c5_labsci/web/admin/demo/dyn/ecc_ukey_ad.html

<!DOCTYPE html>
<html>

<head>
    <meta http-equiv="Content-type" content="text/html; charset=utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1">
    <meta http-equiv="X-UA-Compatible" content="IE=Edge,chrome=1">
    <link href="/jscss/style.css" rel="stylesheet" type="text/css" />
    <script type="text/javascript" charset="utf-8" src="/jscss/theme.js"></script>
    <style>
        .main>div {
            padding: 1em;
            background: var(--bg1);
            margin-bottom: 1em;
            border: 1px solid var(--bg5);
        }
    </style>
</head>

<body>
    <div class="px4 py4 main">
        <blockquote>识别号</blockquote>
        <div>
            用于标识UKey设备唯一编号<br />
            <button class='btn' onclick="getsn()">全球识别号</button>
            <div id="id_sn"></div>
        </div>
        <blockquote>登录用户</blockquote>
        <div>
            无感自动登录时设置的默认用户名<br />
            <button class='btn' onclick="readuser()">读用户名</button>
            <button class='btn' onclick="writeuser()">写用户名</button>
            <br /><input id="id_user" type="text" style="width: 100%;" />
        </div>

        <blockquote>ECC签名</blockquote>
        <div>
            现将不限制长度的明文数据用hash256等算法计算固定长度hash摘要，再用私钥签名<br />
            <textarea id="mdata" style="width: 100%; height: 5em;">待签名数据123455</textarea>
            <br /><button class='btn' onclick="hashData()">数据hash</button>
            <br />hash:<input id="mhash" type="text" style="width: 100%;" />
            <br /><button class='btn' onclick="eccsign()">ECC签名</button>
            <br />签名:
            <br /><textarea id="msignature" style="width: 100%; height: 5em;"></textarea>
        </div>

        <blockquote>ECC验签</blockquote>
        <div>
            将导出的公钥公开(服务端)，服务端将用hash值、sign签名、公钥，做签名验证。<br />
            服务端保存好原始明文数据、sign签名、公钥，可作为司法证据，防抵赖。<br />
            最佳实践，用户收到Ukey后，应自行生成新密钥对，再与平台方关联。<br />
            <button class='btn' onclick="exppubkey()">导出公钥</button>
            <br /><textarea id="pubkey" style="width: 100%; height: 5em;"></textarea>
            <br /><button class='btn' onclick="checksignjs()">ECC 前端验签</button>
            <br /><button class='btn' onclick="checksignback()">ECC 后端验签</button>
            <div id="check_result"></div>
        </div>

        <blockquote>PIN码</blockquote>
        <div>
            <input id="pin" type="text" style="width: 10em;" />
            <button class='btn' onclick="pin()">验证</button>
            <br /><input id="newpin" type="text" style="width: 10em;" />
            <button class='btn' onclick="changepin()">改PIN</button>
        </div>

        <blockquote>重置PIN码</blockquote>
        <div>
            <button class='btn' onclick="genpin()">挑战码</button><br />
            <input id="gentxt" type="text" style="width: 100%;" />
            <input id="anstxt" type="text" style="width: 100%;" />
            <br /><button class='btn' onclick="resetpin()">重置PIN</button>
        </div>

        <blockquote>读写标记</blockquote>
        <div>
            <button class='btn' onclick="getkey('ciy')">读标记</button><br />
            <input id="kv" type="text" style="width: 100%;" />
            <br /><button class='btn' onclick="setkey('ciy')">写标记</button>
        </div>

        <blockquote>初始化</blockquote>
        <div>
            <button class='btn' onclick="initkey()">初始化重置密钥对</button> 执行时间较长
        </div>
        <div style="height:2em;"></div>
    </div>
    <script type="text/javascript" src="/jscss/ciy.js"></script>
    <script type="text/javascript" src="../common.js"></script>
    <script type="text/javascript">
        'use strict';
        var Glob = { url: 'http://127.0.0.1:2300/api/' };
        function getsn() {
            var res = ciyfn.ajaxsync({
                url: Glob.url + "GetSerialNumber"
            });
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
            $5("#id_sn").html(res.data.sn);
        }
        function readuser() {
            var res = ciyfn.ajaxsync({
                url: Glob.url + "GetUserName"
            });
            console.log(res);
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
            $5("#id_user").val(res.data.UserName);
        }
        function writeuser() {
            var user = $5("#id_user").val();
            var res = ciyfn.ajaxsync({
                url: Glob.url + "WriteUserName"
                , data: {
                    UserName: user
                }
            });
            console.log(res);
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
        }
        function hashData() {
            const data = document.getElementById("mdata").value;
            ciyfn.sha256(data).then(hash => document.getElementById("mhash").value = hash);
        }

        function eccsign() {
            var data = document.getElementById("mhash").value;
            var res = ciyfn.ajaxsync({
                url: Glob.url + "GetECCSignData"
                , data: {
                    pbData: data
                }
            });
            console.log(res);
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
            document.getElementById("msignature").value = res.data.HashData;

        }
        function exppubkey() {
            var res = ciyfn.ajaxsync({
                url: Glob.url + "ExportECCPublicKey"
            });
            console.log(res);
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
            document.getElementById("pubkey").value = res.data.pub;


        }
        function checksignjs() {
            const pbData = document.getElementById("mhash").value;
            const pbSignature = document.getElementById("msignature").value;
            var res = ciyfn.ajaxsync({
                url: Glob.url + "GetECCVerify"
                , data: {
                    "pbData": pbData,
                    "pbSignature": pbSignature
                }
            });
            console.log(res);
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
            document.getElementById("check_result").innerHTML = `js验签结果: 成功`;
        }
        function checksignback() {
            var postparam = {};
            postparam.sign = document.getElementById("msignature").value;
            postparam.pubkey = document.getElementById("pubkey").value;
            postparam.hash = document.getElementById("mhash").value;
            ciyfn.callfunc("checkecc", postparam, function (json) {
                document.getElementById("check_result").innerHTML = json.msg;
            });
        }

        function pin() {
            const pin = document.getElementById("pin").value;
            var res = ciyfn.ajaxsync({
                url: Glob.url + "VerifyUserPIN"
                , data: {
                    "UserPIN": pin
                }
            });
            console.log(res);
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
            ciyfn.alert('PIN密码校验成功');
        }
        function changepin() {
            const pin = document.getElementById("pin").value;
            const newpin = document.getElementById("newpin").value;
            var res = ciyfn.ajaxsync({
                url: Glob.url + "ChangeUserPIN"
                , data: {
                    "UserPIN": pin,
                    "UserNewPIN": newpin
                }
            });
            console.log(res);
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
            ciyfn.alert('PIN密码修改成功');
        }
        function genpin() {
            var res = ciyfn.ajaxsync({
                url: Glob.url + "GenerateUserCode"
            });
            console.log(res);
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
            document.getElementById("gentxt").value = res.data.ChallengeCode;
        }
        function resetpin() {
            const gentxt = document.getElementById("gentxt").value;
            const anstxt = document.getElementById("anstxt").value;
            var res = ciyfn.ajaxsync({
                url: Glob.url + "RemoteUnblockPIN"
                , data: {
                    "ChallengeCode": gentxt,
                    "AnswerData": anstxt
                }
            });
            console.log(res);
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
            ciyfn.alert('PIN重置成功:12345678');
        }
        function getkey(key) {
            var res = ciyfn.ajaxsync({
                url: Glob.url + "GetKeyValue"
                , data: {
                    "Key": key,
                }
            });
            console.log(res);
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
            document.getElementById("kv").value = res.data.Value;
        }

        function setkey(key) {
            var res = ciyfn.ajaxsync({
                url: Glob.url + "DeleteKey"
                , data: {
                    "Key": key,
                }
            });
            const kv = document.getElementById("kv").value;
            if (kv) {
                var res = ciyfn.ajaxsync({
                    url: Glob.url + "WriteKeyValue"
                    , data: {
                        "Key": key,
                        "Value": kv,
                    }
                });
                console.log(res);
                if (res.code != 1)
                    return ciyfn.alert(res.errmsg);
            }
            ciyfn.alert('写成功');
        }
        function initkey() {
            var res = ciyfn.ajaxsync({
                url: Glob.url + "InitDev"
            });
            console.log(res);
            console.log(res.data.appliation_name);
            console.log(res.data.container_list);
            console.log(res.data.user_pin);
            console.log(res.data.user_pin_retry_count);
            if (res.code != 1)
                return ciyfn.alert(res.errmsg);
        }

    </script>
</body>

</html>