Commit 5169a5b6 authored by Administrator's avatar Administrator
Browse files

双向认证模拟交易

parents
apply plugin: 'com.android.application'
android {
compileSdkVersion 26
buildToolsVersion "28.0.3"
defaultConfig {
applicationId "com.szzt.transdemo"
minSdkVersion 15
targetSdkVersion 26
}
buildTypes {
release {
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.txt'
}
}
android.applicationVariants.all { variant ->
variant.outputs.all {
outputFileName = "ZtTransDemo.apk"
}
}
lintOptions {
checkReleaseBuilds false
// Or, if you prefer, you can continue to check for errors in release builds,
// but continue the build even when errors are found:
abortOnError false
}
}
task makeJar(type: Copy) {
delete 'build/libs/json.jar'
from('build/intermediates/bundles/release/')
into('build/libs/')
include('classes.jar')
rename ('classes.jar', 'json.jar')
}
makeJar.dependsOn(build)
dependencies {
compile 'com.android.support:support-v4:22.2.1'
compile files('libs/szztdevicesdk.jar')
implementation files('libs/szztdevicesdk.jar')
}
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.szzt.transdemo"
android:versionCode="23"
android:versionName="1.23" >
<uses-permission android:name="android.permission.WRITE_CONTACTS" />
<uses-permission android:name="android.permission.IDC" />
<uses-permission android:name="android.permission.ACCESS_CPOSSYSTEM" />
<uses-permission android:name="android.permission.ACCESS_HWSECURITYMANAGER" />
<uses-permission android:name="android.permission.ACCESS_NETWORKMANAGER" />
<uses-permission android:name="android.permission.CLOUDPOS_SHUTDOWN" />
<uses-permission android:name="android.permission.CLOUDPOS_SLEEP" />
<uses-permission android:name="android.permission.CLOUDPOS_INSTALL_SILENCE" />
<uses-permission android:name="android.permission.CLOUDPOS_UNINSTALL_SILENCE" />
<uses-permission android:name="android.permission.CLOUDPOS_REBOOT" />
<uses-permission android:name="android.permission.CLOUDPOS_SYSTEM_DISABLE_HARDWARE" />
<uses-permission android:name="android.permission.ADMIN_PWD_MODIFY" />
<uses-permission android:name="android.permission.ADMIN_PWD_RESET" />
<uses-permission android:name="android.permission.ADMIN_PWD" />
<uses-permission android:name="android.permission.CLOUDPOS_SYSTEM_SETTIME" />
<uses-permission android:name="android.permission.CLOUDPOS_SYSTEM_GETCPOSDEVICEINFO" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.WIZARPOS_SAFE_MODULE_READONLY" />
<uses-permission android:name="android.permission.CLOUDPOS_SAFE_MODULE_READONLY" />
<uses-permission android:name="android.permission.CLOUDPOS_MSR" />
<uses-permission android:name="android.permission.CLOUDPOS_PRINTER" />
<uses-permission android:name="android.permission.CLOUDPOS_CONTACTLESS_CARD" />
<uses-permission android:name="android.permission.CLOUDPOS_SMARTCARD" />
<uses-permission android:name="android.permission.CLOUDPOS_SERIAL" />
<uses-permission android:name="android.permission.CLOUDPOS_PIN_GET_PIN_BLOCK" />
<uses-permission android:name="android.permission.CLOUDPOS_PIN_MAC" />
<uses-permission android:name="android.permission.CLOUDPOS_PIN_ENCRYPT_DATA" />
<uses-permission android:name="android.permission.CLOUDPOS_PIN_UPDATA_USER_KEY" />
<uses-permission android:name="android.permission.CLOUDPOS_PIN_UPDATE_MASTER_KEY" />
<uses-permission android:name="android.permission.CLOUDPOS_PIN_UPDATE_USER_KEY" />
<uses-permission android:name="android.permission.CAMERA" />
<uses-permission android:name="android.permission.FLASHLIGHT" />
<uses-feature android:name="android.hardware.camera" />
<uses-feature android:name="android.hardware.camera.autofocus" />
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission android:name="android.permission.CLOUDPOS_CUSTOMER_DISPLAY" />
<uses-permission android:name="android.permission.WIZARPOS_CUSTOMER_DISPLAY" />
<uses-permission android:name="android.permission.KOOLCLOUD_CUSTOMER_DISPLAY" />
<!-- 条码 -->
<uses-permission android:name="android.permission.CLOUDPOS_BARCODE" />
<!-- 身份证识别权限 -->
<uses-permission android:name="android.permission.CLOUDPOS_IDCARD" />
<uses-permission android:name="android.permission.CLOUDPOS_GET_DEVICE_INFO" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.CLOUDPOS_BEEP"/>
<uses-permission android:name="android.permission.CLOUDPOS_LED"/>
<!-- 安全模块 -->
<uses-permission android:name="android.permission.ACCESS_HWSECURITYMANAGER"/>
<uses-permission android:name="android.permission.CLOUDPOS_SAFE_MODULE_READONLY" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
<uses-permission android:name="android.permission.CLOUDPOS_SAFE_MODULE_DELETE"/>
<uses-permission android:name="android.permission.CLOUDPOS_SAFE_MODULE_INJECT"/>
<!-- 系统sdk -->
<uses-permission android:name="android.permission.ACCESS_CPOSSYSTEM"/>
<application
android:name="com.szzt.android.application.SZZTApplication"
android:allowBackup="true"
android:icon="@drawable/ic_launcher"
android:label="@string/app_name"
android:theme="@style/AppTheme" >
<activity
android:name=".MainActivity"
android:label="@string/app_name" >
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
<activity
android:name=".MenuActivity"
android:label="@string/title_activity_memu" >
</activity>
<activity
android:name=".MenuActivityKS8226"
android:label="@string/title_activity_memu" >
</activity>
</application>
</manifest>
package com.szzt.ztlocationservice.aidl;
interface ILocationListener{
void onLocationResult(in Bundle location);
}
\ No newline at end of file
package com.szzt.ztlocationservice.aidl;
import com.szzt.ztlocationservice.aidl.ILocationListener;
interface ILocationService{
void setCenterPoint(double centerPoint_Latitude,double centerPoint_Longitude,int radius);
String getBaseStationInfo();
String getConnectedWifiInfo();
double[] getLocationInfo();
String getCityInfo();
String getAddressInfo();
void startLocation(ILocationListener listener);
//俄罗斯定制接口
void registerLocationListener(ILocationListener listener);
void unregisterLocationListener(ILocationListener listener);
void startSustainedLocation(int millisecondInterval);//Must be greater than or equal to 1000
void stopSustainedLocation();
void stop();
}
\ No newline at end of file
/*
* HSMInterface.java
*
* Copyright (c) 2013 - 2016 wizarPOS. All rights reserved.
*
*
* WIZARPOS PROPRIETARY/CONFIDENTIAL.
*
*/
package com.cpos.sdk.jni;
public class HSMInterface {
static {
System.loadLibrary("jni_szzt_hsm");
}
public static final int FORMAT_PEM = 0;
public static final int FORMAT_DER = 1;
public static final int CERT_TYPE_OWNER = 1;
public static final int CERT_TYPE_PUBLIC_KEY = 2;
public static final int CERT_TYPE_APP_ROOT = 3;
public static final int CERT_TYPE_COMMUNICATE = 4;
public static final int ALGORITHM_RSA = 1;
/**
* Open the device.<br>
* Require one of the SAFE_MODULE_READONLY, SAFE_MODULE or SAFE_MODULE_RESET permission.
*
* @return value >= 0, success in starting the process; value < 0, error code
* */
public native static int open();
/**
* close the device
* @return value >= 0, success in starting the process; value < 0, error code
* */
public native static int close();
/**
* Check the security module is tampered or not. If the security module is tampered, all data in the security module should not be trusted.<br>
* This method requires SAFE_MODULE_READONLY or SAFE_MODULE permission.
*
* @return 0 Not tampered.<br>
* 1 Tampered.
*/
public native static int isTampered();
/**
* Get the real random buffer from safe module.
* <p>
* This method requires SAFE_MODULE_READONLY or SAFE_MODULE permission.
*
* @param bufRandom the buffer to store random bytes.
* @param length the length of the buffer.
* @return >=0 success<br>
* <0 error
*/
public native static int getRandom(byte[] bufRandom, int length);
/**
* Request security module to generate a key pair inside the module.
* <br>
* This method requires SAFE_MODULE permission.
*
* @param alias the alias of the private key.
* @param algorithm the algorithm of the key pair. Currently, only ALGORITHM_RSA is supported.
* @param keySize the bit size of the key. Currently, only 2048 is supported.
* @return >=0 success<br>
* <0 the error code
*/
//String aliasPrivateKey, byte[] bufCert, int bufLength
public native static int injectPrivateKey(String alias, byte[] buf, int len);
public native static int generateKeyPair(String alias, int algorithm, int keySize);
/**
* Inject the certificate of the existing key pair.
*
* @param alias the alias of the certificate.
* @param aliasPrivateKey the alias of the key pair, usually it's the private key's alias.
* @param bufCert the data of the certificate.
* @param bufLength the length of the data buffer.enforceCalliUpdateServicengPermission
* @param dataFormat the format of the buffer, Currently, only "PEM" is supported.
* @return >=0 success<br>
* <0 error code
*/
public native static int injectPublicKeyCertificate(String alias, String aliasPrivateKey, byte[] bufCert, int bufLength, int dataFormat);
/**
* Inject the root certificates to security module.<br>
* All the certificate must signed by the terminal's owner certificate.
* The keyUsage flag must be set as define:<br>
* <li>CERT_TYPE_OWNER certificate's keyUsage flag must be set as critical, and the KeyEncipherment, CertificateSign and CRLSign must be set, other flags are cleared.
* <li>CERT_TYPE_APP_ROOT certificate's keyUsage flag must be set as critical, and the DigitalSignature, CertificateSign must be set, other flags are cleared.
* <li>CERT_TYPE_COMMUNICATE certificate's keyUsage flag must be set as non-critical and DigitalSignature, KeyEncipherment, DataEncipherment must be set, other flags are cleared.
* <br>
* This method required SAFE_MODULE permission.
*
* @param certType the certificate type, could be CERT_TYPE_OWNER, CERT_TYPE_APP_ROOT or CERT_TYPE_COMMUNICATE.
* @param alias the alias of the certificate.
* @param bufCert the data of the certificate.
* @param bufLength the length of the data buffer.
* @param dataFormat the format of the buffer, Currently, only FORMAT_PEM is supported.
* @return >=0 success<br>
* <0 the error code
*/
public native static int injectRootCertificate(int certType, String alias, byte[] bufCert, int bufLength, int dataFormat);
/**
* Get the certificate data.
* <br>
* This method requires SAFE_MODULE_READONLY permission.
*
* @param certType the certificate type, could be CERT_TYPE_OWNER, CERT_TYPE_PUBLIC_KEY, CERT_TYPE_APP_ROOT or CERT_TYPE_COMMUNICATE.
* @param alias the alias of the certificate
* @param dataFormat the format of the buffer, Currently, only FORMAT_PEM is supported.
* @param bufCert the output buffer to store the certificate PEM data.
* @param bufMaxLength the max length of the result buffer.
* @return >=0 the length of the certificate PEM data.<br>
* <0 the error code.
*/
public native static int getCertificate(int certType, String alias, byte[] bufCert, int bufMaxLength, int dataFormat);
/**
* Remove the certificate of the given alias.
* <br>
* The OWNER certificate can't be removed.
* <br>
* This method requires SAVE_MODULE permission.
*
* @param certType the certificate type, could be CERT_TYPE_PUBLIC_KEY, CERT_TYPE_APP_ROOT or CERT_TYPE_COMMUNICATE.
* @param alias the alias of the certificate
* @return >=0 success<br>
* <0 the error code
*/
public native static int deleteCertificate(int certType, String alias);
/**
* Remove the key pair of the given alias.
* <br>
* This method requires SAVE_MODULE permission.
*
* @param aliasPrivateKey the alias of the private key.
* @return >=0 success<br>
* <0 the error code
*/
public native static int deleteKeyPair(String aliasPrivateKey);
/**
* Generate the CSR for given private key.
* <br>
* This method requires SAVE_MODULE permission.
*
* @param alias the alias of the private key
*
* @param aliasPrivateKey the alias of the private key
* @param commonName
* @param bufResult the buffer to store the CSR data.
* @param resMaxLength the max length of the result buffer.
*
* @return >=0 success, with the valid length of the bufResult.<br>
* <0 the error code
*/
public native static int generateCSR(String aliasPrivateKey, String commName, byte[] bufResult, int resMaxLength);
/**
* Do encryption by the given private key. The result data is in PKCS#1 padding format.
* <br>
* This method requires SAFE_MODULE permission.
*
* @param aliasPrivateKey the alias of the given private key.
* @param bufPlain the buffer of the plain data.
* @param bufResult the buffer for the output cipher data.
* @param resMaxLength the max length of the output buffer.
* @return >=0 encrypt success and return the length of the bufResult.<br>
* <0 the error code.
*/
public native static int doRSAEncrypt(String aliasPrivateKey, byte[] bufPlain, byte[] bufResult, int resMaxLength);
public native static int doRSADecrypt(String aliasPrivateKey, byte[] bufCipher, byte[] bufResult, int resMaxLength);
/**
* *****************************************private method*************************************
* */
public native static int resetSaveModule();
public native static int queryPrivateKeyLabels(byte[] bufLabels, int length);
public native static int queryPrivateKeyCount();
public native static int queryCertLabels(int certType, byte[] bufLabels, int length);
public native static int queryCertCount(int certType);
}
package com.cpos.sdk.jni;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
public class HsmCertManager {
public static final String COMM_PRD_ROOT="cloudpos_comm_prd_root";
public static X509Certificate getX509Certificate(int certType,String alias){
// System.out.println("getX509Certificate->certType = " + certType);
// System.out.println("getX509Certificate->alias = " + alias);
byte[] cert=getCertificate(certType, alias);
if(cert!=null){
X509Certificate x509=parseCertificate(cert);
//System.out.println(x509.getSubjectDN().getName());
return x509;
}
return null;
}
/*DEGIN: Add by wufei, 2018-01-23, Description:fix cloudpos verify*/
public static byte[] getK21Certificate(int certType,String alias){
// System.out.println("certData->certType = " + certType);
// System.out.println("certData->alias = " + alias);
byte[] cert=getCertificate(certType, alias);
if(cert!=null){
return cert;
}
System.out.println("certData is null");
return null;
}
/*END: Add by wufei, 2018-01-23, Description:fix cloudpos verify*/
private static X509Certificate parseCertificate(byte[] data) {
X509Certificate certificate=null;
try {
CertificateFactory cert=CertificateFactory.getInstance("X.509");
certificate=(X509Certificate) cert.generateCertificate(new ByteArrayInputStream(data));
} catch (CertificateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
return certificate;
}
private static byte[] getCertificate(int certType,String alias){
boolean open=HsmOpen();
try{
byte[] bufCert=new byte[2048*8];
int result=HSMInterface.getCertificate(certType, alias, bufCert, bufCert.length, HSMInterface.FORMAT_PEM);
if(result>=0)
{
byte[] data=new byte[result];
System.arraycopy(bufCert, 0, data, 0, result);
return data;
}
}
catch(Exception e){
open&=false;
System.out.println(e.getMessage());
}
open&=HsmClose();
return null;
}
private static boolean HsmClose() {
int result=-1;
try{
result=HSMInterface.close();
System.out.println("HsmClose return:"+result);
}
catch(Exception e){
System.out.println(e.getMessage());
}
return result>=0?true:false;
}
private static boolean HsmOpen() {
int result=-1;
try{
result=HSMInterface.open();
System.out.println("HsmOpen return:"+result);
}
catch(Exception e){
System.out.println(e.getMessage());
}
return result>=0?true:false;
}
}
package com.szzt.transdemo;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.Socket;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import java.util.Random;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import org.json1.JSONObject;
import android.app.Activity;
import android.content.Context;
import android.content.Intent;
import android.os.Bundle;
import android.os.Handler;
import android.os.Looper;
import android.text.TextUtils;
import android.util.Log;
import android.view.KeyEvent;
import android.view.View;
import android.widget.Button;
import android.widget.EditText;
import android.widget.TextView;
import android.widget.Toast;
import com.szzt.android.util.HexDump;
import com.szzt.android.util.SzztDebug;
import com.szzt.sdk.device.DeviceManager;
import com.szzt.sdk.device.card.MagneticStripeCardReader;
import com.szzt.sdk.device.card.SmartCardReader;
import com.szzt.sdk.device.emv.EmvInterface;
import com.szzt.sdk.device.pinpad.PinPad;
import com.szzt.sdk.system.HwSecurityManagerV2;
public class MainActivity extends Activity {
public static final String TAG = "MainActivity";
private Button mDesButton;
private Button mAesButton;
private Button mSM4Button;
private Button btn_Two_way_authentication;
private Button mDukptButton;
private Button mUnOnlineButton;
private TextView mTextView;
private TextView mPassTextView;
private Handler mHandler = new Handler(Looper.getMainLooper());
private ExecutorService mExecutorService = Executors.newScheduledThreadPool(3);
private SmartCardReader mSmartCardReader;
private MagneticStripeCardReader mStripeCardReader;
private PinPad mPinPad;
HwSecurityManagerV2 hwSecurityManagerV2;
private PBOC mPboc = new PBOC();
private boolean isInputPin = false;
private EditText mIpEditText1, mIpEditText2, mIpEditText3,mIpEditText4;
private EditText mPortEditText;
private String mIp;
private int port;
private Context mContext;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
mContext = this;
hwSecurityManagerV2 = DeviceManager.getInstance().getHwSecurityManagerV2();
mIpEditText1 = (EditText)findViewById(R.id.editText_ip1);
mIpEditText2 = (EditText)findViewById(R.id.editText_ip2);
mIpEditText3 = (EditText)findViewById(R.id.editText_ip3);
mIpEditText4 = (EditText)findViewById(R.id.editText_ip4);
mPortEditText = (EditText)findViewById(R.id.editText_port);
mIpEditText1.setText("10");
mIpEditText2.setText("12");
mIpEditText3.setText("249");
mIpEditText4.setText("115");
mPortEditText.setText("9110");
mTextView = (TextView)findViewById(R.id.tv_info);
mPassTextView = (TextView)findViewById(R.id.tv_pass);
btn_Two_way_authentication = findViewById(R.id.btn_Two_way_authentication);
mPassTextView.setTextSize(20);
//双向认证
btn_Two_way_authentication.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
mIp = mIpEditText1.getText().toString() + "." + mIpEditText2.getText().toString()
+ "." + mIpEditText3.getText().toString() + "." + mIpEditText4.getText().toString();
port = Integer.parseInt(mPortEditText.getText().toString());
new Thread(new Runnable() {
@Override
public void run() {
try {
Socket clientSocket = new Socket(mIp,port);
byte[] data = {0x02,0x08,0x00,0x01};
String msg = SSLSocketFactoryEx.sendAndRecbyte(clientSocket, data);
Log.d("gy","返回公钥与公钥自签名——>"+msg+" 长度——>"+msg.length());
if(msg.length()>0){
String publickey = msg.substring(0, 128);//服务端传来公钥
byte[] publickey_data = HexDump.hexStringToByteArray(publickey);//公钥转成字节数组
String publickeySigin = msg.substring(128);//公钥自签名数据
Log.d("gy","publickey——>"+publickey+" publikeySigin——>"+publickeySigin);
byte[] Sigin_ID = {0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08};
//PK 签名者ID
int len = Sigin_ID.length * 8;
byte[] pk = HexDump.hexStringToByteArray(HexDump.toHexString((byte)(len >> 8 & 255))+HexDump.toHexString((byte)(len & 255))+HexDump.toHexString(Sigin_ID)+"FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E9332C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0");
Log.d("gy","pk->"+HexDump.toHexString(pk));
byte[] buf = new byte[64 + pk.length];
System.arraycopy(pk, 0, buf, 0, pk.length);
System.arraycopy(publickey_data, 0, buf, pk.length, 64);
Log.d("gy","buf->"+HexDump.toHexString(buf));
byte[] za = hwSecurityManagerV2.calcHash(HwSecurityManagerV2.HashType.HASH_SM3,buf, HwSecurityManagerV2.HashFlag.HASH_DIRECT);
Log.d("gy","za->"+HexDump.toHexString(za));
if (za == null) {
Log.d("gy","za->"+za);
}