CN112906063B - Digital digest algorithm processing equipment method, device, system and equipment - Google Patents
Digital digest algorithm processing equipment method, device, system and equipment Download PDFInfo
- Publication number
- CN112906063B CN112906063B CN202110217374.9A CN202110217374A CN112906063B CN 112906063 B CN112906063 B CN 112906063B CN 202110217374 A CN202110217374 A CN 202110217374A CN 112906063 B CN112906063 B CN 112906063B
- Authority
- CN
- China
- Prior art keywords
- algorithm
- digital
- digital digest
- sip
- response message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004422 calculation algorithm Methods 0.000 title claims abstract description 450
- 238000000034 method Methods 0.000 title claims abstract description 51
- 238000012545 processing Methods 0.000 title claims abstract description 43
- 238000012795 verification Methods 0.000 claims abstract description 70
- 238000003672 processing method Methods 0.000 claims abstract description 17
- 230000004044 response Effects 0.000 claims description 126
- 239000003795 chemical substances by application Substances 0.000 claims 3
- 239000000758 substrate Substances 0.000 claims 1
- 238000004590 computer program Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 6
- 238000004364 calculation method Methods 0.000 description 5
- 239000000284 extract Substances 0.000 description 4
- 238000012544 monitoring process Methods 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 239000000523 sample Substances 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000011022 operating instruction Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5027—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
- G06F9/5038—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals considering the execution order of a plurality of tasks, e.g. taking priority or time dependency constraints into consideration
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Telephonic Communication Services (AREA)
Abstract
The specification provides a digital digest algorithm processing method, a digital digest algorithm processing device, a digital digest algorithm processing system and digital digest algorithm processing equipment. The method comprises the following steps: the SIP server responds to a first registration request of the SIP client to select a first digital summary algorithm and provide the first digital summary algorithm for the SIP client, the SIP server verifies the digital summary result returned by the SIP client, if the verification result is not passed, the digital summary algorithm is replaced and provided for the SIP client to recalculate the digital summary result, and the digital summary result returned by the SIP client is verified again until the digital summary result returned by the SIP client passes the verification and records the digital summary algorithm adopted by the SIP client. Therefore, aiming at the situation that the digital digest algorithm of the equipment or the platform is not clear, the digital digest authentication algorithm supported by the SIP clients can be detected by adopting a mode of continuously changing different digital digest authentication algorithms, and the problem of incompatibility caused by the difference of the digital digest algorithms of a plurality of SIP clients is solved.
Description
Technical Field
The present document relates to the field of communications technologies, and in particular, to a method, an apparatus, a system, and a device for processing a digital summary algorithm.
Background
The key is not allowed to be transmitted between two communication parties, so that even if the result of plaintext and digest is obtained, the key cannot be decrypted reversely. And the same digest result can be obtained only if the plaintext and the secret key are consistent and the same digest algorithm is used.
A plurality of digital digest authentication algorithms exist in the market at present, and under the condition that the digital digest authentication algorithm which is necessary to be used is not explicitly described in the national standard protocol for video monitoring, the digital digest authentication algorithms all meet the protocol requirements. The situation causes that whether the equipment is accessed or the monitoring platform is cascaded, the point-to-point access modulation can be only carried out aiming at different projects, different manufacturers, different equipment models and different versions of the same model, and the problem of poor compatibility exists. In addition, if a plurality of digital digest mechanisms coexist, equipment or platform manufacturers are required to customize, a certain digital digest algorithm is uniformly used, and even digital digest authentication is not performed, so that the safety is greatly reduced.
Therefore, there is a need to provide a digital digest processing scheme that improves compatibility without affecting security.
Disclosure of Invention
The embodiment of the specification provides a digital digest algorithm processing method, which is used for solving the problem of incompatibility caused by digital digest algorithm differences of a plurality of SIP clients on the premise of not influencing safety.
The embodiment of the specification also provides a digital digest algorithm processing method, which comprises the following steps:
The SIP server responds to a first registration request sent by the SIP client to return a response message, wherein the response message comprises an algorithm identifier corresponding to a first digital summary algorithm selected by the SIP server;
performing digest verification on a first digital digest result returned by the SIP client according to the first digital digest algorithm, wherein the first digital digest result is generated based on a digital digest algorithm supported by the SIP client;
If the verification result is not passed, selecting other digital digest algorithms and returning a response message again until the digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time.
The embodiment of the specification also provides a digital digest algorithm processing method, which comprises the following steps:
the SIP server responds to a first registration request sent by the SIP client to return a response message, wherein the response message comprises an algorithm code, and the algorithm code is used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
Performing digest verification on a first digital digest result returned by the SIP client according to the target digital digest algorithm, wherein the first digital digest result is generated based on the target digital digest algorithm;
if the verification result is not passed, other pre-agreed digital digest algorithms are selected and response information is returned again until the digital digest result returned by the SIP client passes the verification and the digital digest algorithm adopted by the SIP client at this time is recorded.
The embodiment of the specification also provides a digital digest algorithm processing method, which comprises the following steps:
the SIP client sends a first registration request to the SIP server;
receiving a response message returned by the SIP server in response to the first registration request, wherein the response message comprises an algorithm code, and the algorithm code is used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
Identifying a target digital summary algorithm represented by the algorithm code;
And generating a first digital abstract result based on the target digital abstract algorithm and returning the first digital abstract result to the SIP server.
The embodiment of the specification also provides a digital digest algorithm processing device, which comprises:
The sending module is used for responding to a first registration request sent by the SIP client and returning a response message, wherein the response message comprises an algorithm identifier corresponding to a first digital summary algorithm selected by the SIP server;
The processing module is used for carrying out abstract verification on a first digital abstract result returned by the SIP client according to the first digital abstract algorithm, wherein the first digital abstract result is generated based on the digital abstract algorithm supported by the SIP client;
And the circulation module is used for selecting other digital digest algorithms and returning a response message again if the verification result is not passed, until the digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time.
The embodiment of the specification also provides a digital digest algorithm processing device, which comprises:
The sending module is used for responding to a first registration request sent by the SIP client and returning a response message, wherein the response message comprises an algorithm code, and the algorithm code is used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
The processing module is used for carrying out abstract verification on a first digital abstract result returned by the SIP client according to the target digital abstract algorithm, wherein the first digital abstract result is generated based on the target digital abstract algorithm;
And the circulation module is used for selecting other pre-agreed digital digest algorithms and returning a response message again if the verification result is not passed, until the digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time.
The embodiment of the specification also provides a digital digest algorithm processing device, which comprises:
a sending module, configured to send a first registration request to a SIP server;
The receiving module is used for receiving a response message returned by the SIP server in response to the first registration request, wherein the response message comprises an algorithm code, and the algorithm code is used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
The identification module is used for identifying a target digital abstract algorithm represented by the algorithm code;
and the processing module is used for generating a first digital abstract result based on the target digital abstract algorithm and returning the first digital abstract result to the SIP server.
The embodiment of the specification also provides a digital digest algorithm processing system, which comprises: SIP server and SIP client, wherein:
the SIP client is used for sending a first registration request to the SIP server;
The SIP server is used for responding to the first registration request and returning a response message to the SIP client, wherein the response message comprises algorithm codes, and the algorithm codes are used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
The SIP client is used for identifying a target digital summary algorithm represented by the algorithm code; generating a first digital abstract result based on the target digital abstract algorithm and returning the first digital abstract result to the SIP server;
The SIP server is used for carrying out abstract verification on the first digital abstract result according to the target digital abstract algorithm; if the verification result is not passed, other pre-agreed digital digest algorithms are selected and response information is returned again until the digital digest result returned by the SIP client passes the verification and the digital digest algorithm adopted by the SIP client at this time is recorded.
The embodiment of the specification also provides an electronic device, including:
A processor; and
A memory arranged to store computer executable instructions which, when executed, cause the processor to perform the steps of the method as described above.
The present specification embodiment also provides a computer-readable storage medium storing one or more programs that when executed by an electronic device comprising a plurality of application programs perform the steps of the method as described above.
According to the embodiment of the specification, aiming at the situation that the digital digest algorithm of the equipment or the platform is not clear, the digital digest authentication algorithm supported by the SIP clients is detected by adopting a mode of continuously changing different digital digest authentication algorithms, so that the problem of incompatibility caused by the difference of the digital digest algorithms of the SIP clients is solved; moreover, in solving this problem, the digital digest authentication algorithm supported by the SIP client is not limited, and therefore, the security thereof is not affected.
Drawings
The accompanying drawings, which are included to provide a further understanding of the specification, illustrate and explain the exemplary embodiments of the present specification and their description, are not intended to limit the specification unduly. In the drawings:
FIG. 1 is a schematic flow chart of a digital summary algorithm processing method according to an embodiment of the present disclosure;
fig. 2 is a flow chart of a digital digest algorithm processing method on the SIP server side according to another embodiment of the present disclosure;
Fig. 3 is a flowchart of a digital digest algorithm processing method on the SIP client side according to another embodiment of the present disclosure;
FIG. 4 is a flowchart of a digital digest algorithm processing method according to another embodiment of the present disclosure;
FIG. 5 is a schematic flow chart of a digital summary algorithm processing device according to an embodiment of the present disclosure;
FIG. 6 is a schematic flow chart of a digital summary algorithm processing device according to another embodiment of the present disclosure;
FIG. 7 is a schematic flow chart of a digital summary algorithm processing device according to another embodiment of the present disclosure;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure.
Detailed Description
For the purposes of making the objects, technical solutions and advantages of the present specification more apparent, the technical solutions of the present specification will be clearly and completely described below with reference to specific embodiments of the present specification and corresponding drawings. It will be apparent that the described embodiments are only some, but not all, of the embodiments of the present specification. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are intended to be within the scope of the present disclosure.
The following describes in detail the technical solutions provided by the embodiments of the present specification with reference to the accompanying drawings.
Fig. 1 is a flow chart of a digital summary algorithm processing method provided in an embodiment of the present disclosure, referring to fig. 1, the method may specifically include the following steps:
step 102, the SIP server responds to a first registration request sent by the SIP client to return a response message, wherein the response message comprises an algorithm identifier corresponding to a first digital summary algorithm selected by the SIP server;
Wherein the algorithm identification is used for distinguishing different digital abstract algorithms; the SIP server provides TCP/UDP/TLS/SSL service based on the SIP protocol, and is used as a server to receive a client connection request, and in the related field of the video monitoring national standard protocol GB28181, the device access service and the platform cascade service are referred to; the SIP client initiates a TCP/UDP/TLS/SSL connection request to the SIP server based on the SIP protocol, and in the related field of GB28181, the SIP client refers to GB28181 protocol equipment and a lower platform gateway of platform cascading; the GB28181 protocol is totally called "technical requirements for information transmission, exchange and control of safety protection video monitoring networking system", and comprises two versions of GB/T28181-2011 and GB/T28181-2016.
It should be noted that, in step 102, the interaction between the SIP server and the SIP client follows the SIP protocol, for example, the first registration request may be a SIP protocol registration request REGISTER, which includes contents agreed by the SIP protocol, such as a source Host address and a port, URL, etc.
The manner in which the SIP server selects the digital digest algorithm in step 102 is described in detail below:
The first implementation method can be as follows:
And sequentially selecting the digital digest algorithms according to the priority order of the digital digest algorithms supported by the SIP server. Specifically: firstly, determining all digital digest algorithms pointed out by a SIP server; and then, respectively configuring different priorities for each digital digest algorithm to obtain a digital digest algorithm list, so that when the SIP server needs to select the digital digest algorithms, the digital digest algorithms can be sequentially selected according to the order of the priorities from high to low.
Among them, there are various schemes for configuring priorities for the digital digest algorithm, and the following may be specifically exemplified:
example 1, from the perspective of big data, statistics of the number of authentication successes, authentication success rates, etc. of the SIP server using each digital digest algorithm, and configuration of the priority of each digital digest algorithm based on the number of authentication successes, authentication success rates, etc. Generally, the higher the number of successful authentications and the higher the authentication success rate, the higher the priority of the digital digest algorithm.
Example 2, from the perspective of a single SIP client, statistics is made of each message digest algorithm used by the single SIP client in history and its authentication success times, authentication success rates, etc., and the priority of each digital digest algorithm is configured for the SIP client based on the authentication success times, authentication success rates, etc.
Based on the first implementation manner, the second implementation manner may be:
The registration request carries identification information corresponding to the SIP client; inquiring whether algorithm identifications associated with the identification information are pre-stored or not; if yes, configuring the highest priority for the digital abstract algorithm corresponding to the algorithm identification; and sequentially selecting the digital digest algorithms according to the priority order of the digital digest algorithms supported by the SIP server.
The identification information corresponding to the SIP client may refer to an identification of the SIP client, or may refer to an identification that indirectly identifies the SIP client, such as a user agent code and an international code (or a unique identifier) of a platform or a device on which the SIP client is installed.
For the second implementation manner, it should be noted that, in the process of historical digital digest authentication of the SIP server and the SIP client, there may be a digital digest result that passes the verification result and a digital digest algorithm used for calculating the same, so that a correspondence between the digital digest algorithm that successfully completes the digital digest authentication in the history and the SIP client may be saved, and when the digital digest authentication needs to be performed on the SIP client again, the digital digest algorithm that successfully completes the digital digest authentication in the history may be preferentially selected. If the digital digest algorithm cannot finish the digital digest authentication at this time, other digital digest algorithms can be selected.
Preferably, to ensure timeliness of the history data, a digital digest algorithm that successfully completes digital digest authentication in the last history may be used as a digital digest algorithm associated with the identification information of the SIP client.
Based on this, the present embodiment provides two possible ways for the SIP server to select the digital digest algorithm based on the two implementation manners in step 102, so that the SIP server can purposefully replace the selected digital digest algorithm from multiple digital digest algorithms, thereby effectively improving the efficiency of the digital digest authentication algorithm supported by the probe client.
Further, the present embodiment further provides a third implementation manner of the SIP server selecting the digital digest algorithm, which may be:
The response message also includes algorithm code for representing a digital digest algorithm reserved by the SIP server and SIP client; accordingly, the first digital digest result is generated based on a digital digest algorithm represented by the algorithm code.
The pre-agreed digital digest algorithm may refer to a digital digest algorithm that can be supported by both the SIP server and the SIP client and an expression mode of different digital digest algorithms, that is, algorithm codes, for example, a first digital digest algorithm may be expressed by algorithm code 1, and a second digital digest algorithm may be expressed by algorithm code 2.
Therefore, the response message returned by the SIP server to the SIP client not only comprises the unique algorithm identification of the digital digest algorithm selected based on the priority order, but also can comprise the algorithm code of the digital digest algorithm pre-agreed by the two parties.
Preferably, if there are a plurality of digital digest algorithms pre-agreed by both parties, the priority of each digital digest algorithm can be reserved, and if the priority is not agreed, the priority can be configured for each agreed digital digest algorithm by combining the first implementation manner and the second implementation manner.
Based on this, the third implementation manner of step 102 provides a manner in which the SIP server and the SIP client agree on the digital digest algorithm, so that the SIP server may select the digital digest algorithm from multiple digital digest algorithms according to the agreements of both parties, thereby further improving the efficiency of the digital digest authentication algorithm supported by the probe client.
Moreover, this embodiment herein illustrates three specific implementations of step 102. Of course, it should be understood that step 102 may be implemented in other manners, which are not limited in this embodiment.
Step 104, according to the first digital digest algorithm, performing digest verification on a first digital digest result returned by the SIP client, where the first digital digest result is generated based on the digital digest algorithm supported by the SIP client;
the digital digest algorithm supported by the SIP client may or may not include the first digital digest algorithm.
That is, after the SIP client receives the response message sent by the SIP server, if the SIP client identifies a supportable first digital digest algorithm, performing digital digest calculation according to the first digital digest algorithm; if the first digital digest algorithm is not supported, the digital digest calculation may be performed according to other digital digest algorithms.
Accordingly, the first implementation of step 104 may be:
In the process of carrying out abstract verification by the SIP server, the SIP server firstly carries out digital abstract calculation according to a first digital abstract algorithm to obtain a reference digital abstract result; then, comparing the consistency of the reference digital digest result and the first digital digest algorithm, and if the reference digital digest result and the first digital digest algorithm are inconsistent, indicating that the digital digest algorithms used by the reference digital digest result and the first digital digest algorithm are different, namely the SIP client does not support the first digital digest algorithm; otherwise, the digital digest algorithm used by the two methods is the same, i.e. the SIP client supports the first digital digest algorithm.
Further, considering that the SIP server may send multiple response messages to the same or multiple SIP clients, and there may be a case that a response message is sent again after a reply of a previous response message has not been received, in order to avoid the influence between response messages, the second implementation manner of step 104 is provided in this embodiment:
the response message also comprises a random code, and the random codes in the response message returned each time are different;
Receiving a second registration request sent by the SIP client, wherein the second registration request comprises the first digital abstract result and a target random code provided by the SIP server; determining a digital summary algorithm included in a target response message corresponding to the target random code; and carrying out abstract verification on the digital abstract result returned by the SIP client according to the digital abstract algorithm included in the target response message.
It will be understood that, since the random codes in the response messages sent by the SIP server each time are different, the uniqueness of each response message can be ensured, for example, the response message 1 includes the random code 1 and the response message 2 includes the random code 2, so that when the registration request of the SIP client is received, the response message and the corresponding digital summary algorithm thereof can be found out based on the random code provided by the SIP server.
Based on this, the second implementation manner of step 104 is based on that, by adding different random codes to different response messages, the method not only can be used by the SIP client to calculate the digital digest result by using the random codes, but also can use the random codes to distinguish each response message, thereby avoiding the influence between response messages, ensuring the consistency between the digital digest algorithm provided by the SIP server and the digital digest algorithm used for verification, and ensuring the detection accuracy of the digital digest authentication algorithm supported by the SIP client.
Moreover, this embodiment herein shows two specific implementations of step 104. Of course, it should be understood that step 104 may be implemented in other manners, which are not limited in this embodiment.
And 106, if the verification result is not passed, selecting other digital digest algorithms and returning a response message again until the digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time.
Specifically: if the digital digest result fed back by the SIP client is different from the digital digest result calculated by the SIP server, determining that the verification result is not passed, reselecting other digital digest algorithms and returning another response message, namely circularly executing the step 102 and the step 104 until the digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time; otherwise, if the digital summary result fed back by the SIP client is the same as the digital summary result calculated by the SIP server, the verification is determined to be passed, and the digital summary algorithm adopted by the SIP client at this time can be recorded as well. When the SIP client is subsequently brought online again, or needs to be re-registered, the authenticated digital digest algorithm can be directly used.
In combination with the foregoing, the identification information corresponding to the SIP client may include identification information of the user agent code, the device or the platform, that is, the second registration request may further include identification information of the user agent code, the device or the platform, and accordingly, the implementation manner of step 106 is:
and establishing and storing the corresponding relation between the user agent code, the identification information of the equipment or the platform and the digital abstract algorithm adopted at this time.
Therefore, according to the embodiment, aiming at the situation that the digital digest algorithm of the equipment or the platform is not clear, the digital digest authentication algorithm supported by the SIP clients is detected by adopting a mode of continuously changing different digital digest authentication algorithms, so that the problem of incompatibility caused by the difference of the digital digest algorithms of the SIP clients is solved; moreover, in solving this problem, the digital digest authentication algorithm supported by the SIP client is not limited, and therefore, the security thereof is not affected.
Fig. 2 is a flow chart of a digital digest algorithm processing method on the SIP server side according to another embodiment of the present disclosure, referring to fig. 2, the method may specifically include the following steps:
Step 202, the SIP server returns a response message in response to a first registration request sent by the SIP client, wherein the response message comprises an algorithm code, and the algorithm code is used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
The pre-agreed digital digest algorithm may refer to a digital digest algorithm that can be supported by both the SIP server and the SIP client and an expression mode of different digital digest algorithms, that is, algorithm codes, for example, a first digital digest algorithm may be expressed by algorithm code 1, and a second digital digest algorithm may be expressed by algorithm code 2.
Further, if the number of the pre-agreed digital digest algorithms is plural, the priority may be configured for each pre-agreed digital digest algorithm by using the priority configuration method in the corresponding embodiment of fig. 1, for example, the pre-agreed digital digest algorithm is sequentially selected according to the priority order of the digital digest algorithms supported by the SIP server, and for example, the highest priority is configured for the digital digest algorithm corresponding to the algorithm identifier managed by the identification information corresponding to the SIP client, and the algorithm code of the digital digest algorithm is selected according to the priority order.
Step 204, according to the target digital digest algorithm, performing digest verification on a first digital digest result returned by the SIP client, where the first digital digest result is generated based on the target digital digest algorithm;
Specifically: after receiving the response message of the SIP server, the SIP client extracts and identifies the algorithm code therein, if the algorithm code is algorithm code 1, then the first digital digest algorithm represented by the SIP client can be identified, and if the algorithm code is algorithm code 2, then the second digital digest algorithm represented by the SIP client can be identified, and the identified digital digest algorithm is used as the target digital digest algorithm to perform digital digest calculation on the transmitted content.
And 206, if the verification result is not passed, selecting other pre-agreed digital digest algorithms and returning a response message again until the digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time.
Specifically: if the verification result is not passed, the SIP client is not used for supporting the target digital digest algorithm, the SIP server can replace another pre-agreed digital digest algorithm and return a response message again, and the SIP client recalculates the digital digest result based on the other pre-agreed digital digest algorithm; and the SIP server verifies the recalculated digital digest result according to the other pre-agreed digital digest algorithm, and so on until the digital digest algorithm supported by the SIP client is detected.
In addition, considering that the number of reserved digital digest algorithms is limited, there may be a case that verification results corresponding to all reserved digital digest algorithms are failed, so the embodiment further provides a supplementary verification step:
And selecting a digital digest algorithm except for a reserved digital digest algorithm from the digital digest algorithms supported by the SIP server and returning a response message again until the digital digest result returned by the SIP client passes verification and records the digital digest algorithm adopted by the SIP client at this time.
That is, when the digital digest algorithm supported by the SIP client is still not detected by using the reserved digital digest algorithm, the detected digital digest algorithm is further expanded to the digital digest algorithm which is not reserved, so that the detectable range of the digital digest algorithm can be effectively improved, and the digital digest algorithm supported by the SIP client can be ensured to be detected.
It can be known that, in this embodiment, based on the digital digest algorithms pre-agreed by the SIP server and the SIP client, the digital digest authentication algorithm supported by the SIP client is detected by adopting a manner of continuously changing different pre-agreed digital digest authentication algorithms, so as to solve the problem of incompatibility caused by the difference of the digital digest algorithms of multiple SIP clients; moreover, in solving this problem, the digital digest authentication algorithm supported by the SIP client is not limited, and therefore, the security thereof is not affected.
Fig. 3 is a flowchart of a processing method of a digital digest algorithm on a SIP client side according to another embodiment of the present disclosure, referring to fig. 3, the method may include the following steps:
step 302, the SIP client sends a first registration request to the SIP server;
The first registration request may actually be a SIP protocol registration request REGISTER, which includes contents agreed by the SIP protocol, such as a source Host address and a port, URL, and the like.
Step 304, receiving a response message returned by the SIP server in response to the first registration request, where the response message includes an algorithm code, where the algorithm code is used to represent a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
The pre-agreed digital digest algorithm may refer to a digital digest algorithm that can be supported by both the SIP server and the SIP client and an expression mode of different digital digest algorithms, that is, algorithm codes, for example, a first digital digest algorithm may be expressed by algorithm code 1, and a second digital digest algorithm may be expressed by algorithm code 2.
Step 306, identifying a target digital summary algorithm represented by the algorithm code;
Specifically: after the SIP client and the SIP server complete the provisioning, both parties can build and save databases of the provisioned digital digest algorithm and its algorithm codes, and thus, the digital digest algorithm represented by the algorithm codes can be determined by querying the databases.
Step 308, based on the target digital digest algorithm, a first digital digest result is generated and returned to the SIP server.
It can be known that, in this embodiment, based on the digital digest algorithms pre-agreed by the SIP server and the SIP client, the digital digest authentication algorithm supported by the SIP client is detected by adopting a manner of continuously changing different pre-agreed digital digest authentication algorithms, so as to solve the problem of incompatibility caused by the difference of the digital digest algorithms of multiple SIP clients; moreover, in solving this problem, the digital digest authentication algorithm supported by the SIP client is not limited, and therefore, the security thereof is not affected.
Fig. 4 is a flow chart of a digital summary algorithm processing method according to another embodiment of the present disclosure, referring to fig. 4, the method may specifically include the following steps:
(1) The SIP client sends an SIP protocol registration request REGISTER to the SIP server;
The SIP protocol registration request comprises a platform or equipment national standard code, a source end Host address and a port, and uri.
(2) The SIP server side extracts a User-Agent of the User and national standard codes of the client side, inquires whether a default abstract algorithm exists, and selects the default digital abstract algorithm if the default abstract algorithm does not exist;
Specifically: after receiving the SIP protocol registration request, the SIP server extracts a User-Agent of the User Agent and a national standard code of the client; based on the user agent and the national standard code of the client, inquiring whether the SIP client has a default digital abstract algorithm in the record, if so, directly selecting the corresponding digital abstract algorithm, and if not, selecting a digital abstract algorithm according to a preset selection rule.
The selection rule of the digital digest algorithm is described in detail in the corresponding embodiment of fig. 1, and therefore, the description thereof will not be repeated here.
(3) The SIP server returns a response message of 401 Unauthorized;
Specifically: the SIP server uses the selected digital digest algorithm, denoted as authentication algorithm 1, to perform digital digest based on the information in the REGISTER, to obtain a reference digital digest result, and returns a "401Unauthorized" response message, where "WWW-Authenticate" includes "DIGEST REALM", "nonce", "opaque" and "algorithm" therein.
Where "DIGEST REALM" is the field, "nonce" and "opaque" are random codes, and "algorithm" is reflected as the selected digital digest algorithm.
(4) The SIP client sends a SIP protocol registration request to the SIP server again;
Specifically: after receiving the response message of 401Unauthorized, the SIP client extracts messages of DIGEST REALM, nonce, opaque, algorithm and the like in WWW-Authenticate; then, after calculating the digital digest result based on the self-supported digital digest algorithm, the REGISTER request is sent again, and the calculated digital digest result is filled in the response of the authentication message.
In addition, these fields "Digest username", "realm", "nonce", "uri", "algorithm" used in the calculation process are attached to the message.
Where "realm", "nonce", "uri", "algorithm" are all provided before the SIP server, and "Digest user name" is user agent information.
(5) The SIP server terminal performs digital digest authentication based on the authentication algorithm 1, and if authentication fails, the next authentication algorithm is selected;
Specifically, the SIP server receives the SIP registration message again, checks the digital digest result in the authentication message, and if the check fails, replaces another authentication algorithm, and continues to execute the step (2) and (3) until the check passes.
(6) Repeatedly executing the step (2) based on the new authentication algorithm 2;
(7) Repeatedly executing the step (3);
(8) The SIP server terminal performs digital digest authentication pass based on the authentication algorithm 2, records the authentication algorithm corresponding to the international code of the User-Agent and the equipment, and directly uses the algorithm 2 on line next time.
Specifically: the SIP server receives the SIP registration message again, checks the digital abstract result in the Authorization message, and returns a 200OK message if the check is passed, indicating that the registration is successful. And the algorithm corresponding to the User-Agent and the client national standard code is stored, and the authenticated algorithm can be directly used when the client is subsequently online again, so that multiple negotiations are avoided.
It can be seen that the present embodiment does not require the SIP client to make a subscription, and the SIP server detects the digital digest authentication algorithm supported by the client based on the "401Unauthorized" response message of the SIP protocol. The method solves the problem of incompatibility caused by the difference of digital digest algorithms of a plurality of SIP clients, and greatly reduces pain points of repeated and repeated zip point-to-point butt joint of each device and platform manufacturer.
Fig. 5 is a schematic flow chart of a digital summary algorithm processing apparatus according to an embodiment of the present disclosure, referring to fig. 5, the apparatus may specifically include:
a sending module 501, configured to respond to a first registration request sent by a SIP client, and return a response message, where the response message includes an algorithm identifier corresponding to a first digital summary algorithm selected by the SIP server;
The processing module 502 is configured to perform digest verification on a first digital digest result returned by the SIP client according to the first digital digest algorithm, where the first digital digest result is generated based on a digital digest algorithm supported by the SIP client;
And a circulation module 503, configured to select other digital digest algorithms and return a response message again if the verification result is not passed, until the digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time.
Optionally, the apparatus further comprises:
And the priority module is used for sequentially selecting the digital digest algorithms according to the priority order of the digital digest algorithms supported by the SIP server.
Optionally, the registration request carries identification information corresponding to the SIP client; the apparatus further comprises:
the query module is used for querying whether algorithm identifications associated with the identification information are prestored or not; if yes, configuring the highest priority for the digital summary algorithm corresponding to the algorithm identification.
Optionally, the response message further includes algorithm code for representing a digital digest algorithm reserved by the SIP server and the SIP client;
the first digital digest result is generated based on a digital digest algorithm represented by the algorithm code.
Optionally, the response message further includes a random code, and the random code in the response message returned each time is different; the apparatus further comprises:
The receiving module is used for receiving a second registration request sent by the SIP client, wherein the second registration request comprises the first digital abstract result and a target random code provided by the SIP server; determining a digital summary algorithm included in a target response message corresponding to the target random code;
the processing module is specifically configured to:
and carrying out abstract verification on the digital abstract result returned by the SIP client according to the digital abstract algorithm included in the target response message.
Optionally, the identification information corresponding to the SIP client includes identification information of a user agent code, a device or a platform;
the second registration request further includes identification information of a user agent code, a device or a platform, and the circulation module is specifically configured to:
and establishing and storing the corresponding relation between the user agent code, the identification information of the equipment or the platform and the digital abstract algorithm adopted at this time.
It can be known that, in this embodiment, aiming at the situation that the digital digest algorithm of the device or platform is not clear, a mode of continuously changing different digital digest authentication algorithms is adopted to detect the digital digest authentication algorithm supported by the SIP client, so as to solve the problem of incompatibility caused by the difference of the digital digest algorithms of a plurality of SIP clients; moreover, in solving this problem, the digital digest authentication algorithm supported by the SIP client is not limited, and therefore, the security thereof is not affected.
Fig. 6 is a schematic flow chart of a digital summary algorithm processing apparatus according to another embodiment of the present disclosure, referring to fig. 6, the apparatus may specifically include:
A sending module 601, configured to respond to a first registration request sent by a SIP client by returning a response message, where the response message includes an algorithm code, where the algorithm code is used to represent a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
the processing module 602 is configured to perform digest verification on a first digital digest result returned by the SIP client according to the target digital digest algorithm, where the first digital digest result is generated based on the target digital digest algorithm;
and the circulation module 603 is configured to select other pre-agreed digital digest algorithms and return a response message again if the verification result is failed, until the digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client this time.
Optionally, the apparatus further comprises:
And sequentially selecting the digital digest algorithms according to the priority order of the pre-agreed digital digest algorithms.
Optionally, the response message further includes a random code, and the random code in the response message returned each time is different; the apparatus further comprises:
The receiving module is used for receiving a second registration request sent by the SIP client, wherein the second registration request comprises the first digital abstract result and a target random code provided by the SIP server; determining a digital summary algorithm included in a target response message corresponding to the target random code;
the processing module is specifically configured to:
and carrying out abstract verification on the digital abstract result returned by the SIP client according to the digital abstract algorithm included in the target response message.
Optionally, the identification information corresponding to the SIP client includes identification information of a user agent code, a device or a platform;
the second registration request further includes identification information of a user agent code, a device or a platform, and the circulation module is specifically configured to:
and establishing and storing the corresponding relation between the user agent code, the identification information of the equipment or the platform and the digital abstract algorithm adopted at this time.
Fig. 7 is a schematic flow chart of a digital summary algorithm processing apparatus according to another embodiment of the present disclosure, referring to fig. 7, the apparatus may specifically include:
a sending module 701, configured to send a first registration request to a SIP server;
A receiving module 702, configured to receive a response message returned by the SIP server in response to the first registration request, where the response message includes an algorithm code, where the algorithm code is used to represent a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
an identification module 703, configured to identify a target digital digest algorithm represented by the algorithm code;
And a processing module 704, configured to generate a first digital digest result based on the target digital digest algorithm and return the first digital digest result to the SIP server.
It can be known that, in the embodiments corresponding to fig. 6 and fig. 7, based on the digital digest algorithms pre-agreed by the SIP server and the SIP client, the digital digest authentication algorithm supported by the SIP client is detected by adopting a manner of continuously changing different pre-agreed digital digest authentication algorithms, so as to solve the problem of incompatibility caused by the difference of the digital digest algorithms of multiple SIP clients; moreover, in solving this problem, the digital digest authentication algorithm supported by the SIP client is not limited, and therefore, the security thereof is not affected.
In addition, for the above-described apparatus embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference should be made to the description of the method embodiments for relevant points. Further, it should be noted that, among the respective components of the apparatus of the present specification, the components thereof are logically divided according to functions to be realized, but the present specification is not limited thereto, and the respective components may be re-divided or combined as necessary.
Fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure, and referring to fig. 8, the electronic device includes a processor, an internal bus, a network interface, a memory, and a nonvolatile memory, and may include hardware required by other services. The processor reads the corresponding computer program from the nonvolatile memory into the memory and then runs the computer program to form the digital digest algorithm processing device on the logic level. Of course, other implementations, such as logic devices or combinations of hardware and software, are not excluded from the present description, that is, the execution subject of the following processing flows is not limited to each logic unit, but may be hardware or logic devices.
The network interface, processor and memory may be interconnected by a bus system. The bus may be an ISA (Industry Standard Architecture ) bus, a PCI (PERIPHERAL COMPONENT INTERCONNECT, peripheral component interconnect standard) bus, or EISA (Extended Industry Standard Architecture ) bus, among others. The buses may be classified as address buses, data buses, control buses, etc. For ease of illustration, only one bi-directional arrow is shown in FIG. 8, but not only one bus or type of bus.
The memory is used for storing programs. In particular, the program may include program code including computer-operating instructions. The memory may include read only memory and random access memory and provide instructions and data to the processor. The Memory may comprise a Random-Access Memory (RAM) or may further comprise a non-volatile Memory (non-volatile Memory), such as at least 1 disk Memory.
The processor is used for executing the program stored in the memory and specifically executing:
The SIP server responds to a first registration request sent by the SIP client to return a response message, wherein the response message comprises an algorithm identifier corresponding to a first digital summary algorithm selected by the SIP server;
performing digest verification on a first digital digest result returned by the SIP client according to the first digital digest algorithm, wherein the first digital digest result is generated based on a digital digest algorithm supported by the SIP client;
If the verification result is not passed, selecting other digital digest algorithms and returning a response message again until the digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time.
Or alternatively
The SIP server responds to a first registration request sent by the SIP client to return a response message, wherein the response message comprises an algorithm code, and the algorithm code is used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
Performing digest verification on a first digital digest result returned by the SIP client according to the target digital digest algorithm, wherein the first digital digest result is generated based on the target digital digest algorithm;
if the verification result is not passed, other pre-agreed digital digest algorithms are selected and response information is returned again until the digital digest result returned by the SIP client passes the verification and the digital digest algorithm adopted by the SIP client at this time is recorded.
Or alternatively
The SIP client sends a first registration request to the SIP server;
receiving a response message returned by the SIP server in response to the first registration request, wherein the response message comprises an algorithm code, and the algorithm code is used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
Identifying a target digital summary algorithm represented by the algorithm code;
And generating a first digital abstract result based on the target digital abstract algorithm and returning the first digital abstract result to the SIP server.
The methods performed by the digital digest algorithm processing apparatus or manager (Master) node described above and disclosed in the embodiments of fig. 5-7 of the present specification may be applied to, or implemented by, a processor. The processor may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or by instructions in the form of software. The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but may also be a digital signal Processor (DIGITAL SIGNAL Processor, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), field-Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic device, discrete gate or transistor logic device, discrete hardware components. The various methods, steps and logic blocks disclosed in the embodiments of this specification may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present specification may be embodied directly in hardware, in a decoded processor, or in a combination of hardware and software modules in a decoded processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor reads the information in the memory and, in combination with its hardware, performs the steps of the above method.
The digital digest algorithm processing apparatus may also perform the methods illustrated in fig. 1-4 and implement the methods performed by the manager node.
Based on the same inventive concept, the present embodiments also provide a computer-readable storage medium storing one or more programs, which when executed by an electronic device including a plurality of application programs, cause the electronic device to perform the digital digest algorithm processing method provided by the corresponding embodiments of fig. 1-4.
Based on the same invention, the embodiment of the present specification further provides a digital summary algorithm processing system, including: SIP server and SIP client, wherein:
the SIP client is used for sending a first registration request to the SIP server;
The SIP server is used for responding to the first registration request and returning a response message to the SIP client, wherein the response message comprises algorithm codes, and the algorithm codes are used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
The SIP client is used for identifying a target digital summary algorithm represented by the algorithm code; generating a first digital abstract result based on the target digital abstract algorithm and returning the first digital abstract result to the SIP server;
The SIP server is used for carrying out abstract verification on the first digital abstract result according to the target digital abstract algorithm; if the verification result is not passed, other pre-agreed digital digest algorithms are selected and response information is returned again until the digital digest result returned by the SIP client passes the verification and the digital digest algorithm adopted by the SIP client at this time is recorded.
It should be noted that, for the SIP server and the SIP client in the digital digest algorithm processing system, the functions and the interaction process between them are described in detail in the embodiments corresponding to fig. 2-3, so that description thereof will not be made herein, and similar points are referred to the relevant description in the embodiments corresponding to fig. 2-3.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for system embodiments, since they are substantially similar to method embodiments, the description is relatively simple, as relevant to see a section of the description of method embodiments.
The foregoing describes specific embodiments of the present disclosure. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims can be performed in a different order than in the embodiments and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
It will be appreciated by those skilled in the art that embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, the present specification may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present description can take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The present description is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the specification. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In one typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include volatile memory in a computer-readable medium, random Access Memory (RAM) and/or nonvolatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of computer-readable media.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
It will be appreciated by those skilled in the art that embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, the present specification may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present description can take the form of a computer program product on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
The foregoing is merely exemplary of the present disclosure and is not intended to limit the disclosure. Various modifications and alterations to this specification will become apparent to those skilled in the art. Any modifications, equivalent substitutions, improvements, or the like, which are within the spirit and principles of the present description, are intended to be included within the scope of the claims of the present description.
Claims (10)
1. A digital digest algorithm processing method, comprising:
The SIP server responds to a first registration request sent by the SIP client to return a response message, wherein the response message comprises an algorithm identifier corresponding to a first digital summary algorithm selected by the SIP server;
performing digest verification on a first digital digest result returned by the SIP client according to the first digital digest algorithm, wherein the first digital digest result is generated based on a digital digest algorithm supported by the SIP client;
If the verification result is not passed, selecting other digital digest algorithms and returning a response message again until the first digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time;
the response message also comprises a random code, and the random codes in the response message returned each time are different;
before the digest verifying the first digital digest result returned by the SIP client, the method further includes:
receiving a second registration request sent by the SIP client, wherein the second registration request comprises the first digital abstract result and a target random code provided by the SIP server;
determining a digital summary algorithm included in a target response message corresponding to the target random code;
The performing digest verification on the first digital digest result returned by the SIP client according to the first digital digest algorithm includes:
And carrying out digest verification on the first digital digest result returned by the SIP client according to a digital digest algorithm included in the target response message.
2. The method of claim 1, further comprising, prior to the returning the response message:
And sequentially selecting the digital digest algorithms according to the priority order of the digital digest algorithms supported by the SIP server.
3. The method according to claim 2, wherein the first registration request carries identification information corresponding to the SIP client;
Before the digital digest algorithm is sequentially selected according to the priority order of the digital digest algorithm supported by the SIP server, the method further comprises:
Inquiring whether algorithm identifications associated with the identification information are pre-stored or not;
If yes, configuring the highest priority for the digital summary algorithm corresponding to the algorithm identification.
4. The method of claim 1, wherein the step of determining the position of the substrate comprises,
The response message also includes algorithm code for representing a digital digest algorithm reserved by the SIP server and SIP client;
the first digital digest result is generated based on a digital digest algorithm represented by the algorithm code.
5. The method according to claim 1, wherein the identification information corresponding to the SIP client includes identification information of a user agent code, a device or a platform;
The second registration request further includes identification information of a user agent code, a device or a platform, and the recording of the digital digest algorithm adopted by the SIP client this time includes:
and establishing and storing the corresponding relation between the user agent code, the identification information of the equipment or the platform and the digital abstract algorithm adopted at this time.
6. A digital digest algorithm processing method, comprising:
the SIP server responds to a first registration request sent by the SIP client to return a response message, wherein the response message comprises an algorithm code, and the algorithm code is used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
Performing digest verification on a first digital digest result returned by the SIP client according to the target digital digest algorithm, wherein the first digital digest result is generated based on the target digital digest algorithm;
If the verification result is not passed, selecting other pre-agreed digital digest algorithms and returning a response message again until the first digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time;
the response message also comprises a random code, and the random codes in the response message returned each time are different;
before the digest verifying the first digital digest result returned by the SIP client, the method further includes:
receiving a second registration request sent by the SIP client, wherein the second registration request comprises the first digital abstract result and a target random code provided by the SIP server;
determining a digital summary algorithm included in a target response message corresponding to the target random code;
The step of performing digest verification on the first digital digest result returned by the SIP client according to the target digital digest algorithm includes:
And carrying out digest verification on the first digital digest result returned by the SIP client according to a digital digest algorithm included in the target response message.
7. A digital digest algorithm processing method, comprising:
the SIP client sends a first registration request to the SIP server;
receiving a response message returned by the SIP server in response to the first registration request, wherein the response message comprises an algorithm code, and the algorithm code is used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
Identifying a target digital summary algorithm represented by the algorithm code;
Generating a first digital abstract result based on the target digital abstract algorithm and returning the first digital abstract result to the SIP server;
the response message also comprises a random code, and the random codes in the response message returned each time are different;
the method further comprises the steps of:
And sending a second registration request to the SIP server, wherein the second registration request comprises the first digital digest result and a target random code provided by the SIP server, so that the SIP server can determine a digital digest algorithm included in a target response message corresponding to the target random code, and digest verification is performed on the first digital digest result returned by the SIP client according to the digital digest algorithm included in the target response message.
8. A digital digest algorithm processing apparatus, comprising:
The sending module is used for responding to a first registration request sent by the SIP client and returning a response message, wherein the response message comprises an algorithm identifier corresponding to a first digital summary algorithm selected by the SIP server;
The processing module is used for carrying out abstract verification on a first digital abstract result returned by the SIP client according to the first digital abstract algorithm, wherein the first digital abstract result is generated based on the digital abstract algorithm supported by the SIP client;
The circulation module is used for selecting other digital digest algorithms and returning a response message again if the verification result is not passed, until the first digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time;
the response message also comprises a random code, and the random codes in the response message returned each time are different;
The apparatus further comprises:
The receiving module is used for receiving a second registration request sent by the SIP client, wherein the second registration request comprises the first digital abstract result and a target random code provided by the SIP server; determining a digital summary algorithm included in a target response message corresponding to the target random code;
the processing module is specifically configured to:
And carrying out digest verification on the first digital digest result returned by the SIP client according to a digital digest algorithm included in the target response message.
9. A digital digest algorithm processing system, comprising: SIP server and SIP client, wherein:
the SIP client is used for sending a first registration request to the SIP server;
The SIP server is used for responding to the first registration request and returning a response message to the SIP client, wherein the response message comprises algorithm codes, and the algorithm codes are used for representing a target digital digest algorithm in digital digest algorithms pre-agreed by the SIP server and the SIP client;
The SIP client is used for identifying a target digital summary algorithm represented by the algorithm code; generating a first digital abstract result based on the target digital abstract algorithm and returning the first digital abstract result to the SIP server;
The SIP server is used for carrying out abstract verification on the first digital abstract result according to the target digital abstract algorithm; if the verification result is not passed, selecting other pre-agreed digital digest algorithms and returning a response message again until the first digital digest result returned by the SIP client passes the verification and records the digital digest algorithm adopted by the SIP client at this time;
the response message also comprises a random code, and the random codes in the response message returned each time are different;
the SIP client is further configured to: sending a second registration request to the SIP server, wherein the second registration request comprises the first digital digest result and a target random code provided by the SIP server;
The SIP server is specifically configured to: determining a digital digest algorithm included in a target response message corresponding to the target random code, and performing digest verification on the first digital digest result returned by the SIP client according to the digital digest algorithm included in the target response message.
10. An electronic device, comprising:
A processor; and
A memory arranged to store computer executable instructions which, when executed, cause the processor to perform the steps of the method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110217374.9A CN112906063B (en) | 2021-02-26 | 2021-02-26 | Digital digest algorithm processing equipment method, device, system and equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110217374.9A CN112906063B (en) | 2021-02-26 | 2021-02-26 | Digital digest algorithm processing equipment method, device, system and equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112906063A CN112906063A (en) | 2021-06-04 |
| CN112906063B true CN112906063B (en) | 2024-04-26 |
Family
ID=76108488
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110217374.9A Active CN112906063B (en) | 2021-02-26 | 2021-02-26 | Digital digest algorithm processing equipment method, device, system and equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112906063B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1483265A (en) * | 2000-08-01 | 2004-03-17 | ��˹��ŵ�� | Techniques for performing UMTS (universal mobile telecommunications system) authentication using SIP (session initiation protocol) messages |
| WO2009109093A1 (en) * | 2008-03-06 | 2009-09-11 | 华为技术有限公司 | Method, device and system for certifying response message |
| CN103166931A (en) * | 2011-12-15 | 2013-06-19 | 华为技术有限公司 | Method, device and system of transmitting data safely |
| CN103370915A (en) * | 2010-11-06 | 2013-10-23 | 高通股份有限公司 | Authentication in secure user plane location (SUPL) systems |
| CN106533689A (en) * | 2015-09-15 | 2017-03-22 | 阿里巴巴集团控股有限公司 | Method and device for loading digital certificate in SSL/TLS communication |
-
2021
- 2021-02-26 CN CN202110217374.9A patent/CN112906063B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1483265A (en) * | 2000-08-01 | 2004-03-17 | ��˹��ŵ�� | Techniques for performing UMTS (universal mobile telecommunications system) authentication using SIP (session initiation protocol) messages |
| WO2009109093A1 (en) * | 2008-03-06 | 2009-09-11 | 华为技术有限公司 | Method, device and system for certifying response message |
| CN103370915A (en) * | 2010-11-06 | 2013-10-23 | 高通股份有限公司 | Authentication in secure user plane location (SUPL) systems |
| CN103166931A (en) * | 2011-12-15 | 2013-06-19 | 华为技术有限公司 | Method, device and system of transmitting data safely |
| CN106533689A (en) * | 2015-09-15 | 2017-03-22 | 阿里巴巴集团控股有限公司 | Method and device for loading digital certificate in SSL/TLS communication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112906063A (en) | 2021-06-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107483509B (en) | A kind of auth method, server and readable storage medium storing program for executing | |
| EP3905078A1 (en) | Identity verification method and system therefor | |
| JP6837082B2 (en) | Methods and equipment for publishing assertions within a distributed database of mobile communications networks and for personalizing Internet of Things devices. | |
| CN111031074B (en) | Authentication method, server and client | |
| CN110222085B (en) | Processing method and device for certificate storage data and storage medium | |
| CN112738021B (en) | Single sign-on method, terminal, application server, authentication server and medium | |
| GB2548802A (en) | Methods for creating and verifying an electronic user identity | |
| CN113014546B (en) | Certificate-based authentication registration state management method and system | |
| CN110753037A (en) | Token management method, device and storage medium | |
| CN112787986B (en) | Multi-path bidirectional authentication method and device | |
| CN113259910B (en) | Activation method and device for vehicle-mounted networking equipment | |
| CN113114610B (en) | Stream taking method, device and equipment | |
| CN105101040A (en) | Resource creating method and device | |
| CN112906063B (en) | Digital digest algorithm processing equipment method, device, system and equipment | |
| CN103559430B (en) | application account management method and device based on Android system | |
| CN109063461B (en) | Third-party password-free login method and system | |
| CN113472545B (en) | Equipment network access method, device, equipment, storage medium and communication system | |
| CN115277001A (en) | Certificate distribution method, device, system and medium for co-building shared network | |
| CN111369246B (en) | Calling authentication method and device of intelligent contract, electronic equipment and storage medium | |
| CN114499981A (en) | Video access method and device | |
| CN117834312B (en) | Network access method, network access device, and computer-readable storage medium | |
| US20230370277A1 (en) | Authentication method and communication apparatus | |
| CN113781229B (en) | Transaction data storage method, device, equipment and readable storage medium | |
| CN114785531B (en) | Bidirectional authentication method and device based on service node switching | |
| CN114006761B (en) | Communication method and device for vulnerability detection and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |