CN113824694B - File decryption method, computer device and storage medium - Google Patents

File decryption method, computer device and storage medium Download PDF

Info

Publication number
CN113824694B
CN113824694B CN202110984813.9A CN202110984813A CN113824694B CN 113824694 B CN113824694 B CN 113824694B CN 202110984813 A CN202110984813 A CN 202110984813A CN 113824694 B CN113824694 B CN 113824694B
Authority
CN
China
Prior art keywords
file
decryption
shadow
encrypted
decrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110984813.9A
Other languages
Chinese (zh)
Other versions
CN113824694A (en
Inventor
姜欢欢
胡金龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhan United Imaging Healthcare Co Ltd
Original Assignee
Wuhan United Imaging Healthcare Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhan United Imaging Healthcare Co Ltd filed Critical Wuhan United Imaging Healthcare Co Ltd
Priority to CN202110984813.9A priority Critical patent/CN113824694B/en
Publication of CN113824694A publication Critical patent/CN113824694A/en
Application granted granted Critical
Publication of CN113824694B publication Critical patent/CN113824694B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key

Abstract

The application relates to a file decryption method, a computer device and a storage medium. According to the method, the encrypted file and the shadow file corresponding to the encrypted file are obtained, the encrypted file and the shadow file are decrypted, the decrypted file and the decrypted shadow file are obtained, and then the decryption state of the encrypted file is determined according to the decrypted shadow file. In the method, the shadow file is adopted to replace the original encrypted file to be decrypted to determine the decryption state of the encrypted file, and because the shadow file is a very small file and is irrelevant to the size of the encrypted file to be decrypted, the speed of judging the decryption state of the shadow file is irrelevant to the size of the encrypted file to be decrypted, the decryption speed is greatly improved, and because the shadow file is small, the error rate is very low by judging whether the shadow file is decrypted successfully or not, thereby improving the accuracy of judging the decryption state of the encrypted file by the method.

Description

File decryption method, computer device and storage medium
Technical Field
The present application relates to the field of data processing technologies, and in particular, to a file decryption method, a computer device, and a storage medium.
Background
In the process of processing file data, in order to ensure safe transmission or safe reading of the file data, related files are generally required to be encrypted, when a user analyzes the file, the file is decrypted, and the file can be normally read after the decrypted file is obtained, however, a complete decryption process not only comprises decryption, but also comprises judgment of the state after decryption.
At present, the existing file decryption software and method can meet basic requirements in terms of decryption speed, but the time for judging the decrypted state is long. However, the decryption process is long in time consumption, which generally results in low decryption efficiency and blocking of the flow after decryption, thereby resulting in problems of low code operation efficiency, poor user experience, and the like.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a file decryption method, a computer device, and a storage medium that can effectively shorten decryption time and improve decryption efficiency.
In a first aspect, a method for decrypting a file, the method comprising:
obtaining an encrypted file and a shadow file corresponding to the encrypted file; the capacity of the shadow file is smaller than the capacity of the encrypted file; the shadow file and the encrypted file are encrypted by adopting the same encryption method;
Decrypting the encrypted file and the shadow file to obtain a decrypted file and a decrypted shadow file;
and determining the decryption state of the encrypted file according to the decryption shadow file.
In one embodiment, the determining the decryption state of the encrypted file according to the decryption shadow file includes:
reading the decrypted shadow file into a memory;
if the decryption shadow file can be read normally, determining that the decryption state of the encrypted file is successful in decryption;
and if the decryption shadow file cannot be read normally, determining that the decryption state of the encrypted file is a decryption failure.
In one embodiment, if the decryption status is that the decryption is successful, the method further includes at least one of the following steps:
sending decryption success information to the terminal;
returning the decrypted file to the terminal;
updating the attribute information of the encrypted file stored in the database according to the decryption state; the attribute information at least comprises the decryption state of the encrypted file;
and storing the decryption file according to a preset path.
In one embodiment, if the decryption status is decryption failure, the method further includes:
Sending decryption failure information to a terminal;
and/or updating the attribute information of the encrypted file stored in the database according to the decryption state.
In one embodiment, the method further comprises:
monitoring file change conditions under an encrypted file directory;
and if the fact that the newly added encrypted file exists under the encrypted file directory is monitored, executing the step of obtaining the shadow file corresponding to the encrypted file until the decryption state of the encrypted file is obtained.
In one embodiment, the method further comprises:
monitoring file change conditions under a decrypted document directory;
if the fact that the newly added decryption file exists in the decryption document directory is monitored, updating the decryption state of the corresponding encryption file in the encryption document directory to be successful in decryption;
and if no new decryption file is added under the decryption document directory, updating the decryption state of the corresponding encryption file under the encryption document directory into decryption failure.
In one embodiment, obtaining a shadow file corresponding to the encrypted file includes:
determining an encryption type of the encrypted file;
and determining a shadow file corresponding to the encryption type of the encryption file according to a mapping relation between a preset encryption type and the shadow file, and determining the shadow file corresponding to the encryption type of the encryption file as the shadow file corresponding to the encryption file.
In one embodiment, obtaining a shadow file corresponding to the encrypted file includes:
determining the type of the encrypted file;
and determining a shadow file corresponding to the type of the encrypted file according to a mapping relation between a preset file type and the shadow file, and determining the shadow file corresponding to the type of the encrypted file as the shadow file corresponding to the encrypted file.
In a second aspect, a decryption device for a file, the device comprising:
the acquisition module is used for acquiring the encrypted file and a shadow file corresponding to the encrypted file; the capacity of the shadow file is smaller than the capacity of the encrypted file; the shadow file and the encrypted file are encrypted by adopting the same encryption method;
the decryption module is used for decrypting the encrypted file and the shadow file to obtain a decrypted file and a decrypted shadow file;
and the determining module is used for determining the decryption state of the encrypted file according to the decryption shadow file.
In a third aspect, a computer device comprises a memory storing a computer program and a processor implementing the method according to the first aspect when executing the computer program.
In a fourth aspect, a computer readable storage medium has stored thereon a computer program which, when executed by a processor, implements the method of the first aspect described above.
The method, the device, the computer equipment and the storage medium for decrypting the file acquire the encrypted file and the shadow file corresponding to the encrypted file, decrypt the encrypted file and the shadow file to acquire the decrypted file and the decrypted shadow file, and then determine the decryption state of the encrypted file according to the decrypted shadow file. In the method, the shadow file is adopted to replace the original encrypted file to be decrypted to determine the decryption state of the encrypted file, and because the shadow file is a very small file and is irrelevant to the size of the encrypted file to be decrypted, the speed of judging the decryption state of the shadow file is irrelevant to the size of the encrypted file to be decrypted, the decryption speed is greatly improved, and because the shadow file is small, the error rate is very low by judging whether the shadow file is decrypted successfully or not, thereby improving the accuracy of judging the decryption state of the encrypted file by the method.
Drawings
FIG. 1 is an application environment diagram of a method of decrypting a file in one embodiment;
FIG. 2 is a flow chart of a method for decrypting a file in one embodiment;
FIG. 3 is a flow chart of one implementation of S103 in the embodiment of FIG. 2;
FIG. 4 is a flow diagram of a method of decrypting files in an embodiment in accordance with one embodiment;
FIG. 5 is a flow chart illustrating a method of decrypting a file in one embodiment;
FIG. 6 is a flow chart of a method for decrypting a file in one embodiment;
FIG. 7 is a flow chart of one implementation of S101 in the embodiment of FIG. 2;
FIG. 8 is a flow chart of another implementation of S101 in the embodiment of FIG. 2;
FIG. 9 is a flow chart of a method for decrypting a file in one embodiment;
FIG. 10 is a schematic diagram of a file decryption system in one embodiment;
FIG. 11 is a block diagram showing a configuration of a file decrypting apparatus in one embodiment;
FIG. 12 is a block diagram showing a configuration of a file decrypting apparatus in one embodiment;
FIG. 13 is a block diagram showing a configuration of a file decrypting apparatus in one embodiment;
FIG. 14 is a block diagram showing a configuration of a file decrypting apparatus in one embodiment;
FIG. 15 is a block diagram showing the structure of a file decrypting apparatus in one embodiment;
FIG. 16 is a block diagram showing a configuration of a file decrypting apparatus in one embodiment;
Fig. 17 is an internal structural view of a computer device in one embodiment.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
The file decryption method provided by the application can be applied to an application environment shown in figure 1. Wherein the terminal 102 communicates with the server 104 via a network. The terminal 102 is configured to send a decryption request to the server 104, where after receiving the decryption request of the terminal 102, the server 104 decrypts the obtained encrypted file to obtain a decrypted file, and returns the decrypted file to the terminal 102 for the terminal to view. The terminal 102 may be, but not limited to, various personal computers, notebook computers, smartphones, tablet computers, and portable wearable devices, and the server 104 may be implemented by a stand-alone server or a server cluster composed of a plurality of servers.
It will be appreciated by those skilled in the art that the architecture of the application environment illustrated in fig. 1 is merely a block diagram of some of the structures associated with the present inventive arrangements and is not limiting of the application environment to which the present inventive arrangements may be applied, and that a particular application environment may include more or fewer components than those illustrated, or may combine certain components, or have a different arrangement of components.
In one embodiment, as shown in fig. 2, a method for decrypting a file is provided, and the method is applied to the server in fig. 1 for illustration, and includes the following steps:
s101, obtaining the encrypted file and a shadow file corresponding to the encrypted file.
The encryption file is a file to be decrypted, the encryption file is a file encrypted by adopting a corresponding encryption method or encryption algorithm, the shadow file is a file encrypted by adopting a corresponding encryption method or encryption algorithm, and the shadow file and the encryption file are encrypted by adopting the same encryption method or encryption algorithm. The encrypted files and the shadow files can be in one-to-one correspondence, and optionally, the encrypted files subjected to different encryption methods and the shadow files subjected to different encryption methods can also be in one-to-one correspondence. The size of the shadow file is smaller than the size of the encrypted file, e.g., the size of the shadow file is smaller than the size of the encrypted file, or the size of the memory occupied by the shadow file is smaller than the size of the memory occupied by the encrypted file.
In this embodiment, when a user needs to view a certain encrypted file, a decryption request may be sent to a server through a terminal, and the decryption request is sent to the server, so as to instruct the server to execute an operation of decrypting the encrypted file. In the process, the terminal can directly send the encrypted file to the server to instruct the server to decrypt the encrypted file; optionally, after receiving the decryption request of the terminal, the server may find the encrypted file to be decrypted from other file storage servers or folders under the designated path according to the identifier of the encrypted file included in the decryption request, where the above means for obtaining the encrypted file for the two servers selects one means according to the actual requirement in practical application.
Accordingly, when the server obtains the encrypted file, the shadow file corresponding to the obtained encrypted file can be found from other file storage servers or folders under the designated path according to the corresponding relation between the encrypted file and the shadow file. The corresponding relationship between the encrypted file and the shadow file may be determined in advance by the server, and the corresponding relationship may be stored in the database by using a mapping table or other manners, so as to be used when the server searches. When determining the correspondence between the encrypted file and the shadow file, the server determines that one encrypted file corresponds to one shadow file according to different encrypted files and different shadow files, for example, the encrypted file 1 corresponds to the shadow file 1, and the encrypted file 2 corresponds to the shadow file 2; the server may also determine that a plurality of encrypted files correspond to one shadow file according to an encryption method or an encryption algorithm, that is, encrypted files adopting the same encryption algorithm may correspond to one shadow file adopting the same encryption algorithm, for example, encrypted file 1 and encrypted file 2 are encrypted by using encryption algorithm 1, encrypted file 3 and encrypted file 4 are encrypted by using encryption algorithm 2, then encrypted file 1 and encrypted file 2 may correspond to one shadow file 1, and encrypted file 3 and encrypted file 4 may correspond to one shadow file 2; the server may also determine that a plurality of encrypted files correspond to one shadow file according to the type of the encrypted file, for example, the encrypted file 1 and the encrypted file 2 belong to video files, and the encrypted file 3 and the encrypted file 4 belong to document files, so that the encrypted file 1 and the encrypted file 2 may correspond to one shadow file 1, and the encrypted file 3 and the encrypted file 4 may correspond to one shadow file 2.
Optionally, when the terminal sends the encrypted file to the server, the shadow file corresponding to the encrypted file may also be directly sent to the server, so that the server may obtain the shadow file in two ways, that is, according to the corresponding relationship between the encrypted file and the shadow file in the database, or may obtain the shadow file from the terminal. It can be understood that the shadow file is generated in advance by the server according to the encrypted file, specifically, the corresponding shadow file can be generated according to different types of encrypted files, the corresponding shadow file can be generated according to different encrypted files, and the corresponding shadow file can be generated according to encrypted files adopting different encryption methods or encryption algorithms.
S102, decrypting the encrypted file and the shadow file to obtain a decrypted file and a decrypted shadow file.
When the server obtains the encrypted file and the corresponding decrypted file, the same decryption algorithm can be adopted to decrypt the encrypted file and the shadow file at the same time, so as to obtain the decrypted file and the decrypted shadow file. The decryption algorithm corresponds to an encryption algorithm for encrypting the file and may be predetermined by the server. Also, when the server acquires the decrypted file, the decrypted file may be stored in a folder directory under a specific path.
S103, determining the decryption state of the encrypted file according to the decryption shadow file.
The decryption state of the encrypted file includes decryption success or decryption failure.
When the server obtains the decrypted shadow file, whether the decrypted shadow file is decrypted or not can be determined by analyzing whether the decrypted shadow file is a decrypted file, and the decryption state of the decrypted shadow file is updated accordingly, so that the decryption state of the encrypted file can be further determined according to the decryption state of the decrypted shadow file, for example, if the decryption state of the decrypted shadow file is determined to be decrypted successfully, the decryption state of the encrypted file is considered to be decrypted successfully; if the decryption state of the decrypted shadow file is determined to be the decryption failure, the decryption state of the encrypted file is considered to be the decryption failure. Optionally, the server may also read the decrypted shadow file into the memory, and determine the decryption state of the encrypted file according to the condition that the decrypted shadow file is read into the memory. When the server determines the decryption status of the encrypted file, it indicates that decryption of the encrypted file is completed.
According to the file decryption method, the encrypted file and the shadow file corresponding to the encrypted file are obtained, the encrypted file and the shadow file are decrypted, the decrypted file and the decrypted shadow file are obtained, and then the decryption state of the encrypted file is determined according to the decrypted shadow file. In the method, the shadow file is adopted to replace the original encrypted file to be decrypted to determine the decryption state of the encrypted file, and because the shadow file is a very small file and is irrelevant to the size of the encrypted file to be decrypted, the speed of judging the decryption state of the shadow file is irrelevant to the size of the encrypted file to be decrypted, the decryption speed is greatly improved, and because the shadow file is small, the error rate is very low by judging whether the shadow file is decrypted successfully or not, thereby improving the accuracy of judging the decryption state of the encrypted file by the method.
Further, there is provided an implementation manner of the step S103, as shown in fig. 3, the step S103 "determining a decryption state of an encrypted file according to a decrypted shadow file" includes:
s301, reading the decryption shadow file into the memory, if the decryption shadow file can be read normally, executing step S302, and if the decryption shadow file cannot be read normally, executing step S303.
The embodiment relates to a method for determining a decryption state of an encrypted file by a server according to the condition that the decrypted shadow file is read into a memory. In the method, when the server acquires the decryption shadow file, the decryption shadow file can be read into the memory for checking, whether the decryption shadow file can be read normally or not is determined, if the decryption shadow file can be read normally, the decryption shadow file is successfully decrypted, and the server can read normally and look up; if the decryption shadow file cannot be read normally, it indicates that the decryption shadow file has not been successfully decrypted, may be still in the decryption process, or the decryption shadow file has a problem and cannot be decrypted. Different decryption states of the encrypted file are determined for different cases where the decrypted shadow file is read into memory.
S302, determining that the decryption state of the encrypted file is successful in decryption.
The embodiment relates to a scenario that a server normally reads a decrypted shadow file into a memory, under the scenario, the server directly determines that the decryption state of the shadow file is successful in decryption, and further determines that the decryption state of an encrypted file is also successful in decryption.
S303, determining the decryption state of the encrypted file as decryption failure.
The embodiment relates to a scenario in which a server cannot normally read a decryption shadow file into a memory, and in this scenario, the server directly determines that the decryption state of the shadow file is a decryption failure, and further determines that the decryption state of an encrypted file is also a decryption failure.
The above embodiment relates to a method for determining the decryption state of an encrypted file by a server according to the condition that the decrypted shadow file is read into a memory, because the capacity of the shadow file is smaller, the speed of reading the shadow file into the memory is extremely high, so the method for determining the decryption state of the encrypted file by the method for judging the decryption state of the shadow file can greatly improve the decryption speed of the encrypted file and reduce the decryption time, and particularly when the encrypted file is too large, the problems of low decryption speed and efficiency caused by the fact that the encrypted file is too large in the prior art are solved. And in the process of determining the decryption state of the encrypted file, large memory space is not occupied, and a certain memory space is saved.
In practical applications, for example, in the application environment shown in fig. 1, if the server decrypts the encrypted file successfully, that is, the server performs the step S103, after determining that the decryption state of the encrypted file is successful, as shown in fig. 4, the server may further perform operations:
s104, sending decryption success information to the terminal.
The server sends decryption success information to the terminal so that the terminal can determine that the server has successfully decrypted the encrypted file, and then the terminal can directly read the decrypted file corresponding to the encrypted file from the server. Specifically, when reading, the terminal can directly find and read the decryption file from the server according to the identification of the encryption file or under the folder directory of the designated path, and then the read decryption file is displayed on a display of the terminal so as to be convenient for a user to review.
Optionally, when the server performs the step S103, the operation may be further performed:
s105, returning the decrypted file to the terminal.
When the server decrypts the successfully encrypted file to obtain the decrypted file, the decrypted file can be directly sent to the terminal, so that the terminal can directly acquire the decrypted file corresponding to the encrypted file for viewing. The scenario is generally that the terminal sends a decryption request to the server, and sends the encrypted file to be decrypted to the server together, and the server directly returns the decrypted file to the terminal after decrypting the encrypted file according to the method described in the embodiment of fig. 2.
Optionally, when the server performs the step S103, the operation may be further performed:
s106, updating the attribute information of the encrypted file stored in the database according to the decryption state.
Wherein, the attribute information at least comprises the decryption state of the encrypted file, and the attribute information can also comprise the decryption time, the decryption time consumption and the like of the encrypted file.
When the server obtains the encrypted file to be decrypted, the encrypted file may be stored in a folder under the specified path, and the attribute information of the encrypted file may be identified, if the server decrypts the encrypted file according to the method described in the embodiment of fig. 2 to obtain the decrypted file, the server may correspondingly update the attribute information of the encrypted file in the folder under the specified path, for example, update the decryption state and decryption time, so that the terminal may then refer to the encrypted file from the corresponding folder according to the specified path, and may also correspondingly refer to the attribute information of the encrypted file. In addition, under the condition that the terminal requests the server to decrypt the encrypted file again, if the decryption state of the encrypted file is that the decryption is successful, the server does not need to decrypt the encrypted file any more, but can directly acquire the decrypted file corresponding to the encrypted file from the folder storing the decrypted file, and directly return the decrypted file to the terminal for review. The server may also determine whether to re-decrypt the encrypted file based on the decryption time of the encrypted file.
Optionally, when the server performs the step S103, the operation may be further performed:
and S107, storing the decrypted file according to a preset path.
The preset path can be a designated path, and is determined by the server in advance according to the storage requirement.
When the server decrypts the encrypted file and obtains the decrypted file, the server can store the decrypted file according to a preset path, and specifically, can store the decrypted file into a folder under the preset path, so that the decrypted file corresponding to the encrypted file can be directly read from the folder under the preset path when the terminal inquires the decrypted file; or the server can find the decryption file from the folder under the preset path and send the decryption file to the terminal for reference.
In practical application, if the server fails to decrypt the encrypted file, that is, the server performs the step S103, after determining that the decryption status of the encrypted file is the decryption failure, as shown in fig. 4, the server may further perform the following operations:
s108, sending decryption failure information to the terminal.
The server sends decryption failure information to the terminal so that the terminal determines that the encrypted file has a problem, or the server does not decrypt the encrypted file, and then the terminal can upload the encrypted file again, instruct the server to acquire the encrypted file again for decryption, or decrypt the encrypted file again.
S109, updating the attribute information of the encrypted file stored in the database according to the decryption state.
When the server obtains the encrypted file to be decrypted, the encrypted file may be stored in a folder under the specified path, and the attribute information of the encrypted file may be identified, if the server decrypts the encrypted file according to the method described in the embodiment of fig. 2, the attribute information of the encrypted file in the folder may also be updated correspondingly, for example, the decryption state and the decryption time may be updated correspondingly, so that, after that, the terminal may refer to the encrypted file from the corresponding folder according to the specified path, and may also refer to the attribute information of the encrypted file correspondingly. The server may select a different operation according to the decryption state of the encrypted file, for example, if the decryption state of the encrypted file is a decryption failure, the server may decrypt the encrypted file again, or update the encrypted file again to decrypt.
In one embodiment, there is further provided a method for triggering a server to decrypt an encrypted file, as shown in fig. 5, based on the method described in the embodiment of fig. 2, the method further including:
s110, monitoring file change conditions under the encrypted document directory.
When the server acquires the encrypted file, the encrypted file can be stored under a preset encrypted file directory, and if the file under the encrypted file directory has a new added file, the server can monitor that the file under the encrypted file directory is changed. If the server does not acquire the encrypted file, the file under the encrypted file directory does not change, and the server can monitor that the file under the encrypted file directory is not changed. In this embodiment, the server may determine whether there is an encrypted file to be decrypted in the encrypted document directory by monitoring a file change condition in the encrypted document directory.
S111, if the fact that the newly added encrypted file exists under the encrypted document directory is monitored, executing the step of obtaining the shadow file corresponding to the encrypted file until the decryption state of the encrypted document is obtained.
If the newly added encrypted file is monitored under the encrypted document directory, it indicates that the newly added encrypted file needs to be decrypted at present, and the server can decrypt the newly added encrypted file according to the method described in the embodiment of fig. 2, thereby determining the decryption state of the encrypted file and completing decryption.
Based on the above embodiment, there is further provided a method for triggering a server to decrypt an encrypted file, as shown in fig. 6, based on the method described in the embodiment of fig. 6, the method further includes:
S112, monitoring file change condition under the decrypted document directory, if the newly added decrypted file is monitored under the decrypted document directory, executing step S113, and if the newly added decrypted file is monitored under the decrypted document directory, executing step S114.
When the server acquires the decrypted file, the decrypted file can be stored under a preset decrypted file directory, and if the file under the decrypted file directory has a newly added file, the server can monitor that the file under the decrypted file directory is changed. If the server does not acquire the decrypted file, that is, the encrypted file is not successfully decrypted, the file under the decrypted file directory does not change, and the server can monitor that the file under the decrypted file directory is not changed. In this embodiment, the server may determine whether the decrypted file obtained after the decryption is successful exists in the decrypted file directory by monitoring the file change condition in the decrypted file directory.
S113, updating the decryption state of the corresponding encrypted file under the encrypted document directory to be successful in decryption.
If the fact that the newly added decryption file exists in the decryption document directory is monitored, the fact that the corresponding encryption file in the encryption document directory is successfully decrypted is indicated, and at the moment, the server can update the decryption state of the corresponding encryption file in the encryption document directory to be successfully decrypted, so that a user can check the decryption state of the encryption file. It should be noted that, the corresponding relationship between the corresponding encrypted file under the encrypted document directory and the newly added decrypted file under the decrypted document directory, so when updating the decryption state of the corresponding encrypted file under the encrypted document directory, the corresponding encrypted file can be found under the encrypted document directory according to the identifier of the newly added decrypted file, and then the decryption state of the encrypted file is updated. Wherein the identification of the decrypted file may be consistent with the identification of the corresponding encrypted file.
S114, updating the decryption state of the corresponding encrypted file under the encrypted document directory to be the decryption failure.
If the newly added decryption file is not monitored under the decryption document directory, the fact that the corresponding encryption file under the encryption document directory is not successfully decrypted is indicated, and at the moment, the server can update the decryption state of the corresponding encryption file under the encryption document directory to be in decryption failure so that a user can check the decryption state of the encryption file. It should be noted that, the corresponding relationship between the encrypted file under the encrypted document directory and the newly added decrypted file under the decrypted document directory may be identical to the identifier of the corresponding encrypted file, so when the newly added decrypted file under the decrypted document directory is not monitored, it is noted that the decrypted file under the decrypted document directory does not have the same identifier as the encrypted file, and at this time, the decryption state of the encrypted file corresponding to the updated encrypted document directory is the decryption failure.
In an embodiment, there is further provided a method for obtaining a shadow file corresponding to the encrypted file in an implementation manner of S101, as shown in fig. 7, where the method includes:
s401, determining the encryption type of the encrypted file.
When the server acquires the encrypted file, the encryption type of the encrypted file, that is, the type of encryption algorithm or method adopted by different encrypted files, can be further determined, so that the server can determine the shadow file of the encrypted file according to the encryption type.
S402, determining a shadow file corresponding to the encryption type of the encryption file according to a preset mapping relation between the encryption type and the shadow file, and determining the shadow file corresponding to the encryption type of the encryption file as the shadow file corresponding to the encryption file.
Wherein, the mapping relation between the encryption type and the shadow file can be predetermined by the server and stored in the database. Specifically, the server may determine different corresponding shadow files in advance according to different encryption algorithms or methods, i.e. encryption types, for example, the encryption algorithm 1 corresponds to the shadow file 1; encryption algorithm 2 corresponds to shadow file 2.
In this embodiment, when the server obtains the encrypted file and determines the encryption type of the encrypted file, the mapping relationship between the encryption type and the shadow file may be obtained, and the corresponding shadow file is found according to the encryption type of the encrypted file based on the mapping relationship, and finally the shadow file is determined as the shadow file of the encrypted file. Compared with the method for determining the shadow files by encrypting the file types, the method for determining the shadow files by encrypting the file types has the advantage that the number of the shadow files is reduced compared with the problem that the number of the shadow files is large due to the fact that the number of the shadow files is consistent with the number of the encrypted files in the method for determining the shadow files by encrypting the file types, and therefore the storage space occupied by the shadow files is saved.
In an embodiment, there is further provided a method for obtaining a shadow file corresponding to the encrypted file in an implementation manner of S101, as shown in fig. 8, where the method includes:
s501, determining the type of the encrypted file.
When the server acquires the encrypted file, the type of the encrypted file, for example, a video type file, or a voice type file, an image type file, a software type file, or a document type file, may be further determined, so that the server then determines a shadow file of the encrypted file according to the type of the encrypted file.
S502, determining a shadow file corresponding to the type of the encrypted file according to a mapping relation between the preset file type and the shadow file, and determining the shadow file corresponding to the type of the encrypted file as the shadow file corresponding to the encrypted file.
Wherein, the mapping relation between the file type and the shadow file can be predetermined by the server and stored in the database. Specifically, the server may determine different corresponding shadow files in advance according to different file types, for example, the file of the video type corresponds to the shadow file 1; the voice type file corresponds to the shadow file 2; the file of the software type corresponds to the shadow file 3; the file of the document type corresponds to the shadow file 4.
In this embodiment, when the server obtains the encrypted file and determines the type of the encrypted file, a mapping relationship between the file type and the shadow file may be obtained, and a corresponding shadow file is found according to the type of the encrypted file based on the mapping relationship, and finally the shadow file is determined as the shadow file of the encrypted file. Compared with the method for determining the shadow files by encrypting the files, the method for determining the shadow files by the file types has the advantage that the number of the shadow files is reduced compared with the problem that the number of the shadow files is large due to the fact that the number of the shadow files is consistent with the number of the encrypted files in the method for determining the shadow files by encrypting the files, and therefore the storage space occupied by the shadow files is saved.
In summary, the present application also provides a method for decrypting a file, as shown in fig. 9, where the method includes:
s601, obtaining an encrypted file.
S602, determining the encryption type of the encrypted file.
S603, determining a shadow file corresponding to the encryption type of the encryption file according to a preset mapping relation between the encryption type and the shadow file, and determining the shadow file corresponding to the encryption type of the encryption file as the shadow file corresponding to the encryption file.
S604, decrypting the encrypted file and the shadow file to obtain a decrypted file and a decrypted shadow file.
Step S605 reads the decrypted shadow file into the memory, if the decrypted shadow file can be read normally, step S606 is executed, and if the decrypted shadow file cannot be read normally, step S607 is executed.
S606, determining that the decryption state of the encrypted file is successful, and executing at least one of the steps S608-S611.
S607, determining that the decryption state of the encrypted file is decryption failure, and performing at least one of steps S612 to S613.
And S608, sending decryption success information to the terminal.
S609, returning the decrypted file to the terminal.
And S610, updating the attribute information of the encrypted file stored in the database according to the decryption state.
S611, storing the decrypted file according to a preset path.
S612, sending decryption failure information to the terminal.
S613, the attribute information of the encrypted file stored in the database is updated according to the decryption state.
The steps of the foregoing embodiments are all described in the foregoing, and the detailed description is referred to the foregoing description, which is not repeated here.
In one embodiment, there is also provided a file decryption system applying the above method, as shown in fig. 10, the system including: the system comprises a terminal, a storage server, a monitoring server and a decryption server. The terminal is respectively connected with the storage server and the monitoring server, the monitoring server is also connected with the storage server and the decryption server, and the decryption server is connected with the storage server.
In one application scenario, the terminal is used for uploading the encrypted file to the storage server; the storage server stores the encrypted file uploaded by the terminal into an encrypted document directory under a specific path; the monitoring server is used for acquiring the newly added encrypted file from the storage server when the newly added encrypted file exists under the encrypted file directory on the storage server, determining a shadow file corresponding to the encrypted file according to the encrypted file, and sending the newly added encrypted file and the corresponding shadow file to the decryption server. The decryption server is used for decrypting the encrypted file and the corresponding shadow file simultaneously by adopting the same decryption method to obtain the decrypted file and the decrypted shadow file, and then the decrypted shadow file is returned to the storage server, and the storage server is also used for storing the decrypted shadow file under the directory of the decrypted document under the specific path. The monitoring server is further used for updating the decryption state of the corresponding encrypted file under the encrypted document directory on the storage server when the newly added decrypted file is monitored under the decrypted document directory on the storage server, so that the terminal can inquire the decryption state of the encrypted file at any time. In another application scenario, the terminal may further send a decryption request to the monitoring server, when the monitoring server receives the decryption request, instruct the storage server to obtain the encrypted file from other storage devices and store the encrypted file, or find the encrypted file from the database of the monitoring server, obtain the encrypted file from the storage server and determine a shadow file corresponding to the encrypted file, and then send the encrypted file and the corresponding shadow file to the decryption server, so as to instruct the decryption server to decrypt the encrypted file and the shadow file simultaneously, and store the decrypted file on the storage server, and then instruct the storage server to update the decryption state of the encrypted file stored on the storage server in real time. Optionally, the terminal may further send a file inquiry instruction to the storage server to inquire about the encrypted file stored on the storage server and the decryption state of the encrypted file, or may also inquire about the decrypted file stored on the storage server.
It should be understood that, although the steps in the flowcharts of fig. 2-9 are shown in order as indicated by the arrows, these steps are not necessarily performed in order as indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in fig. 2-9 may include multiple steps or stages that are not necessarily performed at the same time, but may be performed at different times, nor does the order in which the steps or stages are performed necessarily performed in sequence, but may be performed alternately or alternately with at least a portion of the steps or stages in other steps or other steps.
In one embodiment, as shown in fig. 11, there is provided a decryption apparatus for a file, including:
an obtaining module 11, configured to obtain an encrypted file and a shadow file corresponding to the encrypted file; the capacity of the shadow file is smaller than the capacity of the encrypted file; the shadow file and the encrypted file are encrypted by adopting the same encryption method.
And the decryption module 12 is configured to decrypt the encrypted file and the shadow file to obtain a decrypted file and a decrypted shadow file.
And the determining module 13 is used for determining the decryption state of the encrypted file according to the decryption shadow file.
In one embodiment, as shown in fig. 12, the determining module 13 includes:
a reading unit 131, configured to read the decrypted shadow file into a memory;
a first determining unit 132, configured to determine that the decryption state of the encrypted file is successful in decryption, in a case where the decrypted shadow file can be read normally;
and a second determining unit 133 configured to determine that the decryption state of the encrypted file is a decryption failure in a case where the decrypted shadow file cannot be read normally.
In one embodiment, the first determining unit 132 is further configured to perform at least one of the following steps: sending decryption success information to the terminal; returning the decrypted file to the terminal; updating the attribute information of the encrypted file stored in the database according to the decryption state; the attribute information at least comprises the decryption state of the encrypted file; and storing the decryption file according to a preset path.
In one embodiment, the second determining unit 133 is further configured to perform at least one of the following steps: sending decryption failure information to a terminal; and updating the attribute information of the encrypted file stored in the database according to the decryption state.
In one embodiment, as shown in FIG. 13, the apparatus further comprises
The first monitoring module 14 is configured to monitor a file change condition under an encrypted document directory, and execute the step of obtaining a shadow file corresponding to an encrypted file until a decryption state of the encrypted document is obtained when it is monitored that a newly added encrypted file exists under the encrypted document directory.
In one embodiment, as shown in FIG. 14, the apparatus further comprises
The second monitoring module 15 is configured to monitor a file change condition under a decrypted document directory, and update a decryption state of a corresponding encrypted file under the encrypted document directory to be successful in decryption when it is monitored that a newly added decrypted file exists under the decrypted document directory; and if no new decryption file is added under the decryption document directory, updating the decryption state of the corresponding encryption file under the encryption document directory into decryption failure.
In one embodiment, as shown in fig. 15, the acquiring module 11 includes:
a third determining unit 111 for determining an encryption type of the encrypted file;
the fourth determining unit 112 is configured to determine, according to a mapping relationship between a preset encryption type and a shadow file, a shadow file corresponding to the encryption type of the encryption file, and determine, as the shadow file corresponding to the encryption file, the shadow file corresponding to the encryption type of the encryption file.
In one embodiment, as shown in fig. 16, the acquiring module 11 includes:
a fifth determining unit 113 for determining a type of the encrypted file;
the sixth determining unit 114 is configured to determine, according to a mapping relationship between a preset file type and a shadow file, a shadow file corresponding to the type of the encrypted file, and determine the shadow file corresponding to the type of the encrypted file as a shadow file corresponding to the encrypted file.
For specific limitations of the decryption means for the file, reference may be made to the above limitation of the decryption method for the file, and no further description is given here. The respective modules in the decryption means of the above-mentioned file may be implemented in whole or in part by software, hardware, and a combination thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 17. The computer device includes a processor, a memory, and a network interface connected by a system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is used to store data of the encrypted file and the decrypted file. The network interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a method of decrypting a file.
It will be appreciated by those skilled in the art that the structure shown in FIG. 17 is merely a block diagram of some of the structures associated with the present inventive arrangements and is not limiting of the computer device to which the present inventive arrangements may be applied, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
In one embodiment, a computer device is provided comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of:
obtaining an encrypted file and a shadow file corresponding to the encrypted file; the capacity of the shadow file is smaller than the capacity of the encrypted file; the shadow file and the encrypted file are encrypted by adopting the same encryption method;
decrypting the encrypted file and the shadow file to obtain a decrypted file and a decrypted shadow file;
and determining the decryption state of the encrypted file according to the decryption shadow file.
The computer device provided in the foregoing embodiments has similar implementation principles and technical effects to those of the foregoing method embodiments, and will not be described herein in detail.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:
obtaining an encrypted file and a shadow file corresponding to the encrypted file; the capacity of the shadow file is smaller than the capacity of the encrypted file; the shadow file and the encrypted file are encrypted by adopting the same encryption method;
decrypting the encrypted file and the shadow file to obtain a decrypted file and a decrypted shadow file;
and determining the decryption state of the encrypted file according to the decryption shadow file.
The foregoing embodiment provides a computer readable storage medium, which has similar principles and technical effects to those of the foregoing method embodiment, and will not be described herein.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, or the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples illustrate only a few embodiments of the application, which are described in detail and are not to be construed as limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of protection of the present application is to be determined by the appended claims.

Claims (10)

1. A method of decrypting a file, the method comprising:
obtaining an encrypted file and a shadow file corresponding to the encrypted file; the capacity of the shadow file is smaller than the capacity of the encrypted file; the shadow file and the encrypted file are encrypted by adopting the same encryption method;
simultaneously decrypting the encrypted file and the shadow file by adopting the same decryption algorithm to obtain a decrypted file and a decrypted shadow file;
And determining the decryption state of the encrypted file according to the decryption shadow file.
2. The method of claim 1, wherein the determining a decryption state of the encrypted file from the decrypted shadow file comprises:
reading the decrypted shadow file into a memory;
if the decryption shadow file can be read normally, determining that the decryption state of the encrypted file is successful in decryption;
and if the decryption shadow file cannot be read normally, determining that the decryption state of the encrypted file is a decryption failure.
3. The method according to claim 2, wherein if the decryption state is successful, the method further comprises at least one of the following steps:
sending decryption success information to the terminal;
returning the decrypted file to the terminal;
updating the attribute information of the encrypted file stored in the database according to the decryption state; the attribute information at least comprises the decryption state of the encrypted file;
and storing the decryption file according to a preset path.
4. The method of claim 2, wherein if the decryption status is a decryption failure, the method further comprises:
Sending decryption failure information to a terminal;
and/or updating the attribute information of the encrypted file stored in the database according to the decryption state.
5. The method according to claim 1, wherein the method further comprises:
monitoring file change conditions under an encrypted file directory;
and if the fact that the newly added encrypted file exists under the encrypted file directory is monitored, executing the step of obtaining the shadow file corresponding to the encrypted file until the decryption state of the encrypted file is obtained.
6. The method of claim 5, wherein the method further comprises:
monitoring file change conditions under a decrypted document directory;
if the fact that the newly added decryption file exists in the decryption document directory is monitored, updating the decryption state of the corresponding encryption file in the encryption document directory to be successful in decryption;
and if no new decryption file is added under the decryption document directory, updating the decryption state of the corresponding encryption file under the encryption document directory into decryption failure.
7. The method of claim 1, wherein obtaining a shadow file corresponding to the encrypted file comprises:
Determining an encryption type of the encrypted file;
and determining a shadow file corresponding to the encryption type of the encryption file according to a mapping relation between a preset encryption type and the shadow file, and determining the shadow file corresponding to the encryption type of the encryption file as the shadow file corresponding to the encryption file.
8. The method of claim 1, wherein obtaining a shadow file corresponding to the encrypted file comprises:
determining the type of the encrypted file;
and determining a shadow file corresponding to the type of the encrypted file according to a mapping relation between a preset file type and the shadow file, and determining the shadow file corresponding to the type of the encrypted file as the shadow file corresponding to the encrypted file.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any of claims 1 to 8 when the computer program is executed.
10. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 8.
CN202110984813.9A 2021-08-24 2021-08-24 File decryption method, computer device and storage medium Active CN113824694B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110984813.9A CN113824694B (en) 2021-08-24 2021-08-24 File decryption method, computer device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110984813.9A CN113824694B (en) 2021-08-24 2021-08-24 File decryption method, computer device and storage medium

Publications (2)

Publication Number Publication Date
CN113824694A CN113824694A (en) 2021-12-21
CN113824694B true CN113824694B (en) 2023-08-22

Family

ID=78923270

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110984813.9A Active CN113824694B (en) 2021-08-24 2021-08-24 File decryption method, computer device and storage medium

Country Status (1)

Country Link
CN (1) CN113824694B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6374268B1 (en) * 1998-04-14 2002-04-16 Hewlett-Packard Company Methods and systems for an incremental file system
JP2006285697A (en) * 2005-03-31 2006-10-19 Ntt Software Corp File management method and file management system
CN105335663A (en) * 2015-10-22 2016-02-17 武汉理工大学 Encrypted file system based on double-image file
CN105426766A (en) * 2015-10-27 2016-03-23 武汉理工大学 File encryption system based on shadow file
CN105574431A (en) * 2015-12-10 2016-05-11 武汉理工大学 Encrypted file system based on multi-image files
CN111581013A (en) * 2020-03-18 2020-08-25 宁波送变电建设有限公司永耀科技分公司 System information backup and reconstruction method based on metadata and shadow files
CN111966651A (en) * 2020-09-21 2020-11-20 北京百度网讯科技有限公司 Data synchronization method and device, electronic equipment and storage medium

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6374268B1 (en) * 1998-04-14 2002-04-16 Hewlett-Packard Company Methods and systems for an incremental file system
JP2006285697A (en) * 2005-03-31 2006-10-19 Ntt Software Corp File management method and file management system
CN105335663A (en) * 2015-10-22 2016-02-17 武汉理工大学 Encrypted file system based on double-image file
CN105426766A (en) * 2015-10-27 2016-03-23 武汉理工大学 File encryption system based on shadow file
CN105574431A (en) * 2015-12-10 2016-05-11 武汉理工大学 Encrypted file system based on multi-image files
CN111581013A (en) * 2020-03-18 2020-08-25 宁波送变电建设有限公司永耀科技分公司 System information backup and reconstruction method based on metadata and shadow files
CN111966651A (en) * 2020-09-21 2020-11-20 北京百度网讯科技有限公司 Data synchronization method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN113824694A (en) 2021-12-21

Similar Documents

Publication Publication Date Title
WO2020181839A1 (en) Page data testing method, apparatus, computer device, and storage medium
US9135454B2 (en) Systems and methods for enabling searchable encryption
CN109460670B (en) Configuration item decryption method, device, computer equipment and storage medium
US11616767B2 (en) Storage system with encrypted data storage device telemetry data
US20100250958A1 (en) Encrypted data management in database management systems
CN111931160B (en) Authority verification method, authority verification device, terminal and storage medium
US9356782B2 (en) Block encryption
US7904489B2 (en) Database unload/reload of partitioned tables
CN113824694B (en) File decryption method, computer device and storage medium
CN110827959B (en) Medical image processing method, device and storage medium
CN115168499B (en) Database table fragmentation method and device, computer equipment and storage medium
CN114244519B (en) Password verification method, password verification device, computer equipment and storage medium
CN112800123B (en) Data processing method, device, computer equipment and storage medium
EP3805929B1 (en) Computing system performing image backup and image backup method
CN113792020A (en) Data processing method, device, terminal and storage medium
JP2014016584A (en) Data division device, data restoration device, data division method, data restoration method, and program
US10324649B2 (en) Method for partitioning memory area of non-volatile memory
CN112541089B (en) Medical image access method, device, equipment and storage medium
CN117195856A (en) File processing method, device, computer equipment and storage medium
CN113032600B (en) Label list processing method, device, computer equipment and storage medium
CN113808710B (en) Medical image processing method, medical image processing device, server and computer readable storage medium
CN115577400A (en) Hard disk encryption method and device, computer equipment and storage medium
CN116663032A (en) Data query method, device, equipment and medium
CN113360809A (en) Page data updating method and device, computer equipment and storage medium
CN116882983A (en) Resource transfer method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant