CN111262705B - Method for checking trusted starting of blockchain - Google Patents
Method for checking trusted starting of blockchain Download PDFInfo
- Publication number
- CN111262705B CN111262705B CN202010042856.0A CN202010042856A CN111262705B CN 111262705 B CN111262705 B CN 111262705B CN 202010042856 A CN202010042856 A CN 202010042856A CN 111262705 B CN111262705 B CN 111262705B
- Authority
- CN
- China
- Prior art keywords
- file
- hash value
- files
- char
- version number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/51—Discovery or management thereof, e.g. service location protocol [SLP] or web services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The invention discloses a method for checking the trusted start of a blockchain, which comprises the following steps: firstly, carrying out hash encryption operation on target files of different versions of a blockchain project to obtain standard hash values, and respectively storing the obtained standard hash values into a database according to version numbers; then, the version numbers of files to be checked of different versions are obtained, the files to be checked of different versions are scanned, hash encryption operation is carried out on the scanned files to be checked, and a comparison hash value is obtained; and finally, comparing the comparison hash value in the step 2 with the standard hash value in the step 1, and judging whether the file to be checked is modified. Compared with the prior art, the method and the device for checking the block chain project file have the advantages that the problems of file missing, code missing and the like possibly existing in the starting operation process of the block chain project are checked in advance, so that whether the block chain project file is complete or not is intuitively known, the checking process is fast, the efficiency is high, the accuracy is good, and the method and the device are high in reference and practicability.
Description
Technical Field
The invention belongs to the field of network security, relates to a data encryption technology, and in particular relates to a method for carrying out hash operation on data and the like.
Background
Trusted computing (Trusted Computing, TC) is a technology that is driven and developed by a trusted computing group (trusted computing cluster, previously referred to as TCPA). Trusted computing is widely used in computing and communication systems based on a trusted computing platform supported by a hardware security module to improve the overall security of the system. The endorsement key is a 2048 bit RSA public and private key pair that is randomly generated at the time of shipment of the chip and cannot be changed. This private key is always in the chip, while the public key is used to authenticate and encrypt sensitive data sent to the chip.
Integrity metrics are a key feature of trusted computing.
The trusted platform module (Trusted Platform Module, TPM) is an international standard for secure crypto processors, intended to process encryption keys in devices using dedicated microcontrollers (secure hardware) integrated in the device. Technical specifications for TPMs are written by an information processing complex known as the Trusted Computing Group (TCG). The international organization for standardization (ISO) and the International Electrotechnical Commission (IEC) have standardized the specifications to ISO/IEC 11889 in 2009.
Hash, typically translation is performed as a Hash, or transliteration is performed as a Hash, by transforming an input of arbitrary length (also called pre-mapped pre-image) into an output of fixed length, the output being the Hash value, by a hashing algorithm. This conversion is a compressed mapping, i.e. the hash value is typically much smaller in space than the input, different inputs may be hashed to the same output, so it is not possible to determine a unique input value from the hash value. Simply stated, a function of compressing messages of arbitrary length to a message digest of a fixed length.
When a blockchain project is used daily, if errors are generated due to file deletion or code deletion after the project is started and operated, unknown consequences and influences are often generated on work and study of people, and even immeasurable losses are caused in severe cases. And my invention can make an integrity check on the whole project before the project starts to run, thereby effectively avoiding the problems caused by the above reasons.
Disclosure of Invention
The invention aims to provide a method for checking the trusted start of a blockchain, so that a user can intuitively know whether a blockchain project file has a deletion, whether codes are complete and whether all services are started normally.
The technical proposal of the invention is that,
a method for checking the trusted start of a blockchain is implemented according to the following steps:
step 1, carrying out hash encryption operation on target files of different versions of a blockchain project to obtain standard hash values, and respectively storing the obtained standard hash values into a database according to version numbers;
step 2, obtaining version numbers of files to be inspected of different versions, scanning the files to be inspected of different versions, and carrying out hash encryption operation on the scanned files to be inspected to obtain comparison hash values;
and step 3, comparing the comparison hash value in the step 2 with the standard hash value in the step 1, and judging whether the file to be checked is modified or not.
And (3) storing the standard hash value in the step 1 in a version number table, a hash value table and a file table in a database according to the one-to-one correspondence of the version number, the hash value and the target file.
In step 2, the step of obtaining version numbers of files to be checked of different versions is as follows:
step 2.1, calling a command terminal in an operating system where the item to be detected is deployed, and executing a command sentence cd fabric/positioning to a local root directory where the item is located;
and 2.2, continuing to execute the next command sentence git branch-a in the command terminal, and acquiring the version number information of the item in the terminal.
In step 3, the specific steps of comparing the comparison hash value in step 2 with the standard hash value in step 1 are as follows:
step 3.1, inquiring the version number obtained in the step 2 in a version number table of a database to obtain a version number, so that a file number and a standard hash value corresponding to the version number are inquired in the database;
and 3.2, comparing the comparison hash value obtained in the step 2 with the standard hash value obtained by inquiring in the database in the step 3.1.
The key words in the version number table comprise item names, version numbers and version numbers, the types of the key words are respectively char (20), char (10), int (5), the key words in the file table comprise file numbers, file names and file paths, the types of the key words are respectively int (10), char (20), char (50), the key words in the hash table comprise version numbers, file numbers and hash values, and the types of the key words are respectively char (10), char (10) and char (64).
The invention has the advantages that,
a method for checking the trusted start of block chain includes such steps as scanning the whole file list of block chain, encrypting all files by specific method, comparing them with hash values of corresponding files stored in database, and knowing if the block chain project file is complete.
Drawings
FIG. 1 is a block diagram of a method of verifying a trusted boot of a blockchain in accordance with the present invention.
FIG. 2 is a diagram of a tree structure of the project subject service initiation dependency of the present invention as exemplified by HyperledgerFabric.
Detailed Description
The invention will be described in detail below with reference to the drawings and the detailed description.
The invention discloses a method for checking the trusted start of a blockchain, which is shown in a flow chart in fig. 1 and is implemented according to the following steps:
a method for checking the trusted start of a blockchain is implemented according to the following steps:
step 1, carrying out hash encryption operation on target files of different versions of a blockchain project to obtain standard hash values, and respectively storing the obtained standard hash values into a database according to version numbers;
step 2, obtaining version numbers of files to be inspected of different versions, scanning the files to be inspected of different versions, and carrying out hash encryption operation on the scanned files to be inspected to obtain comparison hash values;
and step 3, comparing the comparison hash value in the step 2 with the standard hash value in the step 1, and judging whether the file to be checked is modified or not.
And (3) storing the standard hash value in the step 1 in a version number table, a hash value table and a file table in a database according to the one-to-one correspondence of the version number, the hash value and the target file.
In step 2, the step of obtaining version numbers of files to be checked of different versions is as follows:
step 2.1, calling a command terminal in an operating system where the item to be detected is deployed, and executing a command sentence cd fabric/positioning to a local root directory where the item is located;
and 2.2, continuing to execute the next command sentence git branch-a in the command terminal, and acquiring the version number information of the item in the terminal.
In step 3, the specific steps of comparing the comparison hash value in step 2 with the standard hash value in step 1 are as follows:
step 3.1, inquiring the version number obtained in the step 2 in a version number table of a database to obtain a version number, so that a file number and a standard hash value corresponding to the version number are inquired in the database;
and 3.2, comparing the comparison hash value obtained in the step 2 with the standard hash value obtained by inquiring in the database in the step 3.1.
The key words in the version number table comprise item names, version numbers and version numbers, the types of the key words are respectively char (20), char (10), int (5), the key words in the file table comprise file numbers, file names and file paths, the types of the key words are respectively int (10), char (20), char (50), the key words in the hash table comprise version numbers, file numbers and hash values, and the types of the key words are respectively char (10), char (10) and char (64).
Example 1
The project main body service starting dependency relationship taking HyperledgerFabric as an example is shown in fig. 2, and the project main body service starting sequence specifically comprises the following steps:
step 1, the cryptogen tool generates an orderer organization identity configuration file and a peer organization identity configuration file.
Step 2, the Configtxgen tool generates genessisblock, a channelconfigtx profile and an anchor update configuration.
And 3, initializing the orderer node and the peer node after the configuration file generated in the step 1 is respectively used for initializing the localMSP service.
And 4, reading genessisblock generated in the step 2 by the orderer node, and adding the genessisblock into the account book.
And 5, registering the Deliver service and the Broadcast service with the grpc service by the orderer node.
And 6, the peer node creates a grpc service object peer to the grpc service.
Claims (1)
1. A method for verifying the trusted start of a blockchain, comprising the steps of:
step 1, carrying out hash encryption operation on target files of different versions of a blockchain project to obtain standard hash values, and respectively storing the obtained standard hash values into a database according to version numbers;
the standard hash value is stored in a version number table, a hash value table and a file table in the database according to the version number, the hash value and the target file in one-to-one correspondence;
step 2, obtaining version numbers of files to be inspected of different versions, scanning the files to be inspected of different versions, and carrying out hash encryption operation on the scanned files to be inspected to obtain comparison hash values;
the step of obtaining version numbers of files to be checked of different versions is as follows:
step 2.1, calling a command terminal in an operating system where the item to be detected is deployed, and executing a command sentence cd fabric/positioning to a local root directory where the item is located;
step 2.2, continuing to execute the next command sentence git branch-a in the command terminal, and obtaining the version number information of the item in the terminal;
step 3, comparing the comparison hash value in the step 2 with the standard hash value in the step 1, and judging whether the file to be checked is modified or not;
the specific steps of comparing the comparison hash value of the step 2 with the standard hash value of the step 1 are as follows:
step 3.1, inquiring the version number obtained in the step 2 in a version number table of a database to obtain a version number, so that a file number and a standard hash value corresponding to the version number are inquired in the database;
step 3.2, comparing the comparison hash value obtained in the step 2 with the standard hash value obtained by inquiring in the database in the step 3.1;
the key words in the version number table comprise item names, version numbers and version numbers, the types of the key words are char (20), char (10) and int (5), the key words in the file table comprise file numbers, file names and file paths, the types of the key words are int (10), char (20) and char (50), the key words in the hash table comprise version numbers, file numbers and hash values, and the types of the key words are char (10), char (10) and char (64).
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010042856.0A CN111262705B (en) | 2020-01-15 | 2020-01-15 | Method for checking trusted starting of blockchain |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202010042856.0A CN111262705B (en) | 2020-01-15 | 2020-01-15 | Method for checking trusted starting of blockchain |
Publications (2)
Publication Number | Publication Date |
---|---|
CN111262705A CN111262705A (en) | 2020-06-09 |
CN111262705B true CN111262705B (en) | 2023-05-09 |
Family
ID=70950570
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010042856.0A Active CN111262705B (en) | 2020-01-15 | 2020-01-15 | Method for checking trusted starting of blockchain |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN111262705B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113468106B (en) * | 2021-07-15 | 2024-05-17 | 河南众诚信息科技股份有限公司 | Method for storing and analyzing VR application file irrelevant to platform |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107346393A (en) * | 2017-06-30 | 2017-11-14 | 浪潮(北京)电子信息产业有限公司 | A kind of system start method and system based on TCM |
CN107545181A (en) * | 2017-08-16 | 2018-01-05 | 上海策赢网络科技有限公司 | Program operating method, terminal and computer-readable recording medium |
CN110659497A (en) * | 2018-06-29 | 2020-01-07 | 国民技术股份有限公司 | Trusted boot control method and device and computer readable storage medium |
-
2020
- 2020-01-15 CN CN202010042856.0A patent/CN111262705B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107346393A (en) * | 2017-06-30 | 2017-11-14 | 浪潮(北京)电子信息产业有限公司 | A kind of system start method and system based on TCM |
CN107545181A (en) * | 2017-08-16 | 2018-01-05 | 上海策赢网络科技有限公司 | Program operating method, terminal and computer-readable recording medium |
CN110659497A (en) * | 2018-06-29 | 2020-01-07 | 国民技术股份有限公司 | Trusted boot control method and device and computer readable storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN111262705A (en) | 2020-06-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN111163182B (en) | Block chain-based device registration method and apparatus, electronic device, and storage medium | |
US20220019678A1 (en) | Method, apparatus, and computer-readable medium for automated construction of data masks | |
CN111756522B (en) | Data processing method and system | |
CN112380575B (en) | Multiparty electronic signature synthesis method, device, equipment and storage medium | |
CN110247894B (en) | Method and device for identifying fake handle server | |
CN109409093B (en) | System vulnerability scanning scheduling method | |
CN111563365A (en) | Test standard work order modification information processing method and device and computer equipment | |
CN112784298A (en) | Log desensitization method and device, computer equipment and storage medium | |
CN111262705B (en) | Method for checking trusted starting of blockchain | |
CN111339551B (en) | Data verification method and related device and equipment | |
CN113486372A (en) | Data backup method, data backup device and server | |
US11232190B2 (en) | Device attestation techniques | |
CN106372523B (en) | Modem file security protection method and system | |
CN113779513A (en) | ZIP file identification insertion method and device, computer equipment and storage medium | |
CN112632498A (en) | Multi-platform-based identity recognition method, device, equipment and readable storage medium | |
CN112862455A (en) | Test execution work order generation method and device, computer equipment and storage medium | |
CN111881480A (en) | Private data encryption method and device, computer equipment and storage medium | |
CN111291001A (en) | Reading method and device of computer file, computer system and storage medium | |
Barbosa et al. | Machine-Checked Security for as in RFC 8391 and | |
CN112559546B (en) | Database synchronization method, database synchronization device, computer equipment and readable storage medium | |
CN115567212A (en) | File processing method and device, computer equipment and computer readable storage medium | |
CN115859319A (en) | Signing and sealing method and device for electronic document and storage medium | |
CN115396159A (en) | Container mirror image detection method, client and server | |
CN111193606B (en) | Equipment configuration parameter comparison method and device, storage medium and computer equipment | |
CN112286634A (en) | Method, system, equipment and readable storage medium for repairing virtual machine |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |