEMORYERR 0x0A00000E
+#define SAR_TIMEOUTERR 0x0A00000F
+#define SAR_INDATALENERR 0x0A000010
+#define SAR_INDATAERR 0x0A000011
+#define SAR_GENRANDERR 0x0A000012
+#define SAR_HASHOBJERR 0x0A000013
+#define SAR_HASHERR 0x0A000014
+#define SAR_GENRSAKEYERR 0x0A000015
+#define SAR_RSAMODULUSLENERR 0x0A000016
+#define SAR_CSPIMPRTPUBKEYERR 0x0A000017
+#define SAR_RSAENCERR 0x0A000018
+#define SAR_RSADECERR 0x0A000019
+#define SAR_HASHNOTEQUALERR 0x0A00001A
+#define SAR_KEYNOTFOUNTERR 0x0A00001B
+#define SAR_CERTNOTFOUNTERR 0x0A00001C
+#define SAR_NOTEXPORTERR 0x0A00001D
+#define SAR_DECRYPTPADERR 0x0A00001E
+#define SAR_MACLENERR 0x0A00001F
+#define SAR_BUFFER_TOO_SMALL 0x0A000020
+#define SAR_KEYINFOTYPEERR 0x0A000021
+#define SAR_NOT_EVENTERR 0x0A000022
+#define SAR_DEVICE_REMOVED 0x0A000023
+#define SAR_PIN_INCORRECT 0x0A000024
+#define SAR_PIN_LOCKED 0x0A000025
+#define SAR_PIN_INVALID 0x0A000026
+#define SAR_PIN_LEN_RANGE 0x0A000027
+#define SAR_USER_ALREADY_LOGGED_IN 0x0A000028
+#define SAR_USER_PIN_NOT_INITIALIZED 0x0A000029
+#define SAR_USER_TYPE_INVALID 0x0A00002A
+#define SAR_APPLICATION_NAME_INVALID 0x0A00002B
+#define SAR_APPLICATION_EXISTS 0x0A00002C
+#define SAR_USER_NOT_LOGGED_IN 0x0A00002D
+#define SAR_APPLICATION_NOT_EXISTS 0x0A00002E
+#define SAR_FILE_ALREADY_EXIST 0x0A00002F
+#define SAR_NO_ROOM 0x0A000030
+#define SAR_FILE_NOT_EXIST 0x0A000031
+#define SAR_REACH_MAX_CONTAINER_COUNT 0x0A000032
+
+typedef struct {
+ ULONG err;
+ QString reason;
+} SKF_ERR_REASON;
+
+static SKF_ERR_REASON skf_errors[] = {
+ { SAR_OK, "success" },
+ { SAR_FAIL, "failure" },
+ { SAR_UNKNOWNERR, "unknown error" },
+ { SAR_NOTSUPPORTYETERR, "operation not supported" },
+ { SAR_FILEERR, "file error" },
+ { SAR_INVALIDHANDLEERR, "invalid handle" },
+ { SAR_INVALIDPARAMERR, "invalid parameter" },
+ { SAR_READFILEERR, "read file failure" },
+ { SAR_WRITEFILEERR, "write file failure" },
+ { SAR_NAMELENERR, "invalid name length" },
+ { SAR_KEYUSAGEERR, "invalid key usage" },
+ { SAR_MODULUSLENERR, "invalid modulus length" },
+ { SAR_NOTINITIALIZEERR, "not initialized" },
+ { SAR_OBJERR, "invalid object" },
+ { SAR_MEMORYERR, "memory error" },
+ { SAR_TIMEOUTERR, "timeout" },
+ { SAR_INDATALENERR, "invalid input length" },
+ { SAR_INDATAERR, "invalid input value" },
+ { SAR_GENRANDERR, "random generation failed" },
+ { SAR_HASHOBJERR, "invalid digest handle" },
+ { SAR_HASHERR, "digest error" },
+ { SAR_GENRSAKEYERR, "rsa key generation failure" },
+ { SAR_RSAMODULUSLENERR, "invalid rsa modulus length" },
+ { SAR_CSPIMPRTPUBKEYERR, "csp import public key error" },
+ { SAR_RSAENCERR, "rsa encryption failure" },
+ { SAR_RSADECERR, "rsa decryption failure" },
+ { SAR_HASHNOTEQUALERR, "hash not equal" },
+ { SAR_KEYNOTFOUNTERR, "key not found" },
+ { SAR_CERTNOTFOUNTERR, "certificate not found" },
+ { SAR_NOTEXPORTERR, "export failed" },
+ { SAR_DECRYPTPADERR, "decrypt invalid padding" },
+ { SAR_MACLENERR, "invalid mac length" },
+ { SAR_BUFFER_TOO_SMALL, "buffer too small" },
+ { SAR_KEYINFOTYPEERR, "invalid key info type" },
+ { SAR_NOT_EVENTERR, "no event" },
+ { SAR_DEVICE_REMOVED, "device removed" },
+ { SAR_PIN_INCORRECT, "pin incorrect" },
+ { SAR_PIN_LOCKED, "pin locked" },
+ { SAR_PIN_INVALID, "invalid pin" },
+ { SAR_PIN_LEN_RANGE, "invalid pin length" },
+ { SAR_USER_ALREADY_LOGGED_IN, "user already logged in" },
+ { SAR_USER_PIN_NOT_INITIALIZED, "user pin not initialized" },
+ { SAR_USER_TYPE_INVALID, "invalid user type" },
+ { SAR_APPLICATION_NAME_INVALID, "invalid application name" },
+ { SAR_APPLICATION_EXISTS, "application already exist" },
+ { SAR_USER_NOT_LOGGED_IN, "user not logged in" },
+ { SAR_APPLICATION_NOT_EXISTS, "application not exist" },
+ { SAR_FILE_ALREADY_EXIST, "file already exist" },
+ { SAR_NO_ROOM, "no space" },
+ { SAR_FILE_NOT_EXIST, "file not exist" },
+};
+
+#ifdef __cplusplus
+}
+#endif
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 39c8dc5..cac6cb4 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -37,11 +37,14 @@ qt_add_dbus_adaptor(
set(DEVICE_SDK ${CMAKE_INSTALL_PREFIX}/${CMAKE_INSTALL_LIBDIR}/${PROJECT_NAME}-sdk)
set(CMAKE_BUILD_WITH_INSTALL_RPATH TRUE)
-set(CMAKE_INSTALL_RPATH ${DEVICE_SDK}/finger-vein/sd:${DEVICE_SDK}/fingerprint/zk)
+set(CMAKE_INSTALL_RPATH ${DEVICE_SDK}/finger-vein/sd:${DEVICE_SDK}/fingerprint/zk:${DEVICE_SDK}/ukey/ft)
set(TS_FILES "${PROJECT_SOURCE_DIR}/translations/${PROJECT_NAME}.zh_CN.ts")
-qt_create_translation(QM_FILES ${CMAKE_CURRENT_SOURCE_DIR} ${TS_FILES})
+qt_create_translation(QM_FILES
+ ${CMAKE_CURRENT_SOURCE_DIR}
+ ${TS_FILES}
+ )
add_executable(${PROJECT_NAME}
${SRC_H_FILES}
@@ -58,7 +61,7 @@ target_include_directories(${PROJECT_NAME} PUBLIC
${KLOG_QT5_INCLUDE_DIRS}
${CMAKE_CURRENT_SOURCE_DIR}
)
-
+
target_link_libraries(${PROJECT_NAME}
${KLOG_QT5_LIBRARIES}
${LIBUDEV_LIBRARIES}
diff --git a/src/auth-device-manager.cpp b/src/auth-device-manager.cpp
index 984d3c1..a0ac795 100644
--- a/src/auth-device-manager.cpp
+++ b/src/auth-device-manager.cpp
@@ -18,9 +18,9 @@
#include <QDBusConnection>
#include <QDBusError>
#include <QDBusMessage>
-#include "device/auth-device.h"
#include "auth_device_manager_adaptor.h"
#include "context/context-factory.h"
+#include "device/auth-device.h"
#include "feature-db.h"
#include "kiran-auth-device-i.h"
#include "polkit-proxy.h"
@@ -148,7 +148,7 @@ void AuthDeviceManager::onRemove(const QDBusMessage& message, const QString& fea
{
bool result = FeatureDB::getInstance()->deleteFeature(feature_id);
KLOG_DEBUG() << "deleteFeature:" << feature_id
- << "result" << result;
+ << "exec:" << result;
auto replyMessage = message.createReply();
QDBusConnection::systemBus().send(replyMessage);
}
@@ -192,10 +192,9 @@ CHECK_AUTH_WITH_2ARGS(AuthDeviceManager, SetEnableDriver, onSetEnableDriver, AUT
void AuthDeviceManager::init()
{
- m_dbusAdaptor = new AuthDeviceManagerAdaptor(this);
- m_contextFactory = ContextFactory::instance();
- m_timer = new QTimer(this);
- connect(m_timer, &QTimer::timeout, this, &AuthDeviceManager::handleDeviceReCreate);
+ m_dbusAdaptor = QSharedPointer<AuthDeviceManagerAdaptor>(new AuthDeviceManagerAdaptor(this));
+ m_contextFactory = QSharedPointer<ContextFactory>(ContextFactory::instance());
+ connect(&m_timer, &QTimer::timeout, this, &AuthDeviceManager::handleDeviceReCreate);
QDBusConnection dbusConnection = QDBusConnection::systemBus();
if (!dbusConnection.registerService(AUTH_DEVICE_DBUS_NAME))
@@ -214,14 +213,14 @@ void AuthDeviceManager::init()
KLOG_ERROR() << "Can't register object:" << dbusConnection.lastError();
}
- m_udev = udev_new();
+ m_udev = QSharedPointer<udev> (udev_new());
if (!m_udev)
{
KLOG_ERROR() << "new udev error";
}
- initDeviceMonitor(m_udev);
- auto usbInfoList = enumerateDevices(m_udev);
+ initDeviceMonitor(m_udev.data());
+ auto usbInfoList = enumerateDevices(m_udev.data());
// 枚举设备后,生成设备对象
Q_FOREACH (auto deviceInfo, usbInfoList)
{
@@ -243,16 +242,16 @@ void AuthDeviceManager::init()
void AuthDeviceManager::initDeviceMonitor(struct udev* udev)
{
// 创建一个新的monitor
- m_monitor = udev_monitor_new_from_netlink(udev, "udev");
+ m_monitor = QSharedPointer<udev_monitor> (udev_monitor_new_from_netlink(udev, "udev"));
// 增加一个udev事件过滤器
- udev_monitor_filter_add_match_subsystem_devtype(m_monitor, "usb", nullptr);
+ udev_monitor_filter_add_match_subsystem_devtype(m_monitor.data(), "usb", nullptr);
// 启动监控
- udev_monitor_enable_receiving(m_monitor);
+ udev_monitor_enable_receiving(m_monitor.data());
// 获取该监控的文件描述符fd就代表了这个监控
- m_fd = udev_monitor_get_fd(m_monitor);
+ m_fd = udev_monitor_get_fd(m_monitor.data());
- m_socketNotifierRead = new QSocketNotifier(m_fd, QSocketNotifier::Read, this);
- connect(m_socketNotifierRead, &QSocketNotifier::activated, this, &AuthDeviceManager::handleSocketNotifierRead);
+ m_socketNotifierRead = QSharedPointer<QSocketNotifier>(new QSocketNotifier(m_fd, QSocketNotifier::Read, this));
+ connect(m_socketNotifierRead.data(), &QSocketNotifier::activated, this, &AuthDeviceManager::handleSocketNotifierRead);
}
void AuthDeviceManager::handleSocketNotifierRead(int socket)
@@ -274,7 +273,7 @@ void AuthDeviceManager::handleSocketNotifierRead(int socket)
return;
// 获取产生事件的设备映射
- struct udev_device* dev = udev_monitor_receive_device(m_monitor);
+ struct udev_device* dev = udev_monitor_receive_device(m_monitor.data());
if (!dev)
return;
@@ -317,11 +316,11 @@ void AuthDeviceManager::handleSocketNotifierRead(int socket)
QList<DeviceInfo> AuthDeviceManager::enumerateDevices(struct udev* udev)
{
// 创建一个枚举器用于扫描已连接的设备
- struct udev_enumerate* enumerate = udev_enumerate_new(udev);
+ struct udev_enumerate* enumerate = udev_enumerate_new(udev);
udev_enumerate_add_match_subsystem(enumerate, SUBSYSTEM);
udev_enumerate_scan_devices(enumerate);
// 返回一个存储了设备所有属性信息的链表
- struct udev_list_entry* devices = udev_enumerate_get_list_entry(enumerate);
+ struct udev_list_entry* devices = udev_enumerate_get_list_entry(enumerate);
struct udev_list_entry* entry;
QList<DeviceInfo> usbInfoList;
@@ -329,7 +328,7 @@ QList<DeviceInfo> AuthDeviceManager::enumerateDevices(struct udev* udev)
{
const char* path = udev_list_entry_get_name(entry);
// 创建一个udev设备的映射
- struct udev_device* dev = udev_device_new_from_syspath(udev, path);
+ struct udev_device* dev = udev_device_new_from_syspath(udev, path);
DeviceInfo usbInfo;
usbInfo.idVendor = udev_device_get_sysattr_value(dev, "idVendor");
usbInfo.idProduct = udev_device_get_sysattr_value(dev, "idProduct");
@@ -419,16 +418,16 @@ void AuthDeviceManager::handleDeviceCreateFail(DeviceInfo deviceInfo)
m_retreyCreateDeviceMap.insert(deviceInfo, 0);
if (m_retreyCreateDeviceMap.count() != 0)
{
- if (!m_timer->isActive())
+ if (!m_timer.isActive())
{
- m_timer->start(1000);
+ m_timer.start(1000);
}
}
}
void AuthDeviceManager::handleDeviceDeleted()
{
- QList<DeviceInfo> newUsbInfoList = enumerateDevices(m_udev);
+ QList<DeviceInfo> newUsbInfoList = enumerateDevices(m_udev.data());
QStringList newBusList;
Q_FOREACH (auto newUsbInfo, newUsbInfoList)
{
@@ -468,7 +467,7 @@ void AuthDeviceManager::handleDeviceReCreate()
{
if (m_retreyCreateDeviceMap.count() == 0)
{
- m_timer->stop();
+ m_timer.stop();
}
else
{
diff --git a/src/auth-device-manager.h b/src/auth-device-manager.h
index fcf56bd..0993a55 100644
--- a/src/auth-device-manager.h
+++ b/src/auth-device-manager.h
@@ -15,12 +15,13 @@
#pragma once
#include <libudev.h>
+#include <QDBusContext>
#include <QDBusObjectPath>
#include <QObject>
+#include <QSharedPointer>
#include <QSocketNotifier>
#include <QTimer>
#include "auth-enum.h"
-#include <QDBusContext>
class AuthDeviceManagerAdaptor;
@@ -43,7 +44,7 @@ public:
public Q_SLOTS:
QString GetDevices();
- QString GetDevicesByType(int device_type);
+ QString GetDevicesByType(int device_type);
QDBusObjectPath GetDevice(const QString &device_id);
QStringList GetAllFeatureIDs();
QString GetDriversByType(int device_type);
@@ -64,8 +65,8 @@ private:
void processDevice(struct udev_device *dev);
void deviceSimpleInfo(struct udev_device *dev);
- void onRemove(const QDBusMessage &message,const QString &feature_id);
- void onSetEnableDriver(const QDBusMessage &message,const QString &driver_name, bool enable);
+ void onRemove(const QDBusMessage &message, const QString &feature_id);
+ void onSetEnableDriver(const QDBusMessage &message, const QString &driver_name, bool enable);
Q_SIGNALS:
void DeviceAdded(int device_type, const QString &device_id);
@@ -73,19 +74,18 @@ Q_SIGNALS:
private:
static AuthDeviceManager *m_instance;
- struct udev *m_udev;
- struct udev_monitor *m_monitor;
+ QSharedPointer<udev> m_udev;
+ QSharedPointer<udev_monitor> m_monitor;
int m_fd;
- AuthDeviceManagerAdaptor *m_dbusAdaptor;
- QSocketNotifier *m_socketNotifierRead;
+ QSharedPointer<AuthDeviceManagerAdaptor> m_dbusAdaptor;
+ QSharedPointer<QSocketNotifier> m_socketNotifierRead;
// 总线 -- AuthDevice对象对应
QMap<QString, AuthDevice *> m_deviceMap;
- ContextFactory *m_contextFactory;
-
- QTimer *m_timer;
+ QSharedPointer<ContextFactory> m_contextFactory;
+ QTimer m_timer;
// 设备信息-重试次数
- QMap<DeviceInfo,int> m_retreyCreateDeviceMap;
+ QMap<DeviceInfo, int> m_retreyCreateDeviceMap;
};
} // namespace Kiran
diff --git a/src/context/context-factory.cpp b/src/context/context-factory.cpp
index 82c9c6b..f489d8f 100644
--- a/src/context/context-factory.cpp
+++ b/src/context/context-factory.cpp
@@ -15,11 +15,12 @@
#include "context-factory.h"
#include <qt5-log-i.h>
#include <QMutex>
+#include "finger-vein/fv-sd-context.h"
#include "fingerprint/fp-builtin-context.h"
#include "fingerprint/fp-zk-context.h"
-#include "finger-vein/fv-sd-context.h"
#include "kiran-auth-device-i.h"
#include "third-party-device.h"
+#include "ukey/ukey-ft-context.h"
namespace Kiran
{
@@ -47,9 +48,10 @@ ContextFactory::ContextFactory(QObject* parent)
void ContextFactory::init()
{
- m_fpZKContext = new FPZKContext();
- m_fpBuiltInContext = new FPBuiltInContext();
- m_fvSDContext = new FVSDContext();
+ m_fpZKContext = QSharedPointer<FPZKContext>(new FPZKContext());
+ m_fpBuiltInContext = QSharedPointer<FPBuiltInContext>(new FPBuiltInContext());
+ m_fvSDContext = QSharedPointer<FVSDContext>(new FVSDContext());
+ m_ukeyFTContext = QSharedPointer<UKeyFTContext>(new UKeyFTContext());
}
AuthDevice* ContextFactory::createDevice(const QString& idVendor, const QString& idProduct)
@@ -72,6 +74,9 @@ AuthDevice* ContextFactory::createDevice(const QString& idVendor, const QString&
case DEVICE_TYPE_FingerVein:
device = createFingerVeinDevice(idVendor, idProduct);
break;
+ case DEVICE_TYPE_UKey:
+ device = createUKeyDevice(idVendor, idProduct);
+ break;
default:
break;
}
@@ -120,6 +125,18 @@ AuthDevice* ContextFactory::createFingerVeinDevice(const QString& idVendor, cons
return nullptr;
}
+AuthDevice* ContextFactory::createUKeyDevice(const QString& idVendor, const QString& idProduct)
+{
+ if (idVendor == FT_ID_VENDOR)
+ {
+ return m_ukeyFTContext->createDevice(idVendor, idProduct);
+ }
+ else
+ {
+ return nullptr;
+ };
+}
+
Context* ContextFactory::CreateContext()
{
return nullptr;
diff --git a/src/context/context-factory.h b/src/context/context-factory.h
index f2d510a..5d06839 100644
--- a/src/context/context-factory.h
+++ b/src/context/context-factory.h
@@ -15,13 +15,14 @@
#include <QObject>
#include "context.h"
-
+#include <QSharedPointer>
namespace Kiran
{
class FPZKContext;
class FPBuiltInContext;
class FVSDContext;
+class UKeyFTContext;
class ContextFactory : public QObject
{
@@ -43,11 +44,13 @@ private:
void init();
AuthDevice* createFingerPrintDevice(const QString& idVendor, const QString& idProduct);
AuthDevice* createFingerVeinDevice(const QString& idVendor, const QString& idProduct);
+ AuthDevice* createUKeyDevice(const QString& idVendor, const QString& idProduct);
private:
QStringList m_idVendorList;
- FPZKContext* m_fpZKContext;
- FPBuiltInContext* m_fpBuiltInContext;
- FVSDContext* m_fvSDContext;
+ QSharedPointer<FPZKContext> m_fpZKContext;
+ QSharedPointer<FPBuiltInContext> m_fpBuiltInContext;
+ QSharedPointer<FVSDContext> m_fvSDContext;
+ QSharedPointer<UKeyFTContext> m_ukeyFTContext;
};
} // namespace Kiran
diff --git a/src/context/finger-vein/fv-sd-context.cpp b/src/context/finger-vein/fv-sd-context.cpp
index a2e9dc7..d898564 100644
--- a/src/context/finger-vein/fv-sd-context.cpp
+++ b/src/context/finger-vein/fv-sd-context.cpp
@@ -24,6 +24,7 @@ FVSDContext::FVSDContext(QObject* parent)
{
}
+//TODO:createDevice 流程类似,考虑优化,减少重复代码
// fp-zk-context 需要管理多个so可以生成不同 so的设备
AuthDevice* FVSDContext::createDevice(const QString& idVendor, const QString& idProduct)
{
diff --git a/src/context/ukey/ukey-ft-context.cpp b/src/context/ukey/ukey-ft-context.cpp
new file mode 100644
index 0000000..40e9df3
--- /dev/null
+++ b/src/context/ukey/ukey-ft-context.cpp
@@ -0,0 +1,57 @@
+/**
+ * Copyright (c) 2020 ~ 2021 KylinSec Co., Ltd.
+ * kiran-biometrics is licensed under Mulan PSL v2.
+ * You can use this software according to the terms and conditions of the Mulan PSL v2.
+ * You may obtain a copy of Mulan PSL v2 at:
+ * http://license.coscl.org.cn/MulanPSL2
+ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
+ * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
+ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
+ * See the Mulan PSL v2 for more details.
+ *
+ * Author: luoqing <luoqing@kylinsec.com.cn>
+ */
+
+#include "ukey-ft-context.h"
+#include <qt5-log-i.h>
+#include "device/ukey/ukey-ft-device.h"
+#include "utils.h"
+
+namespace Kiran
+{
+UKeyFTContext::UKeyFTContext(QObject* parent)
+ : Context{parent}
+{
+}
+
+AuthDevice* UKeyFTContext::createDevice(const QString& idVendor, const QString& idProduct)
+{
+ auto ftDevice = new UKeyFTDevice();
+ if (!Utils::driverEnabled(ftDevice->deviceDriver()))
+ {
+ KLOG_INFO() << QString("driver %1 is disabled! device %2:%3 can't be used")
+ .arg(ftDevice->deviceDriver())
+ .arg(idVendor)
+ .arg(idProduct);
+ return nullptr;
+ }
+ if (ftDevice->init())
+ {
+ QString deviceName = Utils::getDeviceName(idVendor, idProduct);
+ if (deviceName.isEmpty())
+ {
+ deviceName = "Feitian Technologies";
+ }
+ ftDevice->setDeviceName(deviceName);
+ ftDevice->setDeviceInfo(idVendor, idProduct);
+ m_deviceMap.insert(ftDevice->deviceID(), ftDevice);
+ return ftDevice;
+ }
+ else
+ {
+ KLOG_ERROR() << QString("device %1:%2 init failed!").arg(idVendor).arg(idProduct);
+ ftDevice->deleteLater();
+ return nullptr;
+ }
+}
+} // namespace Kiran
diff --git a/src/context/ukey/ukey-ft-context.h b/src/context/ukey/ukey-ft-context.h
new file mode 100644
index 0000000..48bd40d
--- /dev/null
+++ b/src/context/ukey/ukey-ft-context.h
@@ -0,0 +1,27 @@
+/**
+ * Copyright (c) 2020 ~ 2021 KylinSec Co., Ltd.
+ * kiran-biometrics is licensed under Mulan PSL v2.
+ * You can use this software according to the terms and conditions of the Mulan PSL v2.
+ * You may obtain a copy of Mulan PSL v2 at:
+ * http://license.coscl.org.cn/MulanPSL2
+ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
+ * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
+ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
+ * See the Mulan PSL v2 for more details.
+ *
+ * Author: luoqing <luoqing@kylinsec.com.cn>
+ */
+#pragma once
+#include "context/context.h"
+
+namespace Kiran
+{
+class AuthDevice;
+class UKeyFTContext : public Context
+{
+public:
+ explicit UKeyFTContext(QObject *parent = nullptr);
+ AuthDevice* createDevice(const QString& idVendor, const QString& idProduct) override;
+};
+
+} // namespace Kiran
diff --git a/src/device/auth-device.cpp b/src/device/auth-device.cpp
index 0b890ec..d906fd1 100644
--- a/src/device/auth-device.cpp
+++ b/src/device/auth-device.cpp
@@ -42,7 +42,7 @@ bool AuthDevice::init()
{
if (initDevice())
{
- m_dbusAdaptor = new AuthDeviceAdaptor(this);
+ m_dbusAdaptor = QSharedPointer<AuthDeviceAdaptor>(new AuthDeviceAdaptor(this));
m_deviceID = QUuid::createUuid().toString(QUuid::WithoutBraces);
m_deviceStatus = DEVICE_STATUS_IDLE;
registerDBusObject();
@@ -71,17 +71,17 @@ void AuthDevice::registerDBusObject()
void AuthDevice::initFutureWatcher()
{
- m_futureWatcher = new QFutureWatcher<QByteArray>(this);
- connect(m_futureWatcher, &QFutureWatcher<QByteArray>::finished, this, &AuthDevice::handleAcquiredFeature);
+ m_futureWatcher = QSharedPointer<QFutureWatcher<QByteArray>>(new QFutureWatcher<QByteArray>(this));
+ connect(m_futureWatcher.data(), &QFutureWatcher<QByteArray>::finished, this, &AuthDevice::handleAcquiredFeature);
connect(this, &AuthDevice::retry, this, &AuthDevice::handleRetry);
}
void AuthDevice::initServiceWatcher()
{
- m_serviceWatcher = new QDBusServiceWatcher(this);
+ m_serviceWatcher = QSharedPointer<QDBusServiceWatcher>(new QDBusServiceWatcher(this));
this->m_serviceWatcher->setConnection(QDBusConnection::systemBus());
this->m_serviceWatcher->setWatchMode(QDBusServiceWatcher::WatchForUnregistration);
- connect(m_serviceWatcher, &QDBusServiceWatcher::serviceUnregistered, this, &AuthDevice::onNameLost);
+ connect(m_serviceWatcher.data(), &QDBusServiceWatcher::serviceUnregistered, this, &AuthDevice::onNameLost);
}
void AuthDevice::onNameLost(const QString& serviceName)
@@ -110,6 +110,15 @@ void AuthDevice::clearWatchedServices()
}
}
+DeviceInfo AuthDevice::deviceInfo()
+{
+ DeviceInfo deviceInfo;
+ deviceInfo.idVendor = m_idVendor;
+ deviceInfo.idProduct = m_idProduct;
+ deviceInfo.busPath = "";
+ return deviceInfo;
+}
+
void AuthDevice::setDeviceType(DeviceType deviceType)
{
m_deviceType = deviceType;
@@ -153,8 +162,36 @@ void AuthDevice::onEnrollStart(const QDBusMessage& dbusMessage, const QString& e
KLOG_DEBUG() << message;
return;
}
+ QJsonValue ukeyValue = Utils::getValueFromJsonString(extraInfo, AUTH_DEVICE_JSON_KEY_UKEY);
+ if (ukeyValue.isNull())
+ {
+ onBioEnrollStart(dbusMessage);
+ }
+ else
+ {
+ onUKeyEnrollStart(dbusMessage, ukeyValue);
+ }
+}
- // 获取当前保存的指纹模板,判断是否达到最大指纹数目
+void AuthDevice::onEnrollStop(const QDBusMessage& dbusMessage)
+{
+ if (deviceStatus() == DEVICE_STATUS_DOING_ENROLL)
+ {
+ acquireFeatureStop();
+ m_enrollTemplates.clear();
+ setDeviceStatus(DEVICE_STATUS_IDLE);
+ clearWatchedServices();
+ KLOG_DEBUG() << "EnrollStop";
+ }
+
+ auto replyMessage = dbusMessage.createReply();
+ QDBusConnection::systemBus().send(replyMessage);
+}
+
+void AuthDevice::onBioEnrollStart(const QDBusMessage& dbusMessage)
+{
+ QString message;
+ // 获取当前保存的特征模板,判断是否达到最大数目
QByteArrayList saveList = FeatureDB::getInstance()->getFeatures(m_idVendor, m_idProduct);
if (saveList.count() == TEMPLATE_MAX_NUMBER)
{
@@ -163,32 +200,35 @@ void AuthDevice::onEnrollStart(const QDBusMessage& dbusMessage, const QString& e
KLOG_ERROR() << message;
return;
}
-
setDeviceStatus(DEVICE_STATUS_DOING_ENROLL);
- m_doEnroll = true;
-
auto future = QtConcurrent::run(this, &AuthDevice::acquireFeature);
m_futureWatcher->setFuture(future);
m_serviceWatcher->addWatchedService(dbusMessage.service());
-
auto replyMessage = dbusMessage.createReply();
QDBusConnection::systemBus().send(replyMessage);
}
-void AuthDevice::onEnrollStop(const QDBusMessage& dbusMessage)
+void AuthDevice::onUKeyEnrollStart(const QDBusMessage& dbusMessage, QJsonValue ukeyValue)
{
- if (deviceStatus() == DEVICE_STATUS_DOING_ENROLL)
+ QString message;
+ auto jsonObject = ukeyValue.toObject();
+ m_pin = jsonObject.value(AUTH_DEVICE_JSON_KEY_PIN).toString();
+ bool rebinding = jsonObject.value(AUTH_DEVICE_JSON_KEY_REBINDING).toBool();
+ if (m_pin.isEmpty())
{
- acquireFeatureStop();
- m_doEnroll = false;
- m_enrollTemplates.clear();
- setDeviceStatus(DEVICE_STATUS_IDLE);
- clearWatchedServices();
- KLOG_DEBUG() << "EnrollStop";
+ message = tr("The pin code cannot be empty!");
+ Q_EMIT m_dbusAdaptor->EnrollStatus("", 0, ENROLL_RESULT_FAIL, message);
+ KLOG_ERROR() << message;
+ return;
+ }
+ else
+ {
+ setDeviceStatus(DEVICE_STATUS_DOING_ENROLL);
+ doingUKeyEnrollStart(m_pin, rebinding);
+ m_serviceWatcher->addWatchedService(dbusMessage.service());
+ auto replyMessage = dbusMessage.createReply();
+ QDBusConnection::systemBus().send(replyMessage);
}
-
- auto replyMessage = dbusMessage.createReply();
- QDBusConnection::systemBus().send(replyMessage);
}
void AuthDevice::onIdentifyStart(const QDBusMessage& dbusMessage, const QString& value)
@@ -202,10 +242,7 @@ void AuthDevice::onIdentifyStart(const QDBusMessage& dbusMessage, const QString&
return;
}
- setDeviceStatus(DEVICE_STATUS_DOING_IDENTIFY);
- m_doIdentify = true;
-
- QJsonArray jsonArray = Utils::getValueFromJsonString(value, "feature_ids").toArray();
+ QJsonArray jsonArray = Utils::getValueFromJsonString(value, AUTH_DEVICE_JSON_KEY_FEATURE_IDS).toArray();
if (!jsonArray.isEmpty())
{
QVariantList varList = jsonArray.toVariantList();
@@ -214,12 +251,16 @@ void AuthDevice::onIdentifyStart(const QDBusMessage& dbusMessage, const QString&
m_identifyIDs << var.toString();
}
}
- auto future = QtConcurrent::run(this, &AuthDevice::acquireFeature);
- m_futureWatcher->setFuture(future);
- m_serviceWatcher->addWatchedService(dbusMessage.service());
- auto replyMessage = dbusMessage.createReply();
- QDBusConnection::systemBus().send(replyMessage);
+ QJsonValue ukeyValue = Utils::getValueFromJsonString(value, AUTH_DEVICE_JSON_KEY_UKEY);
+ if (ukeyValue.isUndefined())
+ {
+ onBioIdentifyStart(dbusMessage);
+ }
+ else
+ {
+ onUKeyIdentifyStart(dbusMessage, ukeyValue);
+ }
}
void AuthDevice::onIdentifyStop(const QDBusMessage& message)
@@ -227,7 +268,6 @@ void AuthDevice::onIdentifyStop(const QDBusMessage& message)
if (deviceStatus() == DEVICE_STATUS_DOING_IDENTIFY)
{
acquireFeatureStop();
- m_doIdentify = false;
m_identifyIDs.clear();
setDeviceStatus(DEVICE_STATUS_IDLE);
clearWatchedServices();
@@ -237,90 +277,49 @@ void AuthDevice::onIdentifyStop(const QDBusMessage& message)
QDBusConnection::systemBus().send(replyMessage);
}
-CHECK_AUTH_WITH_1ARGS(AuthDevice, EnrollStart, onEnrollStart, AUTH_USER_ADMIN, const QString&)
-CHECK_AUTH_WITH_1ARGS(AuthDevice, IdentifyStart, onIdentifyStart, AUTH_USER_ADMIN, const QString&)
-CHECK_AUTH(AuthDevice, EnrollStop, onEnrollStop, AUTH_USER_ADMIN)
-CHECK_AUTH(AuthDevice, IdentifyStop, onIdentifyStop, AUTH_USER_ADMIN)
-
-QStringList AuthDevice::GetFeatureIDList()
+void AuthDevice::onBioIdentifyStart(const QDBusMessage& dbusMessage)
{
- QStringList featureIDs = FeatureDB::getInstance()->getFeatureIDs(m_idVendor, m_idProduct);
- return featureIDs;
+ setDeviceStatus(DEVICE_STATUS_DOING_IDENTIFY);
+ auto future = QtConcurrent::run(this, &AuthDevice::acquireFeature);
+ m_futureWatcher->setFuture(future);
+
+ m_serviceWatcher->addWatchedService(dbusMessage.service());
+ auto replyMessage = dbusMessage.createReply();
+ QDBusConnection::systemBus().send(replyMessage);
}
-void AuthDevice::doingEnrollProcess(QByteArray feature)
+void AuthDevice::onUKeyIdentifyStart(const QDBusMessage& dbusMessage, QJsonValue ukeyValue)
{
- if (!m_doEnroll)
- {
- return;
- }
QString message;
- if (feature.isEmpty())
- {
- acquireFeatureFail();
- return;
- }
+ auto jsonObject = ukeyValue.toObject();
+ m_pin = jsonObject.value(AUTH_DEVICE_JSON_KEY_PIN).toString();
- int templatesCount = enrollTemplatesFromCache().count();
- if (templatesCount == 0)
+ if (m_pin.isEmpty())
{
- // 第一个指纹模板入录时,检查该指纹是否录入过
- QString featureID = isFeatureEnrolled(feature);
- if (featureID.isEmpty())
- {
- saveEnrollTemplateToCache(feature);
- enrollProcessRetry();
- }
- else
- {
- notifyEnrollProcess(ENROLL_PROCESS_REPEATED_ENROLL, featureID);
- internalStopEnroll();
- }
- }
- else if (templatesCount < needTemplatesCountForEnroll())
- {
- // 判断录入时是否录的是同一根手指
- int matchResult = templateMatch(m_enrollTemplates.value(0), feature);
- if (matchResult == GENERAL_RESULT_OK)
- {
- saveEnrollTemplateToCache(feature);
- }
- else
- {
- notifyEnrollProcess(ENROLL_PROCESS_INCONSISTENT_FEATURE);
- }
- enrollProcessRetry();
- }
- else if (enrollTemplatesFromCache().count() == needTemplatesCountForEnroll())
- {
- enrollTemplateMerge();
- }
-}
-
-void AuthDevice::doingIdentifyProcess(QByteArray feature)
-{
- if (!m_doIdentify)
- {
- KLOG_DEBUG() << "device busy";
- return;
- }
- if (feature.isEmpty())
- {
- acquireFeatureFail();
+ message = tr("The pin code cannot be empty!");
+ Q_EMIT m_dbusAdaptor->IdentifyStatus("", IDENTIFY_RESULT_NOT_MATCH, message);
+ KLOG_ERROR() << message;
return;
}
-
- QString featureID = identifyFeature(feature, m_identifyIDs);
- if (!featureID.isEmpty())
- {
- notifyIdentifyProcess(IDENTIFY_PROCESS_MACTCH,featureID);
- }
else
{
- notifyIdentifyProcess(IDENTIFY_PROCESS_NO_MATCH);
+ setDeviceStatus(DEVICE_STATUS_DOING_IDENTIFY);
+ doingUKeyIdentifyStart(m_pin);
+ m_serviceWatcher->addWatchedService(dbusMessage.service());
+ auto replyMessage = dbusMessage.createReply();
+ QDBusConnection::systemBus().send(replyMessage);
}
+}
+
+CHECK_AUTH_WITH_1ARGS(AuthDevice, EnrollStart, onEnrollStart, AUTH_USER_ADMIN, const QString&)
+CHECK_AUTH_WITH_1ARGS(AuthDevice, IdentifyStart, onIdentifyStart, AUTH_USER_ADMIN, const QString&)
+CHECK_AUTH(AuthDevice, EnrollStop, onEnrollStop, AUTH_USER_ADMIN)
+CHECK_AUTH(AuthDevice, IdentifyStop, onIdentifyStop, AUTH_USER_ADMIN)
- internalStopIdentify();
+QStringList AuthDevice::GetFeatureIDList()
+{
+ QStringList featureIDs = FeatureDB::getInstance()->getFeatureIDs(m_idVendor, m_idProduct);
+ return featureIDs;
}
void AuthDevice::internalStopEnroll()
@@ -328,7 +327,6 @@ void AuthDevice::internalStopEnroll()
if (deviceStatus() == DEVICE_STATUS_DOING_ENROLL)
{
acquireFeatureStop();
- m_doEnroll = false;
m_enrollTemplates.clear();
setDeviceStatus(DEVICE_STATUS_IDLE);
clearWatchedServices();
@@ -341,7 +339,6 @@ void AuthDevice::internalStopIdentify()
if (deviceStatus() == DEVICE_STATUS_DOING_IDENTIFY)
{
acquireFeatureStop();
- m_doIdentify = false;
m_identifyIDs.clear();
setDeviceStatus(DEVICE_STATUS_IDLE);
clearWatchedServices();
@@ -349,28 +346,15 @@ void AuthDevice::internalStopIdentify()
}
}
-void AuthDevice::enrollProcessRetry()
-{
- Q_EMIT this->retry();
-}
-
-void AuthDevice::saveEnrollTemplateToCache(QByteArray enrollTemplate)
+void AuthDevice::handleAcquiredFeature()
{
- if (!enrollTemplate.isEmpty())
+ QByteArray feature = m_futureWatcher->result();
+ if (feature.isEmpty())
{
- m_enrollTemplates << enrollTemplate;
- KLOG_DEBUG() << "enroll template:" << enrollTemplate;
- notifyEnrollProcess(ENROLL_PROCESS_PASS);
+ acquireFeatureFail();
+ return;
}
-}
-
-QByteArrayList AuthDevice::enrollTemplatesFromCache()
-{
- return m_enrollTemplates;
-}
-void AuthDevice::handleAcquiredFeature()
-{
switch (deviceStatus())
{
case DEVICE_STATUS_DOING_ENROLL:
diff --git a/src/device/auth-device.h b/src/device/auth-device.h
index 03997bc..0d9a9c8 100644
--- a/src/device/auth-device.h
+++ b/src/device/auth-device.h
@@ -14,7 +14,6 @@
#pragma once
-// #include "auth_device_adaptor.h"
#include <QDBusContext>
#include <QDBusObjectPath>
#include <QDBusServiceWatcher>
@@ -22,12 +21,13 @@
#include <QObject>
#include "auth-enum.h"
#include "kiran-auth-device-i.h"
+#include <QSharedPointer>
class AuthDeviceAdaptor;
namespace Kiran
{
-typedef void* Handle;
+typedef void *Handle;
class BDriver;
class AuthDevice : public QObject, protected QDBusContext
@@ -40,19 +40,21 @@ class AuthDevice : public QObject, protected QDBusContext
public:
explicit AuthDevice(QObject *parent = nullptr);
+
virtual ~AuthDevice();
bool init();
virtual bool initDevice() = 0;
virtual BDriver *getDriver() = 0;
- QDBusObjectPath getObjectPath() { return m_objectPath; };
+ QDBusObjectPath getObjectPath() { return m_objectPath; };
QString deviceID() { return m_deviceID; };
QString deviceDriver() { return m_deviceDriver; };
int deviceType() { return m_deviceType; };
int deviceStatus() { return m_deviceStatus; }
-
QString deviceName() { return m_deviceName; };
+ DeviceInfo deviceInfo();
+
void setDeviceType(DeviceType deviceType);
void setDeviceStatus(DeviceStatus deviceStatus);
void setDeviceName(const QString &deviceName);
@@ -71,24 +73,6 @@ protected:
virtual void acquireFeatureStop() = 0;
virtual void acquireFeatureFail() = 0;
- virtual void doingEnrollProcess(QByteArray feature);
- virtual void doingIdentifyProcess(QByteArray feature);
-
- virtual void enrollProcessFail(const QString &featureID){};
- virtual void enrollProcessRetry();
- virtual void enrollTemplateMerge() = 0;
-
- virtual QString isFeatureEnrolled(QByteArray fpTemplate) = 0;
- virtual QString identifyFeature(QByteArray feature, QStringList featureIDs) = 0;
- virtual int templateMatch(QByteArray fpTemplate1, QByteArray fpTemplate2) = 0;
-
- virtual void saveEnrollTemplateToCache(QByteArray enrollTemplate);
- QByteArrayList enrollTemplatesFromCache();
-
- virtual void notifyEnrollProcess(EnrollProcess process, const QString &featureID = QString()) = 0;
- virtual void notifyIdentifyProcess(IdentifyProcess process, const QString &featureID = QString()) = 0;
- virtual int needTemplatesCountForEnroll() = 0;
-
private Q_SLOTS:
void onNameLost(const QString &serviceName);
void handleAcquiredFeature();
@@ -96,8 +80,8 @@ private Q_SLOTS:
protected:
void clearWatchedServices();
- void internalStopEnroll();
- void internalStopIdentify();
+ virtual void internalStopEnroll();
+ virtual void internalStopIdentify();
private:
void registerDBusObject();
@@ -106,33 +90,42 @@ private:
void onEnrollStart(const QDBusMessage &message, const QString &extraInfo);
void onEnrollStop(const QDBusMessage &message);
+ void onBioEnrollStart(const QDBusMessage &dbusMessage);
+ void onUKeyEnrollStart(const QDBusMessage &dbusMessage, QJsonValue jsonValue);
+
void onIdentifyStart(const QDBusMessage &message, const QString &value);
void onIdentifyStop(const QDBusMessage &message);
+ void onBioIdentifyStart(const QDBusMessage &dbusMessage);
+ void onUKeyIdentifyStart(const QDBusMessage &dbusMessage, QJsonValue jsonValue);
+
+ virtual void doingEnrollProcess(QByteArray feature){};
+ virtual void doingIdentifyProcess(QByteArray feature){};
+
+ virtual void doingUKeyEnrollStart(const QString &pin, bool rebinding = false){};
+ virtual void doingUKeyIdentifyStart(const QString &pin){};
Q_SIGNALS:
void retry();
protected:
- QString m_deviceID;
QString m_deviceDriver;
+ QSharedPointer<AuthDeviceAdaptor> m_dbusAdaptor;
+ bool m_doAcquire = true;
+ QStringList m_identifyIDs;
+ QByteArrayList m_enrollTemplates;
+ QSharedPointer<QFutureWatcher<QByteArray>> m_futureWatcher;
+ QString m_pin;
+
+private:
+ QString m_deviceID;
int m_deviceType;
int m_deviceStatus;
QString m_deviceName;
QString m_idVendor;
QString m_idProduct;
QDBusObjectPath m_objectPath;
- QDBusServiceWatcher *m_serviceWatcher;
- AuthDeviceAdaptor *m_dbusAdaptor;
+ QSharedPointer<QDBusServiceWatcher> m_serviceWatcher;
- bool m_doAcquire = true;
- bool m_doIdentify = true;
- bool m_doEnroll = true;
- QStringList m_identifyIDs;
- QByteArrayList m_enrollTemplates;
-
- QFutureWatcher<QByteArray> *m_futureWatcher;
-
-private:
/**
* 用于注册com.kylinsec.Kiran.AuthDevice.Device服务时的编号
* 在生成AuthDevice对象注册dbus服务成功后数值加1
diff --git a/src/device/bio-device.cpp b/src/device/bio-device.cpp
new file mode 100644
index 0000000..7342928
--- /dev/null
+++ b/src/device/bio-device.cpp
@@ -0,0 +1,104 @@
+/**
+ * Copyright (c) 2020 ~ 2021 KylinSec Co., Ltd.
+ * kiran-biometrics is licensed under Mulan PSL v2.
+ * You can use this software according to the terms and conditions of the Mulan PSL v2.
+ * You may obtain a copy of Mulan PSL v2 at:
+ * http://license.coscl.org.cn/MulanPSL2
+ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
+ * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
+ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
+ * See the Mulan PSL v2 for more details.
+ *
+ * Author: luoqing <luoqing@kylinsec.com.cn>
+ */
+
+#include "bio-device.h"
+#include <qt5-log-i.h>
+namespace Kiran
+{
+BioDevice::BioDevice(QObject *parent) : AuthDevice{parent}
+{
+}
+
+BioDevice::~BioDevice()
+{
+}
+
+void BioDevice::doingEnrollProcess(QByteArray feature)
+{
+ int templatesCount = enrollTemplatesFromCache().count();
+ if (templatesCount == 0)
+ {
+ // 第一个指纹模板入录时,检查该指纹是否录入过
+ QString featureID = isFeatureEnrolled(feature);
+ if (featureID.isEmpty())
+ {
+ saveEnrollTemplateToCache(feature);
+ enrollProcessRetry();
+ }
+ else
+ {
+ notifyEnrollProcess(ENROLL_PROCESS_REPEATED_ENROLL, featureID);
+ internalStopEnroll();
+ }
+ }
+ else if (templatesCount < mergeTemplateCount())
+ {
+ // 判断录入时是否录的是同一根手指
+ int matchResult = templateMatch(m_enrollTemplates.value(0), feature);
+ if (matchResult == GENERAL_RESULT_OK)
+ {
+ saveEnrollTemplateToCache(feature);
+ }
+ else
+ {
+ notifyEnrollProcess(ENROLL_PROCESS_INCONSISTENT_FEATURE);
+ }
+ enrollProcessRetry();
+ }
+ else if (enrollTemplatesFromCache().count() == mergeTemplateCount())
+ {
+ enrollTemplateMerge();
+ }
+}
+
+void BioDevice::doingIdentifyProcess(QByteArray feature)
+{
+ QString featureID = identifyFeature(feature, m_identifyIDs);
+ if (!featureID.isEmpty())
+ {
+ notifyIdentifyProcess(IDENTIFY_PROCESS_MACTCH, featureID);
+ }
+ else
+ {
+ notifyIdentifyProcess(IDENTIFY_PROCESS_NO_MATCH);
+ }
+
+ internalStopIdentify();
+}
+QByteArrayList BioDevice::enrollTemplatesFromCache()
+{
+ return m_enrollTemplates;
+}
+
+void BioDevice::saveEnrollTemplateToCache(QByteArray enrollTemplate)
+{
+ if (!enrollTemplate.isEmpty())
+ {
+ m_enrollTemplates << enrollTemplate;
+ KLOG_DEBUG() << "enroll template:" << enrollTemplate;
+ notifyEnrollProcess(ENROLL_PROCESS_PASS);
+ }
+}
+
+void BioDevice::enrollProcessRetry()
+{
+ Q_EMIT this->retry();
+}
+
+QString BioDevice::isFeatureEnrolled(QByteArray fpTemplate)
+{
+ return identifyFeature(fpTemplate, QStringList());
+}
+
+} // namespace Kiran
\ No newline at end of file
diff --git a/src/device/bio-device.h b/src/device/bio-device.h
new file mode 100644
index 0000000..c55aa84
--- /dev/null
+++ b/src/device/bio-device.h
@@ -0,0 +1,47 @@
+/**
+ * Copyright (c) 2020 ~ 2021 KylinSec Co., Ltd.
+ * kiran-biometrics is licensed under Mulan PSL v2.
+ * You can use this software according to the terms and conditions of the Mulan PSL v2.
+ * You may obtain a copy of Mulan PSL v2 at:
+ * http://license.coscl.org.cn/MulanPSL2
+ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
+ * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
+ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
+ * See the Mulan PSL v2 for more details.
+ *
+ * Author: luoqing <luoqing@kylinsec.com.cn>
+ */
+#pragma once
+#include "auth-device.h"
+
+namespace Kiran
+{
+class BioDevice : public AuthDevice
+{
+ Q_OBJECT
+public:
+ explicit BioDevice(QObject *parent = nullptr);
+ ~BioDevice();
+
+protected:
+ void doingEnrollProcess(QByteArray feature) override;
+ void doingIdentifyProcess(QByteArray feature) override;
+
+ virtual void enrollProcessRetry();
+
+ virtual void enrollTemplateMerge() = 0;
+ virtual int templateMatch(QByteArray fpTemplate1, QByteArray fpTemplate2) = 0;
+ virtual QString identifyFeature(QByteArray feature, QStringList featureIDs) = 0;
+
+ virtual int mergeTemplateCount() = 0;
+ virtual void notifyEnrollProcess(EnrollProcess process, const QString &featureID = QString()) = 0;
+ virtual void notifyIdentifyProcess(IdentifyProcess process, const QString &featureID = QString()) = 0;
+
+ QByteArrayList enrollTemplatesFromCache();
+ virtual void saveEnrollTemplateToCache(QByteArray enrollTemplate);
+
+private:
+ virtual QString isFeatureEnrolled(QByteArray fpTemplate);
+};
+
+} // namespace Kiran
diff --git a/src/device/finger-vein/fv-sd-device.cpp b/src/device/finger-vein/fv-sd-device.cpp
index 43faad7..5ae6605 100644
--- a/src/device/finger-vein/fv-sd-device.cpp
+++ b/src/device/finger-vein/fv-sd-device.cpp
@@ -111,7 +111,7 @@ struct DriverLib
TGSetDevLedFunc TGSetDevLed;
};
-FVSDDevice::FVSDDevice(QObject *parent) : AuthDevice{parent},
+FVSDDevice::FVSDDevice(QObject *parent) : BioDevice{parent},
m_driverLib(nullptr),
m_libProcessHandle(nullptr),
m_libComHandle(nullptr)
@@ -125,17 +125,10 @@ FVSDDevice::~FVSDDevice()
if (!deviceID().isEmpty())
{
acquireFeatureStop();
- m_futureWatcher->deleteLater();
KLOG_DEBUG() << "TGGetDevStatus():" << m_driverLib->TGGetDevStatus();
m_driverLib->TGCloseDev();
}
- if (m_driverLib)
- {
- delete m_driverLib;
- m_driverLib = nullptr;
- }
-
if (m_libComHandle)
{
dlclose(m_libComHandle);
@@ -166,7 +159,7 @@ bool FVSDDevice::loadLib()
return false;
}
- m_driverLib = new DriverLib;
+ m_driverLib = QSharedPointer<DriverLib>(new DriverLib);
m_driverLib->TGInitFVProcess = (TGInitFVProcessFunc)dlsym(m_libProcessHandle, "TGInitFVProcess");
m_driverLib->TGImgExtractFeatureVerify = (TGImgExtractFeatureVerifyFunc)dlsym(m_libProcessHandle, "TGImgExtractFeatureVerify");
m_driverLib->TGFeaturesFusionTmpl = (TGFeaturesFusionTmplFunc)dlsym(m_libProcessHandle, "TGFeaturesFusionTmpl");
@@ -221,11 +214,11 @@ bool FVSDDevice::initDevice()
}
KLOG_DEBUG() << "Device opened successfully:" << ret;
- ret = m_driverLib->TGGetDevFW(fw);
+ m_driverLib->TGGetDevFW(fw);
KLOG_DEBUG() << "Get firmware version:" << fw;
- ret = m_driverLib->TGGetDevSN(sn);
+ m_driverLib->TGGetDevSN(sn);
KLOG_DEBUG() << "Obtain device SN number:" << sn;
- ret = m_driverLib->TGPlayDevVoice(VOICE_VOLUME1);
+ m_driverLib->TGPlayDevVoice(VOICE_VOLUME1);
return true;
}
@@ -291,7 +284,7 @@ QByteArray FVSDDevice::acquireFeature()
void FVSDDevice::acquireFeatureStop()
{
m_driverLib->TGCancelGetImage();
- if (m_futureWatcher != nullptr)
+ if (m_futureWatcher.data() != nullptr)
{
m_futureWatcher->waitForFinished();
}
@@ -357,9 +350,7 @@ void FVSDDevice::enrollTemplateMerge()
{
QString id = QCryptographicHash::hash(mergedTemplate, QCryptographicHash::Md5).toHex();
- DeviceInfo deviceInfo;
- deviceInfo.idVendor = m_idVendor;
- deviceInfo.idProduct = m_idProduct;
+ DeviceInfo deviceInfo = this->deviceInfo();
bool save = FeatureDB::getInstance()->addFeature(id, mergedTemplate, deviceInfo);
if (save)
{
@@ -396,9 +387,10 @@ QString FVSDDevice::identifyFeature(QByteArray feature, QStringList featureIDs)
{
QList<QByteArray> saveList;
QString featureID;
+ DeviceInfo deviceInfo = this->deviceInfo();
if (featureIDs.isEmpty())
{
- saveList = FeatureDB::getInstance()->getFeatures(m_idVendor, m_idProduct);
+ saveList = FeatureDB::getInstance()->getFeatures(deviceInfo.idVendor, deviceInfo.idProduct);
}
else
{
@@ -481,7 +473,7 @@ BDriver *FVSDDevice::getDriver()
return nullptr;
}
-int FVSDDevice::needTemplatesCountForEnroll()
+int FVSDDevice::mergeTemplateCount()
{
return TEMPLATE_FV_NUM;
}
diff --git a/src/device/finger-vein/fv-sd-device.h b/src/device/finger-vein/fv-sd-device.h
index d1fa8c7..09b372b 100644
--- a/src/device/finger-vein/fv-sd-device.h
+++ b/src/device/finger-vein/fv-sd-device.h
@@ -14,7 +14,8 @@
#pragma once
#include <QFutureWatcher>
-#include "device/auth-device.h"
+#include "device/bio-device.h"
+#include <QSharedPointer>
namespace Kiran
{
@@ -25,7 +26,7 @@ enum ExtractFeatureMode
};
struct DriverLib;
-class FVSDDevice : public AuthDevice
+class FVSDDevice : public BioDevice
{
Q_OBJECT
public:
@@ -53,13 +54,14 @@ private:
QByteArray getFeatureFromImage(QByteArray image, ExtractFeatureMode mode);
- int needTemplatesCountForEnroll() override;
+ int mergeTemplateCount() override;
int templateMatch(QByteArray fpTemplate1, QByteArray fpTemplate2) override;
void notifyEnrollProcess(EnrollProcess process, const QString &featureID = QString()) override;
void notifyIdentifyProcess(IdentifyProcess process, const QString &featureID = QString()) override;
private:
- DriverLib *m_driverLib;
+ QSharedPointer<DriverLib> m_driverLib;
+
Handle m_libProcessHandle;
Handle m_libComHandle;
};
diff --git a/src/device/fingerprint/fp-device.cpp b/src/device/fingerprint/fp-device.cpp
index d610844..cddaadd 100644
--- a/src/device/fingerprint/fp-device.cpp
+++ b/src/device/fingerprint/fp-device.cpp
@@ -17,7 +17,7 @@
namespace Kiran
{
FPDevice::FPDevice(QObject *parent)
- : AuthDevice{parent}
+ : BioDevice{parent}
{
}
diff --git a/src/device/fingerprint/fp-device.h b/src/device/fingerprint/fp-device.h
index abbbcd1..7a792ba 100644
--- a/src/device/fingerprint/fp-device.h
+++ b/src/device/fingerprint/fp-device.h
@@ -13,11 +13,11 @@
*/
#pragma once
-#include "device/auth-device.h"
+#include "device/bio-device.h"
namespace Kiran
{
-class FPDevice : public AuthDevice
+class FPDevice : public BioDevice
{
public:
explicit FPDevice(QObject *parent = nullptr);
diff --git a/src/device/fingerprint/fp-zk-device.cpp b/src/device/fingerprint/fp-zk-device.cpp
index 1862446..8236787 100644
--- a/src/device/fingerprint/fp-zk-device.cpp
+++ b/src/device/fingerprint/fp-zk-device.cpp
@@ -140,18 +140,15 @@ FPZKDevice::FPZKDevice(QObject* parent)
FPZKDevice::~FPZKDevice()
{
acquireFeatureStop();
- m_futureWatcher->deleteLater();
if (m_hDBCache)
{
m_driverLib->ZKFPM_DBFree(m_hDBCache);
m_hDBCache = NULL;
}
- if (m_driverLib)
+ if (m_driverLib.data())
{
m_driverLib->ZKFPM_Terminate(); // 释放资源
- delete m_driverLib;
- m_driverLib = nullptr;
}
if (m_libHandle)
@@ -193,7 +190,7 @@ bool FPZKDevice::loadLib()
return false;
}
- m_driverLib = new DriverLib;
+ m_driverLib = QSharedPointer<DriverLib>(new DriverLib);
m_driverLib->ZKFPM_Init = (T_ZKFPM_Init)dlsym(m_libHandle, "ZKFPM_Init");
if (NULL == m_driverLib->ZKFPM_Init)
{
@@ -323,7 +320,7 @@ QByteArray FPZKDevice::acquireFeature()
void FPZKDevice::acquireFeatureStop()
{
m_doAcquire = false;
- if (m_futureWatcher != nullptr)
+ if (m_futureWatcher.data() != nullptr)
{
m_futureWatcher->waitForFinished();
}
@@ -374,18 +371,15 @@ int FPZKDevice::templateMatch(QByteArray fpTemplate1, QByteArray fpTemplate2)
return score > 0 ? GENERAL_RESULT_OK : GENERAL_RESULT_FAIL;
}
-QString FPZKDevice::isFeatureEnrolled(QByteArray fpTemplate)
-{
- return identifyFeature(fpTemplate, QStringList());
-}
QString FPZKDevice::identifyFeature(QByteArray fpTemplate, QStringList featureIDs)
{
QList<QByteArray> saveList;
QString featureID;
+ DeviceInfo info = this->deviceInfo();
if (featureIDs.isEmpty())
{
- saveList = FeatureDB::getInstance()->getFeatures(m_idVendor, m_idProduct);
+ saveList = FeatureDB::getInstance()->getFeatures(info.idVendor, info.idProduct);
}
else
{
@@ -416,9 +410,7 @@ QString FPZKDevice::identifyFeature(QByteArray fpTemplate, QStringList featureID
bool FPZKDevice::saveFPrintTemplate(QByteArray fpTemplate, const QString& featureID)
{
- DeviceInfo deviceInfo;
- deviceInfo.idVendor = m_idVendor;
- deviceInfo.idProduct = m_idProduct;
+ DeviceInfo deviceInfo = this->deviceInfo();
bool save = FeatureDB::getInstance()->addFeature(featureID, fpTemplate, deviceInfo);
return save;
}
@@ -469,7 +461,7 @@ void FPZKDevice::enrollTemplateMerge()
internalStopEnroll();
}
-int FPZKDevice::needTemplatesCountForEnroll()
+int FPZKDevice::mergeTemplateCount()
{
return FP_ZK_MEGER_TEMPLATE_COUNT;
}
diff --git a/src/device/fingerprint/fp-zk-device.h b/src/device/fingerprint/fp-zk-device.h
index 30e4e93..3379e2e 100644
--- a/src/device/fingerprint/fp-zk-device.h
+++ b/src/device/fingerprint/fp-zk-device.h
@@ -14,6 +14,7 @@
#pragma once
#include <QFutureWatcher>
+#include <QSharedPointer>
#include "auth-enum.h"
#include "fp-device.h"
@@ -39,8 +40,8 @@ private:
void acquireFeatureStop() override;
void acquireFeatureFail() override;
void enrollTemplateMerge() override;
- int needTemplatesCountForEnroll() override;
- QString isFeatureEnrolled(QByteArray fpTemplate) override;
+ int mergeTemplateCount() override;
+
void notifyEnrollProcess(EnrollProcess process, const QString& featureID = QString()) override;
void notifyIdentifyProcess(IdentifyProcess process, const QString& featureID = QString()) override;
@@ -63,6 +64,6 @@ private:
private:
Handle m_libHandle;
Handle m_hDBCache;
- DriverLib* m_driverLib;
+ QSharedPointer<DriverLib> m_driverLib;
};
} // namespace Kiran
diff --git a/src/device/ukey/ukey-ft-device.cpp b/src/device/ukey/ukey-ft-device.cpp
new file mode 100644
index 0000000..38017c6
--- /dev/null
+++ b/src/device/ukey/ukey-ft-device.cpp
@@ -0,0 +1,400 @@
+/**
+ * Copyright (c) 2020 ~ 2021 KylinSec Co., Ltd.
+ * kiran-biometrics is licensed under Mulan PSL v2.
+ * You can use this software according to the terms and conditions of the Mulan PSL v2.
+ * You may obtain a copy of Mulan PSL v2 at:
+ * http://license.coscl.org.cn/MulanPSL2
+ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
+ * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
+ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
+ * See the Mulan PSL v2 for more details.
+ *
+ * Author: luoqing <luoqing@kylinsec.com.cn>
+ */
+
+#include "ukey-ft-device.h"
+#include <dlfcn.h>
+#include <qt5-log-i.h>
+#include <QCryptographicHash>
+#include "auth-enum.h"
+#include "auth_device_adaptor.h"
+#include "feature-db.h"
+
+namespace Kiran
+{
+#define FT_UKEY_DRIVER_LIB "libes_3000gm.so"
+#define UKEY_APP_NAME "KIRAN-AUTHENTICATION-DEVICES"
+#define UKEY_CONTAINER_NAME "1003-3001"
+
+UKeyFTDevice::UKeyFTDevice(QObject *parent) : AuthDevice{parent},
+ m_libHandle(nullptr),
+ m_appHandle(nullptr),
+ m_devHandle(nullptr),
+ m_containerHandle(nullptr)
+{
+ setDeviceType(DEVICE_TYPE_UKey);
+ setDeviceDriver(FT_UKEY_DRIVER_LIB);
+}
+
+UKeyFTDevice::~UKeyFTDevice()
+{
+ m_driver->closeContainer(m_containerHandle);
+ m_driver->closeApplication(m_appHandle);
+ m_driver->disConnectDev(m_devHandle);
+ m_containerHandle = nullptr;
+ m_appHandle = nullptr;
+ m_devHandle = nullptr;
+}
+
+bool UKeyFTDevice::initDevice()
+{
+ m_driver = QSharedPointer<UKeySKFDriver>(new UKeySKFDriver());
+ if (!m_driver->loadLibrary(FT_UKEY_DRIVER_LIB))
+ {
+ return false;
+ }
+ m_devHandle = m_driver->connectDev();
+ if (!m_devHandle)
+ {
+ KLOG_DEBUG() << "";
+ return false;
+ }
+
+ return true;
+}
+
+BDriver *UKeyFTDevice::getDriver()
+{
+ return nullptr;
+}
+
+void UKeyFTDevice::doingUKeyEnrollStart(const QString &pin, bool rebinding)
+{
+ if (rebinding)
+ {
+ ULONG ulReval = m_driver->devAuth(m_devHandle);
+ if (ulReval == SAR_OK)
+ {
+ m_driver->deleteAllApplication(m_devHandle);
+ DeviceInfo deviceInfo = this->deviceInfo();
+ QStringList idList = FeatureDB::getInstance()->getFeatureIDs(deviceInfo.idVendor, deviceInfo.idProduct);
+ Q_FOREACH (auto id, idList)
+ {
+ FeatureDB::getInstance()->deleteFeature(id);
+ }
+ bindingCurrentUser();
+ }
+ else
+ {
+ KLOG_ERROR() << "rebinding failed";
+ }
+ }
+ else
+ {
+ bindingCurrentUser();
+ }
+ internalStopEnroll();
+}
+
+void UKeyFTDevice::bindingCurrentUser()
+{
+ if (isExistPublicKey())
+ {
+ notifyUKeyEnrollProcess(ENROLL_PROCESS_REPEATED_ENROLL);
+ return;
+ }
+
+ ECCPUBLICKEYBLOB publicKey = genKeyPair();
+ if (publicKey.BitLen != 0)
+ {
+ /**
+ * 存入PublicKey,生成FID并返回FIDFID标识PublicKey
+ * 不用保存PublicKey和systemUser的关系,目前只有一个用户
+ */
+ QByteArray keyFeature;
+ QByteArray xCoordinateArray((char *)publicKey.XCoordinate, 64);
+ QByteArray yCoordinateArray((char *)publicKey.YCoordinate, 64);
+ keyFeature.append(publicKey.BitLen);
+ keyFeature.append(xCoordinateArray);
+ keyFeature.append(yCoordinateArray);
+ KLOG_DEBUG() << "keyFeature:" << keyFeature;
+
+ QString featureID = QCryptographicHash::hash(keyFeature, QCryptographicHash::Md5).toHex();
+ DeviceInfo deviceInfo = this->deviceInfo();
+
+ if (FeatureDB::getInstance()->addFeature(featureID, keyFeature, deviceInfo))
+ {
+ notifyUKeyEnrollProcess(ENROLL_PROCESS_SUCCESS, SAR_OK, featureID);
+ }
+ else
+ {
+ KLOG_DEBUG() << "save feature fail";
+ notifyUKeyEnrollProcess(ENROLL_PROCESS_SAVE_FAIL);
+ }
+ }
+ else
+ {
+ notifyUKeyEnrollProcess(ENROLL_PROCESS_SAVE_FAIL);
+ }
+}
+
+bool UKeyFTDevice::isExistPublicKey()
+{
+ DeviceInfo deviceInfo = this->deviceInfo();
+ auto features = FeatureDB::getInstance()->getFeatures(deviceInfo.idVendor, deviceInfo.idProduct);
+ if (features.count() != 0)
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+}
+
+ECCPUBLICKEYBLOB UKeyFTDevice::genKeyPair()
+{
+ ECCPUBLICKEYBLOB publicKey = {0};
+ if (!isExistsApplication(UKEY_APP_NAME))
+ {
+ // NOTE:必须通过设备认证后才能在设备内创建和删除应用
+ ULONG ulReval = m_driver->devAuth(m_devHandle);
+ if (ulReval != SAR_OK)
+ {
+ KLOG_ERROR() << "Device auth failure: " << m_driver->getErrorReason(ulReval);
+ return publicKey;
+ }
+ else
+ {
+ KLOG_DEBUG() << "device auth success";
+ }
+ m_driver->deleteAllApplication(m_devHandle);
+ KLOG_DEBUG() << "m_devHandle:" << m_devHandle;
+ KLOG_DEBUG() << "m_pin:" << m_pin;
+ m_appHandle = m_driver->createApplication(m_devHandle, m_pin, UKEY_APP_NAME);
+ m_containerHandle = m_driver->createContainer(m_appHandle, m_pin, UKEY_CONTAINER_NAME, &m_retryCount);
+ if (!m_appHandle || !m_containerHandle)
+ {
+ return publicKey;
+ }
+ }
+
+ m_appHandle = m_driver->onOpenApplication(m_devHandle, (LPSTR)UKEY_APP_NAME);
+ m_containerHandle = m_driver->onOpenContainer(m_appHandle, m_pin, UKEY_CONTAINER_NAME, &m_retryCount);
+ if (!m_appHandle || !m_containerHandle)
+ {
+ return publicKey;
+ }
+
+ ULONG ret = m_driver->genECCKeyPair(m_containerHandle, &publicKey);
+ if (ret == SAR_OK)
+ {
+ KLOG_DEBUG() << "gen ecc key pair success";
+ }
+ else
+ {
+ KLOG_ERROR() << "gen ecc key pair failed:" << m_driver->getErrorReason(ret);
+ }
+
+ return publicKey;
+}
+
+bool UKeyFTDevice::isExistsApplication(const QString &appName)
+{
+ QString appNames = m_driver->enumApplication(m_devHandle);
+ KLOG_DEBUG() << "enum app names:" << appNames;
+ if (appNames.contains(appName))
+ {
+ return true;
+ }
+ return false;
+}
+
+void UKeyFTDevice::doingUKeyIdentifyStart(const QString &pin)
+{
+ QList<QByteArray> saveList;
+ DeviceInfo deviceInfo = this->deviceInfo();
+ if (m_identifyIDs.isEmpty())
+ {
+ saveList = FeatureDB::getInstance()->getFeatures(deviceInfo.idVendor, deviceInfo.idProduct);
+ }
+ else
+ {
+ Q_FOREACH (auto id, m_identifyIDs)
+ {
+ QByteArray feature = FeatureDB::getInstance()->getFeature(id);
+ if (!feature.isEmpty())
+ saveList << feature;
+ }
+ }
+
+ if (saveList.count() != 0)
+ {
+ for (int j = 0; j < saveList.count(); j++)
+ {
+ auto saveTemplate = saveList.value(j);
+ identifyKeyFeature(saveTemplate);
+ }
+ }
+ else
+ {
+ KLOG_DEBUG() << "no found feature id";
+ }
+
+ internalStopIdentify();
+}
+
+void UKeyFTDevice::internalStopEnroll()
+{
+ if (deviceStatus() == DEVICE_STATUS_DOING_ENROLL)
+ {
+ m_driver->closeContainer(m_containerHandle);
+ m_driver->closeApplication(m_appHandle);
+ acquireFeatureStop();
+ m_enrollTemplates.clear();
+ setDeviceStatus(DEVICE_STATUS_IDLE);
+ clearWatchedServices();
+ KLOG_DEBUG() << "stop Enroll";
+ }
+}
+
+void UKeyFTDevice::internalStopIdentify()
+{
+ if (deviceStatus() == DEVICE_STATUS_DOING_IDENTIFY)
+ {
+ m_driver->closeContainer(m_containerHandle);
+ m_driver->closeApplication(m_appHandle);
+ acquireFeatureStop();
+ m_identifyIDs.clear();
+ setDeviceStatus(DEVICE_STATUS_IDLE);
+ clearWatchedServices();
+ KLOG_DEBUG() << "stopIdentify";
+ }
+}
+
+void UKeyFTDevice::identifyKeyFeature(QByteArray keyFeature)
+{
+ m_appHandle = m_driver->onOpenApplication(m_devHandle, (LPSTR)UKEY_APP_NAME);
+ if (m_appHandle == nullptr)
+ {
+ notifyUKeyIdentifyProcess(IDENTIFY_PROCESS_NO_MATCH);
+ return;
+ }
+
+ m_containerHandle = m_driver->onOpenContainer(m_appHandle, m_pin, UKEY_CONTAINER_NAME, &m_retryCount);
+ if (m_containerHandle == nullptr)
+ {
+ notifyUKeyIdentifyProcess(IDENTIFY_PROCESS_NO_MATCH);
+ return;
+ }
+
+ ECCSIGNATUREBLOB Signature = {0};
+ ULONG ret = m_driver->authSignData(m_containerHandle, m_devHandle, Signature);
+ if (ret != SAR_OK)
+ {
+ KLOG_DEBUG() << "auth sign data failed:" << m_driver->getErrorReason(ret);
+ notifyUKeyIdentifyProcess(IDENTIFY_PROCESS_NO_MATCH, ret);
+ return;
+ }
+
+ ECCPUBLICKEYBLOB eccPubKey;
+ eccPubKey.BitLen = keyFeature.left(1).at(0);
+ auto xCoordinateArray = keyFeature.mid(1, sizeof(eccPubKey.XCoordinate));
+ auto yCoordinateArray = keyFeature.mid(sizeof(eccPubKey.XCoordinate) + 1);
+
+ memcpy(eccPubKey.XCoordinate, (unsigned char *)xCoordinateArray.data(), ECC_MAX_XCOORDINATE_BITS_LEN / 8);
+ memcpy(eccPubKey.YCoordinate, (unsigned char *)yCoordinateArray.data(), ECC_MAX_YCOORDINATE_BITS_LEN / 8);
+
+ ret = m_driver->verifyData(m_devHandle, Signature, eccPubKey);
+ if (ret != SAR_OK)
+ {
+ KLOG_DEBUG() << "verify data failed:" << m_driver->getErrorReason(ret);
+ notifyUKeyIdentifyProcess(IDENTIFY_PROCESS_NO_MATCH, ret);
+ }
+ else
+ {
+ notifyUKeyIdentifyProcess(IDENTIFY_PROCESS_MACTCH);
+ }
+}
+
+QByteArray UKeyFTDevice::acquireFeature()
+{
+ return QByteArray();
+}
+
+void UKeyFTDevice::acquireFeatureStop()
+{
+}
+void UKeyFTDevice::acquireFeatureFail()
+{
+}
+
+void UKeyFTDevice::notifyUKeyEnrollProcess(EnrollProcess process, ULONG error, const QString &featureID)
+{
+ QString message;
+ switch (process)
+ {
+ case ENROLL_PROCESS_SUCCESS:
+ message = tr("Successed binding user");
+ Q_EMIT m_dbusAdaptor->EnrollStatus(featureID, 100, ENROLL_RESULT_COMPLETE, message);
+ break;
+ case ENROLL_PROCESS_SAVE_FAIL:
+ message = tr("Binding user failed");
+ Q_EMIT m_dbusAdaptor->EnrollStatus("", 0, ENROLL_RESULT_FAIL, message);
+ break;
+ case ENROLL_PROCESS_REPEATED_ENROLL:
+ message = tr("UKey has been bound");
+ Q_EMIT m_dbusAdaptor->EnrollStatus("", 0, ENROLL_RESULT_UKEY_EXIST_BINDING, message);
+ default:
+ break;
+ }
+ if (!message.isEmpty())
+ {
+ if (!featureID.isEmpty())
+ {
+ KLOG_DEBUG() << QString("%1, feature id:%2").arg(message).arg(featureID);
+ }
+ else
+ {
+ KLOG_DEBUG() << message;
+ }
+ }
+}
+
+void UKeyFTDevice::notifyUKeyIdentifyProcess(IdentifyProcess process, ULONG error, const QString &featureID)
+{
+ QString message, reason;
+ if (error != SAR_OK)
+ {
+ reason = m_driver->getErrorReason(error);
+ KLOG_DEBUG() << "fail reason:" << reason;
+ }
+
+ KLOG_DEBUG() << "m_retryCount:" << m_retryCount;
+ switch (process)
+ {
+ case IDENTIFY_PROCESS_NO_MATCH:
+ message = tr("identify fail!");
+ // 目前只需要返回有关pin码的错误信息
+ if (reason.contains("pin"))
+ {
+ message.append(reason);
+ }
+ message.append(QString(",remaining retry count: %1").arg(m_retryCount));
+ Q_EMIT m_dbusAdaptor->IdentifyStatus("", IDENTIFY_RESULT_NOT_MATCH, message);
+ break;
+ case IDENTIFY_PROCESS_MACTCH:
+ message = tr("identify ukey success");
+ Q_EMIT m_dbusAdaptor->IdentifyStatus(featureID, IDENTIFY_RESULT_MATCH, message);
+ break;
+ default:
+ break;
+ }
+
+ if (!message.isEmpty())
+ {
+ KLOG_DEBUG() << QString("%1, feature id:%2").arg(message).arg(featureID);
+ }
+}
+
+} // namespace Kiran
diff --git a/src/device/ukey/ukey-ft-device.h b/src/device/ukey/ukey-ft-device.h
new file mode 100644
index 0000000..901393b
--- /dev/null
+++ b/src/device/ukey/ukey-ft-device.h
@@ -0,0 +1,68 @@
+/**
+ * Copyright (c) 2020 ~ 2021 KylinSec Co., Ltd.
+ * kiran-biometrics is licensed under Mulan PSL v2.
+ * You can use this software according to the terms and conditions of the Mulan PSL v2.
+ * You may obtain a copy of Mulan PSL v2 at:
+ * http://license.coscl.org.cn/MulanPSL2
+ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
+ * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
+ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
+ * See the Mulan PSL v2 for more details.
+ *
+ * Author: luoqing <luoqing@kylinsec.com.cn>
+ */
+
+#pragma once
+#include <stdint.h>
+#include "device/auth-device.h"
+#include "driver/ukey/ukey-skf-driver.h"
+#include "ukey-skf.h"
+#include <QSharedPointer>
+
+namespace Kiran
+{
+struct DriverLib;
+
+class UKeyFTDevice : public AuthDevice
+{
+ Q_OBJECT
+public:
+ explicit UKeyFTDevice(QObject *parent = nullptr);
+ ~UKeyFTDevice();
+
+ bool initDevice() override;
+ BDriver *getDriver() override;
+
+private:
+ void doingUKeyEnrollStart(const QString &pin, bool rebinding = false) override;
+ void doingUKeyIdentifyStart(const QString &pin) override;
+
+ void internalStopEnroll() override;
+ void internalStopIdentify() override;
+
+ void identifyKeyFeature(QByteArray keyFeature);
+
+ bool isExistPublicKey();
+ void bindingCurrentUser();
+ ECCPUBLICKEYBLOB genKeyPair();
+
+ bool isExistsApplication(const QString &appName);
+
+ void notifyUKeyEnrollProcess(EnrollProcess process, ULONG error = SAR_OK, const QString &featureID = QString());
+ void notifyUKeyIdentifyProcess(IdentifyProcess process, ULONG error = SAR_OK, const QString &featureID = QString());
+
+ QByteArray acquireFeature() override;
+ void acquireFeatureStop() override;
+ void acquireFeatureFail() override;
+
+private:
+ Handle m_libHandle;
+ DEVHANDLE m_devHandle;
+ HAPPLICATION m_appHandle;
+ HCONTAINER m_containerHandle;
+ ULONG m_retryCount = 1000000;
+
+ QSharedPointer<UKeySKFDriver> m_driver;
+};
+
+} // namespace Kiran
diff --git a/src/driver/ukey/ukey-skf-driver.cpp b/src/driver/ukey/ukey-skf-driver.cpp
new file mode 100644
index 0000000..b81bda4
--- /dev/null
+++ b/src/driver/ukey/ukey-skf-driver.cpp
@@ -0,0 +1,516 @@
+/**
+ * Copyright (c) 2020 ~ 2021 KylinSec Co., Ltd.
+ * kiran-biometrics is licensed under Mulan PSL v2.
+ * You can use this software according to the terms and conditions of the Mulan PSL v2.
+ * You may obtain a copy of Mulan PSL v2 at:
+ * http://license.coscl.org.cn/MulanPSL2
+ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
+ * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
+ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
+ * See the Mulan PSL v2 for more details.
+ *
+ * Author: luoqing <luoqing@kylinsec.com.cn>
+ */
+#include "ukey-skf-driver.h"
+#include <dlfcn.h>
+#include <qt5-log-i.h>
+#include <QFile>
+#include <QSettings>
+
+namespace Kiran
+{
+// 签名者ID
+#define CONF_DEFAULT_KEY_PUC_ID "PucId"
+#define CONF_DEFAULT_KEY_DEV_KEY "DevKey"
+
+#define CONF_DEFAULT_KEY_ADMIN_PINCODE "AdminPinCode"
+#define CONF_DEFAULT_KEY_USER_PINCODE "UserPinCode"
+
+#define SIGN_DATA "kiran-authentication-devices"
+
+#define UKEY_DEFAULT_CONFIG "/etc/kiran-authentication-devices-sdk/ukey-skf.conf"
+#define ADMIN_PIN_RETRY_COUNT 10
+#define USER_PIN_RETRY_COUNT 10
+
+extern "C"
+{
+ typedef ULONG (*SKF_EnumDev_Func)(BOOL bPresent, LPSTR szNameList, ULONG *pulSize);
+ typedef ULONG (*SKF_ConnectDev_Func)(LPSTR szName, DEVHANDLE *phDev);
+ typedef ULONG (*SKF_DisConnectDev_Func)(DEVHANDLE hDev);
+ typedef ULONG (*SKF_GetDevState_Func)(LPSTR szDevName, ULONG *pulDevState);
+ typedef ULONG (*SKF_GetDevInfo_Func)(DEVHANDLE hDev, DEVINFO *pDevInfo);
+ typedef ULONG (*SKF_SetLabel_Func)(DEVHANDLE hDev, LPSTR szLabel);
+ typedef ULONG (*SKF_OpenApplication_Func)(DEVHANDLE hDev, LPSTR szAppName, HAPPLICATION *phApplication);
+ typedef ULONG (*SKF_VerifyPIN_Func)(HAPPLICATION hApplication, ULONG ulPINType, LPSTR szPIN, ULONG *pulRetryCount);
+ typedef ULONG (*SKF_OpenContainer_Func)(HAPPLICATION hApplication, LPSTR szContainerName, HCONTAINER *phContainer);
+ typedef ULONG (*SKF_GenECCKeyPair_Func)(HCONTAINER hContainer, ULONG ulAlgId, ECCPUBLICKEYBLOB *pBlob);
+ typedef ULONG (*SKF_CloseContainer_Func)(HCONTAINER hContainer);
+ typedef ULONG (*SKF_CloseApplication_Func)(HAPPLICATION hApplication);
+ typedef ULONG (*SKF_CreateApplication_Func)(DEVHANDLE hDev, LPSTR szAppName, LPSTR szAdminPin,
+ DWORD dwAdminPinRetryCount, LPSTR szUserPin, DWORD dwUserPinRetryCount,
+ DWORD dwCreateFileRights, HAPPLICATION *phApplication);
+
+ typedef ULONG (*SKF_EnumApplication_Func)(DEVHANDLE hDev, LPSTR szAppName, ULONG *pulSize);
+ typedef ULONG (*SKF_ExportPublicKey_Func)(HCONTAINER hContainer, BOOL bSignFlag, BYTE *pbBlob, ULONG *pulBlobLen);
+ typedef ULONG (*SKF_Digest_Func)(HANDLE hHash, BYTE *pbData, ULONG ulDataLen, BYTE *pbHashData, ULONG *pulHashLen);
+ typedef ULONG (*SKF_DigestInit_Func)(DEVHANDLE hDev, ULONG ulAlgID, ECCPUBLICKEYBLOB *pPubKey,
+ unsigned char *pucID, ULONG ulIDLen, HANDLE *phHash);
+ typedef ULONG (*SKF_ECCSignData_Func)(HCONTAINER hContainer, BYTE *pbData, ULONG ulDataLen, PECCSIGNATUREBLOB pSignature);
+ typedef ULONG (*SKF_ECCVerify_Func)(DEVHANDLE hDev, ECCPUBLICKEYBLOB *pECCPubKeyBlob, BYTE *pbData,
+ ULONG ulDataLen, PECCSIGNATUREBLOB pSignature);
+
+ typedef ULONG (*SKF_GenRandom_Func)(DEVHANDLE hDev, BYTE *pbRandom, ULONG ulRandomLen);
+ typedef ULONG (*SKF_SetSymmKey_Func)(DEVHANDLE hDev, BYTE *pbKey, ULONG ulAlgID, HANDLE *phKey);
+ typedef ULONG (*SKF_EncryptInit_Func)(HANDLE hKey, BLOCKCIPHERPARAM EncryptParam);
+ typedef ULONG (*SKF_Encrypt_Func)(HANDLE hKey, BYTE *pbData, ULONG ulDataLen, BYTE *pbEncryptedData, ULONG *pulEncryptedLen);
+ typedef ULONG (*SKF_DevAuth_Func)(DEVHANDLE hDev, BYTE *pbAuthData, ULONG ulLen);
+ typedef ULONG (*SKF_DeleteApplication_Func)(DEVHANDLE hDev, LPSTR szAppName);
+ typedef ULONG (*SKF_CreateContainer_Func)(HAPPLICATION hApplication, LPSTR szContainerName, HCONTAINER *phContainer);
+}
+
+struct DriverLib
+{
+ SKF_EnumDev_Func SKF_EnumDev;
+ SKF_ConnectDev_Func SKF_ConnectDev;
+ SKF_DisConnectDev_Func SKF_DisConnectDev;
+ SKF_GetDevState_Func SKF_GetDevState;
+ SKF_GetDevInfo_Func SKF_GetDevInfo;
+ SKF_SetLabel_Func SKF_SetLabel;
+ SKF_OpenApplication_Func SKF_OpenApplication;
+ SKF_VerifyPIN_Func SKF_VerifyPIN;
+ SKF_OpenContainer_Func SKF_OpenContainer;
+ SKF_GenECCKeyPair_Func SKF_GenECCKeyPair;
+ SKF_CloseContainer_Func SKF_CloseContainer;
+ SKF_CloseApplication_Func SKF_CloseApplication;
+ SKF_CreateApplication_Func SKF_CreateApplication;
+ SKF_EnumApplication_Func SKF_EnumApplication;
+ SKF_ExportPublicKey_Func SKF_ExportPublicKey;
+ SKF_Digest_Func SKF_Digest;
+ SKF_DigestInit_Func SKF_DigestInit;
+ SKF_ECCSignData_Func SKF_ECCSignData;
+ SKF_ECCVerify_Func SKF_ECCVerify;
+ SKF_GenRandom_Func SKF_GenRandom;
+ SKF_SetSymmKey_Func SKF_SetSymmKey;
+ SKF_EncryptInit_Func SKF_EncryptInit;
+ SKF_Encrypt_Func SKF_Encrypt;
+ SKF_DevAuth_Func SKF_DevAuth;
+ SKF_DeleteApplication_Func SKF_DeleteApplication;
+ SKF_CreateContainer_Func SKF_CreateContainer;
+};
+
+UKeySKFDriver::UKeySKFDriver(QObject *parent) : BDriver(parent)
+{
+}
+
+UKeySKFDriver::~UKeySKFDriver()
+{
+ if (m_libHandle)
+ {
+ dlclose(m_libHandle);
+ m_libHandle = NULL;
+ }
+}
+
+QString UKeySKFDriver::getName()
+{
+ return QString();
+}
+QString UKeySKFDriver::getFullName()
+{
+ return QString();
+}
+quint16 UKeySKFDriver::getDriverId()
+{
+ return 0;
+}
+
+bool UKeySKFDriver::loadLibrary(QString libPath)
+{
+ if (!QFile::exists(UKEY_DEFAULT_CONFIG))
+ {
+ return false;
+ }
+
+ m_libHandle = dlopen(libPath.toStdString().c_str(), RTLD_NOW);
+ if (m_libHandle == nullptr)
+ {
+ KLOG_ERROR() << "Load ukey lib failed,error:" << dlerror();
+ return false;
+ }
+
+ m_driverLib = QSharedPointer<DriverLib>(new DriverLib);
+ m_driverLib->SKF_EnumDev = (SKF_EnumDev_Func)dlsym(m_libHandle, "SKF_EnumDev");
+ m_driverLib->SKF_ConnectDev = (SKF_ConnectDev_Func)dlsym(m_libHandle, "SKF_ConnectDev");
+ m_driverLib->SKF_DisConnectDev = (SKF_DisConnectDev_Func)dlsym(m_libHandle, "SKF_DisConnectDev");
+ m_driverLib->SKF_GetDevState = (SKF_GetDevState_Func)dlsym(m_libHandle, "SKF_GetDevState");
+ m_driverLib->SKF_GetDevInfo = (SKF_GetDevInfo_Func)dlsym(m_libHandle, "SKF_GetDevInfo");
+ m_driverLib->SKF_SetLabel = (SKF_SetLabel_Func)dlsym(m_libHandle, "SKF_SetLabel");
+ m_driverLib->SKF_OpenApplication = (SKF_OpenApplication_Func)dlsym(m_libHandle, "SKF_OpenApplication");
+ m_driverLib->SKF_VerifyPIN = (SKF_VerifyPIN_Func)dlsym(m_libHandle, "SKF_VerifyPIN");
+ m_driverLib->SKF_OpenContainer = (SKF_OpenContainer_Func)dlsym(m_libHandle, "SKF_OpenContainer");
+ m_driverLib->SKF_GenECCKeyPair = (SKF_GenECCKeyPair_Func)dlsym(m_libHandle, "SKF_GenECCKeyPair");
+ m_driverLib->SKF_CloseContainer = (SKF_CloseContainer_Func)dlsym(m_libHandle, "SKF_CloseContainer");
+ m_driverLib->SKF_CloseApplication = (SKF_CloseApplication_Func)dlsym(m_libHandle, "SKF_CloseApplication");
+ m_driverLib->SKF_CreateApplication = (SKF_CreateApplication_Func)dlsym(m_libHandle, "SKF_CreateApplication");
+ m_driverLib->SKF_EnumApplication = (SKF_EnumApplication_Func)dlsym(m_libHandle, "SKF_EnumApplication");
+ m_driverLib->SKF_ExportPublicKey = (SKF_ExportPublicKey_Func)dlsym(m_libHandle, "SKF_ExportPublicKey");
+ m_driverLib->SKF_Digest = (SKF_Digest_Func)dlsym(m_libHandle, "SKF_Digest");
+ m_driverLib->SKF_DigestInit = (SKF_DigestInit_Func)dlsym(m_libHandle, "SKF_DigestInit");
+ m_driverLib->SKF_ECCSignData = (SKF_ECCSignData_Func)dlsym(m_libHandle, "SKF_ECCSignData");
+ m_driverLib->SKF_ECCVerify = (SKF_ECCVerify_Func)dlsym(m_libHandle, "SKF_ECCVerify");
+ m_driverLib->SKF_GenRandom = (SKF_GenRandom_Func)dlsym(m_libHandle, "SKF_GenRandom");
+ m_driverLib->SKF_SetSymmKey = (SKF_SetSymmKey_Func)dlsym(m_libHandle, "SKF_SetSymmKey");
+ m_driverLib->SKF_EncryptInit = (SKF_EncryptInit_Func)dlsym(m_libHandle, "SKF_EncryptInit");
+ m_driverLib->SKF_Encrypt = (SKF_Encrypt_Func)dlsym(m_libHandle, "SKF_Encrypt");
+ m_driverLib->SKF_DevAuth = (SKF_DevAuth_Func)dlsym(m_libHandle, "SKF_DevAuth");
+ m_driverLib->SKF_DeleteApplication = (SKF_DeleteApplication_Func)dlsym(m_libHandle, "SKF_DeleteApplication");
+ m_driverLib->SKF_CreateContainer = (SKF_CreateContainer_Func)dlsym(m_libHandle, "SKF_CreateContainer");
+
+ return true;
+}
+
+DEVHANDLE UKeySKFDriver::connectDev()
+{
+ ULONG ulBufSize = 0;
+ ULONG ulReval = m_driverLib->SKF_EnumDev(TRUE, NULL, &ulBufSize);
+
+ if (ulReval != SAR_OK)
+ {
+ KLOG_DEBUG() << "Enum Dev error:" << getErrorReason(ulReval);
+ return nullptr;
+ }
+
+ LPSTR szNameList = (LPSTR)malloc(ulBufSize * sizeof(CHAR));
+ memset(szNameList, '\0', ulBufSize);
+ ulReval = m_driverLib->SKF_EnumDev(TRUE, szNameList, &ulBufSize);
+ if (ulReval == SAR_OK)
+ {
+ LPSTR pszTemp = szNameList;
+ if (NULL == pszTemp)
+ {
+ KLOG_DEBUG() << "no found ukey device";
+ return nullptr;
+ }
+ while (*pszTemp != '\0')
+ {
+ DEVHANDLE devHandle;
+ ulReval = m_driverLib->SKF_ConnectDev(pszTemp, &devHandle);
+ if (SAR_OK == ulReval)
+ {
+ return devHandle;
+ }
+ else
+ {
+ KLOG_ERROR() << "Connect Dev failed:" << getErrorReason(ulReval);
+ }
+ pszTemp += strlen((const char *)pszTemp) + 1;
+ }
+ }
+ free(szNameList);
+ return nullptr;
+}
+
+void UKeySKFDriver::deleteAllApplication(DEVHANDLE devHandle)
+{
+ ULONG ulReval = SAR_FAIL;
+ char szAppNames[256] = {0};
+ ULONG ulSize = 256;
+
+ ulReval = m_driverLib->SKF_EnumApplication(devHandle, (LPSTR)szAppNames, &ulSize);
+ if (SAR_OK == ulReval)
+ {
+ char *pszTemp = szAppNames;
+ if (*pszTemp == '\0')
+ {
+ m_driverLib->SKF_DeleteApplication(devHandle, (LPSTR)pszTemp);
+ }
+
+ while (*pszTemp != '\0')
+ {
+ m_driverLib->SKF_DeleteApplication(devHandle, (LPSTR)pszTemp);
+ pszTemp += strlen((const char *)pszTemp) + 1;
+ }
+ }
+ KLOG_DEBUG() << "clear all application";
+}
+
+QString UKeySKFDriver::enumApplication(DEVHANDLE devHandle)
+{
+ char szAppNames[256] = {0};
+ ULONG ulSize = 256;
+ ULONG ret = m_driverLib->SKF_EnumApplication(devHandle, (LPSTR)szAppNames, &ulSize);
+ if (ret == SAR_OK)
+ {
+ QString appNames(szAppNames);
+ KLOG_DEBUG() << "enum app names:" << appNames;
+ return appNames;
+ }
+ else
+ {
+ return QString();
+ }
+}
+
+ULONG UKeySKFDriver::devAuth(DEVHANDLE devHandle)
+{
+ BYTE random[16] = {0};
+ BYTE devKey[16] = {0};
+ BLOCKCIPHERPARAM param = {0};
+ BYTE devkeyenc[16] = {0};
+ ULONG dwResultLen = 16;
+ ULONG ulReval;
+ DEVINFO devInfo;
+ HANDLE hSessionKey;
+
+ QString defaultDevKey = getDefaultValueFromConf(CONF_DEFAULT_KEY_DEV_KEY);
+ QByteArray byteArray = defaultDevKey.toLatin1();
+ unsigned char *key = (unsigned char *)byteArray.data();
+
+ memcpy(devKey, key, 16);
+
+ ulReval = m_driverLib->SKF_GenRandom(devHandle, random, 8);
+ if (SAR_OK != ulReval)
+ return ulReval;
+
+ ulReval = m_driverLib->SKF_GetDevInfo(devHandle, &devInfo);
+ if (SAR_OK != ulReval)
+ return ulReval;
+
+ ulReval = m_driverLib->SKF_SetSymmKey(devHandle, devKey, devInfo.DevAuthAlgId, &hSessionKey);
+ if (SAR_OK != ulReval)
+ return ulReval;
+
+ ulReval = m_driverLib->SKF_EncryptInit(hSessionKey, param);
+ if (SAR_OK != ulReval)
+ return ulReval;
+
+ ulReval = m_driverLib->SKF_Encrypt(hSessionKey, random, 16, devkeyenc, &dwResultLen);
+ if (SAR_OK != ulReval)
+ return ulReval;
+
+ ulReval = m_driverLib->SKF_DevAuth(devHandle, devkeyenc, 16);
+
+ return ulReval;
+}
+
+HAPPLICATION UKeySKFDriver::onOpenApplication(DEVHANDLE devHandle, LPSTR szAppName)
+{
+ HAPPLICATION phApplication = nullptr;
+ ULONG ret = m_driverLib->SKF_OpenApplication(devHandle, szAppName, &phApplication);
+ if (ret != SAR_OK)
+ {
+ KLOG_DEBUG() << "open Application failed:" << getErrorReason(ret);
+ return nullptr;
+ }
+ return phApplication;
+}
+
+HCONTAINER UKeySKFDriver::onOpenContainer(HAPPLICATION appHandle, const QString &pin, QString containerName, ULONG *retryCount)
+{
+ QByteArray byteArray = pin.toLatin1();
+ unsigned char *szPIN = (unsigned char *)byteArray.data();
+ ULONG ret = m_driverLib->SKF_VerifyPIN(appHandle, USER_TYPE, szPIN, retryCount);
+ if (ret == SAR_OK)
+ {
+ HCONTAINER containerHandle = nullptr;
+ ret = m_driverLib->SKF_OpenContainer(appHandle, (LPSTR)containerName.data(), &containerHandle);
+ if (ret == SAR_OK)
+ {
+ KLOG_DEBUG() << "open container success";
+ return containerHandle;
+ }
+ else
+ {
+ KLOG_ERROR() << "open container failed:" << getErrorReason(ret);
+ }
+ }
+ else
+ {
+ KLOG_DEBUG() << "Verify PIN failed:" << getErrorReason(ret);
+ KLOG_DEBUG() << "Retry Count:" << retryCount;
+ }
+ return nullptr;
+}
+
+void UKeySKFDriver::closeApplication(HAPPLICATION appHandle)
+{
+ m_driverLib->SKF_CloseApplication(appHandle);
+}
+void UKeySKFDriver::closeContainer(HCONTAINER containerHandle)
+{
+ m_driverLib->SKF_CloseContainer(containerHandle);
+}
+
+void UKeySKFDriver::disConnectDev(DEVHANDLE devHandle)
+{
+ m_driverLib->SKF_DisConnectDev(devHandle);
+}
+
+HAPPLICATION UKeySKFDriver::createApplication(DEVHANDLE devHandle, QString pin, QString appName)
+{
+ QByteArray pinArray = pin.toLatin1();
+ unsigned char *userPin = (unsigned char *)pinArray.data();
+
+ QByteArray appNameArray = appName.toLatin1();
+ unsigned char *szAppName = (unsigned char *)appNameArray.data();
+
+ QString defaultAdminPin = getDefaultValueFromConf(CONF_DEFAULT_KEY_ADMIN_PINCODE);
+ QByteArray byteArray = defaultAdminPin.toLatin1();
+ unsigned char *adminPIn = (unsigned char *)byteArray.data();
+
+ HAPPLICATION appHandle = nullptr;
+ ULONG ulReval = m_driverLib->SKF_CreateApplication(devHandle, szAppName, adminPIn,
+ ADMIN_PIN_RETRY_COUNT, userPin, USER_PIN_RETRY_COUNT,
+ SECURE_USER_ACCOUNT, &appHandle);
+ ULONG retryCount;
+ if (ulReval != SAR_OK)
+ {
+ KLOG_ERROR() << "create application failed:" << getErrorReason(ulReval);
+ return nullptr;
+ }
+
+ return appHandle;
+}
+
+HCONTAINER UKeySKFDriver::createContainer(HAPPLICATION appHandle, QString pin, QString containerName, ULONG *retryCount)
+{
+ QByteArray byteArray = pin.toLatin1();
+ unsigned char *userPin = (unsigned char *)byteArray.data();
+ ULONG ulReval = m_driverLib->SKF_VerifyPIN(appHandle, USER_TYPE, userPin, retryCount);
+ if (ulReval != SAR_OK)
+ {
+ KLOG_ERROR() << "verifyPin failed:" << getErrorReason(ulReval);
+ return nullptr;
+ }
+
+ HCONTAINER containerHandle = nullptr;
+ ulReval = m_driverLib->SKF_CreateContainer(appHandle, (LPSTR)containerName.data(), &containerHandle);
+ if (ulReval != SAR_OK)
+ {
+ KLOG_ERROR() << "create container failed:" << getErrorReason(ulReval);
+ return nullptr;
+ }
+ KLOG_DEBUG() << "create new application and container success";
+ return containerHandle;
+}
+
+ULONG UKeySKFDriver::genECCKeyPair(HCONTAINER containerHandle, ECCPUBLICKEYBLOB *pBlob)
+{
+ return m_driverLib->SKF_GenECCKeyPair(containerHandle, SGD_SM2_1, pBlob);
+}
+
+ULONG UKeySKFDriver::authSignData(HCONTAINER containerHandle, DEVHANDLE devHandle, ECCSIGNATUREBLOB &Signature)
+{
+ unsigned char *pPubKey = NULL;
+ ULONG ulPubKeyLen = 0;
+ ECCPUBLICKEYBLOB EccPubKey = {0};
+ unsigned char pucId[32] = {0};
+ ULONG ulIdLen = 16;
+ HANDLE hHash = nullptr;
+ ULONG ulHashLen = 64;
+ int signDataLen = strlen(SIGN_DATA);
+ unsigned char pbHashData[33] = {0};
+
+ QString defaultPucId = getDefaultValueFromConf(CONF_DEFAULT_KEY_PUC_ID);
+ QByteArray byteArray = defaultPucId.toLatin1();
+ unsigned char *PUC_ID = (unsigned char *)byteArray.data();
+
+ ULONG ret = m_driverLib->SKF_ExportPublicKey(containerHandle, TRUE, pPubKey, &ulPubKeyLen);
+ if (ret != SAR_OK)
+ {
+ goto end;
+ }
+
+ pPubKey = (unsigned char *)malloc(ulPubKeyLen);
+ if (pPubKey == NULL)
+ {
+ goto end;
+ }
+
+ ret = m_driverLib->SKF_ExportPublicKey(containerHandle, TRUE, pPubKey, &ulPubKeyLen);
+ if (ret != SAR_OK)
+ {
+ goto end;
+ }
+
+ if (ulPubKeyLen != sizeof(ECCPUBLICKEYBLOB))
+ {
+ goto end;
+ }
+
+ memcpy(&EccPubKey, pPubKey, ulPubKeyLen);
+ memcpy(pucId, PUC_ID, 16);
+
+ ret = m_driverLib->SKF_DigestInit(devHandle, SGD_SM3, &EccPubKey, pucId, ulIdLen, &hHash);
+ if (ret != SAR_OK)
+ {
+ goto end;
+ }
+
+ ret = m_driverLib->SKF_Digest(hHash, (BYTE *)SIGN_DATA, signDataLen, pbHashData, &ulHashLen);
+ if (ret != SAR_OK)
+ {
+ goto end;
+ }
+
+ ret = m_driverLib->SKF_ECCSignData(containerHandle, pbHashData, ulHashLen, &Signature);
+
+end:
+ getErrorReason(ret);
+ return ret;
+}
+
+ULONG UKeySKFDriver::verifyData(DEVHANDLE devHandle, ECCSIGNATUREBLOB &Signature, ECCPUBLICKEYBLOB &publicKey)
+{
+ unsigned char *pbInData = NULL, pbHashData[33] = {0}, pbOutData[256] = {0};
+ ULONG ulInLen = 0, ulOutLen = 0, ulHashLen = 0, ulIdLen = 7;
+ unsigned char pucId[32] = {0};
+ HANDLE hHash;
+ ULONG ulPubKeyLen = 0;
+ int signDataLen = strlen(SIGN_DATA);
+ QString defaultPucId = getDefaultValueFromConf(CONF_DEFAULT_KEY_PUC_ID);
+ QByteArray byteArray = defaultPucId.toLatin1();
+ unsigned char *PUC_ID = (unsigned char *)byteArray.data();
+
+ memcpy(pucId, PUC_ID, 16);
+ ulIdLen = 16;
+ ULONG ulReval = m_driverLib->SKF_DigestInit(devHandle, SGD_SM3, &publicKey, pucId, ulIdLen, &hHash);
+ if (ulReval != SAR_OK)
+ {
+ goto end;
+ }
+
+ ulHashLen = 64;
+ ulReval = m_driverLib->SKF_Digest(hHash, (BYTE *)SIGN_DATA, signDataLen, pbHashData, &ulHashLen);
+ if (ulReval != SAR_OK)
+ {
+ goto end;
+ }
+
+ ulReval = m_driverLib->SKF_ECCVerify(devHandle, &publicKey, pbHashData, ulHashLen, &Signature);
+
+end:
+ getErrorReason(ulReval);
+ return ulReval;
+}
+
+QString UKeySKFDriver::getErrorReason(ULONG error)
+{
+ for (int i = 0; i < sizeof(skf_errors) / sizeof(skf_errors[0]); i++)
+ {
+ if (error == skf_errors[i].err)
+ {
+ return skf_errors[i].reason;
+ }
+ }
+ return QString();
+}
+
+QString UKeySKFDriver::getDefaultValueFromConf(const QString &key)
+{
+ QSettings confSettings(UKEY_DEFAULT_CONFIG, QSettings::NativeFormat);
+ QVariant value = confSettings.value(QString("default/%1").arg(key));
+ return value.toString();
+}
+
+} // namespace Kiran
diff --git a/src/driver/ukey/ukey-skf-driver.h b/src/driver/ukey/ukey-skf-driver.h
new file mode 100644
index 0000000..4952ff6
--- /dev/null
+++ b/src/driver/ukey/ukey-skf-driver.h
@@ -0,0 +1,62 @@
+/**
+ * Copyright (c) 2020 ~ 2021 KylinSec Co., Ltd.
+ * kiran-biometrics is licensed under Mulan PSL v2.
+ * You can use this software according to the terms and conditions of the Mulan PSL v2.
+ * You may obtain a copy of Mulan PSL v2 at:
+ * http://license.coscl.org.cn/MulanPSL2
+ * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND,
+ * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT,
+ * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE.
+ * See the Mulan PSL v2 for more details.
+ *
+ * Author: luoqing <luoqing@kylinsec.com.cn>
+ */
+#pragma once
+#include "driver/driver.h"
+#include "ukey-skf.h"
+#include <QSharedPointer>
+
+namespace Kiran
+{
+struct DriverLib;
+
+class UKeySKFDriver : public BDriver
+{
+public:
+ UKeySKFDriver(QObject *parent = nullptr);
+ ~UKeySKFDriver();
+ QString getName() override;
+ QString getFullName() override;
+ quint16 getDriverId() override;
+
+ bool loadLibrary(QString libPath);
+ DEVHANDLE connectDev();
+ void deleteAllApplication(DEVHANDLE devHandle);
+ QString enumApplication(DEVHANDLE devHandle);
+
+ ULONG devAuth(DEVHANDLE devHandle);
+ HAPPLICATION onOpenApplication(DEVHANDLE hDev, LPSTR szAppName);
+ HCONTAINER onOpenContainer(HAPPLICATION appHandle,const QString &pin,QString containerName,ULONG *retryCount);
+
+ void closeApplication(HAPPLICATION appHandle);
+ void closeContainer(HCONTAINER containerHandle);
+ void disConnectDev(DEVHANDLE devHandle);
+
+ HAPPLICATION createApplication(DEVHANDLE devHandle,QString pin,QString appName);
+ HCONTAINER createContainer(HAPPLICATION appHandle, QString pin,QString containerName,ULONG *retryCount);
+
+ ULONG genECCKeyPair(HCONTAINER containerHandle,ECCPUBLICKEYBLOB *pBlob);
+
+ ULONG authSignData(HCONTAINER containerHandle,DEVHANDLE devHandle,ECCSIGNATUREBLOB &Signature);
+ ULONG verifyData(DEVHANDLE devHandle,ECCSIGNATUREBLOB &Signature, ECCPUBLICKEYBLOB &publicKey);
+
+ QString getErrorReason(ULONG error);
+
+ QString getDefaultValueFromConf(const QString &key);
+
+private:
+ QSharedPointer<DriverLib> m_driverLib;
+ HANDLE m_libHandle;
+};
+
+} // namespace Kiran
\ No newline at end of file
diff --git a/translations/kiran-authentication-devices.zh_CN.ts b/translations/kiran-authentication-devices.zh_CN.ts
index 40aef0a..540aadb 100644
--- a/translations/kiran-authentication-devices.zh_CN.ts
+++ b/translations/kiran-authentication-devices.zh_CN.ts
@@ -4,63 +4,69 @@
<context>
<name>Kiran::AuthDevice</name>
<message>
- <location filename="../src/device/auth-device.cpp" line="150"/>
- <location filename="../src/device/auth-device.cpp" line="198"/>
+ <location filename="../src/device/auth-device.cpp" line="160"/>
+ <location filename="../src/device/auth-device.cpp" line="239"/>
<source>Device Busy</source>
<translation>设备忙</translation>
</message>
<message>
- <location filename="../src/device/auth-device.cpp" line="160"/>
+ <location filename="../src/device/auth-device.cpp" line="198"/>
<source>feature has reached the upper limit of %1</source>
<translation>录入的特征已达上限 %1</translation>
</message>
+ <message>
+ <location filename="../src/device/auth-device.cpp" line="219"/>
+ <location filename="../src/device/auth-device.cpp" line="299"/>
+ <source>The pin code cannot be empty!</source>
+ <translation>pin码不能为空!</translation>
+ </message>
</context>
<context>
<name>Kiran::FPZKDevice</name>
<message>
- <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="393"/>
- <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="449"/>
+ <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="475"/>
+ <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="531"/>
<source>acquire fingerprint fail!</source>
<translation>获取指纹失败!</translation>
</message>
<message>
- <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="397"/>
+ <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="479"/>
<source>Partial fingerprint feature entry</source>
<translation>录入部分指纹特征</translation>
</message>
<message>
- <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="401"/>
+ <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="483"/>
<source>The fingerprint has been enrolled</source>
<translation>指纹重复录入</translation>
</message>
<message>
- <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="405"/>
+ <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="487"/>
<source>Please place the same finger!</source>
<translation>请放置相同的手指!</translation>
</message>
<message>
- <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="410"/>
- <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="422"/>
+ <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="492"/>
+ <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="504"/>
<source>Failed to enroll fingerprint, please enroll again</source>
<translation>录入指纹失败,请重新录入</translation>
</message>
<message>
- <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="414"/>
+ <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="496"/>
<source>Successed save finger</source>
<translation>录入指纹成功</translation>
</message>
<message>
- <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="418"/>
+ <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="500"/>
<source>Save Finger Failed!</source>
<translation>录入指纹失败!</translation>
</message>
<message>
- <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="453"/>
+ <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="535"/>
<source>Fingerprint match</source>
<translation>指纹匹配</translation>
</message>
<message>
- <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="457"/>
+ <location filename="../src/device/fingerprint/fp-zk-device.cpp" line="539"/>
<source>Fingerprint not match, place again</source>
<translation>指纹不匹配,请重试</translation>
</message>
@@ -68,52 +74,52 @@
<context>
<name>Kiran::FVSDDevice</name>
<message>
- <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="377"/>
+ <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="498"/>
<source>Finger vein image not obtained</source>
<translation>未获取到指静脉图像</translation>
</message>
<message>
- <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="382"/>
+ <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="503"/>
<source>Partial finger vein feature entry</source>
<translation>录入部分指静脉特征</translation>
</message>
<message>
- <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="386"/>
+ <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="507"/>
<source>The finger vein has been enrolled</source>
<translation>指静脉重复录入</translation>
</message>
<message>
- <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="390"/>
+ <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="511"/>
<source>Please place the same finger!</source>
<translation>请放置相同的手指!</translation>
</message>
<message>
- <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="394"/>
+ <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="515"/>
<source>Finger vein template merged failed</source>
<translation>指静脉模板融合失败</translation>
</message>
<message>
- <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="398"/>
+ <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="519"/>
<source>Successed save feature</source>
<translation>录入特征成功</translation>
</message>
<message>
- <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="402"/>
+ <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="523"/>
<source>Save Feature Failed!</source>
<translation>录入特征失败!</translation>
</message>
<message>
- <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="429"/>
+ <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="550"/>
<source>timeout, acquire finger vein fail!</source>
<translation>超时,获取指静脉失败!</translation>
</message>
<message>
- <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="433"/>
+ <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="554"/>
<source>Feature Match</source>
<translation>特征匹配</translation>
</message>
<message>
- <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="439"/>
+ <location filename="../src/device/finger-vein/fv-sd-device.cpp" line="560"/>
<source>Feature not match, place again</source>
<translation>特征不匹配,请重试</translation>
</message>
@@ -126,4 +132,32 @@
<translation>授权失败.</translation>
</message>
</context>
+<context>
+ <name>Kiran::UKeyFTDevice</name>
+ <message>
+ <location filename="../src/device/ukey/ukey-ft-device.cpp" line="338"/>
+ <source>Successed binding user</source>
+ <translation>绑定用户成功</translation>
+ </message>
+ <message>
+ <location filename="../src/device/ukey/ukey-ft-device.cpp" line="342"/>
+ <source>Binding user failed</source>
+ <translation>绑定用户失败</translation>
+ </message>
+ <message>
+ <location filename="../src/device/ukey/ukey-ft-device.cpp" line="346"/>
+ <source>UKey has been bound</source>
+ <translation>UKey已经被绑定</translation>
+ </message>
+ <message>
+ <location filename="../src/device/ukey/ukey-ft-device.cpp" line="377"/>
+ <source>identify fail!</source>
+ <translation>认证失败!</translation>
+ </message>
+ <message>
+ <location filename="../src/device/ukey/ukey-ft-device.cpp" line="387"/>
+ <source>identify ukey success</source>
+ <translation>ukey认证成功</translation>
+ </message>
+</context>
</TS>
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink