0201_APP/APP/display/display_ctrl.c

/*
 * @Description: 
 * @Version: 2.0
 * @Author: Seven
 * @Date: 2022-11-22 11:15:13
 * @LastEditors: Seven
 * @LastEditTime: 2022-12-06 13:47:20
 */
#include "display_ctrl.h"
#include "includes.h"
#include <stdlib.h>
#include <stdio.h>
#include "macro_common.h"

uint8_t IAP_PROT_VER = IAP_VER1;

uint8_t XSP_ADDRESS = 0x81;
static uint8_t g_xspSn[16] = {0};
static uint8_t encrybuf[256] = {0};
static uint8_t _tempBuff[256] = {0};
static uint8_t _xspSendBuff[256] = {0};
static uint8_t rcvxspDa[256] = {0};
static uint8_t decrybuf[128] = {0};
xsp_comm_info_t xsp_comm_info[1];
txsp_info_t t_xsp_info;
ota_xsp_info_t ota_xsp_info;


uint8_t const   display_code[]={                       //共阴——标准字库,外部是共阳接法。
//   0    1    2    3    4    5    6    7    8    9    A    B    C    D    E    F
  0x3F,0x06,0x5B,0x4F,0x66,0x6D,0x7D,0x07,0x7F,0x6F,0x77,0x7C,0x39,0x5E,0x79,0x71,
//black10  -   H    J    K    L    N    o   P    U     t    G    Q    r   M    y
  0x00,0x40,0x76,0x1E,0x70,0x38,0x37,0x5C,0x73,0x3E,0x78,0x3d,0x67,0x50,0x37,0x6e,
// 0.   1.   2.   3.   4.   5.   6.   7.   8.   9.   -1  .
  0xBF,0x86,0xDB,0xCF,0xE6,0xED,0xFD,0x87,0xFF,0xEF,0x46,0x80
};

//密钥组数组，(16+1)*16, KEY0根据显示模块传出的密钥序号，从该数组中提取而来,
//提取方法为：以密钥序号为偏移量，连续提取16字节，作为认证基础密钥KEY0
const uint8_t keyGroup[272]={
    0xE7,0x5F,0x2F,0xE9,0x37,0x94,0x3D,0xA7,0x24,0x2A,0x54,0x2B,0x7A,0xF5,0x4D,0xE4,
    0xAB,0x9C,0xCF,0xC4,0xB0,0x67,0xF4,0xBD,0x9F,0x7D,0x33,0xDA,0xEB,0x81,0x71,0x90,
    0x15,0x17,0xDF,0xD7,0xC9,0xA1,0x57,0x1B,0x48,0xA8,0x62,0x95,0xC5,0x5E,0x00,0x9A,
    0x46,0x8D,0xF1,0x74,0x09,0x51,0x1A,0x7E,0xB6,0x2D,0x0D,0x8E,0x85,0xA3,0xF6,0xBE,
    0xC3,0xA2,0x11,0x4E,0xAD,0xD8,0x39,0xCC,0x96,0x7C,0xE5,0x38,0x72,0xAE,0xB4,0xE3,
    0xE8,0xBB,0x3F,0x58,0xF8,0x16,0x93,0x87,0x3C,0x5C,0xDC,0x31,0x44,0xF0,0x10,0xEE,
    0xB9,0xED,0xD2,0xF9,0x56,0x40,0x01,0xE2,0x8C,0x50,0x3A,0x75,0x7B,0xFA,0xCD,0x52,
    0x14,0x27,0xB3,0x3E,0x88,0xAF,0x21,0x2E,0xE0,0x1D,0xB7,0x23,0xB5,0xFE,0x36,0x4C,
    0x6C,0xDE,0x92,0x25,0xF3,0x70,0x6A,0xD3,0x35,0xFC,0x86,0x83,0xC7,0x77,0x13,0xAA,
    0x06,0x0B,0x6F,0xEA,0xD1,0x66,0x98,0x0E,0x43,0x0F,0x79,0xA6,0x3B,0x30,0xC0,0xC8,
    0x55,0x82,0x9B,0x91,0x68,0x6B,0xFD,0x7F,0xDB,0xE1,0x47,0x26,0x28,0xBF,0x8F,0x60,
    0x5D,0x59,0xFB,0xEC,0x05,0x5B,0x08,0x02,0xC2,0xE6,0xAC,0x45,0x32,0xB2,0x34,0x07,
    0x1F,0xD4,0x6E,0xD6,0x5A,0x64,0x22,0xC1,0xA9,0xB1,0x9E,0xEF,0xBA,0xB8,0x1C,0x9D,
    0x12,0x97,0x29,0xBC,0x49,0x0C,0xDD,0x89,0x69,0x4B,0x73,0x78,0xCE,0xC6,0x18,0xCB,
    0xD9,0xF7,0x2C,0x84,0x61,0x80,0x8A,0x19,0x20,0x42,0xFF,0x03,0x76,0x6D,0x4F,0x41,
    0x8B,0x65,0xCA,0x63,0xD5,0x99,0xA5,0x4A,0x1E,0x04,0xA0,0xA4,0x0A,0x53,0xD0,0xF2,
    0xE7,0x5F,0x2F,0xE9,0x37,0x94,0x3D,0xA7,0x24,0x2A,0x54,0x2B,0x7A,0xF5,0x4D,0xE4
};
const uint8_t XSP_KEY1[16]={0xCB,0x37,0x13,0x37,0xF5,0xFF,0x28,0x12,0xCC,0xEA,0x04,0xE9,0x74,0xBF,0x54,0xB1};
uint8_t SN[8]={'N','S','1','2','3','4','5','6'};//{0x31, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36};//
//KYE1为SN采用母密钥以TDES算法分散而来,调试时，母密钥暂定为：
const uint8_t FatherKey[16]={0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F};


