CN107613316B - Live network push stream verification method and system - Google Patents
Live network push stream verification method and system Download PDFInfo
- Publication number
- CN107613316B CN107613316B CN201710801661.8A CN201710801661A CN107613316B CN 107613316 B CN107613316 B CN 107613316B CN 201710801661 A CN201710801661 A CN 201710801661A CN 107613316 B CN107613316 B CN 107613316B
- Authority
- CN
- China
- Prior art keywords
- anchor client
- timestamp
- anchor
- stream
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 41
- 238000012795 verification Methods 0.000 title claims description 102
- 238000004806 packaging method and process Methods 0.000 claims description 3
- 238000012545 processing Methods 0.000 claims description 2
- 238000013461 design Methods 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 5
- 238000004590 computer program Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)
Abstract
The invention provides a method and a system for verifying live streaming of a network, wherein the method comprises the following steps: s1, issuing a stream pushing address and a stream pushing code to the anchor client according to the request of the anchor client, wherein the stream pushing code comprises a plurality of key fields; s2, receiving video stream information reported by a main broadcast client through a stream pushing address, wherein the video stream information carries a stream pushing code and main broadcast client information; and S3, checking a plurality of key fields in the stream pushing code reported by the anchor client and the information of the anchor client, allowing the stream pushing of the anchor client when the checking is passed, and rejecting the stream pushing of the anchor client if the checking is not passed. The invention designs a set of scheme to protect the stream pushing process of network live broadcast, thereby preventing hacker intrusion or stream pushing address leakage from causing non-anchor owner to carry out live broadcast, possibly live broadcast some illegal contents and damaging the benefit of the anchor.
Description
Technical Field
The invention relates to the technical field of live webcasting, in particular to a live webcasting push flow verification method and a live webcasting push flow verification system.
Background
Currently, webcast is live broadcast by using internet and streaming media technology, and a main broadcast client acquires data of a camera, performs video coding on the data, and pushes a coded video stream to a Content Delivery Network (CDN) server of a live broadcast platform. Other viewers would pull the video stream from the CDN server for viewing.
Each anchor is registered in the live platform, so that the live platform allocates a room number and a streaming address to each anchor, and a video stream generated during live broadcast of the anchor is pushed to a CDN server of the live platform through the streaming address.
In practice, the stream pushing address sent by the live broadcast platform server to the anchor client is easily invaded or leaked by hackers, so that the non-anchor carries out live broadcast, some illegal contents may be live broadcast, and the benefit of the anchor is damaged.
Disclosure of Invention
The present invention provides a live streaming verification method and system that overcomes the above problems or at least partially solves the above problems, and overcomes the problem of the prior art that live streaming is not safe.
According to a first aspect of the present invention, a live streaming verification method is provided, including:
s1, issuing a stream pushing address and a stream pushing code to the anchor client according to the request of the anchor client, wherein the stream pushing code comprises a plurality of key fields;
s2, receiving video stream information reported by a main broadcast client through a stream pushing address, wherein the video stream information carries a stream pushing code and main broadcast client information;
and S3, checking a plurality of key fields in the stream pushing code reported by the anchor client and the information of the anchor client, allowing the stream pushing of the anchor client when the checking is passed, and rejecting the stream pushing of the anchor client if the checking is not passed.
The invention has the beneficial effects that: the server sends a stream pushing code to the anchor client in the process of pushing the stream to the server in a live broadcast manner by the anchor client, wherein the stream pushing code comprises a plurality of key fields, when the anchor client pushes the stream to the server, the stream pushing code and the information of the anchor client are reported to the server together, the server can verify the stream pushing code and the information of the anchor client, only after the verification is passed, the anchor client is allowed to push the stream to the server, the stream pushing process of the network live broadcast is protected, and therefore a hacker or a stream pushing address is prevented from being leaked to cause a non-anchor person to carry out live broadcast, illegal contents can be live broadcast, and the benefit of the anchor is damaged.
On the basis of the technical scheme, the invention can be further improved as follows.
Further, the plurality of Key fields in the pushed stream code include a plaintext timestamp generated by the server, an asymmetrically encrypted public Key value, an encrypted server node path value, and an encrypted timestamp.
Further, the step S1 further includes:
generating a corresponding public Key Key value and a corresponding private Key Key value by using an asymmetric encryption algorithm, and encrypting a plaintext timestamp of a stream pushing code generated by a server by using a public Key value to form an encrypted timestamp;
encrypting the server node path value by using a symmetric encryption algorithm to form an encrypted server node path value;
and composing the plaintext timestamp, the asymmetrically encrypted public Key Key value, the encrypted server node path value and the encrypted timestamp into a stream pushing code, encrypting the stream pushing code, and packaging and issuing the encrypted stream pushing code to the anchor client.
Further, the step S2 further includes:
the anchor client acquires a plaintext timestamp, an encrypted timestamp, a server node path value and a public Key Key value in a stream pushing code according to the stream pushing code issued by the server, and acquires anchor client information, wherein the anchor client information comprises an anchor client IP address, an anchor client Token and an anchor client equipment unique ID;
and after encrypting the plain text timestamp, the encrypted timestamp and the anchor client information by using the public Key Key value, carrying the encrypted timestamp and the anchor client information in a video stream to form video stream information, and reporting the video stream information to a server through a stream pushing address according to a server node path value.
Further, the step S3 further includes:
and the server receives the video stream information reported by the anchor client, decrypts the video stream information by adopting a private Key value corresponding to the public Key value, and obtains the P address of the anchor client, the anchor client Token, the unique ID of the anchor client equipment, the plaintext timestamp and the encryption timestamp from the private Key value.
Further, the step S3 further includes:
and verifying the anchor client Token, the anchor client IP address, the unique ID of the anchor client equipment, the plain text timestamp and the encryption timestamp respectively, if the verification is passed, allowing the anchor client to push the stream to the server, and if not, refusing the anchor client to push the stream to the server.
Further, said separately verifying the anchor client Token, the anchor client IP address, the anchor client device unique ID, and the timestamp and the encryption timestamp further comprises:
comparing the Token of the anchor client with the Token issued by the server to the anchor client, if the Token is consistent with the Token of the anchor client, the verification is passed, otherwise, the verification is not passed;
decrypting the encrypted timestamp by using a Key value of a private Key to obtain a decrypted timestamp, comparing the decrypted timestamp with a plaintext timestamp, if the decrypted timestamp is consistent with the plaintext timestamp, passing the verification, and if not, failing to pass the verification;
judging whether the IP address of the anchor client is consistent with the IP address of the anchor when the anchor registers to the anchor platform or the IP address of the anchor when the anchor directly broadcasts at the anchor client last time, if so, verifying the IP address, otherwise, performing short message verification, and determining whether the verification passes according to the result of the short message verification;
and judging whether the unique ID of the anchor client equipment is consistent with the unique ID of the equipment when the anchor registers to the anchor platform, if so, passing the verification, otherwise, carrying out short message verification, and determining whether the verification passes according to the result of the short message verification.
Further, the step S3 further includes:
when a server receives video stream information reported by an anchor client, acquiring a current timestamp;
and comparing the acquired current time stamp with the decryption time stamp, if the time stamp difference value is within a preset range, the verification is passed, otherwise, the verification is not passed.
According to a second aspect of the present invention, there is also provided a live webcast push stream verification system, including a main web client and a server, where the server includes an issuing module, a receiving module, and a verification module;
the system comprises an issuing module, a receiving module and a processing module, wherein the issuing module is used for issuing a stream pushing address and a stream pushing code to an anchor client according to a request of the anchor client, and the stream pushing code comprises a plurality of key fields;
the receiving module is used for receiving video stream information reported by an anchor client through a stream pushing address, wherein the video stream information carries a stream pushing code and anchor client information;
and the verification module is used for verifying a plurality of key fields in the stream pushing code and the information of the anchor client, allowing the stream pushing of the anchor client when the verification is passed, and rejecting the stream pushing of the anchor client if the verification is not passed.
According to a third aspect of the present invention, there is also provided a non-transitory computer readable storage medium storing computer instructions for causing the computer to perform a method such as web-live push stream verification.
Drawings
Fig. 1 is a flowchart of a live streaming verification method according to an embodiment of the present invention;
fig. 2 is a connection block diagram of a live streaming verification system according to another embodiment of the present invention;
fig. 3 is an overall connection block diagram of a live streaming verification system according to another embodiment of the present invention;
fig. 4 is a block diagram illustrating the internal connection of an authentication module in a live streaming authentication system according to yet another embodiment of the present invention;
fig. 5 is a device connection block diagram of a live streaming verification method according to another embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.
Referring to fig. 1, a live streaming verification method according to an embodiment of the present invention includes: s1, issuing a stream pushing address and a stream pushing code to the anchor client according to the request of the anchor client, wherein the stream pushing code comprises a plurality of key fields; s2, receiving video stream information reported by a main broadcast client through a stream pushing address, wherein the video stream information carries a stream pushing code and main broadcast client information; and S3, checking a plurality of key fields in the stream pushing code and the information of the anchor client, allowing the stream pushing of the anchor client when the checking is passed, and rejecting the stream pushing of the anchor client if the checking is not passed.
In the field of network live broadcast, a main broadcast client side acquires data of a camera, performs video coding on the data, and pushes coded video stream data to a CDN server of a live broadcast platform. When the anchor client pushes the stream to the server, the server issues a stream pushing address to the anchor client, the anchor client pushes the stream to the server through the stream pushing address, and the stream pushing address is easy to crack or leak by a hacker, so that loss of live broadcast is caused.
Therefore, this embodiment provides a method for preventing a streaming address from being invaded, and the main implementation process of the method is that when the anchor is registered in a live platform as a live broadcast, the anchor performs user name and password registration on the live platform, including registration of filling in a mobile phone number and an identity verification name. After the registration is successful, the live broadcast platform allocates a room number to the anchor to indicate that the anchor is live in the room later. Meanwhile, the server also distributes a push flow address to the anchor, and marks the address of the anchor client for pushing flow to the CDN server. When the anchor starts to broadcast directly, a stream pushing address and a stream pushing code are issued to the anchor client according to the request of the anchor client, wherein the stream pushing code comprises a plurality of key fields which are used for subsequent verification. And the server receives video stream information reported by the anchor client through the stream pushing address, wherein the video stream information carries a stream pushing code and anchor client information. The server checks a plurality of key fields in the stream pushing code and the information of the anchor client, if the check is passed, the anchor client is allowed to push the stream to the server, and if the check is not passed, the anchor client is refused to push the stream to the server.
In the embodiment, a set of scheme is designed to protect the stream pushing process of network live broadcast, so that a hacker or a stream pushing address is prevented from being leaked to cause a non-anchor person to carry out live broadcast, illegal contents can be live broadcast, and the benefit of the anchor is damaged.
On the basis of the above embodiment, in an embodiment of the present invention, the plurality of Key fields in the stream pushing code include a plaintext timestamp, an asymmetrically encrypted public Key value, an encrypted server node path value, and an encrypted timestamp that are used by the server to generate the stream pushing code.
The server issues a stream pushing code to the anchor client, the stream pushing code comprises a plurality of Key fields, and the Key fields comprise a plaintext timestamp generated by the server and the stream pushing code, an asymmetrically encrypted public Key value, an encrypted server node path value and an encrypted timestamp.
On the basis of the foregoing embodiments, in another embodiment of the present invention, the step S1 further includes: generating a corresponding public Key Key value and a corresponding private Key Key value by using an asymmetric encryption algorithm, and encrypting a plaintext timestamp of a stream pushing code generated by a server by using a public Key value to form an encrypted timestamp; encrypting the server node path by using a symmetric encryption algorithm to form an encrypted server node path value; and the server composes a plug flow code by the plaintext timestamp, the asymmetrically encrypted public Key Key value, the encrypted server node path value and the encrypted timestamp, encrypts the plug flow code, packages the encrypted plug flow code and sends the encrypted plug flow code to the anchor client.
The design of the stream pushing code is mainly to complete the validity check of the anchor client and is designed from the perspective of safety. The stream pushing code mainly comprises a plurality of fields, and specifically comprises the following steps:
Time&Key&ServerPath&EncryptTime;
the Time field is a plaintext timestamp of the pushed stream code generated by the server, the Key field is an asymmetrically encrypted public Key value issued by the server, wherein each Time the pushed stream code is generated by the server, a pair of encrypted secret keys are generated and issued to the anchor client, and the secondary public Key value corresponds to the Key value in the pushed stream code. The Time field is encrypted using the public Key value, thereby generating an encrypted timestamp, i.e., an EncryptTime field. The ServerPath field is a result of encrypting a specific CDN node path on the server by using a public key, so that the server CDN node path and the timestamp of the push stream code in the push stream code need to be encrypted.
In this embodiment, in the specific process of generating the stream pushing code by the server, the fields included in the stream pushing code include a plaintext timestamp, a stream pushing Key value, an encrypted server node path value, and an encrypted timestamp. Therefore, the server first obtains the current timestamp Time when the stream pushing code is generated, and then, the server generates a pair of keys, specifically, a public Key value and a private Key value, by using an asymmetric encryption algorithm. In this embodiment, the asymmetric encryption algorithm uses RSA algorithm to generate a public Key value and a private Key value according to RSA.
Then, the plaintext timestamp is encrypted with a public key, EncryptTime (Time, public key), and the current timestamp is encrypted using the public key by calling RSA algorithm Encrypt. The reason for attaching an encryption timestamp to the streamers is to prevent the anchor from modifying the timestamp to bypass subsequent checks.
The server CDN node Path is encrypted, specifically, ServerPath (Encrypt Path, public key), where Path is a node Path on the CDN server. And then, encrypting the node path by using the public key to form an encrypted CDN node path value. In this embodiment, a symmetric encryption algorithm is used to encrypt the CDN node path, specifically, a TEA encryption algorithm or a DES encryption algorithm may be used, and the anchor client decrypts the node path using the same symmetric encryption algorithm.
And after the server generates the fields, the plaintext timestamp, the asymmetrically encrypted public Key Key value, the encrypted server node path value and the encrypted timestamp form a stream pushing code, and the stream pushing code and the stream pushing address are encrypted and then packed and sent to the anchor client.
On the basis of the foregoing embodiments, in an embodiment of the present invention, the step S2 further includes: the anchor client acquires a plaintext timestamp, an encrypted timestamp, a server node path value and a public Key Key value in a stream pushing code according to the stream pushing code issued by the server, and acquires anchor client information, wherein the anchor client information comprises an anchor client IP address, an anchor client Token and an anchor client equipment unique ID; and after encrypting the plain text timestamp, the encrypted timestamp and the anchor client information by using the public Key Key value, carrying the encrypted timestamp and the anchor client information in a video stream to form video stream information, and reporting the video stream information to a server through a stream pushing address according to a server node path value.
The server sends the generated stream pushing code and the stream pushing address to the anchor client, and the anchor client acquires a plaintext timestamp, an encrypted server node path value and a public Key Key value in the stream pushing code and acquires the information of the anchor client. The anchor client information mainly includes an anchor client IP address, an anchor client Token and an anchor client device unique ID. The anchor client encrypts a plaintext timestamp, an encrypted timestamp and anchor client information issued by the server by using a public Key value in a stream pushing code issued by the server, carries the encrypted information in a video stream to form video stream information, and pushes the video stream information to a node corresponding to a node path value on the server through a stream pushing address.
On the basis of the above embodiments, in another embodiment of the present invention, the step S3 further includes: and verifying the anchor client Token, the anchor client IP address, the unique ID of the anchor client equipment, the plain text timestamp and the encryption timestamp respectively, if the verification is passed, allowing the anchor client to push the stream to the server, and if not, refusing the anchor client to push the stream to the server.
After the anchor client reports the video stream information to the server, the server decrypts by adopting a corresponding private key to obtain the anchor client information, a plaintext timestamp and an encryption timestamp. The server respectively verifies the anchor client Token, the anchor client IP address, the unique ID of the anchor client equipment, the plain text timestamp and the encryption timestamp, if the verification is passed, the anchor client is allowed to push the stream to the server, and if one item of data fails to be verified, the verification is not passed, the anchor client is refused to push the stream to the server.
In this embodiment, the stream pushing code issued by the server and the information of the anchor client are verified, and the anchor client is allowed to push the stream to the server only when the verification is passed, otherwise, the anchor client is not allowed to push the stream to the server, so that the phenomenon that the benefit of the anchor is damaged because the stream pushing address is illegally pushed by being invaded or leaked by a hacker is prevented.
On the basis of the foregoing embodiments, in another embodiment of the present invention, a specific process in which the server verifies the anchor client Token, the anchor client IP address, the unique ID of the anchor client device, the plaintext timestamp, and the encryption timestamp respectively is that the server compares the anchor client Token with the anchor client Token issued by the server, and if the two are consistent, the verification is passed, otherwise, the verification is not passed.
And decrypting the encryption timestamp by using a private Key value to obtain a decryption timestamp, comparing the decryption timestamp with the plaintext timestamp, if the decryption timestamp is consistent with the plaintext timestamp, passing verification, and if the plaintext timestamp is inconsistent with the decryption timestamp, indicating that the plaintext timestamp can be modified by a hacker, wherein the hacker can modify the timestamp of the plaintext easily and cannot modify the encryption timestamp. Therefore, the push stream code sent by the server to the anchor client includes both the plaintext timestamp and the encryption timestamp. At the anchor client, a hacker can modify the plaintext timestamp but cannot modify the encryption timestamp, so that the encryption timestamp reported by the anchor client to the server is accurate, and the reported plaintext timestamp may be modified, so that the server compares the plaintext timestamp reported by the anchor client with the encryption timestamp, and if the plaintext timestamp is consistent with the encryption timestamp, the plaintext timestamp is not modified, and if the plaintext timestamp is not consistent, the plaintext timestamp is tampered.
And judging whether the IP address of the anchor client is consistent with the IP address of the anchor when the anchor registers to the anchor platform or the IP address of the anchor when the anchor directly broadcasts at the anchor client last time, if so, verifying the IP address, otherwise, performing short message verification, and determining whether the verification passes according to the result of the short message verification. And similarly, judging whether the equipment unique ID of the anchor client is consistent with the equipment unique ID of the anchor client when the anchor client registers to the anchor platform, if so, passing the verification, otherwise, carrying out short message verification, and determining whether the verification passes according to the result of the short message verification. If the IP address of the anchor client is not consistent with the IP address distributed to the anchor client by the server or the unique ID of the anchor client equipment is not consistent with the unique ID of the equipment when the anchor client registers to the anchor platform, short message verification is sent to the mobile phone of the anchor, the anchor push stream code is prevented from being embezzled to directly carry out live broadcast, and the live broadcast push stream is allowed only if the correct short message verification sent by the anchor is received.
On the basis of the foregoing embodiments, in an embodiment of the present invention, the step S3 further includes: when a server receives video stream information reported by an anchor client, acquiring a current timestamp; and comparing the acquired current time stamp with the decryption time stamp, if the time stamp difference value is within a preset range, the verification is passed, otherwise, the verification is not passed.
In this embodiment, the server may further compare the decryption timestamp with the current timestamp, and determine whether a difference between the two timestamps is within a preset range. Specifically, after receiving video stream information reported by the anchor client, the server acquires an encryption timestamp from the video stream information, and decrypts the encryption timestamp by using a corresponding private key to obtain a decryption timestamp. At this time, the server also obtains the current timestamp, calculates a difference between the current timestamp and the decryption timestamp, and allows the anchor client to push the stream to the server if the difference is within a preset range, for example, the difference is within 5 minutes, otherwise, refuses the anchor client to push the stream to the server. At this point, the anchor client needs to re-request a new push flow code from the server.
Referring to fig. 2, a live streaming verification system according to another embodiment of the present invention is provided, including an anchor client 1 and a server 2, where the server 2 includes an issuing module 21, a receiving module 22, and a verification module 23.
The issuing module 21 is configured to issue a stream pushing address and a stream pushing code to the anchor client 1 according to a request of the anchor client, where the stream pushing code includes a plurality of key fields.
The receiving module 22 is configured to receive video stream information reported by the anchor client 1 through the stream pushing address, where the video stream information carries a stream pushing code and anchor client information.
The verification module 23 is configured to verify the plurality of key fields in the push stream code and the anchor client information, allow the push stream of the anchor client 1 when the verification passes, and reject the push stream of the anchor client 1 if the verification passes.
The plurality of Key fields in the stream pushing code comprise a plaintext timestamp of the stream pushing code generated by the server, an asymmetric encrypted public Key Key value, an encrypted server node path value and an encrypted timestamp.
Referring to fig. 3, the server 2 further includes a first encryption module 24 and a second encryption module 25. The first encryption module 24 is configured to generate a corresponding public Key value and a corresponding private Key value by using an asymmetric encryption algorithm, and encrypt a timestamp of the stream pushing code generated by the server 2 by using the public Key value to form an encrypted timestamp.
And the second encryption module 25 is configured to encrypt the server CDN node path by using a symmetric encryption algorithm to form an encrypted server node path value.
Correspondingly, the issuing module 21 is further configured to compose a plug flow code by the plaintext timestamp, the asymmetrically encrypted public Key value, the encrypted server node path value, and the encrypted timestamp, encrypt the plug flow code, and then package the encrypted plug flow code and issue the encrypted plug flow code to the anchor client.
As shown in fig. 3, the anchor client 1 specifically includes an obtaining module 11 and a reporting module 12, where the obtaining module 11 is configured to obtain a plaintext timestamp, an encrypted timestamp, and a public Key value in a streamlet code according to the streamlet code issued by the server 2, and obtain anchor client information, where the anchor client information includes an anchor client IP address, an anchor client Token, and an anchor client device unique ID.
And the reporting module 12 is configured to encrypt the timestamp, the encrypted timestamp, and the anchor client information by using the public Key value, carry the encrypted timestamp and the anchor client information in a video stream to form video stream information, and report the video stream information to the server through a stream pushing address.
As shown in fig. 3, the server 2 further includes a decryption module 26, configured to receive the video stream information reported by the anchor client 1, decrypt the video stream information by using a private Key value corresponding to the public Key value, and obtain an IP address of the anchor client, a Token, a unique ID of the anchor client device, a plaintext timestamp, and an encryption timestamp from the private Key value.
Referring to fig. 4, the authentication module 23 includes a first authentication unit 231, a second authentication unit 232, a third authentication unit 233, a fourth authentication unit 234, and a fifth authentication unit 235.
The verification module 23 is specifically configured to verify the anchor client Token, the anchor client IP address, the unique ID of the anchor client device, the plaintext timestamp, and the encryption timestamp, respectively, and allow the anchor client 1 to push the stream to the server 2 if the verifications are passed, otherwise, refuse the anchor client 1 to push the stream to the server 2.
The first verifying unit 231 is configured to compare the anchor client Token with the Token issued by the server 2 to the anchor client, and if the two tokens are consistent, the verification is passed, otherwise, the verification is not passed.
The second verification unit 232 is configured to decrypt the encrypted timestamp by using the Key value of the private Key to obtain a decrypted timestamp, compare the decrypted timestamp with the plaintext timestamp, and if the decrypted timestamp is consistent with the plaintext timestamp, pass the verification, otherwise, fail the verification.
A third verifying unit 233, configured to verify whether the anchor client IP address is consistent with the IP address of the anchor registered with the anchor platform or the IP address of the anchor directly broadcast on the anchor client last time, if so, the verification is passed, otherwise, perform short message verification, and determine whether the verification passes according to a result of the short message verification.
A fourth verifying unit 234, configured to verify whether the unique ID of the anchor client device is consistent with the unique ID of the device when the anchor registers with the anchor platform, if so, the verification is passed, otherwise, the short message verification is performed, and whether the verification passes is determined according to a result of the short message verification.
And a fifth verifying unit 235, configured to compare the obtained current timestamp with the decryption timestamp, where if the timestamp difference is within a preset range, the verification is passed, and otherwise, the verification is not passed, where the current timestamp is a time when the server receives video stream information reported by the anchor client.
Referring to fig. 5, a block diagram of an apparatus of a live streaming verification method according to an embodiment of the present application is shown.
Referring to fig. 5, the apparatus of the live streaming authentication method includes: a processor (processor)501, a memory (memory)502, and a bus 503; the processor 501 and the memory 502 are in communication with each other via the bus 503.
The processor 501 is configured to call program instructions in the memory 502 to perform the methods provided by the above-mentioned method embodiments, for example, including: issuing a stream pushing address and a stream pushing code to an anchor client according to a request of the anchor client, wherein the stream pushing code comprises a plurality of key fields; receiving video stream information reported by an anchor client through a stream pushing address, wherein the video stream information carries a stream pushing code and anchor client information; and checking a plurality of key fields in the stream pushing code and the information of the anchor client, allowing the stream pushing of the anchor client when the checking is passed, and rejecting the stream pushing of the anchor client if the checking is not passed.
The invention discloses a computer program product, which comprises a computer program stored on a non-transitory computer readable storage medium, wherein the computer program comprises program instructions, and when the program instructions are executed by a computer, the computer can execute the live network push stream verification method provided by the corresponding embodiment, for example, the method comprises the following steps: issuing a stream pushing address and a stream pushing code to an anchor client according to a request of the anchor client, wherein the stream pushing code comprises a plurality of key fields; receiving video stream information reported by an anchor client through a stream pushing address, wherein the video stream information carries a stream pushing code and anchor client information; and checking a plurality of key fields in the stream pushing code and the information of the anchor client, allowing the stream pushing of the anchor client when the checking is passed, and rejecting the stream pushing of the anchor client if the checking is not passed.
The present invention also provides a non-transitory computer-readable storage medium storing computer instructions, where the computer instructions cause a computer to execute the live streaming verification method provided in the corresponding embodiment, for example, the method includes: issuing a stream pushing address and a stream pushing code to an anchor client according to a request of the anchor client, wherein the stream pushing code comprises a plurality of key fields; receiving video stream information reported by an anchor client through a stream pushing address, wherein the video stream information carries a stream pushing code and anchor client information; and checking a plurality of key fields in the stream pushing code and the information of the anchor client, allowing the stream pushing of the anchor client when the checking is passed, and rejecting the stream pushing of the anchor client if the checking is not passed.
Those of ordinary skill in the art will understand that: all or part of the steps for implementing the method embodiments may be implemented by hardware related to program instructions, and the program may be stored in a computer readable storage medium, and when executed, the program performs the steps including the method embodiments; and the aforementioned storage medium includes: various media that can store program codes, such as ROM, RAM, magnetic or optical disks.
The above-described embodiments of the apparatus and the like of the live network push stream verification method are merely illustrative, where units illustrated as separate components may or may not be physically separate, and components displayed as units may or may not be physical units, may be located in one place, or may also be distributed over multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium, such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute the various embodiments or some parts of the methods of the embodiments.
The server sends a stream pushing code to the anchor client in the process of pushing the live stream to the server by the anchor client, wherein the stream pushing code comprises a plurality of key fields, when the anchor client pushes the stream to the server, the stream pushing code and the information of the anchor client are reported to the server together, the server verifies the stream pushing code and the information of the anchor client, and only after the verification is passed, the anchor client is allowed to push the stream to the server to protect the stream pushing process of the live network, so that a hacker or a stream pushing address is prevented from being leaked to cause non-anchor to carry out personal live broadcast, thereby possibly live broadcast some illegal contents and damaging the benefit of the anchor.
Finally, the method of the present application is only a preferred embodiment and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (7)
1. A live network push stream verification method is characterized by comprising the following steps:
s1, issuing a stream pushing address and a stream pushing code to an anchor client according to a request of the anchor client, wherein the stream pushing code comprises a plurality of Key fields, and the plurality of Key fields in the stream pushing code comprise a plaintext timestamp of the stream pushing code generated by a server, an asymmetric encrypted public Key Key value, an encrypted server node path value and an encrypted timestamp; the step S1 further includes:
generating a corresponding public Key Key value and a corresponding private Key Key value by using an asymmetric encryption algorithm, and encrypting a plaintext timestamp of a stream pushing code generated by a server by using a public Key value to form an encrypted timestamp;
encrypting the server node path value by using a symmetric encryption algorithm to form an encrypted server node path value;
composing a plug flow code by a plaintext timestamp, an asymmetrically encrypted public Key Key value, an encrypted server node path value and an encrypted timestamp, encrypting the plug flow code, and packaging and issuing the encrypted plug flow code to an anchor client;
s2, the anchor client acquires a plaintext timestamp, an encrypted timestamp, a server node path value and a public Key Key value in the pushed stream code according to the pushed stream code issued by the server, and acquires anchor client information, wherein the anchor client information comprises an anchor client IP address, an anchor client Token and an anchor client equipment unique ID;
encrypting the plaintext timestamp, the encrypted timestamp and the anchor client information by using a public Key Key value, carrying the encrypted timestamp and the anchor client information in a video stream to form video stream information, and reporting the video stream information to a server through a stream pushing address according to a server node path value;
the server receives video stream information reported by an anchor client through a stream pushing address, wherein the video stream information carries a stream pushing code and anchor client information;
and S3, checking a plurality of key fields in the stream pushing code reported by the anchor client and the information of the anchor client, allowing the stream pushing of the anchor client when the checking is passed, and rejecting the stream pushing of the anchor client if the checking is not passed.
2. The live streaming verification method of claim 1, wherein the step S3 further comprises:
the server receives video stream information reported by the anchor client, decrypts the video stream information by adopting a private Key value corresponding to the public Key value, and obtains an IP address of the anchor client, an anchor client Token, an unique ID of the anchor client device, a plaintext timestamp and an encryption timestamp from the video stream information.
3. The live streaming verification method of claim 2, wherein the step S3 further comprises:
and verifying the anchor client Token, the anchor client IP address, the unique ID of the anchor client equipment, the plain text timestamp and the encryption timestamp respectively, if the verification is passed, allowing the anchor client to push the stream to the server, and if not, refusing the anchor client to push the stream to the server.
4. The live streaming verification method of claim 3, wherein said separately verifying the anchor client Token, the anchor client IP address, the anchor client device unique ID, and the timestamp and the encryption timestamp further comprises:
comparing the Token of the anchor client with the Token issued by the server to the anchor client, if the Token is consistent with the Token of the anchor client, the verification is passed, otherwise, the verification is not passed;
decrypting the encrypted timestamp by using a Key value of a private Key to obtain a decrypted timestamp, comparing the decrypted timestamp with a plaintext timestamp, if the decrypted timestamp is consistent with the plaintext timestamp, passing the verification, and if not, failing to pass the verification;
judging whether the IP address of the anchor client is consistent with the IP address of the anchor when the anchor registers to the anchor platform or the IP address of the anchor when the anchor directly broadcasts at the anchor client last time, if so, verifying the IP address, otherwise, performing short message verification, and determining whether the verification passes according to the result of the short message verification;
and judging whether the unique ID of the anchor client equipment is consistent with the unique ID of the equipment when the anchor registers to the anchor platform, if so, passing the verification, otherwise, carrying out short message verification, and determining whether the verification passes according to the result of the short message verification.
5. The live streaming verification method of claim 4, wherein the step S3 further comprises:
when a server receives video stream information reported by an anchor client, acquiring a current timestamp;
and comparing the acquired current time stamp with the decryption time stamp, if the time stamp difference value is within a preset range, the verification is passed, otherwise, the verification is not passed.
6. A live network push flow verification system is characterized by comprising a main broadcast client and a server, wherein the server comprises an issuing module, a receiving module and a verification module;
the system comprises an issuing module, a receiving module and a processing module, wherein the issuing module is used for issuing a stream pushing address and a stream pushing code to an anchor client according to a request of the anchor client, the stream pushing code comprises a plurality of Key fields, and the plurality of Key fields in the stream pushing code comprise a plaintext timestamp of the stream pushing code generated by a server, an asymmetric encrypted public Key Key value, an encrypted server node path value and an encrypted timestamp; the server further comprises a first encryption module and a second encryption module, wherein:
the first encryption module is used for generating a corresponding public Key value and a corresponding private Key value by using an asymmetric encryption algorithm, and encrypting a plaintext timestamp of a stream pushing code generated by the server by using the public Key value to form an encrypted timestamp;
the second encryption module is used for encrypting the server node path value by using a symmetric encryption algorithm to form an encrypted server node path value;
the issuing module is also used for forming a plug flow code by the plaintext timestamp, the asymmetrically encrypted public Key value, the encrypted server node path value and the encrypted timestamp, encrypting the plug flow code and then packaging and issuing the encrypted plug flow code to the anchor client;
the receiving module is used for receiving video stream information reported by an anchor client through a stream pushing address, wherein the video stream information carries a stream pushing code and anchor client information;
the verification module is used for verifying a plurality of key fields in the stream pushing code and the information of the anchor client, if the verification is passed, the stream pushing of the anchor client is allowed, otherwise, the stream pushing of the anchor client is refused;
the anchor client specifically comprises an acquisition module and a reporting module, wherein:
the acquisition module is used for acquiring a plaintext timestamp, an encrypted timestamp, a server node path value and a public Key Key value in a stream pushing code according to the stream pushing code issued by a server, and acquiring anchor client information, wherein the anchor client information comprises an anchor client IP address, an anchor client Token and an anchor client equipment unique ID;
the reporting module is used for carrying the plaintext timestamp, the encrypted timestamp and the anchor client information after encrypting the plaintext timestamp, the encrypted timestamp and the anchor client information by adopting a public Key Key value to form video stream information in a video stream, and reporting the video stream information to a server through a stream pushing address according to a server node path value.
7. A non-transitory computer-readable storage medium storing computer instructions that cause a computer to perform the method of any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710801661.8A CN107613316B (en) | 2017-09-07 | 2017-09-07 | Live network push stream verification method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710801661.8A CN107613316B (en) | 2017-09-07 | 2017-09-07 | Live network push stream verification method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107613316A CN107613316A (en) | 2018-01-19 |
| CN107613316B true CN107613316B (en) | 2020-01-03 |
Family
ID=61062550
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710801661.8A Active CN107613316B (en) | 2017-09-07 | 2017-09-07 | Live network push stream verification method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107613316B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108769728A (en) * | 2018-06-15 | 2018-11-06 | 京信通信系统(中国)有限公司 | Live broadcasting method, device, system and computer readable storage medium |
| CN110662091B (en) * | 2018-06-29 | 2022-03-25 | 武汉斗鱼网络科技有限公司 | Third-party live video access method, storage medium, electronic device and system |
| CN109862382A (en) * | 2019-02-25 | 2019-06-07 | 广州虎牙信息科技有限公司 | Multi-person speech method, server and computer storage medium |
| CN111669606A (en) * | 2019-03-09 | 2020-09-15 | 苏州知了信息科技有限公司 | Live broadcast system for offline and online synchronous teaching |
| CN111314725A (en) * | 2020-02-19 | 2020-06-19 | 安徽文香信息技术有限公司 | Live broadcast access method, system, equipment and computer storage medium |
| CN113722638B (en) * | 2021-07-30 | 2022-12-27 | 北京达佳互联信息技术有限公司 | Page display method and device, electronic equipment and storage medium |
| CN113365097B (en) * | 2021-08-10 | 2021-12-07 | 北京达佳互联信息技术有限公司 | Live broadcast information stream processing method, device and system, electronic equipment and storage medium |
| CN113891148A (en) * | 2021-09-29 | 2022-01-04 | 湖北美和易思教育科技有限公司 | Screen-casting live broadcast method and system based on UDP (user Datagram protocol) and multicast |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102624740A (en) * | 2012-03-30 | 2012-08-01 | 奇智软件(北京)有限公司 | Data interaction method, client and server |
| CN105872639A (en) * | 2016-04-20 | 2016-08-17 | 乐视控股(北京)有限公司 | Live broadcast method and live broadcast terminal |
| CN106686395A (en) * | 2016-12-29 | 2017-05-17 | 北京奇艺世纪科技有限公司 | Illegal-video live-broadcast detection method and system |
| CN106954079A (en) * | 2017-03-14 | 2017-07-14 | 北京潘达互娱科技有限公司 | Live record statistical method and device |
| CN106993201A (en) * | 2017-03-17 | 2017-07-28 | 武汉斗鱼网络科技有限公司 | The authorization check method and device of video playback |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4625622B2 (en) * | 2003-10-20 | 2011-02-02 | 株式会社 イソップ | Information encryption method |
-
2017
- 2017-09-07 CN CN201710801661.8A patent/CN107613316B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102624740A (en) * | 2012-03-30 | 2012-08-01 | 奇智软件(北京)有限公司 | Data interaction method, client and server |
| CN105872639A (en) * | 2016-04-20 | 2016-08-17 | 乐视控股(北京)有限公司 | Live broadcast method and live broadcast terminal |
| CN106686395A (en) * | 2016-12-29 | 2017-05-17 | 北京奇艺世纪科技有限公司 | Illegal-video live-broadcast detection method and system |
| CN106954079A (en) * | 2017-03-14 | 2017-07-14 | 北京潘达互娱科技有限公司 | Live record statistical method and device |
| CN106993201A (en) * | 2017-03-17 | 2017-07-28 | 武汉斗鱼网络科技有限公司 | The authorization check method and device of video playback |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107613316A (en) | 2018-01-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107613316B (en) | Live network push stream verification method and system | |
| US10659220B2 (en) | Method and system for encrypting and decrypting two-dimensional code mask | |
| CN102413132B (en) | Two-way-security-authentication-based data downloading method and system | |
| CN109243045B (en) | Voting method, voting device, computer equipment and computer readable storage medium | |
| CN109218825B (en) | Video encryption system | |
| CN108809953B (en) | Anonymous identity authentication method and device based on block chain | |
| WO2016184216A1 (en) | Link-stealing prevention method, link-stealing prevention server, and client side | |
| CN106571951B (en) | Audit log obtaining method, system and device | |
| US8364960B2 (en) | Method for preventing the use of a cloned user unit communicating with a server | |
| CN111274578B (en) | Data safety protection system and method for video monitoring system | |
| CN102281300A (en) | digital rights management license distribution method and system, server and terminal | |
| CN110662091B (en) | Third-party live video access method, storage medium, electronic device and system | |
| CN113128999B (en) | Block chain privacy protection method and device | |
| CN111030814A (en) | Key negotiation method and device | |
| CN110855624A (en) | Safety verification method based on web interface and related equipment | |
| CN113497709A (en) | Trusted data source management method based on block chain, signature device and verification device | |
| CN105721903A (en) | Method and system for playing online videos | |
| CN104243452B (en) | A kind of cloud computing access control method and system | |
| CN106549757B (en) | Data authenticity identification method of WEB service, server and client | |
| CN102546528B (en) | Stream media playing method and stream media playing equipment | |
| CN113365097B (en) | Live broadcast information stream processing method, device and system, electronic equipment and storage medium | |
| CN107888543A (en) | Based on the method and system that company-data safety is protected under distributed type assemblies environment | |
| CN114499871A (en) | Signature encryption method, device and system and computer readable storage medium | |
| CN104901967A (en) | Registration method for trusted device | |
| CN112383577A (en) | Authorization method, device, system, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240105 Address after: Room 202, 1st Floor, Building 10, Huancheng West Second Street, Huancheng West Road, Panyu District, Guangzhou City, Guangdong Province, 511400 Patentee after: Xiao Hua Address before: 430000 East Lake Development Zone, Wuhan City, Hubei Province, No. 1 Software Park East Road 4.1 Phase B1 Building 11 Building Patentee before: WUHAN DOUYU NETWORK TECHNOLOGY Co.,Ltd. |