CN103581167B - Safety certifying method based on safe transmission layer protocol, equipment and system - Google Patents
Safety certifying method based on safe transmission layer protocol, equipment and system Download PDFInfo
- Publication number
- CN103581167B CN103581167B CN201310323932.5A CN201310323932A CN103581167B CN 103581167 B CN103581167 B CN 103581167B CN 201310323932 A CN201310323932 A CN 201310323932A CN 103581167 B CN103581167 B CN 103581167B
- Authority
- CN
- China
- Prior art keywords
- server
- client
- key
- message
- elliptic curve
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The embodiment of the invention discloses safety certifying method based on TLS and relevant device and communication system.A kind of method of safety certification based on tls protocol, including: user end to server sends client initialization handshake information, carrying N number of algorithm set mark in client initialization handshake information, the algorithm set corresponding to each algorithm set mark in M algorithm set mark among N number of algorithm set mark includes SM2 algorithm;Receiving the server initiation handshake information that server sends, carry the first algorithm set mark in server initiation handshake information, the first algorithm set is designated among M algorithm set mark;Safety certification is carried out with server based on the first algorithm set corresponding to the first algorithm set mark.The scheme of the embodiment of the present invention provides the mechanism that SM2 algorithm can be utilized to carry out data transmission, and is conducive to playing SM2 algorithm advantage in terms of safety, improves safety certification and the safety of data transmission and performance.
Description
Technical field
The present invention relates to communication technical field, be specifically related to safety certifying method based on safe transmission layer protocol, equipment
And system.
Background technology
Currently, secure transport layers (TLS, Transport Layer Security) agreement is most widely used in being network transmission
General security protocol.Tls protocol belongs to international standard, and tls protocol employs the most international related algorithm.
SM2 algorithm is the rivest, shamir, adelman that CNS password office issues, and is that Ministry of Industry and Information of country specifies
For replacing RSA Algorithm.Wherein, SM2 algorithm uses elliptic curve principle, and its key is relatively much shorter and safety is relative the most more
Height, performance is also the highest simultaneously.Wherein, SM2 algorithm includes: SM2 public key encryption algorithm, SM2 signature algorithm (SM2ECDSA)
With SM2 Diffie-Hellman (SM2ECDH) etc..Can be with anticipation, SM2 algorithm is at China and Science in Future in China and international
Security algorithm use significant, government and enterprises and institutions etc. may be spread to.But, SM2 algorithm is the most just
It is in the popularization stage, not yet proposes effective application SM2 algorithm and carry out the mechanism of safety data transmission.
Summary of the invention
The embodiment of the present invention provides safety certifying method based on safe transmission layer protocol and relevant device and communication system,
To providing the mechanism that SM2 algorithm can be utilized to carry out data transmission, and then play SM2 algorithm advantage in terms of safety,
Improve safety certification and the safety of data transmission and performance.
First aspect present invention provides a kind of method of safety certification based on secure transport layers tls protocol, it may include: visitor
Family end sends client initialization handshake information to server, wherein, carries N number of calculation in described client initialization handshake information
Method set mark, the algorithm set corresponding to each algorithm set mark in M algorithm set mark among described N number of algorithm set mark
Including SM2 algorithm, wherein, described N is positive integer more than or equal to described M, described N and M;
Described client receives the service for responding described client initialization handshake information that described server sends
Device initialization handshake message, wherein, carries the first algorithm set mark in described server initiation handshake information, described first calculates
Method set is designated among described M algorithm set mark;
Described client is pacified with described server based on the first algorithm set corresponding to described first algorithm set mark
Full certification.
In conjunction with first aspect, in the embodiment that the first is possible, described first algorithm set for certification class algorithm set or
Person's anonymous class algorithm set;
Wherein, described anonymous class algorithm set includes that SM2 unsymmetrical key interactive algorithm, symmetric encipherment algorithm and summary are calculated
Method;Described certification class algorithm set includes: symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and pluck
Want algorithm.
In conjunction with the first possible embodiment of first aspect, in the embodiment that the second is possible, if described
One algorithm set for certification class algorithm set, the most described client based on the first algorithm set corresponding to described first algorithm set mark with
Described server carries out safety certification, including:
Described client receives the first message that described server sends, and wherein, described first message carries server
User certificate based on SM2 signature algorithm;
Described client receives the server key interaction message that described server sends, wherein, described server key
Interaction message carry SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and
First signing messages, wherein, described first signing messages is private key based on server user's certificate, bent to described SM2 ellipse
Line parameter, described server identity information, described key exchange elliptic curve point and described server public key carry out computing of signing
And obtain;
The first signing messages that described client is carried based on the described server key interaction message received, to reception
To the SM2 elliptic curve parameter carried of described server key interaction message, server identity information, key exchange oval bent
The correctness of line point and server public key is verified, if correctness is verified, then hands over based on described server key
Message is carried mutually SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate
The pre-master key of client;
Described client receives the First Certificate request message that described server sends;
Described client sends the second message for responding described First Certificate request message to described server, its
In, described second message carries client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Described client sends client key interaction message to described server, and wherein, described client key is mutual
Message carries the random point on client public key, elliptic curve and client identity information, in order to described server is based on institute
State the random point on client public key that client key interaction message carries, elliptic curve and client identity information calculates clothes
The business pre-master key of device;
Described client to described server send client user's certification authentication message, in order to described server based on
Described client user's certification authentication message, verifies the legitimacy of the user certificate that described second message carries.
In conjunction with the first possible embodiment of first aspect, in the embodiment that the third is possible, if described
One algorithm set for certification class algorithm set, the most described client based on the first algorithm set corresponding to described first algorithm set mark with
Described server carries out safety certification, including:
Described client receives the first message that described server sends, and wherein, described first message carries server
User certificate based on SM2 signature algorithm;
Described client receives the server key interaction message that described server sends, wherein, described server key
Interaction message carry SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and
First signing messages, wherein, described first signing messages is private key based on server user's certificate, bent to described SM2 ellipse
Line parameter, described server identity information, described key exchange elliptic curve point and described server public key carry out computing of signing
And obtain;
The first signing messages that described client is carried based on the described server key interaction message received, to reception
To the SM2 elliptic curve parameter carried of described server key interaction message, server identity information, key exchange oval bent
The correctness of line point and server public key is verified, if correctness is verified, then hands over based on described server key
Message is carried mutually SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate
The pre-master key of client;
Described client sends client key interaction message to described server, and wherein, described client key is mutual
Message carries the random point on client public key, elliptic curve and client identity information, in order to described server is based on institute
State the random point on client public key that client key interaction message carries, elliptic curve and client identity information calculates clothes
The business pre-master key of device.
In conjunction with the first possible embodiment of first aspect, in the 4th kind of possible embodiment, if first calculates
Method set is anonymous class algorithm set, and the most described client is overlapped with described based on the first algorithm corresponding to described first algorithm set mark
Server carries out safety certification, including:
Described client receives the server key interaction message that described server sends, wherein, described server key
Interaction message carries SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key;
Wherein, described client is carried based on described server key interaction message SM2 elliptic curve parameter, server identity are believed
Breath, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Described client sends client key interaction message to described server, and wherein, described client key is mutual
Message carries the random point on client public key, elliptic curve and client identity information, in order to described server is based on institute
State the random point on client public key that client key interaction message carries, elliptic curve and client identity information calculates clothes
The business pre-master key of device.
The third possible embodiment of the embodiment possible in conjunction with the second of first aspect or first aspect or
4th kind of possible embodiment of first aspect, in the 5th kind of possible embodiment, described client is to described service
After device sends client key interaction message, also include:
Described client sends client key validation-cross message, wherein, described client key to described server
Validation-cross message carries the client verification digest value of SM2 cipher key interaction algorithm, in order to visitor described in described server authentication
Family end verification digest value;Receive described server server of transmission after described client verification digest value is verified close
Key validation-cross message, wherein, described server key validation-cross message carries the server verification of SM2 cipher key interaction algorithm
Digest value, described server verification digest value is verified by described client.
Second aspect present invention provides the method for the safety certification of a kind of tls protocol, it may include: server receives client
The client initialization handshake information sent, wherein, carries N number of algorithm set mark in described client initialization handshake information,
The algorithm set corresponding to each algorithm set mark in M algorithm set mark among described N number of algorithm set mark includes SM2
Algorithm;
Described server sends at the beginning of the server for responding described client initialization handshake information to described client
Beginningization handshake information, wherein, carries described server from described M algorithm set mark in described server initiation handshake information
The the first algorithm set mark selected, described first algorithm set is designated among described M algorithm set mark;
Described server is pacified with described client based on the first algorithm set corresponding to described first algorithm set mark
Full certification.
In conjunction with second aspect, in the embodiment that the first is possible,
Described first algorithm set is certification class algorithm set or anonymous class algorithm set,
Wherein, described anonymous class algorithm set includes that SM2 unsymmetrical key interactive algorithm, symmetric encipherment algorithm and summary are calculated
Method;Described certification class algorithm set includes: symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and pluck
Want algorithm.
In conjunction with the first possible embodiment of second aspect, in the embodiment that the second is possible, if first calculates
Method set is certification class algorithm set, and the most described server overlaps with described based on the first algorithm corresponding to described first algorithm set mark
Client carries out safety certification, including:
Described server sends the first message to described client, wherein, described first message carry server based on
The user certificate of SM2 signature algorithm;
Described server sends server key interaction message to described client, and wherein, described server key is mutual
Message carries SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and first
Signing messages, wherein, described first signing messages is private key based on server user's certificate, joins described SM2 elliptic curve
Server identity information several, described, described key exchange elliptic curve point and described server public key carry out signature computing and obtain
Arrive, in order to the first signing messages that described client is carried based on the described server key interaction message received, right
The exchange of SM2 elliptic curve parameter that the described server key interaction message received carries, server identity information, key is ellipse
The correctness of circular curve point and server public key is verified, if correctness is verified, then close based on described server
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server public key that key interaction message carries
Calculate the pre-master key of client;
Described server sends First Certificate request message to described client;
Described server receives the second message for responding described First Certificate request message that described client sends,
Wherein, described second message carries client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Described server receives the client key interaction message that described client sends, wherein, described client key
Interaction message carries the random point on client public key, elliptic curve and client identity information, wherein, described server based on
Random point and client identity information on client public key that described client key interaction message carries, elliptic curve calculate
The pre-master key of server;
Described server receives client user's certification authentication message that described client sends, and uses based on described client
Family certification authentication message, verifies the legitimacy of the user certificate that described second message carries.
In conjunction with the first possible embodiment of second aspect, in the embodiment that the third is possible, if first calculates
Method set is certification class algorithm set, and the most described server overlaps with described based on the first algorithm corresponding to described first algorithm set mark
Client carries out safety certification, including:
Described server sends the first message to described client, wherein, described first message carry server based on
The user certificate of SM2 signature algorithm;
Described server sends server key interaction message to described client, and wherein, described server key is mutual
Message carries SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and first
Signing messages, wherein, described first signing messages is private key based on server user's certificate, joins described SM2 elliptic curve
Server identity information several, described, described key exchange elliptic curve point and described server public key carry out signature computing and obtain
Arrive, in order to the first signing messages that described client is carried based on the described server key interaction message received, right
The exchange of SM2 elliptic curve parameter that the described server key interaction message received carries, server identity information, key is ellipse
The correctness of circular curve point and server public key is verified, if correctness is verified, then close based on described server
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server public key that key interaction message carries
Calculate the pre-master key of client;
Described server receives the client key interaction message that described client sends, wherein, described client key
Interaction message carries the random point on client public key, elliptic curve and client identity information, wherein, described server based on
Random point and client identity information on client public key that described client key interaction message carries, elliptic curve calculate
The pre-master key of server.
In conjunction with the first possible embodiment of second aspect, in the 4th kind of possible embodiment, if first calculates
Method set is anonymous class algorithm set, and the most described server and described client are based on first corresponding to described first algorithm set mark
Algorithm set carries out safety certification, including:
Described server sends server key interaction message to described client, and wherein, described server key is mutual
Message carries SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key, in order to
The SM2 elliptic curve parameter carried based on described server key interaction message in described client, server identity information, close
Key exchange elliptic curve point and server public key calculate the pre-master key of client;
Described server receives the client key interaction message that described client sends, wherein, described client key
Interaction message carries the random point on client public key, elliptic curve and client identity information, wherein, described server based on
Random point and client identity information on client public key that described client key interaction message carries, elliptic curve calculate
The pre-master key of server.
The third possible embodiment of the embodiment possible in conjunction with the second of second aspect or second aspect or
4th kind of possible embodiment of second aspect, in the 5th kind of possible embodiment, described server receives described visitor
After the client key interaction message that family end sends, also include:
Described server receives the client key validation-cross message that described client sends, wherein, described client
Cipher key interaction checking message carries the client verification digest value of SM2 cipher key interaction algorithm;To described client verification summary
After value is verified, sending server key validation-cross message to described client, wherein, described server key is tested alternately
Card message carries the server verification digest value of SM2 cipher key interaction algorithm, in order to described server is verified by described client
Digest value is verified.
Third aspect present invention provides a kind of client, it may include:
Transmitting element, for sending client initialization handshake information to server, wherein, described client initialization is held
Hands message is carried N number of algorithm set mark, each algorithm set in M algorithm set mark among described N number of algorithm set mark
Algorithm set corresponding to mark includes SM2 algorithm, and wherein, described N is positive integer more than or equal to described M, described N and M;
Receive unit, for receiving the clothes for responding described client initialization handshake information that described server sends
Business device initialization handshake message, carries the first algorithm set mark, described first algorithm in described server initiation handshake information
Set is designated among described M algorithm set mark;
Certification interactive unit, for based on the first algorithm set corresponding to described first algorithm set mark and described server
Carry out safety certification.
In conjunction with the third aspect, in the embodiment that the first is possible, described first algorithm set for certification class algorithm set or
Person's anonymous class algorithm set;
Wherein, described anonymous class algorithm set includes that SM2 unsymmetrical key interactive algorithm, symmetric encipherment algorithm and summary are calculated
Method;Described certification class algorithm set includes: symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and pluck
Want algorithm.
In conjunction with the first possible embodiment of the third aspect, in the embodiment that the second is possible,
If the first algorithm set is for certification class algorithm set, then certification interactive unit specifically for, receive described server and send
The first message, wherein, described first message carries server user certificate based on SM2 signature algorithm;
Receiving the server key interaction message that described server sends, wherein, described server key interaction message is taken
With SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first A.L.S.
Breath, wherein, described first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described
Server identity information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain;Base
In the first signing messages that the described server key interaction message received carries, the described server key received is handed over
Message is carried mutually SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key are just
Really property is verified, if correctness is verified, then the SM2 ellipse carried based on described server key interaction message is bent
Line parameter, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Receive the First Certificate request message that described server sends;
The second message for responding described First Certificate request message, wherein, described second is sent to described server
Message carries client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Sending client key interaction message to described server, wherein, described client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, in order to described server is close based on described client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key;
Client user's certification authentication message is sent, in order to described server is based on described client to described server
User certificate checking message, verifies the legitimacy of the user certificate that described second message carries.
In conjunction with the first possible embodiment of the third aspect, in the embodiment that the third is possible,
If the first algorithm set is for certification class algorithm set, then certification interactive unit specifically for,
Receiving the first message that described server sends, wherein, described first message carries server and signs based on SM2
The user certificate of algorithm;
Receiving the server key interaction message that described server sends, wherein, described server key interaction message is taken
With SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first A.L.S.
Breath, wherein, described first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described
Server identity information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain;Base
In the first signing messages that the described server key interaction message received carries, the described server key received is handed over
Message is carried mutually SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key are just
Really property is verified, if correctness is verified, then the SM2 ellipse carried based on described server key interaction message is bent
Line parameter, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Sending client key interaction message to described server, wherein, described client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, in order to described server is close based on described client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key;
In conjunction with the first possible embodiment of the third aspect, in the 4th kind of possible embodiment,
If the first algorithm set is for anonymous class algorithm set, then certification interactive unit specifically for,
Receiving the server key interaction message that described server sends, wherein, described server key interaction message is taken
With SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key;Based on described clothes
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the service that business device cipher key interaction message is carried
Device PKI calculates the pre-master key of client;
Sending client key interaction message to described server, wherein, described client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, in order to described server is close based on described client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key.
The third possible embodiment of the embodiment possible in conjunction with the second of the third aspect or the third aspect or
4th kind of possible embodiment of the third aspect, in the 5th kind of possible embodiment, described certification interactive unit is also used
In, after described server sends client key interaction message, send client key validation-cross to described server
Message, wherein, described client key validation-cross message carries the client verification digest value of SM2 cipher key interaction algorithm, with
It is easy to client verification digest value described in described server authentication;Receive described server and described client is being verified digest value
The server key validation-cross message sent after being verified, wherein, described server key validation-cross message carries SM2
The server verification digest value of cipher key interaction algorithm, verifies described server verification digest value.
Fourth aspect present invention provides a kind of server, it may include:
Receiving unit, for receiving the client initialization handshake information that client sends, wherein, described client is initial
Change and handshake information is carried N number of algorithm set mark, each calculation in M algorithm set mark among described N number of algorithm set mark
Algorithm set corresponding to method set mark includes SM2 algorithm;
Transmitting element, the server sent for responding described client initialization handshake information to described client is initial
Change handshake information, wherein, described server initiation handshake information is carried described server from described M algorithm set mark choosing
The the first algorithm set mark gone out, described first algorithm set is designated among described M algorithm set mark;
Certification interactive unit, for based on the first algorithm set corresponding to described first algorithm set mark and described client
Carry out safety certification.
In conjunction with fourth aspect, in the embodiment that the first is possible,
Described first algorithm set is certification class algorithm set or anonymous class algorithm set,
Wherein, described anonymous class algorithm set includes that SM2 unsymmetrical key interactive algorithm, symmetric encipherment algorithm and summary are calculated
Method;Described certification class algorithm set includes: symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and pluck
Want algorithm.
In conjunction with the first possible embodiment of fourth aspect, in the embodiment that the second is possible,
If the first algorithm set is for certification class algorithm set, then certification interactive unit specifically for,
Sending the first message to described client, wherein, described first message carries server based on SM2 signature algorithm
User certificate;
Sending server key interaction message to described client, wherein, described server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, described first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described service
Device identity information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain, in order to
The first signing messages that described client is carried based on the described server key interaction message received, described in receiving
SM2 elliptic curve parameter that server key interaction message carries, server identity information, key exchange elliptic curve point kimonos
The correctness of business device PKI is verified, if correctness is verified, then takes based on described server key interaction message
It is pre-that the SM2 elliptic curve parameter of band, server identity information, key exchange elliptic curve point and server public key calculate client
Master key;
First Certificate request message is sent to described client;
Receive the second message for responding described First Certificate request message that described client sends, wherein, described
Second message carries client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Receiving the client key interaction message that described client sends, wherein, described client key interaction message is taken
With the random point on client public key, elliptic curve and client identity information, take based on described client key interaction message
Random point on the client public key of band, elliptic curve and the pre-master key of client identity information calculation server;
Receive client user's certification authentication message that described client sends, based on described client user's certification authentication
Message, verifies the legitimacy of the user certificate that described second message carries.
In conjunction with the first possible embodiment of fourth aspect, in the embodiment that the third is possible, if first calculates
Method set for certification class algorithm set, then certification interactive unit specifically for,
Sending the first message to described client, wherein, described first message carries server and carries server base
User certificate in SM2 signature algorithm;
Sending server key interaction message to described client, wherein, described server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, described first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described service
Device identity information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain, in order to
The first signing messages that described client is carried based on the described server key interaction message received, described in receiving
SM2 elliptic curve parameter that server key interaction message carries, server identity information, key exchange elliptic curve point kimonos
The correctness of business device PKI is verified, if correctness is verified, then takes based on described server key interaction message
It is pre-that the SM2 elliptic curve parameter of band, server identity information, key exchange elliptic curve point and server public key calculate client
Master key;
Receiving the client key interaction message that described client sends, wherein, described client key interaction message is taken
With the random point on client public key, elliptic curve and client identity information, wherein, described server is based on described client
Random point on client public key that cipher key interaction message is carried, elliptic curve and client identity information calculation server pre-master
Key.
In conjunction with the first possible embodiment of fourth aspect, in the 4th kind of possible embodiment, if first calculates
Method set for anonymous class algorithm set, then certification interactive unit specifically for,
Sending server key interaction message to described client, wherein, described server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key, in order to described client
SM2 elliptic curve parameter that end group carries in described server key interaction message, server identity information, key exchange ellipse
Curve point and server public key calculate the pre-master key of client;
Receiving the client key interaction message that described client sends, wherein, described client key interaction message is taken
With the random point on client public key, elliptic curve and client identity information, wherein, described server is based on described client
Random point on client public key that cipher key interaction message is carried, elliptic curve and client identity information calculation server pre-master
Key.
The third possible embodiment of the embodiment possible in conjunction with the second of fourth aspect or fourth aspect or
4th kind of possible embodiment of fourth aspect, in the 5th kind of possible embodiment, described certification interactive unit is also used
In, after receiving the client key interaction message that described client sends, receive the client key that described client sends
Validation-cross message, wherein, described client key validation-cross message is carried the client verification of SM2 cipher key interaction algorithm and is plucked
It is worth;After described client verification digest value is verified, sends server key validation-cross to described client and disappear
Breath, wherein, described server key validation-cross message carries the server verification digest value of SM2 cipher key interaction algorithm, in order to
In described client, described server verification digest value is verified.
Fifth aspect present invention provides a kind of communication system, including:
Client and server,
Wherein, described client, for sending at the beginning of client initialization handshake information, described client to described server
Beginningization handshake information is carried N number of algorithm set mark, M algorithm set among described N number of algorithm set mark identify in each
Algorithm set corresponding to algorithm set mark includes SM2 algorithm, and wherein, described N is just more than or equal to described M, described N and M
Integer;
Described server, for sending the service for responding described client initialization handshake information to described client
Device initialization handshake message, wherein, carries the first algorithm set mark in described server initiation handshake information, described first calculates
Method set is designated among described M algorithm set mark;Based on the first algorithm corresponding to described first algorithm set mark
Set and described client carry out safety certification.
In conjunction with the 5th aspect, in the embodiment that the first is possible,
If the first algorithm set is for certification class algorithm set, the most described server specifically for, send to described client and be used for
Responding the server initiation handshake information of described client initialization handshake information, wherein, described server initiation is shaken hands
Carrying the first algorithm set mark in message, described first algorithm set is designated among described M algorithm set mark,
Sending the first message to described client, wherein, described first message carries server based on SM2 signature algorithm
User certificate;
Sending server key interaction message to described client, wherein, described server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, described first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described service
Device identity information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain, in order to
The first signing messages that described client is carried based on the described server key interaction message received, described in receiving
SM2 elliptic curve parameter that server key interaction message carries, server identity information, key exchange elliptic curve point kimonos
The correctness of business device PKI is verified, if correctness is verified, then takes based on described server key interaction message
It is pre-that the SM2 elliptic curve parameter of band, server identity information, key exchange elliptic curve point and server public key calculate client
Master key;
First Certificate request message is sent to described client;
Receive the second message for responding described First Certificate request message that described client sends, wherein, described
Second message carries client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Receiving the client key interaction message that described client sends, wherein, described client key interaction message is taken
With the random point on client public key, elliptic curve and client identity information, take based on described client key interaction message
Random point on the client public key of band, elliptic curve and the pre-master key of client identity information calculation server;
Receive client user's certification authentication message that described client sends, based on described client user's certification authentication
Message, verifies the legitimacy of the user certificate that described second message carries.
In conjunction with the 5th aspect, in the embodiment that the second is possible, if the first algorithm set is certification class algorithm set, then institute
State server specifically for, send for responding the server of described client initialization handshake information initial to described client
Change handshake information, wherein, described server initiation handshake information is carried the first algorithm set mark, described first algorithm set mark
Know among for described M algorithm set mark;
Sending the first message to described client, wherein, described first message carries server based on SM2 signature algorithm
User certificate;
Sending server key interaction message to described client, wherein, described server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, described first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described service
Device identity information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain, in order to
The first signing messages that described client is carried based on the described server key interaction message received, described in receiving
SM2 elliptic curve parameter that server key interaction message carries, server identity information, key exchange elliptic curve point kimonos
The correctness of business device PKI is verified, if correctness is verified, then takes based on described server key interaction message
It is pre-that the SM2 elliptic curve parameter of band, server identity information, key exchange elliptic curve point and server public key calculate client
Master key;
Receiving the client key interaction message that described client sends, wherein, described client key interaction message is taken
With the random point on client public key, elliptic curve and client identity information, wherein, described server is based on described client
Random point on client public key that cipher key interaction message is carried, elliptic curve and client identity information calculation server pre-master
Key.
In conjunction with the 5th aspect, in the embodiment that the third is possible, if the first algorithm set is anonymous class algorithm set, then institute
State server specifically for, send for responding the server of described client initialization handshake information initial to described client
Change handshake information, wherein, described server initiation handshake information is carried the first algorithm set mark, described first algorithm set mark
Know among for described M algorithm set mark;Server key interaction message is sent to described client, wherein, described
Server key interaction message carries SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point kimonos
Business device PKI, in order to SM2 elliptic curve parameter that described client is carried based on described server key interaction message, service
Device identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;Receive described client to send out
The client key interaction message sent, wherein, described client key interaction message carries on client public key, elliptic curve
Random point and client identity information, wherein, the client that described server carries based on described client key interaction message
Random point on PKI, elliptic curve and the pre-master key of client identity information calculation server.
It can be seen that in the security authentication mechanism based on tls protocol of embodiment of the present invention proposition, user end to server
Send client initialization handshake information, wherein, above-mentioned client initialization handshake information is carried N number of algorithm set mark, on
The algorithm set corresponding to each algorithm set mark stated in M algorithm set mark among N number of algorithm set mark includes that SM2 calculates
Method, above-mentioned N is positive integer more than or equal to above-mentioned M, above-mentioned N and M;Above-mentioned client receives the server that above-mentioned server sends
Initialization handshake message, carries the first algorithm set mark, wherein, the first algorithm set mark in above-mentioned server initiation handshake information
Know among for above-mentioned M algorithm set mark;Above-mentioned client and above-mentioned server are right based on the first algorithm set mark
The the first algorithm set answered carries out safety certification.Wherein, by by the introducing of SM2 algorithm and safety certification machine based on tls protocol
System organically combines so that SM2 algorithm becomes possible and feasible for safety certification, and then makes to utilize SM2 algorithm to enter
Row data transmission become may and feasible, and due to SM2 algorithm is dissolved into security authentication mechanism based on tls protocol it
In, therefore can implement without equipment is changed on a large scale, the cost that scheme is implemented is relatively low.Generally speaking, the present invention implements
Example provides the reasonable mechanism that SM2 algorithm can be utilized to carry out data transmission, and is conducive to accelerating the application step of SM2 algorithm
Cut down, and then play SM2 algorithm advantage in terms of safety, and then be conducive to lifting to carry out safety certification and data based on TLS
The safety of transmission and performance.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
In having technology to describe, the required accompanying drawing used is briefly described, it should be apparent that, the accompanying drawing in describing below is only this
Some embodiments of invention, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to
Other accompanying drawing is obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of a kind of based on tls protocol the safety certifying method that the embodiment of the present invention provides;
Fig. 2 is the schematic flow sheet of the another kind safety certifying method based on tls protocol that the embodiment of the present invention provides;
Fig. 3 is the schematic flow sheet of the another kind safety certifying method based on tls protocol that the embodiment of the present invention provides;
Fig. 4 is the schematic flow sheet of the another kind safety certifying method based on tls protocol that the embodiment of the present invention provides;
Fig. 5 is the schematic flow sheet of the another kind safety certifying method based on tls protocol that the embodiment of the present invention provides;
Fig. 6 is the schematic diagram of a kind of client that the embodiment of the present invention provides;
Fig. 7 is the schematic diagram of the another kind of client that the embodiment of the present invention provides;
Fig. 8 is the schematic diagram of the another kind of client that the embodiment of the present invention provides;
Fig. 9 is the schematic diagram of a kind of server that the embodiment of the present invention provides;
Figure 10 is the schematic diagram of the another kind of server that the embodiment of the present invention provides;
Figure 11 is the schematic diagram of the another kind of server that the embodiment of the present invention provides;
Figure 12 is the schematic diagram of a kind of communication system that the embodiment of the present invention provides;
Figure 13 is the schematic diagram of a kind of mobile terminal that the embodiment of the present invention provides.
Detailed description of the invention
The embodiment of the present invention provides safety certifying method based on safe transmission layer protocol and relevant device and communication system,
To providing the mechanism that SM2 algorithm can be utilized to carry out data transmission, to accelerate the application paces of SM2 algorithm.
In order to make those skilled in the art be more fully understood that the present invention program, below in conjunction with in the embodiment of the present invention
Accompanying drawing, is clearly and completely described the technical scheme in the embodiment of the present invention, it is clear that described embodiment is only
The embodiment of a present invention part rather than whole embodiments.Based on the embodiment in the present invention, ordinary skill people
The every other embodiment that member is obtained under not making creative work premise, all should belong to the model of present invention protection
Enclose.
It is described in detail individually below.
Term " first " in description and claims of this specification and above-mentioned accompanying drawing, " second ", " the 3rd " "
Four " etc. (if present) is for distinguishing similar object, without being used for describing specific order or precedence.Should manage
Solve the data so used can exchange in the appropriate case, in order to embodiments of the invention described herein such as can be to remove
Order beyond those that here illustrate or describe is implemented.Additionally, term " includes " and " having " and theirs is any
Deformation, it is intended that cover non-exclusive comprising, such as, contain series of steps or the process of unit, method, system, product
Product or equipment are not necessarily limited to those steps or the unit clearly listed, but can include the most clearly listing or for this
Other step that a little processes, method, product or equipment are intrinsic or unit.
One embodiment of the method for present invention safety certification based on tls protocol, a kind of safety based on tls protocol is recognized
The method of card comprises the steps that user end to server sends client initialization handshake information, and wherein, above-mentioned client initialization is held
Hands message is carried N number of algorithm set mark, each algorithm set in M algorithm set mark among above-mentioned N number of algorithm set mark
Algorithm set corresponding to mark includes SM2 algorithm, and above-mentioned N is positive integer more than or equal to above-mentioned M, above-mentioned N and M;Above-mentioned
Client receives the server initiation being used for responding above-mentioned client initialization handshake information of above-mentioned server transmission and shakes hands
Message, carries the first algorithm set mark in above-mentioned server initiation handshake information, the first algorithm set is designated above-mentioned M algorithm
Among set mark one;Above-mentioned client is entered with above-mentioned server based on the first algorithm set corresponding to the first algorithm set mark
Row safety certification.
It is that one embodiment of the present of invention provides a kind of safety certification based on tls protocol referring firstly to Fig. 1, Fig. 1
The schematic flow sheet of method, one embodiment of the present of invention provides a kind of method of safety certification based on tls protocol to include
Herein below:
101, user end to server sends client initialization handshake information;
Wherein, above-mentioned client initialization handshake information is carried N number of algorithm set mark, above-mentioned N number of algorithm set mark
In M algorithm set mark in the algorithm set corresponding to each algorithm set mark include SM2 algorithm, above-mentioned N more than or etc.
It is positive integer in above-mentioned M, above-mentioned N and M.
Wherein, different algorithm sets can have different algorithm set marks.Each algorithm set can include several for recognizing
Card and data transmission algorithm, such as, each algorithm set can include symmetric encipherment algorithm, cipher key interaction algorithm, signature algorithm and
Digest algorithms etc., some algorithm set (such as anonymous class algorithm set) is likely to not include signature algorithm.
102, client receives the service for responding above-mentioned client initialization handshake information that above-mentioned server sends
Device initialization handshake message, wherein, carries the first algorithm set mark, the first algorithm set in above-mentioned server initiation handshake information
It is designated among above-mentioned M algorithm set mark.
In some embodiments of the invention, server can according to self-ability, transmission environment, security requirement etc. because of
Element, selects algorithm set mark (certainly a, service from N number of algorithm set mark that client initialization handshake information is carried
First device can support the various algorithms in its algorithm selected set, and is loaded with relevant parameter), in order to follow-up use is selected
Algorithm set mark corresponding to algorithm set continue and client carry out safety certification.Wherein, client initialization handshake information
Possible identical or different with the form of the algorithm set mark carried in server initialization handshake message.
103, client carries out recognizing safely with above-mentioned server based on the first algorithm set corresponding to the first algorithm set mark
Card.
In some embodiments of the invention, the first algorithm set can be such as certification class algorithm set or anonymous class algorithm
Set;Wherein, if the first algorithm set is anonymous class algorithm set, the first algorithm set includes SM2 unsymmetrical key interactive algorithm, symmetry
AES and digest algorithm;Wherein, if the first algorithm set is certification class algorithm set, the first algorithm set includes: symmetric cryptography
Algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and digest algorithm.
In some embodiments of the invention, if the first algorithm set is certification class algorithm set, then client is calculated based on first
The first algorithm set corresponding to method set mark carries out safety certification with server, may include that above-mentioned client receives above-mentioned clothes
The first message that business device sends, wherein, the first message carries server user certificate based on SM2 signature algorithm;Above-mentioned visitor
Family end receives the server key interaction message that above-mentioned server sends, and wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, wherein, and above-mentioned visitor
The first signing messages that family end group carries in the above-mentioned server key interaction message received, to the above-mentioned server received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server that cipher key interaction message is carried are public
The correctness of key is verified, if correctness is verified, then and the SM2 carried based on above-mentioned server key interaction message
Elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Above-mentioned client receives the First Certificate request message that above-mentioned server sends;Above-mentioned client receives what above-mentioned server sent
Server response terminates statement message;Above-mentioned client to above-mentioned server send for respond First Certificate request message the
Two message, wherein, the second message carries client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;Above-mentioned
Client sends client key interaction message, wherein, this client key interaction message portability client to above-mentioned server
Random point on end PKI, elliptic curve and client identity information, in order to above-mentioned server is based on above-mentioned client key
Random point and client identity information calculation server pre-master on client public key that interaction message carries, elliptic curve are close
Key;Client sends client user's certification authentication message to above-mentioned server, in order to above-mentioned client is based on above-mentioned client
End subscriber certification authentication message, verifies the legitimacy of the user certificate that the second message carries;Client also can receive server and send out
The first key sent changes statement message;Above-mentioned client sends the second key to above-mentioned server and changes statement message.Enter one
Step, the authentication code of the whole process message that server and client side also can send mutually, wherein, the authentication code institute of whole process message
Comprising content can be the most identical with the definition of TLS standard with form.Wherein, the example above scene is client and server
Section carries out the flow process of safety certification based on bidirectional authentication mechanism.
In some embodiments of the invention, if the first algorithm set is certification class algorithm set, then client is calculated based on first
The first algorithm set corresponding to method set mark carries out safety certification with server, may include that above-mentioned client receives above-mentioned clothes
The first message that business device sends, wherein, the first message carries server user certificate based on SM2 signature algorithm;Above-mentioned visitor
Family end receives the server key interaction message that above-mentioned server sends, and wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, wherein, and above-mentioned visitor
The first signing messages that family end group carries in the above-mentioned server key interaction message received, to the above-mentioned server received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server that cipher key interaction message is carried are public
The correctness of key is verified, if correctness is verified, then and the SM2 carried based on above-mentioned server key interaction message
Elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Above-mentioned client receives the First Certificate request message that above-mentioned server sends;Above-mentioned client sends to above-mentioned server and is used for
Second message of response First Certificate request message, wherein, the second message carries client based on SM2 signature algorithm or non-
The user certificate of SM2 signature algorithm;Above-mentioned client sends client key interaction message, wherein, this visitor to above-mentioned server
Random point on family end cipher key interaction message portability client public key, elliptic curve and client identity information, in order on
State the random point on client public key that server carries, elliptic curve and client based on above-mentioned client key interaction message
The pre-master key of identity information calculation server;Client sends client user's certification authentication message to above-mentioned server, in order to
In above-mentioned client based on above-mentioned client user's certification authentication message, verify the legal of the user certificate that the second message carries
Property.Further, the authentication code of the whole process message that server and client side also can send mutually, wherein, whole process message
The comprised content of authentication code can be the most identical with the definition of TLS standard with form.Wherein, the example above scene is client
With the flow process that server section carries out safety certification based on bidirectional authentication mechanism.
In some embodiments of the invention, if the first algorithm set is for certification class algorithm set, client and server based on
The first algorithm set corresponding to first algorithm set mark carries out safety certification, specifically comprises the steps that above-mentioned client receives above-mentioned clothes
The first message that business device sends, wherein, the first message carries server user certificate based on SM2 signature algorithm;Above-mentioned visitor
Family end receives the server key interaction message that above-mentioned server sends, and wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, wherein, and above-mentioned visitor
The first signing messages that family end group carries in the above-mentioned server key interaction message received, to the above-mentioned server received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server that cipher key interaction message is carried are public
The correctness of key is verified, if correctness is verified, then and the SM2 carried based on above-mentioned server key interaction message
Elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Above-mentioned client receives the server response end statement message that above-mentioned server sends;Above-mentioned client is sent out to above-mentioned server
Send client cipher key interaction message, wherein, on this client key interaction message portability client public key, elliptic curve with
Machine point and client identity information, in order to the client that above-mentioned server carries based on above-mentioned client key interaction message is public
Random point on key, elliptic curve and the pre-master key of client identity information calculation server;Client is sent out to above-mentioned server
Send client user certification authentication message, in order to above-mentioned client is based on above-mentioned client user's certification authentication message, checking
The legitimacy of the user certificate that the second message is carried;Client also can receive the first key replacing statement of server transmission and disappear
Breath;Above-mentioned client sends the second key to above-mentioned server and changes statement message.Further, server and client side also may be used
The authentication code of the whole process message sent mutually, wherein, the comprised content of authentication code of whole process message and form can be marked with TLS
Certainly justice is the most identical.Wherein, the example above scene is that client and server section is carried out based on bidirectional authentication mechanism
The flow process of safety certification.
In some embodiments of the invention, if the first algorithm set is for certification class algorithm set, client and server based on
The first algorithm set corresponding to first algorithm set mark carries out safety certification, specifically comprises the steps that above-mentioned client receives above-mentioned clothes
The first message that business device sends, wherein, the first message carries server user certificate based on SM2 signature algorithm;Above-mentioned visitor
Family end receives the server key interaction message that above-mentioned server sends, and wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, wherein, and above-mentioned visitor
The first signing messages that family end group carries in the above-mentioned server key interaction message received, to the above-mentioned server received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server that cipher key interaction message is carried are public
The correctness of key is verified, if correctness is verified, then and the SM2 carried based on above-mentioned server key interaction message
Elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Above-mentioned client sends client key interaction message, wherein, this client key interaction message portability to above-mentioned server
Random point on client public key, elliptic curve and client identity information, in order to above-mentioned server is based on above-mentioned client
Random point on client public key that cipher key interaction message is carried, elliptic curve and client identity information calculation server pre-master
Key;Client sends client user's certification authentication message to above-mentioned server, in order to above-mentioned client is based on above-mentioned visitor
Family end subscriber certification authentication message, verifies the legitimacy of the user certificate that the second message carries.Further, server and client
The authentication code of the whole process message that end also can send mutually, wherein, the comprised content of authentication code of whole process message and form can
The most identical with the definition of TLS standard.Wherein, the example above scene is that client and server section is based on two-way authentication machine
System carries out the flow process of safety certification.
In some embodiments of the invention, if the first algorithm set is anonymous class algorithm set, then client and server base
Carry out safety certification in the first algorithm set corresponding to the first algorithm set mark, may include that above-mentioned client receives above-mentioned clothes
The first message that business device sends, wherein, the first message carries server user certificate based on SM2 signature algorithm;Above-mentioned visitor
Family end receives the server key interaction message that above-mentioned server sends, and wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key, wherein, above-mentioned client
The SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key exchange are oval bent
Line point and server public key calculate the pre-master key of client;Above-mentioned client receives the server response knot that above-mentioned server sends
Shu Shengming message;Above-mentioned client sends client key interaction message to above-mentioned server, and wherein, this client key is mutual
Random point on message portability client public key, elliptic curve and client identity information, in order to above-mentioned server based on
Random point and client identity information on client public key that above-mentioned client key interaction message carries, elliptic curve calculate
The pre-master key of server;Client also can receive the first key replacing statement message that server sends;Above-mentioned client is upwards
State server and send the second key replacing statement message.Further, the whole process that server and client side also can send mutually
The authentication code of message, wherein, the comprised content of authentication code of whole process message and form can define wholly or substantially with TLS standard
Identical.Wherein, the example above scene is that client and server section carries out the flow process of safety certification based on bidirectional authentication mechanism.
In some embodiments of the invention, if the first algorithm set is anonymous class algorithm set, then client and server base
Carry out safety certification in the first algorithm set corresponding to the first algorithm set mark, may include that above-mentioned client receives above-mentioned clothes
The first message that business device sends, wherein, the first message carries server user certificate based on SM2 signature algorithm;Above-mentioned visitor
Family end receives the server key interaction message that above-mentioned server sends, and wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key, wherein, above-mentioned client
The SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key exchange are oval bent
Line point and server public key calculate the pre-master key of client;Above-mentioned client sends client key to above-mentioned server and disappears alternately
Breath, wherein, the random point on this client key interaction message portability client public key, elliptic curve and client identity letter
Breath, in order on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve with
Machine point and the pre-master key of client identity information calculation server.Further, server and client side also can send mutually
The authentication code of whole process message, wherein, the comprised content of authentication code of whole process message and form can with the definition of TLS standard completely
Or it is essentially identical.Wherein, the example above scene is that client and server section carries out safety certification based on bidirectional authentication mechanism
Flow process.
In some embodiments of the invention, the first key sent at above-mentioned client reception server is changed statement and is disappeared
Before breath, or, in above-mentioned client before above-mentioned server sends the second key replacing statement message, or, above-mentioned
Client, after above-mentioned server sends client key interaction message, may also include that above-mentioned client is to above-mentioned server
Sending client key validation-cross message, wherein, above-mentioned client key validation-cross message carries SM2 cipher key interaction algorithm
Client verification digest value, in order to above-mentioned server authentication above-mentioned client verification digest value;Receive above-mentioned service
The server key validation-cross message that device sends after being verified above-mentioned client verification digest value, wherein, above-mentioned clothes
Business device cipher key interaction checking message carries the server verification digest value of SM2 cipher key interaction algorithm, and above-mentioned client can be further
Above-mentioned server verification digest value is verified.
In other embodiments of the present invention, receive, in above-mentioned client, the first key replacing statement that server sends
Before message, or, in above-mentioned client before above-mentioned server sends the second key replacing statement message, or, upper
State client after above-mentioned server sends client key interaction message, it is also possible to including: above-mentioned client receives above-mentioned
The server key validation-cross message that server sends, above-mentioned server key validation-cross message carries SM2 cipher key interaction
The server verification digest value of algorithm;Above-mentioned server verification digest value is verified by above-mentioned client, and above-mentioned client exists
After above-mentioned server verification digest value is verified, to above-mentioned server transmission client key validation-cross message, wherein,
Above-mentioned client key validation-cross message carries the client verification digest value of SM2 cipher key interaction algorithm, in order to above-mentioned clothes
Above-mentioned client verification digest value verified by business device, and above-mentioned client verification digest value can be tested by above-mentioned server further
Card.
It can be seen that in the security authentication mechanism based on tls protocol of the present embodiment proposition, user end to server sends
Client initialization handshake information, wherein, carries N number of algorithm set mark in above-mentioned client initialization handshake information, above-mentioned N number of
The algorithm set corresponding to each algorithm set mark in M algorithm set mark among algorithm set mark includes SM2 algorithm, on
Stating N more than or equal to above-mentioned M, above-mentioned N and M is positive integer;The server that above-mentioned client receives the transmission of above-mentioned server is initial
Changing handshake information, carry the first algorithm set mark in above-mentioned server initiation handshake information, the first algorithm set is designated above-mentioned M
Among individual algorithm set mark one;Above-mentioned client and above-mentioned server are based on the first calculation corresponding to the first algorithm set mark
Method set carries out safety certification.Wherein, by the introducing of SM2 algorithm and security authentication mechanism based on tls protocol are carried out organic
Combination so that SM2 algorithm for safety certification become may and feasible, and then make to utilize SM2 algorithm to carry out data transmission
Become possible and feasible, and owing to SM2 algorithm is dissolved among security authentication mechanism based on tls protocol, therefore without right
Equipment is changed on a large scale and can be implemented, and the cost that scheme is implemented is relatively low.Generally speaking, embodiments providing can
Utilize the reasonable mechanism that SM2 algorithm carries out data transmission, be conducive to accelerating the application paces of SM2 algorithm, and then play SM2
Algorithm advantage in terms of safety, is conducive to improving the safety of TLS and performance.
Another embodiment of the method for present invention safety certification based on tls protocol, another kind of safety based on tls protocol
The method of certification includes: server receives the client initialization handshake information that client sends, and above-mentioned client initialization is held
Hands message is carried N number of algorithm set mark, each algorithm set in M algorithm set mark among above-mentioned N number of algorithm set mark
Algorithm set corresponding to mark includes SM2 algorithm;Above-mentioned server sends to above-mentioned client and is used for responding above-mentioned client
The server initiation handshake information of initialization handshake message, wherein, carries above-mentioned in above-mentioned server initiation handshake information
The first algorithm set mark that server is selected from above-mentioned M algorithm set mark, the first algorithm set is designated above-mentioned M algorithm set mark
Among knowledge one;Above-mentioned server is pacified based on the first algorithm set corresponding to the first algorithm set mark with above-mentioned client
Full certification.
It is the another kind safety based on tls protocol that an alternative embodiment of the invention provides referring firstly to Fig. 2, Fig. 2
The schematic flow sheet of the method for certification, the another kind safety certification based on tls protocol that an alternative embodiment of the invention provides
Method can include herein below:
201, server receives the client initialization handshake information that client sends;Wherein, above-mentioned client initialization
Handshake information is carried N number of algorithm set mark, each algorithm in M algorithm set mark among above-mentioned N number of algorithm set mark
Algorithm set corresponding to set mark includes SM2 algorithm.
Wherein, different algorithm sets can have different algorithm set marks.Each algorithm set can include several for recognizing
Card and data transmission algorithm, such as, each algorithm set can include symmetric encipherment algorithm, cipher key interaction algorithm, signature algorithm and
Digest algorithms etc., some algorithm set (such as anonymous class algorithm set) is likely to not include signature algorithm.
202, server is at the beginning of the server that above-mentioned client sends for responding above-mentioned client initialization handshake information
Beginningization handshake information, wherein, carries above-mentioned server from above-mentioned M algorithm set mark in above-mentioned server initiation handshake information
The the first algorithm set mark selected, the first algorithm set is designated among above-mentioned M algorithm set mark.
In some embodiments of the invention, server can according to self-ability, transmission environment, security requirement etc. because of
Element, selects algorithm set mark (certainly a, service from N number of algorithm set mark that client initialization handshake information is carried
First device can support the various algorithms in its algorithm selected set, and is loaded with relevant parameter), in order to follow-up use is selected
Algorithm set mark corresponding to algorithm set continue and client carry out safety certification.Wherein, client initialization handshake information
Possible identical or different with the form of the algorithm set mark carried in server initialization handshake message.
203, server carries out recognizing safely with above-mentioned client based on the first algorithm set corresponding to the first algorithm set mark
Card.
In some embodiments of the invention, the first algorithm set can be such as certification class algorithm set or anonymous class algorithm
Set;Wherein, if the first algorithm set is anonymous class algorithm set, the first algorithm set includes SM2 unsymmetrical key interactive algorithm, symmetry
AES and digest algorithm;Wherein, if the first algorithm set is certification class algorithm set, the first algorithm set includes that symmetric cryptography is calculated
Method, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and digest algorithm.
In some embodiments of the invention, if the first algorithm set is for certification class algorithm set, the most above-mentioned server is based on the
One algorithm set mark corresponding to first algorithm set with above-mentioned client carry out safety certification, may include that above-mentioned server to
Above-mentioned client sends the first message, and wherein, the first message carries server user certificate based on SM2 signature algorithm;On
Stating server and send server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned
The first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;Above-mentioned server sends First Certificate request message to above-mentioned client;Above-mentioned server sends service to above-mentioned client
Device response terminates statement message;Above-mentioned server receive that above-mentioned client sends for responding the of First Certificate request message
Two message, wherein, the second message carries client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;Above-mentioned
Server receives the client key interaction message that above-mentioned client sends, and wherein, above-mentioned client key interaction message carries
Random point on client public key, elliptic curve and client identity information, wherein, above-mentioned server is close based on above-mentioned client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key;Above-mentioned server receives client user's certification authentication message that above-mentioned client sends, and demonstrate,proves based on above-mentioned client user
Book checking message, verifies the legitimacy of the user certificate that the second message carries;Above-mentioned server sends first to above-mentioned client
Key changes statement message;Above-mentioned server receives the second key replacing statement message that above-mentioned client sends.Further,
The authentication code of the whole process message that server and client side also can send mutually, wherein, the authentication code of whole process message is comprised
Content can be the most identical with the definition of TLS standard with form.Wherein, the example above scene is client and server Duan Ji
The flow process of safety certification is carried out in bidirectional authentication mechanism.
In some embodiments of the invention, if the first algorithm set is for certification class algorithm set, the most above-mentioned server is based on the
One algorithm set mark corresponding to first algorithm set with above-mentioned client carry out safety certification, may include that above-mentioned server to
Above-mentioned client sends the first message, and wherein, the first message carries server user certificate based on SM2 signature algorithm;On
Stating server and send server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned
The first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;Above-mentioned server sends First Certificate request message to above-mentioned client;Above-mentioned server receives what above-mentioned client sent
For responding the second message of First Certificate request message, wherein, the second message carry client based on SM2 signature algorithm or
The user certificate of non-SM2 signature algorithm;Above-mentioned server receives the client key interaction message that above-mentioned client sends, its
In, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity information, its
In, random point on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve and
The pre-master key of client identity information calculation server;Above-mentioned server receives client user's certificate that above-mentioned client sends
Checking message, based on above-mentioned client user's certification authentication message, verifies the legitimacy of the user certificate that the second message carries.Enter
One step, the authentication code of the whole process message that server and client side also can send mutually, wherein, the authentication code of whole process message
Comprised content can be the most identical with the definition of TLS standard with form.Wherein, the example above scene is client and service
Device section carries out the flow process of safety certification based on bidirectional authentication mechanism.
In some embodiments of the invention, if the first algorithm set is certification class algorithm set, the most above-mentioned server is with above-mentioned
Client based on first algorithm set mark corresponding to the first algorithm set carry out safety certification, may include that above-mentioned server to
Above-mentioned client sends the first message, and wherein, the first message carries server user certificate based on SM2 signature algorithm;On
Stating server and send server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned
The first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;Above-mentioned server sends server response to above-mentioned client and terminates statement message;Above-mentioned server receives above-mentioned client
The client key interaction message sent, wherein, above-mentioned client key interaction message carries on client public key, elliptic curve
Random point and client identity information, wherein, the client that above-mentioned server carries based on above-mentioned client key interaction message
Random point on end PKI, elliptic curve and the pre-master key of client identity information calculation server;Above-mentioned server is to above-mentioned
Client sends the first key and changes statement message;Above-mentioned server receives the second key replacing statement that above-mentioned client sends
Message.Further, the authentication code of the whole process message that server and client side also can send mutually, wherein, whole process message
The comprised content of authentication code and form can be the most identical with the definition of TLS standard.Wherein, the example above scene is client
End and server section carry out the flow process of safety certification based on bidirectional authentication mechanism.
In some embodiments of the invention, if the first algorithm set is certification class algorithm set, the most above-mentioned server is with above-mentioned
Client based on first algorithm set mark corresponding to the first algorithm set carry out safety certification, may include that above-mentioned server to
Above-mentioned client sends the first message, and wherein, the first message carries server user certificate based on SM2 signature algorithm;On
Stating server and send server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned
The first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;Above-mentioned server receives the client key interaction message that above-mentioned client sends, and wherein, above-mentioned client key disappears alternately
Breath carries the random point on client public key, elliptic curve and client identity information, and wherein, above-mentioned server is based on above-mentioned visitor
Random point on client public key that family end cipher key interaction message is carried, elliptic curve and client identity information calculation server
Pre-master key.Further, the authentication code of the whole process message that server and client side also can send mutually, wherein, whole process
The comprised content of authentication code of message can be the most identical with the definition of TLS standard with form.Wherein, the example above scene is
Client and server section carries out the flow process of safety certification based on bidirectional authentication mechanism.
In some embodiments of the invention, if the first algorithm set is anonymous class algorithm set, the most above-mentioned server is with above-mentioned
Client based on first algorithm set mark corresponding to the first algorithm set carry out safety certification, may include that above-mentioned server to
Above-mentioned client sends the first message, and wherein, the first message carries server user certificate based on SM2 signature algorithm;On
Stating server and send server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key, in order to above-mentioned client
The SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key exchange are oval bent
Line point and server public key calculate the pre-master key of client;Above-mentioned server sends server response end sound to above-mentioned client
Bright message;Above-mentioned server receives the client key interaction message that above-mentioned client sends, and wherein, above-mentioned client key is handed over
Message carries the random point on client public key, elliptic curve and client identity information mutually, and wherein, above-mentioned server is based on upper
State the random point on client public key that client key interaction message carries, elliptic curve and client identity information calculates clothes
The business pre-master key of device;Above-mentioned server sends the first key to above-mentioned client and changes statement message;On above-mentioned server receives
State the second key replacing statement message that client sends.Further, the full stream that server and client side also can send mutually
The authentication code of journey message, wherein, the comprised content of authentication code of whole process message and form can or bases complete with the definition of TLS standard
This is identical.Wherein, the example above scene is that client and server section carries out the flow process of safety certification based on bidirectional authentication mechanism.
In some embodiments of the invention, if the first algorithm set is anonymous class algorithm set, the most above-mentioned server is with above-mentioned
Client based on first algorithm set mark corresponding to the first algorithm set carry out safety certification, may include that above-mentioned server to
Above-mentioned client sends the first message, and wherein, the first message carries server user certificate based on SM2 signature algorithm;On
Stating server and send server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key, in order to above-mentioned client
The SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key exchange are oval bent
Line point and server public key calculate the pre-master key of client;Above-mentioned server receives the client key friendship that above-mentioned client sends
Message mutually, wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client body
Part information, wherein, on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve
Random point and the pre-master key of client identity information calculation server.Further, server and client side also can send mutually
The authentication code of whole process message, wherein, the comprised content of authentication code of whole process message and form can define with TLS standard
Complete or essentially identical.Wherein, the example above scene is that client and server section carries out safety certification based on bidirectional authentication mechanism
Flow process.
In some embodiments of the invention, send the first key replacing statement at above-mentioned server to above-mentioned client to disappear
Before breath, or, before above-mentioned server receives the second key replacing statement message that above-mentioned client sends, or, above-mentioned clothes
Business device may also include that above-mentioned server receives above-mentioned client after receiving the client key interaction message that above-mentioned client sends
The client key validation-cross message that end sends, wherein, above-mentioned client key validation-cross message carries SM2 cipher key interaction
The client verification digest value of algorithm;After above-mentioned client verification digest value is verified, send clothes to above-mentioned client
Business device cipher key interaction checking message, wherein, above-mentioned server key validation-cross message carries the service of SM2 cipher key interaction algorithm
Device verification digest value, in order to above-mentioned server verification digest value is verified by above-mentioned client.Above-mentioned client can enter one
Walk and above-mentioned server verification digest value is verified.
In other embodiments of the present invention, send the first key at above-mentioned server to above-mentioned client and change statement
Before message, or, before above-mentioned server receives the second key replacing statement message that above-mentioned client sends, or,
Above-mentioned server receive above-mentioned client send client key interaction message after, it is also possible to including: above-mentioned server to
Above-mentioned client sends server key validation-cross message, and wherein, it is close that above-mentioned server key validation-cross message carries SM2
The server verification digest value of key interactive algorithm;Above-mentioned server receives above-mentioned client to server verification digest value checking
By the client key validation-cross message of rear transmission, wherein, above-mentioned client key validation-cross message carries SM2 key
The client verification digest value of interactive algorithm, above-mentioned server can be further to the verification digest value checking of above-mentioned client.
It can be seen that in the security authentication mechanism based on tls protocol of the present embodiment scheme proposition, server receives client
The client initialization handshake information that end sends, carries N number of algorithm set mark in above-mentioned client initialization handshake information, above-mentioned
The algorithm set corresponding to each algorithm set mark in M algorithm set mark among N number of algorithm set mark includes that SM2 calculates
Method;Server sends server initiation handshake information to above-mentioned client, in the most above-mentioned server initiation handshake information
Carrying the first algorithm set mark that above-mentioned server is selected from above-mentioned M algorithm set mark, the first algorithm set is designated above-mentioned M
Among algorithm set mark one;Above-mentioned server and above-mentioned client are based on the first algorithm corresponding to the first algorithm set mark
Set carries out safety certification.Wherein by the introducing of SM2 algorithm and security authentication mechanism based on tls protocol are organically tied
Close so that SM2 algorithm becomes possible and feasible for safety certification, and then makes to utilize SM2 algorithm to carry out data transmission becoming
Possible and feasible, and, owing to SM2 algorithm is dissolved among security authentication mechanism based on tls protocol, therefore without to equipment
Changing on a large scale and can implement, the cost that scheme is implemented is relatively low.Generally speaking, embodiments provide and can utilize
The mechanism of the reasonable that SM2 algorithm carries out data transmission, is conducive to accelerating the application paces of SM2 algorithm, and then plays SM2 calculation
Method advantage in terms of safety, is conducive to improving the safety of TLS and performance.
For ease of being better understood from and implement the such scheme of the embodiment of the present invention, several application scenarios of illustrating below enters
Row illustrates.
See the schematic flow sheet that Fig. 3, Fig. 3 are a kind of safety certifying methods that another embodiment of the present invention provides, Fig. 3
Shown method relates to the mechanism of a kind of two-way authentication (ClientAuthentication) based on tls protocol, as it is shown on figure 3,
A kind of safety certifying method that another embodiment of the present invention provides can include herein below:
301, user end to server sends client initialization handshake information (ClientHello);
Wherein, above-mentioned client initialization handshake information is carried N number of algorithm set mark, above-mentioned N number of algorithm set mark
In M algorithm set mark in the algorithm set corresponding to each algorithm set mark include SM2 algorithm, above-mentioned N more than or etc.
It is positive integer in above-mentioned M, above-mentioned N and M.
302, server responds the above-mentioned client initialization handshake information received, and sends server to client initial
Change handshake information (ServerHello);
Wherein, server initiation handshake information carries the first algorithm set mark that server is chosen, the first algorithm set mark
Know among for above-mentioned M algorithm set mark.
Wherein, the first algorithm set identifies corresponding first algorithm set, and the first algorithm set includes:
Symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and digest algorithm.
In some embodiments of the invention, server select to comprise the algorithm set of SM2 algorithm can be former in accordance with following three
Then:
A, server are loaded with user certificate and the private key of SM2ECDSA Digital Signature Algorithm;
B, server are loaded with the elliptic curve parameter required by SM2ECDHE;
C, server can support other the symmetric encipherment algorithm in selected algorithm set and digest algorithm.
303, server sends the first message to client, and wherein, the first message carries server and calculates based on SM2 signature
The user certificate (Server Certificate) of method.
In some embodiments of the invention, server can send to client carry the first message of list of cert, wherein,
List of cert includes server user certificate based on SM2 signature algorithm, and the create-rule of list of cert refers to x509 mark
Quasi-PKI process.The user certificate based on SM2 signature algorithm that server can be sent by client further carries out corresponding certification.
304, server sends server key interaction message (ServerKeyExchange) to client.
In some embodiments of the invention, server key interaction message portability SM2 elliptic curve canonical parameter a, b, p
The elliptic curve parameter generated with n(or server), server public key (server-P) needed for SM2 Diffie-Hellman, close
Key exchange elliptic curve point RA, server identity information ZAWith the first signing messages, wherein, the first signing messages is based on service
The private key of device user certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server identity information, the oval song of above-mentioned key exchange
Line point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned client is based on the above-mentioned service received
The first signing messages that device cipher key interaction message is carried, the SM2 carrying the above-mentioned server key interaction message received is ellipse
The correctness of curve parameters, server identity information, key exchange elliptic curve point and server public key is verified, if just
Really property is verified, then the SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity
Information, key exchange elliptic curve point and server public key calculate the pre-master key of client.Server also retains what oneself generated
Private key, in order to carry out the calculating of pre-master key.
305, server sends certificate request message (CertificateRequest) to client.
Such as, server can send the certificate request etc. of RSA, DSA, ECDSA and/or SM2ECDSA to client.
306, the server response that server sends for indicating second step to shake hands to client terminates statement message
(ServerHelloDone);
In some embodiments of the invention, the response of above-mentioned server terminates to state that the purposes of message and definition can be with TLS
Standard definition is identical.
307, user end to server sends the second message for responding First Certificate request message, wherein the second message
Carry client user certificate based on SM2 signature algorithm or non-SM2 signature algorithm (Client Certificate);
Wherein, the related credentials that client sends can be RSA, DSA, ECDSA and/or SM2ECDSA etc. certificate.
The certificate that client can be sent by server further is authenticated.
308, the SM2 elliptic curve parameter that client is carried according to the server key interaction message that server sends calculates
The public and private key of client and elliptic curve point,
Client sends client public key by client key interaction message (ClientKeyExchange) to server
(client-P), the random point R on elliptic curveB, and client identity mark ZB.And client preserves the private key of oneself,
So that the pre-master key of subsequent calculations.Wherein, on above-mentioned client key interaction message portability client public key, elliptic curve
Random point and client identity information etc., wherein, in order to server carries based on above-mentioned client key interaction message
Random point on client public key, elliptic curve and the pre-master key of client identity information calculation server.
309, user end to server sends client key validation-cross message.
Wherein, above-mentioned client key validation-cross message (ClientKeyExchangeVerify) carries the friendship of SM2 key
The client verification digest value of algorithm mutually.
310, user end to server sends client user's certification authentication message (CertificateVerify).
Wherein, client user's certification authentication message portability the second signing messages, wherein, the second signing messages be based on
The part or all of message that user end to server in step 301~309 is sent by the private key of server user's certificate, and/or
The part or all of message that the server that in step 301~309, client receives sends carries out signature computing and obtains.
Certainly, the second signing messages can be verified by server further.
Server is also based on above-mentioned client user's certification authentication message, verifies the user certificate that the second message carries
Legitimacy.
311, client verification digest value is verified by server, and be verified is rear close to client transmission server
Key validation-cross message (ServerKeyExchangeVerify), above-mentioned server key validation-cross message carries SM2 key
The server verification digest value of interactive algorithm.Wherein, above-mentioned server verification digest value can be verified by client further.
Wherein, step 309 and step 311 are optional step.
312, server sends the first key to client and changes statement message (ChangeCipherSpec);
313, user end to server sends the second key and changes statement message (ChangeCipherSpec);
Wherein, client and server is sent out key mutually and is changed statement message, for confirming that both sides' negotiating algorithm terminates, and
Stating that the algorithm that follow-up use consults interacts, key changes the form of statement message can be identical with standard TLS.Wherein,
Client and server is before sending key replacing statement message, and client and server all can be according to the key of local terminal generation
The cipher key interaction information that interactive information and opposite end send over carries out the calculating of pre-master key, after being gone out by pre-master cipher key derivative
The key of continuous symmetry algorithm and the key of Message Authentication Code.Wherein, the computational methods of pre-master key are calculated in accordance with SM2 cipher key interaction
The standard definition of method and tls protocol standard are carried out.
314, the end of shaking hands (Finished) that server and client side also can send mutually.
Wherein, server carries whole process that is that server sends and that receive to the end of shaking hands that client sends
The authentication code of message;The end of shaking hands that user end to server sends carries whole process that is that client sends and that receive
The authentication code of message.Wherein, whole process message is carried out digest calculations and can get the authentication code of whole process message.
Wherein, the comprised content of the authentication code of whole process message can be the most identical with the definition of TLS standard with form.
The authentication code verifying of the whole process message received is passed through afterwards by server and client side respectively, security authentication process
Terminate.Follow-up, server and client side can interactive application data (ApplicationData): the application of server and client side
Data interaction, concrete requirement is with reference to tls protocol requirement.Interactive application data uses key and the Message Authentication Code of symmetry algorithm
Key.
Wherein, as a example by above-mentioned flow process is primarily directed to various checking all successfully scene, the most in actual applications
Also there may be the possibility of authentication failed, for example, if the Information Authentication failure from server that client is to receiving
(authentication code such as checking whole process message have failed, and authentication server certificate have failed), then client can be sent out to server
Send failed message of shaking hands, and security authentication process can be stopped, similar, if the information from client that server is to receiving
Authentication failed, then server can send, to client, failed message of shaking hands, and can stop security authentication process.
It can be seen that in the bidirectional authentication mechanism based on tls protocol of the present embodiment proposition, server receives client and sends out
The client initialization handshake information sent, carries N number of algorithm set mark in above-mentioned client initialization handshake information, above-mentioned N number of
The algorithm set corresponding to each algorithm set mark in M algorithm set mark among algorithm set mark includes SM2 algorithm;Clothes
Business device sends server initiation handshake information to above-mentioned client, carries in the most above-mentioned server initiation handshake information
Stating the first algorithm set mark that server is selected from above-mentioned M algorithm set mark, the first algorithm set is designated above-mentioned M algorithm set
Among mark one;Above-mentioned server is carried out based on the first algorithm set corresponding to the first algorithm set mark with above-mentioned client
Safety certification.Wherein by the introducing of SM2 algorithm and security authentication mechanism based on tls protocol are organically combined, make
SM2 algorithm for safety certification become may and feasible, and then make to utilize SM2 algorithm carry out data transmission becoming may and
Feasible, and, owing to SM2 algorithm is dissolved among security authentication mechanism based on tls protocol, therefore without equipment is carried out greatly
Scope is changed and can be implemented, and the cost that scheme is implemented is relatively low.Generally speaking, embodiments provide SM2 can be utilized to calculate
The mechanism of the reasonable that method carries out data transmission, is conducive to accelerating the application paces of SM2 algorithm, and then performance SM2 algorithm exists
Advantage in terms of safety.
See the schematic flow sheet that Fig. 4, Fig. 4 are a kind of safety certifying methods that another embodiment of the present invention provides, Fig. 4
Shown in method relate to the mechanism of a kind of unilateral authentication (ServerAuthentication) based on tls protocol, as shown in Figure 4,
A kind of safety certifying method that another embodiment of the present invention provides can include herein below:
401, user end to server sends client initialization handshake information (ClientHello);
Wherein, above-mentioned client initialization handshake information is carried N number of algorithm set mark, above-mentioned N number of algorithm set mark
In M algorithm set mark in the algorithm set corresponding to each algorithm set mark include SM2 algorithm, above-mentioned N more than or etc.
It is positive integer in above-mentioned M, above-mentioned N and M.
402, server responds the above-mentioned client initialization handshake information received, and sends server to client initial
Change handshake information (ServerHello);
Wherein, server initiation handshake information carries the first algorithm set mark that server is chosen, the first algorithm set mark
Know among for above-mentioned M algorithm set mark.
Wherein, the first algorithm set identifies corresponding first algorithm set, and the first algorithm set includes:
Symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and digest algorithm.
In some embodiments of the invention, server select to comprise the algorithm set of SM2 algorithm can be former in accordance with following three
Then:
A, server are loaded with user certificate and the private key of SM2ECDSA Digital Signature Algorithm;
B, server are loaded with the elliptic curve parameter required by SM2ECDHE;
C, server can support other the symmetric encipherment algorithm in selected algorithm set and digest algorithm.
403, server sends the first message to client, and wherein, the first message carries server and calculates based on SM2 signature
The user certificate (Server Certificate) of method.
In some embodiments of the invention, server can send the message carrying list of cert, wherein, certificate to client
List includes server user certificate based on SM2 signature algorithm, and the create-rule of list of cert refers to x509 standard PKI
Process.The user certificate based on SM2 signature algorithm that server can be sent by client further carries out corresponding certification.
404, server sends server key interaction message (ServerKeyExchange) to client.
In some embodiments of the invention, server key interaction message portability SM2 elliptic curve canonical parameter a, b, p
The elliptic curve parameter generated with n(or server), server public key (server-P) needed for SM2 Diffie-Hellman, close
Key exchange elliptic curve point RA, server identity information ZAWith the first signing messages, wherein, the first signing messages is based on service
The private key of device user certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server identity information, the oval song of above-mentioned key exchange
Line point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned client is based on the above-mentioned service received
The first signing messages that device cipher key interaction message is carried, the SM2 carrying the above-mentioned server key interaction message received is ellipse
The correctness of curve parameters, server identity information, key exchange elliptic curve point and server public key is verified, if just
Really property is verified, then the SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity
Information, key exchange elliptic curve point and server public key calculate the pre-master key of client.Server also retains what oneself generated
Private key, in order to carry out the calculating of pre-master key.
405, the server response that server sends for indicating second step to shake hands to client terminates statement message
(ServerHelloDone);
In some embodiments of the invention, the response of above-mentioned server terminates to state that the purposes of message and definition can be with TLS
Standard definition is identical.
406, the SM2 elliptic curve parameter that client is carried according to the server key interaction message that server sends calculates
The public and private key of client and elliptic curve point, client sends client public key by client key interaction message to server
(client-P), the random point R on elliptic curveB, and client identity mark ZB.Further, client preserves the private of oneself
Key, in order to the pre-master key of subsequent calculations.Wherein, on client key interaction message portability client public key, elliptic curve
Random point and client identity information etc., wherein, in order to server carries based on above-mentioned client key interaction message
Random point on client public key, elliptic curve and the pre-master key of client identity information calculation server.
407, user end to server sends client key validation-cross message.
Wherein, above-mentioned client key validation-cross message (ClientKeyExchangeVerify) carries the friendship of SM2 key
The client verification digest value of algorithm mutually.
408, client verification digest value is verified by server, and be verified is rear close to client transmission server
Key validation-cross message (ServerKeyExchangeVerify), above-mentioned server key validation-cross message carries SM2 key
The server verification digest value of interactive algorithm.Wherein, above-mentioned server verification digest value can be verified by client further.
409, server sends the first key to client and changes statement message (ChangeCipherSpec);
410, user end to server sends the second key and changes statement message (ChangeCipherSpec);
Wherein, client and server is sent out key mutually and is changed statement message, for confirming that both sides' negotiating algorithm terminates, and
Stating that the algorithm that follow-up use consults interacts, key changes the form of statement message can be identical with standard TLS.Wherein,
Client and server is before sending key replacing statement message, and client and server all can be according to the key of local terminal generation
The cipher key interaction information that interactive information and opposite end send over carries out the calculating of pre-master key, after being gone out by pre-master cipher key derivative
The key of continuous symmetry algorithm and the key of Message Authentication Code.Wherein, the computational methods of pre-master key are calculated in accordance with SM2 cipher key interaction
The standard definition of method and tls protocol standard are carried out.
411, the end of shaking hands (Finished) that server and client side also can send mutually.
Wherein, server carries whole process that is that server sends and that receive to the end of shaking hands that client sends
The authentication code of message;The end of shaking hands that user end to server sends carries whole process that is that client sends and that receive
The authentication code of message.Wherein, whole process message is carried out digest calculations and can get the authentication code of whole process message.
Wherein, the comprised content of the authentication code of whole process message can be the most identical with the definition of TLS standard with form.
The authentication code verifying of the whole process message received is passed through afterwards by server and client side respectively, security authentication process
Terminate.Follow-up, server and client side can interactive application data (ApplicationData): the application of server and client side
Data interaction, concrete requirement is with reference to tls protocol requirement.Interactive application data uses key and the Message Authentication Code of symmetry algorithm
Key.
Wherein, as a example by above-mentioned flow process is primarily directed to various checking all successfully scene, the most in actual applications
Also there may be the possibility of authentication failed, for example, if the Information Authentication failure from server that client is to receiving,
Then client can send, to server, failed message of shaking hands, and can stop security authentication process, similar, if server is to reception
The Information Authentication failure from client arrived, then server can send, to client, failed message of shaking hands, and can stop safety
Identifying procedure.
It can be seen that in the unilateral authentication mechanism based on tls protocol of the present embodiment proposition, server receives client and sends out
The client initialization handshake information sent, carries N number of algorithm set mark in above-mentioned client initialization handshake information, above-mentioned N number of
The algorithm set corresponding to each algorithm set mark in M algorithm set mark among algorithm set mark includes SM2 algorithm;Clothes
Business device sends server initiation handshake information to above-mentioned client, carries in the most above-mentioned server initiation handshake information
Stating the first algorithm set mark that server is selected from above-mentioned M algorithm set mark, the first algorithm set is designated above-mentioned M algorithm set
Among mark one;Above-mentioned server is carried out based on the first algorithm set corresponding to the first algorithm set mark with above-mentioned client
Safety certification.Wherein by the introducing of SM2 algorithm and security authentication mechanism based on tls protocol are organically combined, make
SM2 algorithm for safety certification become may and feasible, and then make to utilize SM2 algorithm carry out data transmission becoming may and
Feasible, and, owing to SM2 algorithm is dissolved among security authentication mechanism based on tls protocol, therefore without equipment is carried out greatly
Scope is changed and can be implemented, and the cost that scheme is implemented is relatively low.Generally speaking, embodiments provide SM2 can be utilized to calculate
The mechanism of the reasonable that method carries out data transmission, is conducive to accelerating the application paces of SM2 algorithm, and then performance SM2 algorithm exists
Advantage in terms of safety.
See the schematic flow sheet that Fig. 5, Fig. 5 are a kind of safety certifying methods that another embodiment of the present invention provides, Fig. 5
Shown safety certifying method relates to the mechanism of a kind of anonymous authentication based on tls protocol, as it is shown in figure 5, another of the present invention is real
A kind of safety certifying method that executing example provides can include herein below:
501, user end to server sends client initialization handshake information (ClientHello);
Wherein, above-mentioned client initialization handshake information is carried N number of algorithm set mark, above-mentioned N number of algorithm set mark
In M algorithm set mark in the algorithm set corresponding to each algorithm set mark include SM2 algorithm, above-mentioned N more than or etc.
It is positive integer in above-mentioned M, above-mentioned N and M.
502, server responds the above-mentioned client initialization handshake information received, and sends server to client initial
Change handshake information (ServerHello);
Wherein, server initiation handshake information carries the first algorithm set mark that server is chosen, the first algorithm set mark
Know among for above-mentioned M algorithm set mark.
Wherein, the first algorithm set identifies corresponding first algorithm set, and the first algorithm set includes:
Symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm and digest algorithm.
In some embodiments of the invention, server select to comprise the algorithm set of SM2 algorithm can be former in accordance with following three
Then:
A, server are loaded with user certificate and the private key of SM2ECDSA Digital Signature Algorithm;
B, server are loaded with the elliptic curve parameter required by SM2ECDHE;
C, server can support other the symmetric encipherment algorithm in selected algorithm set and digest algorithm.
503, server sends server key interaction message (ServerKeyExchange) to client.
In some embodiments of the invention, server key interaction message portability SM2 elliptic curve canonical parameter a, b, p
The elliptic curve parameter generated with n(or server), server public key (server-P) needed for SM2 Diffie-Hellman, close
Key exchange elliptic curve point RAWith server identity information, in order to client is carried based on above-mentioned server key interaction message
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key.Server also retains the private key that oneself generates, in order to carry out the calculating of pre-master key.
504, the server response that server sends for indicating second step to shake hands to client terminates statement message
(ServerHelloDone);
In some embodiments of the invention, the response of above-mentioned server terminates to state that the purposes of message and definition can be with TLS
Standard definition is identical.
505, the SM2 elliptic curve parameter that client is carried according to the server key interaction message that server sends calculates
The public and private key of client and elliptic curve point, client sends client public key by client key interaction message to server
(client-P), the random point R on elliptic curveB, and client identity mark ZB.Further, client preserves the private of oneself
Key, in order to the pre-master key of subsequent calculations.Wherein, on client key interaction message portability client public key, elliptic curve
Random point and client identity information etc., wherein, in order to server carries based on above-mentioned client key interaction message
Random point on client public key, elliptic curve and the pre-master key of client identity information calculation server.
506, user end to server sends client key validation-cross message.
Wherein, above-mentioned client key validation-cross message (ClientKeyExchangeVerify) carries the friendship of SM2 key
The client verification digest value of algorithm mutually.
507, client verification digest value is verified by server, and be verified is rear close to client transmission server
Key validation-cross message (ServerKeyExchangeVerify), above-mentioned server key validation-cross message carries SM2 key
The server verification digest value of interactive algorithm.Wherein, above-mentioned server verification digest value can be verified by client further.
508, server sends the first key to client and changes statement message (ChangeCipherSpec);
509, user end to server sends the second key and changes statement message (ChangeCipherSpec);
Wherein, client and server is sent out key mutually and is changed statement message, for confirming that both sides' negotiating algorithm terminates, and
Stating that the algorithm that follow-up use consults interacts, key changes the form of statement message can be identical with standard TLS.Wherein,
Client and server is before sending key replacing statement message, and client and server all can be according to the key of local terminal generation
The cipher key interaction information that interactive information and opposite end send over carries out the calculating of pre-master key, after being gone out by pre-master cipher key derivative
The key of continuous symmetry algorithm and the key of Message Authentication Code.Wherein, the computational methods of pre-master key are calculated in accordance with SM2 cipher key interaction
The standard definition of method and tls protocol standard are carried out.
510, the end of shaking hands (Finished) that server and client side also can send mutually.
Wherein, server carries whole process that is that server sends and that receive to the end of shaking hands that client sends
The authentication code of message;The end of shaking hands that user end to server sends carries whole process that is that client sends and that receive
The authentication code of message.Wherein, whole process message is carried out digest calculations and can get the authentication code of whole process message.
Wherein, the comprised content of the authentication code of whole process message can be the most identical with the definition of TLS standard with form.
The authentication code verifying of the whole process message received is passed through afterwards by server and client side respectively, security authentication process
Terminate.Follow-up, server and client side can interactive application data (ApplicationData): the application of server and client side
Data interaction, concrete requirement is with reference to tls protocol requirement.Interactive application data uses key and the Message Authentication Code of symmetry algorithm
Key.
Wherein, as a example by above-mentioned flow process is primarily directed to various checking all successfully scene, the most in actual applications
Also there may be the possibility of authentication failed, for example, if the Information Authentication failure from server that client is to receiving,
Then client can send, to server, failed message of shaking hands, and can stop security authentication process, similar, if server is to reception
The Information Authentication failure from client arrived, then server can send, to client, failed message of shaking hands, and can stop safety
Identifying procedure.
It can be seen that in the anonymous authentication mechanism based on tls protocol of the present embodiment proposition, server receives client and sends out
The client initialization handshake information sent, carries N number of algorithm set mark in above-mentioned client initialization handshake information, above-mentioned N number of
The algorithm set corresponding to each algorithm set mark in M algorithm set mark among algorithm set mark includes SM2 algorithm;Clothes
Business device sends server initiation handshake information to above-mentioned client, carries in the most above-mentioned server initiation handshake information
Stating the first algorithm set mark that server is selected from above-mentioned M algorithm set mark, the first algorithm set is designated above-mentioned M algorithm set
Among mark one;Above-mentioned server is carried out based on the first algorithm set corresponding to the first algorithm set mark with above-mentioned client
Safety certification.Wherein by the introducing of SM2 algorithm and security authentication mechanism based on tls protocol are organically combined, make
SM2 algorithm for safety certification become may and feasible, and then make to utilize SM2 algorithm carry out data transmission becoming may and
Feasible, and, owing to SM2 algorithm is dissolved among security authentication mechanism based on tls protocol, therefore without equipment is carried out greatly
Scope is changed and can be implemented, and the cost that scheme is implemented is relatively low.Generally speaking, embodiments provide SM2 can be utilized to calculate
The mechanism of the reasonable that method carries out data transmission, is conducive to accelerating the application paces of SM2 algorithm, and then performance SM2 algorithm exists
Advantage in terms of safety.
For ease of being better understood from implementing such scheme, below to some message related in safety certifying method of the present invention
Or the form definition of parameter is illustrated.
The form definition of citing describes and describes in accordance with the format standard of TLS standard and RFC4492, uses
RFC1832XDR format description method.The message format definition not carrying out specified otherwise refer to the relevant RFC of RFC4492 with TLS
Standard defines.
In some embodiments of the invention, client initialization handshake information (ClientHello) and server are initial
The definition changing handshake information (ServerHello) can be identical with TLS standard RFC, but can designate that new definition comprise SM2 algorithm
Algorithm set.
The form of server user certificate based on SM2 signature algorithm (Server Certificate) can define with RFC,
Use SM2 related credentials the standard (" certificate authentication system based on SM2 algorithm that State Administration for Quality Supervision and Inspection and Quarantine promulgates
Certificate format standard ").
The form of server key interaction message (ServerKeyExchange) refers to the message format of RFC4492 and retouches
Stating, message format can be as follows:
Wherein, Digitally-signed represents the meaning of data signature, i.e. to the hash value number defined in message
According to signature, according to the feature of SM2 signature algorithm, the data structure of SM2 signature algorithm following (using ASN1 expression form):
Wherein, the form definition that server sends certificate request message (CertificateRequest) to client is basic
Follow the standard formulation of tls protocol.The definition of increase Sm2 certificate in the certificate type item of CertificateRequest:
In some embodiments of the invention, server sends the service for indicating second step to shake hands to client
Device response terminates the form of statement message (ServerHelloDone) can be identical with the definition of the standard of TLS.
In some embodiments of the invention, the client that user end to server sends is based on SM2 signature algorithm or non-
The basic format of the user certificate (Client Certificate) of SM2 signature algorithm can be identical with TLS standard definition.This certificate
The SM2 reference format certificate that State Standard Bureau specifies can be used, it would however also be possible to employ other certificate (such as RSA ECDSA
DSA etc.).
Wherein, the client key interaction message (ClientKeyExchange) that user end to server sends can wrap
Exchange key K that the elliptic curve parameter provided based on Server containing client generates, client public key (client-P) and
Client identity mark ZBDeng, form can be as follows:
Wherein, the data type of without proper notice definition, the RFC standard of RFC4492 and TLS can be used to define.
It is permissible that user end to server sends client key validation-cross message (ClientKeyExchangeVerify)
Using any one hash algorithm, specifically can confirm to use what hash value by the ID of comparison hash algorithm, its form is fixed
Justice can be as follows:
Server send server key validation-cross message (ServerKeyExchangeVerify) can use and
The hash algorithm that ClientKeyExchangeVerify is identical.Message format definition can be as follows:
User end to server sends the required signature of client user's certification authentication message (CertificateVerify)
Message can be identical with the RFC standard definition of TLS, including the mutual summation of the most all handshake information (if there being optional message,
The most optional message also can be included).If the certificate that Client sends is RSA DSA DSS certificate, form definition is same
TLS defines, if using ECDSA certificate, form definition is with reference to RFC4992.If using SM2 ellipse curve signature algorithm
Certificate, then use ASN1 standard code ellipse curve signature value.
Message format can be as follows:
struct{
SM2-Sig-Value;
}CertificateVerify;
Wherein, the data structure of signature information can be as follows (as a example by using ASN1 expression way)
The mutual key of server and client side changes the form definition of statement message (ChangeCipherSpec) can be with
The RFC standard definition of TLS is identical.
Server and client side mutual the form of end of shaking hands (Finished) and need the content that comprises can
Identical with TLS standard RFC definition.Wherein, if shaking hands in interaction, containing optional message, end of shaking hands calculates
Also optional message is comprised during cryptographic Hash.
It should be noted that the message of the example above or parameter format are only for example, optional satisfied in actual applications
The various forms of standard-required.
In embodiments of the present invention, by the combination of SM2 algorithm Yu other identifying algorithm, new algorithm set (first is defined
Algorithm set can be one of them), wherein the algorithm set imparting ID of new definition is as follows:
The ID defining new certification class algorithm set can be as follows:
The ID defining new anonymous class algorithm set can be as follows:
It is appreciated that the new algorithm set that may be not limited to the example above in actual applications, algorithm set ID are also not necessarily limited to
State citing, as long as algorithm set ID can be distinguish between.
One possible actual application scenarios of citing below.
Scene: certain E-business service center B(plays the part of the role of server) and user terminal A (play the part of the angle of client
Color) interact operation, owing to relating to security information, so both sides use safe encrypted tunnel.Owing to being both in mutually
In networking, and there is no IPSec node support, so TLS can be used.
In general, the business between service centre B and user terminal A needs the pattern by authentication alternately, and
Use the SM2 algorithm of State Commercial Cryptography Administration's version as asymmetric arithmetic.In view of, in the Internet, most TLS link uses list
To certification (ServerAuthentication), and client can verify oneself by inputting username and password after logging in
Identity, so this link uses ServerAuthentication pattern.Interaction flow is with reference in the authentication method shown in Fig. 4
Unilateral authentication flow process.
First user terminal A initiates connection of shaking hands.ClientHello is to service centre B in transmission, after service centre B receives,
Resolve the algorithm list that the ClientHello of user terminal A transmission carries, it is assumed that user terminal A requires to use SM2 certification class to calculate
Method.Service centre B checks the user certificate that self is equipped with, and can support SM2 Digital Signature Algorithm etc., and server B also has simultaneously
There is the ability using SM2 algorithm parameter to carry out cipher key interaction calculating, so service centre B chooses in user terminal A transmission list
Certification class SM2 algorithm, such as TLS_SM2ECDHE_SM2ECDSA_WITH_AES256_CBC_SHA.Service centre B is to user
Terminal A sends server certificate, the parameter of Sm2 cipher key interaction algorithm and the server public key of generation, random point etc. information.With
After family terminal A receives the information of service centre B, the certificate of service centre B is verified, find service centre B certificate by
After credible CA issues, continue the cipher key interaction information of analysis service center B, and according to the cipher key interaction information meter of service centre B
Calculate the cipher key interaction information of oneself;Meanwhile, the digital signature in the cipher key interaction information send service centre B verifies,
The true of the certificate really of confirmed service center B is used for person.User terminal A is sent to clothes the cipher key interaction information of oneself subsequently
Business center B, service centre B calculate the key of follow-up mutual needs accordingly, meanwhile, after user terminal A also can calculate
Continuous mutual key.Service centre B and user terminal A are after by agreement last confirmation statement encryption enabled pattern, just
Business can be set up on encrypted tunnel.
The embodiment of the present invention is that TLS devises one group of introducing SM2 association key exchange algorithm and the calculation of SM2 signature algorithm
Method set, improves safety and the performance of TLS.Define multiple message format for supporting SM2 algorithm, the most suitable increase
The type of message of TLS, can meet the requirement promoting the application of SM2 algorithm.
Further, with reference to thinking and the method for the embodiment of the present invention, can expand to safety such as IKEv2EAP authentication framework
The application of agreement, makes these standard agreements also be able to compatible SM2 algorithm, promotes the use of for SM2 algorithm and have the highest valency
Value.
Seeing Fig. 6, the embodiment of the present invention also provides for a kind of client 600, it may include:
Transmitting element 610, reception unit 620 and certification interactive unit 630.
Transmitting element 610, for sending client initialization handshake information to server, wherein, above-mentioned client is initial
Change and handshake information is carried N number of algorithm set mark, each calculation in M algorithm set mark among above-mentioned N number of algorithm set mark
Algorithm set corresponding to method set mark includes SM2 algorithm, and wherein, above-mentioned N is the most whole more than or equal to above-mentioned M, above-mentioned N and M
Number;
Receive unit 620, for receive above-mentioned server send for responding above-mentioned client initialization handshake information
Server initiation handshake information, above-mentioned server initiation handshake information is carried first algorithm set mark, the first algorithm
Set is designated among above-mentioned M algorithm set mark;
Certification interactive unit 630, for based on the first algorithm set corresponding to the first algorithm set mark and above-mentioned server
Carry out safety certification.
In some embodiments of the invention, the first algorithm set is certification class algorithm set or anonymous class algorithm set;
Wherein, if the first algorithm set is anonymous class algorithm set, then the first algorithm set includes that SM2 unsymmetrical key is calculated alternately
Method, symmetric encipherment algorithm and digest algorithm;Wherein, if the first algorithm set is certification class algorithm set, in the first algorithm set: including:
Symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and digest algorithm.
In some embodiments of the invention, if the first algorithm set is certification class algorithm set, then certification interactive unit 630 can
Specifically for, receive the first message that above-mentioned server sends, wherein, the first message carries server and calculates based on SM2 signature
The user certificate of method;
Receiving the server key interaction message that above-mentioned server sends, wherein, above-mentioned server key interaction message is taken
With SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first A.L.S.
Breath, wherein, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned service
Device identity information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain;Based on connecing
The first signing messages that the above-mentioned server key interaction message received carries, disappears alternately to the above-mentioned server key received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the correctness of server public key that breath carries
Verify, if correctness is verified, then the SM2 elliptic curve ginseng carried based on above-mentioned server key interaction message
Number, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Receive the First Certificate request message that above-mentioned server sends;
Receive the server response end statement message that above-mentioned server sends;
Sending the second message for responding First Certificate request message to above-mentioned server, wherein, the second message is carried
There is client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Sending client key interaction message to above-mentioned server, wherein, above-mentioned client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, in order to above-mentioned server is close based on above-mentioned client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key;
Client user's certification authentication message is sent, in order to above-mentioned client is based on above-mentioned client to above-mentioned server
User certificate checking message, verifies the legitimacy of the user certificate that the second message carries;
Receive the first key replacing statement message that server sends;
Send the second key to above-mentioned server and change statement message.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then certification interactive unit 630
Can be specifically for, receive the first message that above-mentioned server sends, wherein, the first message carries server and signs based on SM2
The user certificate of algorithm;
Receiving the server key interaction message that above-mentioned server sends, wherein, above-mentioned server key interaction message is taken
With SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first A.L.S.
Breath, wherein, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned service
Device identity information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain;Based on connecing
The first signing messages that the above-mentioned server key interaction message received carries, disappears alternately to the above-mentioned server key received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the correctness of server public key that breath carries
Verify, if correctness is verified, then the SM2 elliptic curve ginseng carried based on above-mentioned server key interaction message
Number, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Receive the First Certificate request message that above-mentioned server sends;
Sending the second message for responding First Certificate request message to above-mentioned server, wherein, the second message is carried
There is client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Sending client key interaction message to above-mentioned server, wherein, above-mentioned client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, in order to above-mentioned server is close based on above-mentioned client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key;
Client user's certification authentication message is sent, in order to above-mentioned client is based on above-mentioned client to above-mentioned server
User certificate checking message, verifies the legitimacy of the user certificate that the second message carries.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then certification interactive unit 630
Can be specifically for, receive that above-mentioned server sends carries server user certificate based on SM2 signature algorithm;
Receiving the server key interaction message that above-mentioned server sends, wherein, above-mentioned server key interaction message is taken
With SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first A.L.S.
Breath, wherein, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned service
Device identity information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain;Based on connecing
The first signing messages that the above-mentioned server key interaction message received carries, disappears alternately to the above-mentioned server key received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the correctness of server public key that breath carries
Verify, if correctness is verified, then the SM2 elliptic curve ginseng carried based on above-mentioned server key interaction message
Number, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Receive the server response end statement message that above-mentioned server sends;
Sending client key interaction message to above-mentioned server, wherein, above-mentioned client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, in order to above-mentioned server is close based on above-mentioned client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key;
Receive the first key replacing statement message that server sends;
Send the second key to above-mentioned server and change statement message.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then certification interactive unit 630
Can be specifically for, receive that above-mentioned server sends carries server user certificate based on SM2 signature algorithm;
Receiving the server key interaction message that above-mentioned server sends, wherein, above-mentioned server key interaction message is taken
With SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first A.L.S.
Breath, wherein, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned service
Device identity information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain;Based on connecing
The first signing messages that the above-mentioned server key interaction message received carries, disappears alternately to the above-mentioned server key received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the correctness of server public key that breath carries
Verify, if correctness is verified, then the SM2 elliptic curve ginseng carried based on above-mentioned server key interaction message
Number, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Sending client key interaction message to above-mentioned server, wherein, above-mentioned client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, in order to above-mentioned server is close based on above-mentioned client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key.
In other embodiments of the present invention, if the first algorithm set is anonymous class algorithm set, then certification interactive unit 630
Can be specifically for, receive the server key interaction message that above-mentioned server sends, wherein, above-mentioned server key interaction message
Carry SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key;Based on above-mentioned
SM2 elliptic curve parameter that server key interaction message carries, server identity information, key exchange elliptic curve point kimonos
Business device PKI calculates the pre-master key of client;
Sending client key interaction message to above-mentioned server, wherein, above-mentioned client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, in order to above-mentioned server is close based on above-mentioned client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key.
In other embodiments of the present invention, if the first algorithm set is anonymous class algorithm set, then certification interactive unit 630
Can be specifically for, receive the server key interaction message that above-mentioned server sends, wherein, above-mentioned server key interaction message
Carry SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key;Based on above-mentioned
SM2 elliptic curve parameter that server key interaction message carries, server identity information, key exchange elliptic curve point kimonos
Business device PKI calculates the pre-master key of client;
Receive the server response end statement message that above-mentioned server sends;
Sending client key interaction message to above-mentioned server, wherein, above-mentioned client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, in order to above-mentioned server is close based on above-mentioned client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key;
Receive the first key replacing statement message that server sends;
Send the second key to above-mentioned server and change statement message.
In some embodiments of the invention, above-mentioned certification interactive unit 630 is additionally operable to, receive that server sends the
Before one key changes statement message, or before sending the second key replacing statement message to above-mentioned server, or to above-mentioned
After server sends client key interaction message, to above-mentioned server transmission client key validation-cross message, wherein,
Above-mentioned client key validation-cross message carries the client verification digest value of SM2 cipher key interaction algorithm;Receive above-mentioned
The server key validation-cross message that server sends after being verified above-mentioned client verification digest value, wherein, on
State server key validation-cross message and carry the server verification digest value of SM2 cipher key interaction algorithm, to above-mentioned server school
Test digest value to verify.
It is understood that the function of each functional module of the client 600 of the present embodiment can be implemented according to said method
Method in example implements, and it implements process and is referred to the associated description of said method embodiment, the most superfluous
State.
The structural representation of a kind of client 700 that Fig. 7 provides for the present invention, as it is shown in fig. 7, the client of the present embodiment
At least one processor 702 of 700 include at least one bus 701, being connected with bus 701 and be connected with bus 701 to
A few memorizer 703.
Wherein, processor 702, by bus 701, calls the code of storage in memorizer 703 and sends for server
Client initialization handshake information, wherein, carries N number of algorithm set mark in above-mentioned client initialization handshake information, above-mentioned N number of
The algorithm set corresponding to each algorithm set mark in M algorithm set mark among algorithm set mark includes SM2 algorithm, on
Stating N more than or equal to above-mentioned M, above-mentioned N and M is positive integer;Receive above-mentioned server send for responding at the beginning of above-mentioned client
The server initiation handshake information of beginningization handshake information, carries the first algorithm set mark in above-mentioned server initiation handshake information
Knowing, the first algorithm set is designated among above-mentioned M algorithm set mark;Based on first corresponding to the first algorithm set mark
Algorithm set carries out safety certification with above-mentioned server.
Wherein, different algorithm sets can have different algorithm set marks.Each algorithm set can include several for recognizing
Card and data transmission algorithm, such as, each algorithm set can include symmetric encipherment algorithm, cipher key interaction algorithm, signature algorithm and
Digest algorithms etc., some algorithm set (such as anonymous class algorithm set) is likely to not include signature algorithm.
In some embodiments of the invention, server can according to self-ability, transmission environment, security requirement etc. because of
Element, selects algorithm set mark (certainly a, service from N number of algorithm set mark that client initialization handshake information is carried
First device can support the various algorithms in its algorithm selected set, and is loaded with relevant parameter), in order to follow-up use is selected
Algorithm set mark corresponding to algorithm set continue and client carry out safety certification.Wherein, client initialization handshake information
Possible identical or different with the form of the algorithm set mark carried in server initialization handshake message.
In some embodiments of the invention, the first algorithm set can be such as certification class algorithm set or anonymous class algorithm
Set;Wherein, if the first algorithm set is anonymous class algorithm set, the first algorithm set includes SM2 unsymmetrical key interactive algorithm, symmetry
AES and digest algorithm;Wherein, if the first algorithm set is certification class algorithm set, the first algorithm set includes: symmetric cryptography
Algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and digest algorithm.
In some embodiments of the invention, if the first algorithm set is certification class algorithm set, then processor 702 and server
Safety certification is carried out based on the first algorithm set corresponding to the first algorithm set mark, it may include: receive what above-mentioned server sent
First message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server to send out
The server key interaction message sent, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, service
Device identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, the first signing messages is base
In the private key of server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server identity information, the exchange of above-mentioned key
Elliptic curve point and above-mentioned server public key carry out signature computing and obtain;Mutual based on the above-mentioned server key received
The first signing messages that message is carried, the SM2 elliptic curve parameter that the above-mentioned server key interaction message received is carried,
The correctness of server identity information, key exchange elliptic curve point and server public key is verified, if correctness is tested
Card passes through, then the SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key
Exchange elliptic curve point and server public key calculate the pre-master key of client;Receive the First Certificate request that above-mentioned server sends
Message;Receive the server response end statement message that above-mentioned server sends;Send for response first to above-mentioned server
Second message of certificate request message, wherein, the second message carries client and calculates based on SM2 signature algorithm or non-SM2 signature
The user certificate of method;Sending client key interaction message to above-mentioned server, wherein, above-mentioned client key interaction message is taken
With the random point on client public key, elliptic curve and client identity information, in order to above-mentioned server is based on above-mentioned client
The client public key that end cipher key interaction message is carried, the random point on elliptic curve and client identity information calculation server are pre-
Master key;Client user's certification authentication message is sent, in order to above-mentioned client is based on above-mentioned client to above-mentioned server
User certificate checking message, verifies the legitimacy of the user certificate that the second message carries;Receive the first key that server sends
Change statement message;Send the second key to above-mentioned server and change statement message.Further, server and client side also may be used
The authentication code of the whole process message sent mutually, the comprised content of authentication code of whole process message and form can be fixed with TLS standard
Justice is the most identical.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then processor 702 and service
Device carries out safety certification based on the first algorithm set corresponding to the first algorithm set mark, it may include: receive above-mentioned server and send
The first message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server
The server key interaction message sent, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, clothes
Business device identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, the first signing messages is
Private key based on server user's certificate, hands over above-mentioned SM2 elliptic curve parameter, above-mentioned server identity information, above-mentioned key
Change elliptic curve point and above-mentioned server public key carries out signature computing and obtains;Hand over based on the above-mentioned server key received
The first signing messages that message is carried mutually, the SM2 elliptic curve carrying the above-mentioned server key interaction message received is joined
The correctness of number, server identity information, key exchange elliptic curve point and server public key is verified, if correctness is carried out
Be verified, then the SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, close
Key exchange elliptic curve point and server public key calculate the pre-master key of client;The First Certificate receiving the transmission of above-mentioned server please
Seek message;Sending the second message for responding First Certificate request message to above-mentioned server, wherein, the second message carries
Client is based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;Client key is sent mutual to above-mentioned server
Message, wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity
Information, in order on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve
Random point and the pre-master key of client identity information calculation server;Send client user's certification authentication to above-mentioned server to disappear
Breath, in order to above-mentioned client, based on above-mentioned client user's certification authentication message, verifies the user certificate that the second message is carried
Legitimacy.Further, the authentication code of the whole process message that server and client side also can send mutually, whole process message
The comprised content of authentication code can be the most identical with the definition of TLS standard with form.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, processor 702 and server
Carry out safety certification based on the first algorithm set corresponding to the first algorithm set mark and comprise the steps that receive that above-mentioned server sends the
One message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server to send
Server key interaction message, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, server
Identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, the first signing messages be based on
The private key of server user's certificate, exchanges ellipse to above-mentioned SM2 elliptic curve parameter, above-mentioned server identity information, above-mentioned key
Circular curve point and above-mentioned server public key carry out signature computing and obtain;Disappear alternately based on the above-mentioned server key received
The first signing messages that breath carries, the SM2 elliptic curve parameter that the above-mentioned server key interaction message received is carried, clothes
The correctness of business device identity information, key exchange elliptic curve point and server public key is verified, if correctness is verified
Pass through, then the SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key are handed over
Change elliptic curve point and server public key calculates the pre-master key of client;The server response receiving the transmission of above-mentioned server terminates
Statement message;Sending client key interaction message to above-mentioned server, wherein, above-mentioned client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, in order to above-mentioned server is close based on above-mentioned client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key;Receive the first key replacing statement message that server sends;Send the second key to above-mentioned server and change statement message.
Further, the authentication code of the whole process message that server and client side also can send mutually, the authentication code institute of whole process message
Comprising content can be the most identical with the definition of TLS standard with form.Further, server and client side also can send out mutually
The authentication code of the whole process message sent, wherein, the comprised content of authentication code of whole process message and form can define with TLS standard
The most identical.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, processor 702 and server
Carry out safety certification based on the first algorithm set corresponding to the first algorithm set mark and comprise the steps that receive that above-mentioned server sends the
One message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server to send
Server key interaction message, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, server
Identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, the first signing messages be based on
The private key of server user's certificate, exchanges ellipse to above-mentioned SM2 elliptic curve parameter, above-mentioned server identity information, above-mentioned key
Circular curve point and above-mentioned server public key carry out signature computing and obtain;Disappear alternately based on the above-mentioned server key received
The first signing messages that breath carries, the SM2 elliptic curve parameter that the above-mentioned server key interaction message received is carried, clothes
The correctness of business device identity information, key exchange elliptic curve point and server public key is verified, if correctness is verified
Pass through, then the SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key are handed over
Change elliptic curve point and server public key calculates the pre-master key of client;Send client key to above-mentioned server to disappear alternately
Breath, the most above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity letter
Breath, in order on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve with
Machine point and the pre-master key of client identity information calculation server.Further, server and client side also can send mutually
The authentication code of whole process message, the comprised content of authentication code of whole process message and form can or bases complete with the definition of TLS standard
This is identical.Further, the authentication code of the whole process message that server and client side also can send mutually, wherein, whole process disappears
The comprised content of authentication code of breath can be the most identical with the definition of TLS standard with form.
In some embodiments of the invention, if the first algorithm set is anonymous class algorithm set, then processor 702 and server
Carry out safety certification based on the first algorithm set corresponding to the first algorithm set mark and comprise the steps that receive that above-mentioned server sends the
One message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server to send
Server key interaction message, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, server
Identity information, key exchange elliptic curve point, server public key;The SM2 carried based on above-mentioned server key interaction message is ellipse
Curve parameters, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;Connect
Receive the server response end statement message that above-mentioned server sends;Client key interaction message is sent to above-mentioned server,
Wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity information,
So that above-mentioned server carry based on above-mentioned client key interaction message client public key, random point on elliptic curve
With the client identity pre-master key of information calculation server;Receive the first key replacing statement message that server sends;Upwards
State server and send the second key replacing statement message.Further, the whole process that server and client side also can send mutually
The authentication code of message, the comprised content of authentication code of whole process message and form can be the most identical with the definition of TLS standard.
Further, the authentication code of the whole process message that server and client side also can send mutually, wherein, the certification of whole process message
The comprised content of code can be the most identical with the definition of TLS standard with form.
In some embodiments of the invention, if the first algorithm set is anonymous class algorithm set, then processor 702 and server
Carry out safety certification based on the first algorithm set corresponding to the first algorithm set mark and comprise the steps that receive that above-mentioned server sends the
One message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server to send
Server key interaction message, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, server
Identity information, key exchange elliptic curve point, server public key;The SM2 carried based on above-mentioned server key interaction message is ellipse
Curve parameters, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;To
Above-mentioned server sends client key interaction message, and wherein, above-mentioned client key interaction message carries client public key, ellipse
Random point on circular curve and client identity information, in order to above-mentioned server is taken based on above-mentioned client key interaction message
Random point on the client public key of band, elliptic curve and the pre-master key of client identity information calculation server.Further,
The authentication code of the whole process message that server and client side also can send mutually, the comprised content of authentication code of whole process message and
Form can be the most identical with the definition of TLS standard.Further, the whole process that server and client side also can send mutually
The authentication code of message, wherein, the comprised content of authentication code of whole process message and form can define wholly or substantially with TLS standard
Identical.
In some embodiments of the invention, processor 702 disappears in the first key replacing statement receiving server transmission
Before breath, or, processor 702 is sending before the second key changes statement message to above-mentioned server, or to above-mentioned service
After device sends client key interaction message, processor 702 also can send client key validation-cross to above-mentioned server
Message, wherein, above-mentioned client key validation-cross message carries the client verification digest value of SM2 cipher key interaction algorithm;Connect
Receive above-mentioned server server key validation-cross of transmission after above-mentioned client verification digest value is verified to disappear
Breath, wherein, above-mentioned server key validation-cross message carries the server verification digest value of SM2 cipher key interaction algorithm, processes
Above-mentioned server verification digest value can be verified by device 702 further.
In other embodiments of the present invention, processor 702 is receiving the first key replacing statement that server sends
Before message, or, processor 702 is sending before the second key changes statement message to above-mentioned server, or to above-mentioned clothes
After business device sends client key interaction message, it is also possible to including: processor 702 receives the server that above-mentioned server sends
Cipher key interaction checking message, wherein, above-mentioned server key validation-cross message carries the server school of SM2 cipher key interaction algorithm
Test digest value;Above-mentioned server verification digest value is verified, after above-mentioned server verification digest value is verified, to
Above-mentioned server sends client key validation-cross message, and wherein, it is close that above-mentioned client key validation-cross message carries SM2
The client verification digest value of key interactive algorithm, above-mentioned client verification digest value can be tested by above-mentioned server further
Card.
The client 700 that the present embodiment provides, may be used for performing the technology of the arbitrary shown embodiment of the method for Fig. 1~Fig. 5
The part that in scheme, client correspondence performs, it is similar with technique effect that it realizes principle, and here is omitted.Fig. 7 is only this
A kind of schematic diagram of the structure of the client 700 of bright offer, concrete structure can be adjusted according to actual.
Fig. 8 describes the structure of a kind of client 800 that the embodiment of the present invention provides, and this client 800 includes: at least one
Individual processor 801, such as CPU, at least one network interface 804 or other user interfaces 803, memorizer 805, at least one
Communication bus 802.Communication bus 802 is for realizing the connection communication between these assemblies.This client 800 optionally comprises use
Family interface 803, including display, keyboard or pointing device (such as, mouse, trace ball (trackball), touch-sensitive plate or
Touch sensitive display screen).Memorizer 805 may comprise high-speed RAM memorizer, it is also possible to also includes non-labile memorizer (non-
Volatile memory), for example, at least one disk memory.Memorizer 805 optionally can comprise at least one and be positioned at far
Storage device from aforementioned processor 801.
In some embodiments, memorizer 805 stores following element, executable module or data structure, or
Their subset of person, or their superset:
Operating system 8051, comprises various system program, is used for realizing various basic business and processing hardware based
Task;
Application program module 8052, comprises various application program, is used for realizing various applied business.
Application program module 8052 includes but not limited to transmitting element 610, receives unit 620 and certification interactive unit
630。
In application program module 8052 each module implement the corresponding module that can be found in embodiment illustrated in fig. 6,
This does not repeats.
In embodiments of the present invention, by calling program or the instruction of memorizer 805 storage, processor 801 can be used for: uses
In sending client initialization handshake information to server, wherein, above-mentioned client initialization handshake information carries N number of algorithm
Set mark, in the algorithm set corresponding to each algorithm set mark in M algorithm set mark among above-mentioned N number of algorithm set mark
Including SM2 algorithm, above-mentioned N is positive integer more than or equal to above-mentioned M, above-mentioned N and M;Receive above-mentioned server send for ringing
Answer the server initiation handshake information of above-mentioned client initialization handshake information, above-mentioned server initiation handshake information is taken
Carrying the first algorithm set mark, the first algorithm set is designated among above-mentioned M algorithm set mark;Based on the first algorithm set mark
The first algorithm set corresponding to knowledge carries out safety certification with above-mentioned server.
Wherein, different algorithm sets can have different algorithm set marks.Each algorithm set can include several for recognizing
Card and data transmission algorithm, such as, each algorithm set can include symmetric encipherment algorithm, cipher key interaction algorithm, signature algorithm and
Digest algorithms etc., some algorithm set (such as anonymous class algorithm set) is likely to not include signature algorithm.
In some embodiments of the invention, server can according to self-ability, transmission environment, security requirement etc. because of
Element, selects algorithm set mark (certainly a, service from N number of algorithm set mark that client initialization handshake information is carried
First device can support the various algorithms in its algorithm selected set, and is loaded with relevant parameter), in order to follow-up use is selected
Algorithm set mark corresponding to algorithm set continue and client carry out safety certification.Wherein, client initialization handshake information
Possible identical or different with the form of the algorithm set mark carried in server initialization handshake message.
In some embodiments of the invention, the first algorithm set can be such as certification class algorithm set or anonymous class algorithm
Set;Wherein, if the first algorithm set is anonymous class algorithm set, the first algorithm set includes SM2 unsymmetrical key interactive algorithm, symmetry
AES and digest algorithm;Wherein, if the first algorithm set is certification class algorithm set, the first algorithm set includes: symmetric cryptography
Algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and digest algorithm.
In some embodiments of the invention, if the first algorithm set is certification class algorithm set, then processor 801 and server
Safety certification is carried out based on the first algorithm set corresponding to the first algorithm set mark, it may include: receive what above-mentioned server sent
First message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server to send out
The server key interaction message sent, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, service
Device identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, the first signing messages is base
In the private key of server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server identity information, the exchange of above-mentioned key
Elliptic curve point and above-mentioned server public key carry out signature computing and obtain;Mutual based on the above-mentioned server key received
The first signing messages that message is carried, the SM2 elliptic curve parameter that the above-mentioned server key interaction message received is carried,
The correctness of server identity information, key exchange elliptic curve point and server public key is verified, if correctness is tested
Card passes through, then the SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key
Exchange elliptic curve point and server public key calculate the pre-master key of client;Receive the First Certificate request that above-mentioned server sends
Message;Receive the server response end statement message that above-mentioned server sends;Send for response first to above-mentioned server
Second message of certificate request message, wherein, the second message carries client and calculates based on SM2 signature algorithm or non-SM2 signature
The user certificate of method;Sending client key interaction message to above-mentioned server, wherein, above-mentioned client key interaction message is taken
With the random point on client public key, elliptic curve and client identity information, in order to above-mentioned server is based on above-mentioned client
The client public key that end cipher key interaction message is carried, the random point on elliptic curve and client identity information calculation server are pre-
Master key;Client user's certification authentication message is sent, in order to above-mentioned client is based on above-mentioned client to above-mentioned server
User certificate checking message, verifies the legitimacy of the user certificate that the second message carries;Receive the first key that server sends
Change statement message;Send the second key to above-mentioned server and change statement message.Further, server and client side also may be used
The authentication code of the whole process message sent mutually, the comprised content of authentication code of whole process message and form can be fixed with TLS standard
Justice is the most identical.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then processor 801 and service
Device carries out safety certification based on the first algorithm set corresponding to the first algorithm set mark, it may include: receive above-mentioned server and send
The first message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server
The server key interaction message sent, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, clothes
Business device identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, the first signing messages is
Private key based on server user's certificate, hands over above-mentioned SM2 elliptic curve parameter, above-mentioned server identity information, above-mentioned key
Change elliptic curve point and above-mentioned server public key carries out signature computing and obtains;Hand over based on the above-mentioned server key received
The first signing messages that message is carried mutually, the SM2 elliptic curve carrying the above-mentioned server key interaction message received is joined
The correctness of number, server identity information, key exchange elliptic curve point and server public key is verified, if correctness is carried out
Be verified, then the SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, close
Key exchange elliptic curve point and server public key calculate the pre-master key of client;The First Certificate receiving the transmission of above-mentioned server please
Seek message;Sending the second message for responding First Certificate request message to above-mentioned server, wherein, the second message carries
Client is based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;Client key is sent mutual to above-mentioned server
Message, wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity
Information, in order on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve
Random point and the pre-master key of client identity information calculation server;Send client user's certification authentication to above-mentioned server to disappear
Breath, in order to above-mentioned client, based on above-mentioned client user's certification authentication message, verifies the user certificate that the second message is carried
Legitimacy.Further, the authentication code of the whole process message that server and client side also can send mutually, whole process message
The comprised content of authentication code can be the most identical with the definition of TLS standard with form.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, processor 801 and server
Carry out safety certification based on the first algorithm set corresponding to the first algorithm set mark and comprise the steps that receive that above-mentioned server sends the
One message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server to send
Server key interaction message, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, server
Identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, the first signing messages be based on
The private key of server user's certificate, exchanges ellipse to above-mentioned SM2 elliptic curve parameter, above-mentioned server identity information, above-mentioned key
Circular curve point and above-mentioned server public key carry out signature computing and obtain;Disappear alternately based on the above-mentioned server key received
The first signing messages that breath carries, the SM2 elliptic curve parameter that the above-mentioned server key interaction message received is carried, clothes
The correctness of business device identity information, key exchange elliptic curve point and server public key is verified, if correctness is verified
Pass through, then the SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key are handed over
Change elliptic curve point and server public key calculates the pre-master key of client;The server response receiving the transmission of above-mentioned server terminates
Statement message;Sending client key interaction message to above-mentioned server, wherein, above-mentioned client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, in order to above-mentioned server is close based on above-mentioned client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key;Receive the first key replacing statement message that server sends;Send the second key to above-mentioned server and change statement message.
Further, the authentication code of the whole process message that server and client side also can send mutually, the authentication code institute of whole process message
Comprising content can be the most identical with the definition of TLS standard with form.Further, server and client side also can send out mutually
The authentication code of the whole process message sent, wherein, the comprised content of authentication code of whole process message and form can define with TLS standard
The most identical.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, processor 801 and server
Carry out safety certification based on the first algorithm set corresponding to the first algorithm set mark and comprise the steps that receive that above-mentioned server sends the
One message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server to send
Server key interaction message, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, server
Identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, the first signing messages be based on
The private key of server user's certificate, exchanges ellipse to above-mentioned SM2 elliptic curve parameter, above-mentioned server identity information, above-mentioned key
Circular curve point and above-mentioned server public key carry out signature computing and obtain;Disappear alternately based on the above-mentioned server key received
The first signing messages that breath carries, the SM2 elliptic curve parameter that the above-mentioned server key interaction message received is carried, clothes
The correctness of business device identity information, key exchange elliptic curve point and server public key is verified, if correctness is verified
Pass through, then the SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key are handed over
Change elliptic curve point and server public key calculates the pre-master key of client;Send client key to above-mentioned server to disappear alternately
Breath, the most above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity letter
Breath, in order on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve with
Machine point and the pre-master key of client identity information calculation server.Further, server and client side also can send mutually
The authentication code of whole process message, the comprised content of authentication code of whole process message and form can or bases complete with the definition of TLS standard
This is identical.Further, the authentication code of the whole process message that server and client side also can send mutually, wherein, whole process disappears
The comprised content of authentication code of breath can be the most identical with the definition of TLS standard with form.
In some embodiments of the invention, if the first algorithm set is anonymous class algorithm set, then processor 801 and server
Carry out safety certification based on the first algorithm set corresponding to the first algorithm set mark and comprise the steps that receive that above-mentioned server sends the
One message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server to send
Server key interaction message, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, server
Identity information, key exchange elliptic curve point, server public key;The SM2 carried based on above-mentioned server key interaction message is ellipse
Curve parameters, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;Connect
Receive the server response end statement message that above-mentioned server sends;Client key interaction message is sent to above-mentioned server,
Wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity information,
So that above-mentioned server carry based on above-mentioned client key interaction message client public key, random point on elliptic curve
With the client identity pre-master key of information calculation server;Receive the first key replacing statement message that server sends;Upwards
State server and send the second key replacing statement message.Further, the whole process that server and client side also can send mutually
The authentication code of message, the comprised content of authentication code of whole process message and form can be the most identical with the definition of TLS standard.
Further, the authentication code of the whole process message that server and client side also can send mutually, wherein, the certification of whole process message
The comprised content of code can be the most identical with the definition of TLS standard with form.
In some embodiments of the invention, if the first algorithm set is anonymous class algorithm set, then processor 801 and server
Carry out safety certification based on the first algorithm set corresponding to the first algorithm set mark and comprise the steps that receive that above-mentioned server sends the
One message, wherein, the first message carries server user certificate based on SM2 signature algorithm;Receive above-mentioned server to send
Server key interaction message, wherein, above-mentioned server key interaction message carries SM2 elliptic curve parameter, server
Identity information, key exchange elliptic curve point, server public key;The SM2 carried based on above-mentioned server key interaction message is ellipse
Curve parameters, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;To
Above-mentioned server sends client key interaction message, and wherein, above-mentioned client key interaction message carries client public key, ellipse
Random point on circular curve and client identity information, in order to above-mentioned server is taken based on above-mentioned client key interaction message
Random point on the client public key of band, elliptic curve and the pre-master key of client identity information calculation server.Further,
The authentication code of the whole process message that server and client side also can send mutually, the comprised content of authentication code of whole process message and
Form can be the most identical with the definition of TLS standard.Further, the whole process that server and client side also can send mutually
The authentication code of message, wherein, the comprised content of authentication code of whole process message and form can define wholly or substantially with TLS standard
Identical.
In some embodiments of the invention, processor 801 disappears in the first key replacing statement receiving server transmission
Before breath, or, processor 801 is sending before the second key changes statement message to above-mentioned server, or to above-mentioned service
After device sends client key interaction message, processor 801 also can send client key validation-cross to above-mentioned server
Message, wherein, above-mentioned client key validation-cross message carries the client verification digest value of SM2 cipher key interaction algorithm;Connect
Receive above-mentioned server server key validation-cross of transmission after above-mentioned client verification digest value is verified to disappear
Breath, wherein, above-mentioned server key validation-cross message carries the server verification digest value of SM2 cipher key interaction algorithm, processes
Above-mentioned server verification digest value can be verified by device 801 further.
In other embodiments of the present invention, processor 801 is receiving the first key replacing statement that server sends
Before message, or, processor 801 is sending before the second key changes statement message to above-mentioned server, or to above-mentioned clothes
After business device sends client key interaction message, it is also possible to including: processor 801 receives the server that above-mentioned server sends
Cipher key interaction checking message, wherein, above-mentioned server key validation-cross message carries the server school of SM2 cipher key interaction algorithm
Test digest value;Above-mentioned server verification digest value is verified, after above-mentioned server verification digest value is verified, to
Above-mentioned server sends client key validation-cross message, and wherein, it is close that above-mentioned client key validation-cross message carries SM2
The client verification digest value of key interactive algorithm, above-mentioned client verification digest value can be tested by above-mentioned server further
Card.
Visible, after using such scheme, introducing and the security authentication mechanism based on tls protocol of SM2 algorithm are had
Machine combines so that SM2 algorithm becomes possible and feasible for safety certification, and then makes to utilize SM2 algorithm to carry out data transmission
Become possible and feasible, and owing to SM2 algorithm is dissolved in security authentication mechanism based on tls protocol, therefore without to setting
For changing and can implement on a large scale, the cost that scheme is implemented is relatively low.Generally speaking, embodiments providing can profit
The reasonable mechanism carried out data transmission with SM2 algorithm, is conducive to accelerating the application paces of SM2 algorithm, and then plays SM2 calculation
Method advantage in terms of safety, is conducive to improving the safety of TLS and performance.
Seeing Fig. 9, the embodiment of the present invention also provides for a kind of server 900, it may include:
Receive unit 910, transmitting element 920 and certification interactive unit 930.
Receive unit 910, for receiving the client initialization handshake information that client sends, wherein, above-mentioned client
Initialization handshake message is carried N number of algorithm set mark, M algorithm set among above-mentioned N number of algorithm set mark identify in every
Algorithm set corresponding to individual algorithm set mark includes SM2 algorithm;
Transmitting element 920, for sending the clothes for responding above-mentioned client initialization handshake information to above-mentioned client
Business device initialization handshake message, wherein, carries above-mentioned server from above-mentioned M algorithm in above-mentioned server initiation handshake information
The first algorithm set mark that set mark is selected, the first algorithm set is designated among above-mentioned M algorithm set mark;
Certification interactive unit 930, for based on the first algorithm set corresponding to the first algorithm set mark and above-mentioned client
Carry out safety certification.
In some embodiments of the invention, the first algorithm set is certification class algorithm set or anonymous class algorithm set,
Wherein, if the first algorithm set is anonymous class algorithm set, then the first algorithm set includes that SM2 unsymmetrical key is calculated alternately
Method, symmetric encipherment algorithm and digest algorithm;Wherein, if the first algorithm set is certification class algorithm set, in the first algorithm set: including:
Symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and digest algorithm.
In some embodiments of the invention, if the first algorithm set is certification class algorithm set, then certification interactive unit 930 can
Specifically for, send the first message to above-mentioned client, wherein, it is based on SM2 signature algorithm that the first message carries server
User certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned
The first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;First Certificate request message is sent to above-mentioned client;Send server response to above-mentioned client and terminate statement message;Connect
Receiving the second message for responding First Certificate request message that above-mentioned client sends, wherein, the second message carries client
End group is in SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;The client key receiving the transmission of above-mentioned client is mutual
Message, wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity
Information, wherein, on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve with
Machine point and the pre-master key of client identity information calculation server;Receive client user's certification authentication that above-mentioned client sends
Message, based on above-mentioned client user's certification authentication message, verifies the legitimacy of the user certificate that the second message carries;To above-mentioned
Client sends the first key and changes statement message;Receive the second key replacing statement message that above-mentioned client sends.Enter one
Step, the authentication code of the whole process message that server and client side also can send mutually, wherein, the authentication code institute of whole process message
Comprising content can be the most identical with the definition of TLS standard with form.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then certification interactive unit 930
Can be specifically for, send the first message to above-mentioned client, wherein, the first message carries server based on SM2 signature algorithm
User certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
There are SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages,
Wherein, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server
Identity information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order on
State the first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned clothes received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the service that business device cipher key interaction message is carried
The correctness of device PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;First Certificate request message is sent to above-mentioned client;Receive above-mentioned client send for respond First Certificate please
Seeking the second message of message, wherein, the second message carries client based on SM2 signature algorithm or the use of non-SM2 signature algorithm
Family certificate;Receiving the client key interaction message that above-mentioned client sends, wherein, above-mentioned client key interaction message carries
Random point on client public key, elliptic curve and client identity information, wherein, above-mentioned server is close based on above-mentioned client
Random point and client identity information calculation server pre-master on client public key that key interaction message carries, elliptic curve are close
Key;Receive client user's certification authentication message that above-mentioned client sends, based on above-mentioned client user's certification authentication message,
Verify the legitimacy of the user certificate that the second message carries.Further, the full stream that server and client side also can send mutually
The authentication code of journey message, wherein, the comprised content of authentication code of whole process message and form can or bases complete with the definition of TLS standard
This is identical.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then certification interactive unit 930
Can be specifically for, send the first message to above-mentioned client, wherein, the first message carries server based on SM2 signature algorithm
User certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
There are SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages,
Wherein, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server
Identity information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order on
State the first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned clothes received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the service that business device cipher key interaction message is carried
The correctness of device PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;Send server response to above-mentioned client and terminate statement message;Receive the client key friendship that above-mentioned client sends
Message mutually, wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client body
Part information, wherein, on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve
Random point and the pre-master key of client identity information calculation server;Send the first key replacing statement to above-mentioned client to disappear
Breath;Receive the second key replacing statement message that above-mentioned client sends.Further, server and client side also can send out mutually
The authentication code of the whole process message sent, wherein, the comprised content of authentication code of whole process message and form can define with TLS standard
The most identical.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then certification interactive unit 930
Can be specifically for, send the first message to above-mentioned client, wherein, the first message carries server based on SM2 signature algorithm
User certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
There are SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages,
Wherein, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server
Identity information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order on
State the first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned clothes received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the service that business device cipher key interaction message is carried
The correctness of device PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;Receiving the client key interaction message that above-mentioned client sends, wherein, above-mentioned client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, wherein, above-mentioned server is based on above-mentioned client key
Random point and client identity information calculation server pre-master on client public key that interaction message carries, elliptic curve are close
Key.Further, the authentication code of the whole process message that server and client side also can send mutually, wherein, whole process message
The comprised content of authentication code can be the most identical with the definition of TLS standard with form.
In other embodiments of the present invention, if the first algorithm set is anonymous class algorithm set, then certification interactive unit 930
Can be specifically for, send the first message to above-mentioned client, wherein, the first message carries server based on SM2 signature algorithm
User certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key is had to exchange elliptic curve point, server public key, in order to above-mentioned client
SM2 elliptic curve parameter that end group carries in above-mentioned server key interaction message, server identity information, key exchange ellipse
Curve point and server public key calculate the pre-master key of client;Send server response to above-mentioned client and terminate statement message;
Receiving the client key interaction message that above-mentioned client sends, wherein, above-mentioned client key interaction message carries client
Random point on PKI, elliptic curve and client identity information, wherein, above-mentioned server is mutual based on above-mentioned client key
Random point on client public key that message is carried, elliptic curve and the pre-master key of client identity information calculation server;To
Above-mentioned client sends the first key and changes statement message;Receive the second key replacing statement message that above-mentioned client sends.
Further, the authentication code of the whole process message that server and client side also can send mutually, wherein, the certification of whole process message
The comprised content of code can be the most identical with the definition of TLS standard with form.
In other embodiments of the present invention, if the first algorithm set is anonymous class algorithm set, then certification interactive unit 930
Can be specifically for, send the first message to above-mentioned client, wherein, the first message carries server based on SM2 signature algorithm
User certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key is had to exchange elliptic curve point, server public key, in order to above-mentioned client
SM2 elliptic curve parameter that end group carries in above-mentioned server key interaction message, server identity information, key exchange ellipse
Curve point and server public key calculate the pre-master key of client;Receive the client key interaction message that above-mentioned client sends,
Wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity information,
Wherein, the random point on above-mentioned server carries based on above-mentioned client key interaction message client public key, elliptic curve
With the client identity pre-master key of information calculation server.Further, the full stream that server and client side also can send mutually
The authentication code of journey message, wherein, the comprised content of authentication code of whole process message and form can or bases complete with the definition of TLS standard
This is identical.
In some embodiments of the invention, certification interactive unit 930 is additionally operable to, close sending first to above-mentioned client
Before statement message changed by key, or before receiving the second key replacing statement message that above-mentioned client sends, or receive
After stating the client key interaction message that client sends, the client key validation-cross receiving the transmission of above-mentioned client disappears
Breath, wherein, above-mentioned client key validation-cross message carries the client verification digest value of SM2 cipher key interaction algorithm;Right
After above-mentioned client verification digest value is verified, to above-mentioned client transmission server key validation-cross message, wherein, on
State server key validation-cross message and carry the server verification digest value of SM2 cipher key interaction algorithm, in order to above-mentioned client
Hold and above-mentioned server verification digest value is verified.
In other embodiments of the present invention, certification interactive unit 930 is additionally operable to, close sending first to above-mentioned client
Before statement message changed by key, or, before receiving the second key replacing statement message that above-mentioned client sends, or receive
After the client key interaction message that above-mentioned client sends, send server key validation-cross to above-mentioned client and disappear
Breath, wherein, above-mentioned server key validation-cross message carries the server verification digest value of SM2 cipher key interaction algorithm;Receive
The client key validation-cross message that above-mentioned client sends after being verified server verification digest value, wherein, on
State client key validation-cross message and carry the client verification digest value of SM2 cipher key interaction algorithm, certification interactive unit 930
Also can be further to the verification digest value checking of above-mentioned client.
It is understood that the function of each functional module of the server 900 of the present embodiment can be implemented according to said method
Method in example implements, and it implements process and is referred to the associated description of said method embodiment, the most superfluous
State.
The structural representation of a kind of server 1000 that Figure 10 provides for the present invention, as shown in Figure 10, the visitor of the present embodiment
Family end 1000 includes at least one bus 1001, be connected with bus 1001 at least one processor 1002 and with bus 1001
At least one memorizer 1003 being connected.
Wherein, processor 1002, by bus 1001, calls the code stored in memorizer 1003 for receiving client
The client initialization handshake information that end sends, wherein, carries N number of algorithm set mark in above-mentioned client initialization handshake information
Knowing, the algorithm set corresponding to each algorithm set mark in M algorithm set mark among above-mentioned N number of algorithm set mark includes
SM2 algorithm;Send to shake hands for the server initiation responding above-mentioned client initialization handshake information to above-mentioned client and disappear
Breath, wherein, carries above-mentioned server and identifies, from above-mentioned M algorithm set, first selected in above-mentioned server initiation handshake information
Algorithm set mark, the first algorithm set is designated among above-mentioned M algorithm set mark;Right based on the first algorithm set mark
The the first algorithm set answered carries out safety certification with above-mentioned client.
In some embodiments of the invention, the first algorithm set is certification class algorithm set or anonymous class algorithm set,
Wherein, if the first algorithm set is anonymous class algorithm set, then the first algorithm set includes that SM2 unsymmetrical key is calculated alternately
Method, symmetric encipherment algorithm and digest algorithm;Wherein, if the first algorithm set is certification class algorithm set, in the first algorithm set: including:
Symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and digest algorithm.
In some embodiments of the invention, processor 1002 can be according to server 1000 ability, transmission environment, safety
The factors such as requirement, the N number of algorithm carried from client initialization handshake information set mark is selected an algorithm set mark (when
So, first server can support the various algorithms in its algorithm selected set, and is loaded with relevant parameter), in order to follow-up
Use the algorithm set corresponding to the algorithm selected set mark to continue and client carries out safety certification.Wherein, client initialization
The form of the algorithm set mark carried in handshake information and server initialization handshake message may be identical or different.
In some embodiments of the invention, if the first algorithm set is certification class algorithm set, then processor 1002 can be concrete
For, send the first message to above-mentioned client, wherein, the first message carries server user based on SM2 signature algorithm
Certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries SM2
Elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein,
First signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server identity letter
Breath, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned client
The first signing messages that end group carries in the above-mentioned server key interaction message received, close to the above-mentioned server received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server public key that key interaction message carries
Correctness verify, if correctness is verified, then the SM2 carried based on above-mentioned server key interaction message is ellipse
Curve parameters, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;To
Above-mentioned client sends First Certificate request message;Send server response to above-mentioned client and terminate statement message;In reception
Stating the second message for responding First Certificate request message that client sends, wherein, the second message carries client's end group
In SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;The client key receiving the transmission of above-mentioned client disappears alternately
Breath, wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity letter
Breath, wherein, random on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve
Point and the client identity pre-master key of information calculation server;The client user's certification authentication receiving the transmission of above-mentioned client disappears
Breath, based on above-mentioned client user's certification authentication message, verifies the legitimacy of the user certificate that the second message carries;To above-mentioned visitor
Family end sends the first key and changes statement message;Receive the second key replacing statement message that above-mentioned client sends.Further
, the authentication code of the whole process message that server and client side also can send mutually, wherein, the authentication code of whole process message is wrapped
Can be the most identical with the definition of TLS standard with form containing content.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then processor 1002 can have
Body is used for, and sends the first message to above-mentioned client, and wherein, the first message carries server use based on SM2 signature algorithm
Family certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned
The first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;First Certificate request message is sent to above-mentioned client;Receive above-mentioned client send for respond First Certificate request
Second message of message, wherein, the second message carries client based on SM2 signature algorithm or the user of non-SM2 signature algorithm
Certificate;Receiving the client key interaction message that above-mentioned client sends, wherein, above-mentioned client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, wherein, above-mentioned server is based on above-mentioned client key
Random point and client identity information calculation server pre-master on client public key that interaction message carries, elliptic curve are close
Key;Receive client user's certification authentication message that above-mentioned client sends, based on above-mentioned client user's certification authentication message,
Verify the legitimacy of the user certificate that the second message carries.Further, the full stream that server and client side also can send mutually
The authentication code of journey message, wherein, the comprised content of authentication code of whole process message and form can or bases complete with the definition of TLS standard
This is identical.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then processor 1002 can have
Body is used for, and sends the first message to above-mentioned client, and wherein, the first message carries server use based on SM2 signature algorithm
Family certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned
The first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;Send server response to above-mentioned client and terminate statement message;The client key receiving the transmission of above-mentioned client is mutual
Message, wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity
Information, wherein, on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve with
Machine point and the pre-master key of client identity information calculation server;Send the first key to above-mentioned client and change statement message;
Receive the second key replacing statement message that above-mentioned client sends.Further, server and client side also can send mutually
The authentication code of whole process message, wherein, the comprised content of authentication code of whole process message and form can define with TLS standard
Complete or essentially identical.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then processor 1002 can have
Body is used for, and sends the first message to above-mentioned client, and wherein, the first message carries server use based on SM2 signature algorithm
Family certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned
The first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;Receiving the client key interaction message that above-mentioned client sends, wherein, above-mentioned client key interaction message carries client
Random point on end PKI, elliptic curve and client identity information, wherein, above-mentioned server is handed over based on above-mentioned client key
Random point on client public key that mutually message is carried, elliptic curve and the pre-master key of client identity information calculation server.
Further, the authentication code of the whole process message that server and client side also can send mutually, wherein, the certification of whole process message
The comprised content of code can be the most identical with the definition of TLS standard with form.
In other embodiments of the present invention, if the first algorithm set is anonymous class algorithm set, then processor 1002 can have
Body is used for, and sends the first message to above-mentioned client, and wherein, the first message carries server use based on SM2 signature algorithm
Family certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key, in order to above-mentioned client
The SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key exchange are oval bent
Line point and server public key calculate the pre-master key of client;Send server response to above-mentioned client and terminate statement message;Connect
Receiving the client key interaction message that above-mentioned client sends, wherein, it is public that above-mentioned client key interaction message carries client
Random point on key, elliptic curve and client identity information, wherein, above-mentioned server disappears alternately based on above-mentioned client key
The client public key that breath carries, the random point on elliptic curve and the pre-master key of client identity information calculation server;Upwards
State client and send the first key replacing statement message;Receive the second key replacing statement message that above-mentioned client sends.Enter
One step, the authentication code of the whole process message that server and client side also can send mutually, wherein, the authentication code of whole process message
Comprised content can be the most identical with the definition of TLS standard with form.
In other embodiments of the present invention, if the first algorithm set is anonymous class algorithm set, then processor 1002 can have
Body is used for, and sends the first message to above-mentioned client, and wherein, the first message carries server use based on SM2 signature algorithm
Family certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key, in order to above-mentioned client
The SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key exchange are oval bent
Line point and server public key calculate the pre-master key of client;Receive the client key interaction message that above-mentioned client sends, its
In, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity information, its
In, random point on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve and
The pre-master key of client identity information calculation server.Further, the whole process that server and client side also can send mutually
The authentication code of message, wherein, the comprised content of authentication code of whole process message and form can define wholly or substantially with TLS standard
Identical.
In other embodiments of the present invention, processor 1002 can be additionally used in, and is sending the first key to above-mentioned client
Before changing statement message, or, before receiving the second key replacing statement message that above-mentioned client sends, or receive visitor
After the client key interaction message that family end sends, to above-mentioned client transmission server key validation-cross message, wherein,
Above-mentioned server key validation-cross message carries the server verification digest value of SM2 cipher key interaction algorithm;Receive above-mentioned client
Hold the client key validation-cross message sent after server verification digest value is verified, wherein, above-mentioned client
Cipher key interaction checking message carries the client verification digest value of SM2 cipher key interaction algorithm, and processor 1002 also can be the most right
The verification digest value checking of above-mentioned client.
The server 1000 that the present embodiment provides, may be used for performing the technology of the arbitrary shown embodiment of the method for Fig. 1~Fig. 5
The part that in scheme, server correspondence performs, it is similar with technique effect that it realizes principle, and here is omitted.Wherein, Figure 10 is only
For a kind of schematic diagram of structure of the server 1000 that the present invention provides, concrete structure can be adjusted according to actual.
Figure 11 describes the structure of a kind of server 1100 that the embodiment of the present invention provides, and this server 1100 includes: extremely
Few 1 processor 1101, such as CPU, at least 1 network interface 1104 or other user interfaces 1103, memorizer 1105, extremely
A few communication bus 1102.Communication bus 1102 is for realizing the connection communication between these assemblies.This server 1100 can
Choosing comprise user interface 1103, including display, keyboard or pointing device (such as, mouse, trace ball (trackball),
Touch-sensitive plate or touch sensitive display screen).Memorizer 1105 may comprise high-speed RAM memorizer, it is also possible to also includes non-labile
Memorizer (non-volatile memory), for example, at least one disk memory.Memorizer 1105 optionally can comprise to
A few storage device being located remotely from aforementioned processor 1101.
In some embodiments, memorizer 1105 stores following element, executable module or data structure, or
Their subset of person, or their superset:
Operating system 11051, comprises various system program, is used for realizing various basic business and processing hardware based
Task;
Application program module 11052, comprises various application program, is used for realizing various applied business.
Application program module 11052 includes but not limited to receive unit 910, transmitting element 920 and certification interactive unit
930。
In application program module 11052 each module implement the corresponding module that can be found in embodiment illustrated in fig. 9,
This does not repeats.
In embodiments of the present invention, by calling program or the instruction of memorizer 1105 storage, processor 1101 can be used for:
Receive the client initialization handshake information that client sends, wherein, above-mentioned client initialization handshake information carries N number of calculation
Method set mark, the algorithm set corresponding to each algorithm set mark in M algorithm set mark among above-mentioned N number of algorithm set mark
Include SM2 algorithm;The server initiation for responding above-mentioned client initialization handshake information is sent to above-mentioned client
Handshake information, wherein, carries above-mentioned server and selects from above-mentioned M algorithm set mark in above-mentioned server initiation handshake information
The first algorithm set mark, the first algorithm set be designated above-mentioned M algorithm set identify among one;Based on the first algorithm set mark
The first algorithm set corresponding to knowledge carries out safety certification with above-mentioned client.
In some embodiments of the invention, the first algorithm set is certification class algorithm set or anonymous class algorithm set,
Wherein, if the first algorithm set is anonymous class algorithm set, then the first algorithm set includes that SM2 unsymmetrical key is calculated alternately
Method, symmetric encipherment algorithm and digest algorithm;Wherein, if the first algorithm set is certification class algorithm set, in the first algorithm set: including:
Symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and digest algorithm.
In some embodiments of the invention, processor 1101 can be according to server 1000 ability, transmission environment, safety
The factors such as requirement, the N number of algorithm carried from client initialization handshake information set mark is selected an algorithm set mark (when
So, first server can support the various algorithms in its algorithm selected set, and is loaded with relevant parameter), in order to follow-up
Use the algorithm set corresponding to the algorithm selected set mark to continue and client carries out safety certification.Wherein, client initialization
The form of the algorithm set mark carried in handshake information and server initialization handshake message may be identical or different.
In some embodiments of the invention, if the first algorithm set is certification class algorithm set, then processor 1101 can be concrete
For, send the first message to above-mentioned client, wherein, the first message carries server user based on SM2 signature algorithm
Certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries SM2
Elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein,
First signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server identity letter
Breath, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned client
The first signing messages that end group carries in the above-mentioned server key interaction message received, close to the above-mentioned server received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server public key that key interaction message carries
Correctness verify, if correctness is verified, then the SM2 carried based on above-mentioned server key interaction message is ellipse
Curve parameters, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;To
Above-mentioned client sends First Certificate request message;Send server response to above-mentioned client and terminate statement message;In reception
Stating the second message for responding First Certificate request message that client sends, wherein, the second message carries client's end group
In SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;The client key receiving the transmission of above-mentioned client disappears alternately
Breath, wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity letter
Breath, wherein, random on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve
Point and the client identity pre-master key of information calculation server;The client user's certification authentication receiving the transmission of above-mentioned client disappears
Breath, based on above-mentioned client user's certification authentication message, verifies the legitimacy of the user certificate that the second message carries;To above-mentioned visitor
Family end sends the first key and changes statement message;Receive the second key replacing statement message that above-mentioned client sends.Further
, the authentication code of the whole process message that server and client side also can send mutually, wherein, the authentication code of whole process message is wrapped
Can be the most identical with the definition of TLS standard with form containing content.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then processor 1101 can have
Body is used for, and sends the first message to above-mentioned client, and wherein, the first message carries server use based on SM2 signature algorithm
Family certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned
The first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;First Certificate request message is sent to above-mentioned client;Receive above-mentioned client send for respond First Certificate request
Second message of message, wherein, the second message carries client based on SM2 signature algorithm or the user of non-SM2 signature algorithm
Certificate;Receiving the client key interaction message that above-mentioned client sends, wherein, above-mentioned client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, wherein, above-mentioned server is based on above-mentioned client key
Random point and client identity information calculation server pre-master on client public key that interaction message carries, elliptic curve are close
Key;Receive client user's certification authentication message that above-mentioned client sends, based on above-mentioned client user's certification authentication message,
Verify the legitimacy of the user certificate that the second message carries.Further, the full stream that server and client side also can send mutually
The authentication code of journey message, wherein, the comprised content of authentication code of whole process message and form can or bases complete with the definition of TLS standard
This is identical.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then processor 1101 can have
Body is used for, and sends the first message to above-mentioned client, and wherein, the first message carries server use based on SM2 signature algorithm
Family certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned
The first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;Send server response to above-mentioned client and terminate statement message;The client key receiving the transmission of above-mentioned client is mutual
Message, wherein, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity
Information, wherein, on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve with
Machine point and the pre-master key of client identity information calculation server;Send the first key to above-mentioned client and change statement message;
Receive the second key replacing statement message that above-mentioned client sends.Further, server and client side also can send mutually
The authentication code of whole process message, wherein, the comprised content of authentication code of whole process message and form can define with TLS standard
Complete or essentially identical.
In other embodiments of the present invention, if the first algorithm set is certification class algorithm set, then processor 1101 can have
Body is used for, and sends the first message to above-mentioned client, and wherein, the first message carries server use based on SM2 signature algorithm
Family certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, the first signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, above-mentioned server body
Part information, above-mentioned key exchange elliptic curve point and above-mentioned server public key carry out signature computing and obtain, in order to above-mentioned
The first signing messages that client is carried based on the above-mentioned server key interaction message received, to the above-mentioned service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on above-mentioned server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;Receiving the client key interaction message that above-mentioned client sends, wherein, above-mentioned client key interaction message carries client
Random point on end PKI, elliptic curve and client identity information, wherein, above-mentioned server is handed over based on above-mentioned client key
Random point on client public key that mutually message is carried, elliptic curve and the pre-master key of client identity information calculation server.
Further, the authentication code of the whole process message that server and client side also can send mutually, wherein, the certification of whole process message
The comprised content of code can be the most identical with the definition of TLS standard with form.
In other embodiments of the present invention, if the first algorithm set is anonymous class algorithm set, then processor 1101 can have
Body is used for, and sends the first message to above-mentioned client, and wherein, the first message carries server use based on SM2 signature algorithm
Family certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key, in order to above-mentioned client
The SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key exchange are oval bent
Line point and server public key calculate the pre-master key of client;Send server response to above-mentioned client and terminate statement message;Connect
Receiving the client key interaction message that above-mentioned client sends, wherein, it is public that above-mentioned client key interaction message carries client
Random point on key, elliptic curve and client identity information, wherein, above-mentioned server disappears alternately based on above-mentioned client key
The client public key that breath carries, the random point on elliptic curve and the pre-master key of client identity information calculation server;Upwards
State client and send the first key replacing statement message;Receive the second key replacing statement message that above-mentioned client sends.Enter
One step, the authentication code of the whole process message that server and client side also can send mutually, wherein, the authentication code of whole process message
Comprised content can be the most identical with the definition of TLS standard with form.
In other embodiments of the present invention, if the first algorithm set is anonymous class algorithm set, then processor 1101 can have
Body is used for, and sends the first message to above-mentioned client, and wherein, the first message carries server use based on SM2 signature algorithm
Family certificate;Sending server key interaction message to above-mentioned client, wherein, above-mentioned server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key, in order to above-mentioned client
The SM2 elliptic curve parameter carried based on above-mentioned server key interaction message, server identity information, key exchange are oval bent
Line point and server public key calculate the pre-master key of client;Receive the client key interaction message that above-mentioned client sends, its
In, above-mentioned client key interaction message carries the random point on client public key, elliptic curve and client identity information, its
In, random point on client public key that above-mentioned server carries based on above-mentioned client key interaction message, elliptic curve and
The pre-master key of client identity information calculation server.Further, the whole process that server and client side also can send mutually
The authentication code of message, wherein, the comprised content of authentication code of whole process message and form can define wholly or substantially with TLS standard
Identical.
In other embodiments of the present invention, processor 1101 can be additionally used in, and is sending the first key to above-mentioned client
Before changing statement message, or, before receiving the second key replacing statement message that above-mentioned client sends, or receive visitor
After the client key interaction message that family end sends, to above-mentioned client transmission server key validation-cross message, wherein,
Above-mentioned server key validation-cross message carries the server verification digest value of SM2 cipher key interaction algorithm;Receive above-mentioned client
Hold the client key validation-cross message sent after server verification digest value is verified, wherein, above-mentioned client
Cipher key interaction checking message carries the client verification digest value of SM2 cipher key interaction algorithm, and processor 1101 also can be the most right
The verification digest value checking of above-mentioned client.
The server 1100 that the present embodiment provides, may be used for performing the technology of the arbitrary shown embodiment of the method for Fig. 1~Fig. 5
The part that in scheme, server correspondence performs, it is similar with technique effect that it realizes principle, and here is omitted.
Visible, after using such scheme, introducing and the security authentication mechanism based on tls protocol of SM2 algorithm are had
Machine combines so that SM2 algorithm becomes possible and feasible for safety certification, and then makes to utilize SM2 algorithm to carry out data transmission
Become possible and feasible, and owing to SM2 algorithm is dissolved in security authentication mechanism based on tls protocol, therefore without to setting
For changing and can implement on a large scale, the cost that scheme is implemented is relatively low.Generally speaking, embodiments providing can profit
The reasonable mechanism carried out data transmission with SM2 algorithm, is conducive to accelerating the application paces of SM2 algorithm, and then plays SM2 calculation
Method advantage in terms of safety, is conducive to improving the safety of TLS and performance.
Seeing Figure 12, the embodiment of the present invention also provides for a kind of communication system, it may include:
Client 1210 and server 1220,
Wherein, client 1210, for sending at the beginning of client initialization handshake information, above-mentioned client to server 1220
Beginningization handshake information is carried N number of algorithm set mark, M algorithm set among above-mentioned N number of algorithm set mark identify in each
Algorithm set corresponding to algorithm set mark includes SM2 algorithm, and wherein, above-mentioned N is just more than or equal to above-mentioned M, above-mentioned N and M
Integer;
Server 1220, for sending the service for responding above-mentioned client initialization handshake information to above-mentioned client
Device initialization handshake message, wherein, carries the first algorithm set mark, the first algorithm set in above-mentioned server initiation handshake information
It is designated among above-mentioned M algorithm set mark;Overlap with above-mentioned based on the first algorithm corresponding to the first algorithm set mark
Client carries out safety certification.
In some embodiments of the invention, the first algorithm set can be such as certification class algorithm set or anonymous class algorithm
Set;Wherein, if the first algorithm set is anonymous class algorithm set, the first algorithm set includes SM2 unsymmetrical key interactive algorithm, symmetry
AES and digest algorithm;Wherein, if the first algorithm set is certification class algorithm set, the first algorithm set includes: symmetric cryptography
Algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and digest algorithm.
In some embodiments of the invention, if the first algorithm set is for certification class algorithm set, server 1220 specifically for,
The server initiation handshake information for customer in response end initialization handshake message, wherein, service is sent to client 1210
Carrying the first algorithm set mark in device initialization handshake message, the first algorithm set is designated among above-mentioned M algorithm set mark
One, sending the first message to client 1210, wherein, the first message carries server user based on SM2 signature algorithm
Certificate;Sending server key interaction message to client 1210, wherein, it is oval that server key interaction message carries SM2
Parameter of curve, server identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, first
Signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, server identity information, above-mentioned
Key exchange elliptic curve point and server public key carry out signature computing and obtain, in order to client 1210 is based on receiving
The first signing messages of carrying of server key interaction message, the SM2 that the server key interaction message received is carried
The correctness of elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key is verified, if
Correctness is verified, then the SM2 elliptic curve parameter carried based on server key interaction message, server identity letter
Breath, key exchange elliptic curve point and server public key calculate the pre-master key of client;First Certificate is sent to client 1210
Request message;Receive the second message for responding First Certificate request message that client 1210 sends, wherein, the second message
Carry client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;Receive the client that client 1210 sends
End cipher key interaction message, wherein, client key interaction message carries the random point on client public key, elliptic curve and client
End identity information, the random point on the client public key carried based on client key interaction message, elliptic curve and client
The pre-master key of identity information calculation server;Receive client user's certification authentication message that client 1210 sends, based on visitor
Family end subscriber certification authentication message, verifies the legitimacy of the user certificate that the second message carries.
In some embodiments of the invention, if the first algorithm set is certification class algorithm set, then server 1220 is specifically used
In, send the server initiation handshake information for customer in response end initialization handshake message, wherein, clothes to client 1210
Carrying the first algorithm set mark in business device initialization handshake message, the first algorithm set is designated among above-mentioned M algorithm set mark
One;Sending the first message to client 1210, wherein, the first message carries server use based on SM2 signature algorithm
Family certificate;Sending server key interaction message to client 1210, wherein, it is ellipse that server key interaction message carries SM2
Curve parameters, server identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, the
One signing messages is private key based on server user's certificate, to above-mentioned SM2 elliptic curve parameter, server identity information, on
State key exchange elliptic curve point and server public key carries out signature computing and obtains, in order to client 1210 is based on reception
To the first signing messages of carrying of server key interaction message, the server key interaction message received is carried
The correctness of SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key is tested
Card, if correctness is verified, then the SM2 elliptic curve parameter carried based on server key interaction message, server
Identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;Receive client 1210 to send
Client key interaction message, wherein, client key interaction message carries the random point on client public key, elliptic curve
With client identity information, wherein, the client public key that server 1220 carries based on client key interaction message, oval song
Random point on line and the pre-master key of client identity information calculation server.
In some embodiments of the invention, if the first algorithm set is anonymous class algorithm set, then server 1220 is specifically used
In, send the server initiation handshake information for customer in response end initialization handshake message, wherein, clothes to client 1210
Carrying the first algorithm set mark in business device initialization handshake message, the first algorithm set is designated among above-mentioned M algorithm set mark
One;Sending server key interaction message to client 1210, wherein, it is ellipse that server key interaction message carries SM2
Curve parameters, server identity information, key exchange elliptic curve point and server public key, in order to client 1210 based on
SM2 elliptic curve parameter that server key interaction message carries, server identity information, key exchange elliptic curve point kimonos
Business device PKI calculates the pre-master key of client;Receive the client key interaction message that client 1210 sends, wherein, client
Cipher key interaction message carries the random point on client public key, elliptic curve and client identity information, wherein, server 1220
Random point and client identity information on the client public key carried based on client key interaction message, elliptic curve calculate
The pre-master key of server.
In some embodiments of the invention, send the first key replacing statement at server 1220 to client 1210 to disappear
Before breath, or, before server 1220 receives the second key replacing statement message that client 1210 sends, or, clothes
After business device 1220 receives the client key interaction message that client 1210 sends, it is also possible to including: server 1220 is to visitor
Family end 1210 sends server key validation-cross message, and wherein, server key validation-cross message carries SM2 cipher key interaction
The server verification digest value of algorithm;Server 1220 receives client 1210 after being verified server verification digest value
The client key validation-cross message sent, wherein, above-mentioned client key validation-cross message is carried SM2 cipher key interaction and is calculated
The client verification digest value of method, server 1220 can be further to the verification digest value checking of above-mentioned client.
In other embodiments of the present invention, send the first key at server 1220 to client 1210 and change statement
Before message, or, before server 1220 receives the second key replacing statement message that client 1210 sends, or, service
Device 1220 may also include that server 1220 receives client after receiving the client key interaction message that client 1210 sends
The 1210 client key validation-cross message sent, wherein, above-mentioned client key validation-cross message is carried SM2 key and is handed over
The client verification digest value of algorithm mutually;After above-mentioned client verification digest value is verified, send to client 1210
Server key validation-cross message, wherein, above-mentioned server key validation-cross message carries the clothes of SM2 cipher key interaction algorithm
Business device verification digest value, in order to above-mentioned server verification digest value is verified by client 1210.Client 1210 can be entered
Above-mentioned server verification digest value is verified by one step.
Wherein, client 1210 such as can be such as the client 600 described in above-described embodiment, client 700 or client
900, server 1220 such as can be such as the server 900 described in above-described embodiment, server 1000 or server 1100.
The embodiment of the present invention also provides for the schematic diagram of a kind of mobile terminal 1300, and wherein, mobile terminal 1300 can be used for reality
Client or the part or all of function of server in existing above-described embodiment.
As shown in figure 13, for convenience of description, illustrate only some parts that may be relevant to the embodiment of the present invention, specifically
Ins and outs do not disclose, and refer to embodiment of the present invention method part.
Wherein, Figure 13 is illustrated that the part-structure of mobile terminal that the terminal provided to the embodiment of the present invention may be relevant
Block diagram.With reference to Figure 13, mobile terminal includes radio frequency (Radio Frequency, RF) circuit 1310, memorizer 1320, input
Unit 1330, Wireless Fidelity (wireless fidelity, WiFi) module 1370, display unit 1340, sensor 1350, sound
The parts such as frequency circuit 1360, processor 1380 and power supply 1390.
Wherein, it will be understood by those skilled in the art that the mobile terminal structure shown in Figure 13 is not intended that mobile whole
The restriction of end, can include that ratio illustrates more or less of parts, or combine some parts, or different parts are arranged.
RF circuit 1310 can be used for receiving and sending messages or in communication process, and the reception of signal and transmission, especially, by base station
Downlink information receive after, process to processor 1380;It addition, be sent to base station by designing up data.Generally, RF circuit
Include but not limited to antenna, at least one amplifier, transceiver, bonder, low-noise amplifier (Low Noise
Amplifier, LNA), duplexer etc..Additionally, RF circuit 1310 can also be led to network and other equipment by radio communication
Letter.Above-mentioned radio communication can use arbitrary communication standard or agreement, includes but not limited to global system for mobile communications (Global
System of Mobile communication, GSM), general packet radio service (General Packet Radio
Service, GPRS), CDMA (Code Division Multiple Access, CDMA), WCDMA
(Wideband Code Division Multiple Access, WCDMA), Long Term Evolution (Long Term Evolution,
LTE)), Email, Short Message Service (Short Messaging Service, SMS) etc..
Wherein, memorizer 1320 can be used for storing software program and module, and processor 1380 is stored in by operation
The software program of reservoir 1320 and module, thus perform the application of various functions and the data process of mobile terminal.Memorizer
1320 can mainly include storing program area and storage data field, and wherein, storage program area can store operating system, at least one merit
Application program (such as sound-playing function, image player function etc.) etc. needed for energy;Storage data field can store according to mobile whole
The data (such as voice data, phone directory etc.) etc. that the use of end is created.Additionally, memorizer 1320 can include depositing at random at a high speed
Access to memory, it is also possible to include nonvolatile memory, for example, at least one disk memory, flush memory device or other are easy
The property lost solid-state memory.
Input block 1330 can be used for receiving numeral or the character information of input, and produces the use with mobile terminal 1300
Family is arranged and function controls relevant key signals input.Specifically, input block 1330 can include contact panel 1331 and
Other input equipments 1332.Contact panel 1331, also referred to as touch screen, can collect user thereon or neighbouring touch operation
(such as user uses any applicable object such as finger, stylus or adnexa on contact panel 1331 or at contact panel 1331
Neighbouring operation), and drive corresponding attachment means according to formula set in advance.Optionally, contact panel 1331 can include
Touch detecting apparatus and two parts of touch controller.Wherein, the touch orientation of touch detecting apparatus detection user, and detect tactile
Touch the signal that operation brings, transmit a signal to touch controller;Touch controller receives touch letter from touch detecting apparatus
Breath, and is converted into contact coordinate, then gives processor 1380, and can receive order that processor 1380 sends and be held
OK.Furthermore, it is possible to use the polytypes such as resistance-type, condenser type, infrared ray and surface acoustic wave to realize contact panel 1331.Remove
Contact panel 1331, input block 1330 can also include other input equipments 1332.Specifically, other input equipments 1332
Physical keyboard, function key (such as volume control button, switch key etc.), trace ball, mouse, operation can be included but not limited to
One or more in bar etc..
Wherein, display unit 1340 can be used for showing the information inputted by user or the information being supplied to user and movement
The various menus of terminal.Display unit 1340 can include display floater 1341, optionally, can use liquid crystal display
(Liquid Crystal Display, LCD), Organic Light Emitting Diode (Organic Light-Emitting Diode,
Etc. OLED) form configures display floater 1341.Further, contact panel 1331 can cover display floater 1341, works as touch-control
Panel 1331 detects thereon or after neighbouring touch operation, sends processor 1380 to determine the type of touch event,
On display floater 1341, corresponding visual output is provided according to the type of touch event with preprocessor 1380.Although at Figure 13
In, contact panel 1331 and display floater 1341 are to realize input and the input work of mobile terminal as two independent parts
Can, but in some embodiments it is possible to by integrated with display floater 1341 for contact panel 1331 and realize the defeated of mobile terminal
Enter and output function.
Wherein, mobile terminal 1300 may also include at least one sensor 1350, such as optical sensor, motion sensor with
And other sensors.Specifically, optical sensor can include ambient light sensor and proximity transducer, wherein, ambient light sensor
Can regulate the brightness of display floater 1341 according to the light and shade of ambient light, proximity transducer can move in one's ear at mobile terminal
Time, close display floater 1341 and/or backlight.As the one of motion sensor, accelerometer sensor can detect all directions
The size of upper (generally three axles) acceleration, can detect that size and the direction of gravity time static, can be used for identifying mobile terminal
The application (such as horizontal/vertical screen switching, dependent game, magnetometer pose calibrating) of attitude, Vibration identification correlation function (such as count step
Device, percussion) etc.;Gyroscope, barometer, drimeter, thermometer and the infrared ray sensor etc. that can also configure as mobile terminal
Other sensors, do not repeat them here.
Voicefrequency circuit 1360, speaker 1361, microphone 1362 can provide the audio interface between user and mobile terminal.
The signal of telecommunication after the voice data conversion that voicefrequency circuit 1360 can will receive, is transferred to speaker 1361, by speaker 1361
Be converted to acoustical signal output;On the other hand, the acoustical signal of collection is converted to the signal of telecommunication by microphone 1362, by voicefrequency circuit
1360 receive after be converted to voice data, then after being processed by voice data output processor 1380, through RF circuit 1310 to send
Give such as another mobile terminal, or voice data is exported to memorizer 1320 to process further.
WiFi belongs to short range wireless transmission technology, and mobile terminal can help user to receive and dispatch electricity by WiFi module 1370
Sub-mail, browsing webpage and access streaming video etc., it has provided the user wireless broadband internet and has accessed.Although Figure 13 shows
Go out WiFi module 1370, but it is understood that, it is also not belonging to must be configured into of mobile terminal 1300, completely can root
Omit in not changing the scope of essence of invention according to needs.
Processor 1380 is the control centre of mobile terminal, utilizes each of various interface and the whole mobile terminal of connection
Individual part, is stored in the software program in memorizer 1320 and/or module by running or performing, and calls and be stored in storage
Data in device 1320, perform the various functions of mobile terminal and process data, thus mobile terminal is carried out integral monitoring.Can
Choosing, processor 1380 can include one or more processing unit;Preferably, processor 1380 can integrated application processor and tune
Demodulation processor processed, wherein, application processor mainly processes operating system, user interface and application program etc., and modulatedemodulate is mediated
Reason device mainly processes radio communication.It is understood that above-mentioned modem processor can not also be integrated into processor 1380
In.
Mobile terminal 1300 also includes the power supply 1390(such as battery powered to all parts), it is preferred that power supply is permissible
Logically contiguous with processor 1380 by power-supply management system, thus by power-supply management system realize management charging, electric discharge, with
And the function such as power managed.Although not shown, mobile terminal 1300 can also include photographic head, bluetooth module etc., at this no longer
Repeat.
The embodiment of the present invention also provides for a kind of computer-readable storage medium, and wherein, this computer-readable storage medium can store journey
Sequence, this program includes the part or all of step of the safety certifying method described in said method embodiment when performing.
It should be noted that for aforesaid each method embodiment, in order to be briefly described, therefore it is all expressed as a series of
Combination of actions, but those skilled in the art should know, the present invention is not limited by described sequence of movement because
According to the present invention, some step can use other orders or carry out simultaneously.Secondly, those skilled in the art also should know
Knowing, embodiment described in this description belongs to preferred embodiment, involved action and the module not necessarily present invention
Necessary.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, and does not has the portion described in detail in certain embodiment
Point, may refer to the associated description of other embodiments.
In several embodiments provided herein, it should be understood that disclosed device, can be by another way
Realize.Such as, device embodiment described above is only schematically, and the division of such as said units is only one
Logic function divides, actual can have when realizing other dividing mode, the most multiple unit or assembly can in conjunction with or can
To be integrated into another system, or some features can be ignored, or does not performs.Another point, shown or discussed each other
Coupling direct-coupling or communication connection can be the INDIRECT COUPLING by some interfaces, device or unit or communication connection,
Can be being electrical or other form.
The above-mentioned unit illustrated as separating component can be or may not be physically separate, shows as unit
The parts shown can be or may not be physical location, i.e. may be located at a place, or can also be distributed to multiple
On NE.Some or all of unit therein can be selected according to the actual needs to realize the mesh of the present embodiment scheme
's.
It addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it is also possible to
It is that unit is individually physically present, it is also possible to two or more unit are integrated in a unit.Above-mentioned integrated list
Unit both can realize to use the form of hardware, it would however also be possible to employ the form of SFU software functional unit realizes.
If above-mentioned integrated unit realizes and as independent production marketing or use using the form of SFU software functional unit
Time, can be stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially
The part that in other words prior art contributed or this technical scheme completely or partially can be with the form of software product
Embodying, this computer software product is stored in a storage medium, including some instructions with so that a computer
Equipment (can be personal computer, server or the network equipment etc.) perform each embodiment said method of the present invention whole or
Part steps.And aforesaid storage medium includes: USB flash disk, read only memory (ROM, Read-Only Memory), random access memory are deposited
Reservoir (RAM, Random Access Memory), portable hard drive, magnetic disc or CD etc. are various can store program code
Medium.
The most above-mentioned, above example only in order to technical scheme to be described, is not intended to limit;Although with reference to front
State embodiment the present invention has been described in detail, it will be understood by those within the art that: it still can be to front
State the technical scheme described in each embodiment to modify, or wherein portion of techniques feature is carried out equivalent;And these
Amendment or replacement, do not make the essence of appropriate technical solution depart from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (9)
1. the method for a safety certification based on secure transport layers tls protocol, it is characterised in that including:
User end to server sends client initialization handshake information, wherein, takes in described client initialization handshake information
Carrying N number of algorithm set mark, each algorithm set mark in M algorithm set mark among described N number of algorithm set mark is corresponding
Algorithm set include SM2 algorithm, wherein, described N is positive integer more than or equal to described M, described N and M;
Described client receives at the beginning of the server being used for responding described client initialization handshake information that described server sends
Beginningization handshake information, wherein, carries the first algorithm set mark, described first algorithm set in described server initiation handshake information
It is designated among described M algorithm set mark;
Described client carries out safety based on the first algorithm set corresponding to described first algorithm set mark with described server and recognizes
Card;
Described first algorithm set is certification class algorithm set or anonymous class algorithm set;
Wherein, described anonymous class algorithm set includes SM2 unsymmetrical key interactive algorithm, symmetric encipherment algorithm and digest algorithm;
Described certification class algorithm set includes: symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and summary are calculated
Method;
If described first algorithm set is certification class algorithm set, the most described client is based on corresponding to described first algorithm set mark
First algorithm set carries out safety certification with described server, including:
Described client receive described server send the first message, wherein, described first message carry server based on
The user certificate of SM2 signature algorithm;
Described client receives the server key interaction message that described server sends, and wherein, described server key is mutual
Message carries SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and first
Signing messages, wherein, described first signing messages is private key based on server user's certificate, joins described SM2 elliptic curve
Server identity information several, described, described key exchange elliptic curve point and described server public key carry out signature computing and obtain
Arrive;
The first signing messages that described client is carried based on the described server key interaction message received, to receive
SM2 elliptic curve parameter that described server key interaction message carries, server identity information, key exchange elliptic curve point
Verify with the correctness of server public key, if correctness is verified, then disappear alternately based on described server key
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key that breath carries calculate client
Hold pre-master key;
Described client receives the First Certificate request message that described server sends;
Described client sends the second message for responding described First Certificate request message, wherein, institute to described server
State the second message and carry client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Described client sends client key interaction message, wherein, described client key interaction message to described server
Carry the random point on client public key, elliptic curve and client identity information, in order to described server is based on described visitor
Random point on client public key that family end cipher key interaction message is carried, elliptic curve and client identity information calculation server
Pre-master key;
Described client sends client user's certification authentication message to described server, in order to described server is based on described
Client user's certification authentication message, verifies the legitimacy of the user certificate that described second message carries;
If described first algorithm set is certification class algorithm set, the most described client is based on corresponding to described first algorithm set mark
First algorithm set carries out safety certification with described server, including:
Described client receive described server send the first message, wherein, described first message carry server based on
The user certificate of SM2 signature algorithm;
Described client receives the server key interaction message that described server sends, and wherein, described server key is mutual
Message carries SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and first
Signing messages, wherein, described first signing messages is private key based on server user's certificate, joins described SM2 elliptic curve
Server identity information several, described, described key exchange elliptic curve point and described server public key carry out signature computing and obtain
Arrive;
The first signing messages that described client is carried based on the described server key interaction message received, to receive
SM2 elliptic curve parameter that described server key interaction message carries, server identity information, key exchange elliptic curve point
Verify with the correctness of server public key, if correctness is verified, then disappear alternately based on described server key
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key that breath carries calculate client
Hold pre-master key;
Described client sends client key interaction message, wherein, described client key interaction message to described server
Carry the random point on client public key, elliptic curve and client identity information, in order to described server is based on described visitor
Random point on client public key that family end cipher key interaction message is carried, elliptic curve and client identity information calculation server
Pre-master key;
If the first algorithm set is for anonymous class algorithm set, the most described client is based on the corresponding to described first algorithm set mark
One algorithm set carries out safety certification with described server, including:
Described client receives the server key interaction message that described server sends, and wherein, described server key is mutual
Message carries SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key;Wherein,
SM2 elliptic curve parameter that described client is carried based on described server key interaction message, server identity information, key
Exchange elliptic curve point and server public key calculate the pre-master key of client;
Described client sends client key interaction message, wherein, described client key interaction message to described server
Carry the random point on client public key, elliptic curve and client identity information, in order to described server is based on described visitor
Random point on client public key that family end cipher key interaction message is carried, elliptic curve and client identity information calculation server
Pre-master key.
Method the most according to claim 1, it is characterised in that described client sends client key to described server
After interaction message, also include:
Described client sends client key validation-cross message to described server, and wherein, described client key is mutual
Checking message carries the client verification digest value of SM2 cipher key interaction algorithm, in order to client described in described server authentication
Verification digest value;Receive the server key friendship that described server sends after being verified described client verification digest value
Verifying message mutually, wherein, described server key validation-cross message carries the server verification summary of SM2 cipher key interaction algorithm
Value, described server verification digest value is verified by described client.
3. the method for a safety certification based on secure transport layers tls protocol, it is characterised in that including:
Server receives the client initialization handshake information that client sends, wherein, described client initialization handshake information
In carry N number of algorithm set mark, each algorithm set in M algorithm set mark among described N number of algorithm set mark identifies institute
Corresponding algorithm set includes SM2 algorithm;
Described server sends the server initiation for responding described client initialization handshake information to described client
Handshake information, wherein, carries described server and selects from described M algorithm set mark in described server initiation handshake information
The first algorithm set mark, described first algorithm set be designated described M algorithm set identify among one;
Described server carries out safety based on the first algorithm set corresponding to described first algorithm set mark with described client to be recognized
Card;
Described first algorithm set is certification class algorithm set or anonymous class algorithm set,
Wherein, described anonymous class algorithm set includes SM2 unsymmetrical key interactive algorithm, symmetric encipherment algorithm and digest algorithm;
Described certification class algorithm set includes: symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and summary are calculated
Method;
If the first algorithm set is certification class algorithm set, the most described server is based on first corresponding to described first algorithm set mark
Algorithm set carries out safety certification with described client, including:
Described server sends the first message to described client, and wherein, described first message carries server and signs based on SM2
The user certificate of name algorithm;
Described server sends server key interaction message, wherein, described server key interaction message to described client
Carry SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signature
Information, wherein, described first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, institute
State server identity information, described key exchange elliptic curve point and described server public key to carry out signature computing and obtain,
So that the first signing messages that described client is carried based on the described server key interaction message received, to receiving
Described server key interaction message carry SM2 elliptic curve parameter, server identity information, key exchange elliptic curve
The correctness of point and server public key is verified, if correctness is verified, then mutual based on described server key
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key that message is carried calculate visitor
The pre-master key of family end;
Described server sends First Certificate request message to described client;
Described server receives the second message for responding described First Certificate request message that described client sends, its
In, described second message carries client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Described server receives the client key interaction message that described client sends, and wherein, described client key is mutual
Message carries the random point on client public key, elliptic curve and client identity information, and wherein, described server is based on described
Random point and client identity information on client public key that client key interaction message carries, elliptic curve calculate service
The pre-master key of device;
Described server receives client user's certification authentication message that described client sends, and demonstrate,proves based on described client user
Book checking message, verifies the legitimacy of the user certificate that described second message carries;
If the first algorithm set is certification class algorithm set, the most described server is based on first corresponding to described first algorithm set mark
Algorithm set carries out safety certification with described client, including:
Described server sends the first message to described client, and wherein, described first message carries server and signs based on SM2
The user certificate of name algorithm;
Described server sends server key interaction message, wherein, described server key interaction message to described client
Carry SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signature
Information, wherein, described first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, institute
State server identity information, described key exchange elliptic curve point and described server public key to carry out signature computing and obtain,
So that the first signing messages that described client is carried based on the described server key interaction message received, to receiving
Described server key interaction message carry SM2 elliptic curve parameter, server identity information, key exchange elliptic curve
The correctness of point and server public key is verified, if correctness is verified, then mutual based on described server key
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key that message is carried calculate visitor
The pre-master key of family end;
Described server receives the client key interaction message that described client sends, and wherein, described client key is mutual
Message carries the random point on client public key, elliptic curve and client identity information, and wherein, described server is based on described
Random point and client identity information on client public key that client key interaction message carries, elliptic curve calculate service
The pre-master key of device;
If the first algorithm set is anonymous class algorithm set, the most described server and described client are based on described first algorithm set mark
The first corresponding algorithm set carries out safety certification, including:
Described server sends server key interaction message, wherein, described server key interaction message to described client
Carry SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key, in order to institute
State SM2 elliptic curve parameter that client carries based on described server key interaction message, server identity information, key are handed over
Change elliptic curve point and server public key calculates the pre-master key of client;
Described server receives the client key interaction message that described client sends, and wherein, described client key is mutual
Message carries the random point on client public key, elliptic curve and client identity information, and wherein, described server is based on described
Random point and client identity information on client public key that client key interaction message carries, elliptic curve calculate service
The pre-master key of device.
Method the most according to claim 3, it is characterised in that described server receives the client that described client sends
After cipher key interaction message, also include:
Described server receives the client key validation-cross message that described client sends, wherein, described client key
Validation-cross message carries the client verification digest value of SM2 cipher key interaction algorithm;Described client verification digest value is being tested
Card, by rear, sends server key validation-cross message to described client, and wherein, described server key validation-cross disappears
Breath carries the server verification digest value of SM2 cipher key interaction algorithm, in order to described client is to described server verification summary
Value is verified.
5. a client, it is characterised in that including:
Transmitting element, for sending client initialization handshake information to server, wherein, described client initialization is shaken hands and is disappeared
Breath carries N number of algorithm set mark, each algorithm set mark in M algorithm set mark among described N number of algorithm set mark
Corresponding algorithm set includes SM2 algorithm, and wherein, described N is positive integer more than or equal to described M, described N and M;
Receive unit, for receiving the server for responding described client initialization handshake information that described server sends
Initialization handshake message, carries the first algorithm set mark, described first algorithm set mark in described server initiation handshake information
Know among for described M algorithm set mark;
Certification interactive unit, for carrying out with described server based on the first algorithm set corresponding to described first algorithm set mark
Safety certification;
Described first algorithm set is certification class algorithm set or anonymous class algorithm set;
Wherein, described anonymous class algorithm set includes SM2 unsymmetrical key interactive algorithm, symmetric encipherment algorithm and digest algorithm;
Described certification class algorithm set includes: symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and summary are calculated
Method;
If the first algorithm set is for certification class algorithm set, then certification interactive unit is specifically for, receive that described server sends the
One message, wherein, described first message carries server user certificate based on SM2 signature algorithm;
Receiving the server key interaction message that described server sends, wherein, described server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, described first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described service
Device identity information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain;Based on connecing
The first signing messages that the described server key interaction message received carries, disappears alternately to the described server key received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the correctness of server public key that breath carries
Verify, if correctness is verified, then the SM2 elliptic curve ginseng carried based on described server key interaction message
Number, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Receive the First Certificate request message that described server sends;
The second message for responding described First Certificate request message, wherein, described second message is sent to described server
Carry client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Sending client key interaction message to described server, wherein, described client key interaction message carries client
Random point on PKI, elliptic curve and client identity information, in order to described server is handed over based on described client key
Random point on client public key that mutually message is carried, elliptic curve and the pre-master key of client identity information calculation server;
Client user's certification authentication message is sent, in order to described server is based on described client user to described server
Certification authentication message, verifies the legitimacy of the user certificate that described second message carries;
If the first algorithm set is for certification class algorithm set, then certification interactive unit specifically for,
Receiving the first message that described server sends, wherein, described first message carries server based on SM2 signature algorithm
User certificate;
Receiving the server key interaction message that described server sends, wherein, described server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point, server public key and the first signing messages, its
In, described first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described service
Device identity information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain;Based on connecing
The first signing messages that the described server key interaction message received carries, disappears alternately to the described server key received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the correctness of server public key that breath carries
Verify, if correctness is verified, then the SM2 elliptic curve ginseng carried based on described server key interaction message
Number, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Sending client key interaction message to described server, wherein, described client key interaction message carries client
Random point on PKI, elliptic curve and client identity information, in order to described server is handed over based on described client key
Random point on client public key that mutually message is carried, elliptic curve and the pre-master key of client identity information calculation server;
If the first algorithm set is for anonymous class algorithm set, then certification interactive unit specifically for,
Receiving the server key interaction message that described server sends, wherein, described server key interaction message carries
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key;Based on described server
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server that cipher key interaction message is carried are public
Key calculates the pre-master key of client;
Sending client key interaction message to described server, wherein, described client key interaction message carries client
Random point on PKI, elliptic curve and client identity information, in order to described server is handed over based on described client key
Random point on client public key that mutually message is carried, elliptic curve and the pre-master key of client identity information calculation server.
Client the most according to claim 5, it is characterised in that described certification interactive unit is additionally operable to, to described service
After device sends client key interaction message, send client key validation-cross message to described server, wherein, described
Client key validation-cross message carries the client verification digest value of SM2 cipher key interaction algorithm, in order to described server
Verify that described client verifies digest value;Receive described server to send after described client verification digest value is verified
Server key validation-cross message, wherein, described server key validation-cross message carries SM2 cipher key interaction algorithm
Server verification digest value, verifies described server verification digest value.
7. a server, it is characterised in that including:
Receiving unit, for receiving the client initialization handshake information that client sends, wherein, described client initialization is held
Hands message is carried N number of algorithm set mark, each algorithm set in M algorithm set mark among described N number of algorithm set mark
Algorithm set corresponding to mark includes SM2 algorithm;
Transmitting element, sends to described client and holds for the server initiation responding described client initialization handshake information
Hands message, wherein, carries what described server was selected from described M algorithm set mark in described server initiation handshake information
First algorithm set mark, described first algorithm set is designated among described M algorithm set mark;
Certification interactive unit, for carrying out with described client based on the first algorithm set corresponding to described first algorithm set mark
Safety certification;
Described first algorithm set is certification class algorithm set or anonymous class algorithm set,
Wherein, described anonymous class algorithm set includes SM2 unsymmetrical key interactive algorithm, symmetric encipherment algorithm and digest algorithm;
Described certification class algorithm set includes: symmetric encipherment algorithm, SM2 unsymmetrical key interactive algorithm, SM2 signature algorithm and summary
Algorithm;
If the first algorithm set is for certification class algorithm set, then certification interactive unit specifically for,
Sending the first message to described client, wherein, described first message carries server use based on SM2 signature algorithm
Family certificate;
Sending server key interaction message to described client, wherein, it is ellipse that described server key interaction message carries SM2
Curve parameters, server identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, institute
Stating the first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described server identity
Information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain, in order to described visitor
The first signing messages that family end group carries in the described server key interaction message received, to the described server received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server that cipher key interaction message is carried are public
The correctness of key is verified, if correctness is verified, then and the SM2 carried based on described server key interaction message
Elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
First Certificate request message is sent to described client;
Receive the second message for responding described First Certificate request message that described client sends, wherein, described second
Message carries client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Receiving the client key interaction message that described client sends, wherein, described client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, carry based on described client key interaction message
Random point on client public key, elliptic curve and the pre-master key of client identity information calculation server;
Receive client user's certification authentication message that described client sends, disappear based on described client user's certification authentication
Breath, verifies the legitimacy of the user certificate that described second message carries;
If the first algorithm set is for certification class algorithm set, then certification interactive unit specifically for,
Sending the first message to described client, wherein, described first message carries server and carries server based on SM2
The user certificate of signature algorithm;
Sending server key interaction message to described client, wherein, it is ellipse that described server key interaction message carries SM2
Curve parameters, server identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein,
Described first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described server body
Part information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain, in order to described
The first signing messages that client is carried based on the described server key interaction message received, to the described service received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
The correctness of PKI is verified, if correctness is verified, then carries based on described server key interaction message
It is close that SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate client pre-master
Key;
Receiving the client key interaction message that described client sends, wherein, described client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, wherein, described server is based on described client key
Random point and client identity information calculation server pre-master on client public key that interaction message carries, elliptic curve are close
Key;
If the first algorithm set is for anonymous class algorithm set, then certification interactive unit specifically for,
Sending server key interaction message to described client, wherein, it is ellipse that described server key interaction message carries SM2
Curve parameters, server identity information, key exchange elliptic curve point and server public key, in order to described client based on
SM2 elliptic curve parameter that described server key interaction message carries, server identity information, key exchange elliptic curve point
The pre-master key of client is calculated with server public key;
Receiving the client key interaction message that described client sends, wherein, described client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, wherein, described server is based on described client key
Random point and client identity information calculation server pre-master on client public key that interaction message carries, elliptic curve are close
Key.
Server the most according to claim 7, it is characterised in that described certification interactive unit is additionally operable to, and receives described visitor
After the client key interaction message that family end sends, receive the client key validation-cross message that described client sends,
Wherein, described client key validation-cross message carries the client verification digest value of SM2 cipher key interaction algorithm;To described
After client verification digest value is verified, send server key validation-cross message, wherein, described clothes to described client
Business device cipher key interaction checking message carries the server verification digest value of SM2 cipher key interaction algorithm, in order to described client pair
Described server verification digest value is verified.
9. a communication system, it is characterised in that including:
Client and server,
Wherein, described client, for sending client initialization handshake information, described client initialization to described server
Handshake information is carried N number of algorithm set mark, each algorithm in M algorithm set mark among described N number of algorithm set mark
Algorithm set corresponding to set mark includes SM2 algorithm, and wherein, described N is positive integer more than or equal to described M, described N and M;
Described server, for sending at the beginning of the server for responding described client initialization handshake information to described client
Beginningization handshake information, wherein, carries the first algorithm set mark, described first algorithm set in described server initiation handshake information
It is designated among described M algorithm set mark;Based on described first algorithm set mark corresponding to first algorithm set with
Described client carries out safety certification;
If the first algorithm set is for certification class algorithm set, the most described server specifically for, send to described client and be used for responding
The server initiation handshake information of described client initialization handshake information, wherein, described server initiation handshake information
In carry the first algorithm set mark, described first algorithm set be designated described M algorithm set identify among one;
Sending the first message to described client, wherein, described first message carries server use based on SM2 signature algorithm
Family certificate;
Sending server key interaction message to described client, wherein, it is ellipse that described server key interaction message carries SM2
Curve parameters, server identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, institute
Stating the first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described server identity
Information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain, in order to described visitor
The first signing messages that family end group carries in the described server key interaction message received, to the described server received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server that cipher key interaction message is carried are public
The correctness of key is verified, if correctness is verified, then and the SM2 carried based on described server key interaction message
Elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
First Certificate request message is sent to described client;
Receive the second message for responding described First Certificate request message that described client sends, wherein, described second
Message carries client based on SM2 signature algorithm or the user certificate of non-SM2 signature algorithm;
Receiving the client key interaction message that described client sends, wherein, described client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, carry based on described client key interaction message
Random point on client public key, elliptic curve and the pre-master key of client identity information calculation server;
Receive client user's certification authentication message that described client sends, disappear based on described client user's certification authentication
Breath, verifies the legitimacy of the user certificate that described second message carries;
If the first algorithm set is for certification class algorithm set, the most described server specifically for, send to described client and be used for responding
The server initiation handshake information of described client initialization handshake information, wherein, described server initiation handshake information
In carry the first algorithm set mark, described first algorithm set be designated described M algorithm set identify among one;
Sending the first message to described client, wherein, described first message carries server use based on SM2 signature algorithm
Family certificate;
Sending server key interaction message to described client, wherein, it is ellipse that described server key interaction message carries SM2
Curve parameters, server identity information, key exchange elliptic curve point, server public key and the first signing messages, wherein, institute
Stating the first signing messages is private key based on server user's certificate, to described SM2 elliptic curve parameter, described server identity
Information, described key exchange elliptic curve point and described server public key carry out signature computing and obtain, in order to described visitor
The first signing messages that family end group carries in the described server key interaction message received, to the described server received
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and server that cipher key interaction message is carried are public
The correctness of key is verified, if correctness is verified, then and the SM2 carried based on described server key interaction message
Elliptic curve parameter, server identity information, key exchange elliptic curve point and server public key calculate the pre-master key of client;
Receiving the client key interaction message that described client sends, wherein, described client key interaction message carries visitor
Random point on family end PKI, elliptic curve and client identity information, wherein, described server is based on described client key
Random point and client identity information calculation server pre-master on client public key that interaction message carries, elliptic curve are close
Key;
If the first algorithm set is for anonymous class algorithm set, the most described server specifically for, send to described client and be used for responding
The server initiation handshake information of described client initialization handshake information, wherein, described server initiation handshake information
In carry the first algorithm set mark, described first algorithm set be designated described M algorithm set identify among one;To described
Client sends server key interaction message, and wherein, described server key interaction message carries SM2 elliptic curve ginseng
Number, server identity information, key exchange elliptic curve point and server public key, in order to described client is based on described service
SM2 elliptic curve parameter, server identity information, key exchange elliptic curve point and the server that device cipher key interaction message is carried
PKI calculates the pre-master key of client;Receive the client key interaction message that described client sends, wherein, described client
Cipher key interaction message carries the random point on client public key, elliptic curve and client identity information, wherein, described server
Random point on the client public key carried based on described client key interaction message, elliptic curve and client identity information
The pre-master key of calculation server.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310323932.5A CN103581167B (en) | 2013-07-29 | 2013-07-29 | Safety certifying method based on safe transmission layer protocol, equipment and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310323932.5A CN103581167B (en) | 2013-07-29 | 2013-07-29 | Safety certifying method based on safe transmission layer protocol, equipment and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103581167A CN103581167A (en) | 2014-02-12 |
CN103581167B true CN103581167B (en) | 2016-12-28 |
Family
ID=50052098
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310323932.5A Active CN103581167B (en) | 2013-07-29 | 2013-07-29 | Safety certifying method based on safe transmission layer protocol, equipment and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103581167B (en) |
Families Citing this family (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107147611B (en) * | 2016-03-01 | 2020-07-24 | 华为技术有限公司 | Method, user equipment, server and system for establishing link by transport layer security T L S |
CN106060070B (en) * | 2016-07-01 | 2019-05-10 | 中国人民解放军国防科学技术大学 | The tls handshake protocol of ID-based cryptosystem system |
CN106341273A (en) * | 2016-09-30 | 2017-01-18 | 全球能源互联网研究院 | Protocol compliance dynamic detection method |
CN108111467B (en) * | 2016-11-24 | 2021-04-09 | 华为技术有限公司 | Identity authentication method, equipment and system |
US10630654B2 (en) * | 2017-03-22 | 2020-04-21 | Microsoft Technology Licensing, Llc | Hardware-accelerated secure communication management |
CN110690969B (en) * | 2018-07-06 | 2023-06-16 | 武汉信安珞珈科技有限公司 | Method and system for achieving bidirectional SSL/TLS authentication through multiparty cooperation |
CN110071911A (en) * | 2019-03-20 | 2019-07-30 | 北京龙鼎源科技股份有限公司 | The method and device of information transferring method and device, certificate update |
US10790979B1 (en) | 2019-08-29 | 2020-09-29 | Alibaba Group Holding Limited | Providing high availability computing service by issuing a certificate |
CN110677240B (en) * | 2019-08-29 | 2020-07-10 | 阿里巴巴集团控股有限公司 | Method, apparatus and medium for providing highly available computing services through certificate issuance |
CN112787979A (en) * | 2019-11-07 | 2021-05-11 | 北京地平线机器人技术研发有限公司 | Internet of things equipment access control method and internet of things equipment access control device |
CN114124367B (en) * | 2020-08-31 | 2023-03-24 | Oppo广东移动通信有限公司 | Data transmission method, device and storage medium |
CN112422530B (en) * | 2020-11-04 | 2023-05-30 | 无锡沐创集成电路设计有限公司 | Key security protection method and password device for server in TLS handshake process |
Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103118027A (en) * | 2013-02-05 | 2013-05-22 | 中金金融认证中心有限公司 | Transport layer security (TLS) channel constructing method based on cryptographic algorithm |
-
2013
- 2013-07-29 CN CN201310323932.5A patent/CN103581167B/en active Active
Patent Citations (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103118027A (en) * | 2013-02-05 | 2013-05-22 | 中金金融认证中心有限公司 | Transport layer security (TLS) channel constructing method based on cryptographic algorithm |
Also Published As
Publication number | Publication date |
---|---|
CN103581167A (en) | 2014-02-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103581167B (en) | Safety certifying method based on safe transmission layer protocol, equipment and system | |
CN112733107B (en) | Information verification method, related device, equipment and storage medium | |
CN103650554B (en) | For the method for the trusted communications between mobile device, mobile device and computer-readable medium | |
ES2836114T3 (en) | Information sending method, information reception method, device and system | |
CN104580167B (en) | A kind of methods, devices and systems transmitting data | |
CN106797562B (en) | A kind of method of message protection, relevant device and system | |
CN103634294B (en) | Information verifying method and device | |
CN104836664B (en) | A kind of methods, devices and systems executing business processing | |
US20180103017A1 (en) | Service processing method and electronic device | |
CN109257740A (en) | Profile method for down loading, mobile terminal and readable storage medium storing program for executing | |
WO2017185711A1 (en) | Method, apparatus and system for controlling smart device, and storage medium | |
CN109600223A (en) | Verification method, Activiation method, device, equipment and storage medium | |
CN104902531B (en) | Connect method, application authorization server, terminal and the router of network | |
EP3497912B1 (en) | Securely constructing a network fabric | |
CN106375478B (en) | A kind of synchronous method of mobile terminal data, apparatus and system | |
CN109495429A (en) | A kind of method for authenticating, terminal and server | |
CN104735657B (en) | Security terminal verification method, wireless access point binding method, apparatus and system | |
CN107968999A (en) | A kind of method for secret protection and relevant device | |
CN109768977A (en) | Streaming medium data processing method, device and relevant device and medium | |
CN105847007A (en) | Identity verification method for terminal device and computer device | |
CN107317680A (en) | Labeling method, system and the computer-readable recording medium of secured account numbers | |
CN106599698A (en) | Method and device for picture encryption, and method and device for picture decryption | |
CN104899488B (en) | Numeric value transfer and device | |
CN110474864A (en) | A kind of method and electronic equipment registered, log in mobile applications | |
CN107302526A (en) | System interface call method, equipment and computer-readable recording medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant |