CN112671530B

CN112671530B - Data processing method and device and data processing device

Info

Publication number: CN112671530B
Application number: CN201911151577.1A
Authority: CN
Inventors: 王一帆; 唐璐莹; 王蜀洪
Original assignee: Huakong Tsingjiao Information Technology Beijing Co Ltd
Current assignee: Huakong Tsingjiao Information Technology Beijing Co Ltd
Priority date: 2019-11-21
Filing date: 2019-11-21
Publication date: 2023-04-07
Anticipated expiration: 2039-11-21
Also published as: CN112671530A

Abstract

The embodiment of the invention provides a data processing method and device and a device for data processing. The method comprises the following steps: calling a first security module according to a first pre-master key handle, so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle; acquiring the first master key handle returned by the first security module; calling the first security module according to the first master key handle, so that the first security module generates a work key and a work key handle corresponding to the work key by using the first master key handle; acquiring the work key or the work key handle returned by the first security module; and encrypting data to be transmitted according to the working key or the working key handle in the process of data transmission with the second party equipment. The embodiment of the invention can improve the security of the key data.

Description

Data processing method and device and data processing device

Technical Field

The present invention relates to the field of computer technologies, and in particular, to a data processing method and apparatus, and an apparatus for data processing.

Background

A cryptographic device is a generic term for a device or module that has a certain cryptographic function or can perform a certain cryptographic task. Such as cryptographic modules, cryptographic cards, USB keys (hardware devices for USB interfaces), server crypto machines, etc.

Generally, key data generated by the cryptographic device is directly sent to a key user, so that the key data is exposed in a memory, and a security risk exists.

Disclosure of Invention

The embodiment of the invention provides a data processing method and device and a data processing device, which can improve the security of key data.

In order to solve the above problem, an embodiment of the present invention discloses a data processing method, which is applied to a first-party device, and the method includes:

calling a first security module according to a first pre-master key handle, so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle;

acquiring the first master key handle returned by the first security module;

calling the first security module according to the first master key handle so that the first security module generates a working key and a working key handle corresponding to the working key by using the first master key handle;

acquiring the working key or the working key handle returned by the first security module;

and encrypting the data to be transmitted according to the working key or the working key handle in the process of data transmission with the second party equipment.

On the other hand, the embodiment of the invention discloses a data processing device, which is applied to first-party equipment, and comprises:

the first calling module is used for calling the first security module according to a first pre-master key handle so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle;

the first obtaining module is used for obtaining the first master key handle returned by the first security module;

the second calling module is used for calling the first security module according to the first master key handle so that the first security module generates a working key and a working key handle corresponding to the working key by using the first master key handle;

the second obtaining module is used for obtaining the working key or the working key handle returned by the first security module;

and the transmission encryption module is used for encrypting data to be transmitted according to the working key or the working key handle in the process of data transmission with the second party equipment.

In yet another aspect, an embodiment of the present invention discloses an apparatus for data processing, including a memory, and one or more programs, where the one or more programs are stored in the memory, and configured to be executed by the one or more processors includes instructions for:

acquiring the first master key handle returned by the first security module;

acquiring the work key or the work key handle returned by the first security module;

and encrypting data to be transmitted according to the working key or the working key handle in the process of data transmission with the second party equipment.

In yet another aspect, an embodiment of the invention discloses a machine-readable medium having stored thereon instructions, which, when executed by one or more processors, cause an apparatus to perform a data processing method as described in one or more of the preceding.

The embodiment of the invention has the following advantages:

in the embodiment of the present invention, a first party device calls a first secure module according to a first pre-master key handle, so that the first secure module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle, and obtains the first master key handle returned by the first secure module; the first party equipment calls the first security module according to the first master key handle, so that the first security module generates a work key and a work key handle corresponding to the work key by using the first master key handle, and acquires the work key or the work key handle returned by the first security module; and the first party equipment encrypts data to be transmitted according to the working key or the working key handle in the process of data transmission with the second party equipment.

The first party device may invoke the first security module and perform key calculations via the first security module to generate key data, such as a master key and a working key. The first security module generates and stores key data, and may return only the key handle to the first party device without returning the key data. Therefore, the security risk caused by the calculation of the key in the memory of the computer can be avoided, a hacker program is effectively prevented from stealing and even tampering the key data, the security of the key data can be improved, and the security of data transmission in the communication process of the first-party equipment and the second-party equipment can be further ensured.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments of the present invention will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained according to these drawings without inventive labor.

FIG. 1 is a flow chart of the steps of one data processing method embodiment of the present invention;

FIG. 2 is a block diagram of an embodiment of a data processing apparatus according to the present invention;

FIG. 3 is a block diagram of an apparatus 800 for data processing of the present invention; and

fig. 4 is a schematic diagram of a server in some embodiments of the invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

Method embodiment

Referring to fig. 1, a flowchart illustrating steps of an embodiment of a data processing method according to the present invention is shown, where the method is applied to a first device, and specifically may include the following steps:

step 101, calling a first security module according to a first pre-master key handle, so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle;

102, acquiring the first master key handle returned by the first security module;

103, calling the first security module according to the first master key handle, so that the first security module generates a work key and a work key handle corresponding to the work key by using the first master key handle;

step 104, acquiring the work key or the work key handle returned by the first security module;

and 105, encrypting data to be transmitted according to the working key or the working key handle in the process of data transmission with the second-party equipment.

The data processing method provided by the embodiment of the invention can be applied to an operation scene based on a multi-party secure computing protocol. Wherein, the multi-party secure computing protocol can utilize four computing nodes participating in cooperative computing to execute cipher text-based computation. A multi-party secure computing task is generally distributed with four computing nodes to complete cooperatively, where the four computing nodes are referred to as S1, S2, sa, and Sb, where S1 and S2 may be entity servers, and Sa and Sb may be virtual servers on S1 and S2.

The data processing method provided by the embodiment of the invention can be operated on the first party equipment, and the first party equipment can be an initiator or a responder in both communication parties. If the first party equipment is an initiator (such as a client), the second party equipment is a responder (such as a server); or, if the first party device is a responder, the second party device is an initiator. The first party device or the second party device may specifically be a data service subsystem (data source system), a computing network subsystem (computing network composed of computing nodes), or a scheduling and management subsystem in the multi-party secure computing environment.

For convenience of description, in the embodiments of the present invention, a process in which the first-party device executes the data processing method is taken as an example for description, and a process in which the second-party device executes the data processing method is similar to that in the above embodiments, and therefore, reference may be made to each other.

In the embodiment of the present invention, after the first party device and the second party device complete the certificate verification, the first party device does not execute the key calculation in the computer memory, but invokes the first security module, and executes the key calculation through the first security module to generate the key data.

The first security module can be modified password equipment, and the password equipment can include an encryption card, a USB Key, a server password machine and the like. After the first party device calls the first security module, the first security module may computationally generate and save the key data in the first security module, returning only the key handle to the first party device and not the key data. The key handle is used to point to the key data stored in the first secure module, for example, the key handle may be an index or a storage address of the key data in the first secure module. Since the hacker program can easily steal the key data in the memory of the computer and is difficult to steal the key data in the cryptographic device, even if the hacker program acquires the key handle returned by the first secure module, the hacker program is difficult to acquire the key data stored in the first secure module through the key handle. Therefore, the security of the key data can be improved through the embodiment of the invention.

In the context of multiparty secure computing, the keys typically used by two communicating parties include: a premaster secret, a master secret and a working secret. The first party device may invoke the first security module, and at least one of the premaster secret, the master secret and the working secret is generated through calculation by the first security module.

Specifically, the first party device may call the first security module according to a first pre-master key handle, so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle.

In an embodiment of the invention, the key handle may be communicated between the first party device and the first security module without communicating key data. For example, in generating a master key using a premaster key, a first party device may call a first security module based on a first premaster key handle. Wherein the first premaster key handle is used to point to a premaster key in the first secure module. The first security module obtains the stored premaster secret from the premaster secret handle, and then generates a master secret and a first master secret handle corresponding to the master secret from the premaster secret, and returns the first master secret handle to the first party device. Wherein the first master key handle is used to point to a master key in the first secure module.

The first party device may obtain a first master key handle returned by the first secure module and call the first secure module based on the first master key handle. The first security module may obtain the stored master key according to the first master key handle, and may further generate a work key and a work key handle corresponding to the work key according to the master key. Wherein the work key handle is used to point to a work key in the first security module.

In an optional embodiment of the present invention, the invoking, according to the first pre-master key handle, the first security module to enable the first security module to generate the master key and the first master key handle corresponding to the master key by using the first pre-master key handle specifically may include:

and calling a first interface of the first security module according to the first pre-master key handle so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle.

In an embodiment of the invention, the first security module may comprise a first interface and a second interface. The first party equipment calls a first interface of the first security module, and can generate a master key and a first master key handle corresponding to the master key through the first security module. The first party equipment calls a second interface of the first security module, and can generate a work key and a work key handle corresponding to the work key through the first security module.

The calling the first security module according to the first master key handle to enable the first security module to generate a work key and a work key handle corresponding to the work key by using the first master key handle includes:

and calling a second interface of the first security module according to the first master key handle so that the first security module generates a work key and a work key handle corresponding to the work key by using the first master key handle.

In the embodiment of the invention, the premaster secret key, the master secret key and the working secret key are all calculated and generated by the first safety module and are all stored in the first safety module, so that the secret key data can be effectively prevented from being leaked, and the safety of the secret key data is ensured.

After generating the working key, in order to further ensure the security of the data to be transmitted, the first security module may return only the working key handle to the first party device without returning the working key. Therefore, when the first-party equipment needs to encrypt the data to be transmitted by using the working key, the first security module can be called, and the working key handle and the data to be transmitted are transmitted to the first security module. The first security module acquires the stored working key according to the working key handle, encrypts the data to be transmitted by using the working key to obtain encrypted data, and returns the encrypted data to the first security module. In the process, the work key cannot be leaked, the encryption process of the data to be transmitted is executed in the first module, and the security of the data to be transmitted can be further ensured.

However, in the communication process, if the data to be transmitted is input into the first security module for encryption each time, not only is the calculation pressure of the first security module high, which puts high requirements on the calculation capability of the first security module, but also the calculation process of the first security module takes a certain time, which may affect the real-time performance of communication.

In order to solve the above problem, the embodiment of the present invention may provide the following two alternatives:

according to the scheme I, a first security module returns a work key handle to first party equipment, and the first party equipment acquires the work key handle returned by the first security module; and calling the first security module to encrypt data to be transmitted according to the working key handle in the process of data transmission between the first-party device and the second-party device. In the first scheme, the working key is stored in the first security module, so that the security of the working key can be ensured.

The first security module returns a working key to the first party equipment, and the first party equipment acquires the working key returned by the first security module; and the first party equipment encrypts the data to be transmitted according to the working key in the process of data transmission with the second party equipment. In the second scheme, the working key may be stored in the first-party device, which may improve the efficiency of the first-party device in performing encryption calculation on the data to be transmitted, and may further improve the real-time performance of communication.

In practical applications, a person skilled in the art can flexibly select any one of the two schemes according to practical situations. For example, in a scenario where the requirements for privacy are high and the requirements for real-time performance are not high, the premaster key, the master key, and the work key may all be stored in the first secure module, and only the first premaster key handle, the first master key handle, and the work key handle may be returned to the first party device. Under the scene with higher requirement on the real-time performance, the premaster secret key and the master secret key can be stored in the first security module, the first premaster secret key handle and the first master secret key handle are only returned to the first party equipment, and the working secret key can be returned to the first party equipment and stored in the first party equipment, so that the real-time performance of communication is improved.

In the embodiment of the present invention, two ways of obtaining the first premaster secret handle may be provided.

The first mode is as follows: the first-party device generates a pre-master key by calling the first security module and acquires a first pre-master key handle returned by the first security module. The first party equipment encrypts the premaster secret key by adopting a public key of the second party equipment, sends the premaster secret key to the second party equipment through secure connection, and the second party equipment obtains the premaster secret key by utilizing a private key to decrypt in a second security module of the second party equipment to obtain a second premaster secret key handle returned by the second security module. The first premaster key handle is used for pointing to a premaster key stored in the first secure module, and the second premaster key handle is used for pointing to a premaster key stored in the second secure module.

The second mode is as follows: the first pre-master key handle is obtained by the first party device and the second party device based on shared parameter negotiation.

The following first describes a specific procedure for negotiating a premaster secret in the first way.

In an optional embodiment of the present invention, before the invoking the first security module according to the first pre-master key handle, the method may further include:

step S11, calling a third interface of the first security module to enable the first security module to generate a premaster secret key and a first premaster secret key handle corresponding to the premaster secret key;

and S12, acquiring the first pre-master key handle returned by the first security module.

The first secure module may further include a third interface, and the first party device calls the third interface of the first secure module, and may generate, by the first secure module, a premaster secret and a first premaster secret handle corresponding to the premaster secret, where the first premaster secret handle is used to point to the premaster secret in the first secure module.

In an optional embodiment of the present invention, after the calling the third interface of the first secure module to enable the first secure module to generate a premaster secret and a first premaster secret handle corresponding to the premaster secret, the method may further include:

s21, acquiring the premaster secret key returned by the first security module;

s22, encrypting the premaster secret key by using the encryption public key of the second party equipment to obtain an encrypted premaster secret key;

step S23, sending the encrypted premaster secret to the second party device, so that the second party device inputs the encrypted premaster secret into the second security module for decryption and storage, and obtains a second premaster secret handle returned by the second security module, where the second premaster secret handle corresponds to the premaster secret in the second security module.

Optionally, after obtaining the first pre-master key handle returned by the first security module, the first party device may further obtain a pre-master key returned by the first security module, and encrypt the pre-master key by using the encryption public key of the second party device to obtain an encrypted pre-master key. And sending the encrypted premaster secret key to the second party equipment through secure communication connection.

After the second-party device receives the encrypted premaster secret key, the encrypted premaster secret key can be input into the second security module to be decrypted and stored. Specifically, the second security module may decrypt the encrypted premaster secret key with an encrypted private key of the second party device to obtain a premaster secret key, store the premaster secret key obtained by decryption, and return a second premaster secret key handle to the second party device, where the second premaster secret key handle corresponds to the premaster secret key in the second security module. That is, the second premaster key handle is used to point to the premaster key stored in the second secure module, and the second premaster key handle may be an index or a storage address of the premaster key in the second secure module.

Thus, in the first way, the first party device and the second party device complete the negotiation process of the premaster secret.

It should be noted that, in the first manner, the first party device may obtain the premaster secret key returned by the first security module, so that the premaster secret key is transmitted out of the first security module, which may cause the premaster secret key to be leaked.

Therefore, in order to ensure the security of the premaster secret key, the embodiment of the present invention may also complete the negotiation process of the premaster secret key in the second manner. In an optional embodiment of the present invention, before the invoking the first security module according to the first pre-master key handle, the method may further include:

negotiating with the second party device to obtain the first pre-master key handle based on a sharing parameter; wherein the sharing parameters include: the system comprises a temporary public and private key pair of two parties, identity identifications of the two parties and key data length.

Specifically, the first party device and the second party device may obtain a shared parameter common to both parties through negotiation, and the first party device and the second party device respectively invoke respective security modules and respectively calculate and generate a premaster secret key according to the shared parameter and a specified cryptographic algorithm.

The step of obtaining, by the first party device and the second party device through negotiation, a shared parameter common to both parties may specifically include:

step S31, the first party equipment calls the first security module to obtain the key parameter generated by the first security module;

and step S32, sending the key parameters to the second party equipment through secure communication connection, so that the first party equipment and the second party equipment respectively form shared parameters shared by the two parties according to the key parameters held by the first party equipment and the second party equipment.

In an application example of the present invention, the first party device invokes the first security module to generate key parameters of the first party device, which may specifically include parameters such as a temporary public and private key, an identity, and a key data length of the first party device. The second party device calls the second security module to generate key parameters of the second party device, which may specifically include parameters such as a temporary public and private key, an identity, and a key data length of the second party device. The first party equipment and the second party equipment are connected through secure communication, and respective key parameters are sent to the opposite party, so that the first party equipment and the second party equipment respectively form shared parameters shared by the two parties according to the respective key parameters. The sharing parameters may specifically include: the key pair is a temporary public and private key pair of both parties, the identity of both parties, the length of key data and other parameters.

And the first party equipment calls a first security module according to the shared parameters obtained by negotiation, the first security module calculates and generates a premaster secret key according to the shared parameters and a specified cryptographic algorithm, and returns a first premaster secret key handle corresponding to the premaster secret key to the first party equipment. And the second party equipment calls a second security module according to the sharing parameters, the second security module calculates and generates a pre-master key according to the sharing parameters and a specified cryptographic algorithm, and returns a second pre-master key handle corresponding to the pre-master key to the second party equipment. Therefore, the first party equipment and the second party equipment finish the negotiation process of the premaster secret key, and the premaster secret key is always stored in the first safety module and the second safety module in the process, so that the safety of the premaster secret key can be further ensured.

s41, acquiring a random number generated by the first security module;

and S42, sending the random number to the second party equipment through secure communication connection, so that the first party equipment and the second party equipment respectively form a shared random number shared by the two parties according to the random numbers held by the first party equipment and the second party equipment.

In an application example of the present invention, it is assumed that the first-party device is a client and the second-party device is a server. The first party device may invoke the first security module and generate a random number, such as a client _ random, via the first security module. Likewise, the second party device may invoke a second security module, through which a random number, such as server _ random, is generated. Through secure communication connection, the first party device and the second party device can exchange respectively generated random numbers, so that the first party device and the second party device respectively form a shared random number shared by the two parties according to the respectively held random numbers. For example, the shared random number may be composed according to the client _ random and the server _ random.

The shared random number may be used with a premaster secret to generate a master secret. Optionally, the invoking a first security module according to the first pre-master key handle to enable the first security module to generate a master key and a first master key handle corresponding to the master key by using the first pre-master key handle may specifically include:

and calling a first security module according to the first pre-master key handle and the shared random number, so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle and the shared random number.

Specifically, the first party device may call a first interface of the first secure module according to the first pre-master key handle and the shared random number, and the first secure module generates and stores the master key by using the first pre-master key handle and the shared random number, and returns the first master key handle corresponding to the master key to the first party device.

In an optional embodiment of the present invention, the encrypting data to be transmitted according to the work key or the work key handle may specifically include:

calling a fourth interface of the first security module according to the working key handle, so that the first security module encrypts the data to be transmitted by using the working key handle, and calculates a check value of the data to be transmitted to perform integrity check; or alternatively

And encrypting the data to be transmitted according to the working key, and calculating a check value of the data to be transmitted by utilizing the working key to perform integrity check.

The embodiment of the invention can provide two encryption schemes, one scheme is that the first security module returns a work key handle to the first party equipment after calculating and generating the work key. When encrypting data to be transmitted, the first party equipment calls the fourth interface of the first security module according to the work key handle so that the first security module obtains a stored work key through the work key handle, encrypts the data to be transmitted by using the work key, and performs integrity check on a calculation check value of the data to be transmitted by using the work key.

The other scheme is that the first security module returns the work key to the first party device after calculating and generating the work key. And the first party equipment encrypts the data to be transmitted according to the working key and calculates a check value of the data to be transmitted by utilizing the working key to carry out integrity check.

In an optional embodiment of the present invention, the working key specifically may include: an encryption key and a verification key; the work key handle may specifically include: an encryption key handle corresponding to an encryption key in the first secure module, and a verification key handle corresponding to a verification key in the first secure module.

The encryption key is used for encrypting data to obtain encrypted data. The check key is used for carrying out integrity check on the data. The encryption key handle corresponds to an encryption key in the first secure module, i.e. the encryption key handle is used to point to an encryption key stored in the first secure module. The check key handle corresponds to a check key in the first secure module, that is, the check key handle is used to point to a check key stored in the first secure module.

It is to be understood that the working key may include other keys required by TLS (Transport Layer Security), in addition to the encryption key and the verification key, and the specific type of the working key is not limited by the embodiment of the present invention.

In an optional embodiment of the present invention, the encrypting, by the first security module, the data to be transmitted by using the work key handle may specifically include:

s51, the first security module acquires an encryption key in the first security module according to the encryption key handle, and acquires a verification key in the first security module according to the verification key handle;

and S52, encrypting the data to be transmitted by using the encryption key to obtain the encrypted data to be transmitted, and calculating a message hash value of the encrypted data to be transmitted by using the verification key to obtain a message hash value corresponding to the encrypted data to be transmitted.

The first-party device may call the fourth interface of the first security module, and input the data to be transmitted and the work key handle to the first security module, where the work key handle may include an encryption key handle and a verification key handle. The first security module obtains the encryption key stored in the first security module according to the encryption key handle, and obtains the verification key stored in the first security module according to the verification key handle. The method comprises the steps that first-party equipment encrypts data to be transmitted by using an encryption key to obtain encrypted data to be transmitted so as to ensure the security of the data; and calculating a message hash value of the encrypted data to be transmitted by using the verification key to obtain the message hash value corresponding to the encrypted data to be transmitted so as to ensure the integrity of the data.

In an optional embodiment of the present invention, after acquiring the work key returned by the first security module or the work key handle corresponding to the work key, the method may further include:

step S61, calculating the hash value of the handshake ending message by using the first master key handle to obtain the hashed handshake ending message;

step S62, sending the hashed handshake end message to the second party device.

During the communication between the first-party device and the second-party device, a handshake termination procedure is used to verify whether the key exchange is successful. The embodiment of the invention can also encrypt and verify the handshake receiving message so as to ensure the safety and the integrity of the handshake receiving message.

Specifically, assuming that the first-party device is an initiator of the handshake termination message, the first-party device may invoke the first security module according to the handshake termination message, and the first security module calculates a hash value for the handshake termination message by using the first master key handle, to obtain a hashed handshake termination message, and sends the hashed handshake termination message to a responder (e.g., a second-party device) of the handshake termination message. The hash value may specifically be a MAC value of a handshake termination message, and is used to check the integrity of the handshake termination message.

Furthermore, the first party device may also call the first security module according to the handshake end message and the working key handle, where the first security module encrypts the handshake end message by using the encryption key handle in the working key handle, and signs the encrypted handshake end message by using the verification key handle in the working key handle. And after receiving the handshake finishing message of the first party equipment, the second party equipment calls the second safety module to finish the verification of the handshake finishing message, and the handshake process is finished.

In an optional embodiment of the invention, the method may further comprise:

and after the communication is finished, the first party equipment and the second party equipment destroy the premaster secret key, the master secret key and the working secret key generated in the communication process respectively through respective safety modules.

Specifically, after the communication between the first party device and the second party device is finished, the first party device may send a key destruction instruction to the first security module, and after the first security module receives the key destruction instruction, the key destruction operation is executed to destroy the premaster secret key, the master secret key and the work secret key generated in the communication process. For example, the premaster secret key, the master secret key and the working secret key generated in the communication process are deleted, wherein the premaster secret key, the master secret key and the working secret key are stored in the first security module. Similarly, the second party device may send a key destruction instruction to the second security module, and after receiving the key destruction instruction, the second security module executes a key destruction operation to destroy the premaster key, the master key, and the work key generated in the communication process. For example, the premaster secret key, the master secret key and the working secret key generated in the communication process are deleted and stored in the second security module. Therefore, the problem of resource waste caused by a large amount of useless key data stored in the first security module and the second security module can be avoided.

In summary, in the embodiment of the present invention, a first party device calls a first secure module according to a first pre-master key handle, so that the first secure module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle, and obtains the first master key handle returned by the first secure module; the first party equipment calls the first security module according to the first master key handle, so that the first security module generates a work key and a work key handle corresponding to the work key by using the first master key handle, and acquires the work key or the work key handle returned by the first security module; and the first party equipment encrypts the data to be transmitted according to the working key or the working key handle in the process of data transmission with the second party equipment.

According to the embodiment of the invention, the first party equipment does not execute the key calculation in the memory of the computer, but calls the first security module, executes the key calculation through the first security module, generates the key data such as the master key and the working key, and stores the key data in the first security module, and can only return the key handle to the first party equipment without returning the key data. Therefore, the security risk caused by the calculation of the key in the memory of the computer can be avoided, a hacker program is effectively prevented from stealing and even tampering the key data, the security of the key data can be improved, and the security of data transmission in the communication process of the first-party equipment and the second-party equipment can be further ensured.

In order to describe the data processing method provided by the embodiment of the present invention more clearly, the following describes the steps of the data processing method in detail by using a specific example, in this example, a first party device is an initiator (client), a second party device is a responder (server), and the following steps may be specifically included:

the first step is as follows: the handshake starts the process, both the initiator (client) and the responder (server) exchange hello messages, both generate random numbers through their security modules and complete the exchange process.

Specifically, the initiator may generate a random number client _ random through the first security module, and the responder may generate a random number server _ random through the second security module.

Through the secure communication connection, the initiator and the responder exchange respectively generated random numbers, so that the initiator and the responder respectively form a shared random number shared by the two parties according to the respectively held random numbers.

The second step is that: and in the identity verification process, the initiator and the responder complete the process of bidirectional authentication based on the verification mode of the digital certificate.

The third step: and a key exchange process, wherein the pre-master key is generated through negotiation.

The process of negotiating to generate the premaster secret can adopt any one of the two manners.

Taking the second way as an example, the initiator Fang Diaoyong generates a key parameter by the first security module, and sends the key parameter to the responder through secure communication connection, so that the initiator and the responder respectively form a shared parameter common to both parties according to the key parameters held by the initiator and the responder. And the initiator calls the first security module according to the sharing parameters, the first security module generates a premaster secret key and a first premaster secret key handle corresponding to the premaster secret key according to the sharing parameters and a specified cryptographic algorithm, and the initiator acquires the first premaster secret key handle returned by the first security module.

Similarly, the responder calls a second security module according to the shared parameter, the second security module generates a premaster secret key and a second premaster secret key handle corresponding to the premaster secret key according to the shared parameter and a specified cryptographic algorithm, and the responder obtains the second premaster secret key handle returned by the second security module.

The fourth step: and in the key generation process, the initiator and the responder call respective security modules to generate a master key and a working key.

Specifically, the initiator calls a first security module according to a first pre-master key handle and a shared random number obtained by the first-step negotiation, so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle and the shared random number; the initiator acquires the first master key handle returned by the first security module and calls the first security module according to the first master key handle so that the first security module generates a work key and a first work key handle corresponding to the work key by using the first master key handle; the initiator acquires a work key or a first work key handle returned by the first security module, wherein the first work key handle comprises: a first encryption key handle and a first verification key handle.

Similarly, the responder calls a second security module according to a second pre-master key handle and the shared random number obtained by the first-step negotiation, so that the second security module generates a master key and a second master key handle corresponding to the master key by using the second pre-master key handle and the shared random number; the responder acquires a second master key handle returned by the second security module, and calls the second security module according to the second master key handle, so that the second security module generates a work key and a second work key handle corresponding to the work key by using the second master key handle; the responder acquires a work key or a second work key handle returned by the second security module, wherein the second work key handle comprises: a second encryption key handle and a second verification key handle.

The fifth step: and the handshake finishes the process, and whether the key exchange process is successful is verified.

The handshake ending process is used to verify whether the key exchange process is successful, specifically, an initiator (e.g., a first party device) calls a first security module in the handshake ending message, and the first security module calculates a hash value for the handshake ending message by using a first master key handle to obtain a hashed handshake ending message, and sends the hashed handshake ending message to a responder (e.g., a second party device). The hash value may specifically be a MAC value of the handshake termination message, and is used to check the integrity of the handshake termination message.

Further, the initiator may also invoke a first security module, and the first security module encrypts the handshake end message using a first encryption key handle of the working key, and signs the encrypted handshake end message using a first verification key handle of the working key. And after receiving the handshake finishing message of the initiator, the responder calls the second safety module to finish verification, and the handshake process is finished.

And a sixth step: in the process of data security communication, the initiator and the responder call respective security modules to encrypt and sign data, so that data security transmission is performed.

Specifically, in response to Fang Diaoyong the second security module, the second security module obtains the encryption key in the second security module according to the second encryption key handle, and obtains the verification key in the second security module according to the second verification key handle; and calculating a message hash value of the encrypted data to be transmitted by using the verification key to obtain a message hash value corresponding to the encrypted data to be transmitted so as to sign the data to be transmitted. And the responder sends the encrypted and signed data to be transmitted to the initiator through the secure communication connection.

After receiving data sent by a responder, an initiator initiates Fang Diaoyong a first security module, and the first security module acquires an encryption key in the first security module according to a first encryption key handle and acquires a verification key in the first security module according to the first verification key handle; and carrying out integrity verification on the received data by using the verification key, and decrypting the received data by using the encryption key to obtain decrypted data.

It should be noted that, for simplicity of description, the method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present invention is not limited by the illustrated order of acts, as some steps may occur in other orders or concurrently in accordance with the embodiments of the present invention. Further, those skilled in the art will appreciate that the embodiments described in the specification are presently preferred and that no particular act is required to implement the invention.

Device embodiment

Referring to fig. 2, a block diagram of a data processing apparatus according to an embodiment of the present invention is shown, and the apparatus is applied to a first device, and specifically may include:

a first calling module 201, configured to call a first security module according to a first premaster secret key handle, so that the first security module generates a master secret key and a first premaster secret key handle corresponding to the master secret key by using the first premaster secret key handle;

a first obtaining module 202, configured to obtain the first master key handle returned by the first security module;

a second calling module 203, configured to call the first security module according to the first master key handle, so that the first security module generates a working key and a working key handle corresponding to the working key by using the first master key handle;

a second obtaining module 204, configured to obtain the work key or the work key handle returned by the first security module;

and a transmission encryption module 205, configured to encrypt data to be transmitted according to the working key or the working key handle during data transmission with the second party device.

Optionally, the first invoking module 201 is specifically configured to invoke a first interface of the first secure module according to the first pre-master key handle, so that the first secure module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle;

the second calling module 203 is specifically configured to call a second interface of the first security module according to the first master key handle, so that the first security module generates a work key and a work key handle corresponding to the work key by using the first master key handle.

Optionally, the apparatus may further include:

a third calling module, configured to call a third interface of the first security module, so that the first security module generates a premaster secret key and a first premaster secret key handle corresponding to the premaster secret key;

and the third acquisition module is used for acquiring the first pre-master key handle returned by the first security module.

Optionally, the apparatus may further include:

a pre-master key agreement module, configured to negotiate with the second party device based on a shared parameter to obtain the first pre-master key handle; wherein the sharing parameters include: the system comprises a temporary public and private key pair of two parties, identity identifications of the two parties and key data length.

Optionally, the apparatus may further include:

a fourth obtaining module, configured to obtain the premaster secret key returned by the first security module;

the first encryption module is used for encrypting the premaster secret key by using the encryption public key of the second party equipment to obtain an encrypted premaster secret key;

the first sending module is used for sending the encrypted pre-master key to the second party equipment so that the second party equipment inputs the encrypted pre-master key into the second security module for decryption and storage, and obtains a second pre-master key handle returned by the second security module, wherein the second pre-master key handle corresponds to the pre-master key in the second security module.

Optionally, the apparatus may further include:

a fifth obtaining module, configured to obtain the random number generated by the first security module;

a second sending module, configured to send the random number to the second party device through a secure communication connection, so that the first party device and the second party device respectively form a shared random number shared by both parties according to the random numbers held by the first party device and the second party device;

the first invoking module is specifically configured to invoke a first security module according to the first pre-master key handle and the shared random number, so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle and the shared random number.

Optionally, the transmission encryption module 205 may specifically include:

the second encryption module is used for calling a fourth interface of the first security module according to the working key handle so that the first security module encrypts the data to be transmitted by using the working key handle and performs integrity check on a calculated check value of the data to be transmitted; or alternatively

And the third encryption module is used for encrypting the data to be transmitted according to the working key and carrying out integrity verification on a calculated verification value of the data to be transmitted by utilizing the working key.

Optionally, the working key includes: an encryption key and a verification key; the work key handle includes: an encryption key handle corresponding to an encryption key in the first secure module, and a verification key handle corresponding to a verification key in the first secure module.

Optionally, the second encryption module may specifically include:

the key obtaining sub-module is used for obtaining the encryption key in the first security module by the first security module according to the encryption key handle and obtaining the verification key in the first security module according to the verification key handle;

and the data encryption submodule is used for encrypting the data to be transmitted by using the encryption key to obtain encrypted data to be transmitted, and calculating a message hash value of the encrypted data to be transmitted by using the verification key to obtain a message hash value corresponding to the encrypted data to be transmitted.

Optionally, the apparatus may further include:

the message hashing module is used for calculating a hash value of the handshake ending message by using the first master key handle to obtain the hashed handshake ending message;

a third sending module, configured to send the hashed handshake end message to the second party device.

For the device embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.

The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.

With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.

An embodiment of the present invention provides an apparatus for data processing, comprising a memory, and one or more programs, wherein the one or more programs are stored in the memory, and the one or more programs configured to be executed by the one or more processors include instructions for: calling a first security module according to a first pre-master key handle, so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle; acquiring the first master key handle returned by the first security module; calling the first security module according to the first master key handle, so that the first security module generates a work key and a work key handle corresponding to the work key by using the first master key handle; acquiring the work key or the work key handle returned by the first security module; and encrypting data to be transmitted according to the working key or the working key handle in the process of data transmission with the second party equipment.

Fig. 3 is a block diagram illustrating an apparatus 800 for data processing in accordance with an example embodiment. For example, the apparatus 800 may be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a game console, a tablet device, a medical device, an exercise device, a personal digital assistant, and the like.

Referring to fig. 3, the apparatus 800 may include one or more of the following components: processing component 802, memory 804, power component 806, multimedia component 808, audio component 810, input/output (I/O) interface 812, sensor component 814, and communication component 816.

The processing component 802 generally controls overall operation of the device 800, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing elements 802 may include one or more processors 820 to execute instructions to perform all or a portion of the steps of the methods described above. Further, the processing component 802 can include one or more modules that facilitate interaction between the processing component 802 and other components. For example, the processing component 802 may include a multimedia module to facilitate interaction between the multimedia component 808 and the processing component 802.

The memory 804 is configured to store various types of data to support operation at the device 800. Examples of such data include instructions for any application or method operating on device 800, contact data, phonebook data, messages, pictures, videos, and so forth. The memory 804 may be implemented by any type or combination of volatile or non-volatile memory devices, such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.

Power components 806 provide power to the various components of device 800. The power components 806 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power for the apparatus 800.

The multimedia component 808 includes a screen that provides an output interface between the device 800 and a user. In some embodiments, the screen may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 808 includes a front facing camera and/or a rear facing camera. The front-facing camera and/or the rear-facing camera may receive external multimedia data when the device 800 is in an operating mode, such as a shooting mode or a video mode. Each front camera and rear camera may be a fixed optical lens system or have a focal length and optical zoom capability.

The audio component 810 is configured to output and/or input audio signals. For example, the audio component 810 includes a Microphone (MIC) configured to receive external audio signals when the apparatus 800 is in an operational mode, such as a call mode, a recording mode, and a voice information processing mode. The received audio signals may further be stored in the memory 804 or transmitted via the communication component 816. In some embodiments, audio component 810 also includes a speaker for outputting audio signals.

The I/O interface 812 provides an interface between the processing component 802 and peripheral interface modules, which may be keyboards, click wheels, buttons, etc. These buttons may include, but are not limited to: a home button, a volume button, a start button, and a lock button.

The sensor assembly 814 includes one or more sensors for providing various aspects of state assessment for the device 800. For example, the sensor assembly 814 may detect the open/closed state of the device 800, the relative positioning of the components, such as a display and keypad of the apparatus 800, the sensor assembly 814 may also detect a change in position of the apparatus 800 or a component of the apparatus 800, the presence or absence of user contact with the apparatus 800, orientation or acceleration/deceleration of the apparatus 800, and a change in temperature of the apparatus 800. Sensor assembly 814 may include a proximity sensor configured to detect the presence of a nearby object without any physical contact. The sensor assembly 814 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 814 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.

The communication component 816 is configured to facilitate communications between the apparatus 800 and other devices in a wired or wireless manner. The device 800 may access a wireless network based on a communication standard, such as WiFi,2G or 3G, or a combination thereof. In an exemplary embodiment, the communication component 816 receives broadcast signals or broadcast related information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, the communication component 816 further includes a Near Field Communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on radio frequency information processing (RFID) technology, infrared data association (IrDA) technology, ultra Wideband (UWB) technology, bluetooth (BT) technology, and other technologies.

In an exemplary embodiment, the apparatus 800 may be implemented by one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital Signal Processing Devices (DSPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), controllers, micro-controllers, microprocessors or other electronic components for performing the above-described methods.

In an exemplary embodiment, a non-transitory computer-readable storage medium comprising instructions, such as the memory 804 comprising instructions, executable by the processor 820 of the device 800 to perform the above-described method is also provided. For example, the non-transitory computer readable storage medium may be a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.

Fig. 4 is a schematic diagram of a server in some embodiments of the invention. The server 1900 may vary widely by configuration or performance and may include one or more Central Processing Units (CPUs) 1922 (e.g., one or more processors) and memory 1932, one or more storage media 1930 (e.g., one or more mass storage devices) storing applications 1942 or data 1944. Memory 1932 and storage medium 1930 can be, among other things, transient or persistent storage. The program stored in the storage medium 1930 may include one or more modules (not shown), each of which may include a sequence of instructions operating on a server. Still further, a central processor 1922 may be provided in communication with the storage medium 1930 to execute a series of instruction operations in the storage medium 1930 on the server 1900.

The server 1900 may also include one or more power supplies 1926, one or more wired or wireless network interfaces 1950, one or more input-output interfaces 1958, one or more keyboards 1956, and/or one or more operating systems 1941, such as Windows Server, mac OS XTM, unixTM, linuxTM, freeBSDTM, etc.

A non-transitory computer-readable storage medium in which instructions, when executed by a processor of an apparatus (server or terminal), enable the apparatus to perform the data processing method shown in fig. 1.

A non-transitory computer readable storage medium in which instructions, when executed by a processor of an apparatus (server or terminal), enable the apparatus to perform a data processing method, the method comprising: calling a first security module according to a first pre-master key handle, so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle; acquiring the first master key handle returned by the first security module; calling the first security module according to the first master key handle so that the first security module generates a working key and a working key handle corresponding to the working key by using the first master key handle; acquiring the work key or the work key handle returned by the first security module; and encrypting data to be transmitted according to the working key or the working key handle in the process of data transmission with the second party equipment.

The embodiment of the invention discloses A1 and a data processing method, which is applied to first-party equipment and comprises the following steps:

acquiring the first master key handle returned by the first security module;

A2, according to the method in A1, the calling the first security module according to the first pre-master key handle, so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle, includes:

calling a first interface of the first security module according to the first pre-master key handle so that the first security module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle;

A3, before the calling the first security module according to the first pre-master key handle according to the method of A1, the method further includes: calling a third interface of the first security module to enable the first security module to generate a premaster secret key and a first premaster secret key handle corresponding to the premaster secret key;

and acquiring the first pre-master key handle returned by the first security module.

Before the calling the first security module according to the first pre-master key handle according to the method described in A1, the method further includes:

A5, according to the method in A3, after the third interface of the first secure module is called, so that the first secure module generates a premaster secret and a first premaster secret handle corresponding to the premaster secret, the method further includes:

acquiring the premaster secret key returned by the first security module;

encrypting the premaster secret key by using the encryption public key of the second party equipment to obtain an encrypted premaster secret key;

and sending the encrypted premaster secret key to the second party equipment so that the second party equipment inputs the encrypted premaster secret key into a second security module for decryption and storage, and acquiring a second premaster secret key handle returned by the second security module, wherein the second premaster secret key handle corresponds to the premaster secret key in the second security module.

A6, before the calling the first security module according to the first pre-master key handle according to the method of A1, the method further includes:

acquiring a random number generated by the first security module;

sending the random numbers to the second party equipment through secure communication connection, so that the first party equipment and the second party equipment respectively form shared random numbers shared by the two parties according to the random numbers held by the first party equipment and the second party equipment;

the calling a first security module according to a first pre-master key handle to enable the first security module to generate a master key and a first master key handle corresponding to the master key by using the first pre-master key handle includes:

A7, according to the method in A1, encrypting the data to be transmitted according to the working key or the working key handle includes:

calling a fourth interface of the first security module according to the working key handle so that the first security module encrypts the data to be transmitted by using the working key handle and performs integrity check on a calculated check value of the data to be transmitted; or

A8, according to the method in A7, the working key includes: an encryption key and a verification key; the work key handle includes: an encryption key handle corresponding to an encryption key in the first secure module, and a verification key handle corresponding to a verification key in the first secure module.

A9, according to the method in A8, the first security module encrypts the data to be transmitted by using the working key handle, including:

the first security module acquires an encryption key in the first security module according to the encryption key handle, and acquires a verification key in the first security module according to the verification key handle;

and calculating a message hash value of the encrypted data to be transmitted by using the verification key to obtain a message hash value corresponding to the encrypted data to be transmitted.

A10, according to the method described in A1, after the obtaining of the work key returned by the first security module or the work key handle corresponding to the work key, the method further includes:

calculating the hash value of the handshake ending message by using the first master key handle to obtain the hashed handshake ending message;

and sending the hashed handshake end message to the second party device.

The embodiment of the invention discloses B11 and a data processing device, which is applied to first-party equipment and comprises the following components:

B12, according to the apparatus described in B11, the first invoking module is specifically configured to invoke a first interface of the first secure module according to the first pre-master key handle, so that the first secure module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle;

the second calling module is specifically configured to call a second interface of the first security module according to the first master key handle, so that the first security module generates a work key and a work key handle corresponding to the work key by using the first master key handle.

The embodiment of the invention discloses C21, a device for data processing, which comprises a memory and one or more programs, wherein the one or more programs are stored in the memory, and the one or more programs are configured to be executed by one or more processors and comprise instructions for:

acquiring the first master key handle returned by the first security module;

C22, the apparatus according to C21, wherein the invoking the first secure module according to the first pre-master key handle to enable the first secure module to generate a master key and a first master key handle corresponding to the master key by using the first pre-master key handle includes:

C23, the device of C21, the device also configured to execute the one or more programs by one or more processors including instructions for:

calling a third interface of the first security module to enable the first security module to generate a premaster secret key and a first premaster secret key handle corresponding to the premaster secret key;

C24, the device of C21, the device also configured to execute the one or more programs by one or more processors including instructions for:

C25, the device of C23, the device also configured to execute the one or more programs by the one or more processors including instructions for:

acquiring the premaster secret key returned by the first security module;

C26, the device of C23, the device also configured to execute the one or more programs by the one or more processors including instructions for:

acquiring a random number generated by the first security module;

sending the random number to the second party equipment through secure communication connection, so that the first party equipment and the second party equipment respectively form a shared random number shared by the two parties according to the random numbers held by the first party equipment and the second party equipment;

C27, the apparatus according to C21, where encrypting data to be transmitted according to the working key or the working key handle includes:

C28, the apparatus according to C27, wherein the working key includes: an encryption key and a verification key; the work key handle includes: an encryption key handle corresponding to an encryption key in the first secure module, and a verification key handle corresponding to a verification key in the first secure module.

C29, according to the apparatus described in C28, the encrypting, by the first security module, the data to be transmitted by using the work key handle includes:

C30, the device of C21, the device also configured to execute the one or more programs by one or more processors including instructions for:

calculating a hash value of a handshake ending message by using the first master key handle to obtain a hashed handshake ending message;

and sending the hashed handshake end message to the second party device.

Embodiments of the present invention disclose D31, a machine-readable medium having instructions stored thereon, which when executed by one or more processors, cause an apparatus to perform a data processing method as described in one or more of A1-a 10.

Other embodiments of the invention will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. The invention is intended to cover any variations, uses, or adaptations of the invention following, in general, the principles of the invention and including such departures from the present disclosure as come within known or customary practice within the art to which the invention pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the invention being indicated by the following claims.

It will be understood that the invention is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the invention is limited only by the appended claims.

The above description is only for the purpose of illustrating the preferred embodiments of the present invention and should not be taken as limiting the scope of the present invention, which is intended to cover any modifications, equivalents, improvements, etc. within the spirit and scope of the present invention.

The data processing method, the data processing apparatus and the apparatus for processing data provided by the present invention are described in detail above, and specific examples are applied herein to explain the principles and embodiments of the present invention, and the descriptions of the above embodiments are only used to help understand the method and the core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present invention.

Claims

1. A data processing method, applied to a first-party device, the method comprising:

acquiring the first master key handle returned by the first security module;

encrypting data to be transmitted according to the working key or the working key handle in the process of data transmission with second-party equipment; the data to be transmitted is encrypted according to the work key handle, namely the first security module is called to transmit the work key handle and the data to be transmitted to the first security module, so that the first security module obtains a stored work key according to the work key handle and encrypts the data to be transmitted by using the work key.

2. The method of claim 1, wherein invoking the first security module according to the first pre-master key handle to cause the first security module to generate the master key and the first master key handle corresponding to the master key using the first pre-master key handle comprises:

3. The method of claim 1, wherein prior to invoking the first security module based on the first pre-master key handle, the method further comprises: calling a third interface of the first security module to enable the first security module to generate a premaster secret key and a first premaster secret key handle corresponding to the premaster secret key;

4. The method of claim 1, wherein prior to invoking the first security module based on the first pre-master key handle, the method further comprises:

5. The method of claim 3, wherein after invoking the third interface of the first secure module to cause the first secure module to generate a premaster secret and a first premaster secret handle corresponding to the premaster secret, the method further comprises:

acquiring the premaster secret key returned by the first security module;

6. The method of claim 1, wherein prior to invoking the first security module based on the first pre-master key handle, the method further comprises:

acquiring a random number generated by the first security module;

7. The method according to claim 1, wherein the encrypting the data to be transmitted according to the work key or the work key handle comprises:

8. The method of claim 7, wherein the working key comprises: an encryption key and a verification key; the work key handle includes: an encryption key handle corresponding to an encryption key in the first secure module, and a verification key handle corresponding to a verification key in the first secure module.

9. The method of claim 8, wherein the first security module encrypts the data to be transmitted using the working key handle, comprising:

10. The method according to claim 1, wherein after obtaining the work key returned by the first security module or the work key handle corresponding to the work key, the method further comprises:

and sending the hashed handshake end message to the second party device.

11. A data processing apparatus, for application to a first party device, the apparatus comprising:

the second acquisition module is used for acquiring the working key or the working key handle returned by the first security module;

the transmission encryption module is used for encrypting data to be transmitted according to the working key or the working key handle in the process of data transmission with second-party equipment; the encryption of the data to be transmitted according to the work key handle means that the first security module is called to transmit the work key handle and the data to be transmitted to the first security module, so that the first security module obtains a stored work key according to the work key handle and encrypts the data to be transmitted by using the work key.

12. The apparatus according to claim 11, wherein the first invoking module is specifically configured to invoke the first interface of the first secure module according to the first pre-master key handle, so that the first secure module generates a master key and a first master key handle corresponding to the master key by using the first pre-master key handle;

13. The apparatus of claim 11, further comprising:

14. The apparatus of claim 11, further comprising:

15. The apparatus of claim 13, further comprising:

and the first sending module is used for sending the encrypted pre-master key to the second party equipment so as to enable the second party equipment to input the encrypted pre-master key into the second security module for decryption and storage, and obtain a second pre-master key handle returned by the second security module, wherein the second pre-master key handle corresponds to the pre-master key in the second security module.

16. The apparatus of claim 11, further comprising:

a second sending module, configured to send the random number to the second party device through secure communication connection, so that the first party device and the second party device respectively form a shared random number shared by both parties according to the random numbers held by the first party device and the second party device;

17. The apparatus of claim 11, wherein the transport encryption module comprises:

the second encryption module is used for calling a fourth interface of the first security module according to the working key handle so that the first security module encrypts the data to be transmitted by using the working key handle and performs integrity check on a calculated check value of the data to be transmitted; or

18. The apparatus of claim 17, wherein the working key comprises: an encryption key and a verification key; the work key handle includes: an encryption key handle corresponding to an encryption key in the first secure module, and a verification key handle corresponding to a verification key in the first secure module.

19. The apparatus of claim 18, wherein the second encryption module comprises:

20. The apparatus of claim 11, further comprising:

21. An apparatus for data processing, applied to a first party device, comprising a memory, and one or more programs, wherein the one or more programs are stored in the memory, and wherein execution of the one or more programs by one or more processors includes instructions for:

acquiring the first master key handle returned by the first security module;

encrypting data to be transmitted according to the working key or the working key handle in the process of data transmission with second-party equipment; the encryption of the data to be transmitted according to the work key handle means that the first security module is called to transmit the work key handle and the data to be transmitted to the first security module, so that the first security module obtains a stored work key according to the work key handle and encrypts the data to be transmitted by using the work key.

22. The apparatus as claimed in claim 21, wherein said invoking the first security module according to the first pre-master key handle to cause the first security module to generate the master key and the corresponding first master key handle using the first pre-master key handle comprises:

23. The device of claim 21, wherein the device is also configured to execute the one or more programs by one or more processors includes instructions for:

24. The device of claim 21, wherein the device is also configured to execute the one or more programs by one or more processors includes instructions for:

negotiating with the second party device to obtain the first pre-master key handle based on a sharing parameter; wherein the sharing parameters include: the key pair is a temporary public and private key pair, the identity of the two parties and the data length of the key.

25. The device of claim 23, wherein the device is also configured to execute the one or more programs by one or more processors includes instructions for:

acquiring the premaster secret key returned by the first security module;

26. The device of claim 23, wherein the device is also configured to execute the one or more programs by one or more processors includes instructions for:

acquiring a random number generated by the first security module;

27. The apparatus of claim 21, wherein the encrypting the data to be transmitted according to the work key or the work key handle comprises:

calling a fourth interface of the first security module according to the working key handle, so that the first security module encrypts the data to be transmitted by using the working key handle, and calculates a check value of the data to be transmitted to perform integrity check; or

28. The apparatus of claim 27, wherein the working key comprises: an encryption key and a verification key; the work key handle includes: an encryption key handle corresponding to an encryption key in the first secure module, and a verification key handle corresponding to a verification key in the first secure module.

29. The apparatus of claim 28, wherein the first security module encrypts the data to be transmitted using the working key handle, comprising:

30. The device of claim 21, wherein the device is also configured to execute the one or more programs by one or more processors includes instructions for:

and sending the hashed handshake end message to the second party device.

31. A machine-readable medium having stored thereon instructions which, when executed by one or more processors, cause an apparatus to perform the data processing method of any of claims 1 to 10.