/* 取反函数 */
int reverse_get(uint8_t* buffer, uint8_t* result,uint8_t data_len)
{
    int ret = 0;
    int i;
    for(i = 0; i < data_len; i++)
    {
        *(result+i) = ~(*(buffer+i));
    }

    return ret;
}


/* 比较两个字符串 */
static int _my_strcmp(uint8_t *buff1, uint8_t *buff2, uint8_t len)
{
    int i, ret = 1;
    for(i = 0; i < len; i++)
    {
        if(buff1[i] != buff2[i])
        {
            return ret;
        }
    }
    ret = 0;
    return ret;
}

/* 密钥计算 用R1^R2 得到R值  */
int key_com(uint8_t *input1,uint8_t *input2,uint8_t *output,uint8_t len)
{
    int ret = 0;
    int i;
    for(i = 0; i < len; i++)
    {
        output[i] = input1[i]^input2[i];
    }
    return ret;
}
/* 根据R值 得到密密钥 KEY */
//int key_get(uint8_t *rVal, uint8_t *)

/* 根据SN得到一串16个字节的数据 */
void get_sn_key(uint8_t *sn, uint8_t *outSn)
{
    int i = 0;

    for(i=0;i<8;i++){
        outSn[i] = sn[i];
        outSn[i+8] = ~sn[i];
    }
}

/* 双向认证接收参数 */
int issue_rcv_comm(void *puser, uint8_t *para, uint8_t size,void *key)
{
    int ret;
    uint16_t crc;
    uint16_t* p_crc;
   // uint8_t temp_buff[64];


    xsp_comm_info_t *p_xsp = (xsp_comm_info_t *)puser;
    memset(_tempBuff,0,sizeof(_tempBuff));

    crc = CRC16_get(para, size-2);
    p_crc = (uint16_t *)&para[size-2];
    *p_crc = htons(*p_crc);
    if(crc == *p_crc)
    {
//        if(para[0] != XSP_RESULT_SUCCESS){
//            printf("认证结果错误 errorcode = %d\r\n",para[0]);
//            ret = para[0];
//            return ret;
//        }
		
        if(para[0] == 1) // 认证第一步返回结果
        {
			printf("rcv step1\n");
            reverse_get(para+1, _tempBuff, 16);//将R1取反得/R1
            ret = _my_strcmp(p_xsp->issue_key.Authent_R1,_tempBuff,16);//比较接收的/R1和发送的R1是否相同
            if(ret)return ret; //接收数据错误
            memcpy(p_xsp->issue_key.Authent_R2,&(para[17]),16); // 保存第二步的认证结果
            p_xsp->issue_key.Authen_steps = 0x02; //认证步骤置为2
			ret = XSP_RESULT_SUCCESS;
        }
        else if(para[0] == 2){ //认证第二步返回结果
			printf("rcv step2\n");
            p_xsp->issue_key.Authen_steps = 0x03; // 认证成功
            key_com(p_xsp->issue_key.Authent_R1,p_xsp->issue_key.Authent_R2,p_xsp->issue_key.key,16);//密钥计算
            memset(g_xspSn,0,sizeof(g_xspSn));
            memset(encrybuf,0,sizeof(encrybuf));
			data_dump("sn",SN,8);
            get_sn_key((uint8_t*)SN,g_xspSn);
            DesEncryptFunc(g_xspSn,encrybuf,(uint8_t*)FatherKey,16,16);//用母密钥和SN加密， 得到KEY1

            data_dump("get key1:",encrybuf,16);
            data_dump("get R:",p_xsp->issue_key.key,16);
            DesEncryptFunc(p_xsp->issue_key.key,key,encrybuf,16,16); // 用KEY1和R加密，得到KEY
            data_dump("get key:",key,16);
			ret = XSP_RESULT_SUCCESS;
        }
		else
		{
			ret = XSP_RESULT_RCVERR;
		}
        
    }
    else
    {
        ret = XSP_RESULT_PCRCRERROR;// para[0];
    }
//	printf("rcv c1 ret1 = %02x\n",ret);
    return ret;

}

/* 双向认证下发参数Issue parameters */
int _Issue_para(uint8_t step,uint8_t *para, void *puser)
{
    int i;
    int ret = 0;
    uint16_t crc;
   // uint8_t temp_buff[40];

    //issue_info_t *temp = (issue_info_t *)puser;

    xsp_comm_info_t *p_xsp = (xsp_comm_info_t *)puser;

    memset(para, 0, 40);
    memset(_tempBuff,0,sizeof(_tempBuff));
    if(step == 1)
    {
		printf("send step1\n");
        p_xsp->issue_key.Authen_steps = 0x01;

        for(i = 0; i < 16; i++)
        {
            p_xsp->issue_key.Authent_R1[i] = rand()%0xff; //l6byte随机数（R1）
        }

        *para = 0x01;
        *(para+1) = 0x01; //认证步骤
        memcpy(para+2,p_xsp->issue_key.Authent_R1,16); //前16字节为R1，后16字节为0

        crc = CRC16_get(para,38);
        para[38] = (crc>>8)&0x00ff;
        para[39] = crc&0x00ff;

    }
    else if(step == 2)
    {
		printf("send step2\n");
        reverse_get(p_xsp->issue_key.Authent_R2, _tempBuff, 16); //将接收的R2取反

        *para = 0x01;
        *(para+1) = 0x02; //认证步骤
        memcpy(para+18,_tempBuff,16);//前16字节为0，后16字节为取反的R2

        crc = CRC16_get(para,38);
        //crc = htons(crc);
        para[38] = (crc>>8)&0x00ff;
        para[39] = crc&0x00ff;
    }

    return ret;

}
/*---------------------------------------------------------------------------
 *  随机数与参数的异或
 *  _buff:  参数
 *  _buffLen : 参数的长度
 *  _rnd: 随机数
 *  _rndLen: 随机数的长度
 * --------------------------------------------------------------------------*/
static void randomOperate(uint8 * _buff,uint32 _buffLen,uint8 * _rnd,uint32 _rndLen)
{
    uint32 i = 0;
    uint32 tempIndex = 0;

   // return;

    tempIndex=0;
    for(i=0;i<_buffLen;i++)
    {
        _buff[i]^=_rnd[tempIndex];
        tempIndex++;
        if(tempIndex>=_rndLen)
            tempIndex=0;
    }
}

/*---------------------------------------------------------------------------
 *  指令 C0发送
 *  下发的结构：帧头(1)+帧长度(1)+帧号(1)+SN码(4)+指令码(1)+参数[n]+CRC校验码[2]
 *---------------------------------------------------------------------------*/
int xsp_0xC0_send(uint32_t sn)
{
   // uint8_t send_buf[64];
    uint8_t send_size, *fparm;
    uint16_t *p_crc;

    txspCommFrame_t *p_xsp_tx = (txspCommFrame_t *)_xspSendBuff;

    memset(_xspSendBuff, 0, sizeof(_xspSendBuff));
    p_crc = (uint16_t *)&_xspSendBuff[sizeof(txspCommFrame_t) + 2];
    p_xsp_tx->fhead = 0xbb;
    p_xsp_tx->flen = XSP_CMD_HEADLEN+2;	//长度码为命令码、帧号、参数和校验码的字节数之和
    p_xsp_tx->findex = 0x81; 	//帧号标识本帧的特征信息，帧号0x81表示单帧命令;
    p_xsp_tx->faddress = sn;
    p_xsp_tx->fcmd = 0xC0;
    fparm = &_xspSendBuff[sizeof(txspCommFrame_t)];
    *(fparm+1) = 0x00;
    *(fparm+2) = 0x00;

    *p_crc = CRC16_get(&p_xsp_tx->fhead, p_xsp_tx->flen);//校验码为帧号、命令码和参数逐字节的逻辑和
    *p_crc = htons(*p_crc);
    send_size = p_xsp_tx->flen + 2;
    _ytsf_data_code(_xspSendBuff, &send_size);	/* 编码发送 */


   data_dump("xsp send", (uint8_t *)p_xsp_tx, send_size);
    // memcpy(puser,p_xsp_tx,send_size);
    RS485_TX();
    uart_msg_send(UART3_ID,(char *)_xspSendBuff,send_size);
    delay_us(100);
    RS485_RX();
    msg_para.Uart = UART3_ID;
    timeout_setValue(&ota_xsp_info.tt_uart,OTA_XSP_UART_TIMEOUT,1);
    return send_size;
}


/*----------------------------------------------------------------------
 * 双向认证，发送认证
 * 帧头(1)+帧长度(1)+帧号(1)+SN码(4)+指令码(1)+参数[n]+CRC校验码[2]
 *
 *----------------------------------------------------------------------*/
int xsp_0xC1_send(uint32_t sn,uint8_t step,void *puser, uint8_t key_num)
{
   // uint8_t send_buf[64];
    uint8_t send_size;//, *fparm;
    uint16_t *p_crc;
    uint8_t para_buf[64];//,encrybuf[64];

    txspCommFrame_t *p_xsp_tx = (txspCommFrame_t *)_xspSendBuff;

    xsp_comm_info_t *p_xsp = (xsp_comm_info_t *)puser;

    memset(_xspSendBuff, 0, sizeof(_xspSendBuff));
  //  p_crc = (uint16_t *)&send_buf[sizeof(txspCommFrame_t) + size];
    p_xsp_tx->fhead = 0xbb;
    p_xsp_tx->flen = XSP_CMD_HEADLEN+40;	//长度码为命令码、帧号、参数和校验码的字节数之和
    p_xsp_tx->findex = 0x81; 	//帧号标识本帧的特征信息，帧号0x81表示单帧命令;
    p_xsp_tx->faddress = sn;
    p_xsp_tx->fcmd = 0xC1;
  //  fparm = &_xspSendBuff[sizeof(txspCommFrame_t)];

    _Issue_para(step,para_buf,p_xsp);//设置认证参数部分


    /*参数部分处理：先将参数部分加密，然后计算CRC校验，最后整体进行转义编码*/
    send_size = XSP_CMD_HEADLEN;
   // printf("\r\n key = %x\r\n",key_num);
    data_dump("send  keyGroup",(uint8_t*)&keyGroup[key_num],16);
    data_dump("send  not desencrpt",para_buf,40);
    DesEncryptFunc(para_buf,encrybuf,(uint8_t*)&keyGroup[key_num],40,16);//参数加密
    memcpy(_xspSendBuff+send_size,encrybuf,40);//将加密后的参数拼接
    send_size+=40;
    p_crc = (uint16_t *)&_xspSendBuff[sizeof(txspCommFrame_t)+40];
    *p_crc = CRC16_get(_xspSendBuff, send_size);//
    *p_crc = htons(*p_crc);
    send_size += 2;

    _ytsf_data_code(_xspSendBuff, &send_size);	/*编码发送 */

    // memcpy(sendDa,(char*)_xspSendBuff,send_size);
    //data_dump("xsp send", (uint8_t *)send_buf, send_size);
    RS485_TX();
    uart_msg_send(UART3_ID,(char *)_xspSendBuff,send_size);
    delay_us(100);
    RS485_RX();
    msg_para.Uart = UART3_ID;
    timeout_setValue(&ota_xsp_info.tt_uart,OTA_XSP_UART_TIMEOUT,1);
    return send_size;
}

/*----------------------------------------------------------------------------------------
 * 加密命令发送
 * 指令格式：帧头(1)+帧长度(1)+帧号(1)+SN码(4)+指令码(1)+参数[n]+CRC校验码[2]
 * ----------------------------------------------------------------------------------------*/
int xsp_send_comm(uint8_t *key, uint8_t cmd, uint32_t sn, uint8_t *data, uint8_t size)
{
    uint8_t send_size;//, *fparm;
    uint16_t *p_crc;

    txspCommFrame_t *p_xsp_tx = (txspCommFrame_t *)_xspSendBuff;

    memset(_xspSendBuff, 0, sizeof(_xspSendBuff));
    p_crc = (uint16_t *)&_xspSendBuff[sizeof(txspCommFrame_t) + size];
    p_xsp_tx->fhead = 0xbb;
    p_xsp_tx->flen = XSP_CMD_HEADLEN+size;	//长度码为命令码、帧号、参数和校验码的字节数之和
    p_xsp_tx->findex = 0x81; 	//帧号标识本帧的特征信息，帧号Ox81H表示单帧命令;
    p_xsp_tx->faddress = sn;
    p_xsp_tx->fcmd = cmd;
   // fparm = &_xspSendBuff[sizeof(txspCommFrame_t)];

