Summary of the invention
Embodiments of the invention provide a kind of method and apparatus that carries out data encryption by softdog, thereby have solved softdog and the single problem of computer equipment connected mode.
The object of the invention is to be achieved through the following technical solutions:
Embodiments of the invention provide a kind of method of carrying out data encryption by softdog on the one hand, comprising:
Mobile terminal is set up bluetooth with computer equipment and is connected;
Described mobile terminal is connected and is received the be-encrypted data that described computer equipment sends by the bluetooth of setting up;
The built-in softdog of described mobile terminal is encrypted described be-encrypted data according to the key generating in advance, generates enciphered data;
Described mobile terminal connects described enciphered data to send to described computer equipment by the bluetooth of setting up.
Embodiments of the invention also provide a kind of mobile terminal, comprising:
The first bluetooth module, for set up with computer equipment between bluetooth be connected;
Softdog module, described softdog module comprises that data receiver submodule, data encryption submodule and data send submodule:
Described data receiver submodule connects for the bluetooth of setting up by described the first Bluetooth function module, receives the be-encrypted data that described computer equipment sends;
Described data encryption submodule is encrypted for the be-encrypted data described data receiver submodule being received according to the key generating in advance, generates enciphered data;
Described data send submodule and connect and send to described computer equipment for the bluetooth that the enciphered data of described data encryption submodule generation is set up by described Bluetooth function module.
The embodiment of the present invention also provides a kind of computer equipment, comprising:
The second bluetooth module, is connected for setting up bluetooth with mobile terminal;
Data transmission blocks, connects to described mobile terminal and sends be-encrypted data for the bluetooth of setting up by described the second bluetooth module;
Data reception module, connects and receives the enciphered data that described mobile terminal returns for the bluetooth of setting up by described the second bluetooth module.
The technical scheme being provided by the embodiment of the invention described above can be found out, in the embodiment of the present invention, due to softdog is built in mobile terminal, and in conjunction with Bluetooth technology, realize the data encryption process of softdog, wireless connections between a kind of softdog and computer equipment mode is not only provided, has made softdog data encryption process more convenient.In addition, owing to combining the Bluetooth technology with high security, more effectively guaranteed the safety and reliability of softdog data encryption process.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, rather than whole embodiment.Embodiment based in the present invention, those of ordinary skills, not making the every other embodiment obtaining under creative work prerequisite, belong to the scope of protection of the invention.
A kind of method that the embodiment of the present invention provides softdog of combination Bluetooth technology to carry out data encryption, its processing procedure as described in Figure 1, comprises following operation:
S101, mobile terminal are set up bluetooth with computer equipment and are connected;
In the embodiment of the present invention, this mobile terminal is built-in with softdog, its specific implementation can be in mobile terminal, to increase softdog functional module, or at the SIM of mobile terminal (Subscriber IdentityModule, client identification module) in card, increase softdog functional module, or by softdog hardware internal in mobile terminal etc.
S102, this mobile terminal connect by the bluetooth of setting up the be-encrypted data that receiving computer equipment sends;
S103, the built-in softdog of this mobile terminal are encrypted above-mentioned be-encrypted data according to the key generating in advance, generate enciphered data;
Above-mentioned key can generate by the process chip of mobile terminal or by the process chip of softdog, also can by the user interface input of mobile terminal, be generated by user.Generate after key, PKI is wherein sent to above-mentioned computer equipment, concrete send mode can be realized by wired or wireless connected mode.
S104, this mobile terminal connect above-mentioned enciphered data to send to above-mentioned computer equipment by the bluetooths of setting up.
In the embodiment of the present invention, due to softdog is built in mobile terminal, and in conjunction with Bluetooth technology, realize the data encryption process of softdog, and the mode of the wireless connections between a kind of softdog and computer equipment is not only provided, make softdog data encryption process more convenient.In addition, owing to combining the Bluetooth technology with high security, more effectively guaranteed the safety and reliability of softdog data encryption process.
In order to guarantee the reliability of processing procedure, in the embodiment of the present invention, before mobile terminal connects by the bluetooth of setting up the be-encrypted data that receives described computer equipment transmission, can also comprise following authentication process: above-mentioned mobile terminal receives the authorization data that above-mentioned computer equipment sends; This mobile terminal compares the authorization data receiving and preset authorization data; When the authorization data receiving is identical with preset authorization data, the be-encrypted data that allows receiving computer equipment to send, so that softdog carries out data encryption, when the authorization data receiving is different from preset authorization data, does not start softdog.Wherein, in mobile terminal, preset authorization data is according to the Bluetooth address of local mac (media interviews control) address, local bluetooth address and this mobile terminal, to be calculated in advance by above-mentioned computer equipment, and send to mobile terminal, by this mobile terminal, preserved.Generate authorization data and can adopt existing algorithm to realize, for example and without limitation, can realize by bluetooth E21 or E22 algorithm.The process that generates preset authorization data and be kept at mobile terminal can be set up bluetooth at this and carry out before connecting.
Existing softdog cannot carry out self-destruction to key, therefore has potential safety hazard.For addressing this problem, the method that the embodiment of the present invention provides can also comprise following operation: when meeting predetermined condition, mobile terminal is deleted the key generating in advance of preservation and preset authentication code.This predetermined condition can be set as required voluntarily actual application Zhong You operator, mobile terminal manufacturer or user.For example and without limitation, its specific implementation can be, when mobile terminal triggers SIM card self-destruction operation, to delete the key generating in advance of preservation and preset authentication code.
Below by the embodiment of the present invention, the specific implementation in actual application is described in detail.
In the time need to being encrypted the data of computer equipment by the built-in softdog of mobile terminal, need to generate in advance pair of secret keys and one group of random array (for example and without limitation by mobile terminal, in Application Example of the present invention, this organize random array be limited and and be 128 array, for example, 60,50,18), and by PKI and this random array be kept in computer equipment.Its specific implementation is as follows:
By the process chip of mobile terminal or the process chip of softdog or user, by the user interface of mobile terminal, carry out input operation, generate pair of secret keys, and generate one group of random array;
Private key is kept in mobile terminal, for example and without limitation, can be kept at the oem_info district of mobile terminal;
PKI and above-mentioned random array are sent to computer equipment by wired or wireless connection;
Computer equipment is preserved above-mentioned PKI and random array.
In the time need to being encrypted the data of computer equipment by the built-in softdog of mobile terminal, also need to generate in advance authorization data (for example and without limitation by computer equipment, in the embodiment of the present invention, this authorization data is 128 authentication codes) and be kept in terminal device.Its specific implementation is as follows:
Computer equipment, according to the Bluetooth address of the Bluetooth address of the MAC Address of this computer equipment, this computer equipment and terminal device, for example, obtains 128 authentication codes by algorithm (hash algorithm);
Computer equipment sends this authentication code to terminal device by wired or wireless connected mode;
Terminal device is preserved this authentication code, for example and without limitation, can be kept at the oem_info district of mobile terminal.
Through above-mentioned pre-configured, just can to the data in computer equipment, be encrypted by softdog built-in in mobile terminal.As shown in Figure 2, specific implementation is as follows for its processing procedure:
S201, terminal device, by Bluetooth pairing authentication, are set up bluetooth with computer equipment and are connected;
S202, computer equipment block 128 authentication codes according to the random array of preserving, obtain the numeric string identical with numeric string number in random array, and utilize respectively random string to supply 128 the numeric string of respectively organizing obtaining, for example, random array is 60,50,18, by 128, for authentication code blocks, be 60,50 and 18 three groups of numeric strings, and after three groups of numeric strings, by random string, supply 128 respectively, by bluetooth, connect and send to terminal device;
S203, terminal device receives the above-mentioned numeric string of respectively organizing, and according to the random array receiving in advance, the numeric string receiving is reduced to 128 authentication codes, for example, random array is 60, 50, 18, get first group of numeric string receiving first 60, get second group of numeric string receiving first 50, get the 3rd group of numeric string receiving first 18, and in order the significant figure series winding obtaining is connect and obtains 128 authentication codes, these 128 authentication codes and pre-configured 128 authentication codes are compared, if comparative result is consistent, open softdog function, and carry out S205, otherwise, do not open softdog function, and optionally carry out S204,
S204, terminal device send failed authentication message to computer equipment, or terminal device disconnection is connected with the bluetooth of computer equipment;
S205, computer equipment divide into groups be-encrypted data according to the random array of preserving, and the every group of random string of numeric string utilization obtaining supplied after 128, by bluetooth, are connected and are sent to mobile terminal;
S206, mobile terminal, by the many groups character string receiving, are reduced to be-encrypted data according to the random array receiving in advance, and according to the private key of preserving, be-encrypted data are encrypted, and generate enciphered data;
S207, mobile terminal divide into groups enciphered data according to the order of random array, and the every group of random string of numeric string utilization obtaining supplied after 128, by bluetooth, are connected and are sent to computer equipment.
By above-mentioned processing procedure, realized the data in computer equipment have been encrypted.Due to softdog is built in mobile terminal, and in conjunction with Bluetooth technology, realize the data encryption process of softdog, the mode of the wireless connections between a kind of softdog and computer equipment is not only provided, make softdog data encryption process more convenient.In addition, owing to combining the Bluetooth technology with high security, more effectively guaranteed the safety and reliability of softdog data encryption process.
The all or part of step that realizes said method embodiment can complete by the relevant hardware of programmed instruction, and aforesaid program can be stored in a computer read/write memory medium, and this program, when carrying out, is carried out the step that comprises said method embodiment; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CDs.
The embodiment of the present invention also provides a kind of mobile terminal, and as shown in Figure 3, specific implementation structure comprises its structure:
The first bluetooth module 301, for set up with computer equipment between bluetooth be connected;
Softdog module 302, comprises that data receiver submodule 3021, data encryption submodule 3022 and data send submodule 3023:
Data receiver submodule 3021 connects for the bluetooth of setting up by the first Bluetooth function module 301, the be-encrypted data that receiving computer equipment sends;
Data encryption submodule 3022 is encrypted for be-encrypted data data receiver submodule 3021 being received according to the key generating in advance, generates enciphered data;
Data send submodule 3023 and connect and send to computer equipment for the bluetooth that the enciphered data of data encryption submodule 3022 generations is set up by Bluetooth function module 301.
The mobile terminal that the embodiment of the present invention provides, owing to possessing softdog function, and in conjunction with Bluetooth technology, realize the data encryption process of softdog, and the mode of the wireless connections between a kind of softdog and computer equipment is not only provided, make softdog data encryption process more convenient.In addition, owing to combining the Bluetooth technology with high security, more effectively guaranteed the safety and reliability of softdog data encryption process.
In order to guarantee the reliability of processing procedure, the mobile terminal that the embodiment of the present invention provides can also comprise the first authentication process module 303, for authorization data that computer equipment is sent and preset authorization data, compare, this preset authorization data is that computer equipment calculates and be kept in mobile device according to the Bluetooth address of local mac address, local bluetooth address and mobile terminal in advance; When the authorization data of sending when computer equipment is identical with preset authorization data, trigger softdog module 302 executable operations.When the authorization data receiving is different from preset authorization data, do not start softdog.
Existing softdog cannot carry out self-destruction to key, therefore has potential safety hazard.For addressing this problem, the mobile terminal that the embodiment of the present invention provides also comprises safety control module 304, for when meeting predetermined condition, deletes the key generating in advance of preservation and preset authentication code.This predetermined condition can be set as required voluntarily actual application Zhong You operator, mobile terminal manufacturer or user.For example and without limitation, its specific implementation can be, when mobile terminal triggers SIM card self-destruction operation, to delete the key generating in advance of preservation and preset authentication code.
The embodiment of the present invention also provides a kind of computer equipment, and as shown in Figure 4, specific implementation structure comprises its structure:
The second bluetooth module 401, is connected for setting up bluetooth with mobile terminal;
Data transmission blocks 402, connects to mobile terminal and sends be-encrypted data for the bluetooth of setting up by the second bluetooth module 401;
Data reception module 403, connects for the bluetooth of setting up by the second bluetooth module 401 enciphered data that mobile terminal receive returns.
The computer equipment that the embodiment of the present invention provides also comprises the second authentication process module 404, for calculating authorization data according to the Bluetooth address of local media access control MAC addresses, local bluetooth address and described mobile terminal, and by described data transmission blocks, described authorization data is sent to described mobile terminal.
The above; be only the present invention's embodiment preferably, but protection scope of the present invention is not limited to this, is anyly familiar with in technical scope that those skilled in the art disclose in the present invention; the variation that can expect easily or replacement, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection domain of claim.