CN108092958B - Information authentication method and device, computer equipment and storage medium - Google Patents

Information authentication method and device, computer equipment and storage medium Download PDF

Info

Publication number
CN108092958B
CN108092958B CN201711268194.3A CN201711268194A CN108092958B CN 108092958 B CN108092958 B CN 108092958B CN 201711268194 A CN201711268194 A CN 201711268194A CN 108092958 B CN108092958 B CN 108092958B
Authority
CN
China
Prior art keywords
key
timestamp
data packet
information
configuration information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201711268194.3A
Other languages
Chinese (zh)
Other versions
CN108092958A (en
Inventor
王武志
卓贵明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Gongjin Electronics Co Ltd
Original Assignee
Chengdu Gongwei Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Gongwei Technology Co ltd filed Critical Chengdu Gongwei Technology Co ltd
Priority to CN201711268194.3A priority Critical patent/CN108092958B/en
Publication of CN108092958A publication Critical patent/CN108092958A/en
Application granted granted Critical
Publication of CN108092958B publication Critical patent/CN108092958B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Abstract

The invention relates to an information authentication method, an information authentication device, computer equipment and a storage medium, wherein the information authentication method comprises the following steps: the method comprises the steps of obtaining a first secret key the same as that of the WIFI equipment, receiving a data packet sent by the WIFI equipment, generating a second secret key, encrypting the second secret key by adopting the first secret key to obtain a third secret key, sending the third secret key and the data packet to the WIFI equipment, receiving encrypted configuration information sent by the WIFI equipment, wherein the configuration information is obtained by encrypting the WIFI equipment by adopting the second secret key, the second secret key is obtained by decrypting the third secret key by the WIFI equipment, and decrypting the encrypted configuration information to obtain decrypted configuration information. Information sent by the WIFI equipment is decrypted and successfully matched with the WIFI equipment through the exchange key, so that the configuration steps of the connection relation between the network amplifier and the WIFI equipment are reduced, and the connection establishing efficiency of a wireless network is improved.

Description

Information authentication method and device, computer equipment and storage medium
Technical Field
The present invention relates to the field of communications technologies, and in particular, to an information authentication method and apparatus, a computer device, and a storage medium.
Background
With the development of science and technology, wireless local area networks have been widely used in various industries. As the houses are larger and larger, the number of rooms is larger and larger, and the transmitting power of the traditional household wireless network router is lower, when the houses are larger or the wall-through times are more, the wireless network sent by the router has the problems of signal dead angles and weak signals. In order to solve the problems, the traditional solution is to use a wireless network amplifier to enhance the signal strength and realize the stable wall penetration of wireless signals.
Since the wireless network amplifier is adopted to enhance the signal strength, the equipment is often required to be configured, and a user needs to log in a World Wide WEB (WEB), select an encryption mode, input a key and the like, the configuration of connection information between the wireless network router and the wireless network amplifier is very complicated, so that the efficiency of establishing connection of a wireless network is low.
Disclosure of Invention
Based on this, it is necessary to provide an information authentication method, an information authentication apparatus, a computer device, and a storage medium for solving the problem that the configuration process of the connection information between the wireless network router and the wireless network amplifier is so complicated that the efficiency of establishing the connection of the wireless network is low.
An information authentication method, comprising:
acquiring a first secret key identical to the WIFI equipment;
receiving a data packet sent by the WIFI equipment, and generating a second secret key;
encrypting the second key by using the first key to obtain a third key;
sending the third secret key and the data packet to the WIFI device;
receiving encrypted configuration information sent by the WIFI equipment, wherein the configuration information is obtained by encrypting the WIFI equipment by using the second secret key, and the second secret key is obtained by decrypting the third secret key by the WIFI equipment;
and decrypting the encrypted configuration information to obtain the decrypted configuration information.
In one embodiment, the data packet includes a first timestamp, a challenge field, and a random number; after the receiving of the data packet sent by the WIFI device, the method further includes:
extracting a first timestamp, a challenge field and a random number in the data packet;
according to the first key, performing information abstract calculation on the first timestamp, the challenge field and the random number to obtain a calculation result;
and acquiring a current second timestamp, and sending the second timestamp and the calculation result to the WIFI equipment.
In one embodiment, the encrypting the second key with the first key to obtain a third key includes:
converting the parameter of the second key into a ciphertext according to the first key;
and acquiring the converted ciphertext to obtain an encrypted third key.
In an embodiment, the decrypting the encrypted configuration information to obtain decrypted configuration information includes:
extracting a ciphertext parameter of the second key;
and decrypting the encrypted configuration information according to the ciphertext parameter to obtain decrypted configuration information, wherein the configuration information comprises a service set identifier, an authentication mode and channel information.
An information authentication method, comprising:
acquiring a first key identical to a network amplifier;
sending a data packet to the network amplifier, wherein the data packet is used for indicating the network amplifier to encrypt the generated second key by using the first key to obtain a third key;
receiving request information sent by the network amplifier, wherein the request information comprises the third secret key and the data packet;
encrypting the configuration information according to the request information to obtain encrypted configuration information;
and sending the encrypted configuration information to the network amplifier.
In one embodiment, the data packet includes a challenge field, a first timestamp, and a random number; after receiving the request message sent by the network amplifier, the method further includes:
acquiring a second timestamp when the network amplifier sends the request information;
extracting a challenge field in the data packet, and verifying the request information and the second timestamp by using the challenge field and the first key;
and after the verification is successful, extracting a third key in the request information, and decrypting the third key by using the first key to obtain the second key.
An information authentication apparatus comprising:
the first obtaining module is used for obtaining a first secret key which is the same as the WIFI equipment;
the data packet receiving module is used for receiving the data packet sent by the WIFI equipment and generating a second secret key;
the key encryption module is used for encrypting the second key by adopting the first key to obtain a third key;
the information sending module is used for sending the third secret key and the data packet to the WIFI equipment;
the configuration information receiving module is configured to receive encrypted configuration information sent by the WIFI device, where the configuration information is obtained by encrypting the WIFI device by using the second secret key, and the second secret key is obtained by decrypting the third secret key by the WIFI device;
and the configuration information decryption module is used for decrypting the encrypted configuration information to obtain the decrypted configuration information.
In one embodiment, an information authentication apparatus includes:
the second acquisition module is used for acquiring a first key which is the same as the first key of the network amplifier;
a data packet sending module, configured to send a data packet to the network amplifier, where the data packet is used for the network amplifier to generate a second key and encrypt the second key by using the first key, so as to obtain a third key;
an information receiving module, configured to receive request information sent by the network amplifier, where the request information includes the third key and a data packet sent to the network amplifier;
the configuration information encryption module is used for encrypting the configuration information to be encrypted according to the request information to obtain encrypted configuration information;
and the configuration information sending module is used for sending the encrypted configuration information to the network amplifier.
A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of the method as described above when executing the computer program.
A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method as set forth above.
According to the information authentication method, the information authentication device, the computer device and the storage medium, the first secret key which is the same as that of the WIFI device is obtained, the data packet sent by the WIFI device is received, the second secret key is generated, the first secret key is adopted to encrypt the second secret key, the third secret key is obtained, the third secret key and the data packet are sent to the WIFI device, the encrypted configuration information sent by the WIFI device is received, the configuration information is obtained by encrypting the WIFI device through the second secret key, the second secret key is obtained by decrypting the third secret key through the WIFI device, the encrypted configuration information is decrypted, and the decrypted configuration information is obtained. Because the WIFI equipment and the network amplifier have the same second secret key, the network amplifier can decrypt the information by using the second secret key after receiving the encrypted information sent by the WIFI equipment. The first secret key encrypts the second secret key, so that the safety of information transmission is guaranteed, and information sent by the WIFI equipment is decrypted and successfully matched with the WIFI equipment through the exchange secret key, so that the configuration steps of the connection relation between the network amplifier and the WIFI equipment are reduced, and the efficiency of establishing connection of a wireless network is improved.
Drawings
FIG. 1 is a diagram of an application environment of a method for authenticating information according to an embodiment;
FIG. 2 is a diagram of the internal structure of a computer device in one embodiment;
FIG. 3 is a flow diagram of a method of message authentication in one embodiment;
FIG. 4 is a flow diagram of a method for sending request messages in one embodiment;
FIG. 5 is a flow chart of a message authentication method in another embodiment;
FIG. 6 is a flow diagram of a method for validating information in one embodiment;
FIG. 7 is a block diagram showing the structure of an information authentication apparatus according to an embodiment;
fig. 8 is a block diagram showing the structure of an information authentication apparatus according to another embodiment.
Detailed Description
In order to make the objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail below. In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein, but rather should be construed as broadly as the present invention is capable of modification in various respects, all without departing from the spirit and scope of the present invention.
FIG. 1 is a diagram of an application environment of a method for authenticating information according to an embodiment. As shown in fig. 1, the application environment includes a network amplifier 110 and a WIFI device 120, where the network amplifier 110 and the WIFI device 120 communicate with each other through an ethernet cable.
And the network amplifier 110 has a function of amplifying a network signal, the WIFI device may be a router, and the network amplifier 110 may obtain the same first key as the WIFI device 120. After receiving the data packet sent by the WIFI device 120, the network amplifier 110 may extract information in the data packet and generate a second key. The network amplifier 110 may encrypt the second key with the first key to obtain a third key, and the network amplifier 110 may send the obtained third key and the request information to the WIFI device 120. After receiving the information sent by the network amplifier 110, the WIFI device 120 verifies the information, and decrypts the third key by using the first key to obtain the second key. The WIFI device 120 may encrypt the configuration information using the second key, and then send the encrypted configuration information to the network amplifier 110, and after the network amplifier 110 receives the encrypted configuration information sent by the WIFI device, the encrypted configuration information may be decrypted using the second key, so as to finally obtain the configuration information. The network amplifier 110 may store the decrypted configuration information.
In one embodiment, a computer device is provided, which may be either a network amplifier 110 or a WIFI device 120. The internal structure of a computer device including a processor, a storage medium, a memory, and a network interface connected via a system bus is shown in fig. 2. The storage medium of the computer device stores an operating system, a database and a computer program for implementing the information authentication method and device. The processor is used to provide computing and control capabilities to support the operation of the entire computer device. The computer program, when executed by a processor, may cause the processor to implement an information authentication method. The memory provides an environment for running a computer program that implements the information authentication method and apparatus in the storage medium, and the network interface is used for performing network communication with the computer device and the outside, for example, the network amplifier 120 obtains the same first key as the WIFI device through the network interface. The structure shown in fig. 2 is a block diagram of only a part of the structure related to the present application, and does not constitute a limitation of the terminal to which the present application is applied, and a specific terminal may include more or less components than those shown in the drawing, or combine some components, or have a different arrangement of components.
In one embodiment, an information authentication method is provided, which is exemplified by a network amplifier applied in the above application environment, as shown in fig. 3, and includes the following steps:
step S302, a first secret key identical to the WIFI equipment is obtained.
The WIFI equipment is connected with a network and can be used as a gateway to provide an interface for each terminal to access the network, and the WIFI equipment can be a router. The key is a parameter, and is a parameter input in an algorithm for converting plaintext into ciphertext or converting ciphertext into plaintext.
After the network amplifier and the WIFI equipment are powered on and normally work, the network amplifier is connected with the WIFI equipment by inserting the Ethernet cable into a specified network interface, and the network amplifier can immediately acquire a first secret key which is the same as that of the WIFI equipment through the connected Ethernet cable.
Step S304, receiving the data packet sent by the WIFI equipment, and generating a second secret key.
The WIFI equipment can send data packets through the connected Ethernet cable. The data packet sent by the WIFI device may be sent and received in a Linux Raw socket (Linux Raw socket) manner according to a self-defined ethernet private protocol. The custom ethernet proprietary protocol may define the transmission and reception interval of the data packets.
The WIFI device may send data packets at intervals according to the custom ethernet private protocol, for example, once every 3 seconds. After receiving the data packet sent by the WIFI device, the network amplifier may extract information in the data packet, and generate a second key according to the information in the extracted data packet.
And S306, encrypting the second key by using the first key to obtain a third key.
Upon detecting the ethernet cable insertion, the WIFI device and the network amplifier negotiate a common first key. After generating the second key, the network amplifier may encrypt the second key using the first key to obtain an encrypted third key.
And step S308, sending the third key and the data packet to the WIFI equipment.
The network amplifier may send the obtained third key to the WIFI device. After extracting the information in the data packet, the network amplifier may generate and transmit the third key and may transmit the data packet to the WIFI device again.
Step S310, receiving encrypted configuration information sent by the WIFI equipment, wherein the configuration information is obtained by encrypting the WIFI equipment by adopting a second secret key, and the second secret key is obtained by decrypting a third secret key by the WIFI equipment.
After receiving the third key and the data packet sent by the network amplifier, the WIFI device may decrypt the received third key to obtain a decrypted second key. At this time, the network amplifier and the WIFI device both have the second key, and the WIFI device may encrypt the configuration information to be encrypted using the second key, so as to obtain the encrypted configuration information. The WIFI device may send the obtained encrypted configuration information to the network amplifier, that is, the network amplifier may receive the encrypted configuration information sent by the WIFI device.
Step S312, decrypt the encrypted configuration information to obtain the decrypted configuration information.
The network amplifier and the WIFI equipment both have second keys, and the network amplifier can decrypt the encrypted configuration information by using the second keys after receiving the encrypted configuration information. The configuration information is sent to the network amplifier after the WIFI equipment uses the second secret key for encryption, and the network amplifier can only use the second secret key for decryption of the encrypted configuration information based on the principle that the encryption and decryption of the secret key can only use the same secret key. The network amplifier may obtain the decrypted configuration information.
The method comprises the steps of receiving a data packet sent by the WIFI equipment by obtaining a first secret key the same as the WIFI equipment, generating a second secret key, encrypting the second secret key by adopting the first secret key to obtain a third secret key, sending the third secret key and the data packet to the WIFI equipment, receiving encrypted configuration information sent by the WIFI equipment, wherein the configuration information is obtained by encrypting the WIFI equipment by adopting the second secret key, the second secret key is obtained by decrypting the third secret key by the WIFI equipment, decrypting the encrypted configuration information and obtaining the decrypted configuration information. Because the WIFI equipment and the network amplifier have the same second secret key, the network amplifier can decrypt the information by using the second secret key after receiving the encrypted information sent by the WIFI equipment. The first secret key encrypts the second secret key, so that the safety of information transmission is guaranteed, and information sent by the WIFI equipment is decrypted and successfully matched with the WIFI equipment through the exchange secret key, so that the configuration steps of the connection relation between the network amplifier and the WIFI equipment are reduced, and the efficiency of establishing connection of a wireless network is improved.
In an embodiment, as shown in fig. 4, the provided information authentication method further includes a process of sending request information, and the specific steps include:
step S402, extracting a first time stamp, a challenge field and a random number in the data packet.
The first timestamp is a specific time point when the WIFI device sends the data packet to the network amplifier. The challenge field is a parameter used for transmission after being mixed with the password and encrypted, and ensures that the password is not transmitted in plaintext, and may be a random string of characters, for example, a challenge field with 20 bytes. The random number is generated according to the first timestamp and the MAC (media Access control) address of the WIFI device as a random number seed. The network amplifier may extract the first timestamp, the challenge field, and the random number in the data packet.
And S404, performing information digest calculation on the first timestamp, the challenge field and the random number according to the first key to obtain a calculation result.
The message digest calculation may be calculated using SHA-256 (secure hash algorithm). The network amplifier may compute a message digest using the first timestamp, the first key, the challenge field, and the random number, and the computed result may be a string of characters.
Step S406, acquiring a current second timestamp, and sending the second timestamp and the calculation result to the WIFI device.
The network amplifier can acquire a second timestamp through the current time, and then send the second timestamp and the calculated information summary result to the WIFI device in a Request mode.
Extracting a first timestamp, a challenge field and a random number in the data packet, performing information summary calculation on the first timestamp, the challenge field and the random number according to a first secret key to obtain a calculation result, acquiring a current second timestamp, and sending the second timestamp and the calculation result to the WIFI device. And the information digest is calculated by using the first key, and the calculation result is sent by using the Request, so that the safety of information transmission is improved.
In an embodiment, the provided information authentication method further includes a process of encrypting the second key, specifically including: converting the parameter of the second key into a ciphertext according to the first key; and acquiring the converted ciphertext to obtain an encrypted third key.
The key functions to encrypt information to be encrypted. The process of encrypting information by the key is the process of converting plaintext information into ciphertext information. The network amplifier may use the first key to convert plaintext parameters of the second key into ciphertext parameters. The converted ciphertext parameter acquired by the network amplifier is the encrypted third key.
And converting the parameters of the second key into a ciphertext according to the first key, and acquiring the converted ciphertext to obtain an encrypted third key. And the third key is obtained by encrypting the second key, so that the safety in the information transmission process is improved.
In one embodiment, the provided information authentication method further includes a process of decrypting the configuration information, and the specific steps include: and extracting the ciphertext parameters of the second key. And decrypting the encrypted configuration information according to the ciphertext parameter to obtain the decrypted configuration information, wherein the configuration information comprises a service set identifier, an authentication mode and channel information.
The configuration information is encrypted by using a second key, and similarly, the configuration information needs to be decrypted by using the second key when being decrypted. The network amplifier may extract the ciphertext parameter of the second key, and decrypt the encrypted configuration information using the ciphertext parameter of the second key. The configuration information may include service set identification, authentication method, and channel information. The network amplifier decrypts the configuration information by using the ciphertext parameter of the second key to obtain the decrypted configuration information, that is, the service set identifier, the authentication mode, the channel information, and the like.
And decrypting the encrypted configuration information according to the ciphertext parameter by extracting the ciphertext parameter of the second key to obtain decrypted configuration information, wherein the configuration information comprises a service set identifier, an authentication mode and channel information. Because the second key is used for decrypting the configuration information, the obtained configuration information is more accurate, and meanwhile, the security of the configuration information is ensured.
In another embodiment, an information authentication method is provided, which is exemplified by being applied to a WIFI device in an application environment, as shown in fig. 5, and includes the following steps:
step S502, a first key identical to the network amplifier is acquired.
The network amplifier is used for expanding network signals and achieving the purpose of accessing a network by connecting WIFI equipment. After the network amplifier and the WIFI equipment are powered on and normally work, the Ethernet cable is inserted into a specified network interface to connect the network amplifier and the WIFI equipment, and the WIFI equipment can immediately acquire a first secret key which is the same as that of the network amplifier through the connected Ethernet cable.
Step S504, sending a data packet to the network amplifier, where the data packet is used to instruct the network amplifier to encrypt the generated second key with the first key, so as to obtain a third key.
When the WIFI device detects that the Ethernet line is accessed, the WIFI device can start to send a data packet to the network amplifier. The WIFI device may send the data packet in a Linux Raw socket (Linux Raw socket) manner according to a custom ethernet private protocol. The data packet contains information such as a first timestamp, a challenge field and a random number, and the network amplifier can encrypt the generated second secret key by using the first secret key according to the data packet sent by the WIFI device to obtain a third secret key.
Step S506, receiving request information sent by the network amplifier, where the request information includes a third key and a data packet.
The WIFI equipment can also receive Request information sent by the network amplifier. The request message may include a third key generated by the network amplifier, and may further include a data packet processed by the network amplifier.
And step S508, encrypting the configuration information according to the request information to obtain the encrypted configuration information.
The request message sent by the network amplifier may include a calculation result of the digest message and a third key obtained by encrypting the second key. Wherein, the calculation of the digest information is performed by using SHA-256 (secure hash algorithm). The WIFI device can decrypt the third key by using the first key to obtain a decrypted second key. The WIFI equipment can also encrypt the configuration information by using the decrypted second secret key to obtain the encrypted configuration information.
Step S510, sending the encrypted configuration information to the network amplifier.
The WIFI device may send the encrypted configuration information to the network amplifier by using a self-defined ethernet protocol and also using a Linux Raw socket (Linux Raw socket).
The method comprises the steps of obtaining a first secret key which is the same as that of a network amplifier, sending a data packet to the network amplifier, wherein the data packet is used for indicating the network amplifier to encrypt a generated second secret key by adopting the first secret key to obtain a third secret key, receiving request information sent by the network amplifier, the request information comprises the third secret key and the data packet, encrypting configuration information according to the request information to obtain encrypted configuration information, and sending the encrypted configuration information to the network amplifier. The first secret key encrypts the second secret key, so that the safety of information transmission is guaranteed, and information sent by the WIFI equipment is decrypted and successfully matched with the WIFI equipment through the exchange secret key, so that the configuration steps of the connection relation between the network amplifier and the WIFI equipment are reduced, and the efficiency of establishing connection of a wireless network is improved.
As shown in fig. 6, in an embodiment, the provided information authentication method further includes a process of verifying information, which specifically includes:
step S602, a second timestamp when the network amplifier sends the request information is obtained.
The second time stamp is a specific point in time at which the network amplifier transmits the request information. The WIFI device may obtain the second timestamp according to the time when the network amplifier sends the request information.
Step S604, extracting the challenge field in the data packet, and verifying the request information and the second timestamp by using the challenge field and the first key.
The data packet sent to the network amplifier by the WIFI device contains a challenge field and a first time stamp. The WIFI device may extract the challenge field and the first timestamp in the data packet. The WIFI device can verify time according to the extracted first timestamp and the extracted second timestamp, and can also verify the extracted challenge field and the challenge field sent to the network amplifier.
Step S606, after the verification is successful, extracting the third key in the request information, and decrypting the third key by using the first key to obtain the second key.
After the WIFI device successfully verifies the challenge field and the timestamp, the third key in the request information may be extracted. The WIFI device and the network amplifier have the same first key, so that the third key can be decrypted by using the first key, and the third key is obtained by encrypting the second key. The WIFI device can obtain a second secret key after decrypting the third secret key.
And extracting a challenge field in the data packet by acquiring a second time stamp when the network amplifier sends the request information, verifying the request information and the second time stamp by using the challenge field and the first key, extracting a third key in the request information after successful verification, and decrypting the third key by using the first key to obtain a second key. The second key can be obtained only after the information is verified and decrypted, and the safety of information transmission is guaranteed.
In one embodiment, an information authentication method is provided, and the method is implemented by the following specific steps:
first, when the WIFI device and the network amplifier detect that the ethernet cable is inserted, the WIFI device and the network amplifier may negotiate a shared key with each other, where the shared key may be a first key. After the shared key is negotiated, the WIFI device and the network amplifier can both acquire the same first key. The WIFI device may send a data packet to the network amplifier. The WIFI device may send the data packet in a Linux Raw socket (Linux Raw socket) manner according to a custom ethernet private protocol.
Secondly, the network amplifier can receive the data packet sent by the WIFI equipment and generate a second key. The WIFI device may send data packets at intervals according to the custom ethernet private protocol, for example, once every 3 seconds. After receiving the data packet sent by the WIFI device, the network amplifier may extract information in the data packet, and generate a second key according to the information in the extracted data packet.
The network amplifier may then extract the first timestamp, the challenge field, and the random number in the data packet. The first timestamp is a specific time point when the WIFI device sends the data packet to the network amplifier. The challenge field is a parameter used for transmission after being mixed with the password and encrypted, and ensures that the password is not transmitted in plaintext, and may be a random string of characters, for example, a challenge field with 20 bytes. The random number is generated according to the first timestamp and the MAC (media Access control) address of the WIFI device as a random number seed. The network amplifier may extract the first timestamp, the challenge field, and the random number in the data packet. And then, according to the first key, performing information digest calculation on the first timestamp, the challenge field and the random number to obtain a calculation result. The message digest calculation may be calculated using SHA-256 (secure hash algorithm), and the result of the calculation may be a string of characters. The network amplifier can acquire the current second timestamp and send the second timestamp and the calculation result to the WIFI device. The network amplifier can acquire a second timestamp through the current time, and then send the second timestamp and the calculated information summary result to the WIFI device in a Request mode.
The network amplifier may then encrypt the second key with the first key to obtain a third key. Upon detecting the ethernet cable insertion, the WIFI device and the network amplifier negotiate a common first key. After generating the second key, the network amplifier may encrypt the second key using the first key to obtain an encrypted third key. The network amplifier may convert parameters of the second key into ciphertext according to the first key. The key functions to encrypt information to be encrypted. The process of encrypting information by the key is the process of converting plaintext information into ciphertext information. The network amplifier may use the first key to convert plaintext parameters of the second key into ciphertext parameters. The network amplifier can also obtain the converted ciphertext to obtain an encrypted third key. The converted ciphertext parameter acquired by the network amplifier is the encrypted third key.
The network amplifier may then send the third key and the data packet to the WIFI device. The network amplifier may send the obtained third key to the WIFI device. After extracting the information in the data packet, the network amplifier may generate and transmit the third key and may transmit the data packet to the WIFI device again. The network amplifier can also receive encrypted configuration information sent by the WIFI equipment, the configuration information is obtained by encrypting the WIFI equipment by adopting a second secret key, and the second secret key is obtained by decrypting a third secret key by the WIFI equipment. The network amplifier may decrypt the encrypted configuration information to obtain decrypted configuration information. The network amplifier and the WIFI equipment both have second keys, and the network amplifier can decrypt the encrypted configuration information by using the second keys after receiving the encrypted configuration information. The configuration information is sent to the network amplifier after the WIFI equipment uses the second secret key for encryption, and the network amplifier can only use the second secret key for decryption of the encrypted configuration information based on the principle that the encryption and decryption of the secret key can only use the same secret key. The network amplifier may obtain the decrypted configuration information.
Next, the WIFI device may receive request information sent by the network amplifier, where the request information includes a third key and a data packet. The WIFI equipment can also receive Request information sent by the network amplifier. The request message may include a third key generated by the network amplifier, and may further include a data packet processed by the network amplifier.
And then, the WIFI device acquires a second timestamp when the network amplifier sends the request information. The second time stamp is a specific point in time at which the network amplifier transmits the request information. The WIFI device may obtain the second timestamp according to the time when the network amplifier sends the request information. The WIFI device may extract the challenge field in the data packet and verify the request information and the second timestamp using the challenge field and the first key. After the verification is successful, the WIFI equipment can extract the third secret key in the request information, and decrypt the third secret key by using the first secret key to obtain the second secret key. The WIFI device may send the encrypted configuration information to the network amplifier.
And then, the network amplifier receives encrypted configuration information sent by the WIFI equipment, wherein the configuration information is obtained by encrypting the WIFI equipment by adopting a second secret key, and the second secret key is obtained by decrypting a third secret key by the WIFI equipment. After receiving the third key and the data packet sent by the network amplifier, the WIFI device may decrypt the received third key to obtain a decrypted second key. At this time, the network amplifier and the WIFI device both have the second key, and the WIFI device may encrypt the configuration information to be encrypted using the second key, so as to obtain the encrypted configuration information. The WIFI device may send the obtained encrypted configuration information to the network amplifier, that is, the network amplifier may receive the encrypted configuration information sent by the WIFI device.
And finally, the network amplifier decrypts the encrypted configuration information to obtain the decrypted configuration information. The network amplifier can also extract the ciphertext parameter of the second key, and decrypt the encrypted configuration information according to the ciphertext parameter to obtain decrypted configuration information, wherein the configuration information comprises a service set identifier, an authentication mode and channel information.
As shown in fig. 7, in one embodiment, there is provided an information authentication apparatus including:
the first obtaining module 710 is configured to obtain a first key that is the same as the WIFI device.
And the data packet receiving module 720 is configured to receive a data packet sent by the WIFI device, and generate a second key.
The key encryption module 730 is configured to encrypt the second key with the first key to obtain a third key.
And the information sending module 740 is configured to send the third key and the data packet to the WIFI device.
The configuration information receiving module 750 is configured to receive the encrypted configuration information sent by the WIFI device, where the configuration information is obtained by encrypting the WIFI device with a second key, and the second key is obtained by decrypting the third key with the WIFI device.
The configuration information decryption module 760 is configured to decrypt the encrypted configuration information to obtain decrypted configuration information.
In one embodiment, a data packet includes a first timestamp, a challenge field, and a random number. The information sending module 740 may also be configured to extract the first timestamp, the challenge field, and the random number in the data packet, perform information digest calculation on the first timestamp, the challenge field, and the random number according to the first key, obtain a calculation result, obtain a current second timestamp, and send the second timestamp and the calculation result to the WIFI device.
In an embodiment, the key encryption module 730 may be further configured to convert the parameter of the second key into a ciphertext according to the first key, obtain the converted ciphertext, and obtain an encrypted third key.
In an embodiment, the configuration information decryption module 760 may be further configured to extract a ciphertext parameter of the second key, and decrypt the encrypted configuration information according to the ciphertext parameter to obtain decrypted configuration information, where the configuration information includes a service set identifier, an authentication method, and channel information.
As shown in fig. 8, in another embodiment, there is provided an information authentication apparatus including:
a second obtaining module 810, configured to obtain the same first key as the network amplifier.
And a data packet sending module 820, configured to send a data packet to the network amplifier, where the data packet is used by the network amplifier to generate a second key and encrypt the second key by using the first key, so as to obtain a third key.
The information receiving module 830 is configured to receive request information sent by the network amplifier, where the request information includes a third key and a data packet sent to the network amplifier.
The configuration information encryption module 840 is configured to encrypt the configuration information to be encrypted according to the request information to obtain encrypted configuration information.
A configuration information sending module 850, configured to send the encrypted configuration information to the network amplifier.
In an embodiment, the information receiving module 830 may be further configured to obtain a second timestamp when the network amplifier sends the request information, extract the challenge field in the data packet, verify the request information and the second timestamp by using the challenge field and the first key, extract a third key in the request information after the verification is successful, and decrypt the third key by using the first key to obtain the second key.
In one embodiment, there is also provided a computer readable storage medium storing a computer program which when executed by a processor implements the steps of: the method comprises the steps of obtaining a first secret key the same as that of the WIFI equipment, receiving a data packet sent by the WIFI equipment, generating a second secret key, encrypting the second secret key by adopting the first secret key to obtain a third secret key, sending the third secret key and the data packet to the WIFI equipment, receiving encrypted configuration information sent by the WIFI equipment, wherein the configuration information is obtained by encrypting the WIFI equipment by adopting the second secret key, the second secret key is obtained by decrypting the third secret key by the WIFI equipment, and decrypting the encrypted configuration information to obtain decrypted configuration information.
In one embodiment, a computer program executed by a processor to transmit request information includes: extracting a first timestamp, a challenge field and a random number in the data packet, performing information summary calculation on the first timestamp, the challenge field and the random number according to a first secret key to obtain a calculation result, acquiring a current second timestamp, and sending the second timestamp and the calculation result to the WIFI device.
In one embodiment, the computer program is executed by the processor to encrypt the second key, comprising: and converting the parameters of the second key into a ciphertext according to the first key, and acquiring the converted ciphertext to obtain an encrypted third key.
In one embodiment, the computer program is executed by a processor to decrypt configuration information, comprising: and extracting the ciphertext parameter of the second key, and decrypting the encrypted configuration information according to the ciphertext parameter to obtain decrypted configuration information, wherein the configuration information comprises a service set identifier, an authentication mode and channel information.
In another embodiment, there is also provided a computer readable storage medium storing a computer program which when executed by a processor implements the steps of: the method comprises the steps of obtaining a first secret key which is the same as that of a network amplifier, sending a data packet to the network amplifier, wherein the data packet is used for indicating the network amplifier to encrypt a generated second secret key by adopting the first secret key to obtain a third secret key, receiving request information sent by the network amplifier, the request information comprises the third secret key and the data packet, encrypting configuration information according to the request information to obtain encrypted configuration information, and sending the encrypted configuration information to the network amplifier.
In one embodiment, a computer program executed by a processor for validating information includes: and acquiring a second time stamp when the network amplifier sends the request information, extracting a challenge field in the data packet, verifying the request information and the second time stamp by using the challenge field and the first key, extracting a third key in the request information after successful verification, and decrypting the third key by using the first key to obtain a second key.
It will be understood by those skilled in the art that all or part of the processes in the methods of the embodiments described above may be implemented by a computer program, which is stored in a non-volatile computer-readable storage medium, and executed by at least one processor in a computer system, so as to implement the processes of the embodiments including the methods described above. Any reference to memory, storage, database, or other medium used herein may include non-volatile and/or volatile memory. Suitable non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM), which acts as external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms, such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), double data rate SDRAM (DDR SDRAM), Enhanced SDRAM (ESDRAM), synchronous Link (Synchlink) DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and bus dynamic RAM (RDRAM).
The technical features of the embodiments described above may be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the embodiments described above are not described, but should be considered as being within the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present invention, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the inventive concept, which falls within the scope of the present invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (10)

1. An information authentication method, the method comprising:
the network amplifier acquires a first secret key which is the same as the WIFI device through the connected Ethernet line;
receiving a data packet sent by the WIFI equipment according to sending interval time defined by a self-defined Ethernet private protocol, extracting information in the data packet, and generating a second secret key according to the information in the extracted data packet; the data packet includes a first timestamp, a challenge field, and a random number;
encrypting the second key by using the first key to obtain a third key;
acquiring a current second timestamp, and sending the second timestamp, a third key and the data packet to the WIFI device;
receiving encrypted configuration information sent by the WIFI device, where the configuration information is obtained by encrypting the WIFI device with the second secret key, and the second secret key is obtained by decrypting the third secret key by the WIFI device, and the method includes: the second key is obtained by the WIFI device decrypting the third key after the WIFI device successfully verifies the challenge field and the timestamp, wherein the WIFI device verifies time according to the extracted first timestamp and the extracted second timestamp when extracting the challenge field and the first timestamp from the data packet, and verifies the extracted challenge field and the challenge field sent to the network amplifier;
and decrypting the encrypted configuration information by adopting the second key to obtain the decrypted configuration information.
2. The method of claim 1, wherein after the receiving the data packet sent by the WIFI device according to the customized ethernet private protocol defined transmission interval time, the method further comprises:
extracting a first timestamp, a challenge field and a random number in the data packet;
according to the first key, performing information abstract calculation on the first timestamp, the challenge field and the random number to obtain a calculation result;
and acquiring a current second timestamp, and sending the second timestamp and the calculation result to the WIFI equipment.
3. The method of claim 1, wherein the encrypting the second key with the first key to obtain a third key comprises:
converting the parameter of the second key into a ciphertext according to the first key;
and acquiring the converted ciphertext to obtain an encrypted third key.
4. The method of claim 1, wherein decrypting the encrypted configuration information using the second key to obtain decrypted configuration information comprises:
extracting a ciphertext parameter of the second key;
and decrypting the encrypted configuration information according to the ciphertext parameter to obtain decrypted configuration information, wherein the configuration information comprises a service set identifier, an authentication mode and channel information.
5. An information authentication method, the method comprising:
the WIFI equipment acquires a first secret key which is the same as that of the network amplifier through the connected Ethernet line;
sending a data packet to the network amplifier according to a sending interval time defined by a self-defined Ethernet private protocol, wherein the data packet is used for indicating the network amplifier to encrypt a generated second key by using the first key to obtain a third key; the data packet comprises a challenge field, a first timestamp and a random number;
receiving request information sent by the network amplifier, wherein the request information comprises the third secret key and the data packet;
encrypting the configuration information according to the request information to obtain encrypted configuration information;
sending the encrypted configuration information to the network amplifier;
after receiving the request message sent by the network amplifier, the method further includes: acquiring a second timestamp when the network amplifier sends the request information; extracting a challenge field in the data packet, and verifying the request information and the second timestamp using the challenge field and the first key, including: extracting the challenge field and the first timestamp in the data packet, verifying the time according to the extracted first timestamp and the second timestamp, and verifying the extracted challenge field and the challenge field sent to the network amplifier; and after the verification is successful, extracting a third key in the request information, and decrypting the third key by using the first key to obtain the second key.
6. An information authentication apparatus, characterized in that the apparatus comprises:
the first acquisition module is used for the network amplifier to acquire a first secret key which is the same as the WIFI equipment through the connected Ethernet line;
the data packet receiving module is used for receiving a data packet sent by the WIFI equipment according to sending interval time defined by a self-defined Ethernet private protocol, extracting information in the data packet and generating a second secret key according to the information in the extracted data packet; the data packet includes a first timestamp, a challenge field, and a random number;
the key encryption module is used for encrypting the second key by adopting the first key to obtain a third key;
the information sending module is used for acquiring a current second timestamp and sending the second timestamp, a third secret key and the data packet to the WIFI equipment;
a configuration information receiving module, configured to receive encrypted configuration information sent by the WIFI device, where the configuration information is obtained by the WIFI device encrypting with the second secret key, and the second secret key is obtained by the WIFI device decrypting the third secret key, and the configuration information receiving module is configured to receive the encrypted configuration information sent by the WIFI device, and includes: the second key is obtained by the WIFI device decrypting the third key after the WIFI device successfully verifies the challenge field and the timestamp, wherein the WIFI device verifies time according to the extracted first timestamp and the extracted second timestamp when extracting the challenge field and the first timestamp from the data packet, and verifies the extracted challenge field and the challenge field sent to the network amplifier;
and the configuration information decryption module is used for decrypting the encrypted configuration information by adopting the second key to obtain the decrypted configuration information.
7. The apparatus of claim 6, wherein the information sending module is further configured to extract a first timestamp, a challenge field, and a random number from the data packet; according to the first key, performing information abstract calculation on the first timestamp, the challenge field and the random number to obtain a calculation result; and acquiring a current second timestamp, and sending the second timestamp and the calculation result to the WIFI equipment.
8. An information authentication apparatus, characterized in that the apparatus comprises:
the second acquisition module is used for acquiring a first secret key which is the same as the first secret key of the network amplifier by the WIFI equipment through the connected Ethernet line;
a data packet sending module, configured to send a data packet to the network amplifier according to a sending interval time defined by a self-defined ethernet private protocol, where the data packet is used for the network amplifier to generate a second key and encrypt the second key by using the first key, so as to obtain a third key; the data packet comprises a challenge field, a first timestamp and a random number;
an information receiving module, configured to receive request information sent by the network amplifier, where the request information includes the third key and a data packet sent to the network amplifier;
the configuration information encryption module is used for encrypting the configuration information to be encrypted according to the request information to obtain encrypted configuration information;
a configuration information sending module, configured to send the encrypted configuration information to the network amplifier;
the information receiving module is further configured to obtain a second timestamp when the request information is sent by the network amplifier after the request information sent by the network amplifier is received; extracting a challenge field in the data packet, and verifying the request information and the second timestamp using the challenge field and the first key, including: extracting the challenge field and the first timestamp in the data packet, verifying the time according to the extracted first timestamp and the second timestamp, and verifying the extracted challenge field and the challenge field sent to the network amplifier; and after the verification is successful, extracting a third key in the request information, and decrypting the third key by using the first key to obtain the second key.
9. A computer device comprising a memory, a processor and a computer program stored in the memory and executable on the processor, characterized in that the processor implements the steps of the method according to any of claims 1 to 5 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 5.
CN201711268194.3A 2017-12-05 2017-12-05 Information authentication method and device, computer equipment and storage medium Active CN108092958B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711268194.3A CN108092958B (en) 2017-12-05 2017-12-05 Information authentication method and device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711268194.3A CN108092958B (en) 2017-12-05 2017-12-05 Information authentication method and device, computer equipment and storage medium

Publications (2)

Publication Number Publication Date
CN108092958A CN108092958A (en) 2018-05-29
CN108092958B true CN108092958B (en) 2021-05-28

Family

ID=62173718

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711268194.3A Active CN108092958B (en) 2017-12-05 2017-12-05 Information authentication method and device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN108092958B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020000428A1 (en) * 2018-06-29 2020-01-02 Nokia Shanghai Bell Co., Ltd. Methods, devices and computer readable medium for key management
CN110310392B (en) * 2019-05-22 2021-07-16 平安科技(深圳)有限公司 Vehicle unlocking method and device, computer equipment and storage medium
CN113411283B (en) * 2020-03-16 2022-08-30 中国电信股份有限公司 Bidirectional authentication method, device and system
CN114520730B (en) * 2020-11-20 2023-06-20 腾讯科技(深圳)有限公司 Data transmission method, device, system, computer equipment and storage medium
CN114697000A (en) * 2020-12-28 2022-07-01 深圳Tcl新技术有限公司 Network distribution method, device, terminal and computer readable storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101621796A (en) * 2009-07-22 2010-01-06 中兴通讯股份有限公司 Method and device for access point automatic alignment in wireless distribution system
CN102204391A (en) * 2011-05-27 2011-09-28 华为终端有限公司 Repeater wps connection method and device
CN102685745A (en) * 2012-04-23 2012-09-19 深圳市江波龙电子有限公司 Wireless access point (AP) equipment authentication method and system
CN104754565A (en) * 2013-12-27 2015-07-01 中兴通讯股份有限公司 Wireless parameter sending and receiving method and device
CN106341867A (en) * 2016-08-30 2017-01-18 合肥润东通信科技股份有限公司 Wireless matching device and wireless matching method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101621796A (en) * 2009-07-22 2010-01-06 中兴通讯股份有限公司 Method and device for access point automatic alignment in wireless distribution system
CN102204391A (en) * 2011-05-27 2011-09-28 华为终端有限公司 Repeater wps connection method and device
CN102685745A (en) * 2012-04-23 2012-09-19 深圳市江波龙电子有限公司 Wireless access point (AP) equipment authentication method and system
CN104754565A (en) * 2013-12-27 2015-07-01 中兴通讯股份有限公司 Wireless parameter sending and receiving method and device
CN106341867A (en) * 2016-08-30 2017-01-18 合肥润东通信科技股份有限公司 Wireless matching device and wireless matching method

Also Published As

Publication number Publication date
CN108092958A (en) 2018-05-29

Similar Documents

Publication Publication Date Title
CN108092958B (en) Information authentication method and device, computer equipment and storage medium
US10158991B2 (en) Method and system for managing security keys for user and M2M devices in a wireless communication network environment
JP6168415B2 (en) Terminal authentication system, server device, and terminal authentication method
US8639929B2 (en) Method, device and system for authenticating gateway, node and server
TW201706900A (en) Method and device for authentication using dynamic passwords
US20110113250A1 (en) Security integration between a wireless and a wired network using a wireless gateway proxy
CN104980928A (en) Method, equipment and system used for establishing secure connection
WO2018189507A1 (en) Reduced bandwidth handshake communication
CN104735747A (en) Information transferring and receiving method and internet-of-things equipment
TWI581599B (en) Key generation system, data signature and encryption system and method
KR101706117B1 (en) Apparatus and method for other portable terminal authentication in portable terminal
EP3537652B1 (en) Method for securely controlling smart home appliance and terminal device
KR101675332B1 (en) Data commincaiton method for vehicle, Electronic Control Unit and system thereof
JP2021007233A (en) Device and related method for secure hearing device communication
CN112672342B (en) Data transmission method, device, equipment, system and storage medium
JP2018129793A (en) Communication method of hearing system and relevant device
US9356931B2 (en) Methods and apparatuses for secure end to end communication
CN108306793B (en) Intelligent device, intelligent home gateway, and method and system for establishing connection
CN110049045B (en) Safety certification system for power line carrier
CN105554008A (en) User terminal, authentication server, middle server, system and transmission method
CN109451504B (en) Internet of things module authentication method and system
CN103973543A (en) Method and device for instant messaging
WO2020188679A1 (en) Communication system
CN108881256B (en) Secret key exchange method and device, hydroelectric pile and network equipment
CN112512064B (en) Wireless distribution network method, wireless gateway and equipment to be accessed

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20231110

Address after: No.2, Danzi North Road, Kengzi street, Pingshan District, Shenzhen, Guangdong 518000

Patentee after: SHENZHEN GONGJIN ELECTRONICS Co.,Ltd.

Address before: 610000 area B, 10th floor, building 1, No.168, Tianfu 5th Street, high tech Zone, Chengdu, Sichuan Province

Patentee before: CHENGDU GONGWEI TECHNOLOGY CO.,LTD.