    /*
    参数部分处理：先将参数部分加密，然后计算CRC校验，最后整体进行转义编码
    */
    send_size = XSP_CMD_HEADLEN;
    // 以下三行测试代码
//    data_dump("send  key :",key,16);
//    memcpy(_xspSendBuff+send_size,data,size);
//    data_dump("send  data :",_xspSendBuff,size+send_size);

//	printf("1\n");
    DesEncryptFunc(data,encrybuf,key,size,16);//参数加密
//	printf("2\n");
    memcpy(_xspSendBuff+send_size,encrybuf,size);//将加密后的参数拼接
//	printf("3\n");
    send_size+=size;
    *p_crc = CRC16_get(_xspSendBuff, send_size);//校验码
    *p_crc = htons(*p_crc);
    send_size+=2;
//	printf("4\n");
    _ytsf_data_code(_xspSendBuff, &send_size);	/*编码发送 */
//	printf("5\n");
//	data_dump("xsp send",_xspSendBuff,send_size);
	
    RS485_TX();
    uart_msg_send(UART3_ID,(char *)_xspSendBuff,send_size);
    delay_us(100);
    RS485_RX();
    msg_para.Uart = UART3_ID;
    timeout_setValue(&ota_xsp_info.tt_uart,OTA_XSP_UART_TIMEOUT,1);

    // memcpy(puser,_xspSendBuff,send_size);

    return send_size;
}


/* 读取数据（0xC3）命令下发 */
int xsp_0xC3_send(uint32_t sn, uint8_t *key)
{
    int i;//,j;
    uint16_t crc;
    uint8_t send_size = 0;

    memset(_tempBuff,0,sizeof(_tempBuff));
    //读取随机数
    for(i = 0; i < 4; i++)
    {
        _tempBuff[2+i] = rand()%0xFF;
    }

    crc = CRC16_get(_tempBuff,6);
    _tempBuff[6] = (crc>>8)&0x00ff;
    _tempBuff[7] = crc&0x00ff;

    randomOperate(_tempBuff,2,&(_tempBuff[2]),4);/* 操作随机数循环异或 */

    send_size = xsp_send_comm(key,0xC3,sn,_tempBuff,8);
    return send_size;

}

///////////////////////////////////iap指令发送////////////////////////
//取sn的十进制ASCII码后8字节
void get_sn_dec_ascii(uint32_t sn, uint8_t *data)
{
    uint32_t t_sn = sn;
    uint8_t temp[10]={'0','0','0','0','0','0','0','0','0','0'};
    uint8_t t_data = 0;
    uint8_t i;
	for(i = 0; i < 8; i++)
	{
		if(t_sn == 0)
			break;
		t_data = t_sn%10;
		temp[7-i] = t_data+'0';
		t_sn /= 10;
	}
	memcpy(data, temp, 8);
//    for(i = 0; i < 10; i++)
//    {
//        if(t_sn == 0)
//            break;
//        t_data = t_sn%10;
//        temp[i] = t_data+'0';
//        t_sn /= 10;
//    }
//    for(i = 0; i < 8; i++)
//    {
//        data[i] = temp[7-i];
//    }
}

//计算iap密钥
void get_iap_key(uint32_t sn, uint8_t *key)
{
    uint8_t key_0[8] = {0};
    uint8_t key_1[16] = {0};
    get_sn_dec_ascii(sn,key_0);
	data_dump("xsp sn",key_0,8);
    memcpy(key_1,keyGroup,16);
    randomOperate(key_1,16,key_0,8);
    memcpy(key,key_1,16);
	data_dump("xsp key iap",key_1,16);
}

/*---------------------------------------------------------------------
*Hub指令发送
*subIns[1byte]+ paraLen[1byte] + para[n bytes] + rnd[4bytes] + pcrc[2bytes]
*
-----------------------------------------------------------------------*/
int xsp_hub_send(uint32_t sn, uint8_t cmd, uint8_t *key, uint8_t *data, uint8_t datalen)
{
    uint8_t i = 0;
    uint16_t crc,send_size = 0;
    memset(_tempBuff,0,sizeof(_tempBuff));
    _tempBuff[0] = cmd;
    _tempBuff[1] = datalen;
    memcpy(_tempBuff+2,data,datalen);
    send_size = datalen + 2;
    for(i = 0; i < 4; i++)//随机数
    {
        _tempBuff[send_size+i] = rand()%0xff;
    }
    crc = CRC16_get(_tempBuff,send_size+4);
    _tempBuff[send_size+4] = (crc>>8)&0x00ff;
    _tempBuff[send_size+5] = crc&0x00ff;
//	data_dump("hub",_tempBuff,send_size+6);
    randomOperate(_tempBuff,send_size,&(_tempBuff[send_size]),4);/* 操作随机数循环异或 */
    send_size += 6;
//	data_dump("hub rand",_tempBuff,send_size);
    send_size = xsp_send_comm(key,0xCE,sn,_tempBuff,send_size);
    return send_size;
}

/*---------------------------------------------------------------------
*获取当前IAP相关信息（0x01）
*iapIns[1]+reserved[4] + rnd[1] + crc16[2]
*
-----------------------------------------------------------------------*/
int xsp_iap_0x01_send(uint32_t sn, uint8_t *key_iap, uint8_t *key_hub)
{
    uint16_t crc,send_size = 0;
    memset(_tempBuff,0,sizeof(_tempBuff));
    _tempBuff[0] = 0x01;
    _tempBuff[5] = rand()%0xff;//随机数
    crc = CRC16_get(_tempBuff,6);
    _tempBuff[6] = (crc>>8)&0x00ff;
    _tempBuff[7] = crc&0x00ff;
	data_dump("iap 01",_tempBuff,8);
//    randomOperate(_tempBuff,5,&(_tempBuff[5]),1);/* 操作随机数循环异或 */
//	data_dump("iap 01 rand",_tempBuff,8);
    DesEncryptFunc(_tempBuff,encrybuf,key_iap,8,16);//参数加密
	data_dump("iap 01 encrypt",encrybuf,8);
    send_size = 8;
    send_size = xsp_hub_send(sn,0x10,key_hub,encrybuf,send_size);
    return send_size;
}

/*---------------------------------------------------------------------
*擦除指令（0x02）
*iapIns[1] + startAddr[4] + totalPages[4] + reserved[4] + rnd[1] + crc16[2]
*
-----------------------------------------------------------------------*/
int xsp_iap_0x02_send(uint32_t sn, uint8_t *key_iap, uint8_t *key_hub, uint32_t startAddr, uint32_t totalPages)
{
    uint16_t crc,send_size = 0;
    memset(_tempBuff,0,sizeof(_tempBuff));
    _tempBuff[0] = 0x02;
    memcpy(_tempBuff+1,(uint8_t *)&startAddr,4);
    memcpy(_tempBuff+5,(uint8_t *)&totalPages,4);
    send_size = 13;
    _tempBuff[send_size] = rand()%0xff;//随机数
    crc = CRC16_get(_tempBuff,send_size+1);
    _tempBuff[send_size+1] = (crc>>8)&0x00ff;
    _tempBuff[send_size+2] = crc&0x00ff;
    data_dump("iap 02 send",_tempBuff,send_size+3);
//    randomOperate(_tempBuff,send_size,&(_tempBuff[send_size]),1);/* 操作随机数循环异或 */
    send_size += 3;
    DesEncryptFunc(_tempBuff,encrybuf,key_iap,send_size,16);//参数加密
    send_size = xsp_hub_send(sn,0x02,key_hub,encrybuf,send_size);
    return send_size;
}

/*---------------------------------------------------------------------
*编程指令（0x03）
*iapIns[1] + u32Len[1] + startAddr[4] + prgData[n] + reserved[m] + rnd[1] + crc16[2]
*
-----------------------------------------------------------------------*/
int xsp_iap_0x03_send(uint32_t sn, uint8_t *key_iap, uint8_t *key_hub, uint8_t datalen, uint32_t startAddr)
{
	uint32_t iap_startaddr = 0;
	uint32_t data_len = datalen;
    uint16_t crc,send_size = 0;
    uint8_t reserve_size = 0;
    uint8_t temp[OTA_XSP_PACK_LEN] = {0};
    memset(_tempBuff,0,sizeof(_tempBuff));
	printf("send pkgs<%d/%d>\n",ota_xsp_pack_info.total_pkgs,ota_xsp_info.iap_0x03_num+1);
	if(ota_xsp_info.iap_0x03_num == ota_xsp_pack_info.total_pkgs-1)//最后一包计算实际长度
	{
		data_len = (ota_xsp_pack_info.total_bytes-(ota_xsp_info.iap_0x03_num*OTA_XSP_PACK_LEN))/4;
	}
    Flash_BufferRead(ota_xsp_pack_info.app3_startaddr+ota_xsp_info.iap_0x03_num*OTA_XSP_PACK_LEN,temp,data_len*4);
    iap_startaddr = ota_xsp_pack_info.startaddr + (ota_xsp_info.iap_0x03_num*OTA_XSP_PACK_LEN);
	_tempBuff[0] = 0x03;
    _tempBuff[1] = data_len;
    memcpy(_tempBuff+2,(uint8_t *)&iap_startaddr,4);
    memcpy(_tempBuff+6,temp,data_len*4);
    send_size = data_len*4+6;
    reserve_size = ((send_size+3)%8==0) ? 0 : (8-((send_size+3)%8));
    send_size += reserve_size;
    _tempBuff[send_size] = rand()%0xff;//随机数
    crc = CRC16_get(_tempBuff,send_size+1);
    _tempBuff[send_size+1] = (crc>>8)&0x00ff;
    _tempBuff[send_size+2] = crc&0x00ff;
	data_dump("iap 03 send",_tempBuff,send_size+3);
//    randomOperate(_tempBuff,send_size,&(_tempBuff[send_size]),1);/* 操作随机数循环异或 */
    send_size += 3;
    DesEncryptFunc(_tempBuff,encrybuf,key_iap,send_size,16);//参数加密
    send_size = xsp_hub_send(sn,0x03,key_hub,encrybuf,send_size);
    return send_size;
}

/*---------------------------------------------------------------------
*校验指令（0x04）
*iapIns[1] + startAddr[4] + byteLen[4] + crcVeri[2] + reserved[2] + rnd[1] + crc16[2]
*
-----------------------------------------------------------------------*/
int xsp_iap_0x04_send(uint32_t sn, uint8_t *key_iap, uint8_t *key_hub, uint32_t startAddr, uint32_t byteLen, uint16_t crcVer)
{
    uint16_t crc,send_size = 0;
    memset(_tempBuff,0,sizeof(_tempBuff));
    _tempBuff[0] = 0x04;
    memcpy(_tempBuff+1,(uint8_t *)&startAddr,4);
    memcpy(_tempBuff+5,(uint8_t *)&byteLen,4);
	crcVer = htons(crcVer);
    memcpy(_tempBuff+9,(uint8_t *)&crcVer,2);
    send_size = 13;
    _tempBuff[send_size] = rand()%0xff;//随机数
    crc = CRC16_get(_tempBuff,send_size+1);
    _tempBuff[send_size+1] = (crc>>8)&0x00ff;
    _tempBuff[send_size+2] = crc&0x00ff;
	data_dump("iap 04 send",_tempBuff,send_size+3);
//    randomOperate(_tempBuff,send_size,&(_tempBuff[send_size]),1);/* 操作随机数循环异或 */
    send_size += 3;
    DesEncryptFunc(_tempBuff,encrybuf,key_iap,send_size,16);//参数加密
    send_size = xsp_hub_send(sn,0x04,key_hub,encrybuf,send_size);
    return send_size;
}

/*---------------------------------------------------------------------
*结束指令（0x07）
*iapIns[1] + appBase[4] + iapUnitime[4] + reserved[4] + rnd[1] + crc16[2]
*
-----------------------------------------------------------------------*/
int xsp_iap_0x07_send(uint32_t sn, uint8_t *key_iap, uint8_t *key_hub, uint32_t appBase, uint32_t iapUnitime)
{
    uint16_t crc,send_size = 0;
    memset(_tempBuff,0,sizeof(_tempBuff));
    _tempBuff[0] = 0x07;
    memcpy(_tempBuff+1,(uint8_t *)&appBase,4);
    memcpy(_tempBuff+5,(uint8_t *)&iapUnitime,4);
    send_size = 13;
    _tempBuff[send_size] = rand()%0xff;//随机数
    crc = CRC16_get(_tempBuff,send_size+1);
    _tempBuff[send_size+1] = (crc>>8)&0x00ff;
    _tempBuff[send_size+2] = crc&0x00ff;
	data_dump("iap 07 send",_tempBuff,send_size+3);
//    randomOperate(_tempBuff,send_size,&(_tempBuff[send_size]),1);/* 操作随机数循环异或 */
    send_size += 3;
    DesEncryptFunc(_tempBuff,encrybuf,key_iap,send_size,16);//参数加密
    send_size = xsp_hub_send(sn,0x07,key_hub,encrybuf,send_size);
    return send_size;
}

/*---------------------------------------------------------------------
*复位指令（0x0F）
*iapIns[1] + reserved[4] + rnd[1] + crc16[2]
*
-----------------------------------------------------------------------*/
int xsp_iap_0x0F_send(uint32_t sn, uint8_t *key_iap, uint8_t *key_hub)
{
    uint16_t crc,send_size = 0;
    memset(_tempBuff,0,sizeof(_tempBuff));
    _tempBuff[0] = 0x0F;
    _tempBuff[5] = rand()%0xff;//随机数
    crc = CRC16_get(_tempBuff,6);
    _tempBuff[6] = (crc>>8)&0x00ff;
    _tempBuff[7] = crc&0x00ff;
	data_dump("iap 0F send",_tempBuff,8);
//    randomOperate(_tempBuff,5,&(_tempBuff[5]),1);/* 操作随机数循环异或 */
    DesEncryptFunc(_tempBuff,encrybuf,key_iap,8,16);//参数加密
    send_size = 8;
    send_size = xsp_hub_send(sn,0x0F,key_hub,encrybuf,send_size);
    return send_size;
}




/////////////////////////////////////////////////////接收处理////////////////////////////////////////////////////////////
/*--------------------------------------------------------------------
 * 获取信息（0xC0）接收
 *  读取结果 (1);密钥序号 (1);硬件版本 (2);
 *  软件版本 (4);编译信息 (12); 屏幕SN（8）
 *
 *
 * --------------------------------------------------------------------*/
int xsp_0xC0_rcv(void *puser, uint8_t *data, uint8_t data_len)
{
    //uint8_t tax_data = *(data);
    int ret = XSP_RESULT_SUCCESS;
    uint32_t sn = 0;
    xsp_comm_info_t *p_xsp = (xsp_comm_info_t *)puser;

    p_xsp->xsp_info.KeySequence_number = *(data);
    memcpy(p_xsp->xsp_info.Hardware_version, data + 1, 2);
    memcpy(p_xsp->xsp_info.Software_version, data + 3, 4);
    memcpy(p_xsp->xsp_info.Compile_info, data + 7, 12);

    memcpy(p_xsp->xsp_info.protocolVer,data+27,2);//协议版本
	memcpy(p_xsp->xsp_info.devType,data+34,2);//设备类型
    data[27] = 0;
    memcpy(p_xsp->xsp_info.xsp_sn,data+19,8);
    sn = HextoDec((char*)(data+19));
    sprintf((char*)SN,"%08u",sn);
   // memcpy((char*)SN,data+19,8);
    ret = XSP_RESULT_SUCCESS;


    return ret;
}
/*--------------------------------------------------------------------
 *  解析认证（0xC1）接收
 *  认证结果 (1);认证步骤 (1);认证参数 (32);
 *  预留参数 (4); PCRC（2）
 *
 *
 * --------------------------------------------------------------------*/
int xsp_0xC1_rcv(void *puser, uint8_t *data, uint8_t data_len)
{
  //  uint8_t Decrypt[64] = {0};
    int ret = 0;

    memset(encrybuf,0,sizeof(encrybuf));
    DesDecryptFunc(data,encrybuf,(uint8_t*)&keyGroup[ota_xsp_info.txsp_info.curkey],40,16); //解密
    data_dump("DesDecryptFunc", (uint8_t *)encrybuf, 40);
    ret = issue_rcv_comm(xsp_comm_info,encrybuf,40,puser);
//	printf("rcv c1 ret2 = %02x\n",ret);
    return ret;
}

/*--------------------------------------------------------------------
 *  信息指令（0x01）接收
 *  ispIns[1] + iapRslt[1] + iapTimes[1] + iapStatus[1] + iapVer[4] + curAppBase[4] +
 *  chipUUID[12] + rnd1[1] + reserved[4] + rnd[1] + crc16[2]
 *
 * --------------------------------------------------------------------*/
int xsp_iap_0x01_rcv(void *puser, uint8_t *data, uint8_t data_len)
{
    int ret = XSP_IAP_RESULT_SUCCESS;
    xsp_iap_0x01_info_t *p_iap_rx = (xsp_iap_0x01_info_t *)data;
    if(p_iap_rx->iapRslt != XSP_IAP_RESULT_SUCCESS)//执行结果错误
    {
        ret = p_iap_rx->iapRslt;
        return ret;
    }
	printf("iaptimes:%u,iapver:0x%08x,curappbase:0x%08x\n",p_iap_rx->iapTimes,p_iap_rx->iapVer,p_iap_rx->curAppBase);
    memcpy(puser,data,data_len-8);
    return ret;
}

/*--------------------------------------------------------------------
 *  擦除指令（0x02）接收
 *  iapIns[1] + iapRslt[1]+ reserved[3]+ rnd[1] + crc16[2]
 *
 * --------------------------------------------------------------------*/
int xsp_iap_0x02_rcv(uint8_t *data, uint8_t data_len)
{
    int ret;
    ret = data[1];
    return ret;
}

/*--------------------------------------------------------------------
 *  hub指令（0xCE）接收
 *  subIns[1byte]+ paraLen[1byte] + para[n bytes] + rnd[4bytes] + pcrc[2bytes]
 *
 * --------------------------------------------------------------------*/
int xsp_hub_rcv(uint8_t *key, uint8_t *data, uint16_t len)
{
    int ret = XSP_RESULT_RCVERR;
    uint16_t *p_crc, crc;
    uint8_t size = 0;
	uint8_t index = 0;
//    uint8_t randDa[1] = {0};
	
	crc = CRC16_get(data, len-2);//校验码

	if(IAP_PROT_VER == IAP_VER1)
	{
		//老版
		memset(decrybuf,0,sizeof(decrybuf));
		memcpy(decrybuf,data,len-2);
		crc = CRC16_get(decrybuf, len);//校验码
	}
	
//    crc = CRC16_get(data, len-2);//校验码
    p_crc = (uint16_t *)&data[len-2];
    *p_crc = htons(*p_crc);
    if(crc != *p_crc)
    {
		printf("crc error\n");
        ret = XSP_RESULT_RCVERR;
        return ret;
    }
	index = 1;

	if(IAP_PROT_VER == IAP_VER1)
	{
		//老版
		if(data[0] != XSP_RESULT_SUCCESS)
		{
			printf("result error\n");
			ret = XSP_RESULT_RCVERR;
			return ret;
		}
		index = 2;
	}
	
	
	//iap指令参数部分
    memset(rcvxspDa,0,sizeof(rcvxspDa));
    size = data[index];
    DesDecryptFunc(data+index+1,rcvxspDa,key,size,16); //解密
//    memcpy(randDa,rcvxspDa+size-3,1);
//    randomOperate(rcvxspDa,size-3,randDa,1);

    //iap指令参数部分
    crc = CRC16_get(rcvxspDa, size-2);//校验码
    p_crc = (uint16_t *)&rcvxspDa[size-2];
    *p_crc = htons(*p_crc);
    if(crc != *p_crc)
    {
        ret = XSP_RESULT_RCVERR;
        return ret;
    }
//    switch(data[1])
//    {
//        case 0x10://iap指令
            switch(rcvxspDa[0])
            {
                case 0x01://信息指令
					printf("iap cmd = %02x\n",1);
                    ret = xsp_iap_0x01_rcv(&ota_xsp_info.iap_0x01_info,rcvxspDa,size);
					printf("ret = %02x\n",ret);
                    if(ret == XSP_IAP_RESULT_SUCCESS)
                    {
						printf("iap 01 success\n");
						rcv_iap_0x01_handle(&ota_xsp_info.iap_0x01_info);
						printf("startaddr = 0x%08x\n",ota_xsp_pack_info.startaddr);
//						device_fixed_info.Work_State = DEV_WORK_STATE_NORMAL;
						ota_xsp_info.xsp_ota_step++;
                    }
                break;
                case 0x02://擦除指令
                    ret = rcvxspDa[1];
					printf("iap cmd = %02x,ret = %02x\n",2,ret);
					if(ret == XSP_IAP_RESULT_SUCCESS)
					{
						ota_xsp_info.iap_0x03_num = 0;
						ota_xsp_info.xsp_ota_step++;
					}
                break;
                case 0x03://编程指令
                    ret = rcvxspDa[1];
					printf("iap cmd = %02x,ret = %02x\n",3,ret);
					if(ret == XSP_IAP_RESULT_SUCCESS)
					{
						ota_xsp_info.iap_0x03_num++;
						printf("03 num=%d,total=%d\n",ota_xsp_info.iap_0x03_num,ota_xsp_pack_info.total_pkgs);
//						ota_xsp_info.xsp_ota_step++;
//						ota_xsp_info.iap_0x04_num = 0;
						if(ota_xsp_info.iap_0x03_num == ota_xsp_pack_info.total_pkgs)
						{
							ota_xsp_info.xsp_ota_step++;
							ota_xsp_info.iap_0x03_num = 0;
							ota_xsp_info.iap_0x04_num = 0;
						}
					}
                break;
                case 0x04://校验指令
                    ret = rcvxspDa[1];
					printf("iap cmd = %02x,ret = %02x\n",4,ret);
					if(ret == XSP_IAP_RESULT_SUCCESS)
					{
//						ota_xsp_info.iap_0x04_num++;
//						if(ota_xsp_info.iap_0x04_num == 4)
//						{
//							ota_xsp_info.xsp_ota_step++;
//							ota_xsp_info.iap_0x04_num = 0;
//							device_fixed_info.Work_State = DEV_WORK_STATE_NORMAL;
//						}
						ota_xsp_info.xsp_ota_step++;
//						device_fixed_info.Work_State = DEV_WORK_STATE_NORMAL;
					}
                break;
                case 0x07://结束指令
                    ret = rcvxspDa[1];
					printf("iap cmd = %02x,ret = %02x\n",7,ret);
					if(ret == XSP_IAP_RESULT_SUCCESS)
                    {
						ota_xsp_info.xsp_ota_step++;
//						device_fixed_info.Work_State = DEV_WORK_STATE_NORMAL;
                    }
                break;
                case 0x0F://复位指令，无返回
                break;
                default:
                break;
            }
//        break;
//        default:
//			printf("iap cmd error\n");
//        break;
//    }
    return ret;
}

