CN112202565A - Block chain system password patch plug-in implementation method - Google Patents
Block chain system password patch plug-in implementation method Download PDFInfo
- Publication number
- CN112202565A CN112202565A CN202010994250.7A CN202010994250A CN112202565A CN 112202565 A CN112202565 A CN 112202565A CN 202010994250 A CN202010994250 A CN 202010994250A CN 112202565 A CN112202565 A CN 112202565A
- Authority
- CN
- China
- Prior art keywords
- function
- key
- interface
- password
- patch plug
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
- G06F8/658—Incremental updates; Differential updates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
- G06F9/44521—Dynamic linking or loading; Link editing at or after load time, e.g. Java class loading
- G06F9/44526—Plug-ins; Add-ons
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method for realizing a password patch plug-in unit of a block chain system. The cipher module realized by the patch plug-in method naturally supports various cipher algorithms, and the replacement of the cipher algorithm can be quickly realized only by replacing the dynamic link library file, so that the method is very flexible and convenient. Each cryptographic algorithm in the invention has detailed, specific and complex logic, and if a company develops each cryptographic algorithm in a full life cycle, huge labor and time costs are consumed. According to the method for patching the password, a professional team can contribute the password plug-in, and a user can directly use the password plug-in, so that the cost of each link in development can be greatly reduced.
Description
Technical Field
The invention relates to the technical field of a block chain, in particular to a method for realizing a password patch plug-in of a block chain system.
Background
The cryptographic module in the existing block chain system is not perfect, and the following problems exist:
(1) the supported cryptographic algorithm is single. The block chain system supports a single password, most systems usually only support one or a few password algorithms, and the functional requirements cannot be met in many scenes, so that great restriction is caused on the development of block chain projects and the whole ecological environment.
(2) The development cost of replacing the cryptographic algorithm is large. Due to development time and functional requirements, blockchain systems often implement only one cryptographic algorithm. When the system has new password requirements to be supported, the whole system is required to be changed, the password part is also required to be newly developed, and the development cost is very high.
(3) Long development period and the like. The new cryptographic algorithm has a large workload, and needs to go through a plurality of links such as algorithm learning, algorithm development, algorithm testing, algorithm integration, system testing and the like, and each link is complex and full of uncertainty. Thus, each new password requirement will take a significant amount of time.
The core of the blockchain security is a cryptographic algorithm, and the security of the cryptographic algorithm directly determines the security of the blockchain system. Meanwhile, the variety of the cryptographic algorithms is numerous and the cryptographic algorithms are continuously developed, and a mature blockchain system should support a plurality of cryptographic algorithms in terms of security requirements and is easy to upgrade and modify.
Disclosure of Invention
Aiming at the defects in the prior art, the method for realizing the password patch plug-in of the blockchain system solves the problem that the password module in the blockchain system is not perfect.
In order to achieve the purpose of the invention, the invention adopts the technical scheme that: a method for realizing a block chain system password patch plug-in comprises the following steps:
s1, determining an interface set and generating a password patch plug-in according to a function defined by the interface;
and S2, loading the password patch plug-in, and calling a function in the password patch plug-in through the interface specification.
Further: the interface set in step S1 includes: a key access interface, a key management interface, a symmetric encryption component service interface, and a cryptographic component service interface.
Further: the key storage interface defines a ReadOnly function, a GetKey function and a StoreKey function, the ReadOnly function is used for returning whether the key store is read-only or not, the GetKey function is used for returning key information according to the unique identifier, the StoreKey function returns the key information according to the unique identifier, and the StoreKey function is used for storing key content.
Further: the key management interface defines a Bytes function, an SKI function, a Symmetric function, a Private function and a public key function, wherein the Bytes function is used for returning a key in a byte stream format, the SKI function is used as a unique identifier of the key, the Symmetric function is used for returning a key type, the Private function is used for acquiring Private key content, and the public key function is used for acquiring public key content.
Further: the symmetric encryption component service interface defines a BlockSize function, an Encrypt function and a Decrypt function, the BlockSize function is used as a data updating identifier, the Encrypt function is used as a data unique identifier, and the Decrypt function is used as a depositor unique identifier.
Further: the cryptographic component service interface defines a KeyGen function, a KeyDeriv function, a KeyImport function, a GetKey function, a Hash function, a GetHash function, a Sign function, a Verify function, an Encrypt function and a Decrypt function, wherein the KeyGen function is used for generating a key, the KeyDeriv function is used for deriving the key through the existing key, the KeyImport function is used for loading the existing key, the GetKey function is used for acquiring the bound key, the Hash function is used for calculating a data Hash value, the GetHash function is used for acquiring Hash calculation, the Sign function is used for signing data, the Veriff function is used for verifying signed content, the Encrypt function is used for encrypting data content, and the Decrypt function is used for decrypting the data content.
Further: the method for generating the password patch plug-in the step S1 includes: and setting the compiling mode as a plug-in mode, compiling according to the interface and the function defined by the interface to generate a dynamic link library file, and taking the dynamic link library file as a password patch plug-in.
The invention has the beneficial effects that:
(1) high flexibility. The cipher module realized by the patch plug-in method naturally supports various cipher algorithms, and the replacement of the cipher algorithm can be quickly realized only by replacing the dynamic link library file, so that the method is very flexible and convenient.
(2) And reducing the point development cost. Each cryptographic algorithm in the invention has detailed, specific and complex logic, and if a company develops each cryptographic algorithm in a full life cycle, huge labor and time costs are consumed. According to the method for patching the password, a professional team can contribute the password plug-in, and a user can directly use the password plug-in, so that the cost of each link in development can be greatly reduced.
Drawings
FIG. 1 is a flow chart of the present invention;
fig. 2 is a flow chart of the operation of the present invention.
Detailed Description
The following description of the embodiments of the present invention is provided to facilitate the understanding of the present invention by those skilled in the art, but it should be understood that the present invention is not limited to the scope of the embodiments, and it will be apparent to those skilled in the art that various changes may be made without departing from the spirit and scope of the invention as defined and defined in the appended claims, and all matters produced by the invention using the inventive concept are protected.
The invention provides a selectable password service technology for a user based on a plug-in technology, and the user can realize quick access or upgrade of the password service through development of simple interface adaptation work.
For the use layer, a user selects a corresponding BCCSP factory according to the configuration, and all factory classes realize a uniform interface type. The provider of the cryptographic component selects the interface to be implemented according to the own function, if the implementation is in a software mode, the SW is implemented, if the implementation is in a hardware mode, the PKCS11 is implemented, and if the implementation is in a mode of referencing an external plug-in, the Plugin is implemented.
Aiming at the patch plug-in part, the specific function of the interface is realized, and all plug-in interface functions are packaged so as to be freely called when a specific service is realized. After the interface is packaged, the interface is provided for the user in a dynamic link library mode.
Accessing the password plug-in by using technologies such as plugin and interface in a block chain system to realize the initialization of the password plug-in; based on the principle of the plug-in technology, a series of password-related functions such as data fingerprint calculation, data signature verification, data encryption, data decryption, public and private key generation management and the like are realized. The block chain system can call the relevant interface when the service is realized, and does not need to care about the type of the password and the specific realization process of the password algorithm.
As shown in fig. 1, a method for implementing a plug-in of a blockchain system password patch includes the following steps:
s1, determining an interface set and generating a password patch plug-in according to a function defined by the interface;
the interface set includes: a key access interface, a key management interface, a symmetric encryption component service interface, and a cryptographic component service interface.
The key storage interface defines a ReadOnly function, a GetKey function and a StoreKey function, the ReadOnly function is used for returning whether the key store is read-only or not, the GetKey function is used for returning key information according to the unique identifier, the StoreKey function returns the key information according to the unique identifier, and the StoreKey function is used for storing key content.
The key management interface defines a Bytes function, an SKI function, a Symmetric function, a Private function and a public key function, wherein the Bytes function is used for returning a key in a byte stream format, the SKI function is used as a unique identifier of the key, the Symmetric function is used for returning a key type, the Private function is used for acquiring Private key content, and the public key function is used for acquiring public key content.
The symmetric encryption component service interface defines a BlockSize function, an Encrypt function and a Decrypt function, the BlockSize function is used as a data updating identifier, the Encrypt function is used as a data unique identifier, and the Decrypt function is used as a depositor unique identifier.
The cryptographic component service interface defines a KeyGen function, a KeyDeriv function, a KeyImport function, a GetKey function, a Hash function, a GetHash function, a Sign function, a Verify function, an Encrypt function and a Decrypt function, wherein the KeyGen function is used for generating a key, the KeyDeriv function is used for deriving the key through the existing key, the KeyImport function is used for loading the existing key, the GetKey function is used for acquiring the bound key, the Hash function is used for calculating a data Hash value, the GetHash function is used for acquiring Hash calculation, the Sign function is used for signing data, the Veriff function is used for verifying signed content, the Encrypt function is used for encrypting data content, and the Decrypt function is used for decrypting the data content.
The generation method of the password patch plug-in comprises the following steps: and setting the compiling mode as a plug-in mode, compiling according to the interface and the function defined by the interface to generate a dynamic link library file, and taking the dynamic link library file as a password patch plug-in.
S2, as shown in fig. 2, the user service code is independent from the plug-in part, and the user service part needs to load the plug-in when using the password plug-in code, load the password patch plug-in, and call the function in the password patch plug-in through the interface specification.
The cipher module realized by the patch plug-in method naturally supports various cipher algorithms, and the replacement of the cipher algorithm can be quickly realized only by replacing the dynamic link library file, so that the method is very flexible and convenient.
Each cryptographic algorithm in the invention has detailed, specific and complex logic, and if a company develops each cryptographic algorithm in a full life cycle, huge labor and time costs are consumed. According to the method for patching the password, a professional team can contribute the password plug-in, and a user can directly use the password plug-in, so that the cost of each link in development can be greatly reduced.
Claims (7)
1. A method for realizing a code patch plug-in unit of a block chain system is characterized by comprising the following steps:
s1, determining an interface set and generating a password patch plug-in according to a function defined by the interface;
and S2, loading the password patch plug-in, and calling a function in the password patch plug-in through the interface specification.
2. The method for implementing a blockchain system cryptographic patch plug-in according to claim 1, wherein the interface set in step S1 includes: a key access interface, a key management interface, a symmetric encryption component service interface, and a cryptographic component service interface.
3. The method for implementing a patch plug-in for a block chain system password according to claim 2, wherein the key storage interface defines a ReadOnly function, a GetKey function and a StoreKey function, the ReadOnly function is used to return whether the key store is read-only, the GetKey function is used to return key information according to the unique identifier, the StoreKey function is used to return key information according to the unique identifier, and the StoreKey function is used to store key contents.
4. A method for implementing a blockchain system cryptographic patch plug-in according to claim 2, wherein the key management interface defines a Bytes function, an SKI function, a Symmetric function, a Private function and a PublicKey function, the Bytes function is used for returning a key in a byte stream format, the SKI function is used for unique identification of the key, the Symmetric function is used for returning a key type, the Private function is used for obtaining Private key content, and the PublicKey function is used for obtaining public key content.
5. A method for implementing a blockchain system cryptographic patch plug-in according to claim 2, wherein the symmetric cryptographic component services interface defines a BlockSize function, an Encrypt function and a Decrypt function, the BlockSize function is used as a data update identifier, the Encrypt function is used as a data unique identifier, and the Decrypt function is used as a depositor unique identifier.
6. The method for implementing a cryptographic patch plug-in of a block chain system according to claim 2, wherein the cryptographic component service interface defines a KeyGen function, a KeyDeriv function, a keyinport function, a GetKey function, a Hash function, a GetHash function, a Sign function, a Verify function, an Encrypt function, and a Decrypt function, the KeyGen function is used to generate a key, the KeyDeriv function is used to derive a key from an existing key, the keyinport function is used to load an existing key, the GetKey function is used to obtain a bound key, the Hash function is used to calculate a data Hash value, the GetHash function is used to obtain a Hash calculation, the Sign function is used to Sign data, the Verify signed content, the Encrypt function is used to Encrypt data content, and the Decrypt function is used to Decrypt data content.
7. The method for implementing a blockchain system cryptographic patch plug-in of claim 1, wherein the method for generating the cryptographic patch plug-in step S1 is as follows: and setting the compiling mode as a plug-in mode, compiling according to the interface and the function defined by the interface to generate a dynamic link library file, and taking the dynamic link library file as a password patch plug-in.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010994250.7A CN112202565A (en) | 2020-09-21 | 2020-09-21 | Block chain system password patch plug-in implementation method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010994250.7A CN112202565A (en) | 2020-09-21 | 2020-09-21 | Block chain system password patch plug-in implementation method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112202565A true CN112202565A (en) | 2021-01-08 |
Family
ID=74015769
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010994250.7A Pending CN112202565A (en) | 2020-09-21 | 2020-09-21 | Block chain system password patch plug-in implementation method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112202565A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113032488A (en) * | 2021-03-23 | 2021-06-25 | 无锡井通网络科技有限公司 | Distributed system based on pluggable encryption subsystem and encryption method |
| CN116070219A (en) * | 2023-04-06 | 2023-05-05 | 北京紫光青藤微系统有限公司 | Method and system for writing patch, electronic device and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109474619A (en) * | 2018-12-17 | 2019-03-15 | 中国平安财产保险股份有限公司 | Data encryption report method and device, data decryption method and device |
| CN109903046A (en) * | 2019-02-02 | 2019-06-18 | 中国互联网络信息中心 | User data management and device based on block chain |
| CN110069295A (en) * | 2019-05-06 | 2019-07-30 | 百度在线网络技术(北京)有限公司 | Block chain processing method, device, equipment and medium |
| CN110880972A (en) * | 2019-11-26 | 2020-03-13 | 复旦大学 | Block chain key management system based on safe multiparty calculation |
| CN111026461A (en) * | 2019-12-06 | 2020-04-17 | 联想(北京)有限公司 | Data processing method and device for block chain system and electronic equipment |
-
2020
- 2020-09-21 CN CN202010994250.7A patent/CN112202565A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109474619A (en) * | 2018-12-17 | 2019-03-15 | 中国平安财产保险股份有限公司 | Data encryption report method and device, data decryption method and device |
| CN109903046A (en) * | 2019-02-02 | 2019-06-18 | 中国互联网络信息中心 | User data management and device based on block chain |
| CN110069295A (en) * | 2019-05-06 | 2019-07-30 | 百度在线网络技术(北京)有限公司 | Block chain processing method, device, equipment and medium |
| CN110880972A (en) * | 2019-11-26 | 2020-03-13 | 复旦大学 | Block chain key management system based on safe multiparty calculation |
| CN111026461A (en) * | 2019-12-06 | 2020-04-17 | 联想(北京)有限公司 | Data processing method and device for block chain system and electronic equipment |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113032488A (en) * | 2021-03-23 | 2021-06-25 | 无锡井通网络科技有限公司 | Distributed system based on pluggable encryption subsystem and encryption method |
| CN116070219A (en) * | 2023-04-06 | 2023-05-05 | 北京紫光青藤微系统有限公司 | Method and system for writing patch, electronic device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8627086B2 (en) | Secure loading and storing of data in a data processing device | |
| CN101627390B (en) | Method for the secure storing of program state data in an electronic device | |
| US20100005318A1 (en) | Process for securing data in a storage unit | |
| CN101771699A (en) | Method and system for improving SaaS application security | |
| EP1645931A1 (en) | Secure loading and storing of data in a data processing device | |
| CN108462686A (en) | Acquisition methods, device, terminal device and the storage medium of dynamic key | |
| CN108710500A (en) | Resource issuing method, update method and device | |
| CN109560931A (en) | A kind of equipment remote upgrade method based on no Certification system | |
| WO2020237751A1 (en) | Method and device employing smart contract to realize identity-based key management | |
| CN112202565A (en) | Block chain system password patch plug-in implementation method | |
| CN102842005B (en) | CSP (chip scale package) module of TSPI (telephony service provider interface) based on TSM (tivoli storage manager) and CSP implementation method | |
| US20120213370A1 (en) | Secure management and personalization of unique code signing keys | |
| WO2021036511A1 (en) | Method for data encryption, storage and reading, terminal device, and storage medium | |
| EP1632943B1 (en) | Method of preventing multimedia copy | |
| CN113961226B (en) | Software development kit repairing method, terminal, server and equipment | |
| CN101582765B (en) | User bound portable trusted mobile device | |
| CN103425939B (en) | A kind of SM3 algorithm realization method and system in JAVA environment | |
| CN113014387B (en) | Method for improving multidimensional encryption interface based on hardware encryption machine and encryption device | |
| CN102662871B (en) | A kind of virtual disk integrity protection system and method based on credible password module | |
| CN112311536B (en) | Key hierarchical management method and system | |
| CN113162763A (en) | Data encryption and storage method and device, electronic equipment and storage medium | |
| CN108055127A (en) | It calculates and supports heat update Encryption Algorithm and key data encryption method with data separating | |
| KR101699176B1 (en) | Hadoop Distributed File System Data Encryption and Decryption Method | |
| WO2006039967A1 (en) | Secure loading and storing of data in a data processing device | |
| CN104281612A (en) | Data processing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210108 |
|
| RJ01 | Rejection of invention patent application after publication |