CN111416711B - Transaction message processing method and device - Google Patents
Transaction message processing method and device Download PDFInfo
- Publication number
- CN111416711B CN111416711B CN202010242634.3A CN202010242634A CN111416711B CN 111416711 B CN111416711 B CN 111416711B CN 202010242634 A CN202010242634 A CN 202010242634A CN 111416711 B CN111416711 B CN 111416711B
- Authority
- CN
- China
- Prior art keywords
- transaction
- key
- offset
- ciphertext
- page
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a transaction message processing method and a device, wherein the method comprises the following steps: when the terminal is detected to open a preset transaction page, generating a key and an offset corresponding to the transaction page; responding to a transaction instruction triggered by a user on a transaction page, and acquiring a transaction message corresponding to the transaction instruction; encrypting the transaction message by using the key and the offset to obtain a first ciphertext; encrypting the key and the offset by using a public key corresponding to the transaction page to obtain a second ciphertext; and sending the first ciphertext and the second ciphertext to a preset server, triggering the server to decrypt the second ciphertext according to a prestored private key to obtain a key and the offset, and decrypting the first ciphertext by applying the key and the offset to obtain a transaction message. By applying the method provided by the invention, the key and the offset are randomly generated each time the transaction page is opened, and the safety of the transaction message can be effectively ensured.
Description
Technical Field
The present invention relates to the field of data security, and in particular, to a method and an apparatus for processing a transaction packet.
Background
With the development of computer technology, HTML5 is also more and more widely applied, HTML5 is a language description mode for constructing Web content, a browser can display a webpage by decoding HTML5 language, and with the wide application of HTML5, many financial APPs also adopt HTML5 language to make a display page. The financial industry is sensitive to data of the user, so when the user performs data interaction through an HTML5 page, the data of the user needs to be encrypted to avoid property loss of the user.
In the prior art, in order to implement encryption processing on data, an encryption key is usually hidden in HTML5 source code, however, the HTML5 source code is very easy to expose, so a technician usually obfuscates the source code corresponding to the encryption key to ensure the security of the encryption key. However, the difficulty of cracking can be increased only by ordinary people, and for technicians with HTML5 development skills, the encryption key hidden in the HTML5 source code is easily obtained, so that the encryption key is hidden in the HTML5 source code, which easily causes leakage of the encryption key, and further causes insecurity of data of users.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a transaction message processing method, which can ensure the security of the transaction message of a user.
The invention also provides a transaction message processing device which is used for ensuring the realization and the application of the method in practice.
A transaction message processing method is applied to a terminal and comprises the following steps:
when the terminal is detected to open a preset transaction page, generating a key and an offset corresponding to the transaction page;
responding to a transaction instruction triggered by a user on the transaction page, and acquiring a transaction message corresponding to the transaction instruction;
encrypting the transaction message by applying the key and the offset to obtain a first ciphertext;
encrypting the key and the offset by using a public key corresponding to the transaction page to obtain a second ciphertext;
and sending the first ciphertext and the second ciphertext to a preset server to trigger the server to decrypt the second ciphertext according to a pre-stored private key to obtain the key and the offset, and decrypting the first ciphertext by applying the key and the offset to obtain the transaction message.
Optionally, the generating a key and an offset corresponding to the transaction page includes:
acquiring a key bit number corresponding to the transaction page;
and inputting the key digit number to a preset random key generation tool to obtain a key and an offset corresponding to the transaction page.
Optionally, the method for obtaining the transaction message corresponding to the transaction instruction includes:
analyzing the transaction instruction to obtain instruction information in the transaction instruction;
acquiring transaction data contained in the instruction information;
and filling the transaction data into a preset message template to obtain a transaction message corresponding to the transaction instruction.
The method described above, optionally, further includes:
storing the key and the offset according to a preset storage mode;
and when a response message returned by the server based on the transaction message is received, decrypting the response message by using the stored key and the offset.
Optionally, the method further includes, after decrypting the response packet by using the stored key and the offset, that:
and deleting the key and the offset when the terminal equipment is detected to log off the transaction page.
A transaction message processing device is applied to a terminal and comprises:
the generating unit is used for generating a key and an offset corresponding to a preset transaction page when the terminal device is detected to open the transaction page;
the acquisition unit is used for acquiring a transaction message corresponding to a transaction instruction when the transaction instruction triggered by a user on the transaction page is received;
the first encryption unit is used for encrypting the transaction message by applying the key and the offset to obtain a first ciphertext;
the second encryption unit is used for encrypting the secret key and the offset by applying a public key corresponding to the transaction page to obtain a second ciphertext;
and the sending unit is used for sending the first ciphertext and the second ciphertext to a preset server to trigger the server to decrypt the second ciphertext according to a pre-stored private key to obtain the key and the offset, and decrypting the first ciphertext by applying the key and the offset to obtain the transaction message.
The above apparatus, optionally, the generating unit, includes:
the first acquiring subunit is used for acquiring the key digit corresponding to the transaction page;
and the first generation subunit is used for inputting the key digits to a preset random key generation tool to obtain a key and an offset corresponding to the transaction page.
The above apparatus, optionally, the obtaining unit includes:
the analysis subunit is used for analyzing the transaction instruction to obtain instruction information in the transaction instruction;
the second acquisition subunit is used for acquiring the transaction data contained in the instruction information;
and the second generation subunit is used for filling the transaction data into a preset message template to obtain a transaction message corresponding to the transaction instruction.
The above apparatus, optionally, further comprises:
the storage unit is used for storing the key and the offset according to a preset storage mode;
and the decryption unit is used for decrypting the response message by using the stored key and the offset when receiving the response message returned by the server based on the transaction message.
The above apparatus, optionally, further comprises:
and the key destroying unit is used for deleting the key and the offset when the terminal equipment is detected to log off the transaction page.
Compared with the prior art, the invention has the following advantages:
the invention provides a transaction message processing method and a device, which are applied to a terminal, wherein the method comprises the following steps: when the terminal is detected to open a preset transaction page, generating a key and an offset corresponding to the transaction page; responding to a transaction instruction triggered by a user on the transaction page, and acquiring a transaction message corresponding to the transaction instruction; encrypting the transaction message by applying the key and the offset to obtain a first ciphertext; encrypting the key and the offset by using a public key corresponding to the transaction page to obtain a second ciphertext; and sending the first ciphertext and the second ciphertext to a preset server, triggering the server to decrypt the second ciphertext according to a prestored private key to obtain the key and the offset, and decrypting the first ciphertext by applying the key and the offset to obtain the transaction message. By applying the method provided by the invention, the secret key and the offset are randomly generated each time when the transaction page is opened, so that the risk of secret key leakage can be avoided, and the security of the transaction message can be effectively ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the prior art descriptions will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
Fig. 1 is a flowchart of a transaction message processing method according to the present invention;
FIG. 2 is a flow chart of a process for generating keys and offsets provided by the present invention;
fig. 3 is a flowchart of a process of obtaining a transaction message corresponding to a transaction instruction according to the present invention;
FIG. 4 is an exemplary diagram of an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a transaction message processing apparatus according to the present invention;
fig. 6 is a schematic structural diagram of an electronic device provided in the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
The invention is operational with numerous general purpose or special purpose computing device environments or configurations. For example: personal computers, server computers, hand-held or portable devices, tablet-type devices, multi-processor appliances, distributed computing environments that include any of the above devices or equipment, and the like.
The embodiment of the invention provides a transaction message processing method, which can be applied to various system platforms, wherein an execution main body of the method can be a processor of a terminal, the terminal can be a computer terminal or various mobile devices, and a flow chart of the method is shown in figure 1 and specifically comprises the following steps:
s101: and when the terminal is detected to open a preset transaction page, generating a key and an offset corresponding to the transaction page.
In the method provided by the embodiment of the invention, under the condition that the terminal is detected to load the preset transaction pages, the key and the offset are randomly generated, the number of the transaction pages can be one or more, and the key and the offset corresponding to different transaction pages are different.
Wherein, the transaction page may be an HTML5 page, and the key may be an AES key.
S102: and responding to a transaction instruction triggered by the user on the transaction page, and acquiring a transaction message corresponding to the transaction instruction.
In the method provided by the embodiment of the invention, the user can send the transaction instruction to the terminal by triggering the corresponding control in the transaction page.
Specifically, the transaction instruction includes transaction data of the user, and the transaction message corresponding to the transaction instruction can be obtained according to the transaction data.
S103: and encrypting the transaction message by applying the key and the offset to obtain a first ciphertext.
In the method provided by the embodiment of the invention, the transaction message is encrypted in a symmetric encryption mode.
S104: and encrypting the key and the offset by using the public key corresponding to the transaction page to obtain a second ciphertext.
In the method provided by the embodiment of the present invention, the public key is pre-stored in the terminal, before the terminal opens the transaction page, the public key is acquired in a preset server, asymmetric encryption is performed by using the public key, and a private key corresponding to the public key is stored in the server, specifically, the public key may be stored in a source code of the transaction page.
S105: and sending the first ciphertext and the second ciphertext to a preset server to trigger the server to decrypt the second ciphertext according to a pre-stored private key to obtain the key and the offset, and decrypting the first ciphertext by applying the key and the offset to obtain the transaction message.
In the method provided by the embodiment of the invention, when the server receives the first ciphertext and the second ciphertext sent by the terminal, the server acquires the corresponding private key according to the user information corresponding to the terminal, and decrypts the second ciphertext according to the private key.
Specifically, when receiving a public key acquisition request sent by a terminal, a server acquires a corresponding key pair according to user information in the request, where the key pair includes a public key and a private key, sends the public key to the terminal, and stores the user information and the private key in an associated manner, that is, the key pairs corresponding to different users may be the same or different.
The message transaction processing method provided by the embodiment of the invention comprises the following steps: when the terminal is detected to open a preset transaction page, generating a key and an offset corresponding to the transaction page; responding to a transaction instruction triggered by a user on the transaction page, and acquiring a transaction message corresponding to the transaction instruction; encrypting the transaction message by applying the key and the offset to obtain a first ciphertext; encrypting the key and the offset by using a public key corresponding to the transaction page to obtain a second ciphertext; and sending the first ciphertext and the second ciphertext to a preset server, triggering the server to decrypt the second ciphertext according to a prestored private key to obtain the key and the offset, and decrypting the first ciphertext by applying the key and the offset to obtain the transaction message. By applying the method provided by the invention, the secret key and the offset are randomly generated each time when the transaction page is opened, so that the risk of secret key leakage can be avoided, and the security of the transaction message can be effectively ensured.
In the method provided in the embodiment of the present invention, based on the implementation process, specifically, the process of generating the key and the offset corresponding to the transaction page includes, as shown in fig. 2:
s201: and acquiring the key digit number corresponding to the transaction page.
In the method provided by the embodiment of the present invention, the number of the key bits may be preset, and the number of the key bits may be specifically set according to actual requirements, for example, may be set to 32 bits or 64 bits.
S202: and inputting the key digit number to a preset random key generation tool to obtain a key and an offset corresponding to the transaction page.
After the key bit number is input to the random key generation tool, a key with a corresponding bit number and an offset corresponding to the key can be obtained, and the offset can be a key vector.
In the method provided in the embodiment of the present invention, based on the implementation process, specifically, the process of obtaining the transaction packet corresponding to the transaction instruction includes, as shown in fig. 3:
s301: and analyzing the transaction instruction to obtain instruction information in the transaction instruction.
In the method provided by the embodiment of the invention, the instruction information in the instruction can be obtained by analyzing the transaction instruction, the instruction information can comprise user data and transaction data, and the user data can be the identity information of the user.
S302: and acquiring transaction data contained in the instruction information.
In the method provided by the embodiment of the invention, the preset field in the instruction information is extracted, so that the transaction data contained in the instruction information can be obtained.
The transaction data may include one or more of user account information, destination transfer account information, financing information such as the type and amount of funds to be transacted, information on commodities to be transacted, and the like.
S303: and filling the transaction data into a preset message template to obtain a transaction message corresponding to the transaction instruction.
In the method provided by the embodiment of the invention, the message template is utilized to render the transaction data, so that the transaction message containing the transaction data can be obtained.
In the method provided in the embodiment of the present invention, based on the implementation process, specifically, the method further includes:
storing the key and the offset according to a preset storage mode;
and when a response message returned by the server based on the transaction message is received, decrypting the response message by using the stored key and the offset.
The key and the offset may be stored after the key and the offset are generated, and the key and the offset may be stored in a preset memory, where the memory is a memory of the browser.