/*--------------------------------------------------------------------
 *  显示屏指令接收解析
 *  帧头[1]+帧长度[1]+帧号[1] +SN 码[4]+指令码[1]+参数[n]+CRC校验码[2]
 *
 * --------------------------------------------------------------------*/
int xsp_rcv_comm(uint8_t *key, uint8_t *data, uint8_t len)
{
    int ret;
    uint8_t  *fparm;
    uint16_t *p_crc, crc;
    uint8_t randDa[4] = {0};
	uint8_t temp[5] = {0};
	uint32_t appver = 0;
	uint16_t data_size=0,devtype=0,protver=0;
    txspCommFrame_t *p_xsp_rx = (txspCommFrame_t *)data;
    
//    _ytsf_data_decode(data, &len);	/*接收解码 */
    crc = CRC16_get(&p_xsp_rx->fhead, p_xsp_rx->flen);
    p_crc = (uint16_t *)&data[p_xsp_rx->flen];
    *p_crc = ntohs(*p_crc);
    if(p_xsp_rx->fhead != 0xBB || crc != *p_crc) {
        ret = XSP_RESULT_HEADCRC;
		ota_xsp_info.error_num++;
		printf("crc err\n");
        return ret;
    }

    printf("rcv cmd = 0x%02x, sn = %10u\r\n",p_xsp_rx->fcmd,p_xsp_rx->faddress);

    fparm = &data[sizeof(txspCommFrame_t)];

	if(p_xsp_rx->fcmd == 0xce)
	{
		if(IAP_PROT_VER==IAP_VER2)//新版
		{
			ret = fparm[0];
			if(ret != XSP_RESULT_SUCCESS){
				printf("执行结果错误 %d\r\n",ret);
				ota_xsp_info.error_num++;
	//			ota_xsp_info.xsp_ota_begin = 1;
				return ret;
			}
			fparm++;
		}
	}
	else
	{
		ret = fparm[0];
		if(ret != XSP_RESULT_SUCCESS){
			printf("执行结果错误 %d\r\n",ret);
			ota_xsp_info.error_num++;
//			ota_xsp_info.xsp_ota_begin = 1;
			return ret;
		}
		fparm++;
	}

    switch(p_xsp_rx->fcmd)
    {
        case 0xC0:
            ret = xsp_0xC0_rcv(xsp_comm_info,fparm,p_xsp_rx->flen-XSP_CMD_HEADLEN-1);
//            ota_xsp_info.xsp_ota_begin = 1;
			
            if(ret== XSP_RESULT_SUCCESS){
                ota_xsp_info.txsp_info.curkey = xsp_comm_info[0].xsp_info.KeySequence_number;
				memcpy(temp,xsp_comm_info[0].xsp_info.Software_version,4);
				appver = HextoDec((char*)(temp));
				printf("keygroup:%d\n",ota_xsp_info.txsp_info.curkey);
				printf("appver:%08x\n",appver);
				
				//协议版本
				protver = (xsp_comm_info[0].xsp_info.protocolVer[0]-'0')*10+(xsp_comm_info[0].xsp_info.protocolVer[1]-'0');
				printf("protver=%d\n",protver);
				if(protver >= 16)
				{
					devtype = xsp_comm_info[0].xsp_info.devType[0];
					devtype = (devtype<<8)|xsp_comm_info[0].xsp_info.devType[1];
					printf("devtype=%04X, xsp_type=%04X\n",devtype,ota_xsp_info.txsp_info.xsp_type);
					if(devtype != ota_xsp_info.txsp_info.xsp_type)//设备类型不匹配
					{
						ota_xsp_info.error_num = 4;
						ota_xsp_info.xsp_ota_step = 9;//用于返回升级错误码
						return ret;
					}
				}
				
			
				if(p_xsp_rx->flen == 0x27 && (ota_xsp_info.txsp_info.xsp_sn==10000121||ota_xsp_info.txsp_info.xsp_sn==10000122))
				{
					IAP_PROT_VER = IAP_VER1;
				}
				else
				{
					IAP_PROT_VER = IAP_VER2;
				}
				printf("iap ver:%d\n",IAP_PROT_VER);
				
				ota_xsp_info.xsp_ota_step++;
				ota_xsp_info.error_num = 0;
            }
            else
            {
                ota_xsp_info.error_num++;
            }
        break;
        case 0xC1:
            ret = xsp_0xC1_rcv(key,fparm,p_xsp_rx->flen-XSP_CMD_HEADLEN-1);
//			ota_xsp_info.xsp_ota_begin = 1;
			printf("ret = %02x\n",ret);
            if(ret== XSP_RESULT_SUCCESS)
            {
                ota_xsp_info.xsp_ota_step++;
                ota_xsp_info.error_num=0;
            }
            else
            {
                ota_xsp_info.error_num++;
            }
        break;
        case 0xCE://应答没有没有操作结果
//            ota_xsp_info.xsp_ota_begin = 1;
            memset(_tempBuff,0,sizeof(_tempBuff));
			data_dump("key",key,16);
		
			if(IAP_PROT_VER == IAP_VER2)
			{
				data_size = p_xsp_rx->flen-XSP_CMD_HEADLEN-1;//新版
			}
			else if(IAP_PROT_VER == IAP_VER1)
			{
				data_size = p_xsp_rx->flen-XSP_CMD_HEADLEN;//老版
			}
			DesDecryptFunc(fparm,_tempBuff,key,data_size,16); //解密
			data_dump("hub decrypt",_tempBuff,data_size);
			
			if(IAP_PROT_VER == IAP_VER2)
			{
				//循环异或（新版）
				memcpy(randDa,_tempBuff+data_size-6,4);
				randomOperate(_tempBuff,data_size-6,randDa,4);
			}
		
//			data_dump("hub decrypt rand",_tempBuff,data_size);
			
            //
            ret = xsp_hub_rcv(ota_xsp_info.txsp_info.key_iap,_tempBuff,data_size);
			if(ret == XSP_IAP_RESULT_SUCCESS)
			{
				ota_xsp_info.error_num = 0;
			}
			else
			{
				ota_xsp_info.error_num++;
			}
        break;
        default:
//            ota_xsp_info.xsp_ota_begin = 1;
            ota_xsp_info.error_num++;
        break;
    }

    return ret;
}