使用上层秘钥解密终端识别码密钥后再次加密连接设备

2025-07-28 10:40:00 +08:00
parent d58923fd21
commit 492193f848
4 changed files with 75 additions and 4 deletions
--- a/misc/my_encrypt.cpp
+++ b/misc/my_encrypt.cpp
@@ -60,8 +60,61 @@ using namespace std;
 	sm4Encode.sm4_enc(input,strlen(input),output,szKey); 
 }

-//////////////////////////////////////////////////////////////////////////////////////////////////
+//////////////////////////////////////////////////////////////////////////////////////////////////lnk20250728

+/**
+ * SM4 ECB <20><><EFBFBD>ܺ<EFBFBD><DCBA><EFBFBD><EFBFBD><EFBFBD>ZeroPadding<6E><67>
+ * @param encrypted_base64_str <20><><EFBFBD>ܺ<EFBFBD><DCBA><EFBFBD> Base64 <20>ַ<EFBFBD><D6B7><EFBFBD>
+ * @param key_str 16<31>ֽ<EFBFBD><D6BD><EFBFBD>Կ<EFBFBD><D4BF><EFBFBD><EFBFBD><EFBFBD>ģ<EFBFBD>
+ * @param decrypted_output <20><><EFBFBD>ܺ<EFBFBD><DCBA><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ַ<EFBFBD><D6B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ɵ<EFBFBD><C9B5><EFBFBD><EFBFBD><EFBFBD>Ԥ<EFBFBD>ȷ<EFBFBD><C8B7><EFBFBD><EFBFBD>ڴ<EFBFBD>
+ * @return 0 <20>ɹ<EFBFBD><C9B9><EFBFBD><EFBFBD><EFBFBD> 0 ʧ<><CAA7>
+ */
+// ע<>⣺<EFBFBD><E2A3BA><EFBFBD><EFBFBD>ʹ<EFBFBD><CAB9> ZeroPadding<6E><67><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ҫȥ<D2AA><C8A5>ĩβ 0
+int sm4_ecb_decrypt_zeropad_base64(const char* base64_cipher, const char* key_str, char* plaintext_out) {
+    if (!base64_cipher || !key_str || !plaintext_out) {
+        return -1;
+    }

+    // base64 decode
+    unsigned char cipher_bin[256] = {0};
+	long cipher_len = 0;                   // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
+    int ret = base64_decode(base64_cipher, strlen(base64_cipher),
+                        (char*)cipher_bin, &cipher_len);
+	if (ret != 0) {
+    	// <20><><EFBFBD><EFBFBD>ʧ<EFBFBD>ܴ<EFBFBD><DCB4><EFBFBD>
+    	return -1;
+	}
+	
+    if (cipher_len <= 0 || cipher_len % 16 != 0) {
+        return -2; // SM4 <20>鳤<EFBFBD>ȱ<EFBFBD><C8B1><EFBFBD>Ϊ 16 <20>ı<EFBFBD><C4B1><EFBFBD>
+    }

+    // ׼<><D7BC> key
+    if (strlen(key_str) != 16) {
+        return -3; // SM4 Ҫ<><D2AA><EFBFBD><EFBFBD>Կ<EFBFBD><D4BF> 16 <20>ֽ<EFBFBD>
+    }
+
+    unsigned char key_bin[16] = {0};
+    memcpy(key_bin, key_str, 16);
+
+    // <20><>ʼ<EFBFBD><CABC> SM4 <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
+    sm4_context ctx;
+    SM4 sm4;
+    sm4.sm4_setkey_dec(&ctx, key_bin);
+
+    // <20><><EFBFBD><EFBFBD>
+    unsigned char plain_buf[256] = {0};
+    sm4.sm4_crypt_ecb(&ctx, SM4_DECRYPT, cipher_len, cipher_bin, plain_buf);
+
+    // ȥ<><C8A5> zero padding<6E><67>ĩβ<C4A9><CEB2> 0x00<30><30>
+    int plain_len = cipher_len;
+    while (plain_len > 0 && plain_buf[plain_len - 1] == 0x00) {
+        plain_len--;
+    }
+
+    memcpy(plaintext_out, plain_buf, plain_len);
+    plaintext_out[plain_len] = '\0';
+
+    return 0;
+}

--- a/mms/db_interface.h
+++ b/mms/db_interface.h
@@ -56,6 +56,8 @@ extern char* POSTGRES_TABLEPREFIX;
 void GetSM4Code(unsigned char* pSerise,char* pKey,char* output);
 void MyGetSM4Code(char* input,unsigned char* szKey,char* output);

+int sm4_ecb_decrypt_zeropad_base64(const char* base64_cipher, const char* key_str, char* plaintext_out);//lnk20250728
+
 void try_start_kafka_thread();

 void try_start_mqconsumer_thread();//lnk20241216
@@ -149,6 +151,8 @@ int parse_device_cfg_web();
 int parse_model_cfg_web();
 void SOEFileWeb(char* localpath,char* cloudpath,char* wavepath);
 const char* get_front_msg_from_subdir();
+
+
 //////////////////////////////////////////////////////////////////////////////////////
 typedef struct {
    char WavePhasicFlag[64];
--- a/mms/main.c
+++ b/mms/main.c
@@ -218,8 +218,6 @@ int main(int argc, const char **argv)
 		return rv;
 	}

-
-
 	getVersion(argc,argv);

 	rv=parse_param(argc, argv);
--- a/mms/mmsclient.c
+++ b/mms/mmsclient.c
@@ -1182,7 +1182,23 @@ S_SEC_ENCRYPT_CTRL *encryptCtrl = NULL;	/* conn enctryption info	*/
 	      authInfo->auth_pres = SD_TRUE;
 	      authInfo->mech_type = ACSE_AUTH_MECH_PASSWORD;
 	      memset(ied_password,0,sizeof(ied_password));
-        GetSM4Code((unsigned char*)dev_series,dev_key,ied_password);
+
+        //传进来的就是加密过的先解密成明文再传入
+        const char* key = "11HDESaAhiHHug2z";//上层使用的写死的key
+        char dev_series_plaintext[256] = {0};
+        char dev_key_plaintext[256] = {0};
+
+        int ret1 = sm4_ecb_decrypt_zeropad_base64(dev_series, key, dev_series_plaintext);
+        int ret2 = sm4_ecb_decrypt_zeropad_base64(dev_key, key, dev_key_plaintext);
+        if (ret1 == 0 && ret2 == 0) {
+            printf("识别码解密成功\n");
+            //printf("解密后的 dev_series: %s\n", dev_series_plaintext);
+            //printf("解密后的 dev_key   : %s\n", dev_key_plaintext);
+        } else {
+            printf("识别码解密失败\n");
+        }
+
+        GetSM4Code((unsigned char*)dev_series_plaintext,dev_key_plaintext,ied_password);
 	      strcpy (authInfo->u.pw_auth.password, ied_password);	
    } else {
        printf("dev_series or dev_key is null or space!\n");