CN111262705A - Method for checking block chain trusted boot - Google Patents
Method for checking block chain trusted boot Download PDFInfo
- Publication number
- CN111262705A CN111262705A CN202010042856.0A CN202010042856A CN111262705A CN 111262705 A CN111262705 A CN 111262705A CN 202010042856 A CN202010042856 A CN 202010042856A CN 111262705 A CN111262705 A CN 111262705A
- Authority
- CN
- China
- Prior art keywords
- file
- hash value
- block chain
- version number
- checked
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/51—Discovery or management thereof, e.g. service location protocol [SLP] or web services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The invention discloses a method for checking block chain trusted start, which comprises the following steps: firstly, carrying out hash encryption operation on target files of different versions of a block chain project to obtain standard hash values, and respectively storing the obtained standard hash values into a database according to version numbers; then, acquiring version numbers of files to be checked of different versions, scanning the files to be checked of different versions, and carrying out hash encryption operation on the scanned files to be checked to obtain comparison hash values; and finally, comparing the comparison hash value in the step 2 with the standard hash value in the step 1, and judging whether the file to be checked is modified. Compared with the prior art, the method and the device have the advantages that the problems of file loss, code loss and the like which possibly exist in the starting and running process of the block chain project are checked in advance, so that whether the block chain project file is complete or not is intuitively known, the checking process is high in speed, high in efficiency and good in accuracy, and the method and the device have strong reference and practicability.
Description
Technical Field
The invention belongs to the field of network security, relates to a data encryption technology, and particularly relates to a method for carrying out hash operation on data and the like.
Background
Trusted Computing (TC) is a technology that is driven and developed by the Trusted Computing group (previously known as TCPA). Trusted computing is a trusted computing platform widely used in computing and communication systems and based on the support of a hardware security module, so as to improve the security of the whole system. The endorsement key is a 2048 bit RSA public and private key pair that is randomly generated at the time of chip shipment and cannot be changed. This private key is always on the chip, while the public key is used to authenticate and encrypt sensitive data sent to the chip.
Integrity metrics are a key characteristic of trusted computing.
Trusted Platform Module (TPM) is an international standard for secure cryptoprocessors, aiming to process cryptographic keys in devices using dedicated microcontrollers (secure hardware) integrated in the devices. The technical specification of the TPM is written by an information industry complex called the Trusted Computing Group (TCG). The international organization for standardization (ISO) and the International Electrotechnical Commission (IEC) have standardized the specifications to ISO/IEC 11889 in 2009.
Hash, which is generally translated as a Hash, or transliteration, is a process of converting an input of arbitrary length (also called pre-map image) into an output of fixed length by a hashing algorithm, where the output is a Hash value. This transformation is a kind of compression mapping, i.e. the space of hash values is usually much smaller than the space of inputs, different inputs may hash to the same output, so it is not possible to determine a unique input value from a hash value. In short, it is a function of compressing a message of an arbitrary length to a message digest of a certain fixed length.
When a blockchain project is used daily, if errors are generated due to file deletion or code deletion after the project is started and operated, unknown consequences and influences are often generated on work and study of people, and even loss which is difficult to measure is caused in serious cases. My invention can check the integrity of the whole project before the project is started to run, thereby effectively avoiding the problems caused by the reasons.
Disclosure of Invention
The invention aims to provide a method for checking the trusted start of a block chain, so that a user can intuitively know whether a block chain project file is missing or not, whether a code is complete or not and whether each service is started normally or not.
The technical scheme of the invention is that,
a method for verifying trusted boot of a block chain is implemented according to the following steps:
step 1, carrying out hash encryption operation on target files of different versions of a block chain project to obtain standard hash values, and respectively storing the obtained standard hash values into a database according to version numbers;
step 2, acquiring version numbers of files to be checked of different versions, scanning the files to be checked of different versions, and carrying out hash encryption operation on the scanned files to be checked to obtain comparison hash values;
and 3, comparing the comparison hash value in the step 2 with the standard hash value in the step 1, and judging whether the file to be checked is modified.
The standard hash value in the step 1 is stored in a version number table, a hash value table and a file table in the database in a one-to-one correspondence manner according to the version number, the hash value and the target file.
In step 2, the steps of obtaining the version numbers of the files to be checked in different versions are as follows:
step 2.1, calling a command terminal in an operating system where the project to be detected is deployed, and executing a command statement cdfabric/positioning to a local root directory where the project is located;
and 2.2, continuously executing the next command statement git branch-a in the command terminal, and acquiring the version number information of the item in the terminal.
In step 3, the specific steps of comparing the comparison hash value of step 2 with the standard hash value of step 1 are as follows:
step 3.1, inquiring the version number obtained in the step 2 in a version number table of a database to obtain a version number, and inquiring the database to obtain a file number and a standard hash value corresponding to the version number;
and 3.2, comparing the comparison hash value obtained in the step 2 with the standard hash value obtained by inquiring in the database in the step 3.1.
The keywords in the version number table comprise item names, version numbers and version numbers, the types are char (20), char (10) and int (5), the keywords in the file table comprise file numbers, file names and file paths, the types are int (10), char (20) and char (50), and the keywords in the hash table comprise version numbers, file numbers, hash values and the types are char (10), char (10) and char (64).
The beneficial effect of the invention is that,
a method for testing credible start of block chain includes scanning whole item file directory one by one, comparing all files after all files are encrypted according to specific method with hash value of corresponding file stored in database, knowing out whether block chain item file is complete or not visually, testing procedure speed is high, efficiency is high, accuracy is good and reference and practicability are strong.
Drawings
FIG. 1 is a block diagram of a method for verifying trusted boot of a blockchain according to the present invention.
FIG. 2 is a tree structure diagram of the project principal service initiation dependency relationship of the present invention, using Hyperhedge Fabric as an example.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings and specific embodiments.
The invention discloses a method for checking trusted start of a block chain, which is implemented by the following steps as shown in a flow chart shown in figure 1:
a method for verifying trusted boot of a block chain is implemented according to the following steps:
step 1, carrying out hash encryption operation on target files of different versions of a block chain project to obtain standard hash values, and respectively storing the obtained standard hash values into a database according to version numbers;
step 2, acquiring version numbers of files to be checked of different versions, scanning the files to be checked of different versions, and carrying out hash encryption operation on the scanned files to be checked to obtain comparison hash values;
and 3, comparing the comparison hash value in the step 2 with the standard hash value in the step 1, and judging whether the file to be checked is modified.
The standard hash value in the step 1 is stored in a version number table, a hash value table and a file table in the database in a one-to-one correspondence manner according to the version number, the hash value and the target file.
In step 2, the steps of obtaining the version numbers of the files to be checked in different versions are as follows:
step 2.1, calling a command terminal in an operating system where the project to be detected is deployed, and executing a command statement cdfabric/positioning to a local root directory where the project is located;
and 2.2, continuously executing the next command statement git branch-a in the command terminal, and acquiring the version number information of the item in the terminal.
In step 3, the specific steps of comparing the comparison hash value of step 2 with the standard hash value of step 1 are as follows:
step 3.1, inquiring the version number obtained in the step 2 in a version number table of a database to obtain a version number, and inquiring the database to obtain a file number and a standard hash value corresponding to the version number;
and 3.2, comparing the comparison hash value obtained in the step 2 with the standard hash value obtained by inquiring in the database in the step 3.1.
The keywords in the version number table comprise item names, version numbers and version numbers, the types are char (20), char (10) and int (5), the keywords in the file table comprise file numbers, file names and file paths, the types are int (10), char (20) and char (50), and the keywords in the hash table comprise version numbers, file numbers, hash values and the types are char (10), char (10) and char (64).
Example 1
The project principal service starting dependency relationship taking HyperLegend fabric as an example is shown in FIG. 2, and the project principal service starting sequence is specifically carried out according to the following steps:
step 1, the Cryptogen tool generates an orderer organization identity configuration file and a peer organization identity configuration file.
And 2, generating geneisblock, channelconfig configuration file and anchorpeer updating configuration by the Configxgen tool.
And 3, initializing an orderer node and a peer node after the configuration file generated in the step 1 is respectively used for initializing localMSP service.
And 4, reading the geneisblock generated in the step 2 by the orderer node and adding the geneisblock into the account book.
And step 5, the orderer node registers the Deliver service and the Broadcast service with the grpc service.
And 6, the peer node creates a grpc service object peeterver for the grpc service.
Claims (5)
1. A method for verifying trusted boot of a block chain is implemented according to the following steps:
step 1, carrying out hash encryption operation on target files of different versions of a block chain project to obtain standard hash values, and respectively storing the obtained standard hash values into a database according to version numbers;
step 2, acquiring version numbers of files to be checked of different versions, scanning the files to be checked of different versions, and carrying out hash encryption operation on the scanned files to be checked to obtain comparison hash values;
and 3, comparing the comparison hash value in the step 2 with the standard hash value in the step 1, and judging whether the file to be checked is modified.
2. The method for verifying the trusted boot of a block chain according to claim 1, wherein the standard hash value in step 1 is stored in the version number table, the hash value table and the file table in the database in a one-to-one correspondence according to the version number, the hash value and the target file.
3. The method for checking trusted boot of block chain according to claim 1, wherein in step 2, the step of obtaining version numbers of files to be checked in different versions is as follows:
step 2.1, calling a command terminal in an operating system where the project to be detected is deployed, and executing a command statement cdfabric/positioning to a local root directory where the project is located;
and 2.2, continuously executing the next command statement git branch-a in the command terminal, and acquiring the version number information of the item in the terminal.
4. The method for verifying the trusted boot of a block chain according to claim 1, wherein in the step 3, the specific steps of comparing the comparison hash value of the step 2 with the standard hash value of the step 1 are as follows:
step 3.1, inquiring the version number obtained in the step 2 in a version number table of a database to obtain a version number, and inquiring the database to obtain a file number and a standard hash value corresponding to the version number;
and 3.2, comparing the comparison hash value obtained in the step 2 with the standard hash value obtained by inquiring in the database in the step 3.1.
5. A method for verifying trusted boot of block chain according to claim 2, wherein the key words in the version number table include an item name, a version number, and a version number, the types are char (20), char (10), and int (5), respectively, the key words in the file table include a file number, a file name, a file path, and the types are int (10), char (20), and char (50), respectively, and the key words in the hash table include a version number, a file number, a hash value, and the types are char (10), char (10), and char (64), respectively.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010042856.0A CN111262705B (en) | 2020-01-15 | 2020-01-15 | Method for checking trusted starting of blockchain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010042856.0A CN111262705B (en) | 2020-01-15 | 2020-01-15 | Method for checking trusted starting of blockchain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111262705A true CN111262705A (en) | 2020-06-09 |
| CN111262705B CN111262705B (en) | 2023-05-09 |
Family
ID=70950570
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010042856.0A Active CN111262705B (en) | 2020-01-15 | 2020-01-15 | Method for checking trusted starting of blockchain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111262705B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113468106A (en) * | 2021-07-15 | 2021-10-01 | 河南众诚信息科技股份有限公司 | Storage and analysis method of VR application file irrelevant to platform |
| CN113468106B (en) * | 2021-07-15 | 2024-05-17 | 河南众诚信息科技股份有限公司 | Method for storing and analyzing VR application file irrelevant to platform |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107346393A (en) * | 2017-06-30 | 2017-11-14 | 浪潮(北京)电子信息产业有限公司 | A kind of system start method and system based on TCM |
| CN107545181A (en) * | 2017-08-16 | 2018-01-05 | 上海策赢网络科技有限公司 | Program operating method, terminal and computer-readable recording medium |
| CN110659497A (en) * | 2018-06-29 | 2020-01-07 | 国民技术股份有限公司 | Trusted boot control method and device and computer readable storage medium |
-
2020
- 2020-01-15 CN CN202010042856.0A patent/CN111262705B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107346393A (en) * | 2017-06-30 | 2017-11-14 | 浪潮(北京)电子信息产业有限公司 | A kind of system start method and system based on TCM |
| CN107545181A (en) * | 2017-08-16 | 2018-01-05 | 上海策赢网络科技有限公司 | Program operating method, terminal and computer-readable recording medium |
| CN110659497A (en) * | 2018-06-29 | 2020-01-07 | 国民技术股份有限公司 | Trusted boot control method and device and computer readable storage medium |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113468106A (en) * | 2021-07-15 | 2021-10-01 | 河南众诚信息科技股份有限公司 | Storage and analysis method of VR application file irrelevant to platform |
| CN113468106B (en) * | 2021-07-15 | 2024-05-17 | 河南众诚信息科技股份有限公司 | Method for storing and analyzing VR application file irrelevant to platform |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111262705B (en) | 2023-05-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7165076B2 (en) | Security system with methodology for computing unique security signature for executable file employed across different machines | |
| US7412480B2 (en) | Device and method for updating code | |
| US7958367B2 (en) | Authentication system and apparatus | |
| US20220019678A1 (en) | Method, apparatus, and computer-readable medium for automated construction of data masks | |
| US20080148060A1 (en) | Maintaining Code Integrity in a Central Software Development System | |
| CN111651784A (en) | Log desensitization method, device, equipment and computer readable storage medium | |
| CN112380575B (en) | Multiparty electronic signature synthesis method, device, equipment and storage medium | |
| CN111563365A (en) | Test standard work order modification information processing method and device and computer equipment | |
| KR20170089352A (en) | Firmware integrity verification for performing the virtualization system | |
| CN115062309B (en) | Vulnerability mining method based on equipment firmware simulation in novel power system and storage medium | |
| US11232190B2 (en) | Device attestation techniques | |
| CN106372523B (en) | Modem file security protection method and system | |
| CN111262705B (en) | Method for checking trusted starting of blockchain | |
| CN112307503A (en) | Signature management method and device and electronic equipment | |
| CN111291001A (en) | Reading method and device of computer file, computer system and storage medium | |
| CN110674511A (en) | Offline data protection method and system based on elliptic curve encryption algorithm | |
| CN116522368A (en) | Firmware decryption analysis method for Internet of things equipment, electronic equipment and medium | |
| CN113489723B (en) | Data transmission method, system, computer device and storage medium | |
| CN114116059A (en) | Implementation method of multi-stage chained decompression structure cipher machine and cipher computing equipment | |
| CN113360868A (en) | Application program login method and device, computer equipment and storage medium | |
| CN111695113A (en) | Method and device for detecting installation compliance of terminal software and computer equipment | |
| CN110941745A (en) | Electronic contract management method and device, storage medium and electronic equipment | |
| CN111539728A (en) | Method for realizing anonymization identity verification based on computer software | |
| Sun et al. | Research on a Component Testing Tool Supporting Data Integrity Verification | |
| CN113572599B (en) | Power data transmission method, data source equipment and data access equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |