CN114095468B - Message middleware system, post office system and message receiving and transmitting method - Google Patents
Message middleware system, post office system and message receiving and transmitting method Download PDFInfo
- Publication number
- CN114095468B CN114095468B CN202111375360.6A CN202111375360A CN114095468B CN 114095468 B CN114095468 B CN 114095468B CN 202111375360 A CN202111375360 A CN 202111375360A CN 114095468 B CN114095468 B CN 114095468B
- Authority
- CN
- China
- Prior art keywords
- post office
- module
- office system
- mailbox
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L51/00—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
- H04L51/07—User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail characterised by the inclusion of specific contents
- H04L51/18—Commands or executable codes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a message middleware system, a post office system and a message receiving and sending method, which can be used in the field of distributed technology, and the system comprises: the security center module is used for registering the post office system after receiving a post office registration request of the post office system to obtain a public key and a private key of the post office system; the mailbox management module is used for generating a corresponding mailbox module after receiving a mailbox registration request; receiving a letter sent by a producer, encrypting the letter based on a public key of a target post office system, and writing the letter into a mailbox module; writing the mail in the mail box module into a message queue after the mail is confirmed; reading a mailbox module corresponding to a target mailbox module of a target post office system, which is used for putting letters into letters of the current post office system, from the message queue; and decrypting the mail in the current mailbox module based on the private key of the current post office system, and sending the mail to the corresponding consumer. The invention can realize message receiving and sending, and has high reliability, high performance and high safety.
Description
Technical Field
The present invention relates to the field of distributed technologies, and in particular, to a message middleware system, a post office system, and a message transceiving method.
Background
Message middleware is an important component in a distributed system, and the existing message middleware has the following problems:
first, data loss is caused because the individual server hangs up; secondly, data is easy to be tampered; thirdly, sensitive information is not leaked in the transmission process; fourthly, data is huge and different, and inconsistent receiving and sending are easy to occur; fifthly, repeated consumption is easy to occur. Generally, a message middleware with high reliability, high performance and high security is lacked at present.
Disclosure of Invention
The embodiment of the invention provides a message middleware system which is used for realizing message receiving and sending and has high reliability, high performance and high safety, and the system comprises:
the system comprises a security center module and a plurality of post office systems, wherein each post office system comprises a mail box management module and a plurality of mail box modules;
the security center module is used for registering the post office system after receiving a post office registration request of the post office system to obtain a public key and a private key of the post office system;
the mailbox management module is used for generating a corresponding mailbox module after receiving a mailbox registration request; receiving a letter sent by a producer, encrypting the letter based on a public key of a target post office system, and writing the letter into a mailbox module; writing the mail in the mail box module into a message queue after the mail is confirmed; reading a mail box module corresponding to a target mail box module, wherein the target mail box system is a mail of a current mail box system and the mail is put into the target mail box module, and the mail is a message comprising the target mail box system and the target mail box module; and decrypting the mail in the current mailbox module based on the private key of the current post office system, and sending the mail to a corresponding consumer.
The embodiment of the invention provides a post office system which is used for realizing message receiving and sending and has high reliability, high performance and high safety, and the system comprises:
a mailbox management module and a mailbox module; wherein the content of the first and second substances,
the mailbox management module is used for generating a corresponding mailbox module after receiving a mailbox registration request; receiving a letter sent by a producer, encrypting the letter based on a public key of a target post office system, and writing the letter into a mailbox module; writing the mail in the mail box module into a message queue after the mail is confirmed; reading a mail box module corresponding to a target mail box module, wherein the target mail box system is a mail of a current mail box system and the mail is put into the target mail box module, and the mail is a message comprising the target mail box system and the target mail box module; decrypting the mail in the current mailbox module based on the private key of the current post office system, and sending the mail to a corresponding consumer;
the public key and the private key of the post office system are obtained after being registered with the security center module.
The embodiment of the invention provides a message receiving and sending method which is applied to the post office system and has high reliability, high performance and high safety, and the method comprises the following steps:
after receiving a mailbox registration request, generating a corresponding mailbox module;
encrypting the mail based on the public key of the target post office system and writing the mail into a mailbox module;
writing the confirmed letters in the mailbox module into a message queue;
reading a mail box module corresponding to a target mail box module, wherein the target mail box system is a mail of a current mail box system and the mail is put into the target mail box module, and the mail is a message comprising the target mail box system and the target mail box module;
and decrypting the mail in the current mailbox module based on the private key of the current post office system, and sending the mail to a corresponding consumer.
The embodiment of the present invention further provides a computer device, which includes a memory, a processor, and a computer program stored in the memory and capable of running on the processor, and when the processor executes the computer program, the messaging method is implemented.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the above-mentioned messaging method.
An embodiment of the present invention further provides a computer program product, where the computer program product includes a computer program, and when the computer program is executed by a processor, the messaging method is implemented.
In the embodiment of the invention, the security center module is used for registering the post office system after receiving a post office registration request of the post office system to obtain a public key and a private key of the post office system; the mailbox management module is used for generating a corresponding mailbox module after receiving a mailbox registration request; receiving a letter sent by a producer, encrypting the letter based on a public key of a target post office system, and writing the letter into a mailbox module; writing the mail in the mail box module into a message queue after the mail is confirmed; reading a mail box module corresponding to a target mail box module of a target mail box system, which is used for putting a mail into the mail of the current mail box system, from the message queue, wherein the mail is a message comprising the target mail box system and the target mail box module; and decrypting the mail in the current mailbox module based on the private key of the current post office system, and sending the mail to a corresponding consumer. The invention has the following beneficial effects: through the message queue, the message data are guaranteed not to be lost due to the fact that the independent server is hung, and the message queue is high in safety and reliability; through a plurality of mailbox management modules of the post office system, asynchronous processing of a plurality of messages can be realized, and high-performance data receiving and sending are realized. Through encryption and decryption, the letters are guaranteed not to be tampered, and sensitive information in the letters is not leaked in the transmission process.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts. In the drawings:
FIG. 1 is a first diagram of a message middleware system according to an embodiment of the present invention;
FIG. 2 is a second diagram of a message middleware system according to an embodiment of the present invention;
FIG. 3 is a messaging diagram of a message middleware system in accordance with an embodiment of the present invention;
FIG. 4 is a diagram of a message middleware system in an embodiment of the present invention;
FIG. 5 is a schematic diagram of initial state and message writing in an embodiment of the present invention;
FIG. 6 is a schematic diagram of reading messages in an embodiment of the present invention;
FIG. 7 is a flow chart of post office registration in an embodiment of the present invention;
FIG. 8 is a schematic diagram of digital signature encryption and digital signature decryption in an implementation of the present invention;
FIG. 9 is a schematic diagram of digital envelope encryption and digital envelope decryption in an implementation of the present invention;
FIG. 10 is a flow chart of a messaging method in an embodiment of the present invention;
FIG. 11 is a diagram of a computer device in an embodiment of the invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the embodiments of the present invention are further described in detail below with reference to the accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
In the description of the present specification, the terms "comprising," "including," "having," "containing," and the like are used in an open-ended fashion, i.e., to mean including but not limited to. Reference to the description of the terms "one embodiment," "a particular embodiment," "some embodiments," "for example," etc., means that a particular feature, structure, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. The sequence of steps involved in the embodiments is for illustrative purposes to illustrate the implementation of the present application, and the sequence of steps is not limited and can be adjusted as needed.
Fig. 1 is a schematic diagram of a message middleware system according to an embodiment of the present invention, as shown in fig. 1, the system includes:
a security center module 101 and a plurality of post office systems 102, wherein each post office system 102 comprises a mailbox management module 1021 and a plurality of mailbox modules 1022;
the security center module 101 is configured to register the post office system after receiving a post office registration request of the post office system, and obtain a public key and a private key of the post office system;
a mailbox management module 1021, configured to generate a corresponding mailbox module after receiving a mailbox registration request; receiving a letter sent by a producer, encrypting the letter based on a public key of a target post office system, and writing the letter into a mailbox module; writing the confirmed letters in the mailbox module into a message queue; reading a mail box module corresponding to a target mail box module, wherein the target mail box system is a mail of a current mail box system and the mail is put into the target mail box module, and the mail is a message comprising the target mail box system and the target mail box module; and decrypting the mail in the current mailbox module based on the private key of the current post office system, and sending the mail to a corresponding consumer.
Fig. 2 is a schematic diagram two of a message middleware system in an embodiment of the present invention, and in an embodiment, the system further includes a control center module 103, configured to: and during operation, reading the configuration file on the server, and creating a post office system and a mailbox management module in the post office system.
In specific implementation, the producer and the consumer may be applications on a server, and when an application program corresponding to the control center module runs, the configuration file on the server is read, and a post office system and a mailbox management module in the post office system are created. It should be noted that two super mailbox systems exist at present, one main super mailbox system is backed up, if the server is configured in the configuration file and the super mailbox system is to be created, the creation is performed, a security center module is created on the service where the super mailbox system is located at the same time, other common mailbox systems are registered with the security center module, and if the server where the main super mailbox system is located crashes, the backup is started.
In one embodiment, the control center module is further configured to: and cleaning idle mailbox modules regularly.
This frees up more memory for letter storage.
The mailbox module can be a shared memory. The message queue can be a Redis message queue, and the Redis message queue has the following beneficial effects:
the message is transmitted and stored by utilizing the high performance and the high reliability of Redis, the message interaction has usability, stability and safety, the deployment configuration is simple, and the operation and the maintenance are easy, so that the message middleware system provided by the embodiment of the invention is a light message middleware system, the problems of complex functions and difficult maintenance of some existing mainstream message middleware are solved, and the Redis infrastructure can be shared. In addition, when the Redis message queue adopts the Redis cluster, the message is ensured not to be lost due to hanging of a single server, and the safety and the reliability are further improved.
Fig. 3 is a messaging diagram of a message middleware system in an embodiment of the present invention. Fig. 4 is a schematic diagram of a message-oriented middleware system according to an embodiment of the present invention, and in an embodiment, the post office system further includes a transmission module 1023;
the mailbox management module 1021 is specifically configured to: after the letters in the mailbox module are confirmed, the letters in the mailbox module are delivered to a message queue through a transmission module; reading a mailbox module corresponding to a target mailbox module of a target post office system, which is a mail put into the current post office system, from the message queue through a transmission module, and informing a corresponding consumer through the transmission module; and after receiving a taking-out request sent by the corresponding consumer, sending the letters in the mailbox module to the corresponding consumer.
In an embodiment, the transmission module is a swap program.
In the above embodiment, the producer sends the mailpiece to the mailbox module, and when the implementation is specifically achieved, a SendLetter method is called to write a message into the mailbox module (which may be a shared memory and divide n letter slots), after the confirmation (i.e., verification is correct) by the post office system, the message is delivered to the Redis message queue by notifying a swap program (acting as a courier), the swap program of the target post office system reads the Redis message queue in a blocking manner, and after the message is taken out, the message is written into the target mailbox module and notifies the consumer, and the consumer takes out the message in the mailbox, and when the implementation is specifically achieved, the message in the mailbox can be taken out by the RecvLetter method.
In one embodiment, the mailbox module comprises an outbox module and an inbox module;
the outbox module is to: receiving a letter sent by a producer;
the inbox module is used for: receiving the letters read from the message list;
the mailbox management module is specifically configured to: writing the mail of the outbox module into a message queue after confirmation; and putting the mail read from the message list into an inbox module in a mailbox module corresponding to a target mailbox module of the mail.
In an embodiment, the mailbox management module is specifically configured to:
receiving the letters sent by the producer based on the bidirectional idle linked list and the bidirectional data linked list; writing the mail into a message queue based on a bidirectional free link list and a bidirectional data link list;
reading the letters from the message list based on the bidirectional free link list and the bidirectional data link list; and sending the mail in the current inbox module to the consumer based on the bidirectional free link list and the bidirectional data link list.
The embodiment of the invention realizes the receiving and sending of the messages based on the bidirectional idle FREE chain table and the bidirectional DATA DATA chain table, and can realize the quick retrieval of the messages. FIG. 5 is a schematic diagram of initial state and message writing in an embodiment of the present invention, from which message writing is generally the process by which an outbox receives a message from a producer, or an inbox receives a message from a Redis message queue.
Initial state: every mailbox module divides n mail grooves, all is in idle state, produces a FREE linked list after the initialization, and transversely be the trench, vertically be the field, wherein: the s column is a serial number, the p column records a serial number of a previous slot, the n column records a serial number of a next slot, the p column of the first slot 0 records a serial number of the last slot n-1, and the n column of the last slot n-1 records a serial number of the first slot 0. At this time, the Data linked list has no slot and points to-1.
The write message principle: and acquiring idle slot positions from the Free linked list, separating from the linked list, filling messages, and adding the Free slot positions into the Data linked list in the order favorable for quick reading. The first message, the pointer of the Free linked list points to the slot position with the serial number of 1, the p column of the slot position 1 points to the slot position n-1, the n column of the slot position n-1 points to the slot position 1, the Data linked list comes from the first message, the pointer points to the slot position 0, and the p column and the n column of the slot position 0 point to the first message; and subsequent messages are sequentially taken out from the head of the Free linked list, a pointer of the Free linked list points to the subsequent slot, a p column of the slot points to a previous slot, an n column of the previous slot points to the current slot, the obtained messages are added into the Data linked list according to rules, the pointing slots of the p column and the n column are modified, the p column points to the previous slot, the n column points to a next slot, the n column of the previous slot points to the current slot, and the p slot of the next slot points to the current slot.
FIG. 6 is a schematic diagram of a message read in an embodiment of the present invention, from which the message read is generally a process by which an outbox sends a message to a Redis message queue, or by which an inbox sends a message to a consumer.
Read message principle: and positioning the Data linked list to the message slot, separating the linked list, acquiring the message, and adding the message to the Free linked list. The n column of the previous slot position points to the next slot position of the current slot position in the Data linked list, the p column of the next slot position points to the previous slot position of the current slot position, after the current slot position obtains the message, the tail part of the Free linked list is added, the n column points to the head slot position, the p column points to the original tail slot position, the n column of the original tail slot position points to the newly added slot position, and the p column of the head slot position points to the newly added slot position.
In order to ensure the security of message transceiving, the embodiment of the invention provides a set of secure communication mechanisms, which comprises a post office registration mechanism and a message encryption mechanism, and firstly introduces the post office registration mechanism.
In one embodiment, the post office registration request comprises a security center public key encryption token, a temporary public key and a target post office system list;
the safety center module is specifically configured to:
distributing a post office public key and a post office private key for the generated post office system, and encrypting the post office public key and the post office private key, a message queue storage password and a target post office system public key by using the temporary public key; sending the encrypted public key of the post office, the encrypted private key of the post office, the encrypted message queue storage password and the encrypted public key of the target post office system to a mailbox management module of the post office system;
the mailbox management module is further used for: and after receiving the encrypted post office public key, the encrypted post office private key, the encrypted message queue storage password and the encrypted target post office system public key, decrypting by using the temporary private key corresponding to the temporary public key to obtain the post office public key, the post office private key, the encrypted message queue storage password and the target post office system public key.
In one embodiment, the mailbox management module is further configured to: refreshing a configuration file of a current post office system according to a preset period, wherein the configuration file comprises a target post office system list; after detecting that a target post office system without a target post office system public key exists in the target post office system list, forming a second target post office system list by the target post office system without the target post office system public key, and sending a request for acquiring the target post office system public key to a security center module, wherein the target post office system public key request comprises a temporary public key and the second target post office system list; after receiving the encrypted target post office system public key, decrypting by using a temporary private key corresponding to the temporary public key to obtain the target post office system public key;
the security centre module is further configured to: after receiving a request for acquiring the public key of the target post office system sent by a post office management module of the post office system, encrypting the public key of the target post office system in the second target post office system list by using the temporary public key in the request for acquiring the public key of the target post office system and sending the public key to the post office management module of the post office system.
In the above embodiment, the message queue stores the password as a Redis password.
Based on the above embodiment, the flow of post office registration is described below; fig. 7 is a flowchart of post office registration in an embodiment of the invention, including:
step 701: the post office system generates a temporary public key and a corresponding temporary private key, and initiates a post office registration request to a security center module, wherein the post office registration request comprises a security center public key encryption token, the temporary public key and a target post office system list;
step 702, the security center module distributes a public key of the post office and a private key of the post office for the generated post office system, and encrypts the public key of the post office and the private key of the post office, a message queue storage password and a public key of a target post office system by using the temporary public key; sending the encrypted public key of the post office, the encrypted private key of the post office, the encrypted message queue storage password and the encrypted public key of the target post office system to a control center module of the post office system;
step 703, after receiving the encrypted public key of the post office, the private key of the post office, the message queue storage password and the public key of the target post office system, the mailbox management module of the post office system decrypts the encrypted public key of the post office, the private key of the post office, the message queue storage password and the public key of the target post office system by using the temporary private key corresponding to the temporary public key;
step 704, a mailbox management module of the post office system refreshes a configuration file of the current post office system according to a preset period, wherein the configuration file comprises a target post office system list; after detecting that a target post office system without a target post office system public key exists in the target post office system list, forming a second target post office system list by the target post office system without the target post office system public key, and sending a request for acquiring the target post office system public key to a security center module, wherein the target post office system public key request comprises a temporary public key and the second target post office system list;
step 705, after receiving the request for obtaining the public key of the target post office system sent by the control center module of the post office system, the security center module encrypts the public key of the target post office system in the second target post office system list by using the temporary public key in the request for obtaining the public key of the target post office system and sends the public key of the target post office system to the control center module of the post office system;
step 706, after receiving the encrypted public key of the target post office system, the mailbox management module of the post office system decrypts the public key of the target post office system by using the temporary private key corresponding to the temporary public key to obtain the public key of the target post office system.
The message encryption mechanism is described below.
In an embodiment, the mailbox management module is specifically configured to:
after receiving a letter sent by a producer, encrypting the letter by adopting a preset encryption mode, wherein the preset encryption mode adopts a public key of a target post office system;
before the letters in the current mailbox module are sent to the corresponding consumers, the letters are decrypted in a preset decryption mode, and the preset decryption mode adopts a private key of the current post office system.
Namely, the encryption and decryption processes are required when the producer and the consumer interact with each other.
In one embodiment, the preset encryption mode comprises digital signature encryption and digital envelope encryption; the preset decryption mode comprises digital signature decryption and digital envelope decryption.
Fig. 8 is a schematic diagram of digital signature encryption and digital signature decryption in an implementation of the present invention, in an embodiment, the digital signature encryption includes the steps of: calculating the message digest of the letter by using a sha256 Hash algorithm, and encrypting the message digest by using a Rsa private key to form a digital signature of the letter;
the step of decrypting the digital signature comprises: calculating the message digest of the letter by using a sha256 Hash algorithm, decrypting the digital signature of the letter by using a Rsa public key, and confirming that the letter is not tampered and is a legal letter when the decrypted digital signature is the same as the calculated message digest, or confirming that the received letter is an illegal letter.
In the above embodiment, the letter includes the plain text and the digital signature, and the plain text and the digital signature of the letter will be transmitted as the whole letter in the subsequent letter transmission and delivery process.
Fig. 9 is a schematic diagram of digital envelope encryption and digital envelope decryption in an implementation of the present invention, and in an embodiment, the digital envelope encryption includes the steps of:
encrypting the plaintext of the mail by using the symmetric key to generate ciphertext information;
encrypting the symmetric key by using the public key of the target post office system of the letter to generate a digital envelope;
the step of decrypting the digital envelope comprises: opening a digital envelope of the letter by using a private key of the current post office system to obtain a symmetric key; and decrypting the ciphertext information of the letter by using the obtained symmetric key to obtain the plaintext of the letter.
The receiver public key in fig. 9 corresponds to the target post office system public key. The digital envelope and the cipher text information are not divisible in the process of delivering the letter.
In summary, the message middleware system provided by the embodiment of the present invention has the following beneficial effects:
firstly, through the message queue, the message data is ensured not to be lost due to hanging of an independent server, the safety is high, and the reliability is high; through the control center module and the plurality of mailbox modules of the post office system, asynchronous processing of a plurality of messages can be realized, and high-performance data receiving and sending are realized.
Secondly, messages are transmitted and stored by utilizing the high performance and the high reliability of Redis, message interaction has usability, stability and safety, the deployment and configuration are simple, and operation and maintenance are easy, so that the message middleware system provided by the embodiment of the invention is a light message middleware system, the problems of complex functions and difficult maintenance of some existing mainstream message middleware are solved, and the Redis infrastructure can be shared. In addition, when the Redis message queue adopts the Redis cluster, the message is ensured not to be lost due to hanging of a single server, and the safety and the reliability are further improved.
Thirdly, the letters are ensured not to be tampered by encrypting and decrypting the digital signature; the sensitive information in the letter is ensured not to be leaked in the transmission process through encryption and decryption of the digital envelope.
The embodiment of the present invention further provides a post office system, the principle of which is described in the message middleware system, and is not described herein again, and see the foregoing fig. 1, where the post office system includes:
a mailbox management module 1021 and a mailbox module 1022; wherein the content of the first and second substances,
a mailbox management module 1021, configured to generate a corresponding mailbox module after receiving a mailbox registration request; receiving a letter sent by a producer, encrypting the letter based on a public key of a target post office system, and writing the letter into a mailbox module; writing the mail in the mail box module into a message queue after the mail is confirmed; reading a mail box module corresponding to a target mail box module, wherein the target mail box system is a mail of a current mail box system and the mail is put into the target mail box module, and the mail is a message comprising the target mail box system and the target mail box module; decrypting the mail in the current mailbox module based on the private key of the current post office system and sending the mail to a corresponding consumer;
the public key and the private key of the post office system are obtained after being registered with the security center module.
An embodiment of the present invention further provides a message sending and receiving method, whose principle is described in a message middleware system, which is not described herein again, and fig. 10 is a flowchart of the message sending and receiving method in the embodiment of the present invention, where the flowchart includes:
1001, after receiving a mailbox registration request, generating a corresponding mailbox module;
step 1002, encrypting the letter based on the public key of the target post office system and writing the letter into a mailbox module;
In one embodiment, the mailbox module comprises an outbox module and an inbox module;
the outbox module is used for: receiving a letter sent by a producer;
the inbox module is used for: receiving the letters read from the message list;
the method further comprises the following steps: writing the mail of the outbox module into a message queue after confirmation; and putting the mail read from the message list into an inbox module in a mailbox module corresponding to a target mailbox module of the mail.
In an embodiment, the method further comprises:
receiving letters sent by a producer based on a bidirectional idle link list and a bidirectional data link list; writing the mail into a message queue based on the bidirectional free link list and the bidirectional data link list;
reading the letters from the message list based on the bidirectional free link list and the bidirectional data link list; and sending the mail in the current inbox module to the consumer based on the bidirectional free link list and the bidirectional data link list.
In one embodiment, the post office registration request includes a security center public key encryption token, a temporary public key, and a target post office system list;
the method further comprises the following steps: after receiving the encrypted public key of the post office, the private key of the post office, the message queue storage password and the public key of the target post office system, decrypting by using the temporary private key corresponding to the temporary public key to obtain the public key of the post office, the private key of the post office, the message queue storage password and the public key of the target post office system; the encrypted post office public key, the post office private key, the message queue storage password and the target post office system public key are obtained by the security center module encrypting the post office public key, the post office private key, the message queue storage password and the target post office system public key by using the temporary public key.
In an embodiment, the method further comprises: refreshing a configuration file of a current post office system according to a preset period, wherein the configuration file comprises a target post office system list; after detecting that a target post office system without a target post office system public key exists in the target post office system list, forming a second target post office system list by the target post office system without the target post office system public key, and sending a request for acquiring the target post office system public key to a security center module, wherein the target post office system public key request comprises a temporary public key and the second target post office system list;
after receiving the encrypted target post office system public key, decrypting by using a temporary private key corresponding to the temporary public key to obtain the target post office system public key; after receiving a request for acquiring the public key of the target post office system sent by the post office system, the security center module encrypts the public key of the target post office system in the second target post office system list by using the temporary public key in the request for acquiring the public key of the target post office system.
In an embodiment, the method further comprises:
after receiving a letter sent by a producer, encrypting the letter by adopting a preset encryption mode, wherein the preset encryption mode adopts a public key of a target post office system;
before the letters in the current mailbox module are sent to the corresponding consumers, the letters are decrypted in a preset decryption mode, and the preset decryption mode adopts a private key of the current post office system.
In one embodiment, the preset encryption mode includes digital signature encryption and digital envelope encryption; the preset decryption mode comprises digital signature decryption and digital envelope decryption.
In one embodiment, the step of encrypting the digital signature comprises: calculating the message digest of the letter by using a sha256 Hash algorithm, and encrypting the message digest by using a Rsa private key to form a digital signature of the letter;
the step of decrypting the digital signature comprises: and calculating the message abstract of the letter by using the sha256 Hash algorithm, decrypting the digital signature of the letter by using the Rsa public key, and confirming that the letter is not tampered and is a legal letter when the decrypted digital signature is the same as the calculated message abstract, otherwise, confirming that the received letter is an illegal letter.
In one embodiment, the step of encrypting the digital envelope comprises:
encrypting the plaintext of the letter by using the symmetric key to generate ciphertext information;
encrypting the symmetric key by using a target post office system public key of the mail to generate a digital envelope;
the step of decrypting the digital envelope comprises: opening a digital envelope of the letter by using a private key of the current post office system to obtain a symmetric key; and decrypting the ciphertext information of the letter by using the obtained symmetric key to obtain the plaintext of the letter.
In an embodiment, the method further comprises:
after the letters in the mailbox module are confirmed, the letters in the mailbox module are delivered to a message queue through a transmission module; reading a mailbox module corresponding to a target mailbox module of a target post office system, which is a mail put into the current post office system, from the message queue through a transmission module, and informing a corresponding consumer through the transmission module; and after receiving a taking-out request sent by the corresponding consumer, sending the letters in the mailbox module to the corresponding consumer.
In one embodiment, the transmission module is a swap program;
the message queue is a Redis message queue.
In summary, the post office system and the message transceiving method provided by the embodiment of the present invention have the following beneficial effects:
firstly, through the message queue, the message data is ensured not to be lost due to hanging of an independent server, the safety is high, and the reliability is high; through the control center module and the plurality of mailbox modules of the post office system, the asynchronous processing of a plurality of messages can be realized, and high-performance data receiving and sending are realized.
Secondly, messages are transmitted and stored by utilizing the high performance and the high reliability of Redis, message interaction has usability, stability and safety, deployment and configuration are simple, and operation and maintenance are easy, so that the message middleware system provided by the embodiment of the invention is a light message middleware system, the problems of complex functions and difficult maintenance of some existing mainstream message middleware are solved, and a Redis infrastructure can be shared. In addition, when the Redis message queue adopts the Redis cluster, the message is prevented from being lost due to the fact that the independent server is hung, and safety and reliability are further improved.
Thirdly, the letters are ensured not to be tampered by encrypting and decrypting the digital signature; the sensitive information in the letter is ensured not to be leaked in the transmission process through encryption and decryption of the digital envelope.
Fig. 11 is a schematic diagram of a computer device according to an embodiment of the present invention, where the computer device 1100 includes a memory 1110, a processor 1120, and a computer program 1130 stored in the memory 1110 and executable on the processor 1120, and the processor 1120 implements the above-mentioned messaging method when executing the computer program 1130.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the messaging method is implemented.
An embodiment of the present invention further provides a computer program product, where the computer program product includes a computer program, and when the computer program is executed by a processor, the messaging method is implemented.
An embodiment of the present invention further provides a computer-readable storage medium, which can implement all the steps in the messaging in the above embodiments, wherein the computer-readable storage medium stores a computer program, and the computer program, when executed by a processor, implements all the steps in the messaging in the above embodiments.
It will be appreciated by one skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program service system embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program business systems according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above-mentioned embodiments are provided to further explain the objects, technical solutions and advantages of the present invention in detail, and it should be understood that the above-mentioned embodiments are only examples of the present invention and should not be used to limit the scope of the present invention, and any modifications, equivalents, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (17)
1. A message middleware system, comprising: the system comprises a security center module and a plurality of post office systems, wherein each post office system comprises a mail box management module and a plurality of mail box modules;
the security center module is used for registering the post office system after receiving a post office registration request of the post office system to obtain a public key and a private key of the post office system;
the mailbox management module is used for generating a corresponding mailbox module after receiving a mailbox registration request; receiving a letter sent by a producer aiming at the current post office system where the mailbox management module is located, encrypting the letter based on a public key of a target post office system, and writing the encrypted letter into the mailbox module; writing the mail in the mail box module into a message queue after the mail is confirmed; reading a mail box module corresponding to a target mail box module of a target mail box system, which is used for putting a mail into the mail of the current mail box system, from the message queue, wherein the mail is a message comprising the target mail box system and the target mail box module; and decrypting the mail in the current mailbox module based on the private key of the current post office system, and sending the mail to the corresponding consumer.
2. The message middleware system of claim 1 further comprising a control center module to: and during operation, reading the configuration file on the server, and creating the post office system and a mailbox management module in the post office system.
3. The message middleware system of claim 2 wherein the control center module is further for: and cleaning idle mailbox modules regularly.
4. The message middleware system of claim 1 wherein the mailbox module comprises an outbox module and an inbox module;
the outbox module is used for: receiving a letter sent by a producer;
the inbox module is used for: receiving the letters read from the message queue;
the mailbox management module is specifically configured to: writing the mail of the outbox module into a message queue after confirmation; and putting the mail read from the message queue into an inbox module in a mailbox module corresponding to a target mailbox module of the mail.
5. The message middleware system of claim 4, wherein the mailbox management module is specifically configured to:
receiving letters sent by a producer based on a bidirectional idle link list and a bidirectional data link list; writing the mail into a message queue based on the bidirectional free link list and the bidirectional data link list;
reading the letters from the message queue based on the bidirectional idle link list and the bidirectional data link list; and sending the mail in the current inbox module to the consumer based on the bidirectional free link list and the bidirectional data link list.
6. The message middleware system of claim 1 wherein the post office registration request includes a security center public key encryption token, a temporary public key, and a target post office system list;
the safety center module is specifically configured to:
distributing a public key and a private key of a post office system for the current post office system, and encrypting the public key and the private key of the post office system, a message queue storage password and a public key of a target post office system by using the temporary public key; sending the encrypted public key and private key of the post office system, the encrypted message queue storage password and the encrypted public key of the target post office system to a mailbox management module of the post office system;
the mailbox management module is also used for: after receiving the encrypted public key of the post office system, the private key of the post office system, the message queue storage password and the public key of the target post office system, decrypting by using the temporary private key corresponding to the temporary public key to obtain the public key and the private key of the post office system, the message queue storage password and the public key of the target post office system.
7. The message middleware system of claim 6 wherein the mailbox management module is further configured to:
refreshing a configuration file of a current post office system according to a preset period, wherein the configuration file comprises a target post office system list; after detecting that a target post office system without the public key of the target post office system exists in the target post office system list, forming a second target post office system list by the target post office system without the public key of the target post office system, and sending a request for acquiring the public key of the target post office system to a security center module, wherein the target post office system public key request comprises a temporary public key and the second target post office system list; after receiving the encrypted public key of the target post office system, decrypting by using a temporary private key corresponding to the temporary public key to obtain the public key of the target post office system;
the security centre module is further configured to: after receiving a request for acquiring the public key of the target post office system sent by a mail box management module of the post office system, encrypting the public key of the target post office system in the second target post office system list by using the temporary public key in the request for acquiring the public key of the target post office system and sending the public key to the mail box management module of the post office system.
8. The message middleware system of claim 7, wherein the mailbox management module is specifically configured to:
after receiving a letter sent by a producer, encrypting the letter by adopting a preset encryption mode, wherein the preset encryption mode adopts a public key of a target post office system;
before the letters in the current mailbox module are sent to the corresponding consumers, the letters are decrypted in a preset decryption mode, and the preset decryption mode adopts a private key of the current post office system.
9. The message middleware system of claim 8 wherein the preset encryption scheme includes digital signature encryption and digital envelope encryption; the preset decryption mode comprises digital signature decryption and digital envelope decryption.
10. The message middleware system of claim 9 wherein the step of encrypting the digital signature comprises: calculating the message digest of the letter by using a sha256 Hash algorithm, and encrypting the message digest by using a Rsa private key to form a digital signature of the letter;
the step of decrypting the digital signature comprises: calculating the message digest of the letter by using a sha256 Hash algorithm, decrypting the digital signature of the letter by using a Rsa public key, and confirming that the letter is not tampered and is a legal letter when the decrypted digital signature is the same as the calculated message digest, or confirming that the received letter is an illegal letter.
11. The message middleware system of claim 9 wherein the step of encrypting the digital envelope comprises: encrypting the plaintext of the mail by using the symmetric key to generate ciphertext information; encrypting the symmetric key using the public key of the target post office system of the letter to generate a digital envelope;
the step of decrypting the digital envelope comprises: opening a digital envelope of the letter by using a private key of the current post office system to obtain a symmetric key; and decrypting the ciphertext information of the letter by using the obtained symmetric key to obtain the plaintext of the letter.
12. The message middleware system of claim 1 wherein the post office system further comprises a transmission module;
the mailbox management module is specifically used for: after confirming the letters in the mailbox module, delivering the letters in the mailbox module to a message queue through a transmission module; reading a mailbox module corresponding to a target mailbox module of a target post office system, which is a mail put into the current post office system, from the message queue through a transmission module, and informing a corresponding consumer through the transmission module; and after receiving a taking-out request sent by the corresponding consumer, sending the letters in the mailbox module to the corresponding consumer.
13. The message middleware system of claim 12, wherein the transport module is a swap program;
the message queue is a Redis message queue.
14. A post office system, comprising: a mailbox management module and a mailbox module; wherein the content of the first and second substances,
the mailbox management module is used for generating a corresponding mailbox module after receiving a mailbox registration request; receiving a letter sent by a producer aiming at the current post office system where the mailbox management module is located, encrypting the letter based on a public key of a target post office system, and writing the encrypted letter into the mailbox module; writing the mail in the mail box module into a message queue after the mail is confirmed; reading a mail box module corresponding to a target mail box module of a target mail box system, which is used for putting a mail into the mail of the current mail box system, from the message queue, wherein the mail is a message comprising the target mail box system and the target mail box module; decrypting the mail in the current mailbox module based on the private key of the current post office system and sending the mail to a corresponding consumer;
the public key and the private key of the post office system are obtained after being registered with the security center module; the security center module and the post office system are in a message middleware system.
15. A messaging method applied to the post office system of claim 14, comprising:
after receiving a mailbox registration request, generating a corresponding mailbox module;
encrypting the mail based on the public key of the target post office system and writing the mail into a mailbox module;
writing the confirmed letters in the mailbox module into a message queue;
reading a mail box module corresponding to a target mail box module of a target mail box system, which is used for putting a mail into the mail of the current mail box system, from the message queue, wherein the mail is a message comprising the target mail box system and the target mail box module;
and decrypting the mail in the current mailbox module based on the private key of the current post office system, and sending the mail to the corresponding consumer.
16. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of claim 15 when executing the computer program.
17. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program which, when executed by a processor, implements the method of claim 15.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111375360.6A CN114095468B (en) | 2021-11-19 | 2021-11-19 | Message middleware system, post office system and message receiving and transmitting method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111375360.6A CN114095468B (en) | 2021-11-19 | 2021-11-19 | Message middleware system, post office system and message receiving and transmitting method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114095468A CN114095468A (en) | 2022-02-25 |
| CN114095468B true CN114095468B (en) | 2023-04-07 |
Family
ID=80302220
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111375360.6A Active CN114095468B (en) | 2021-11-19 | 2021-11-19 | Message middleware system, post office system and message receiving and transmitting method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114095468B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1998017042A2 (en) * | 1996-10-15 | 1998-04-23 | Mordhai Barkan | Electronic mail method |
| US6216121B1 (en) * | 1997-12-29 | 2001-04-10 | International Business Machines Corporation | Web page generation with subtemplates displaying information from an electronic post office system |
| WO2002042860A2 (en) * | 2000-11-20 | 2002-05-30 | Xante Corporation | System, method, and computer program product for providing a multi-user e-mail system |
| CN106790234A (en) * | 2017-01-18 | 2017-05-31 | 维沃移动通信有限公司 | A kind of e-mail sending method, method of reseptance, first terminal and second terminal |
| CN110351258A (en) * | 2019-06-28 | 2019-10-18 | 太原理工大学 | A kind of distributed electronic mailbox system based on no coin block chain technology |
| CN112291321A (en) * | 2020-10-22 | 2021-01-29 | 北京梆梆安全科技有限公司 | Service processing method, device and system |
| CN113094362A (en) * | 2021-04-30 | 2021-07-09 | 中国银行股份有限公司 | Method and device for reliably delivering and processing asynchronous message |
-
2021
- 2021-11-19 CN CN202111375360.6A patent/CN114095468B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1998017042A2 (en) * | 1996-10-15 | 1998-04-23 | Mordhai Barkan | Electronic mail method |
| US6216121B1 (en) * | 1997-12-29 | 2001-04-10 | International Business Machines Corporation | Web page generation with subtemplates displaying information from an electronic post office system |
| WO2002042860A2 (en) * | 2000-11-20 | 2002-05-30 | Xante Corporation | System, method, and computer program product for providing a multi-user e-mail system |
| CN106790234A (en) * | 2017-01-18 | 2017-05-31 | 维沃移动通信有限公司 | A kind of e-mail sending method, method of reseptance, first terminal and second terminal |
| CN110351258A (en) * | 2019-06-28 | 2019-10-18 | 太原理工大学 | A kind of distributed electronic mailbox system based on no coin block chain technology |
| CN112291321A (en) * | 2020-10-22 | 2021-01-29 | 北京梆梆安全科技有限公司 | Service processing method, device and system |
| CN113094362A (en) * | 2021-04-30 | 2021-07-09 | 中国银行股份有限公司 | Method and device for reliably delivering and processing asynchronous message |
Non-Patent Citations (1)
| Title |
|---|
| 基于消息分类的复合模式消息中间件研究;李辉等;《微计算机信息》;20071225(第36期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114095468A (en) | 2022-02-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10439804B2 (en) | Data encrypting system with encryption service module and supporting infrastructure for transparently providing encryption services to encryption service consumer processes across encryption service state changes | |
| EP0725512B1 (en) | Data communication system using public keys | |
| US9537657B1 (en) | Multipart authenticated encryption | |
| US11604633B2 (en) | Trusted startup methods and apparatuses of blockchain integrated station | |
| EP2947812B1 (en) | Segmented secret-key storage system, segment storage apparatus segmented secret-key storage method | |
| US8527769B2 (en) | Secure messaging with read-undeniability and deletion-verifiability | |
| CN101268653A (en) | Pre-generation of generic session keys for use in communications environments | |
| US20100005318A1 (en) | Process for securing data in a storage unit | |
| EP3692682A1 (en) | Systems, devices, and methods for hybrid secret sharing | |
| CN111654511A (en) | Chained data encryption method, chained data decryption method and corresponding systems | |
| CN109800588B (en) | Dynamic bar code encryption method and device and dynamic bar code decryption method and device | |
| US9665731B2 (en) | Preventing content data leak on mobile devices | |
| US11930110B2 (en) | System and method for key recovery and verification in blockchain based networks | |
| CN111800257A (en) | 3D model encryption transmission method and decryption method | |
| US8631235B2 (en) | System and method for storing data using a virtual worm file system | |
| CN113259123B (en) | Block chain data writing and accessing method and device | |
| CN112347493A (en) | Encryption, decryption and graying method for OFD (office file) | |
| CN111262852B (en) | Business card signing and issuing method and system based on block chain | |
| CN115840787A (en) | Supply chain data sharing method, device, equipment and medium based on block chain | |
| CN114095468B (en) | Message middleware system, post office system and message receiving and transmitting method | |
| CN116155491B (en) | Symmetric key synchronization method of security chip and security chip device | |
| CN111526167A (en) | Data transmission method and device applied to block chain | |
| CN114143098B (en) | Data storage method and data storage device | |
| CN111224921A (en) | Secure transmission method and secure transmission system | |
| JP2012029271A (en) | Encryption device, decryption device, encryption system, encryption method and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |