CN111131282B - Request encryption method and device, electronic equipment and storage medium - Google Patents

Request encryption method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN111131282B
CN111131282B CN201911389474.9A CN201911389474A CN111131282B CN 111131282 B CN111131282 B CN 111131282B CN 201911389474 A CN201911389474 A CN 201911389474A CN 111131282 B CN111131282 B CN 111131282B
Authority
CN
China
Prior art keywords
request
encryption
encrypted
field
corresponding relation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911389474.9A
Other languages
Chinese (zh)
Other versions
CN111131282A (en
Inventor
韩潮
谢强
陈国庆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan Jiyi Network Technology Co ltd
Original Assignee
Wuhan Jiyi Network Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan Jiyi Network Technology Co ltd filed Critical Wuhan Jiyi Network Technology Co ltd
Priority to CN201911389474.9A priority Critical patent/CN111131282B/en
Publication of CN111131282A publication Critical patent/CN111131282A/en
Application granted granted Critical
Publication of CN111131282B publication Critical patent/CN111131282B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides a request encryption method, a request encryption device, electronic equipment and a storage medium, and relates to the technical field of communication. The method comprises the following steps: determining a corresponding field of a request parameter needing to be encrypted in a request body; replacing the key value of the corresponding field with a specified character; encrypting the corresponding relation between the key value and the specified character by adopting a specified encryption mode to obtain a corresponding relation ciphertext; adding the corresponding relation ciphertext into the request body to obtain an encrypted request body; and sending a request containing the encryption request body to a server. The encryption request body is received and decrypted by matching with the server, so that the request field data of the request body in each request are different, and the request security is improved.

Description

Request encryption method and device, electronic equipment and storage medium
Technical Field
The present application relates to the field of communications technologies, and in particular, to a request encryption method and apparatus, an electronic device, and a storage medium.
Background
As network interaction matures, network security issues become more important. When the client and the server send request information, a request field sent by the client to the server is easy to intercept and capture, the field rule is fixed, a cracker can analyze a code to obtain data of a corresponding field, and the cracker completes cracking through a request interface, so that privacy data in the request field is obtained, and the method is often suitable for a subsequent request field sent between the client and the server after one-time cracking. Therefore, the existing request field and request mode have the problem of low security.
Disclosure of Invention
In view of the above, an object of the embodiments of the present application is to provide a request encryption method, apparatus, electronic device and storage medium, so as to solve the problem of low request security in the prior art.
The embodiment of the application provides a request encryption method, which is applied to a client and comprises the following steps: determining a corresponding field of a request parameter needing to be encrypted in a request body; replacing the key value of the corresponding field with a specified character; encrypting the corresponding relation between the key value and the specified character by adopting a specified encryption mode to obtain a corresponding relation ciphertext; adding the corresponding relation ciphertext into the request body to obtain an encrypted request body; and sending a request containing the encryption request body to a server.
In the implementation mode, the key value replacement is carried out on the request parameters in the request body, and the key value and the replaced designated characters are encrypted, so that key value related fields in the request body sent by the client each time are different and are protected by encryption, a cracker is prevented from cracking all requests sent by the client through one-time code analysis, and the request security is improved.
Optionally, the determining a corresponding field of the request parameter that needs to be encrypted in the request body includes: and determining the field with the specified field identification in the request body as the corresponding field of the request parameter needing encryption.
In the implementation mode, the corresponding field needing to be replaced is determined by the specified field identification added to the request parameter needing to be encrypted, so that the accuracy of request encryption is improved.
Optionally, before the determining the corresponding field in the request body based on the field identification, the method further comprises: and adding the specified field identification to the corresponding field of the request parameter needing to be encrypted in the request body.
In the implementation mode, the field needing to be encrypted is added with the designated field identification, the field can be identified based on the designated field identification, and the field can be subjected to character replacement or other required processing, so that the flexibility and the accuracy of encryption request are improved.
Optionally, before the determining a corresponding field of the request parameter that needs to be encrypted in the request body, the method further includes: packaging the request containing the request body into a JS file; the determining of the corresponding field of the request parameter to be encrypted in the request body includes: and determining a corresponding field of the request parameters needing to be encrypted in a request body contained in the JS file.
In the implementation mode, the request body is packaged into the JS file for subsequent processing, so that the network load can be reduced based on the code reuse and compression characteristics of the JS file, and the request efficiency is improved.
Optionally, the sending the request including the encrypted requestor to the server includes: and after the request contained in the JS file is triggered, sending a request containing the encryption request body to the server.
In the implementation mode, after the encryption of the request body is completed, the request body is immediately sent to the server after being triggered, the generation and encryption processing of the request do not need to be waited, and the instantaneity and the efficiency of the request are improved.
The embodiment of the application also provides a request encryption method, which is applied to a server side and comprises the following steps: receiving a request containing an encryption request body sent by a client; decrypting the corresponding relation ciphertext in the encryption request body by adopting a specified encryption mode to obtain the corresponding relation between the key value of the corresponding field of the request parameter needing to be encrypted and the specified character; and replacing the specified characters in the encrypted request body with the key values of the corresponding fields based on the corresponding relation so as to obtain an unencrypted request body.
In the implementation mode, the appointed characters in the request body are replaced by the decrypted ciphertext back to the key values, so that the server can quickly analyze the received request each time, a third party incapable of decrypting the ciphertext cannot perform request cracking, a cracker is prevented from cracking all the requests sent by the client through one-time code analysis, and the request safety is improved.
An embodiment of the present application further provides a request encryption apparatus, which is applied to a client, where the apparatus includes: the parameter field determining module is used for determining a corresponding field of a request parameter needing to be encrypted in a request body; the key value replacing module is used for replacing the key value of the corresponding field with a designated character; the encryption module is used for encrypting the corresponding relation between the key value and the specified character by adopting a specified encryption mode to obtain a corresponding relation ciphertext; the splicing module is used for adding the corresponding relation ciphertext into the request body to obtain an encrypted request body; and the request sending module is used for sending a request containing the encryption request body to a server.
In the implementation mode, the key value replacement is carried out on the request parameters in the request body, and the key value and the replaced designated characters are encrypted, so that key value related fields in the request body sent by the client each time are different and are protected by encryption, a cracker is prevented from cracking all requests sent by the client through one-time code analysis, and the request security is improved.
Optionally, the parameter field determining module is specifically configured to: and determining the field with the specified field identification in the request body as the corresponding field of the request parameter needing encryption.
In the implementation mode, the corresponding field needing to be replaced is determined by the specified field identification added to the request parameter needing to be encrypted, so that the accuracy of request encryption is improved.
Optionally, the request encryption apparatus further includes: and the identification module is used for adding the specified field identification to the corresponding field of the request parameter needing to be encrypted in the request body.
In the implementation mode, the field needing to be encrypted is added with the designated field identification, the field can be identified based on the designated field identification, and the field can be subjected to character replacement or other required processing, so that the flexibility and the accuracy of encryption request are improved.
Optionally, the request encryption apparatus further includes: the packaging module is used for packaging the request containing the request body into the JS file; the parameter field determination module is specifically configured to: and determining a corresponding field of the request parameter needing to be encrypted in a request body contained in the JS file.
In the implementation mode, the request is packaged into the JS file for subsequent processing, so that the network load can be reduced based on the code reuse and compression characteristics of the JS file, and the request efficiency is improved.
Optionally, the request sending module is specifically configured to: and after the request contained in the JS file is triggered, sending a request containing the encryption request body to the server.
In the implementation mode, after the encryption of the request body is completed, the request body is immediately sent to the server after being triggered, the generation and encryption processing of the request do not need to be waited, and the instantaneity and the efficiency of the request are improved.
The embodiment of the present application further provides a request encryption apparatus, which is applied to a server, and the apparatus includes: the request receiving module is used for receiving a request containing an encryption request body sent by a client; the decryption module is used for decrypting the corresponding relation ciphertext in the encryption request body in a specified encryption mode to obtain the corresponding relation between the key value of the corresponding field of the request parameter to be encrypted and the specified character; and the character replacing module is used for replacing the specified characters in the encrypted request body with the key values of the corresponding fields based on the corresponding relation so as to obtain the unencrypted request body.
In the implementation mode, the appointed characters in the request body are replaced by the decrypted ciphertext back to the key values, so that the server can quickly analyze the received request each time, a third party incapable of decrypting the ciphertext cannot perform request cracking, a cracker is prevented from cracking all the requests sent by the client through one-time code analysis, and the request safety is improved.
An embodiment of the present application further provides an electronic device, where the electronic device includes a memory and a processor, where the memory stores program instructions, and the processor executes steps in any one of the above implementation manners when reading and executing the program instructions.
The embodiment of the present application further provides a readable storage medium, in which computer program instructions are stored, and the computer program instructions are read by a processor and executed to perform the steps in any of the above implementation manners.
Drawings
To more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments of the present application will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and that those skilled in the art can also obtain other related drawings based on the drawings without inventive efforts.
Fig. 1 is a schematic flowchart of a request encryption method applied to a client according to an embodiment of the present disclosure;
fig. 2 is a schematic flowchart of a request encryption method applied to a server according to an embodiment of the present disclosure;
fig. 3 is a schematic flowchart of interaction logic of a request encryption method according to an embodiment of the present application;
fig. 4 is a schematic block diagram of a request encryption apparatus applied to a client according to an embodiment of the present application;
fig. 5 is a schematic block diagram of a request encryption apparatus applied to a server according to an embodiment of the present disclosure.
An icon: 30-requesting an encryption device; 31-parameter field determination module; 32-key value replacement module; 33-an encryption module; 34-a splicing module; 35-request sending module; 40-requesting an encryption device; 41-request receiving module; 42-a decryption module; 43-character replacement module.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
The applicant researches and discovers that in the prior art, when verification codes and other conditions need to be sent, a client generally needs to send a request to a server, a request body of the request often contains privacy information of a user, such as an account number, a password and the like, and the arrangement rule of each field in a request field is fixed, so that a cracker can analyze the code to obtain data of the corresponding field, the cracker can complete cracking through a request interface to obtain the privacy information, and can continuously obtain the privacy information from the request body of the client based on a cracking result after once cracking, and great potential safety hazards exist.
In order to solve the above problem, an embodiment of the present application provides a request encryption method applied to a client, please refer to fig. 1, where fig. 1 is a schematic flow diagram of the request encryption method applied to the client according to the embodiment of the present application. The specific steps can be as follows:
step S11: the corresponding field of the request parameter to be encrypted in the request body is determined.
The request in this embodiment may be, but is not limited to, an HTTP (HyperText Transfer Protocol) request, and the HTTP request generally includes a request line, a request header, and a request body. Wherein, the request line contains a request method field, a URL (Uniform Resource Locator) field and an HTTP protocol version; the request head comprises fields of a host address, a request browser type generation field, a client recognizable type list and the like; the request body includes a data body, which may be information to be queried, and further, the data body may further include data such as an account and a password of the user.
In this embodiment, data of fields such as an account and a password in the request body is generally request parameters that need to be encrypted, and optionally, the request parameters may be flexibly set according to specific requirements. For example, when the request body is "name & tom & password & 1234& realName & tomson", it is possible to set "tom" and "1234" as the request parameters, and the corresponding field "name & tom & password & 1234" is the corresponding field of the request parameters.
As an optional implementation manner, in this embodiment, a corresponding field of a request parameter that needs to be encrypted may be determined based on a pre-added identifier, and before step S11, an identifier needs to be added to a field corresponding to the request parameter, such as a field corresponding to a key value in a request body, and the specific steps may be: and adding specified field identification to the corresponding field of the request parameter needing to be encrypted in the request body.
Further, the step S11 may specifically include, in response to the request body with the specified field identifier added, that: and determining the field with the specified field identification in the request body as the corresponding field of the request parameter needing encryption.
Alternatively, the designated field identification may be any preset number, letter, or other character.
As an optional implementation manner, in this embodiment, the step of adding the identifier to the corresponding field of the request parameter may be executed by the JS packaging module, and the JS packaging module may further package the request after the identifier is added as a whole into the JS file. JS is an extension of a JavaScript file, such as xx.
Alternatively, the JS packaging module may be implemented based on gulp, rollup, webpack or other software tools.
When the request is a JS file, step S11 may specifically be: and determining a corresponding field of the request parameter needing to be encrypted in the request body contained in the JS file. The JS-format file has the functions of code reuse, file compression and the like, so that the network load can be reduced and the request efficiency can be improved by converting the request into the JS file and then processing the JS file.
Step S12: the key value of the corresponding field is replaced with a specified character.
The request body usually stores in a Key-Value pair (Key-Value) manner, for example, "name" ("tom" ("password") "1234" ("realName" ("tomson") "may be stored as a Key code corresponding to the Key Value" name ", where" 1234 "is stored as a Key code corresponding to the Key Value" password ", and" tomson "(" tomson ") is stored as a Key code corresponding to the Key Value" realName ", so a cracker may extract a Key-Value field, and then extract data such as an account number and a password based on a correspondence between the Key Value and the Key code. Therefore, in the embodiment, the field representing the key value is replaced by the designated character, and a cracker cannot determine the key value, so that the request security is improved.
Optionally, the designated character may be a designated character corresponding to a key value of a corresponding field in a preset set of rules, or may be a randomly generated character.
When the request is converted into the JS file, the processing principle of step S12 is to parse the JS file into an Abstract Syntax Tree (AST), then perform corresponding processing such as variable name replacement, control flow processing, and the like on the AST, replace the key value of the corresponding field with the designated character, and then compile the AST into the JS file, so that the subsequent steps are processed based on the JS file.
Step S13: and encrypting the corresponding relation between the key value and the specified character by adopting a specified encryption mode to obtain a corresponding relation ciphertext.
Alternatively, the specified Encryption mode in this embodiment may be an AES (Advanced Encryption Standard) Encryption Algorithm, an MD5(Message-Digest Algorithm) Encryption Algorithm, an RSA (Rivest-Shamir-Adleman) Encryption Algorithm, or any other Encryption Algorithm.
In this embodiment, the correspondence between the key value and the designated character may be represented by a comparison table, that is, when the designated character is used to replace the key value, a comparison table is generated based on the one-to-one correspondence between the designated character and the key value. For example, { "$ _ dTsd": name "," $ _3Edr ": password" } is a look-up table in which "$ _ dTsd" is a designated character of the replacement key value "name" and "$ _3 Edr" is a designated character of the replacement key value "password".
And when the corresponding relation is the comparison table, the corresponding relation ciphertext is the encrypted comparison table ciphertext.
In the embodiment, the corresponding relation between the subtraction value and the designated character is stored and extracted through the comparison table, so that encryption and decryption can be conveniently and quickly realized, and the accuracy and the efficiency of the request processing flow are improved.
Step S14: and adding the corresponding relation ciphertext into the request body to obtain an encrypted request body.
It should be understood that, when the correspondence ciphertext is added as a new field to the request body, a ciphertext identifier may be added to the field of the correspondence ciphertext, so that the server side may locate the correspondence ciphertext.
Step S15: and sending a request containing an encryption request body to a server.
Usually, the request is placed in a production environment, and the request is sent to the server when the request is triggered, and this embodiment may execute steps S11-S15 when the request is triggered, and then immediately send the request including the encrypted request body to the server, or may generate the request including the encrypted request body and send it to the server when the request is triggered.
When the request is a JS file, the request is triggered for the JS module based on the JS file, and then the request in the JS file is sent to the server side.
In order to cooperate with the request encryption method applied to the client, this embodiment further provides a request encryption method applied to the server, please refer to fig. 2, and fig. 2 is a schematic flow diagram of the request encryption method applied to the server according to this embodiment. The specific steps can be as follows:
step S21: and receiving a request containing an encryption request body sent by a client.
Step S22: and decrypting the corresponding relation ciphertext in the encryption request body by adopting a specified encryption mode to obtain the corresponding relation between the key value of the corresponding field of the request parameter needing to be encrypted and the specified character.
The specified encryption mode is an encryption mode for acquiring the corresponding relation ciphertext from the client, and the specified encryption mode can be determined by pre-negotiation between the client and the server.
Step S23: and replacing the specified characters in the encrypted request body with key values of the corresponding fields based on the corresponding relation so as to obtain the unencrypted request body.
It should be understood that step S23 is a reverse step of step S12, and the detailed step flow thereof is not described herein again.
In addition, the request encryption method provided by the embodiment can be applied to any scene that the client sends a request and the server responds to the request, such as an authentication code, account login and the like.
The request encryption process is explained based on the interaction between the client and the server: the client comprises a JS module and an obfuscating module, the client packs the request into a JS file through the JS module and then sends the JS file to the obfuscating module, the obfuscating module replaces key values of corresponding fields of request parameters needing to be encrypted in a request body contained in the JS file with designated characters and generates corresponding relation ciphertexts, the corresponding relation ciphertexts are obtained after the corresponding relation ciphertexts are encrypted in a designated encryption mode, meanwhile, the client shares encryption and decryption logics of the designated encryption mode with the server through the obfuscating module, the corresponding relation ciphertexts are added into the request body as new fields, then the JS file with the corresponding relation ciphertexts is sent back to the JS module, the JS module puts the JS file into a production environment, and the JS module sends the JS file, namely the request, to the server when the request is triggered. And after receiving the request, the server decrypts the corresponding relation ciphertext by adopting the shared decryption logic, and replaces the specified character in the request body with the key value based on the corresponding relation between the key value obtained by decryption and the specified character, so that a normal request is obtained, and the corresponding or other subsequent operations are continuously carried out on the request.
For convenience of understanding, please refer to fig. 3, where fig. 3 is a schematic flowchart of an interaction logic of a request encryption method according to an embodiment of the present application.
In the embodiment, based on the request encryption method applied to the client and the server, through interaction between the client and the server, the client performs key value replacement on request parameters in a request body and encrypts key values and replaced designated characters, so that key value related fields in the request body sent by the client each time are different and are protected by encryption, a cracker is prevented from cracking all requests sent by the client through one-time code analysis, and the server determines original key values in the requests based on the key values obtained by decryption and the replacement relationship of the designated characters, so that normal response or other operations can be performed on the requests, and the request security is improved.
In order to cooperate with the request encryption method applied to the client, the present embodiment further provides a request encryption device 30, please refer to fig. 4, and fig. 4 is a schematic block diagram of a request encryption device applied to the client according to the present embodiment.
The request encryption device 30 includes:
a parameter field determining module 31, configured to determine a corresponding field of a request parameter to be encrypted in a request body;
a key value replacing module 32, configured to replace the key value of the corresponding field with a specified character;
the encryption module 33 is configured to encrypt the corresponding relationship between the key value and the designated character by using a designated encryption method to obtain a corresponding relationship ciphertext;
the splicing module 34 is configured to add the corresponding relation ciphertext to the request body to obtain an encrypted request body;
a request sending module 35, configured to send a request including an encrypted request body to a server.
Optionally, the parameter field determining module 31 is specifically configured to: and determining the field with the specified field identification in the request body as the corresponding field of the request parameter needing encryption.
Optionally, the request encryption device 30 further includes: and the identification module is used for adding specified field identification to the corresponding field of the request parameter needing to be encrypted in the request body.
Optionally, the request encryption device 30 further includes: and the packaging module is used for packaging the request containing the request body into the JS file. The parameter field determination module 31 is specifically configured to: and determining a corresponding field of the request parameter needing to be encrypted in the request body contained in the JS file.
Optionally, the request sending module 35 is specifically configured to: and after the request contained in the JS file is triggered, sending the request containing the encryption request body to the server.
In order to cooperate with the request encryption method applied to the server, the present embodiment further provides a request encryption device 40, please refer to fig. 5, and fig. 5 is a schematic block diagram of a request encryption device applied to the server according to the present embodiment.
The request encryption device 40 includes:
a request receiving module 41, configured to receive a request containing an encrypted request body sent by a client;
the decryption module 42 is configured to decrypt the corresponding relationship ciphertext in the encrypted request body in a specified encryption manner, and obtain a corresponding relationship between a key value of a corresponding field of the request parameter to be encrypted and a specified character;
and a character replacing module 43, configured to replace the specified character in the encrypted request body with the key value of the corresponding field based on the correspondence relationship, so as to obtain an unencrypted request body.
The embodiment of the present application further provides an electronic device, where the electronic device includes a memory and a processor, where the memory stores program instructions, and when the processor reads and runs the program instructions, the processor executes steps in any one of the methods of the request encryption method provided in this embodiment.
It should be understood that the electronic device may be a Personal Computer (PC), a tablet PC, a smart phone, a Personal Digital Assistant (PDA), or other electronic device having a logic calculation function.
The embodiment of the application also provides a storage medium, wherein computer program instructions are stored in the storage medium, and when the computer program instructions are read and operated by a processor, the steps in the request encryption method are executed.
To sum up, the embodiment of the present application provides a request encryption method, an apparatus, an electronic device, and a storage medium, where the request encryption method applied to a client includes: determining a corresponding field of a request parameter needing to be encrypted in a request body; replacing the key value of the corresponding field with a specified character; encrypting the corresponding relation between the key value and the specified character by adopting a specified encryption mode to obtain a corresponding relation ciphertext; adding the corresponding relation ciphertext into the request body to obtain an encrypted request body; and sending a request containing the encryption request body to a server.
In the implementation mode, the key value replacement is carried out on the request parameters in the request body, and the key value and the replaced designated characters are encrypted, so that key value related fields in the request body sent by the client each time are different and are protected by encryption, a cracker is prevented from cracking all requests sent by the client through one-time code analysis, and the request security is improved.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus may be implemented in other manners. The apparatus embodiments described above are merely illustrative, and for example, the block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of devices according to various embodiments of the present application. In this regard, each block in the block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams, and combinations of blocks in the block diagrams, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Therefore, the present embodiment further provides a readable storage medium, in which computer program instructions are stored, and when the computer program instructions are read and executed by a processor, the computer program instructions perform the steps of any of the block data storage methods. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read-Only Memory (ROM), a RanDom Access Memory (RAM), a magnetic disk, or an optical disk.
The above description is only an example of the present application and is not intended to limit the scope of the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.

Claims (10)

1. A request encryption method applied to a client, the method comprising:
determining a corresponding field of a request parameter needing to be encrypted in a request body;
replacing the key value of the corresponding field with a specified character;
encrypting a comparison table generated by the corresponding relation between the key value and the specified character by adopting a specified encryption mode to obtain a corresponding relation ciphertext;
adding the corresponding relation ciphertext into the requester to obtain an encrypted requester;
sending a request containing the encryption request body to a server;
wherein, the mode of replacing the key value of the corresponding field with the designated character comprises the following steps: and carrying out a non-equal character number replacement mode on the corresponding field according to a comparison table generated by the one-to-one correspondence of the designated characters and the key values.
2. The method of claim 1, wherein determining the corresponding field of the request parameter requiring encryption in the request body comprises:
and determining the field with the specified field identification in the request body as the corresponding field of the request parameter needing encryption.
3. The method of claim 2, wherein prior to determining the corresponding field in the request body based on a field identification, the method further comprises:
and adding the specified field identification to the corresponding field of the request parameter needing to be encrypted in the request body.
4. The method according to any of claims 1-3, wherein prior to said determining the corresponding field of the request parameter in the request body that requires encryption, the method further comprises:
packaging the request containing the request body into a JS file;
the determining of the corresponding field of the request parameter to be encrypted in the request body includes:
and determining a corresponding field of the request parameter needing to be encrypted in a request body contained in the JS file.
5. The method of claim 4, wherein sending the request including the encrypted requestor to the server comprises:
and after the request contained in the JS file is triggered, sending a request containing the encryption request body to the server.
6. A request encryption method is applied to a server side, and comprises the following steps:
receiving a request containing an encryption request body sent by a client;
decrypting the corresponding relation ciphertext in the encryption request body by adopting a specified encryption mode to obtain the corresponding relation between the key value of the corresponding field of the request parameter needing to be encrypted and the specified character;
replacing the specified characters in the encrypted request body with the key values of the corresponding fields based on a comparison table generated based on the corresponding relation so as to obtain an unencrypted request body; wherein, the replacement mode of the key value replacement module comprises the following steps: and carrying out a non-equal character number replacement mode on the comparison table generated by the corresponding field according to the one-to-one corresponding relation of the designated characters and the key values.
7. A request encryption apparatus, applied to a client, the apparatus comprising:
the parameter field determining module is used for determining a corresponding field of a request parameter needing to be encrypted in a request body;
the key value replacing module is used for replacing the key value of the corresponding field with a designated character;
the encryption module is used for encrypting a comparison table generated by the corresponding relation between the key value and the specified character by adopting a specified encryption mode to obtain a corresponding relation ciphertext;
the splicing module is used for adding the corresponding relation ciphertext into the request body to obtain an encrypted request body;
a request sending module, configured to send a request including the encrypted request body to a server;
wherein, the replacement mode of the key value replacement module comprises the following steps: and carrying out a non-equal character number replacement mode on the comparison table generated by the corresponding field according to the one-to-one corresponding relation of the designated characters and the key values.
8. A request encryption apparatus, applied to a server, the apparatus comprising:
the request receiving module is used for receiving a request containing an encryption request body sent by a client;
the decryption module is used for decrypting the corresponding relation ciphertext in the encryption request body by adopting a specified decryption mode to obtain the corresponding relation between the key value of the corresponding field of the request parameter needing to be encrypted and the specified character; wherein, the encryption mode of the corresponding relation ciphertext comprises: carrying out a non-equal character number replacement mode on the comparison table generated by the corresponding field according to the one-to-one corresponding relation of the designated characters and the key values;
and the character replacing module is used for replacing the specified characters in the encrypted request body with the key values of the corresponding fields based on the corresponding relation so as to obtain the unencrypted request body.
9. An electronic device comprising a memory having stored therein program instructions and a processor that, when executed, performs the steps of the method of any of claims 1-6.
10. A storage medium having stored thereon computer program instructions for executing the steps of the method according to any one of claims 1 to 6 when executed by a processor.
CN201911389474.9A 2019-12-27 2019-12-27 Request encryption method and device, electronic equipment and storage medium Active CN111131282B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911389474.9A CN111131282B (en) 2019-12-27 2019-12-27 Request encryption method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911389474.9A CN111131282B (en) 2019-12-27 2019-12-27 Request encryption method and device, electronic equipment and storage medium

Publications (2)

Publication Number Publication Date
CN111131282A CN111131282A (en) 2020-05-08
CN111131282B true CN111131282B (en) 2022-06-17

Family

ID=70504526

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911389474.9A Active CN111131282B (en) 2019-12-27 2019-12-27 Request encryption method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN111131282B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111835710B (en) * 2020-05-29 2023-08-15 中国平安财产保险股份有限公司 Method, device, computer equipment and storage medium for verifying request body
CN112016113B (en) * 2020-09-28 2024-04-16 同盾控股有限公司 Data encryption and decryption method, device and system
CN113489705B (en) * 2021-06-30 2023-03-24 中国银联股份有限公司 Method and device storage medium for capturing HTTP (hyper text transport protocol) communication data of application program
CN114221792B (en) * 2021-11-23 2023-06-16 杭州天宽科技有限公司 Internet data transmission encryption system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070055893A1 (en) * 2005-08-24 2007-03-08 Mci, Inc. Method and system for providing data field encryption and storage
CN107370596B (en) * 2017-06-15 2021-05-18 重庆移动金融有限责任公司 User password encryption transmission method, system and storage medium
CN110196718B (en) * 2018-05-10 2023-07-25 腾讯科技(深圳)有限公司 Script confusion method
CN109241484B (en) * 2018-09-06 2023-06-16 平安科技(深圳)有限公司 Method and equipment for sending webpage data based on encryption technology
CN110061967B (en) * 2019-03-15 2022-02-22 平安科技(深圳)有限公司 Service data providing method, device, equipment and computer readable storage medium
CN110166465B (en) * 2019-05-27 2022-01-25 北京达佳互联信息技术有限公司 Access request processing method, device, server and storage medium

Also Published As

Publication number Publication date
CN111131282A (en) 2020-05-08

Similar Documents

Publication Publication Date Title
CN111131282B (en) Request encryption method and device, electronic equipment and storage medium
CN113572614B (en) Security method and system for data transmission
CN107786331B (en) Data processing method, device, system and computer readable storage medium
CN112929172A (en) System, method and device for dynamically encrypting data based on key bank
CN112202754B (en) Data encryption method and device, electronic equipment and storage medium
CN106599723B (en) File encryption method and device and file decryption method and device
CN105991563B (en) Method and device for protecting security of sensitive data and three-party service system
JP2014119486A (en) Secret retrieval processing system, secret retrieval processing method, and secret retrieval processing program
CN109039997B (en) Secret key obtaining method, device and system
JP6930053B2 (en) Data encryption method and system using device authentication key
CA3066701A1 (en) Controlling access to data
CN110995720B (en) Encryption method, device, host terminal and encryption chip
US20150350375A1 (en) Information Processing Method, Trusted Server, and Cloud Server
CN110505066A (en) A kind of data transmission method, device, equipment and storage medium
US20200304291A1 (en) Information management system and method for the same
CN114499836B (en) Key management method, device, computer equipment and readable storage medium
CN106911628A (en) A kind of user registers the method and device of application software on the client
KR102222600B1 (en) Method for simultaneously processing encryption and de-identification of privacy information, server and cloud computing service server for the same
CN116866029B (en) Random number encryption data transmission method, device, computer equipment and storage medium
CN115694921B (en) Data storage method, device and medium
CN107729345B (en) Website data processing method and device, website data processing platform and storage medium
CN115941279A (en) Encryption and decryption method, system and equipment for user identification in data
CN115102686A (en) Semi-homomorphic encryption method and device, electronic equipment and storage medium
Oli et al. Enhanced obfuscation technique for data confidentiality in public cloud storage
CN114006697A (en) Encrypted communication method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant