CN103701819B - The processing method and processing device of HTML (Hypertext Markup Language) decryption - Google Patents
The processing method and processing device of HTML (Hypertext Markup Language) decryption Download PDFInfo
- Publication number
- CN103701819B CN103701819B CN201310744077.5A CN201310744077A CN103701819B CN 103701819 B CN103701819 B CN 103701819B CN 201310744077 A CN201310744077 A CN 201310744077A CN 103701819 B CN103701819 B CN 103701819B
- Authority
- CN
- China
- Prior art keywords
- packet
- decryption
- unit
- html
- kernel
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The present invention relates to a kind of HTML (Hypertext Markup Language) decryption processing method, the method includes:The first packet is received, judges whether the first packet is HTML (Hypertext Markup Language) packet;If packet is HTML (Hypertext Markup Language) packet, process is decrypted to the first packet, original data message is obtained;Data message is injected in kernel, data message is encapsulated as into the second packet, and safety detection is carried out to the second packet;Second packet is sent.The present invention establishes data channel between User space encryption and decryption program and existing kernel forwarding framework, before message is injected kernel forwarding framework by data channel, by the pretreatment of pretreatment module, avoid, so as to improve the utilization rate of original kernel forwarding framework, message is injected in kernel by data channel, shield the diversity of encryption flow and decryption flow, existing kernel forwarding framework is reused, development efficiency is improve, is reduced cost.
Description
Technical field
The present invention relates to Internet technology, more particularly to a kind of processing method and processing device of HTML (Hypertext Markup Language) decryption.
Background technology
Secure socket layer protocol(Secure Sockets Layer, SSL)It is to ensure that two communicate body in transmission over networks
Sensitive information integrity and confidentiality and the reliable end-to-end service designed.Enterprise security systems normally can run
One of key be exactly that flow is readable.If the flow of encryption is with virus, and common fire wall cannot parse these encryptions
Data, the safety of user cannot ensure.So the firewall product in network boundary should possess Hyper text transfer association
View (Hyper Text Transport Protocol, HTTPS) decryption function, filters to uneasy full flow.So more next
More firewall products all add HTTPS decryption functions.
Existing technical scheme all decrypts functional design complete set for HTTPS after the completion of encryption and decryption routine processes
Message forwarding framework, carry out a large amount of modifications to adapt to HTTPS decryption functions to original code, R&D costs height and efficiency is low.
Data channel is set up between User space encryption and decryption program and existing kernel forwarding framework, after User space is decrypted
Message be injected in kernel by data channel, the diversity of shielding encryption flow and decryption flow reuses existing kernel
Forwarding framework, can solve the deficiencies in the prior art.
The content of the invention
The purpose of the present invention is, for the deficiencies in the prior art, mainly to solve to be processed in reuse system to greatest extent in plain text
In the case of logic, new HTTPS decryption functions are added.In User space encryption and decryption program and existing plaintext message forwarding framework
Between establish data channel, by message by data channel inject kernel forwarding framework before, by pretreatment module
Pretreatment, it is to avoid develop again forward-path, so as to improve the utilization rate of original kernel forwarding framework, reduces cost.
In first aspect present invention, there is provided a kind of HTML (Hypertext Markup Language) decryption processing method, the method include:
The first packet is received, judges whether the first packet is HTML (Hypertext Markup Language) packet;
If packet is HTML (Hypertext Markup Language) packet, process is decrypted to the first packet, obtains original
Data message;
Data message is injected in kernel, data message is encapsulated as into the second packet, and the second packet is carried out
Safety detection;
Second packet is sent.
Preferably, it is decrypted process to the first packet to specifically include:Using the encrypting and decrypting program of User space to
One packet is decrypted process.
Preferably, the second packet is sent and is specifically included:
The second packet is processed using forwarding logic, for the second packet with viral flow is abandoned
Process, for the second packet of safety is forwarded.
Preferably, if the first packet is not HTML (Hypertext Markup Language) packet, directly forward the first packet.
Preferably, directly the first packet of forwarding includes:The first packet is processed using forwarding logic, for band
The first packet for having viral flow carries out discard processing, for the first packet of safety is forwarded.
In second aspect present invention, there is provided a kind of HTML (Hypertext Markup Language) decryption device, device include:Receive single
Unit, judging unit, decryption unit, detector unit, encapsulation unit and transmitting element;
Receiving unit, for receiving the first packet, and is sent to judging unit;
Judging unit, for judging whether the first packet is HTML (Hypertext Markup Language) packet, and by the first packet
It is sent to decryption unit;
Decryption unit, for receiving the first packet of judging unit transmission, and if packet is HTML (Hypertext Markup Language)
During packet, then process is decrypted to the first packet, obtains original data message, and data message is sent to into detection
Unit;
Encapsulation unit, for receiving the data message of decryption unit transmission, and data message is injected in kernel, by number
The second packet is encapsulated as according to message, and the second packet is sent to into detector unit;
Detector unit, for receiving the second packet of encapsulation unit transmission, and carries out safety inspection to the second packet
Survey, and transmitting element is sent to by the second packet after safety detection is carried out;
Transmitting element, for sending the second packet.
Preferably, decryption unit is decrypted place to the first packet specifically for the encrypting and decrypting program using User space
Reason.
Preferably, transmitting element is specifically for being processed to the second packet using forwarding logic, viral for carrying
Second packet of flow carries out discard processing, for the second packet of safety is forwarded.
Preferably, if transmitting element is additionally operable to the first packet when not being HTML (Hypertext Markup Language) packet, directly turn
Send out the first packet.
Preferably, transmitting element is specifically for being processed to the first packet using forwarding logic, viral for carrying
First packet of flow carries out discard processing, for the first packet of safety is forwarded.
It is an advantage of the current invention that establishing data between User space encryption and decryption program and existing kernel forwarding framework
Passage, before message is injected kernel forwarding framework by data channel, by the pretreatment of pretreatment module, it is to avoid weight
Message, so as to improve the utilization rate of original kernel forwarding framework, is injected kernel by data channel by forward-path newly developed
In, the diversity of encryption flow and decryption flow is shielded, existing kernel forwarding framework is reused, is improve development efficiency, dropped
Low cost.
Description of the drawings
HTML (Hypertext Markup Language) decryption device position deployment schematic diagrams of the Fig. 1 for the embodiment of the present invention;
HTML (Hypertext Markup Language) decryption process sequence figures of the Fig. 2 for the embodiment of the present invention;
Hypertext Transfer Protocol message forwarding schematic diagrams of the Fig. 3 for the embodiment of the present invention;
HTML (Hypertext Markup Language) decryption device schematic diagrams of the Fig. 4 for the embodiment of the present invention.
Specific embodiment
To make becoming apparent from for the technical scheme and advantage expression of the embodiment of the present invention, below by drawings and Examples,
Technical scheme is described in further detail.
Fig. 1 is the HTML (Hypertext Markup Language) decryption device position deployment schematic diagram of one embodiment of the invention, such as schemes
Shown, the device that the present invention is provided can apply to obtain the packet between client and server.Including decryption device,
Client (client) and server (server), decryption device are located between client and server, and as agency
Device, its function can be to obtain the packet that client and server mutually sends, and then judge the number that decryption device is obtained
Whether it is HTTPS messages according to bag, if packet is HTTPS messages, in order to carry out safety inspection to the HTTPS messages of packet
Survey, then need to be decrypted packet process.
HTML (Hypertext Markup Language) decryption process sequence figures of the Fig. 2 for the embodiment of the present invention, as illustrated, the present embodiment is concrete
Comprise the steps:
Step 101, the first packet of reception.Packet is obtained from data link layer by network, data link layer is for example
It is the correspondence device driver of client, network interface card, server etc..
Step 102, judge whether the first packet is HTML (Hypertext Markup Language) packet.Judging unit judges the first data
Whether bag is HTML (Hypertext Markup Language) packet, and the first packet is sent to decryption unit.
If packet is HTML (Hypertext Markup Language) packet in step 103, step 102, the first packet is carried out
Decryption processing, obtains original data message.
Specifically, it is illustrated in figure 3 the Hypertext Transfer Protocol message forwarding schematic diagram of the embodiment of the present invention.Wherein, solve
Close unit is decrypted process to the first packet and specifically includes:The first packet is entered using the encrypting and decrypting program of User space
Row decryption processing.
Step 104, data message is injected in kernel.
Specifically, by User space and the data channel of kernel state, the data message after decryption is injected into into core system
In processed.Due to directly packet being injected in kernel, therefore the data message after decryption is injected in kernel.
Step 105, data message is encapsulated as into the second packet in kernel.
Specifically, the clear data after decryption is re-packaged into into packet.In follow-up, forwarding framework will be determined should
Whether packet forwards, accordingly, it would be desirable to carry out being re-packaged into packet to the data message after decryption by encapsulation unit.
Step 106, safety detection is carried out to the second packet, judge the second packet whether safety, the number to safety
Forwarded according to bag, unsafe packet is terminated forwarding.
Specifically, detection carries out safety detection to the second packet, and will carry out the second data after safety detection
Bag is sent to transmitting element, as the second packet will be sent to client or server, it is therefore necessary to packet
Carry out safety detection.By the testing mechanism of existing forwarding framework, judge whether packet includes virus.If through detection
The second packet afterwards will stop the second packet of forwarding with virus, then forwarding logic;If the second data after tested
Bag safety, then the second packet is sent to transmitting element by forwarding logic.
Step 107, the second packet for receiving forwarding logic transmission in 106, and the second packet is transmitted to into client
Or server.
Step 108, viral second data packet discarding will be included in step 106.
If in step 109, step 102, packet is not HTML (Hypertext Markup Language) packet, in directly judging step 102
The first packet whether safety.
Specifically, detection carries out safety detection to the first packet, and will carry out the first data after safety detection
Bag is sent to transmitting element, as the first packet will be sent to client or server, it is therefore necessary to packet
Carry out safety detection.By the testing mechanism of existing forwarding framework, judge whether packet includes virus.If through detection
The first packet afterwards will stop the first packet of forwarding with virus, then forwarding logic;If the first data after tested
Bag safety, then the first packet is sent to transmitting element by forwarding logic.
If the first packet is transmitted to client or clothes by the first security data packet in step 110, step 102
Business device.
If the first packet in step 111, step 102 is with virus, by the first data packet discarding.
HTML (Hypertext Markup Language) decryption device schematic diagrams of the Fig. 4 for the embodiment of the present invention, as illustrated, hypertext is passed
Defeated agreement decryption device includes:Receiving unit 201, judging unit 202, decryption unit 203, encapsulation unit 204, detection are single
Unit 205 and transmitting element 206.
Receiving unit 201, for receiving the first packet, and is sent to judging unit;
Judging unit 202, for judging whether the first packet is HTML (Hypertext Markup Language) packet, and by the first data
Bag is sent to decryption unit;
Decryption unit 203, for receiving the first packet of judging unit transmission, and if packet is Hyper text transfer association
During view packet, then process is decrypted to the first packet, obtains original data message, and data message is sent to into inspection
Survey unit;
Encapsulation unit 204, for receiving the data message of decryption unit transmission, and data message is injected in kernel,
Data message is encapsulated as into the second packet, and the second packet is sent to into detector unit;
Detector unit 205, for receiving the second packet of encapsulation unit transmission, and carries out safety to the second packet
Detection, and transmitting element is sent to by the second packet after safety detection is carried out;
Transmitting element 206, for sending the second packet.
Specifically, transmitting element is for being processed to the second packet using forwarding logic, for viral flow
The second packet carry out discard processing, for safety the second packet forward.
If transmitting element is additionally operable to the first packet when not being HTML (Hypertext Markup Language) packet, using forwarding logic to
One packet is processed, for the first packet with viral flow carries out discard processing, for the first data of safety
Bag forwarding.
The implementation method and equipment of HTTPS of the present invention decryption, advantage be User space encryption and decryption program with it is existing in
Data channel is established between core forwarding framework, before message is injected kernel forwarding framework by data channel, by pre-
The pretreatment of processing module, it is to avoid develop again forward-path, so as to improve the utilization rate of original kernel forwarding framework, will
Message is injected in kernel by data channel, is shielded the diversity of encryption flow and decryption flow, is reused existing interior consideration convey
Framework is sent out, development efficiency is improve, is reduced cost.
Above-described specific embodiment, has been carried out further to the purpose of the present invention, technical scheme and beneficial effect
Describe in detail, the be should be understood that specific embodiment that the foregoing is only the present invention is not intended to limit the present invention
Protection domain, all any modification, equivalent substitution and improvements within the spirit and principles in the present invention, done etc. all should include
Within protection scope of the present invention.
Claims (10)
1. a kind of HTML (Hypertext Markup Language) decryption processing method, it is characterised in that methods described includes:
The first packet is received, judges whether first packet is HTML (Hypertext Markup Language) packet;
If the packet is HTML (Hypertext Markup Language) packet, process is decrypted to first packet, is obtained
Original data message;
The original data message is injected in kernel, the data message is encapsulated as into the second packet, and to described
Second packet carries out safety detection;
Second packet is sent;
Wherein, by User space and the data channel of kernel state, the original data message is injected in kernel.
2. method according to claim 1, it is characterised in that described that process is decrypted to first packet is concrete
Including:Process is decrypted to first packet using the encrypting and decrypting program of User space.
3. method according to claim 1, it is characterised in that described send second packet specifically includes:
Second packet is processed using forwarding logic, for the second packet with viral flow is abandoned
Process, for the second packet of safety is forwarded.
4. method according to claim 1, it is characterised in that methods described includes:If first packet is not super text
During this transmission protocol data bag, then first packet is directly forwarded.
5. method according to claim 4, it is characterised in that described directly to forward first packet to include:Using turn
Send out logic to process first packet, for the first packet with viral flow carries out discard processing, for
The first packet forwarding of safety.
6. a kind of HTML (Hypertext Markup Language) decryption device, it is characterised in that described device includes:Receiving unit, judgement are single
Unit, decryption unit, detector unit, encapsulation unit and transmitting element;
The receiving unit, for receiving the first packet, and is sent to the judging unit;
The judging unit, for judging whether first packet is HTML (Hypertext Markup Language) packet, and by described
One packet is sent to the decryption unit;
The decryption unit, for receiving the first packet that the judging unit sends, and if the packet is hypertext
During transmission protocol data bag, then process is decrypted to first packet, obtains original data message, and by the number
The detector unit is sent to according to message;
The encapsulation unit, for receiving the described original data message that the decryption unit sends, and by the datagram
Text is injected in kernel, the data message is encapsulated as the second packet, and second packet is sent to the inspection
Survey unit;
The detector unit, for receiving second packet that the encapsulation unit sends, and is carried out to the second packet
Safety detection, and the transmitting element is sent to by the second packet after safety detection is carried out;
The transmitting element, for sending second packet;
Wherein, by User space and the data channel of kernel state, the original data message is injected in kernel.
7. device according to claim 6, it is characterised in that the decryption unit is specifically for the encryption using User space
Decryption program is decrypted process to first packet.
8. device according to claim 6, it is characterised in that the transmitting element specifically for using forwarding logic to institute
State the second packet to be processed, for the second packet with viral flow carries out discard processing, for the second of safety
Packet is forwarded.
9. device according to claim 6, it is characterised in that if it is not super that transmitting element is additionally operable to first packet
During text transfer protocol packet, then first packet is directly forwarded.
10. device according to claim 9, it is characterised in that the transmitting element specifically for using forwarding logic to institute
State the first packet to be processed, for the first packet with viral flow carries out discard processing, for the first of safety
Packet is forwarded.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310744077.5A CN103701819B (en) | 2013-12-30 | 2013-12-30 | The processing method and processing device of HTML (Hypertext Markup Language) decryption |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310744077.5A CN103701819B (en) | 2013-12-30 | 2013-12-30 | The processing method and processing device of HTML (Hypertext Markup Language) decryption |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103701819A CN103701819A (en) | 2014-04-02 |
CN103701819B true CN103701819B (en) | 2017-04-05 |
Family
ID=50363215
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310744077.5A Active CN103701819B (en) | 2013-12-30 | 2013-12-30 | The processing method and processing device of HTML (Hypertext Markup Language) decryption |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103701819B (en) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105516169A (en) * | 2015-12-23 | 2016-04-20 | 北京奇虎科技有限公司 | Method and device for detecting website security |
CN109556667A (en) * | 2018-09-29 | 2019-04-02 | 浙江威星智能仪表股份有限公司 | A kind of wireless remote transmission supersonic wave metering device that supporting http protocol and method |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7634572B2 (en) * | 2004-12-22 | 2009-12-15 | Slipstream Data Inc. | Browser-plugin based method for advanced HTTPS data processing |
US7657737B2 (en) * | 2005-02-28 | 2010-02-02 | International Business Machines Corporation | Method for mapping an encrypted https network packet to a specific url name and other data without decryption outside of a secure web server |
CN101141243A (en) * | 2006-09-08 | 2008-03-12 | 飞塔信息科技(北京)有限公司 | Device and method for carrying out security check and content filtering on communication data |
CN101631107B (en) * | 2008-07-16 | 2012-02-22 | 福建升腾资讯有限公司 | Method for configuring Linux kernel based on Web method |
CN101741827A (en) * | 2008-11-11 | 2010-06-16 | 刘芳 | Network safety processing equipment and method |
CN101924771B (en) * | 2010-08-26 | 2013-11-06 | 北京天融信科技有限公司 | Core-level TCP adhering junction method for accelerating application proxy |
CN101957842B (en) * | 2010-09-13 | 2012-08-01 | 青岛海信移动通信技术股份有限公司 | Webpage cache control method, device and system based on WebKit browser |
CN102984180A (en) * | 2011-09-02 | 2013-03-20 | 广东电子工业研究院有限公司 | Cloud storage-based cross-mobile platform data processing apparatus and processing method thereof |
CN102624740B (en) * | 2012-03-30 | 2016-05-11 | 北京奇虎科技有限公司 | A kind of data interactive method and client, server |
-
2013
- 2013-12-30 CN CN201310744077.5A patent/CN103701819B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN103701819A (en) | 2014-04-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102981879B (en) | Application software installation kit supplying method, acquisition methods, equipment and disposal system | |
JP6188785B2 (en) | Network intrusion detection using decoy encryption key | |
CN104217173B (en) | A kind of data and file encrypting method for browser | |
CN105337935B (en) | A kind of method and apparatus for establishing client and the long connection of server-side | |
CN112104604B (en) | System and method for realizing secure access service based on electric power Internet of things management platform | |
CN103607402B (en) | A kind of online game data encryption and decryption method and equipment | |
CN106941491B (en) | Safety application data link layer equipment of electricity utilization information acquisition system and communication method | |
CN105704149A (en) | Safety protection method for power mobile application | |
CN103441983A (en) | Information protection method and device based on link layer discovery protocol | |
CN105471866A (en) | Protection method and apparatus for mobile application | |
CN108900540B (en) | Service data processing method of power distribution terminal based on double encryption | |
CN106330829A (en) | Method and system for realizing single signing on by using middleware | |
CN104994094A (en) | Virtualization platform safety protection method, device and system based on virtual switch | |
CN103023926A (en) | Reverse proxy based information leakage preventing security gateway system | |
CN106850517A (en) | A kind of method, apparatus and system for solving intranet and extranet repeat logon | |
CN105187211B (en) | A kind of safe sending and receiving methods of message and transceiver | |
CN103701819B (en) | The processing method and processing device of HTML (Hypertext Markup Language) decryption | |
CN106656939A (en) | State cryptography SSL protocol and standard SSL protocol forwarding system and method | |
CN106656484B (en) | A kind of PCI cipher card drive system and its implementation | |
CN114301967B (en) | Control method, device and equipment for narrowband Internet of things | |
CN115396228A (en) | Heterogeneous message transmission method, device, equipment and storage medium | |
KR101881278B1 (en) | Method for selective inspection of the packet communications using the Secure Sockets Layer | |
CN113645193B (en) | Network security protection method, service management system and computer readable storage medium | |
KR101881279B1 (en) | Apparatus and method for inspecting the packet communications using the Secure Sockets Layer | |
CN101217532B (en) | An anti-network attack data transmission method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |