CN112632572A - Method, device and storage medium for encrypting and decrypting commands in script - Google Patents
Method, device and storage medium for encrypting and decrypting commands in script Download PDFInfo
- Publication number
- CN112632572A CN112632572A CN202011409001.3A CN202011409001A CN112632572A CN 112632572 A CN112632572 A CN 112632572A CN 202011409001 A CN202011409001 A CN 202011409001A CN 112632572 A CN112632572 A CN 112632572A
- Authority
- CN
- China
- Prior art keywords
- script command
- script
- character
- encrypted
- command
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method, a device and a storage medium for encrypting and decrypting commands in scripts, which are characterized in that the commands of the scripts are set as an encrypted part and a non-encrypted part, a character replacement mapping table is preset, and the character replacement mapping table allocates more than 1 unique corresponding mapping character string for each character or character string; after the script command is edited, starting encryption operation, and replacing each character of an encrypted part in the script command according to a corresponding mapping character in a character replacement mapping table to form an encrypted script command; and when the script command is executed, the encrypted script command is decrypted. The user-defined determination is carried out, the decryption can be realized by carrying out reverse operation according to the user-defined rule in the decryption process, the problem that the encryption writing and the encryption command execution cannot be carried out in the script is effectively solved, and the safety level of the system is improved.
Description
Technical Field
The invention relates to the field of computer network application, in particular to a method and a device for encrypting and decrypting a command in a script and a storage medium.
Background
When the script is used for working processing in a computer system, the script language does not need to be compiled, the script program is stored in plaintext, information which is not expected to be known by other people, such as a user name, a password and the like, is available, an effective encryption storage method is not available, the script can be easily seen and stolen by people, and the script does not meet the safety requirement.
Disclosure of Invention
The invention aims to solve the technical problem of how to quickly achieve the aim of encrypting the script command on the premise of not changing the program structure.
The invention provides a script command encryption and decryption method for solving the problems, which is characterized in that a script command is set into an encrypted part and a non-encrypted part, a character replacement mapping table is preset, and the character replacement mapping table allocates more than 1 mapping character string which is uniquely corresponding to each character or character string; after the script command is edited, starting encryption operation, and replacing each character of an encrypted part in the script command according to a corresponding mapping character in a character replacement mapping table to form an encrypted script command; and when the script command is executed, carrying out decryption operation on the encrypted script command, and reversely replacing each character of the encrypted part in the encrypted script command according to the corresponding mapping character in the character replacement mapping table to finish the decryption of the script command.
The script command encrypting and decrypting method is characterized in that the position and the length of the encrypting part of the script command are dynamically set when a user executes the encrypting operation.
The script command encryption and decryption method is characterized in that a user name part and a password part are set as an encryption part.
The script command encryption and decryption method is characterized in that all Nth characters of the script command are set as an encryption part, Len is the length of the script command, N M < Len, N is all integers from 0 to Len/M, M is an integer, and M > 1.
The script command encrypting and decrypting method is characterized in that part of parameters of the script command are set as an encrypting part.
A script command encryption and decryption device is characterized by comprising a script command encryption module and a script command decryption module, wherein the script command encryption module is used for replacing an encrypted part of a script command by a replacement principle specified by a preset character replacement mapping table to generate an encrypted script command; the script decryption module realizes that the encryption part in the encrypted script command is reversely replaced by adopting the principle specified by the character replacement mapping table before the script command is executed, and the original script command is recovered.
A computer-readable storage medium, wherein a computer program is stored, which when executed by a processor, the processor performs the script command encryption and decryption method.
The implementation of the invention has the following beneficial effects: any part or the whole command in the script command can be encrypted and executed by using the method, and particularly which part needs to be encrypted can be determined by user definition, and decryption can be realized by performing reverse operation according to a user-defined rule in the decryption process, so that the problem that the encrypted command cannot be encrypted and written and executed in the script is effectively solved, and the safety level of the system is improved.
Drawings
FIG. 1 is a flow diagram of a script command encryption operation;
FIG. 2 is a diagram illustrating the processing of a decryption operation in accordance with an embodiment.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a flowchart of a script command encryption operation, including in particular,
firstly, the method comprises the following steps: determining a part to be encrypted in a script command needing to be encrypted; the determination principle can be that the user can freely select continuous or discontinuous partial characters or character strings for encryption processing, and certainly, the whole encryption can also be carried out on the characters or character strings.
II, secondly: the position of the part in the script command, namely the determined character of the encrypted part, is replaced by a predefined replacement character. Or encrypt the encrypted portion using a user-defined or public encryption method.
Thirdly, the method comprises the following steps: and transmitting the encrypted character string as a parameter to a decryption command execution program to execute the encrypted command, and before execution, restoring the reverse internal part of the encrypted character string into the original command by adopting an encryption method to execute.
Because the encryption is carried out in a user-defined mode, the encrypted command has no readability for non-users, namely the command is encrypted, and therefore the command has high protection capability.
The following is illustrated by way of an example:
(1) taking the following example of the required encryption script as an example, the encryption part is determined as follows: the sqlplus comprises two parts, namely a user part and a password part.
#!/bin/sh
sqlplus-s user/password@ora_sid1@out.sqlout.txt
(2) The encrypted portion is encrypted using a custom or public encryption method.
user encryption as A666BF6BDD
passflash encryption as EC21553885D
(3) The encrypted character strings are sequentially used as parameters to be transmitted to a decryption command execution program to execute the encryption command, and if the decryption command execution program is dfSyscmd, the encryption script is as follows:
#!/bin/sh
dfSyscmd“sqlplus-s 1/ 2@ora_sid1@out.sqlout.txt”“A666BF6BDD”“EC21553885D”。
fig. 2 is a schematic diagram of the decryption operation processing in the embodiment, the decryption operation is required during the run time, the parameter user and the parameter password are decrypted by using "a 666BF6 BDD" and "EC 21553885D", and the command is restored as: sqlplus-s user/password @ ora _ sid1@ out.
While the invention has been described with reference to a particular embodiment, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (7)
1. A command encryption and decryption method in a script is characterized in that a script command is set as an encryption part and a non-encryption part, a character replacement mapping table is preset, and the character replacement mapping table allocates more than 1 mapping character string which is uniquely corresponding to each character or character string; after the script command is edited, starting encryption operation, and replacing each character of an encrypted part in the script command according to a corresponding mapping character in a character replacement mapping table to form an encrypted script command; and when the script command is executed, carrying out decryption operation on the encrypted script command, and reversely replacing each character of the encrypted part in the encrypted script command according to the corresponding mapping character in the character replacement mapping table to finish the decryption of the script command.
2. The script command encrypting and decrypting method of claim 1, wherein the position and length of the encrypted part of the script command are dynamically set by the user when the user performs the encryption operation.
3. The script command encrypting and decrypting method according to claim 1, wherein a user name and password part is set as the encryption part.
4. The script command encrypting and decrypting method according to claim 1, wherein all N x M characters of the script command are set as the encrypted part, Len is the length of the script command, N x M < Len, N is all integers between 0 and Len/M, M is an integer, and M > 1.
5. The script command encrypting and decrypting method according to claim 1, wherein a part of parameters of the script command is set as an encrypted part.
6. A script command encryption and decryption device is characterized by comprising a script command encryption module and a script command decryption module, wherein the script command encryption module is used for replacing an encrypted part of a script command by a replacement principle specified by a preset character replacement mapping table to generate an encrypted script command; the script decryption module realizes that the encryption part in the encrypted script command is reversely replaced by adopting the principle specified by the character replacement mapping table before the script command is executed, and the original script command is recovered.
7. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program which, when executed by a processor, the processor performs the script command encrypting and decrypting method of any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011409001.3A CN112632572A (en) | 2020-12-04 | 2020-12-04 | Method, device and storage medium for encrypting and decrypting commands in script |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011409001.3A CN112632572A (en) | 2020-12-04 | 2020-12-04 | Method, device and storage medium for encrypting and decrypting commands in script |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112632572A true CN112632572A (en) | 2021-04-09 |
Family
ID=75308002
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011409001.3A Pending CN112632572A (en) | 2020-12-04 | 2020-12-04 | Method, device and storage medium for encrypting and decrypting commands in script |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112632572A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113343269A (en) * | 2021-06-28 | 2021-09-03 | 迈普通信技术股份有限公司 | Encryption method and device |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2000049786A1 (en) * | 1999-02-19 | 2000-08-24 | Messagemedia, Inc. | Message encryption system and method |
| JP2005202845A (en) * | 2004-01-19 | 2005-07-28 | Yaskawa Electric Corp | Script processing method and script processing computer |
| US20100023751A1 (en) * | 2008-07-24 | 2010-01-28 | Alibaba Group Holding Limited | System and method for preventing web crawler access |
| CN103246830A (en) * | 2013-04-28 | 2013-08-14 | 北京小米科技有限责任公司 | Encrypting processing method, encrypting processing device, deciphering processing method and deciphering processing device of client side scripting |
| CN105447342A (en) * | 2014-08-28 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Script encryption method, script decryption method and engine |
| KR101754017B1 (en) * | 2016-03-07 | 2017-07-04 | 쿠팡 주식회사 | Method and server for improving security of password authentication by double mapping |
| KR20170104298A (en) * | 2016-03-07 | 2017-09-15 | 쿠팡 주식회사 | Method and server for improving security of password authentication by real-time mapping |
-
2020
- 2020-12-04 CN CN202011409001.3A patent/CN112632572A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2000049786A1 (en) * | 1999-02-19 | 2000-08-24 | Messagemedia, Inc. | Message encryption system and method |
| JP2005202845A (en) * | 2004-01-19 | 2005-07-28 | Yaskawa Electric Corp | Script processing method and script processing computer |
| US20100023751A1 (en) * | 2008-07-24 | 2010-01-28 | Alibaba Group Holding Limited | System and method for preventing web crawler access |
| CN103246830A (en) * | 2013-04-28 | 2013-08-14 | 北京小米科技有限责任公司 | Encrypting processing method, encrypting processing device, deciphering processing method and deciphering processing device of client side scripting |
| CN105447342A (en) * | 2014-08-28 | 2016-03-30 | 阿里巴巴集团控股有限公司 | Script encryption method, script decryption method and engine |
| KR101754017B1 (en) * | 2016-03-07 | 2017-07-04 | 쿠팡 주식회사 | Method and server for improving security of password authentication by double mapping |
| KR20170104298A (en) * | 2016-03-07 | 2017-09-15 | 쿠팡 주식회사 | Method and server for improving security of password authentication by real-time mapping |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113343269A (en) * | 2021-06-28 | 2021-09-03 | 迈普通信技术股份有限公司 | Encryption method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20240126930A1 (en) | Secure Collaboration Between Processors And Processing Accelerators In Enclaves | |
| US10152430B2 (en) | Cryptographic pointer address encoding | |
| EP3229397B1 (en) | Method for fulfilling a cryptographic request requiring a value of a private key | |
| TWI740399B (en) | Data processing method, device and electronic equipment | |
| US20140351587A1 (en) | Protecting cryptographic secrets using file system attributes | |
| US10885203B2 (en) | Encrypted data exchange | |
| CN104618096B (en) | Protect method, equipment and the TPM key administrative center of key authorization data | |
| WO2016053729A1 (en) | Method and system for secure management of computer applications | |
| US9853811B1 (en) | Optimistic key usage with correction | |
| US20140059341A1 (en) | Creating and accessing encrypted web based content in hybrid applications | |
| CN105718794A (en) | Safety protection method and system for virtual machine based on VTPM | |
| WO2021129470A1 (en) | Polynomial-based system and method for fully homomorphic encryption of binary data | |
| CN109510702B (en) | Key storage and use method based on computer feature codes | |
| CN110855433A (en) | Data encryption method and device based on encryption algorithm and computer equipment | |
| CN114124364A (en) | Key security processing method, device, equipment and computer readable storage medium | |
| JP2015230379A (en) | Communication device, system, and communication processing method | |
| CN109711178B (en) | Key value pair storage method, device, equipment and storage medium | |
| US8751819B1 (en) | Systems and methods for encoding data | |
| CN112632572A (en) | Method, device and storage medium for encrypting and decrypting commands in script | |
| WO2018099157A1 (en) | Method and device for encrypting file system | |
| CN117093964A (en) | Encryption method and device of source code, storage medium and electronic equipment | |
| WO2019184741A1 (en) | Application program information storing method and apparatus, and application program information processing method and apparatus | |
| CN115600215A (en) | System startup method, system information processing method, device, equipment and medium thereof | |
| CN108985109A (en) | A kind of date storage method and device | |
| US10909245B1 (en) | Secure quarantine of potentially malicious content |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |