CN114338036A - Data communication method and device for block chain client - Google Patents
Data communication method and device for block chain client Download PDFInfo
- Publication number
- CN114338036A CN114338036A CN202111589922.7A CN202111589922A CN114338036A CN 114338036 A CN114338036 A CN 114338036A CN 202111589922 A CN202111589922 A CN 202111589922A CN 114338036 A CN114338036 A CN 114338036A
- Authority
- CN
- China
- Prior art keywords
- request
- http request
- node
- identity
- http
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 71
- 230000006854 communication Effects 0.000 title claims abstract description 38
- 238000004891 communication Methods 0.000 title claims abstract description 37
- 238000012795 verification Methods 0.000 claims abstract description 17
- 238000004590 computer program Methods 0.000 claims description 30
- 230000008569 process Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 6
- 230000004044 response Effects 0.000 description 6
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000002427 irreversible effect Effects 0.000 description 3
- 230000006870 function Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 1
- 239000000284 extract Substances 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The embodiment of the application is applicable to the technical field of block chains, and provides a data communication method and a data communication device for a block chain client, wherein the method comprises the following steps: receiving an Http request from a blockchain client, the Http request including a request header; acquiring a node mark, an identity mark and a data signature of the Http request from the request header; according to the data signature and the identity mark, performing identity verification on the Http request; and if the Http request passes the identity authentication, forwarding the Http request to a corresponding target block chain node according to the node mark. By the method, the Http proxy in the block chain service can be realized.
Description
Technical Field
The present application relates to a data communication method and apparatus for a blockchain client, and belongs to the technical field of blockchain.
Background
Http (hypertext Transfer Protocol) is a simple request-response Protocol. For an Http-enabled blockchain (e.g., a Hyperchain blockchain), the blockchain client may send an Http request to interact with the blockchain.
On one hand, however, the prior art only supports forwarding of a conventional Http request, and cannot directly support an identity verification function for Http requests on a block chain service; on the other hand, the prior art generally implements forwarding by configuring an IP address, but for a blockchain scenario, a user generally does not care about the IP of a node, which increases the difficulty of using the user if the IP is still used.
Disclosure of Invention
In view of this, embodiments of the present application provide a data communication method and apparatus for a blockchain client, so as to implement authentication of an Http proxy in a blockchain service.
A first aspect of an embodiment of the present application provides a data communication method for a blockchain client, which is applied to an Http proxy server, and the method includes:
receiving an Http request from a blockchain client, wherein the Http request comprises a request header and a request body;
acquiring a node mark, an identity mark and a data signature of the Http request from the request header, wherein the data signature is obtained by encrypting the request body by the block chain client according to the identity mark;
according to the data signature and the identity mark, performing identity verification on the Http request;
and if the Http request passes the identity authentication, forwarding the Http request to a corresponding target block chain node according to the node mark.
A second aspect of the embodiments of the present application provides a data communication method for a blockchain client, which is applied to the blockchain client, and the method includes:
determining a node mark and an identity mark of an Http request, wherein the node mark is used for representing a target block chain node of the Http request;
writing the node mark and the identity mark into a request header of the Http request;
and sending the Http request to a Http proxy server, wherein the Http proxy server is used for forwarding the Http request to the target blockchain node.
A third aspect of the embodiments of the present application provides a data communication apparatus for a blockchain client, which is applied to an Http proxy server, and the apparatus includes:
the system comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving an Http request from a block chain client, and the Http request comprises a request header and a request body;
an obtaining module, configured to obtain, from the request header, a node identifier, an identity identifier, and a data signature of the Http request, where the data signature is obtained by encrypting, by the blockchain client, the request body according to the identity identifier;
the verification module is used for verifying the identity of the Http request according to the data signature and the identity mark;
and the forwarding module is used for forwarding the Http request to a corresponding target block chain node according to the node mark if the Http request passes the identity authentication.
A fourth aspect of the embodiments of the present application provides a data communication apparatus for a blockchain client, where the data communication apparatus is applied to a blockchain client, and the apparatus includes:
the determining module is used for determining a node mark and an identity mark of the Http request, wherein the node mark is used for representing a target block chain node of the Http request;
a writing module, configured to write the node flag and the identity flag into a request header of the Http request;
and the sending module is used for sending the Http request to a Http proxy server, and the Http proxy server is used for forwarding the Http request to the target block chain node.
A fifth aspect of embodiments of the present application provides a server comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, the processor implementing the method according to the first aspect when executing the computer program.
A sixth aspect of embodiments of the present application provides a terminal device, comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor, when executing the computer program, implements the method according to the second aspect.
A seventh aspect of embodiments of the present application provides a computer-readable storage medium, which stores a computer program that, when executed by a processor, implements the method according to the first aspect.
An eighth aspect of embodiments of the present application provides another computer-readable storage medium, which stores a computer program that, when executed by a processor, implements the method according to the second aspect.
A ninth aspect of embodiments of the present application provides a computer program product, which, when run on a server, causes the server to perform the method of the first aspect.
A tenth aspect of embodiments of the present application provides another computer program product, which, when run on a server, causes the server to perform the method of the second aspect described above.
Compared with the prior art, the embodiment of the application has the following advantages:
according to the embodiment of the application, the block chain client can realize Http communication with the block chain link point through the Http proxy server. The Http proxy server receives a Http request from a block chain client, extracts a node mark, an identity mark and a data signature from a request header, and performs identity verification on the Http request by using the identity mark and the data signature; if the Http request passes the authentication, the Http proxy server may forward the Http request to the corresponding target blockchain node according to the node flag. In the embodiment of the application, when a user accesses the block chain through the block chain client, the user only needs to know the node mark of the block chain without paying attention to the IP of the block chain, and the use difficulty of the user is reduced.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the embodiments or the description of the prior art will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the application, and that for a person skilled in the art, other drawings can be derived from them without inventive effort.
Fig. 1 is a flowchart illustrating steps of a data communication method for a blockchain client according to an embodiment of the present application;
fig. 2 is a schematic flowchart illustrating steps of another data communication method for a blockchain client according to an embodiment of the present application;
fig. 3 is a flowchart illustrating a data communication method of a blockchain client according to an embodiment of the present application;
fig. 4 is a schematic diagram of a data communication device of a blockchain client according to an embodiment of the present application;
fig. 5 is a schematic diagram of another data communication device of a blockchain client according to an embodiment of the present application;
fig. 6 is a schematic diagram of a server according to an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. However, it will be apparent to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to" determining "or" in response to detecting ". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
Furthermore, in the description of the present application and the appended claims, the terms "first," "second," "third," and the like are used for distinguishing between descriptions and not necessarily for describing or implying relative importance.
Reference throughout this specification to "one embodiment" or "some embodiments," or the like, means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," or the like, in various places throughout this specification are not necessarily all referring to the same embodiment, but rather "one or more but not all embodiments" unless specifically stated otherwise. The terms "comprising," "including," "having," and variations thereof mean "including, but not limited to," unless expressly specified otherwise.
The technical solution of the present application will be described below by way of specific examples.
Referring to fig. 1, a schematic flow chart illustrating steps of a data communication method of a blockchain client according to an embodiment of the present application is shown, which may specifically include the following steps:
s101, receiving an Http request from a blockchain client, wherein the Http request comprises a request header and a request body.
The execution subject of this embodiment is a proxy server, and in this application, the proxy server may specifically be an Http proxy server. The method in this embodiment may be applied to a block chain service. The block chain is a decentralized distributed shared account book and consists of a plurality of block chain link points. A user may interact with a blockchain by sending an Http request to a blockchain link point through a blockchain client that integrates a corresponding blockchain Software Development Kit (SDK). The data communication in this embodiment may refer to data interaction between the blockchain client and the blockchain link point.
The Http proxy is a bridge between the client and the server, and can receive a Http request from the client and forward the Http request to the server. For the block chain service, the client of the Http proxy is the block chain client, and the server is the block chain node. By using the Http proxy, on one hand, the block chain nodes can be protected more flexibly, and the possibility of attacking the block chain nodes is reduced; on the other hand, resources can be more effectively distributed, the response speed of the Http request is improved, and the like.
The block chain client can generate an Http request according to the user requirement, and then send the Http request to the corresponding block chain link point through the proxy server. In this process, the proxy server may receive an Http request sent by the blockchain client, process the Http request, and send the Http request to the corresponding blockchain node.
And S102, acquiring a node mark, an identity mark and a data signature of the Http request from the request header, wherein the data signature is obtained by encrypting the request body by the block chain client according to the identity mark.
Specifically, the Http request includes a request header and a request body. The request header may include a node flag, an identity flag, and a data signature. In the embodiment of the application, a blockchain client software development kit can be modified in advance, so that a request header of an Http request generated by a blockchain client can include a node mark, an identity mark and a data signature. The node mark is the unique identification information of the target block chain node; the identity mark refers to identity information of a user; the data signature can be obtained by encrypting the request body according to the identity mark.
The data in the request header may exist in the form of a key-value, that is, the request header may include a node flag field, an identity flag field, and a data signature field, and the proxy server may obtain the node flag, the identity flag, and the data signature by obtaining values of the respective fields.
S103, according to the data signature and the identity mark, performing identity verification on the Http request.
Specifically, the Http proxy server and the blockchain client may agree in advance on an encryption algorithm, such as the MD5 algorithm. After the Http proxy server obtains the data signature, the identity mark and the request body can be encrypted by adopting a pre-agreed encryption algorithm to obtain a signature to be verified; and then comparing the signature to be verified with the data signature extracted from the request header, and if the two signatures are the same, determining that the Http request passes the identity verification.
In the step, the identity of the http request is verified on one hand, and on the other hand, the data in the request body can be ensured not to be tampered, so that the data security in the data communication process is ensured.
And S104, if the Http request passes the identity authentication, forwarding the Http request to a corresponding target block chain node according to the node mark.
Specifically, a uniquely corresponding target blockchain node can be determined according to the node mark, and then the proxy server forwards the Http request to the target blockchain node.
In a possible implementation manner, the http proxy server may pre-store identifiers and corresponding IP addresses of a plurality of block chain nodes, and the block chain link point may determine the IP address of the target block chain through the node identifier, establish connection with the target block chain link point, and then send the http request to the corresponding target block chain node through the connection.
In addition, after receiving the Http request, the target blockchain node needs to send a return result for the Http request to the blockchain client; at this time, the target blockchain node may send a return result to the proxy server, and then the proxy server forwards the return result to the corresponding blockchain client.
In one possible implementation, the target blockchain node needs to use a certificate when communicating data. After receiving the Http request, the proxy server may obtain certificate information of the target blockchain node; and then loading a corresponding certificate according to the certificate information, and sending the certificate to the target blockchain node along with the Http request.
In this embodiment, when the blockchain client performs data communication with the blockchain link point through the Http proxy, the blockchain client does not need to know the ip of the blockchain and also does not need to know whether the blockchain node needs the certificate, and can send the Http request to the target blockchain node only by adding the identity flag and the node flag to the request header, thereby realizing the lightweight of the blockchain client.
Referring to fig. 2, a schematic flow chart illustrating steps of another data communication method for a blockchain client according to an embodiment of the present application is shown, which may specifically include the following steps:
s201, determining a node mark and an identity mark of the Http request, wherein the node mark is used for representing a target block chain node of the Http request.
The execution subject of the embodiment is a blockchain client. The blockchain client comprises a client software development kit. In this embodiment, the client software development kit may be modified. Specifically, in the entry method for sending the Http request by the client software development kit, the node identifier and the identity identifier that can be recognized by the Http proxy are transferred and put into the request header. In the logic of sending the request body, combining the identity mark, encrypting the original request body data to obtain a data signature, and putting the signature into the request head.
Specifically, the blockchain client may be installed on a terminal device, and a user may log in the blockchain client through the terminal device and then send an Http request to the blockchain. The node mark can be the unique identification information of the target block chain node of the Http request; the identity token may be identification information of the user. Illustratively, the node designation may be node 1; the identity token may be user 1.
S202, writing the node mark and the identity mark into a request header of the Http request.
Specifically, the request header may include a node flag field and an identity flag field; writing the node mark as the value of the node mark field into a request head; and writing the identity mark as the value of the identity mark field into the request header. Illustratively, the request header contains a Node-ID-Node 1 and an identity-flag-User 1.
The request header may also include a data signature, which may be used to detect whether the Http request has been tampered with. Specifically, the request body may be encrypted in combination with the identity tag to obtain a data signature; the data signature is then written to the corresponding location of the request header.
In the embodiment of the application, both the blockchain client and the proxy server can encrypt the request body by adopting an irreversible algorithm to obtain the data signature. The irreversible algorithm may specifically include the MD5 algorithm, the SHS algorithm, and the like.
For example, the blockchain client may encrypt the identity token and the requestor together with MD5 to obtain a data signature; and the proxy server carries out MD5 encryption on the same identity mark and the request body together to obtain a signature to be verified. Such a data signature and the signature to be verified are the same. If the proxy service obtains the signature to be verified, the adopted identity marks are different or the request bodies are different, and the obtained signature to be verified is different from the data signature.
S203, the Http request is sent to a Http proxy server, and the Http proxy server is configured to forward the Http request to the target blockchain node.
Specifically, after the blockchain client generates the Http request, the Http request can be sent to the Http proxy server, and after receiving the Http request, the Http proxy server can perform authentication on the Http request according to the identity tag; and forwarding the Http request to the corresponding block chain node according to the node mark.
In this embodiment, by adding an identity flag and a node flag to a request header, a proxy server can determine a target block link node according to the node flag; the identity authentication of the Http proxy in the block chain service can be realized through the identity mark, and the safety of data communication is guaranteed.
It should be noted that, the sequence numbers of the steps in the foregoing embodiments do not mean the execution sequence, and the execution sequence of each process should be determined by the function and the inherent logic of the process, and should not constitute any limitation on the implementation process of the embodiments of the present application.
Referring to fig. 3, a flowchart of a data communication method of a blockchain client according to another embodiment of the present application is shown. As shown in fig. 3, the blockchain client includes a client SDK, and the blockchain client may send an Http request to the Http proxy; the Http proxy may receive a Http request from a blockchain client and forward the Http request to a corresponding blockchain. The blockchain may return a result to the Http proxy for the Http request, and the Http proxy may receive the returned result from the blockchain and send the returned result to the corresponding blockchain client.
The method in this embodiment is described below by way of specific examples. Suppose the blockchain client is a client Lite-SDK using Java language, the identity of the user is user1, and the blockchain node with the node identifier of node1 needs to be accessed.
First, the client SDK needs to be modified as follows:
in an entry method Http provider, builder, in which a Lite-SDK sends an Http request, a Node identifier 1 and an identity identifier User1, which can be identified by the Http proxy, are transferred and put into a request header, that is, the request header contains Node-ID 1 and User-ID 1.
In the logic for sending the request body, in combination with the identity token user1, an irreversible encryption algorithm, for example, MD5 algorithm, is used to encrypt the original request body data { "method": getState "}, to obtain a data signature a9861C2938E335538BF5FB5234CC567C, and the data signature is put into the request header, that is, the request header contains Sign ═ a9861C2938E335538BF5FB5234CC 567C.
After the above transformation, the method in the present application may be adopted to implement that the user1 sends a request to the tile link point node1 through the tile chain client, and the specific process may be as follows:
the blockchain client can send the http request to the http proxy server, and the specific processing process of the http proxy server is as follows:
firstly, a Node identifier 1 and an identity identifier User1 are obtained from a request head Node-ID 1 and a User-ID 1, so that a target Node1 of an Http request is identified;
then, a data signature is obtained from a request header Sign, a9861C2938E335538BF5FB5234CC567C, and the request body data { "method": get state "} is checked according to the identity flag user 1;
it is then determined whether a certificate is required in target node1, and if the Http request requires a certificate, the corresponding certificate is loaded. Assuming that the block link node1 used a service certificate service. cert, the certificate is loaded in the Http proxy.
Finally, the Http request is forwarded to target node1, and the result is returned to the blockchain client.
Referring to fig. 4, a schematic diagram of a data communication apparatus of a blockchain client according to an embodiment of the present application is shown, and specifically, the data communication apparatus may include a receiving module 41, an obtaining module 42, a verifying module 43, and a forwarding module 44, where:
a receiving module 41, configured to receive an Http request from a blockchain client, where the Http request includes a request header and a request body;
an obtaining module 42, configured to obtain, from the request header, a node identifier, an identity identifier, and a data signature of the Http request, where the data signature is obtained by encrypting, by the blockchain client, the request body according to the identity identifier;
a verification module 43, configured to perform identity verification on the Http request according to the data signature and the identity token;
and a forwarding module 44, configured to forward the Http request to a corresponding target blockchain node according to the node flag if the Http request passes the identity authentication.
In a possible implementation manner, the Http request further includes a request body, and the verification module 42 includes:
the encryption submodule is used for encrypting the request body according to the identity mark and generating a signature to be verified of the Http request;
and the verification sub-module is used for determining that the Http request passes the identity verification if the signature to be verified is the same as the data signature.
In a possible implementation manner, the apparatus further includes:
a returned result receiving module, configured to receive a returned result of the target block link point for the Http request;
and the return result forwarding module is used for forwarding the return result to the block chain client.
In a possible implementation manner, the apparatus further includes:
the certificate information acquisition module is used for acquiring the certificate information of the target block chain node;
and the certificate loading module is used for loading a corresponding certificate according to the certificate information, wherein the certificate is used for authenticating the target block chain node.
Referring to fig. 5, a schematic diagram of another data communication device of a blockchain client according to an embodiment of the present application is shown, which may specifically include: a determination module 51, a writing module 52 and a sending module 53, wherein:
a determining module 51, configured to determine a node flag and an identity flag of an Http request, where the node flag is used to represent a target block chain node of the Http request;
a writing module 52, configured to write the node flag and the identity flag into a request header of the Http request;
a sending module 53, configured to send the Http request to a Http proxy server, where the Http proxy server is configured to forward the Http request to the target blockchain node.
In a possible implementation manner, the apparatus further includes:
the encryption module is used for encrypting the request body of the Http request according to the identity mark to obtain a data signature of the request body;
and the data signature writing module is used for writing the data signature into the request header, and the data signature is used for performing identity verification on the Http request.
In a possible implementation manner, the writing module 52 includes:
the creating submodule is used for creating a node mark field and an identity mark field in the request header;
a node mark writing submodule for writing the node mark as the value of the node mark field into the request header;
and the identity mark writing submodule is used for writing the identity mark as the value of the identity mark field into the request head.
For the apparatus embodiment, since it is substantially similar to the method embodiment, it is described relatively simply, and reference may be made to the description of the method embodiment section for relevant points.
Fig. 6 is a schematic structural diagram of a server according to an embodiment of the present application. As shown in fig. 6, the server 6 of this embodiment includes: at least one processor 60 (only one shown in fig. 6), a memory 61, and a computer program 62 stored in the memory 61 and executable on the at least one processor 60, the processor 60 implementing the steps in any of the various method embodiments described above when executing the computer program 62.
The server 6 may be a computing device such as a cloud server. The server may include, but is not limited to, a processor 60, a memory 61. Those skilled in the art will appreciate that fig. 6 is merely an example of the server 6, and does not constitute a limitation on the server 6, and may include more or less components than those shown, or some components in combination, or different components, such as input output devices, network access devices, etc.
The Processor 60 may be a Central Processing Unit (CPU), and the Processor 60 may be other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, etc. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The memory 61 may in some embodiments be an internal storage unit of the server 6, such as a hard disk or a memory of the server 6. The memory 61 may also be an external storage device of the server 6 in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like, which are provided on the server 6. Further, the memory 61 may also include both an internal storage unit of the server 6 and an external storage device. The memory 61 is used for storing an operating system, an application program, a BootLoader (BootLoader), data, and other programs, such as program codes of the computer program. The memory 61 may also be used to temporarily store data that has been output or is to be output.
An embodiment of the present application further provides a terminal device, where the terminal device includes: at least one processor, a memory, and a computer program stored in the memory and executable on the at least one processor, the processor implementing the steps of the data communication method of the above method embodiments applied to a blockchain client of the blockchain clients when executing the computer program.
The embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps of implementing the data communication method applied to a blockchain client of a proxy server in the above-mentioned method embodiments.
The present application further provides another computer-readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the steps of implementing the data communication method applied to a blockchain client in the above-mentioned method embodiments.
When the computer program product runs on the terminal device, the data communication method of the proxy server applied to the blockchain client in the above method embodiments can be realized when the terminal device executes the data communication method.
When the computer program product runs on a terminal device, the method for implementing data communication of a blockchain client applied to the blockchain client in the above method embodiments is implemented when the terminal device executes the computer program product.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the processes in the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium and can implement the steps of the embodiments of the methods described above when the computer program is executed by a processor. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include at least: any entity or device capable of carrying computer program code to a photographing apparatus/terminal apparatus, a recording medium, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), an electrical carrier signal, a telecommunications signal, and a software distribution medium. Such as a usb-disk, a removable hard disk, a magnetic or optical disk, etc. In certain jurisdictions, computer-readable media may not be an electrical carrier signal or a telecommunications signal in accordance with legislative and patent practice.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus/terminal device and method may be implemented in other ways. For example, the above-described embodiments of the apparatus/terminal device are merely illustrative, and for example, the division of the modules or units is only one logical division, and there may be other divisions when actually implemented, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same. Although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.
Claims (10)
1. A data communication method of a block chain client is applied to an Http proxy server, and the method comprises the following steps:
receiving an Http request from a blockchain client, wherein the Http request comprises a request header and a request body;
acquiring a node mark, an identity mark and a data signature of the Http request from the request header, wherein the data signature is obtained by encrypting the request body by the block chain client according to the identity mark;
according to the data signature and the identity mark, performing identity verification on the Http request;
and if the Http request passes the identity authentication, forwarding the Http request to a corresponding target block chain node according to the node mark.
2. The method of claim 1, wherein the Http request further comprises a requestor, and wherein authenticating the Http request based on the data signature and the identity token comprises:
encrypting the request body according to the identity mark to generate a signature to be verified of the Http request;
and if the signature to be verified is the same as the data signature, determining that the Http request passes identity verification.
3. The method of claim 1 or 2, wherein the method further comprises:
receiving a return result of the target block chain node aiming at the Http request;
and forwarding the return result to the block chain client.
4. The method of claim 3, wherein the method further comprises:
acquiring certificate information of the target block chain node;
and loading a corresponding certificate according to the certificate information, wherein the certificate is used for authenticating the target block chain node.
5. A data communication method of a block chain client is applied to the block chain client, and the method comprises the following steps:
determining a node mark and an identity mark of an Http request, wherein the node mark is used for representing a target block chain node of the Http request;
writing the node mark and the identity mark into a request header of the Http request;
and sending the Http request to a Http proxy server, wherein the Http proxy server is used for forwarding the Http request to the target blockchain node.
6. The method of claim 5, wherein the method further comprises:
encrypting the request body of the Http request according to the identity mark to obtain a data signature of the request body;
and writing the data signature into the request header, wherein the data signature is used for performing identity verification on the Http request.
7. The method of claim 5, wherein said writing said node tag and said identity tag in a request header of said Http request comprises:
creating a node flag field and an identity flag field in the request header;
writing the node flag as a value of the node flag field in the request header;
and writing the identity mark as the value of the identity mark field into the request header.
8. A data communication apparatus of a blockchain client, applied to an Http proxy server, the apparatus comprising:
the system comprises a receiving module, a sending module and a receiving module, wherein the receiving module is used for receiving an Http request from a block chain client, and the Http request comprises a request header and a request body;
an obtaining module, configured to obtain, from the request header, a node identifier, an identity identifier, and a data signature of the Http request, where the data signature is obtained by encrypting, by the blockchain client, the request body according to the identity identifier;
the verification module is used for verifying the identity of the Http request according to the data signature and the identity mark;
and the forwarding module is used for forwarding the Http request to a corresponding target block chain node according to the node mark if the Http request passes the identity authentication.
9. A computer device comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor implements the method of any of claims 1-4 or claims 5-7 when executing the computer program.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-4 or claims 5-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111589922.7A CN114338036A (en) | 2021-12-23 | 2021-12-23 | Data communication method and device for block chain client |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111589922.7A CN114338036A (en) | 2021-12-23 | 2021-12-23 | Data communication method and device for block chain client |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114338036A true CN114338036A (en) | 2022-04-12 |
Family
ID=81055032
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111589922.7A Pending CN114338036A (en) | 2021-12-23 | 2021-12-23 | Data communication method and device for block chain client |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114338036A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115190162A (en) * | 2022-06-27 | 2022-10-14 | 杭州溪塔科技有限公司 | Proxy service configuration method and proxy service system in block chain |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102624692A (en) * | 2011-11-28 | 2012-08-01 | 苏州奇可思信息科技有限公司 | User identity authentication avoiding method based on hypertext transport protocol (HTTP) |
| CN109347941A (en) * | 2018-10-10 | 2019-02-15 | 南京简诺特智能科技有限公司 | A kind of data sharing platform and its implementation based on block chain |
| CN109617977A (en) * | 2018-12-24 | 2019-04-12 | 北京神州绿盟信息安全科技股份有限公司 | A kind of web-page requests processing method and processing device |
| CN110109930A (en) * | 2019-05-15 | 2019-08-09 | 山东省计算中心(国家超级计算济南中心) | Government data storage, querying method and system based on block chain duplex structure |
| CN111010372A (en) * | 2019-11-20 | 2020-04-14 | 国家信息中心 | Block chain network identity authentication system, data processing method and gateway equipment |
| CN111026982A (en) * | 2019-10-15 | 2020-04-17 | 深圳壹账通智能科技有限公司 | Intelligent contract processing method, computer equipment and storage medium |
| KR20200083396A (en) * | 2020-06-19 | 2020-07-08 | 주식회사 코인플러그 | Method and server for managing user identity using blockchain network, and method and terminal for verifying user using user identity based on blockchain network |
-
2021
- 2021-12-23 CN CN202111589922.7A patent/CN114338036A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102624692A (en) * | 2011-11-28 | 2012-08-01 | 苏州奇可思信息科技有限公司 | User identity authentication avoiding method based on hypertext transport protocol (HTTP) |
| CN109347941A (en) * | 2018-10-10 | 2019-02-15 | 南京简诺特智能科技有限公司 | A kind of data sharing platform and its implementation based on block chain |
| CN109617977A (en) * | 2018-12-24 | 2019-04-12 | 北京神州绿盟信息安全科技股份有限公司 | A kind of web-page requests processing method and processing device |
| CN110109930A (en) * | 2019-05-15 | 2019-08-09 | 山东省计算中心(国家超级计算济南中心) | Government data storage, querying method and system based on block chain duplex structure |
| CN111026982A (en) * | 2019-10-15 | 2020-04-17 | 深圳壹账通智能科技有限公司 | Intelligent contract processing method, computer equipment and storage medium |
| CN111010372A (en) * | 2019-11-20 | 2020-04-14 | 国家信息中心 | Block chain network identity authentication system, data processing method and gateway equipment |
| KR20200083396A (en) * | 2020-06-19 | 2020-07-08 | 주식회사 코인플러그 | Method and server for managing user identity using blockchain network, and method and terminal for verifying user using user identity based on blockchain network |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115190162A (en) * | 2022-06-27 | 2022-10-14 | 杭州溪塔科技有限公司 | Proxy service configuration method and proxy service system in block chain |
| CN115190162B (en) * | 2022-06-27 | 2023-11-28 | 杭州溪塔科技有限公司 | Proxy service configuration method and proxy service system in block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20200242218A1 (en) | Systems and methods for providing identity assurance for decentralized applications | |
| CN112019493B (en) | Identity authentication method, identity authentication device, computer equipment and medium | |
| CN108923908B (en) | Authorization processing method, device, equipment and storage medium | |
| CN107770159B (en) | Vehicle accident data recording method and related device and readable storage medium | |
| CN111935094A (en) | Database access method, device, system and computer readable storage medium | |
| ES2804771T3 (en) | Method and system for providing terminal identifiers | |
| WO2019013773A1 (en) | Secure token passing via blockchains | |
| CN109286620B (en) | User right management method, system, device and computer readable storage medium | |
| CN110708335A (en) | Access authentication method and device and terminal equipment | |
| CN112948851A (en) | User authentication method, device, server and storage medium | |
| CN110995446A (en) | Evidence verification method, device, server and storage medium | |
| CN110909355A (en) | Unauthorized vulnerability detection method, system, electronic device and medium | |
| CN111342964B (en) | Single sign-on method, device and system | |
| CN111800426A (en) | Method, device, equipment and medium for accessing native code interface in application program | |
| CN112884585B (en) | Method for executing transaction in block chain and block chain system | |
| CN114338036A (en) | Data communication method and device for block chain client | |
| CN114338795B (en) | Data communication method and device of blockchain client | |
| CN115982247B (en) | Block chain-based account information query method and device, equipment and medium | |
| CN110602051B (en) | Information processing method based on consensus protocol and related device | |
| CN112702419A (en) | Data processing method, device, equipment and storage medium based on block chain | |
| CN111371811A (en) | Resource calling method, resource calling device, client and service server | |
| CN114861144A (en) | Data authority processing method based on block chain | |
| CN112583600A (en) | User authentication method, device, electronic equipment and medium | |
| CN113761503A (en) | Interface call processing method and device | |
| CN110647757A (en) | Data processing method based on intelligent contract and related device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |