CN111866060A - TLS (transport layer service) connection method of communication equipment, communication equipment and communication system - Google Patents
TLS (transport layer service) connection method of communication equipment, communication equipment and communication system Download PDFInfo
- Publication number
- CN111866060A CN111866060A CN202010454215.6A CN202010454215A CN111866060A CN 111866060 A CN111866060 A CN 111866060A CN 202010454215 A CN202010454215 A CN 202010454215A CN 111866060 A CN111866060 A CN 111866060A
- Authority
- CN
- China
- Prior art keywords
- connection
- tls
- chip
- standby
- parameters
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/16—Implementing security features at a particular protocol layer
- H04L63/166—Implementing security features at a particular protocol layer at the transport layer
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
- H04L63/205—Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/143—Termination or inactivation of sessions, e.g. event-controlled end of session
- H04L67/145—Termination or inactivation of sessions, e.g. event-controlled end of session avoiding end of session, e.g. keep-alive, heartbeats, resumption message or wake-up for inactive or interrupted session
Abstract
The invention discloses a TLS connection method of communication equipment, wherein the communication equipment comprises a main chip and a standby chip, and the method comprises the following steps: in response to a standby operation of the communication device, the main chip sends a connection parameter for TLS connection to the standby chip; the main chip establishes TLS connection with an opposite terminal before the communication equipment is in standby; after the connection parameters are sent, the main chip enters a dormant state; the standby chip establishes TLS connection with an opposite terminal according to the connection parameters; and when the main chip is awakened, the main chip acquires the connection parameters from the standby chip and restores the TLS connection with the opposite terminal according to the connection parameters. The invention also discloses a communication device and a communication system. By adopting the embodiment of the invention, the TLS connection can be quickly responded while the functional integrity of the product is ensured, and the instantaneity of the TLS connection is improved.
Description
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a TLS connection method for a communications device, and a communications system.
Background
TLS (Transport Layer Security protocol), a technique used between two applications to provide confidentiality and data integrity, works above the TCP Layer and below the application Layer. For the current common internet-of-things intelligent equipment, if the network data message is not encrypted for transmission, the data is easily stolen and monitored by a third party in the transmission process, and the privacy of a user is greatly threatened. Therefore, the TCP connection parameter messages of these products need to be encrypted by TLS.
In particular, for a class of low power products that communicate by battery-powered Wi-Fi, such as battery-powered cameras, the system is generally divided into an always-on part a (IOT WiFi chip), and an always-on part B (camera system Soc). The system A has the characteristics of low cost and low power consumption, but has weak processing capability and less storage resources and is mainly responsible for Wi-Fi communication, and the system B comprises main functions of products, such as software and hardware functions of audios and videos of a camera. When the product is in operation, part A is always powered on and maintains external communication through Wi-Fi, and part B is powered on only when needed (for example, watching real-time video of a camera and the like). The communication scheme of such products on the market at present is to additionally provide a HUB (control center or repeater) as an intermediate repeater, as shown in fig. 1, which maintains a normal power state by connecting a power supply and keeps TLS connection at a cloud, provides a local HTTPS service, forwards data to a device during normal operation, and waits for a wakeup command to be resolved and notifies a standby chip during standby. But an additional HUB is required to maintain the TLS connection to the cloud, which results in a significant increase in cost and reduced flexibility of the product.
Disclosure of Invention
The embodiment of the invention aims to provide a TLS connection method of communication equipment, the communication equipment and a communication system, which can quickly respond to TLS connection and improve the real-time performance of the TLS connection while ensuring the complete functions of products.
In order to achieve the above object, an embodiment of the present invention provides a TLS connection method for a communication device, including:
in response to a standby operation of the communication device, the main chip sends a connection parameter for TLS connection to the standby chip; the main chip establishes TLS connection with an opposite terminal before the communication equipment is in standby;
after the connection parameters are sent, the main chip enters a dormant state;
the standby chip establishes TLS connection with an opposite terminal according to the connection parameters;
and when the main chip is awakened, the main chip acquires the connection parameters from the standby chip and restores the TLS connection with the opposite terminal according to the connection parameters.
As an improvement of the above scheme, the connection parameters include a TLS parameter and a TCP parameter; the TLS parameters comprise a password suite negotiated with the opposite terminal, secret key information and message read-write records during communication with the opposite terminal; the TCP parameters comprise an IP address, a port, a header parameter and a structural body of a TCP handshake negotiation result.
As an improvement of the above scheme, the establishing, by the standby chip, the TLS connection with the opposite terminal according to the connection parameter includes:
constructing a heartbeat message according to the connection parameters;
sending the heartbeat message to the opposite terminal every other preset time period;
and receiving the information sent by the opposite terminal to establish TLS connection with the opposite terminal.
As an improvement of the above scheme, the constructing a heartbeat packet according to the connection parameter includes:
initializing an encryption and decryption abstract according to the key information;
encrypting and abstracting a heartbeat plaintext according to the abstract, the encryption context, the message read-write record and the handshake parameters to generate a ciphertext;
and taking the ciphertext as a heartbeat message of the TCP, and packaging the head of the heartbeat message by using the header parameter.
As an improvement of the above scheme, after the standby chip establishes the TLS connection with the opposite terminal according to the connection parameter, the method further includes:
and the standby chip receives the control instruction sent by the opposite terminal and executes corresponding control operation according to the control instruction.
As an improvement of the above scheme, the recovering the TLS connection with the opposite end according to the connection parameter includes:
recovering the TCP connection according to the TCP parameters;
And after the TCP connection is recovered, recovering the TLS connection according to the TLS parameters.
As an improvement of the above solution, the recovering the TCP connection according to the TCP parameter includes:
acquiring the TCP parameters from the standby chip;
updating a structural body of a file descriptor in a kernel protocol stack according to the TCP parameters;
and setting the offset of the time stamp in the kernel protocol stack.
As an improvement of the above scheme, the recovering the TLS connection according to the TLS parameter includes:
acquiring the message read-write record, the secret key information and the version information from the standby chip;
initializing initial values of the abstract and the encryption algorithm structural body;
and setting a preset flag bit in the structure body.
In order to achieve the above object, an embodiment of the present invention further provides a communication device, including a main chip and a standby chip; wherein the content of the first and second substances,
the main chip is used for responding to the standby operation of the communication equipment and sending the connection parameters for TLS connection to the standby chip; the main chip establishes TLS connection with an opposite terminal before the communication equipment is in standby; after the connection parameters are sent, the main chip enters a dormant state; and the main chip is further used for acquiring the connection parameters from the standby chip when the main chip is awakened, and recovering the TLS connection with the opposite terminal according to the connection parameters.
And the standby chip is used for establishing TLS connection with the opposite terminal according to the connection parameters when the main chip is in a dormant state.
In order to achieve the above object, an embodiment of the present invention further provides a communication system, including an opposite end and the communication device in the foregoing embodiment; the opposite terminal is connected with the communication equipment through TLS, and the opposite terminal is a server or a client.
Compared with the prior art, the TLS connection method of the communication equipment, the communication equipment and the communication system disclosed by the invention have the advantages that the communication equipment comprises a main chip and a standby chip, and the main chip sends the connection parameters for TLS connection to the standby chip by responding to the standby operation of the communication equipment; when the main chip is in a dormant state, the standby chip establishes TLS connection with the opposite terminal according to the connection parameters; and when the main chip is awakened, the main chip acquires the connection parameters from the standby chip and restores the TLS connection with the opposite terminal according to the connection parameters. The main chip can continue normal communication with the opposite terminal without handshaking between TCP and TLS, can quickly respond to TLS connection while ensuring the completeness of product functions, and improves the instantaneity of TLS connection.
Drawings
Fig. 1 is a schematic diagram of TLS connection between a communication device and a peer end provided in the prior art;
fig. 2 is a flowchart of a TLS connection method of a communication device according to an embodiment of the present invention;
FIG. 3 is a diagram illustrating digest encryption of a heartbeat plaintext according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a communication device provided in an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a communication system according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 2, fig. 2 is a flowchart of a TLS connection method of a communication device according to an embodiment of the present invention; the TLS connection method of the communication equipment comprises the following steps:
s1, responding to the standby operation of the communication equipment, and sending the connection parameters for TLS connection to the standby chip by the main chip; the main chip establishes TLS connection with an opposite terminal before the communication equipment is in standby;
S2, after the connection parameters are sent, the main chip enters a dormant state;
s3, the standby chip establishes TLS connection with the opposite terminal according to the connection parameters;
and S4, when the main chip is awakened, the main chip acquires the connection parameters from the standby chip and restores the TLS connection with the opposite terminal according to the connection parameters.
It is worth mentioning that the communication device in the embodiment of the present invention includes a main chip and a standby chip, where the main chip is a high power consumption chip and includes product main functions, such as software and hardware functions of an audio and video of a camera; the standby chip is a low-power consumption chip, has the characteristics of low cost, low power consumption, weak processing capability and less storage resources, and is mainly responsible for Wi-Fi communication, such as a WiFi chip. The TLS connection method provided by the embodiment of the invention can enable a low-power-consumption product to transfer TLS connection from the main chip to the low-power-consumption standby chip in a standby state, long connection with an opposite terminal can be maintained during standby management, and after awakening and recovering, the main chip can directly carry out TLS communication without handshaking between TCP and TLS.
The main chip of the embodiment of the invention establishes TLS connection with an opposite terminal before the communication equipment is in standby, wherein the opposite terminal is a client or a server.
Specifically, in step S1, when responding to a standby operation of the communication device, the master chip transmits a connection parameter for TLS connection to the standby chip. Optionally, the connection parameters include a TLS parameter and a TCP parameter.
The TLS parameters comprise a cipher suite negotiated with the opposite terminal, secret key information and message read-write records during communication with the opposite terminal; the key information is 256 bits of initially generated key information; the message read-write record refers to a message accumulated record received and sent during local and opposite end communication in TLS communication, and may be represented by an ID value, for example, a client side writes data to a server side every time, the written ID record is incremented, and reading is also the same.
In the process of transferring the TLS connection, a TCP connection at a next layer of the TLS connection needs to be transferred, and therefore, a basic information 4-tuple (i.e., the TCP parameter) of the TCP connection needs to be acquired from a LINUX kernel protocol stack. The TCP parameters comprise local and target IP addresses, ports, header parameters and a structural body of a TCP handshake negotiation result; the header parameters are parameters required by TCP and IP headers, and comprise ID, seq, ack _ seq, wnd, timestamp and the like; the structural body of the TCP handshake negotiation result is rx _ opt of the TCP handshake negotiation result TCP _ sock.
Specifically, in step S2, after sending the connection parameter to the standby chip, the main chip enters a sleep state, and the main chip is powered off.
Specifically, in step S3, after the standby chip receives the connection parameter, the TLS connection is established with the opposite terminal according to the connection parameter. At this time, the standby chip establishes TLS connection with the opposite terminal according to the connection parameters, including steps S31 to S33.
And S31, constructing the heartbeat message according to the connection parameters. Includes steps S311 to S313:
and S311, initializing the encryption and decryption summary according to the key information. The standby chip initializes the encryption and decryption abstract initial data and the encryption and decryption AES initial value by using the key information transmitted by the main chip.
S312, encrypting and abstracting the heartbeat plaintext according to the abstract, the encryption context, the message read-write record (write ID record) and the handshake parameters to generate a ciphertext. The digest encryption method may refer to fig. 3, and includes:
adding a write ID, a message type, a current TLS version number and a plaintext length in front of plaintext data of a heartbeat;
secondly, performing abstract calculation on all contents in the first step by an abstract algorithm specified in the suite number, and then placing the abstract calculation behind plaintext data;
Thirdly, calculating the length of all contents in the second step, if the length is not a multiple of 16, filling by using a filling algorithm specified in the suite number, and then placing the result after the summary;
fourthly, all the contents in the third step are encrypted, and the contents are encrypted by using an encryption algorithm specified in the suite number;
fifthly, adding the ciphertext in the fourth step in front: message type, current TLS version number, cipher text length, and initial random key generated during encryption.
S313, the ciphertext is used as a heartbeat message of the TCP, the header parameter is used for packaging the head of the heartbeat message, and the parameters of seq, timestamps and the like of the TCP stored in standby are used for packaging the head of the TCP message.
And S32, sending the heartbeat message to the opposite terminal every other preset time period. Illustratively, a timer is started to construct and send heartbeat messages at regular time. According to the principle of TCP communication, each time a message with data is sent, the other side must reply an ACK message, if no ACK reply is received, the message is sent repeatedly until ACK is received, or overtime is over.
It should be noted that, if the number of reconnection times exceeds a certain number, the TLS connection is considered to be disconnected, and the TLS connection needs to be reconstructed. At this time, in order to achieve the purpose of power saving, the standby chip and the server directly perform TCP and TLS handshake reconnection without waking up the main chip.
And S33, receiving the information sent by the opposite terminal to establish the TLS connection with the opposite terminal. This time indicating that the TLS connection of the master chip has been transferred to the standby chip.
When receiving the message of the opposite terminal, analyzing the message, if the message is a wake-up command, waking up the main chip and restoring the TLS connection to the main chip, and then carrying out TLS connection communication between the main chip and the opposite terminal.
Further, after the standby chip establishes TLS connection with the opposite terminal according to the connection parameter, the method further includes: and the standby chip receives the control instruction sent by the opposite terminal and executes corresponding control operation according to the control instruction.
Illustratively, the standby chip receives data sent from an opposite terminal, and performs corresponding processing, for example, a server sends an instruction to wake up the main chip, or a local mobile phone APP sends an instruction to query current device state information. These instructions are TLS messages. The standby chip firstly checks the header of the TCP message, filters the non-local message, checks the IP and the TCP checksum, judges the flag bit after no error, and respectively carries out different processing on FIN, SYN, ACK, RST and PSH, wherein the message data marked by PSH needs to carry out TLS message analysis. And the message of the ACK mark needs to check the TCP serial number, and if the message is a reply of the TCP message sent by the standby chip, the standby chip clears the retransmission queue and the retransmission timer. For the TLS message, the TLS header is parsed and decrypted using the received 16-bit IV. After the decryption is successful, the standby chip performs abstract calculation, analyzes the HTTP header content after the abstract is correct, and judges whether the command is a standby awakening command.
Specifically, in step S4, when the main chip is awakened, the main chip obtains the connection parameter from the standby chip, and recovers the TLS connection with the opposite terminal according to the connection parameter.
Optionally, the recovering the TLS connection with the opposite end according to the connection parameter includes:
s41, recovering the TCP connection according to the TCP parameters;
and S42, after the TCP connection is recovered, recovering the TLS connection according to the TLS parameters.
The recovering of the TCP connection according to the TCP parameters includes: a user process creates a sock structure body, binds file descriptors and obtains the TCP parameters from the standby chip; updating the sock structural body of the file descriptor in the kernel protocol stack according to the TCP parameter; and carrying out offset setting on timestamps (timestamps) in the kernel protocol stack so as to ensure the continuity of the TCP transmission timing.
The recovering the TLS connection according to the TLS parameter includes: acquiring the message read-write record, the secret key information and the version information from the standby chip; initializing initial values of the abstract and the encryption algorithm structural body; setting a preset flag bit in the ssl _ tls structural body; meanwhile, the out _ msg pointer, the in _ msg pointer, the transform pointer and the session structure pointer are assigned.
It should be noted that, in the embodiment of the present invention, the sock structure body of the main chip is exemplified by a LINUX system and a kernel protocol stack, but in other embodiments, the sock structure body is not limited to LINUX, and all of them are within the protection scope of the present invention.
Exemplarily, the following is an application scenario of the embodiment of the present invention: and after the communication equipment is normally started, the main chip starts the TLS client process to connect the opposite terminal and performs normal encrypted communication. During the standby period of the communication equipment, the TLS connection is transferred to the standby chip, the standby chip sends heartbeat messages periodically to maintain long connection with an opposite terminal, meanwhile, awakening requests and other abnormal notifications sent by the opposite terminal can be processed, disconnection reconnection processing is carried out, after the main chip is awakened, the TLS connection is quickly transferred to the main chip, the main chip does not need handshaking between TCP and TLS to continue normal communication with the opposite terminal, and quick response is achieved.
Another application scenario of the embodiment of the present invention is as follows: and after the communication equipment is normally started, the main chip starts the TLS server to provide HTTPS service for the local. During the standby period of the communication equipment, the TLS connection is transferred to the standby chip, when a user uses an APP or other HTTPS client to inquire equipment state information, information reading can be carried out quickly without waking up the main chip, when the main chip is woken up, the TLS connection is transferred to the main chip quickly, and the main chip continues to maintain HTTPS service. And (3) performing comparative analysis by wireshark packet capture: no extra message is generated during the TLS storage, normal communication can be realized during the TLS hosting, no extra message is generated in the TLS connection recovery process, and communication can be normally continued after recovery.
Compared with the prior art, the communication equipment in the TLS connection method of the communication equipment comprises a main chip and a standby chip, wherein the main chip sends the connection parameters for TLS connection to the standby chip by responding to the standby operation of the communication equipment; when the main chip is in a dormant state, the standby chip establishes TLS connection with the opposite terminal according to the connection parameters; and when the main chip is awakened, the main chip acquires the connection parameters from the standby chip and restores the TLS connection with the opposite terminal according to the connection parameters. The main chip can continue normal communication with the opposite terminal without handshaking between TCP and TLS, can quickly respond to TLS connection while ensuring the completeness of product functions, and improves the instantaneity of TLS connection.
Referring to fig. 4, fig. 4 is a schematic structural diagram of a communication device 10 according to an embodiment of the present invention; the communication device 10 comprises a main chip 11 and a standby chip 12; wherein the content of the first and second substances,
the main chip 11 is configured to send, in response to a standby operation of the communication device, a connection parameter for performing TLS connection to the standby chip 12; the main chip 11 establishes TLS connection with an opposite terminal before the communication device is in standby; after the connection parameters are sent, the main chip 11 enters a sleep state; and is further configured to obtain the connection parameter from the standby chip 12 when the main chip 11 is awakened, and recover the TLS connection with the opposite terminal according to the connection parameter.
The standby chip 12 is configured to establish TLS connection with an opposite terminal according to the connection parameter when the main chip 11 is in a dormant state.
For the specific working process of the main chip 11 and the standby chip 12 in the communication device 10, reference may be made to the working process of the TLS connection method of the communication device in the foregoing embodiment, which is not described herein again.
Compared with the prior art, the communication device 10 disclosed by the invention comprises a main chip 11 and a standby chip 12, wherein the main chip 11 sends connection parameters for TLS connection to the standby chip 12 in response to the standby operation of the communication device 10; when the main chip 11 is in a dormant state, the standby chip 12 establishes TLS connection with the opposite terminal according to the connection parameters; when the main chip 11 is awakened, the main chip 11 obtains the connection parameters from the standby chip 12, and recovers the TLS connection with the opposite terminal according to the connection parameters. The main chip 11 can continue normal communication with the opposite terminal without handshaking, and can quickly respond to TLS connection and improve the real-time performance of TLS connection while ensuring the completeness of the product function.
Referring to fig. 5, fig. 5 is a schematic structural diagram of a communication system 20 according to an embodiment of the present invention. The communication system 20 includes the opposite terminal 21 and the communication device 10 described in the above embodiment; the opposite end 21 is connected with the communication device 10 through TLS, and the opposite end 21 is a server or a client.
For a specific working process of the communication system 20, reference may be made to the working process of the TLS connection method in the foregoing embodiment, which is not described herein again.
Compared with the prior art, the communication device 10 in the communication system 20 disclosed by the invention comprises a main chip and a standby chip, wherein the main chip sends the connection parameters for TLS connection to the standby chip in response to the standby operation of the communication device; when the main chip is in a dormant state, the standby chip establishes TLS connection with the opposite terminal according to the connection parameters; and when the main chip is awakened, the main chip acquires the connection parameters from the standby chip and restores the TLS connection with the opposite terminal according to the connection parameters. The main chip can continue normal communication with the opposite terminal without handshaking between TCP and TLS, can quickly respond to TLS connection while ensuring the completeness of product functions, and improves the instantaneity of TLS connection.
While the foregoing is directed to the preferred embodiment of the present invention, it will be understood by those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention.
Claims (10)
1. A TLS connection method of a communication device, wherein the communication device includes a main chip and a standby chip, the method comprising:
in response to a standby operation of the communication device, the main chip sends a connection parameter for TLS connection to the standby chip; the main chip establishes TLS connection with an opposite terminal before the communication equipment is in standby;
after the connection parameters are sent, the main chip enters a dormant state;
the standby chip establishes TLS connection with an opposite terminal according to the connection parameters;
and when the main chip is awakened, the main chip acquires the connection parameters from the standby chip and restores the TLS connection with the opposite terminal according to the connection parameters.
2. The TLS connection method of a communication device as claimed in claim 1, wherein the connection parameters include a TLS parameter and a TCP parameter; the TLS parameters comprise a password suite negotiated with the opposite terminal, secret key information and message read-write records during communication with the opposite terminal; the TCP parameters comprise an IP address, a port, a header parameter and a structural body of a TCP handshake negotiation result.
3. The TLS connection method of a communication device according to claim 2, wherein the establishing, by the standby chip, a TLS connection with an opposite terminal according to the connection parameter includes:
Constructing a heartbeat message according to the connection parameters;
sending the heartbeat message to the opposite terminal every other preset time period;
and receiving the information sent by the opposite terminal to establish TLS connection with the opposite terminal.
4. The TLS connection method of a communication device according to claim 3, wherein the constructing a heartbeat packet according to the connection parameters includes:
initializing an encryption and decryption abstract according to the key information;
encrypting and abstracting a heartbeat plaintext according to the abstract, the encryption context, the message read-write record and the handshake parameters to generate a ciphertext;
and taking the ciphertext as a heartbeat message of the TCP, and packaging the head of the heartbeat message by using the header parameter.
5. The TLS connection method of a communication device according to claim 1, wherein after the standby chip establishes the TLS connection with the peer end according to the connection parameter, the method further comprises:
and the standby chip receives the control instruction sent by the opposite terminal and executes corresponding control operation according to the control instruction.
6. The TLS connection method of a communication device as claimed in claim 2, wherein the recovering the TLS connection with the peer end according to the connection parameter comprises:
Recovering the TCP connection according to the TCP parameters;
and after the TCP connection is recovered, recovering the TLS connection according to the TLS parameters.
7. The TLS connection method of a communication device as claimed in claim 6, wherein said recovering a TCP connection according to said TCP parameters comprises:
acquiring the TCP parameters from the standby chip;
updating a structural body of a file descriptor in a kernel protocol stack according to the TCP parameters;
and setting the offset of the time stamp in the kernel protocol stack.
8. The TLS connection method of a communication device as claimed in claim 6, wherein said recovering the TLS connection according to the TLS parameters comprises:
acquiring the message read-write record, the secret key information and the version information from the standby chip;
initializing initial values of the abstract and the encryption algorithm structural body;
and setting a preset flag bit in the structure body.
9. A communication device, comprising a main chip and a standby chip; wherein the content of the first and second substances,
the main chip is used for responding to the standby operation of the communication equipment and sending the connection parameters for TLS connection to the standby chip; the main chip establishes TLS connection with an opposite terminal before the communication equipment is in standby; after the connection parameters are sent, the main chip enters a dormant state; and the main chip is further used for acquiring the connection parameters from the standby chip when the main chip is awakened, and recovering the TLS connection with the opposite terminal according to the connection parameters.
And the standby chip is used for establishing TLS connection with the opposite terminal according to the connection parameters when the main chip is in a dormant state.
10. A communication system comprising a peer and the communication device of claim 9 above; the opposite terminal is connected with the communication equipment through TLS, and the opposite terminal is a server or a client.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010454215.6A CN111866060A (en) | 2020-05-26 | 2020-05-26 | TLS (transport layer service) connection method of communication equipment, communication equipment and communication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010454215.6A CN111866060A (en) | 2020-05-26 | 2020-05-26 | TLS (transport layer service) connection method of communication equipment, communication equipment and communication system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111866060A true CN111866060A (en) | 2020-10-30 |
Family
ID=72985684
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010454215.6A Pending CN111866060A (en) | 2020-05-26 | 2020-05-26 | TLS (transport layer service) connection method of communication equipment, communication equipment and communication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111866060A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111935148A (en) * | 2020-08-11 | 2020-11-13 | 北京卓讯科信技术有限公司 | Control method and device for data plane signaling message |
| CN115189904A (en) * | 2022-05-06 | 2022-10-14 | 国网湖北省电力有限公司信息通信公司 | SDP-based power Internet of things and networking method |
Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030189898A1 (en) * | 2002-04-04 | 2003-10-09 | Frick John Kevin | Methods and systems for providing redundant connectivity across a network using a tunneling protocol |
| US20070230393A1 (en) * | 2006-03-31 | 2007-10-04 | Shailendra Sinha | Wake on wireless network techniques |
| CN101772141A (en) * | 2008-12-30 | 2010-07-07 | 英特尔公司 | Reduced power state network processing |
| CN102769603A (en) * | 2011-05-03 | 2012-11-07 | 中国移动通信集团公司 | Method, system and apparatus for data transmission |
| CN103036872A (en) * | 2012-11-19 | 2013-04-10 | 华为技术有限公司 | Method, equipment and system for encryption and decryption of data transmission |
| US20150052504A1 (en) * | 2013-08-19 | 2015-02-19 | Tata Consultancy Services Limited | Method and system for verifying sleep wakeup protocol by computing state transition paths |
| US20150195281A1 (en) * | 2014-01-07 | 2015-07-09 | Cellco Partnership D/B/A Verizon Wireless | Establishing connections for secure element communications |
| CN105391751A (en) * | 2014-08-25 | 2016-03-09 | 三星电子株式会社 | REMOTELY CONTROLLABLE ELECTRONIC DEVICE, NETWORK SYSTEM and REMOTE CONTROL METHOD THEREOF |
| CN107147611A (en) * | 2016-03-01 | 2017-09-08 | 华为技术有限公司 | Method, user equipment, server and the system of Transport Layer Security TLS link setups |
| CN107948302A (en) * | 2017-12-06 | 2018-04-20 | 上海麦腾物联网技术有限公司 | A kind of life cycle management method and system of Internet of Things embedded device |
| CN108023879A (en) * | 2017-11-30 | 2018-05-11 | 济南浪潮高新科技投资发展有限公司 | A kind of NB-IOT device data acquisition system and methods based on block chain |
| CN108632306A (en) * | 2017-03-17 | 2018-10-09 | 华为技术有限公司 | Method, equipment and the system of safe keep-alive |
| CN108886747A (en) * | 2016-04-04 | 2018-11-23 | 索尼移动通讯有限公司 | Serve the agent apparatus and method of suspend mode Internet of things device |
-
2020
- 2020-05-26 CN CN202010454215.6A patent/CN111866060A/en active Pending
Patent Citations (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030189898A1 (en) * | 2002-04-04 | 2003-10-09 | Frick John Kevin | Methods and systems for providing redundant connectivity across a network using a tunneling protocol |
| US20070230393A1 (en) * | 2006-03-31 | 2007-10-04 | Shailendra Sinha | Wake on wireless network techniques |
| CN101772141A (en) * | 2008-12-30 | 2010-07-07 | 英特尔公司 | Reduced power state network processing |
| CN102769603A (en) * | 2011-05-03 | 2012-11-07 | 中国移动通信集团公司 | Method, system and apparatus for data transmission |
| CN103036872A (en) * | 2012-11-19 | 2013-04-10 | 华为技术有限公司 | Method, equipment and system for encryption and decryption of data transmission |
| US20150052504A1 (en) * | 2013-08-19 | 2015-02-19 | Tata Consultancy Services Limited | Method and system for verifying sleep wakeup protocol by computing state transition paths |
| US20150195281A1 (en) * | 2014-01-07 | 2015-07-09 | Cellco Partnership D/B/A Verizon Wireless | Establishing connections for secure element communications |
| CN105391751A (en) * | 2014-08-25 | 2016-03-09 | 三星电子株式会社 | REMOTELY CONTROLLABLE ELECTRONIC DEVICE, NETWORK SYSTEM and REMOTE CONTROL METHOD THEREOF |
| CN107147611A (en) * | 2016-03-01 | 2017-09-08 | 华为技术有限公司 | Method, user equipment, server and the system of Transport Layer Security TLS link setups |
| CN108886747A (en) * | 2016-04-04 | 2018-11-23 | 索尼移动通讯有限公司 | Serve the agent apparatus and method of suspend mode Internet of things device |
| CN108632306A (en) * | 2017-03-17 | 2018-10-09 | 华为技术有限公司 | Method, equipment and the system of safe keep-alive |
| CN108023879A (en) * | 2017-11-30 | 2018-05-11 | 济南浪潮高新科技投资发展有限公司 | A kind of NB-IOT device data acquisition system and methods based on block chain |
| CN107948302A (en) * | 2017-12-06 | 2018-04-20 | 上海麦腾物联网技术有限公司 | A kind of life cycle management method and system of Internet of Things embedded device |
Non-Patent Citations (1)
| Title |
|---|
| 曹永: "传输层安全协议中客户端会话缓存的研究与实现", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111935148A (en) * | 2020-08-11 | 2020-11-13 | 北京卓讯科信技术有限公司 | Control method and device for data plane signaling message |
| CN115189904A (en) * | 2022-05-06 | 2022-10-14 | 国网湖北省电力有限公司信息通信公司 | SDP-based power Internet of things and networking method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108293058B (en) | Establishing communication events using secure signaling | |
| US9258349B2 (en) | Method and apparatus of performing remote computer file exchange | |
| EP3369240B1 (en) | Protocol fallback during call signaling | |
| US20200084283A1 (en) | Session Resumption Method and Apparatus, and Computer Storage Medium | |
| CN105357283B (en) | Long connection establishing method of intelligent wearable equipment, server and terminal | |
| WO2019119846A1 (en) | Low power consumption device, keep-alive server, and message pushing method and system | |
| CN111866060A (en) | TLS (transport layer service) connection method of communication equipment, communication equipment and communication system | |
| CN110287041B (en) | Service data sending method, device, equipment and storage medium | |
| CN105391751A (en) | REMOTELY CONTROLLABLE ELECTRONIC DEVICE, NETWORK SYSTEM and REMOTE CONTROL METHOD THEREOF | |
| WO2019071681A1 (en) | P2p-based remote wakeup system and method | |
| US10419212B2 (en) | Methods, systems, apparatuses, and devices for securing network communications using multiple security protocols | |
| CN103858389A (en) | Session transmission method, client and Push server | |
| CN105453509A (en) | Use of a datagram-based protocol to communicate with a VPN server | |
| CN103516766A (en) | Method and system of communication between client-side and application server | |
| CN110233851A (en) | A kind of data transmission method and device | |
| US10630479B2 (en) | Network communication method having function of recovering terminal session | |
| CN113852595A (en) | Cross-network-segment encrypted communication method for embedded equipment | |
| JP2005020215A (en) | Fault recovery method and system in secure communication | |
| CN111711689A (en) | System for live broadcasting image and text in casting and watching system, equipment and storage medium | |
| CN114980365A (en) | WiFi keep-alive method, WiFi keep-alive device and WiFi chip | |
| CN114070606A (en) | Network security terminal device based on domestic operating system and working method | |
| CN112804268A (en) | Synchronization method, first device, second device and synchronization system | |
| WO2023184263A1 (en) | Method and apparatus for establishing user datagram protocol (udp) transmission channel | |
| CN113055471B (en) | Management method and system for keeping long-term survival and data interaction | |
| CN111756699B (en) | LLDP protocol optimization method and system based on asymmetric encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |