CN107483199A - Information Authentication method and device - Google Patents
Information Authentication method and device Download PDFInfo
- Publication number
- CN107483199A CN107483199A CN201710934172.XA CN201710934172A CN107483199A CN 107483199 A CN107483199 A CN 107483199A CN 201710934172 A CN201710934172 A CN 201710934172A CN 107483199 A CN107483199 A CN 107483199A
- Authority
- CN
- China
- Prior art keywords
- character string
- parameter
- entry name
- length
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2151—Time stamp
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
Abstract
In the Information Authentication method and device that the embodiment of the present application provides, entry name is extracted from framework hyperlink request, and obtain checking parameter corresponding to entry name;Obtain the timestamp parameter of current system, timestamp parameter is attached to the ending of the first parameter character string, by the first parameter character string and timestamp parameter collectively as the second parameter character string, obtain the length of the second parameter character string, then the length of character string to be verified is obtained according to the length of the second parameter character string, entry name and timestamp parameter, is designated as L.Intercepted length is L character string from the second parameter character string, as character string to be verified, verification carried out to the character string to be verified obtain first to check character string, first, which is checked character, to go here and there is attached at the ending of the second parameter character string, as the 3rd parameter character string.
Description
Technical field
The application is related to internet arena, in particular to a kind of Information Authentication method and device.
Background technology
It is presently in existence some solutions encrypted and verified for RESTful API, in terms of encryption, existing skill
Art either uses symmetric cryptography or asymmetric encryption techniques, is to sending using certificate fixed in programming
The link of RESTful HTTP requests or content are encrypted.If using modular cluster service, then be sent to
, randomness is relatively low for the encryption key of all service modules and cipher mode.
In terms of checking, current techniques are mostly to carry out hash check to specified some or all of parameters, lack randomness.
The low randomness of two aspects hides some dangers for the safety of whole system.
Apply for content
In view of this, the embodiment of the present application provides a kind of Information Authentication method and device, is tested with improving existing information
Card method lacks the technical problem of randomness in encryption key, cipher mode, hash check.
To achieve the above object, the embodiment of the present application provides a kind of Information Authentication method, and methods described includes:From described
Framework hyperlink request extracts the entry name, and obtains checking parameter corresponding to the entry name;Obtain the time of current system
Stab parameter, the timestamp parameter be attached to the ending of the first parameter character string, by the first parameter character string and
Timestamp parameter is collectively as the second parameter character string;The length of the second parameter character string is obtained, according to the described second ginseng
Length, entry name and the timestamp parameter of numeric string obtain the length of character string to be verified, are designated as L;From the described second ginseng
Intercepted length is L character string in numeric string, as character string to be verified;The character string to be verified is verified
Obtain first to check character string, the ending gone here and there and be attached to the second parameter character string that described first is checked character, by described the
Two parameter character strings and first check character string collectively as the 3rd parameter character string.
The embodiment of the present application additionally provides a kind of Information Authentication device, and described device includes:Checking parameter module, for from
The framework hyperlink request extracts the entry name, and obtains checking parameter corresponding to the entry name;Second parameter character string
Module, for obtaining the timestamp parameter of current system, the timestamp parameter is attached to the knot of the first parameter character string
Tail, by the first parameter character string and timestamp parameter collectively as the second parameter character string;String length to be verified
Module, for obtaining the length of the second parameter character string, according to the length of the second parameter character string, entry name and
Timestamp parameter obtains the length of character string to be verified, is designated as L;Character string module to be verified, for from second parameter word
The character string that intercepted length is L in symbol string, as character string to be verified;3rd parameter character string module, for described
Character string to be verified carries out verification and obtains first checking character string, and the described first string of checking character is attached into second parameter word
The ending of string is accorded with, the second parameter character string and first are checked character into string collectively as the 3rd parameter character string.
The Information Authentication method and device that the embodiment of the present application provides has the beneficial effect that:
In the Information Authentication method and device that the embodiment of the present application provides, entry name is extracted from framework hyperlink request, and obtain
Take checking parameter corresponding to entry name;The timestamp parameter of current system is obtained, timestamp parameter is attached to the first parameter character
The ending of string, by the first parameter character string and timestamp parameter collectively as the second parameter character string, obtain the second parameter word
The length of string is accorded with, character string to be verified is then obtained according to the length of the second parameter character string, entry name and timestamp parameter
Length, be designated as L.Intercepted length is L character string from the second parameter character string, as character string to be verified, to this
Character string to be verified carries out verification and obtains first checking character string, the knot gone here and there and be attached to the second parameter character string that first is checked character
At tail, as the 3rd parameter character string.The application provide Information Authentication method can obtain checking parameter corresponding to entry name with
And timestamp parameter, and character string to be verified is chosen using it, then treat string verification acquisition first of checking character and check character
String, then obtain the 3rd parameter character string of string of being checked character comprising first.Compared with existing method of calibration, what the application provided
Information Authentication method randomness is stronger, so as to the security beneficial to safeguards system.
Brief description of the drawings
, below will be to embodiment or existing for clearer explanation the embodiment of the present application or technical scheme of the prior art
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments of application, for those of ordinary skill in the art, on the premise of not paying creative work, can be with
Other accompanying drawings are obtained according to these accompanying drawings.
Fig. 1 is the application environment schematic diagram of the embodiment of the present application;
Fig. 2 is the flow chart for the Information Authentication method that the application first embodiment provides;
Fig. 3 is the part schematic flow sheet for the Information Authentication method that the application first embodiment provides;
Fig. 4 is the part schematic flow sheet for the Information Authentication method that the application first embodiment provides;
Fig. 5 is the part schematic flow sheet for the Information Authentication method that the application first embodiment provides;
Fig. 6 is the part schematic flow sheet for the Information Authentication method that the application first embodiment provides;
Fig. 7 is the structured flowchart for the Information Authentication device that the application second embodiment provides.
Embodiment
Fig. 1 shows a kind of structured flowchart for the server 20 that can be applied in the embodiment of the present application.As shown in figure 1, institute
Stating server 20 includes memory 202, storage control 204, one or more (one is only shown in figure) processors 206, outer
If interface 208, radio-frequency module 210 etc..These components are mutually communicated by one or more communication bus/signal wire 216.
Memory 202 can be used for storage software program and module, such as the Information Authentication method in the embodiment of the present invention and
Programmed instruction/module corresponding to device, processor 206 are stored in software program and module in memory 202 by operation,
So as to perform various function application and data processing, such as Information Authentication method provided in an embodiment of the present invention.
Memory 202 may include high speed random access memory, may also include nonvolatile memory, such as one or more magnetic
Property storage device, flash memory or other non-volatile solid state memories.Processor 206 and other possible components are to storage
The access of device 202 can be carried out under the control of storage control 204.
Various input/output devices are coupled to processor 206 and memory 202 by Peripheral Interface 208.In some implementations
In example, Peripheral Interface 208, processor 206 and storage control 204 can be realized in one single chip.In some other reality
In example, they can be realized by independent chip respectively.
Radio-frequency module 210 is used to receiving and sending electromagnetic wave, realizes the mutual conversion of electromagnetic wave and electric signal, so that with
Communication network or other equipment are communicated.
It is appreciated that structure shown in Fig. 1 is only to illustrate, user terminal 20 may also include it is more more than shown in Fig. 1 or
Less component, or there is the configuration different from shown in Fig. 1.Each component shown in Fig. 1 can use hardware, software or its
Combination is realized.
First embodiment
Fig. 2 is referred to, Fig. 2 shows the schematic flow sheet for the Information Authentication method that the application first embodiment provides, tool
Body comprises the following steps:
Step S110, the entry name is extracted from the framework hyperlink request, and obtain and verified corresponding to the entry name
Parameter.
Framework hyperlink request is specifically as follows Restful hyperlink requests, and link is specifically as follows:http(s)://
example.com/v1/model/methodParam1=1&param2=2, wherein, v1 is version number, and model is project
Name, method is method name, and param1, param2 are parameter name, and param1=1&param2=2 is parameter character string,
Question mark between method and parameter character stringFor the connector of method name and parameter.First obtain in the framework hyperlink request
Entry name, then obtain the checking parameter of entry name.Checking parameter is parameter corresponding with entry name, is represented with factor, example
Such as factor=3.
Fig. 4 is referred to, before step S110, is also comprised the following steps:
Step S101, receive framework hyperlink request.
Framework hyperlink request can be first received, then framework hyperlink request is handled again.
Step S102, judges whether the framework hyperlink request meets call format, if so, performing step S110.
Judge whether to meet to require, that is, judge whether to meet http (s)://example.com/v1/model/method
Param1=1&param2=2 call format.
Step S120, the timestamp parameter of current system is obtained, the timestamp parameter is attached to first parameter word
The ending of string is accorded with, by the first parameter character string and timestamp parameter collectively as the second parameter character string.
Timestamp parameter refers to from zero second on the stroke of midnight millisecond numerical value so far on January 1st, 1970, and timestamp parameter can be with
Represented with timestamp, such as timestamp=1504669883844, the knot of the first parameter character string is attached to as parameter
Tail.First parameter character string refers to parameter character string mentioned above.With http (s)://example.com/v1/model/
methodIllustrated exemplified by param1=1&param2=2, the first parameter character string is param1=1&param2=2.Will
Timestamp is attached to the ending of the first parameter character string, i.e. param1=1&param2=2&timestamp=1504669883844
For the second parameter character string.
Step S130, the length of the second parameter character string is obtained, according to the length of the second parameter character string, item
Mesh name and timestamp parameter obtain the length of character string to be verified, are designated as L.
The length of the second parameter character string is obtained, the length of the second parameter character string is represented with Length, specifically,
Length length can be 41.
The length of character string to be verified, character string to be verified are obtained by timestamp X factor mod Length
Length represent that specifically, L length can be 34 with L.
Step S140, intercepted length is L character string from the second parameter character string, as character to be verified
String.
34 words before being intercepted from front to back from param1=1&param2=2&timestamp=1504669883844
Symbol, i.e. param1=1&param2=2&timestamp=150466, using the character string as character string to be verified.
Step S150, verification is carried out to the character string to be verified obtain first to check character string, described first is verified
Character string is attached to the ending of the second parameter character string, and the second parameter character string and first are checked character into string jointly
As the 3rd parameter character string.
String of checking character can specifically be treated and carry out hash check, such as to param1=1&param2=2&
Timestamp=150466 carry out MD5 verifications, obtain MD5 check character string S=
D19e5c306de66aa2da0330d5fd557c9b, this section of character string are first to check character string, and this first is checked character
String can be attached to the ending of the second parameter character string, and the 3rd parameter character string is specially:
Param1=1&param2=2&timestamp=1504669883844&md5=
d19e5c306de66aa2da0330d5fd557c9b。
Fig. 3 is referred to, methods described also comprises the following steps:
Step S160, obtain entry name key seed corresponding with the entry name.
Key seed 1, such as abcdefgh are obtained according to entry name model.
Step S170, the entry name key seed and general key seed group are turned into the first complete key seed.
Key seed 1 and general key seed such as 12345678 are formed to the complete key seed into 16:
Abcdefgh12345678, abcdefgh12345678 are the first complete key seed.
Step S180, according to the described first complete key seed generation encryption key.
According to the first complete key seed abcdefgh12345678 generation AES encryption keys K.
Step S190, it is encrypted according to the 3rd parameter character string described in the encryption secret key pair.
The 3rd parameter character string is encrypted according to encryption key K, obtains ciphertext character string.
Such as the 3rd parameter character string is encrypted, ciphertext character string can be obtained.
Step S200, the ciphertext character string obtained using encryption replaces the 3rd parameter character string, after being encrypted
Framework hyperlink request.
The 3rd parameter character string is replaced with ciphertext character string, can be with the framework hyperlink request after being encrypted.
Fig. 5 is referred to, methods described also includes:
Step S210, receive the framework hyperlink request after encryption.
Mainly parameter string portions are encrypted for framework hyperlink request after encryption, therefore, framework hyperlink request
Version number, the information such as entry name still can be acquired.
Step S220, obtain the entry name of the framework hyperlink request and entry name key kind corresponding with the entry name
Son.
Obtain the entry name of the framework hyperlink request after the encryption, and entry name key kind corresponding with the entry name
Son, such as the entry name key seed are abcdefgh.
Step S230, the entry name key seed and the general key seed are formed into the second complete key seed.
It is combined with general key seed 12345678, obtains the second complete key seed abcdefgh12345678.
Step S240, according to the described second complete key seed generation decryption key.
According to the second complete key seed generation decryption key, the decryption key is corresponding with encryption key, that is, is similarly
K。
Step S250, it is decrypted using ciphertext character string described in the decryption secret key pair, obtains the 3rd parameter character string.
The ciphertext character string in the framework hyperlink request after encryption is decrypted using key K is decrypted, obtains the 3rd ginseng
Numeric string.
Fig. 6 is referred to, methods described also includes:
Step S260, the entry name in the framework hyperlink request after encryption is obtained, and obtain school corresponding to the entry name
Test parameter.
The entry name in the framework hyperlink request after encryption is obtained, and obtains checking parameter corresponding to entry name, that is, is obtained
Factor=3.
Step S270, obtain the length of the second parameter character string, and the timestamp ginseng in the second parameter character string
Number.
The timestamp parameter in Length and the second parameter character string is obtained, specifically, MD5 (H1) value can be ignored
So as to obtain the length Length of the second parameter character string.
Step S280, obtained according to the length of the second parameter character string, the checking parameter and timestamp parameter
The length L of character string to be verified.
The length of character string to be verified, character string to be verified are obtained by timestamp X factor mod Length
Length represent that specifically, L length can be 34 with L.
Step S290, checking character for the 3rd parameter character string is removed, from the 3rd ginseng checked character described in removal
Intercepted length is L character string in numeric string, and carrying out verification acquisition second to the character string that the length is L checks character
String.
MD5 hash checks are carried out to L character string, obtain md5 values (H2).
Step S300, judge whether the described second string of checking character equal with the first string of checking character, if so, then verify into
Work(.
Judge second check character string with first check character go here and there it is whether identical, if so, then surface verifies successfully.
Application scheme realizes to be combined for the different key of the disparate modules generation of network service, makes the generation of key
With using certain randomness is carried, key and the security of ciphering process are further improved.
Application scheme realizes and Restful is calculated at random using the weight coefficient of timestamp and each module simultaneously
The string length of progress hash check is needed in required parameter character string, the word of the length is then intercepted from parameter character string
Symbol string carries out hash check, and is no longer to choose individual parameters to carry out hash check, considerably simplify Restful
The code of encryption and the verification of API request is realized, and improves security to a certain extent.
Second embodiment
Fig. 7 is referred to, Fig. 7 shows the Information Authentication device that the application second embodiment provides, and the device 300 includes:
Checking parameter module 310, for extracting the entry name from the framework hyperlink request, and obtain the entry name
Corresponding checking parameter.
Second parameter character string module 320, it is for obtaining the timestamp parameter of current system, the timestamp parameter is attached
In the ending of the first parameter character string, by the first parameter character string and timestamp parameter collectively as the second parameter
Character string.
String length module 330 to be verified, for obtaining the length of the second parameter character string, according to described second
Length, entry name and the timestamp parameter of parameter character string obtain the length of character string to be verified, are designated as L.
Character string module 340 to be verified, will for the character string that intercepted length is L from the second parameter character string
It is as character string to be verified.
3rd parameter character string module 350, checked character for carrying out verification acquisition first to the character string to be verified
String, the described first string of checking character is attached to the ending of the second parameter character string, by the second parameter character string and
First checks character string collectively as the 3rd parameter character string.
The Information Authentication device that the application second embodiment provides also includes:
Entry name key module, for obtaining entry name key seed corresponding with the entry name.
First complete key seed module, for the entry name key seed and general key seed group to be turned into first
Complete key seed.
Key generation module is encrypted, for according to the described first complete key seed generation encryption key.
Encrypting module, it is encrypted for the 3rd parameter character string according to the encryption secret key pair.
Encryption Architecture acquisition module, the ciphertext character string for being obtained using encryption replace the 3rd parameter character string,
Framework hyperlink request after being encrypted.
Receiving module is linked, for receiving framework hyperlink request.
Form judge module, for judging whether the framework hyperlink request meets call format, if so, performing " from institute
State framework hyperlink request and extract the entry name, and obtain checking parameter corresponding to the entry name " step.
Framework request receiving module, for receiving the framework hyperlink request after encrypting.
Entry name key seed module, for obtaining the entry name of the framework hyperlink request and corresponding with the entry name
Entry name key seed.
Second complete key seed module, for by the entry name key seed and the general key seed composition the
Two complete key seeds.
Key generation module is decrypted, for according to the described second complete key seed generation decryption key.
3rd parameter character string module, for being decrypted using ciphertext character string described in the decryption secret key pair, obtain
3rd parameter character string.
Checking parameter module, for obtaining the entry name in the framework hyperlink request after encrypting, and obtain the entry name
Corresponding checking parameter.
Timestamp parameter module, for obtaining the length of the second parameter character string, and in the second parameter character string
Timestamp parameter.
String length module to be verified, for the length according to the second parameter character string, the checking parameter with
And the length L of timestamp gain of parameter character string to be verified.
Second checks character string module, for removing checking character for the 3rd parameter character string, from removing the school
The character string that intercepted length in the 3rd parameter character string of character is L is tested, verification acquisition is carried out to the character string that the length is L
Second checks character string.
Judge module is verified, for judging whether the described second string of checking character is equal with the first string of checking character, if so,
Then verify successfully.
The Information Authentication device that the application second embodiment provides is relative with the Information Authentication method that first embodiment provides
Should, just do not repeat herein.
In the Information Authentication method and device that the embodiment of the present application provides, entry name is extracted from framework hyperlink request, and obtain
Take checking parameter corresponding to entry name;The timestamp parameter of current system is obtained, timestamp parameter is attached to the first parameter character
The ending of string, by the first parameter character string and timestamp parameter collectively as the second parameter character string, obtain the second parameter word
The length of string is accorded with, character string to be verified is then obtained according to the length of the second parameter character string, entry name and timestamp parameter
Length, be designated as L.Intercepted length is L character string from the second parameter character string, as character string to be verified, to this
Character string to be verified carries out verification and obtains first checking character string, the knot gone here and there and be attached to the second parameter character string that first is checked character
At tail, as the 3rd parameter character string.The application provide Information Authentication method can obtain checking parameter corresponding to entry name with
And timestamp parameter, and character string to be verified is chosen using it, then treat string verification acquisition first of checking character and check character
String, then obtain the 3rd parameter character string of string of being checked character comprising first.Compared with existing method of calibration, what the application provided
Information Authentication method randomness is stronger, so as to the security beneficial to safeguards system.
It should be noted that each embodiment in this specification is described by the way of progressive, each embodiment weight
Point explanation is all difference with other embodiment, between each embodiment identical similar part mutually referring to.
For device class embodiment, because it is substantially similar to embodiment of the method, so description is fairly simple, related part is joined
See the part explanation of embodiment of the method.
In several embodiments provided herein, it should be understood that disclosed apparatus and method, it can also be passed through
Its mode is realized.Device embodiment described above is only schematical, for example, the flow chart and block diagram in accompanying drawing show
Device, architectural framework in the cards, the work(of method and computer program product of multiple embodiments according to the application are shown
Can and it operate.At this point, each square frame in flow chart or block diagram can represent one of a module, program segment or code
Point, a part for the module, program segment or code includes one or more and is used to realize the executable of defined logic function
Instruction.It should also be noted that at some as in the implementation replaced, the function of being marked in square frame can also be with different from attached
The order marked in figure occurs.For example, two continuous square frames can essentially perform substantially in parallel, they also may be used sometimes
To perform in the opposite order, this is depending on involved function.It is it is also noted that each in block diagram and/or flow chart
The combination of square frame and the square frame in block diagram and/or flow chart, can use function or action as defined in performing it is special based on
The system of hardware is realized, or can be realized with the combination of specialized hardware and computer instruction.
In addition, each functional module in each embodiment of the application can integrate to form an independent portion
Point or modules individualism, can also two or more modules be integrated to form an independent part.
If the function is realized in the form of software function module and is used as independent production marketing or in use, can be with
It is stored in a computer read/write memory medium.Based on such understanding, the technical scheme of the application is substantially in other words
The part to be contributed to prior art or the part of the technical scheme can be embodied in the form of software product, the meter
Calculation machine software product is stored in a storage medium, including some instructions are causing a computer equipment (can be
People's computer, server, or network equipment etc.) perform each embodiment methods described of the application all or part of step.
And foregoing storage medium includes:USB flash disk, mobile hard disk, read-only storage (ROM, Read-Only Memory), arbitrary access are deposited
Reservoir (RAM, Random Access Memory), magnetic disc or CD etc. are various can be with the medium of store program codes.Need
Illustrate, herein, such as first and second or the like relational terms be used merely to by an entity or operation with
Another entity or operation make a distinction, and not necessarily require or imply between these entities or operation any this reality be present
The relation or order on border.Moreover, term " comprising ", "comprising" or its any other variant are intended to the bag of nonexcludability
Contain, so that process, method, article or equipment including a series of elements not only include those key elements, but also including
The other element being not expressly set out, or also include for this process, method, article or the intrinsic key element of equipment.
In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including the key element
Process, method, other identical element also be present in article or equipment.
The preferred embodiment of the application is the foregoing is only, is not limited to the application, for the skill of this area
For art personnel, the application can have various modifications and variations.It is all within spirit herein and principle, made any repair
Change, equivalent substitution, improvement etc., should be included within the protection domain of the application.It should be noted that:Similar label and letter exists
Similar terms is represented in following accompanying drawing, therefore, once being defined in a certain Xiang Yi accompanying drawing, is then not required in subsequent accompanying drawing
It is further defined and explained.
Described above, the only embodiment of the application, but the protection domain of the application is not limited thereto is any
Those familiar with the art can readily occur in change or replacement in the technical scope that the application discloses, and should all contain
Cover within the protection domain of the application.Therefore, the protection domain of the application described should be defined by scope of the claims.
Claims (10)
- A kind of 1. Information Authentication method, it is characterised in that for carrying out Information Authentication, the framework request to framework hyperlink request Link, which includes entry name and the first parameter character string, methods described, to be included:The entry name is extracted from the framework hyperlink request, and obtains checking parameter corresponding to the entry name;The timestamp parameter of current system is obtained, the timestamp parameter is attached to the ending of the first parameter character string, will The first parameter character string and timestamp parameter are collectively as the second parameter character string;The length of the second parameter character string is obtained, according to length, entry name and the time of the second parameter character string The length of gain of parameter character string to be verified is stabbed, is designated as L;Intercepted length is L character string from the second parameter character string, as character string to be verified;Verification is carried out to the character string to be verified obtain first to check character string, described first is checked character described in string is attached to The ending of second parameter character string, the second parameter character string and first are checked character into string collectively as the 3rd parameter word Symbol string.
- 2. according to the method for claim 1, it is characterised in that methods described also includes:Obtain entry name key seed corresponding with the entry name;The entry name key seed and general key seed group are turned into the first complete key seed;According to the described first complete key seed generation encryption key;It is encrypted according to the 3rd parameter character string described in the encryption secret key pair;The ciphertext character string obtained using encryption replaces the 3rd parameter character string, the framework hyperlink request after being encrypted.
- 3. according to the method for claim 1, it is characterised in that described to extract the entry name from the framework hyperlink request Before, methods described also includes:Receive framework hyperlink request;Judge whether the framework hyperlink request meets call format, if so, performing " from described in framework hyperlink request extraction Entry name, and obtain checking parameter corresponding to the entry name " step.
- 4. according to the method for claim 2, it is characterised in that methods described also includes:Receive the framework hyperlink request after encryption;Obtain the entry name of the framework hyperlink request and entry name key seed corresponding with the entry name;The entry name key seed and the general key seed are formed into the second complete key seed;According to the described second complete key seed generation decryption key;It is decrypted using ciphertext character string described in the decryption secret key pair, obtains the 3rd parameter character string.
- 5. according to the method for claim 4, it is characterised in that methods described also includes:The entry name in the framework hyperlink request after encryption is obtained, and obtains checking parameter corresponding to the entry name;Obtain the timestamp parameter in the length of the second parameter character string, and the second parameter character string;Character string to be verified is obtained according to the length of the second parameter character string, the checking parameter and timestamp parameter Length L;Checking character for the 3rd parameter character string is removed, is intercepted from the 3rd parameter character string checked character described in removal Length is L character string, carries out verification to the character string that the length is L and obtain second to check character string;Judge whether the described second string of checking character is equal with the first string of checking character, if so, then verifying successfully.
- 6. a kind of Information Authentication device, it is characterised in that for carrying out Information Authentication, described device bag to framework hyperlink request Include:Checking parameter module, for extracting the entry name from the framework hyperlink request, and obtain corresponding to the entry name Checking parameter;Second parameter character string module, for obtaining the timestamp parameter of current system, the timestamp parameter is attached to described The ending of first parameter character string, by the first parameter character string and timestamp parameter collectively as the second parameter character String;String length module to be verified, for obtaining the length of the second parameter character string, according to second parameter word Length, entry name and the timestamp parameter for according with string obtain the length of character string to be verified, are designated as L;Character string module to be verified, for the character string that intercepted length is L from the second parameter character string, as treating Check character string;3rd parameter character string module, first is obtained for carrying out verification to the character string to be verified and is checked character string, by institute State the first string of checking character and be attached to the ending of the second parameter character string, will the second parameter character string and the first verification Character string is collectively as the 3rd parameter character string.
- 7. device according to claim 6, it is characterised in that described device also includes:Entry name key module, for obtaining entry name key seed corresponding with the entry name;First complete key seed module is complete for the entry name key seed to be turned into first with general key seed group Key seed;Key generation module is encrypted, for according to the described first complete key seed generation encryption key;Encrypting module, it is encrypted for the 3rd parameter character string according to the encryption secret key pair;Encryption Architecture acquisition module, the ciphertext character string for being obtained using encryption replace the 3rd parameter character string, obtain Framework hyperlink request after encryption.
- 8. device according to claim 6, it is characterised in that described device also includes:Receiving module is linked, for receiving framework hyperlink request;Form judge module, for judging whether the framework hyperlink request meets call format, if so, performing " from the frame Structure hyperlink request extracts the entry name, and obtains checking parameter corresponding to the entry name " step.
- 9. device according to claim 8, it is characterised in that described device also includes:Framework request receiving module, for receiving the framework hyperlink request after encrypting;Entry name key seed module, for the entry name for obtaining the framework hyperlink request and project corresponding with the entry name Name key seed;Second complete key seed module, for the entry name key seed and the general key seed composition second is complete Whole key seed;Key generation module is decrypted, for according to the described second complete key seed generation decryption key;3rd parameter character string module, for being decrypted using ciphertext character string described in the decryption secret key pair, obtain the 3rd Parameter character string.
- 10. device according to claim 9, it is characterised in that described device also includes:Checking parameter module, for obtaining the entry name in the framework hyperlink request after encrypting, and it is corresponding to obtain the entry name Checking parameter;Timestamp parameter module, for obtain the second parameter character string length, and in the second parameter character string when Between stab parameter;String length module to be verified, for the length according to the second parameter character string, the checking parameter with timely Between stab gain of parameter character string to be verified length L;Second checks character string module, for removing checking character for the 3rd parameter character string, from removing the check word Intercepted length is L character string in 3rd parameter character string of symbol, and carrying out verification to the character string that the length is L obtains second Check character string;Judge module is verified, for judging whether the described second string of checking character is equal with the first string of checking character, if so, then school Test success.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710934172.XA CN107483199A (en) | 2017-10-10 | 2017-10-10 | Information Authentication method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710934172.XA CN107483199A (en) | 2017-10-10 | 2017-10-10 | Information Authentication method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107483199A true CN107483199A (en) | 2017-12-15 |
Family
ID=60605245
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710934172.XA Pending CN107483199A (en) | 2017-10-10 | 2017-10-10 | Information Authentication method and device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107483199A (en) |
Cited By (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109299719A (en) * | 2018-09-30 | 2019-02-01 | 武汉斗鱼网络科技有限公司 | Barrage method of calibration, device, terminal and storage medium based on Character segmentation |
CN110659154A (en) * | 2018-06-28 | 2020-01-07 | 北京京东尚科信息技术有限公司 | Data processing method and device |
CN110830451A (en) * | 2019-10-21 | 2020-02-21 | 上海百事通信息技术股份有限公司 | Data transmission method, device, storage medium and terminal |
CN110868400A (en) * | 2019-10-21 | 2020-03-06 | 上海百事通信息技术股份有限公司 | Data transmission method, device, storage medium and terminal |
CN110881028A (en) * | 2019-10-24 | 2020-03-13 | 上海百事通信息技术股份有限公司 | Data transmission control method, device, storage medium and terminal |
CN110881029A (en) * | 2019-10-24 | 2020-03-13 | 上海百事通信息技术股份有限公司 | Data transmission control method, device, storage medium and terminal |
CN111064697A (en) * | 2019-10-21 | 2020-04-24 | 上海百事通信息技术股份有限公司 | Data transmission method, device, storage medium and terminal |
CN111262645A (en) * | 2019-10-21 | 2020-06-09 | 上海百事通信息技术股份有限公司 | Data transmission method, device, storage medium and terminal |
CN112109644A (en) * | 2020-09-11 | 2020-12-22 | 中国第一汽车股份有限公司 | Vehicle control method, device, equipment and storage medium |
CN116471119A (en) * | 2022-05-25 | 2023-07-21 | 北京永信至诚科技股份有限公司 | Signature verification method and device based on rs and sign |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2002029641A2 (en) * | 2000-10-03 | 2002-04-11 | Sun Microsystems, Inc. | Http transaction monitor with replay capacity |
CN101997880A (en) * | 2010-12-01 | 2011-03-30 | 湖南智源信息网络技术开发有限公司 | Method and device for verifying security of network page or interface |
US20110173681A1 (en) * | 2010-01-12 | 2011-07-14 | Microsoft Corporation | flexible authentication and authorization mechanism |
CN103067156A (en) * | 2012-12-28 | 2013-04-24 | 北京移数通电讯有限公司 | Uniform resource locator (URL) encryption and validation method for mobile internet user resource access and device provided with the same |
CN105207782A (en) * | 2015-11-18 | 2015-12-30 | 上海爱数软件有限公司 | Identity verification method based on restful framework |
CN106470103A (en) * | 2015-08-17 | 2017-03-01 | 苏宁云商集团股份有限公司 | A kind of client sends the method and system of encryption URL request |
CN106533658A (en) * | 2017-01-11 | 2017-03-22 | 安徽博约信息科技股份有限公司 | URL tamper-proofing signature and signature verification method based on MD5 algorithm |
-
2017
- 2017-10-10 CN CN201710934172.XA patent/CN107483199A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2002029641A2 (en) * | 2000-10-03 | 2002-04-11 | Sun Microsystems, Inc. | Http transaction monitor with replay capacity |
US20110173681A1 (en) * | 2010-01-12 | 2011-07-14 | Microsoft Corporation | flexible authentication and authorization mechanism |
CN101997880A (en) * | 2010-12-01 | 2011-03-30 | 湖南智源信息网络技术开发有限公司 | Method and device for verifying security of network page or interface |
CN103067156A (en) * | 2012-12-28 | 2013-04-24 | 北京移数通电讯有限公司 | Uniform resource locator (URL) encryption and validation method for mobile internet user resource access and device provided with the same |
CN106470103A (en) * | 2015-08-17 | 2017-03-01 | 苏宁云商集团股份有限公司 | A kind of client sends the method and system of encryption URL request |
CN105207782A (en) * | 2015-11-18 | 2015-12-30 | 上海爱数软件有限公司 | Identity verification method based on restful framework |
CN106533658A (en) * | 2017-01-11 | 2017-03-22 | 安徽博约信息科技股份有限公司 | URL tamper-proofing signature and signature verification method based on MD5 algorithm |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110659154A (en) * | 2018-06-28 | 2020-01-07 | 北京京东尚科信息技术有限公司 | Data processing method and device |
CN109299719A (en) * | 2018-09-30 | 2019-02-01 | 武汉斗鱼网络科技有限公司 | Barrage method of calibration, device, terminal and storage medium based on Character segmentation |
CN110830451A (en) * | 2019-10-21 | 2020-02-21 | 上海百事通信息技术股份有限公司 | Data transmission method, device, storage medium and terminal |
CN110868400A (en) * | 2019-10-21 | 2020-03-06 | 上海百事通信息技术股份有限公司 | Data transmission method, device, storage medium and terminal |
CN111064697A (en) * | 2019-10-21 | 2020-04-24 | 上海百事通信息技术股份有限公司 | Data transmission method, device, storage medium and terminal |
CN111262645A (en) * | 2019-10-21 | 2020-06-09 | 上海百事通信息技术股份有限公司 | Data transmission method, device, storage medium and terminal |
CN110830451B (en) * | 2019-10-21 | 2022-03-29 | 上海百事通信息技术股份有限公司 | Data transmission method, device, storage medium and terminal |
CN110881028A (en) * | 2019-10-24 | 2020-03-13 | 上海百事通信息技术股份有限公司 | Data transmission control method, device, storage medium and terminal |
CN110881029A (en) * | 2019-10-24 | 2020-03-13 | 上海百事通信息技术股份有限公司 | Data transmission control method, device, storage medium and terminal |
CN112109644A (en) * | 2020-09-11 | 2020-12-22 | 中国第一汽车股份有限公司 | Vehicle control method, device, equipment and storage medium |
CN116471119A (en) * | 2022-05-25 | 2023-07-21 | 北京永信至诚科技股份有限公司 | Signature verification method and device based on rs and sign |
CN116471119B (en) * | 2022-05-25 | 2024-01-30 | 北京永信至诚科技股份有限公司 | Signature verification method and device based on rs and sign |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107483199A (en) | Information Authentication method and device | |
AU2021203184B2 (en) | Transaction messaging | |
CN106790253A (en) | Authentication method and device based on block chain | |
CN106027235B (en) | A kind of PCI cipher card and magnanimity secret key cipher operation method and system | |
CN105812366B (en) | Server, anti-crawler system and anti-crawler verification method | |
CN104463040A (en) | Secure input method and system for password | |
CN110061967A (en) | Business datum providing method, device, equipment and computer readable storage medium | |
CN103414727A (en) | Encryption protection system for input password input box and using method thereof | |
CN107707562A (en) | A kind of method, apparatus of asymmetric dynamic token Encrypt and Decrypt algorithm | |
WO2017006118A1 (en) | Secure distributed encryption system and method | |
Al-gohany et al. | Comparative study of database security in cloud computing using AES and DES encryption algorithms | |
CN110210591A (en) | A kind of wiring method, computer installation and the computer readable storage medium of intellective IC card personal data | |
CN115276978A (en) | Data processing method and related device | |
CN105933116B (en) | The electronic signature generation of SM2 based on segmentation module feature and verification method and device | |
EP2950229B1 (en) | Method for facilitating transactions, computer program product and mobile device | |
CN104918245B (en) | A kind of identity identifying method, device, server and client | |
CN106161036B (en) | A kind of mobile station (MS) state transition method and system of credit | |
CN108965315A (en) | A kind of authentic authentication method of terminal device, device and terminal device | |
CN107493572B (en) | Wireless radio frequency equipment, authentication server and authentication method | |
CN106330877B (en) | It is a kind of to authorize the method and system converted to the SOT state of termination | |
TW201828134A (en) | Ciphertext-based identity verification method | |
CN115150061A (en) | Post-quantum cryptographic algorithm digital currency transaction method, device, equipment and medium | |
CN107959670B (en) | Dynamic password generation method and device, terminal equipment and storage medium | |
CN103354634B (en) | Method and system for information processing | |
CN109284999A (en) | Business confirmation method and system based on mobile network's terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
AD01 | Patent right deemed abandoned |
Effective date of abandoning: 20201106 |
|
AD01 | Patent right deemed abandoned |