A kind of wireless networking verification method and system of digital certificate formula
Technical field
The invention belongs to technical field of network security, the wireless networking more particularly, to a kind of digital certificate formula is verified
Method and system.
Background technique
With the application of Wi-Fi network, the safety of networking is the Important Problems that user considers always, especially certain special
In the network environment of industry, inspection to networking user and the defence of loiter network is required more stringent.
Present networking verification mode only connects corresponding Wi-Fi network SSID, it is close to input corresponding wireless network
Code, as long as wireless router detects that the password of terminal input will correctly make accessing terminal to network.This networking verification mode
Only one layer of password protection, and password be it is shared, be easy leakage and usurp.
The patent of publication number CN108040358A discloses a kind of wireless network connecting method, terminal device and storage and is situated between
Matter, this method include:When receiving predetermined instruction, all channel scanning is carried out, obtains the parameter letter of the wireless network scanned
Breath, the parameter information of the wireless network include at least one of following:The signal strength indication of wireless network, wireless network place letter
The wireless device number of channel access where the channel utilization and wireless network in road;According to the wireless network parameter scanned
Information obtains the comprehensive performance of the wireless network scanned;Using the highest wireless network of the comprehensive performance as Target Wireless
Network, and request is initiated the connection to the target radio network;After password authentification is correct, that is, realize wireless network connection.
This method by initiating network connecting request to target radio network, can be connected after inputting correct wireless network password into
Net, security level is lower, and password is easy leakage and is stolen.
Compared with prior art, the present invention provides the wireless networking verification methods and system of a kind of digital certificate formula, lead to
The mode for crossing verifying terminal device digital certificate information improves the security level for the verifying that networks, protects the peace of wireless network
Entirely, it meets to the verifying more strict requirements that network.
Summary of the invention
For the disadvantages described above and Improvement requirement of the prior art, the present invention provides a kind of wireless networkings of digital certificate formula
Verification method and system, its purpose is to provide a kind of safer wireless networking verification modes, thus solve the prior art
The technical issues of existing Internet resources are arbitrarily usurped.
To achieve the above object, the present invention provides a kind of wireless networking verification methods of digital certificate formula, including step:
S1. the information of receiving terminal apparatus is sent wireless network request and terminal device;
S2. corresponding digital certificate information is generated according to the information of the received terminal device and is added with private key
It is close;
S3. receiving terminal apparatus send digital certificate authentication information and be decrypted with public key;
S4. judge whether the digital certificate authentication information of the decryption is consistent with corresponding digital certificate information, if unanimously,
Then to the terminal device open network permission.
It further, further include step before step S2:
Judge whether the terminal device is trusted device according to the information of the received terminal device, if so,
Starting step S2.
Further, step S2 further includes step:
The digital certificate information of the generation is sent to terminal device.
Further, step S4 specifically includes step:
Whether each for judging the digital certificate authentication information of the decryption is each with corresponding digital certificate information
Position is consistent, if unanimously, to the terminal device open network permission.
It further, after step s4, further include step:
The information of the terminal device networked is stored.
Correspondingly, a kind of wireless networking verifying system of digital certificate formula is also provided, including:
First receiving module, the information for wireless network request and terminal device that receiving terminal apparatus is sent;
Second receiving module, the digital certificate authentication information sent for receiving terminal apparatus;
Generation module, for generating corresponding digital certificate information according to the information of the received terminal device;
Encrypting module, for encrypting the digital certificate information of the generation;
Deciphering module, for the received digital certificate authentication information to be decrypted;
First judgment module, for judge the decryption digital certificate authentication information whether with corresponding digital certificate believe
Breath is consistent.
Further, further include:
Second judgment module, for judging whether the terminal device is trusted device;
Further, further include:
Sending module, for the digital certificate information of the generation to be sent to terminal device;
Further, further include:
Comparison unit, for judge the decryption digital certificate authentication information each whether with it is corresponding number demonstrate,prove
Each of letter breath is consistent.
Further, further include:
Memory module, for storing the information of the terminal device networked.
Compared with prior art, the present invention having the following advantages:
By the exclusive digital certificate of verifying terminal device, and to data between wireless router and terminal device transmit into
The encryption of row key is completed the verifying of the networking to terminal device with this, by digital certificate and public and private key duplicate protection, is improved
Network the safety grades verified, and making to network, it is more safe and reliable to verify, and protects Internet resources.
Detailed description of the invention
Fig. 1 is a kind of wireless networking verification method flow chart for digital certificate formula that embodiment one provides;
Fig. 2 is a kind of wireless networking verifying system construction drawing for digital certificate formula that embodiment one provides;
Fig. 3 is a kind of wireless networking verification method flow chart for digital certificate formula that embodiment two provides;
Fig. 4 is a kind of wireless networking verifying system construction drawing for digital certificate formula that embodiment two provides.
Specific embodiment
Following is a specific embodiment of the present invention in conjunction with the accompanying drawings, technical scheme of the present invention will be further described,
However, the present invention is not limited to these examples.
Embodiment one
The present embodiment provides a kind of wireless networking verification methods of digital certificate formula, as shown in Figure 1, including step:
S11. the information of receiving terminal apparatus is sent wireless network request and terminal device;
S12. corresponding digital certificate information is generated according to the information of the received terminal device and is added with private key
It is close;
S13. receiving terminal apparatus send digital certificate authentication information and be decrypted with public key;
S14. judge whether the digital certificate authentication information of the decryption is consistent with corresponding digital certificate information, if one
It causes, then to the terminal device open network permission.
It further, further include step before step S12:
Judge whether the terminal device is trusted device according to the information of the received terminal device, if so,
Starting step S12.
Further, step S12 further includes step:
The digital certificate information of the generation is sent to terminal device.
Digital certificate is the volume of data for indicating network user identity information, and it is each to be used to the identification communication in network communication
The identity of side.Digital certificate uses public-key cryptosystem, i.e., is encrypted, decrypted, each user using a pair of matched key
Possessing one is only the private cipher key (private key) grasped in person, is encrypted and is signed with it;Possess simultaneously another public
Key (public key) simultaneously can be with external disclosure, for decrypting and verifying signature.When sending a classified document, sender uses private
Key is to data encryption, and recipient is decrypted using public key, in this way, information can arrive at the destination safe and punctually,
Even if being intercepted and captured by third party, due to lacking corresponding public key, can not be decrypted.
Terminal device can only carry out the transmission of Wi-Fi data with wireless router only by the password of input SSID, can not
Forwarded is carried out using wireless router networks, it is necessary to by further verifying.When terminal device networks for the first time, when wireless
After router receives the wireless networking request of terminal device transmission and the information of terminal device, first according to the letter of terminal device
Breath judges whether the terminal device is trusted device, if it is, being specific to the end according to the generation of the information of the terminal device
The digital certificate of end equipment, the digital certificate are made of a lot of character, represent the identity and qualification of terminal device, and will
The digital certificate of generation carries out encryption using the private key of wireless router and is sent to terminal device.
Wireless router can assist the public and private key of installing terminal equipment when terminal device proposes networking request for the first time, this is public and private
Key is the public and private key of terminal device, and the data of transmission are encrypted convenient for terminal device.When terminal device receive through
It crosses the digital certificate of the private key encryption of wireless router and is successfully installed after public and private key, wireless router can then be set to terminal
Preparation send digital certificate authentication order, for example, wireless router sends order " 4 be character after verifying digital certificate ", the order
It is sent to terminal device by the private key encryption of wireless router, the public key of terminal device wireless router is decrypted to obtain
Command context, and verification information is replied to wireless router according to the content of order, such as terminal device replys " 7e02 ",
" 7e02 " is sent to terminal device by the private key encryption of terminal device.Wireless router receives the number of terminal device reply
It after certification authentication information, is decrypted using the public key of terminal device and is verified content, then verifying content is counted with corresponding
Word certificate information compares judgement, if unanimously, to the terminal device open network permission.
Further, step S14 specifically includes step:
Whether each for judging the digital certificate authentication information of the decryption is each with corresponding digital certificate information
Position is consistent, if unanimously, to the terminal device open network permission.
For wireless router after receiving the digital certificate authentication information of terminal device reply and successful decryption, being will be digital
It is all consistent compared with each bit digital of certification authentication information carries out one by one with each bit digital of corresponding digital certificate information
Afterwards, just to the terminal device open network permission.
For example, the digital certificate authentication instruction that wireless router is sent is " 4 characters after verifying digital certificate ", terminal is set
The standby digital certificate authentication information replied is " 7e02 ", and wireless router then demonstrate,proves the number of this verification information and itself storage
4 characters compare after letter breath, all consistent, then wireless router is to the terminal device open network permission.
Correspondingly, a kind of wireless networking verifying system of digital certificate formula is also provided, as shown in Fig. 2, including:
First receiving module 11, the information for wireless network request and terminal device that receiving terminal apparatus is sent;
Generation module 12, for generating corresponding digital certificate information according to the information of the received terminal device;
Encrypting module 13, for encrypting the digital certificate information of the generation;
Second receiving module 14, the digital certificate authentication information sent for receiving terminal apparatus;
Deciphering module 15, for the received digital certificate authentication information to be decrypted;
First judgment module 16, for judge the decryption digital certificate authentication information whether with corresponding digital certificate
Information is consistent.
Further, further include:
Second judgment module 17, for judging whether the terminal device is trusted device;
Further, further include:
Sending module 18, for the digital certificate information of the generation to be sent to terminal device;
First receiving module 11 is sent after receiving the wireless networking request of terminal device transmission and the information of terminal device
To the second judgment module, judge whether the terminal device is credible according to the information of the terminal device by the second judgment module 17
Appoint equipment, if so, generation module 12 then generates corresponding digital certificate according to the information of the terminal device, and by encrypting module
13 encrypt the digital certificate information of the generation, then the digital certificate of generation is sent to terminal by sending module 18 and is set
It is standby.The digital certificate authentication information that second receiving module, 14 receiving terminal apparatus is sent, and the verification information is sent to decryption
Module 15 is decrypted, and when deciphering module 15 is after decryption obtains the content of digital certificate authentication information, is sent to first
Judgment module 16 is verified.
Further, further include:
Comparison unit 19, for judge the decryption digital certificate authentication information each bit digital whether with it is corresponding
Each bit digital of digital certificate information is consistent.
After first judgment module 16 receives the content of the digital certificate authentication information of the transmission of deciphering module 15, sentenced by first
The comparison unit 19 of disconnected module 16 by the digital certificate authentication information of decryption each is every with corresponding digital certificate information
One compares, and verifies whether completely the same.
The present embodiment digital certificate exclusive by verifying terminal device, and to number between wireless router and terminal device
Key encryption is carried out according to transmission, the verifying of the networking to terminal device is completed with this, passes through digital certificate and the dual guarantor of public and private key
Shield improves the safety grades for the verifying that networks, and making to network, it is more safe and reliable to verify, and protects Internet resources.
Embodiment two
The present embodiment provides a kind of wireless networking verification methods of digital certificate formula, as shown in figure 3, including step:
S21. the information of receiving terminal apparatus is sent wireless network request and terminal device;
S22. corresponding digital certificate information is generated according to the information of the received terminal device and is added with private key
It is close;
S23. receiving terminal apparatus send digital certificate authentication information and be decrypted with public key;
S24. judge whether the digital certificate authentication information of the decryption is consistent with corresponding digital certificate information, if one
It causes, then to the terminal device open network permission.
It further, further include step before step S22:
Judge whether the terminal device is trusted device according to the information of the received terminal device, if so,
Starting step S22.
Further, step S22 further includes step:
The digital certificate information of the generation is sent to terminal device.
Further, step S24 specifically includes step:
Whether each for judging the digital certificate authentication information of the decryption is each with corresponding digital certificate information
Position is consistent, if unanimously, to the terminal device open network permission.
It further, further include step after step S24:
S25. the information of the terminal device networked is stored.
What is different from the first embodiment is that further including step S25 after step S24.
S25. the information of the terminal device networked is stored.
After terminal device is successfully connected networking, carried out by the information that wireless router will have connected the terminal device of networking
Storage, so that terminal device is connected to the network in the wireless network region automatically in the future, without verifying repeatedly.
The present embodiment the advantage is that compared to embodiment one:
After terminal device is successfully connected networking, carried out by the information that wireless router will have connected the terminal device of networking
Storage, so that terminal device is connected to the network in the wireless network region automatically in the future, avoids duplicate verifying behavior,
Improve the experience of user.
Correspondingly, a kind of wireless networking verifying system of digital certificate formula is also provided, as shown in figure 4, including:
First receiving module 20, the information for wireless network request and terminal device that receiving terminal apparatus is sent;
Generation module 21, for generating corresponding digital certificate information according to the information of the received terminal device;
Encrypting module 22, for encrypting the digital certificate information of the generation;
Second receiving module 23, the digital certificate authentication information sent for receiving terminal apparatus;
Deciphering module 24, for the received digital certificate authentication information to be decrypted;
First judgment module 25, for judge the decryption digital certificate authentication information whether with corresponding digital certificate
Information is consistent.
Further, further include:
Second judgment module 26, for judging whether the terminal device is trusted device;
Further, further include:
Sending module 27, for the digital certificate information of the generation to be sent to terminal device;
Further, further include:
Comparison unit 28, for judge the decryption digital certificate authentication information each bit digital whether with it is corresponding
Each bit digital of digital certificate information is consistent.
Further, further include:
Memory module 29, for storing the information of the terminal device networked.
What is different from the first embodiment is that further including memory module 29.
When first judgment module 25 comparison unit 28 by comparison, the digital certificate authentication information of the decryption it is each
A number is all consistent with each bit digital of corresponding digital certificate information, and wireless router is then to the terminal device open network
Permission, meanwhile, the information of the terminal device networked is stored by memory module 29.
Wireless router stores the information for having connected the terminal device of networking, so that terminal device is in the future in the nothing
Line is connected to the network automatically in network area, is avoided duplicate verifying behavior, is improved the experience of user.
Specific embodiment described herein is only an example for the spirit of the invention.The neck of technology belonging to the present invention
The technical staff in domain can make various modifications or additions to the described embodiments or replace by a similar method
In generation, however, it does not deviate from the spirit of the invention or beyond the scope of the appended claims.