In the method provided by the embodiment of the invention, the server decrypts the first ciphertext to obtain the transaction message, executes corresponding transaction operation according to the transaction message, and generates the response message corresponding to the transaction message, wherein the response message is a message symmetrically encrypted by using a key and an offset, and the terminal decrypts the first ciphertext by using the key and the offset after receiving the response message.
Specifically, when the terminal receives a response message returned by the server through a data interface corresponding to the transaction page, the stored key and the offset are acquired to decrypt the response message.
In the method provided in the embodiment of the present invention, based on the foregoing implementation process, specifically, after decrypting the response packet by using the stored key and the offset, the method further includes:
and deleting the key and the offset when the terminal equipment is detected to log off the transaction page.
In the method provided by the embodiment of the present invention, when it is detected that the terminal device ends the process corresponding to the transaction page, the key and the offset may be deleted, or when the terminal device opens the transaction page again, a new key and an offset are generated, and the stored key and offset are updated by using the new key and offset.
In an embodiment provided by the present invention, optionally, when receiving a transaction instruction triggered by a user through a preset transaction page, a processor of the terminal may obtain a message corresponding to the transaction instruction, and determine whether a pre-generated key and an offset exist, and if not, generate a key and an offset corresponding to the transaction page; encrypting the transaction message by using the key and the offset to obtain a first ciphertext, and encrypting the key and the offset by using the acquired public key to obtain a second ciphertext; and sending the first ciphertext and the second ciphertext to the server.
Referring to fig. 4, an exemplary diagram of an implementation scenario provided by the present invention is shown, where the implementation scenario provided by the embodiment of the present invention includes a server 401 and a terminal 402.
In practice, the terminal 402 shown in fig. 4 may be an electronic device such as a mobile phone, a tablet computer, a personal computer, and the like. The server 401 may be one server, a server cluster composed of a plurality of servers, or a cloud computing service center. The server 401 and the terminal 402 establish a communication connection through a network, and specifically, the server may be a server of a bank.
When the terminal enters a preset transaction page, a key and an offset of the transaction page are generated, the key and the offset are applied to encrypt transaction data of a user to obtain a first ciphertext, and the first ciphertext is sent to the server.
The terminal can acquire a pre-stored public key of the server to encrypt the key and the offset to obtain a second ciphertext and send the second ciphertext to the server.
And the server side decrypts the second ciphertext by using a corresponding private key to obtain the key and the offset, and decrypts the first ciphertext by using the key and the offset to obtain the transaction message.
The network to which embodiments of the invention relate is a medium that provides communication links and may include various connection types, such as wired, wireless communication links, or fiber optic cables, among others.
It should be noted that, a user may trigger the terminal to enter different transaction pages, when the terminal enters different transaction pages, the terminal processor generates a key and an offset corresponding to the transaction page, where the key and the offset may be generated by an AES encryption algorithm, and the type of the AES encryption algorithm may be set according to actual requirements, which is not limited herein.
When a processor of the terminal receives a transaction instruction triggered by the user through the transaction page, a transaction message is generated according to transaction data in the transaction instruction, and the transaction message is encrypted according to a secret key and an offset to obtain a first ciphertext; encrypting the transaction message by using a public key which is acquired in advance and corresponds to the transaction page to obtain a second ciphertext; and sending the first ciphertext and the second ciphertext to the server.
When the terminal can send a login request to the server, the server checks the user information in the login request, and after the user information is successfully checked, a key pair is selected from a pre-established key pool based on the user information; and sending the public key in the key pair to the terminal, and storing the private key and the user information in an associated manner.
After receiving the first ciphertext and the second ciphertext, the server decrypts the second ciphertext by using the public key to obtain a key and an offset; decrypting the first ciphertext by using the key and the offset to obtain a transaction message, executing corresponding transaction operation based on the transaction message to generate an initial response message, and encrypting the initial response message according to the key and the offset to obtain a response message; and sending the response message to the terminal.
After the key and the offset corresponding to the transaction page are generated, the key and the offset can be stored in a preset memory, and if a new transaction instruction is continuously triggered on the transaction page under the condition that the terminal does not destroy the transaction page, the new transaction instruction can be encrypted by using the key and the offset to obtain a new first ciphertext, and at the moment, the key and the offset can be encrypted again by using the public key, or only the first ciphertext can be sent to the server.
Corresponding to the method described in fig. 1, an embodiment of the present invention further provides a transaction packet processing apparatus, which is used for implementing the method in fig. 1 specifically, and the transaction packet processing apparatus provided in the embodiment of the present invention may be applied to a computer terminal or various mobile devices, and a schematic structural diagram of the apparatus is shown in fig. 5, and specifically includes:
a generating unit 501, configured to generate a key and an offset corresponding to a transaction page when it is detected that a preset transaction page is opened by the terminal device;
an obtaining unit 502, configured to obtain, when a transaction instruction triggered by a user on the transaction page is received, a transaction message corresponding to the transaction instruction;
a first encryption unit 503, configured to encrypt the transaction packet by applying the key and the offset to obtain a first ciphertext;
a second encryption unit 504, configured to encrypt the key and the offset by using a public key corresponding to the transaction page to obtain a second ciphertext;
a sending unit 505, configured to send the first ciphertext and the second ciphertext to a preset server, trigger the server to decrypt the second ciphertext according to a pre-stored private key, to obtain the key and the offset, and decrypt the first ciphertext by using the key and the offset, to obtain the transaction packet.
According to the message transaction processing device provided by the embodiment of the invention, when the terminal is detected to open a preset transaction page, a key and an offset corresponding to the transaction page are generated; responding to a transaction instruction triggered by a user on the transaction page, and acquiring a transaction message corresponding to the transaction instruction; encrypting the transaction message by applying the key and the offset to obtain a first ciphertext; encrypting the key and the offset by using a public key corresponding to the transaction page to obtain a second ciphertext; and sending the first ciphertext and the second ciphertext to a preset server, triggering the server to decrypt the second ciphertext according to a pre-stored private key to obtain the key and the offset, and decrypting the first ciphertext by using the key and the offset to obtain the transaction message. When the transaction page is opened every time, the key and the offset are randomly generated, so that the risk of key leakage can be avoided, and the security of the transaction message can be effectively guaranteed.
In an embodiment provided by the present invention, based on the foregoing solution, specifically, the generating unit 501 includes:
the first acquiring subunit is used for acquiring the key digit corresponding to the transaction page;
and the first generation subunit is used for inputting the key digit to a preset random key generation tool to obtain a key and an offset corresponding to the transaction page.
In an embodiment of the present invention, based on the above scheme, specifically, the obtaining unit includes:
the analysis subunit is used for analyzing the transaction instruction to obtain instruction information in the transaction instruction;
the second acquisition subunit is used for acquiring the transaction data contained in the instruction information;
and the second generation subunit is used for filling the transaction data into a preset message template to obtain a transaction message corresponding to the transaction instruction.
In an embodiment provided by the present invention, based on the above scheme, specifically, the transaction packet processing apparatus further includes:
the storage unit is used for storing the key and the offset according to a preset storage mode;
and the decryption unit is used for decrypting the response message by using the stored key and the offset when receiving the response message returned by the server based on the transaction message.
In an embodiment provided by the present invention, based on the above scheme, specifically, the transaction message processing apparatus further includes:
and the key destroying unit is used for deleting the key and the offset when the terminal equipment is detected to log off the transaction page.
The specific principle and the execution process of each unit and each module in the transaction message processing device disclosed in the embodiment of the present invention are the same as those of the transaction message processing method disclosed in the embodiment of the present invention, and reference may be made to corresponding parts in the transaction message processing method provided in the embodiment of the present invention, which are not described herein again.
The embodiment of the invention also provides a storage medium, which comprises a stored instruction, wherein when the instruction runs, the equipment where the storage medium is located is controlled to execute the transaction message processing method.
An electronic device is provided in an embodiment of the present invention, and the structural diagram of the electronic device is shown in fig. 6, which specifically includes a memory 601 and one or more instructions 602, where the one or more instructions 602 are stored in the memory 601 and configured to be executed by one or more processors 603 to perform the following operations on the one or more instructions 602:
when the terminal is detected to open a preset transaction page, generating a key and an offset corresponding to the transaction page;
responding to a transaction instruction triggered by a user on the transaction page, and acquiring a transaction message corresponding to the transaction instruction;
encrypting the transaction message by applying the key and the offset to obtain a first ciphertext;
encrypting the key and the offset by using a public key corresponding to the transaction page to obtain a second ciphertext;
and sending the first ciphertext and the second ciphertext to a preset server, triggering the server to decrypt the second ciphertext according to a pre-stored private key to obtain the key and the offset, and decrypting the first ciphertext by using the key and the offset to obtain the transaction message.
It should be noted that, in this specification, each embodiment is described in a progressive manner, and each embodiment focuses on differences from other embodiments, and portions that are the same as and similar to each other in each embodiment may be referred to. For the device-like embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
Finally, it should also be noted that, in this document, relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functions of the units may be implemented in the same software and/or hardware or in a plurality of software and/or hardware when implementing the invention.
From the above description of the embodiments, it is clear to those skilled in the art that the present invention can be implemented by software plus necessary general hardware platform. Based on such understanding, the technical solutions of the present invention may be embodied in the form of software products, which may be stored in a storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and include instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method according to the embodiments or some parts of the embodiments.
The transaction message processing method provided by the invention is described in detail above, a specific example is applied in the text to explain the principle and the implementation of the invention, and the description of the above embodiment is only used to help understanding the method and the core idea of the invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (8)
1. A transaction message processing method is applied to a terminal, and the method comprises the following steps:
when the terminal is detected to open a preset transaction page, generating a key and an offset corresponding to the transaction page; storing the key and the offset in a preset memory;
responding to a transaction instruction triggered by a user on the transaction page, and acquiring a transaction message corresponding to the transaction instruction;
encrypting the transaction message by applying the key and the offset to obtain a first ciphertext;
encrypting the key and the offset by using a public key corresponding to the transaction page to obtain a second ciphertext;
sending the first ciphertext and the second ciphertext to a preset server to trigger the server to decrypt the second ciphertext according to a pre-stored private key to obtain the key and the offset, and decrypting the first ciphertext by applying the key and the offset to obtain the transaction message;
under the condition that the terminal does not destroy the transaction page, if a new transaction instruction is continuously triggered on the transaction page, encrypting a transaction message corresponding to the new transaction instruction by using a key and an offset corresponding to the transaction page to obtain a new first ciphertext, and only sending the new first ciphertext to the server;
wherein the generating a key and an offset corresponding to the transaction page comprises:
acquiring a key digit corresponding to the transaction page;
and inputting the key digit number to a preset random key generation tool to obtain a key and an offset corresponding to the transaction page.
2. The method according to claim 1, wherein the obtaining of the transaction message corresponding to the transaction instruction comprises:
analyzing the transaction instruction to obtain instruction information in the transaction instruction;
acquiring transaction data contained in the instruction information;
and filling the transaction data into a preset message template to obtain a transaction message corresponding to the transaction instruction.
3. The method of claim 1, further comprising:
storing the key and the offset according to a preset storage mode;
and when a response message returned by the server based on the transaction message is received, decrypting the response message by using the stored key and the offset.
4. The method of claim 3, wherein after decrypting the response packet using the stored key and the offset, further comprising:
and deleting the key and the offset when the terminal equipment is detected to log off the transaction page.
5. A transaction message processing device is applied to a terminal and comprises:
the generating unit is used for generating a key and an offset corresponding to a preset transaction page when the terminal device is detected to open the transaction page; storing the key and the offset in a preset memory;
the acquisition unit is used for responding to a transaction instruction triggered by a user on the transaction page and acquiring a transaction message corresponding to the transaction instruction;
the first encryption unit is used for encrypting the transaction message by applying the key and the offset to obtain a first ciphertext;
the second encryption unit is used for encrypting the secret key and the offset by applying a public key corresponding to the transaction page to obtain a second ciphertext;
the sending unit is used for sending the first ciphertext and the second ciphertext to a preset server to trigger the server to decrypt the second ciphertext according to a pre-stored private key to obtain the key and the offset, and decrypting the first ciphertext by applying the key and the offset to obtain the transaction message;
under the condition that the terminal does not destroy the transaction page, if a new transaction instruction is continuously triggered on the transaction page, encrypting a transaction message corresponding to the new transaction instruction by using a key and an offset corresponding to the transaction page to obtain a new first ciphertext, and only sending the new first ciphertext to the server;
wherein, the generating unit includes:
the first acquisition subunit is used for acquiring the key digit corresponding to the transaction page;
and the first generation subunit is used for inputting the key digits to a preset random key generation tool to obtain a key and an offset corresponding to the transaction page.
6. The apparatus of claim 5, wherein the obtaining unit comprises:
the analysis subunit is used for analyzing the transaction instruction to obtain instruction information in the transaction instruction;
the second acquisition subunit is used for acquiring the transaction data contained in the instruction information;
and the second generation subunit is used for filling the transaction data into a preset message template to obtain a transaction message corresponding to the transaction instruction.
7. The apparatus of claim 5, further comprising:
the storage unit is used for storing the key and the offset according to a preset storage mode;
and the decryption unit is used for decrypting the response message by using the stored key and the offset when receiving the response message returned by the server based on the transaction message.
8. The apparatus of claim 7, further comprising:
and the key destroying unit is used for deleting the key and the offset when the terminal equipment is detected to logout the transaction page.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010242634.3A CN111416711B (en) | 2020-03-31 | 2020-03-31 | Transaction message processing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010242634.3A CN111416711B (en) | 2020-03-31 | 2020-03-31 | Transaction message processing method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111416711A CN111416711A (en) | 2020-07-14 |
| CN111416711B true CN111416711B (en) | 2022-11-25 |
Family
ID=71493499
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010242634.3A Active CN111416711B (en) | 2020-03-31 | 2020-03-31 | Transaction message processing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111416711B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117237115B (en) * | 2023-11-15 | 2024-02-23 | 四川绿豆芽信息技术有限公司 | Encryption method and system for carbon emission transaction |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108347419A (en) * | 2017-01-24 | 2018-07-31 | 腾讯科技(深圳)有限公司 | Data transmission method and device |
| CN110166644A (en) * | 2019-04-15 | 2019-08-23 | 中国平安人寿保险股份有限公司 | Data processing method, device, computer equipment and storage medium |
-
2020
- 2020-03-31 CN CN202010242634.3A patent/CN111416711B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108347419A (en) * | 2017-01-24 | 2018-07-31 | 腾讯科技(深圳)有限公司 | Data transmission method and device |
| CN110166644A (en) * | 2019-04-15 | 2019-08-23 | 中国平安人寿保险股份有限公司 | Data processing method, device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111416711A (en) | 2020-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2926128C (en) | Authorization of server operations | |
| JP6516342B2 (en) | Access data tampering prevention method and portable terminal | |
| CN104113549A (en) | Platform authorization method, platform server side, application client side and system | |
| US20140188734A1 (en) | Securely Receiving Data Input At A Computing Device Without Storing The Data Locally | |
| CN101221641B (en) | On-line trading method and its safety affirmation equipment | |
| CN104113552A (en) | Platform authorization method, platform server side, application client side and system | |
| KR20170140215A (en) | Methods and systems for transaction security | |
| CN104967597A (en) | Third-party application message authentication method and system based on secure channel | |
| CN104348617A (en) | Verification code processing method and device, and terminal and server | |
| CN104992119A (en) | Sensitive information anti-interception safety transmission method and system | |
| CN109362074A (en) | The method of h5 and server-side safety communication in a kind of mixed mode APP | |
| CN113347163B (en) | Single sign-on method, device, equipment and medium | |
| CN109981576A (en) | Key migration method and apparatus | |
| CN111193725A (en) | Configuration-based combined login method and device and computer equipment | |
| CN112184444A (en) | Method, apparatus, device and medium for processing information based on information characteristics | |
| CN101212301B (en) | Authentication device and method | |
| CN114363088B (en) | Method and device for requesting data | |
| CN111416711B (en) | Transaction message processing method and device | |
| CN104901951A (en) | Mobile terminal based cipher data processing and interaction method in Web application | |
| CN112073185B (en) | Cloud game safety transmission method and device | |
| CN112202794A (en) | Transaction data protection method and device, electronic equipment and medium | |
| Prasadreddy et al. | A threat free architecture for privacy assurance in cloud computing | |
| JP5670001B1 (en) | Transaction system, transaction method, and information recording medium | |
| CN101159547A (en) | Dynamic secret method of text information input, output and transmission | |
| CN114117404A (en) | User authentication method, device, equipment, system and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |