CN114615031A - File storage method and device, electronic equipment and storage medium - Google Patents
File storage method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN114615031A CN114615031A CN202210186129.0A CN202210186129A CN114615031A CN 114615031 A CN114615031 A CN 114615031A CN 202210186129 A CN202210186129 A CN 202210186129A CN 114615031 A CN114615031 A CN 114615031A
- Authority
- CN
- China
- Prior art keywords
- file
- stored
- ciphertext sequence
- digital abstract
- called
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 80
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 32
- 230000008569 process Effects 0.000 claims abstract description 28
- 238000012545 processing Methods 0.000 claims abstract description 17
- 230000000694 effects Effects 0.000 abstract description 2
- 230000003287 optical effect Effects 0.000 description 6
- 238000012795 verification Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000007620 mathematical function Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000026676 system process Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
Abstract
The embodiment of the disclosure provides a file storage method, a file storage device, an electronic device and a storage medium, wherein the method comprises the following steps: processing the file to be stored based on a Hash algorithm when the file to be stored is received to obtain a digital abstract corresponding to the file to be stored; the file to be stored comprises an electronic contract to be stored and process data; encrypting the digital abstract based on a public key corresponding to a target user to obtain a ciphertext sequence; and the ciphertext sequence is stored in an uplink mode, the file to be stored is stored in an interplanetary file system, the block number of the ciphertext sequence is stored in a feedback mode, when the block number corresponding to the file to be called is received, the ciphertext sequence is obtained from the block chain, and the file to be called is called from the interplanetary file system according to the ciphertext sequence. The scheme improves the safety of storing the electronic contract and also achieves the technical effect of ensuring the information safety of the user.
Description
Technical Field
The embodiment of the invention relates to computer technology, in particular to a file storage method and device, electronic equipment and a storage medium.
Background
With the continuous development of computer technology, more and more information processing technologies are going into people's lives, and the traditional paper contracts have been replaced by electronic contracts stored in a file server for a long time.
However, the existing conventional electronic contract is stored on a dedicated file server, and if the server is hacked, the content of the electronic contract stored on the file server may be tampered or the original file may be damaged maliciously, so that it is difficult to ensure the authenticity and integrity of the contract file.
Disclosure of Invention
The embodiment of the disclosure provides a file storage method and device, an electronic device and a storage medium, so that the integrity and the authenticity of an electronic contract are verified by comparing a digital abstract in the process of extracting a user contract, the safety of storing the electronic contract is improved, and the technical effect of ensuring the information safety of a user is achieved.
In a first aspect, an embodiment of the present disclosure provides a file storage method, where the method includes:
processing the file to be stored based on a Hash algorithm when the file to be stored is received to obtain a digital abstract corresponding to the file to be stored; the file to be stored comprises an electronic contract to be stored and process data;
encrypting the digital abstract based on a public key corresponding to a target user to obtain a ciphertext sequence;
and performing chain storage on the ciphertext sequence, storing the file to be stored into an interplanetary file system, feeding back a block number for storing the ciphertext sequence, acquiring the ciphertext sequence from the block chain when receiving the block number corresponding to the file to be called, and calling the file to be called from the interplanetary file system according to the ciphertext sequence.
In a second aspect, an embodiment of the present disclosure further provides a file storage apparatus, where the apparatus includes:
the digital abstract acquiring module is used for processing the file to be stored based on a Hash algorithm when the file to be stored is received, so as to obtain a digital abstract corresponding to the file to be stored; the file to be stored comprises an electronic contract to be stored and process data;
the ciphertext sequence acquisition module encrypts the digital summary based on a public key corresponding to the target user to obtain a ciphertext sequence;
and the target file storage module is used for chaining and storing the ciphertext sequence, storing the file to be stored into the interplanetary file system, feeding back the block number for storing the ciphertext sequence, acquiring the ciphertext sequence from the block chain when receiving the block number corresponding to the file to be called, and calling the file to be called from the interplanetary file system according to the ciphertext sequence.
In a third aspect, an embodiment of the present disclosure further provides an electronic device, where the electronic device includes:
one or more processors;
a storage device for storing one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors implement the file storage method according to any one of the embodiments of the present disclosure.
In a fourth aspect, the embodiments of the present disclosure also provide a storage medium containing computer-executable instructions, which when executed by a computer processor, are used for executing the file storage method according to any one of the embodiments of the present disclosure.
According to the technical scheme, when the file to be stored is received, the file to be stored is processed based on a Hash algorithm to obtain a digital abstract corresponding to the file to be stored, after the digital abstract is obtained, an encryption processing is carried out based on a public key corresponding to a user to obtain a ciphertext sequence, the ciphertext sequence is subjected to chain link storage, the file to be stored is stored in an interplanetary file system, block numbers of the ciphertext sequence are stored in a feedback mode, when the block numbers corresponding to the file to be retrieved are received, the ciphertext sequence is obtained from the block chain, the file to be retrieved is retrieved from the interplanetary file system according to the ciphertext sequence, the safety of the electronic contract of the user in the storage process is guaranteed, and the authenticity and the integrity of the electronic contract are improved.
Drawings
In order to more clearly illustrate the technical solution of the exemplary embodiment of the present invention, a brief introduction will be made to the drawings required for describing the embodiment. It is clear that the described figures are only figures of a part of the embodiments of the invention to be described, not all figures, and that for a person skilled in the art, without inventive effort, other figures can also be derived from them.
Fig. 1 is a schematic flowchart of a file storage method according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a method for storing an electronic contract and a signing process according to a first embodiment of the present disclosure;
fig. 3 is a schematic flowchart of a file retrieving method according to a second embodiment of the present invention;
fig. 4 is a schematic flow chart of a method for retrieving an electronic contract and a signing process according to the second embodiment;
fig. 5 is a block diagram of a file storage device according to a third embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of an electronic device according to a fourth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Example one
Fig. 1 is a flowchart of a file storage method according to an embodiment of the present invention, where the method is applicable to a case where a file needs to be stored in an uplink manner, and the method can be executed by a file storage device, and the file storage device can be implemented in a form of software and/or hardware, where the hardware can be an electronic device, such as a mobile terminal, a PC terminal, or a server. Any file storage scenario is usually implemented by cooperation of a client and a server, and the method provided by this embodiment may be executed by a server, a client, or by cooperation of a client and a server.
As shown in fig. 1, the method of the present embodiment includes:
s110, when a file to be stored is received, processing the file to be stored based on a Hash algorithm to obtain a digital abstract corresponding to the file to be stored; the file to be stored comprises an electronic contract to be stored and process data;
the file to be stored may be a file that needs to be stored. A hash algorithm is understood to be a mathematical function by which data of arbitrary length can be hashed to a binary string of fixed length. The digital digest can be understood as a hash value obtained by processing a file to be stored based on a hash algorithm. The electronic contract to be stored may be a contract file that needs to be stored, and correspondingly, the process data may be understood as data generated by the user in the process of signing the electronic contract.
Specifically, after the user finishes signing the electronic contract, the system stores data generated in the process of signing the electronic contract by the user and the electronic contract based on a preset method, and after the system acquires files to be stored, the system processes all the files to be stored through a hash algorithm to obtain corresponding digital digests, so that the user identity verification can be finished based on the digital digests.
On the basis of the technical scheme, before receiving the file to be stored, the method further comprises the following steps: and acquiring a user identifier corresponding to a target user, generating a public key and a private key based on the user identifier, encrypting the digital digest based on the public key, and decrypting the ciphertext sequence based on the private key.
The target user may be a user who completes login through a login interface of the system, and it can be understood that the user needs to log in according to the login interface popped up by an application program in the terminal device before signing an electronic contract. The user identifier may be understood as ID information of the user, for example, after the user registers an account, corresponding account ID information may be generated, and the account ID information may be used as identification information of the user. The public key and the private key can be understood as two keys in an asymmetric encryption algorithm, that is, the public key and the private key are corresponding keys, and if the public key is used for encrypting data, only the corresponding private key can be used for decrypting the data. If the data is encrypted with a private key, it can only be decrypted with the corresponding public key.
For example, after a user completes login of an account through a login page provided by an application program or a system, the application program or the system may obtain a private key and a public key corresponding to the account ID of the user through a preset method based on the account ID of the user, encrypt digital digest information generated before by using the public key after obtaining the public key and the private key corresponding to a user identifier, and further decrypt the encrypted information by using the private key when the corresponding digital digest information needs to be obtained.
S120, encrypting the digital abstract based on a public key corresponding to a target user to obtain a ciphertext sequence;
the ciphertext sequence may be understood as a sequence obtained by encrypting the digital digest based on the public key.
Specifically, after the corresponding public key and the private key are determined according to the identification information of the user, the public key is used for encrypting the generated digital digest information, and then the corresponding ciphertext sequence can be obtained.
S130, the ciphertext sequence is subjected to chain storage, the file to be stored is stored in an interplanetary file system, the block number of the ciphertext sequence is stored in a feedback mode, when the block number corresponding to the file to be called is received, the ciphertext sequence is obtained from the block chain, and the file to be called is called from the interplanetary file system according to the ciphertext sequence.
The Interplanetary File System (Interplanetary File System) is a new internet protocol, and the design goal of the Interplanetary File System is to implement permanent storage of data, remove duplicate data on a network, and acquire a data address stored on a node in the network. The block number may be the number of the block chain in which the ciphertext sequence is located. The file to be called can be understood as a file which needs to be called.
Illustratively, after the user finishes signing the electronic contract, the corresponding file and the ciphertext sequence are stored in the appointed position, when the corresponding file needs to be called subsequently, the storage address of the corresponding file needs to be obtained, and then the file is called at the appointed position according to the storage address. It should be noted that due to the limitation of the design of the blockchain, if the original electronic contract file with a large volume is directly stored in the blockchain, the storage and reading efficiency is lowered, so that the technical solution of this embodiment selects to store the encrypted digital digest in the blockchain, and verifies based on the digital digest stored in the blockchain when information needs to be retrieved, so as to improve the storage security and efficiency, and simultaneously implement tracing to the whole signing process.
On the basis of the above technical solution, the storing the ciphertext sequence uplink includes: generating a new block on the block chain to store the ciphertext sequence based on the new block.
The block chain is a shared database and can be used for storing data or information, and the data and the information stored in the block chain have the characteristics of unforgeability, whole-course trace, traceability, public transparency, collective maintenance and the like.
On the basis of the above technical solution, the technical solution in this embodiment needs to be further described, in the file storage method in this embodiment, a digital digest is calculated by using a hash algorithm on contract and memo information to be stored, then the digital digest is encrypted with a public key of a user to obtain a ciphertext sequence, the ciphertext sequence is stored in a block chain, and meanwhile, the electronic contract and memo information are stored in an IPFS network. Fig. 2 is a schematic flow chart of a method for storing an electronic contract and a signing process provided in this embodiment, as shown in fig. 2:
logging in the system: the user completes the login of the account according to the application program or the login interface on the webpage, for example, the user can complete the login by inputting a preset account and an account password, or the application program can pop up a corresponding face recognition interface for the user, and the login is completed by comparing the face information of the user with the reserved face information.
Acquiring a user ID: after a user logs in a system, the identity of the user, that is, the ID information of the user account, needs to be obtained, and it can be understood that when the user uses the system or an application program for the first time, the user needs to establish a corresponding account based on the personal identity information of the user.
Generating the public key and the private key of the user according to the ID: specifically, the corresponding public key and private key may be generated based on an ECC algorithm. The ECC algorithm is also an elliptic curve algorithm, has the advantages of short key length, high calculation efficiency and the like, and can effectively save network bandwidth and storage space. Public and private keys may be produced in a blockchain. After the ID information of the user is obtained, the public key and the private key of the user can be generated according to the ECC algorithm.
Uploading the electronic contract and the memorandum: after the electronic contract is signed, the system uploads a memorandum file and the electronic contract generated in the signing process of the user according to a preset method. The memo file can be understood as data generated in the process of signing an electronic contract by the user.
Calculating the digital summary by using a hash algorithm: and processing the uploaded electronic contract and the memorandum file by adopting a Hash algorithm to obtain a corresponding digital abstract.
The public key encrypts the digital abstract to obtain a ciphertext sequence: and after obtaining a corresponding secret key according to the ID information of the user, encrypting the digital abstract by adopting the public key to obtain a corresponding ciphertext sequence.
The ciphertext sequence is stored into the blockchain: and generating a new block by using the sequence, adding the new block into a block chain network, returning the number of the block to a user for storage, checking and downloading a subsequent electronic contract, and ensuring the traceability of the signing process by using a memorandum. Specifically, after a corresponding ciphertext sequence is obtained, the ciphertext sequence is stored in a block chain, and a file with a large size cannot be stored due to the limitation of the size of each block in the block chain. Therefore, during actual storage, the digital abstract recorded in the electronic contract and the signing process is calculated by utilizing a hash algorithm, then the digital abstract is encrypted by using a public key, and the encrypted ciphertext character string is stored in a block chain and is used as an addressing inlet of a contract file and a signing record in an IPFS network in the future.
Storing the electronic contract and the memorandum in the IPFS, and returning the block number stored in the microgroove sequence: and storing the electronic contract and the memo in the IPFS to complete distributed storage of the file, and returning the block number for accessing the ciphertext sequence, so that the corresponding ciphertext sequence can be conveniently searched according to the block number when the file is extracted.
According to the technical scheme of the embodiment, the authenticity and the integrity of the stored data of the IPFS network are verified by obtaining the digital abstracts of the electronic contract and the memorandum of the signing process through the irreversibility of the hash algorithm. Meanwhile, the digital abstract is encrypted by using a public key of a user and then stored in the block chain, and the original data can be rapidly recovered when the account book of a certain node fails by virtue of the advantages of the block chain distributed account book. If the data of a few nodes are maliciously tampered, the consensus mechanism of the block chain ensures that the whole block chain network cannot agree on the tampered data form, and the timestamp in the block chain records the true time of the evidence storage of the data, so that the authenticity of the evidence storage data is ensured.
According to the technical scheme, when the file to be stored is received, the file to be stored is processed based on a Hash algorithm to obtain a digital abstract corresponding to the file to be stored, after the digital abstract is obtained, an encryption processing is carried out based on a public key corresponding to a user to obtain a ciphertext sequence, the ciphertext sequence is subjected to chain link storage, the file to be stored is stored in an interplanetary file system, block numbers of the ciphertext sequence are stored in a feedback mode, when the block numbers corresponding to the file to be retrieved are received, the ciphertext sequence is obtained from the block chain, the file to be retrieved is retrieved from the interplanetary file system according to the ciphertext sequence, the safety of the electronic contract of the user in the storage process is guaranteed, and the authenticity and the integrity of the electronic contract are improved.
Example two
Fig. 3 is a schematic flowchart of a file retrieving method according to a second embodiment of the present invention, where this embodiment is applicable to a case where a stored file needs to be retrieved, and the method may be executed by a file storing device, and the device may be implemented in the form of software and/or hardware, and the hardware may be an electronic device, such as a mobile terminal, a PC end, or a server. Any file retrieval scenario is usually implemented by cooperation of a client and a server, and the method provided by this embodiment may be executed by a server, a client, or by cooperation of a client and a server.
S210, when a file calling request is received, a block number carried in the file calling request is obtained.
The file retrieval request may be a request sent by a user when retrieving a file.
Specifically, after the user completes signing the electronic contract, when other related services need to be handled, the user needs to retrieve related information stored in the interplanetary file system, so that the user needs to send a corresponding file retrieval request, and the file retrieval request sent by the user includes block numbers stored in the digital abstract corresponding to the electronic contract and the process data. It can be understood that before the user sends a file calling request, the user needs to complete the login of the account according to the login page provided by the application program, and also needs to verify the corresponding identity in the login process, and the verification mode may be face information verification, reserved mobile phone number verification, preset password verification, and the like.
And S220, acquiring a ciphertext sequence consistent with the file calling request from the block chain according to the block number.
Specifically, after a file retrieval request sent by a user is acquired, a ciphertext sequence consistent with a block number in the file retrieval request is acquired in a block chain according to the block number included in the file retrieval request. It can be understood that, after the user completes the storage of the electronic contract and the data information, the digital abstract obtained after the hash algorithm processing is encrypted and stored in the corresponding block chain, so that the block number corresponding to the storage location is fed back, and when the user needs to call a file, the user can go to the corresponding block chain to call a ciphertext sequence according to the block number.
And S230, acquiring a file to be called corresponding to the file calling request from the interplanetary file system based on the ciphertext sequence.
On the basis of the above technical solution, the obtaining a file to be retrieved corresponding to the file retrieval request from the interplanetary file system based on the ciphertext sequence includes: decoding the ciphertext sequence based on a private key corresponding to the target user to obtain a digital abstract to be verified; if the file to be determined is obtained from the interplanetary file system according to the digital abstract to be verified, encrypting the file to be determined based on a Hash algorithm to obtain a digital abstract to be matched; and if the digital abstract to be verified is consistent with the digital abstract to be matched, the file to be determined is the file to be called and fed back.
The digital abstract to be verified can be a digital abstract which needs to be verified, and correspondingly, the file to be determined can be understood as a file which needs to be determined. And the digital abstract to be matched is used for being matched with the digital abstract to be verified.
Illustratively, after a user logs in an account, the user identification information is processed according to a preset method to obtain a corresponding private key, a corresponding ciphertext sequence is called from a block chain according to a block number contained in a file calling request sent by the user, the obtained ciphertext sequence is decrypted based on the private key to obtain a corresponding to-be-verified digital abstract, a corresponding to-be-determined file is obtained from an interplanetary file system according to the to-be-verified digital abstract, the to-be-determined file is processed based on a hash algorithm to obtain a corresponding to-be-matched digital abstract, whether the to-be-matched digital abstract is consistent with the to-be-verified digital abstract or not is compared, and if so, the to-be-determined file is determined to be the to-be-called file.
On the basis of the technical scheme, after the file to be determined is obtained from the interplanetary file system, the method further comprises the following steps: and temporarily storing the file to be determined into a cache, and when the digital abstract to be verified is consistent with the digital abstract to be matched, taking the file to be determined as the file to be called and feeding back the file.
A cache is understood to be a memory that performs high-speed data exchange.
Specifically, after the corresponding digital abstract to be verified is determined according to the user identification information, the corresponding file to be determined is acquired from the interplanetary file system according to the digital abstract to be verified, however, at this time, it is not yet determined whether the file to be determined is the file required by the user, and it is determined that the file to be determined is the file to be retrieved only after the verification data abstract and the digital abstract to be matched are matched, so that the file to be determined at this time needs to be temporarily stored in a cache and a corresponding matching result needs to be waited for.
On the basis of the technical scheme, if the to-be-determined file is not obtained from the interplanetary file system according to the to-be-verified digital abstract, the ciphertext sequence is prompted to be invalid; or if the digital abstract to be verified is different from the digital abstract to be matched, determining that the file to be determined is not the file to be called, feeding back a prompt of file acquisition failure, and deleting the file to be determined from the cache.
Illustratively, after the corresponding digital digests to be verified are obtained according to the user identification information, the corresponding files, that is, the files to be determined, need to be obtained from the interplanetary file system according to the digital digests to be verified, it can be understood that, because the client attributes of different users are different, the digital digests to be verified corresponding to different clients are different, and each digital digest to be verified necessarily corresponds to a corresponding file to be determined, if the file to be determined cannot be determined based on the digital digest to be verified, it indicates that the ciphertext information determined based on the user identification information is invalid, and the identity of the user may be forged. Secondly, even after the corresponding file to be determined is obtained based on the digital abstract information to be verified of the user, the corresponding file to be determined is obtained after the file to be determined is processed based on a Hash algorithm, the digital abstract to be matched is matched with the digital abstract to be verified, if the matching is consistent, the corresponding file is fed back to the user, if the matching is inconsistent, the current file to be determined is determined not to be the file which needs to be fed back, and the file temporarily stored in the cache is deleted.
On the basis of the above technical solution, the technical solution in this embodiment needs to be further described, where the file retrieval method in this embodiment is to, when a contract file needs to be downloaded, first obtain a ciphertext sequence that is originally encrypted by using a public key on a blockchain, and then decrypt the ciphertext sequence by using a private key to obtain a digital digest of the original file. And then the digital abstract is used as an address to search an electronic contract and a memorandum on the IPFS network. After the file is taken out, the digital abstract is calculated by using a Hash algorithm, and the digital abstract is compared with the abstract decrypted by using the private key on the block chain, so that the integrity and the authenticity of the electronic contract, the signing process record and the like are verified. Fig. 4 is a schematic flow chart of a method for retrieving an electronic contract and a signing process provided in the second embodiment, as shown in fig. 4:
the user logs in the system: the user completes the login of the account number according to the method set by the system, and the specific login method can be set by a person skilled in the art.
And acquiring a ciphertext sequence according to the block number: after the user finishes logging in the account, if the user electronic contract needs to be called, the application program sends a file calling request, the file calling request comprises the corresponding block number, and a corresponding ciphertext sequence can be obtained from the corresponding block chain based on the block number.
Obtaining a private key, and decrypting the ciphertext sequence based on the private key to obtain a digital digest X: and after the account is logged in, obtaining a corresponding private key according to the ID information of the user account, and decrypting the ciphertext sequence according to the private key to further obtain the digital abstract X corresponding to the electronic contract and the memorandum file.
Judging whether the electronic contract and the memorandum can be successfully downloaded in the IPFS network by taking X as an address: since the electronic contract and the memo are stored based on the corresponding digital abstract X, the address pointed by the digital abstract X is the address of the file storage.
Specifically, if the corresponding electronic contract and memo file can be successfully downloaded, the digital abstract X is proved to be valid, if the corresponding file cannot be successfully downloaded, the ciphertext sequence corresponding to the user is proved to be invalid, a corresponding information prompt page is popped up for the user according to a preset method, and the user can be prompted on the information prompt page that the ciphertext sequence is invalid. And when the file is downloaded successfully, temporarily storing the downloaded file in a cache of the terminal equipment, and waiting for the next judgment.
And calculating a digital abstract Y of the file in the cache by using a hash algorithm: after the file corresponding to the digital digest X is obtained, it is necessary to determine whether the file is a file required by the user, so that the digital digest of the file in the cache needs to be calculated through a hash algorithm, and a corresponding result Y is obtained.
Comparing X and Y: the digital abstract X is obtained by decrypting the ciphertext sequence through a private key, and corresponds to a file stored after a user signs an electronic contract, and the electronic abstract Y corresponds to a file stored in the IPFS. Therefore, X and Y need to be compared, when X and Y are equal, the matching of the files is proved to be successful, and the corresponding files are fed back to the user; and if the X and the Y are not equal, the file matching is proved to be failed, the obtained file is not the file required by the user, and the file stored in the cache is deleted. It should be noted that, because different users have different user information, the electronic contract and memo file signed by the different users are also different, and further, if the digital digest obtained by decryption based on the private key cannot be matched with the electronic digest of the file downloaded from the IPFS network, it is proved that the file on the IPFS network is not the file required by the user.
According to the technical scheme, when a file retrieval request is received, the block number carried in the file retrieval request is obtained, the ciphertext sequence consistent with the file retrieval request is obtained from the block chain according to the block number, and finally the file to be retrieved corresponding to the file retrieval request is obtained from the interplanetary file system based on the ciphertext sequence.
EXAMPLE III
Fig. 5 is a block diagram of a file storage apparatus according to a third embodiment of the present disclosure, which is capable of executing a file storage method according to any embodiment of the present disclosure, and has functional modules and beneficial effects corresponding to the execution method. As shown in fig. 5, the apparatus specifically includes: a digital abstract acquisition module 510, a ciphertext sequence acquisition module 520 and a target file storage module 530.
A digital digest obtaining module 510, configured to, when a file to be stored is received, process the file to be stored based on a hash algorithm, so as to obtain a digital digest corresponding to the file to be stored; the file to be stored comprises an electronic contract to be stored and process data;
a ciphertext sequence obtaining module 520, configured to encrypt the digital digest based on a public key corresponding to the target user to obtain a ciphertext sequence;
and the target file storage module 530 is configured to chain store the ciphertext sequence, store the file to be stored in the interplanetary file system, and feed back the block number for storing the ciphertext sequence, so as to obtain the ciphertext sequence from the block chain when receiving the block number corresponding to the file to be retrieved, and retrieve the file to be retrieved from the interplanetary file system according to the ciphertext sequence.
On the basis of the above scheme, the apparatus further comprises:
and the key generation module is used for acquiring a user identifier corresponding to a target user before receiving the file to be stored, generating a public key and a private key based on the user identifier, encrypting the digital digest based on the public key, and decrypting the ciphertext sequence based on the private key.
On the basis of the above technical solution, the target file storage module is specifically configured to generate a new block on the block chain, so as to store the ciphertext sequence based on the new block.
On the basis of the above technical solution, the apparatus further includes:
the device comprises a block number acquisition module, a block number acquisition module and a block number matching module, wherein the block number acquisition module is used for acquiring a block number carried in a file calling request when the file calling request is received;
the ciphertext sequence calling module is used for obtaining a ciphertext sequence consistent with the file calling request from a block chain according to the block number;
and the target file calling module is used for acquiring a file to be called corresponding to the file calling request from the interplanetary file system based on the ciphertext sequence.
On the basis of the above technical solution, the target file retrieving module further includes:
the file to be called determining unit is used for decoding the ciphertext sequence based on a private key corresponding to the target user to obtain a digital abstract to be verified; if the file to be determined is obtained from the interplanetary file system according to the digital abstract to be verified, encrypting the file to be determined based on a Hash algorithm to obtain a digital abstract to be matched; and if the digital abstract to be verified is consistent with the digital abstract to be matched, the file to be determined is the file to be called and fed back.
On the basis of the technical scheme, the target file calling module is further configured to, after acquiring the file to be determined from the interplanetary file system, temporarily store the file to be determined in a cache, and when the digital abstract to be verified is consistent with the digital abstract to be matched, take the file to be determined as the file to be called and feed back the file.
On the basis of the above technical solution, the to-be-called file determining unit is specifically configured to:
if the to-be-determined file is not obtained from the interplanetary file system according to the to-be-verified digital abstract, prompting that the ciphertext sequence is invalid; or if the digital abstract to be verified is different from the digital abstract to be matched, determining that the file to be determined is not the file to be called, feeding back a prompt of file acquisition failure, and deleting the file to be determined from the cache.
The file storage device provided by the embodiment of the disclosure can execute the file storage method provided by any embodiment of the disclosure, and has corresponding functional modules and beneficial effects of the execution method.
It should be noted that, the units and modules included in the apparatus are merely divided according to functional logic, but are not limited to the above division as long as the corresponding functions can be implemented; in addition, specific names of the functional units are also only used for distinguishing one functional unit from another, and are not used for limiting the protection scope of the embodiments of the present disclosure.
Example four
Fig. 6 is a schematic structural diagram of an electronic device according to a fourth embodiment of the present invention. FIG. 6 illustrates a block diagram of an exemplary electronic device 60 suitable for use in implementing embodiments of the present invention. The electronic device 60 shown in fig. 6 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiment of the present invention.
As shown in fig. 6, the electronic device 60 is in the form of a general purpose computing device. The components of the electronic device 60 may include, but are not limited to: one or more processors or processing units 601, a system memory 602, and a bus 603 that couples various system components including the system memory 602 and the processing unit 601.
The system memory 602 may include computer system readable media in the form of volatile memory, such as Random Access Memory (RAM)604 and/or cache memory 605. The electronic device 60 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 606 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 6, commonly referred to as a "hard drive"). Although not shown in FIG. 6, a magnetic disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical media) may be provided. In these cases, each drive may be connected to the bus 603 by one or more data media interfaces. Memory 602 may include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the invention.
A program/utility 608 having a set (at least one) of program modules 607 may be stored, for instance, in the memory 602, such program modules 607 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which or some combination of which may comprise an implementation of a network environment. The program modules 607 generally perform the functions and/or methods of the described embodiments of the invention.
The electronic device 60 may also communicate with one or more external devices 609 (e.g., keyboard, pointing device, display 610, etc.), one or more devices that enable a user to interact with the electronic device 60, and/or any device (e.g., network card, modem, etc.) that enables the electronic device 60 to communicate with one or more other computing devices. Such communication may occur via an input/output (I/O) interface 611. Also, the electronic device 60 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) via the network adapter 612. As shown, the network adapter 612 communicates with the other modules of the electronic device 60 via the bus 603. It should be appreciated that although not shown in FIG. 6, other hardware and/or software modules may be used in conjunction with electronic device 60, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
The processing unit 601 executes various functional applications and data processing by executing programs stored in the system memory 602, for example, implementing a file storage method provided by an embodiment of the present invention.
EXAMPLE five
Fifth, an embodiment of the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, perform a data storage method. The method comprises the following steps:
processing the file to be stored based on a Hash algorithm when the file to be stored is received to obtain a digital abstract corresponding to the file to be stored; the file to be stored comprises an electronic contract to be stored and process data;
encrypting the digital abstract based on a public key corresponding to a target user to obtain a ciphertext sequence;
and the ciphertext sequence is stored in an uplink mode, the file to be stored is stored in an interplanetary file system, the block number of the ciphertext sequence is stored in a feedback mode, when the block number corresponding to the file to be called is received, the ciphertext sequence is obtained from the block chain, and the file to be called is called from the interplanetary file system according to the ciphertext sequence.
Computer storage media for embodiments of the invention may employ any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for embodiments of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in some detail by the above embodiments, the invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the invention, and the scope of the invention is determined by the scope of the appended claims.
Claims (10)
1. A file storage method, comprising:
processing the file to be stored based on a Hash algorithm when the file to be stored is received to obtain a digital abstract corresponding to the file to be stored; the file to be stored comprises an electronic contract to be stored and process data;
encrypting the digital abstract based on a public key corresponding to a target user to obtain a ciphertext sequence;
and the ciphertext sequence is stored in an uplink mode, the file to be stored is stored in an interplanetary file system, the block number of the ciphertext sequence is stored in a feedback mode, when the block number corresponding to the file to be called is received, the ciphertext sequence is obtained from the block chain, and the file to be called is called from the interplanetary file system according to the ciphertext sequence.
2. The method of claim 1, further comprising, prior to receiving the file to be stored:
and acquiring a user identifier corresponding to a target user, generating a public key and a private key based on the user identifier, encrypting the digital digest based on the public key, and decrypting the ciphertext sequence based on the private key.
3. The method of claim 1, wherein the storing the ciphertext sequence uplink comprises:
generating a new block on the block chain to store the ciphertext sequence based on the new block.
4. The method of claim 1, further comprising:
when a file calling request is received, acquiring a block number carried in the file calling request;
acquiring a ciphertext sequence consistent with the file calling request from a block chain according to the block number;
and acquiring the file to be called corresponding to the file calling request from the interplanetary file system based on the ciphertext sequence.
5. The method according to claim 4, wherein the obtaining the file to be called corresponding to the file calling request from the interplanetary file system based on the ciphertext sequence comprises:
decoding the ciphertext sequence based on a private key corresponding to the target user to obtain a digital abstract to be verified;
if the file to be determined is obtained from the interplanetary file system according to the digital abstract to be verified, encrypting the file to be determined based on a Hash algorithm to obtain a digital abstract to be matched;
and if the digital abstract to be verified is consistent with the digital abstract to be matched, the file to be determined is the file to be called and fed back.
6. The method of claim 5, after obtaining the file to be determined from the interplanetary file system, further comprising:
and temporarily storing the file to be determined into a cache, and when the digital abstract to be verified is consistent with the digital abstract to be matched, taking the file to be determined as the file to be called and feeding back the file.
7. The method of claim 6, further comprising:
if the to-be-determined file is not acquired from the interplanetary file system according to the to-be-verified digital abstract, prompting that the ciphertext sequence is invalid; or the like, or, alternatively,
and if the digital abstract to be verified is different from the digital abstract to be matched, determining that the file to be determined is not the file to be called, feeding back a prompt of file acquisition failure, and deleting the file to be determined from the cache.
8. A file storage apparatus, the apparatus comprising:
the digital abstract acquiring module is used for processing the file to be stored based on a Hash algorithm when the file to be stored is received, so as to obtain a digital abstract corresponding to the file to be stored; the file to be stored comprises an electronic contract to be stored and process data;
the ciphertext sequence acquisition module encrypts the digital summary based on a public key corresponding to a target user to obtain a ciphertext sequence;
and the target file storage module is used for chaining and storing the ciphertext sequence, storing the file to be stored into the interplanetary file system, feeding back the block number for storing the ciphertext sequence, acquiring the ciphertext sequence from the block chain when receiving the block number corresponding to the file to be called, and calling the file to be called from the interplanetary file system according to the ciphertext sequence.
9. An electronic device, characterized in that the electronic device comprises:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the file storage method of any one of claims 1-7.
10. A storage medium containing computer-executable instructions for performing the file storage method of any one of claims 1-7 when executed by a computer processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210186129.0A CN114615031A (en) | 2022-02-28 | 2022-02-28 | File storage method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210186129.0A CN114615031A (en) | 2022-02-28 | 2022-02-28 | File storage method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114615031A true CN114615031A (en) | 2022-06-10 |
Family
ID=81859421
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210186129.0A Pending CN114615031A (en) | 2022-02-28 | 2022-02-28 | File storage method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114615031A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115664852A (en) * | 2022-12-14 | 2023-01-31 | 金钱猫科技股份有限公司 | Data management method and system based on block chain technology |
| CN116185291A (en) * | 2023-02-06 | 2023-05-30 | 深圳市迈科龙电子有限公司 | Middleware storage method and device, electronic equipment and readable storage medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108965486A (en) * | 2018-10-08 | 2018-12-07 | 深圳市创维软件有限公司 | A kind of document down loading method, system, server and storage medium |
| CN110008194A (en) * | 2019-03-01 | 2019-07-12 | 上海七印信息科技有限公司 | A kind of rapid file acquisition methods based on block chain and interspace file system IPFS |
| CN110083606A (en) * | 2019-04-25 | 2019-08-02 | 深圳市豪斯莱科技有限公司 | Across chain storage method, terminal and storage medium |
| CN110570313A (en) * | 2019-09-27 | 2019-12-13 | 深圳市网心科技有限公司 | data transaction method, data transaction device and system based on block chain |
| CN111711611A (en) * | 2020-05-22 | 2020-09-25 | 易联众信息技术股份有限公司 | Data processing method, device, medium, equipment and application based on block chain |
| US20200412525A1 (en) * | 2019-06-26 | 2020-12-31 | Grid7 Llc D/B/A Taekion | Blockchain filesystem |
| CN112836229A (en) * | 2021-02-10 | 2021-05-25 | 北京深安信息科技有限公司 | Attribute-based encryption and block-chaining combined trusted data access control scheme |
| CN112954000A (en) * | 2021-01-13 | 2021-06-11 | 迅鳐成都科技有限公司 | Privacy information management method and system based on block chain and IPFS technology |
-
2022
- 2022-02-28 CN CN202210186129.0A patent/CN114615031A/en active Pending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108965486A (en) * | 2018-10-08 | 2018-12-07 | 深圳市创维软件有限公司 | A kind of document down loading method, system, server and storage medium |
| CN110008194A (en) * | 2019-03-01 | 2019-07-12 | 上海七印信息科技有限公司 | A kind of rapid file acquisition methods based on block chain and interspace file system IPFS |
| CN110083606A (en) * | 2019-04-25 | 2019-08-02 | 深圳市豪斯莱科技有限公司 | Across chain storage method, terminal and storage medium |
| US20200412525A1 (en) * | 2019-06-26 | 2020-12-31 | Grid7 Llc D/B/A Taekion | Blockchain filesystem |
| CN110570313A (en) * | 2019-09-27 | 2019-12-13 | 深圳市网心科技有限公司 | data transaction method, data transaction device and system based on block chain |
| CN111711611A (en) * | 2020-05-22 | 2020-09-25 | 易联众信息技术股份有限公司 | Data processing method, device, medium, equipment and application based on block chain |
| CN112954000A (en) * | 2021-01-13 | 2021-06-11 | 迅鳐成都科技有限公司 | Privacy information management method and system based on block chain and IPFS technology |
| CN112836229A (en) * | 2021-02-10 | 2021-05-25 | 北京深安信息科技有限公司 | Attribute-based encryption and block-chaining combined trusted data access control scheme |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115664852A (en) * | 2022-12-14 | 2023-01-31 | 金钱猫科技股份有限公司 | Data management method and system based on block chain technology |
| CN116185291A (en) * | 2023-02-06 | 2023-05-30 | 深圳市迈科龙电子有限公司 | Middleware storage method and device, electronic equipment and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110879903B (en) | Evidence storage method, evidence verification method, evidence storage device, evidence verification equipment and evidence verification medium | |
| CN111460453B (en) | Machine learning training method, controller, device, server, terminal and medium | |
| JP6671278B2 (en) | Data transfer optimization | |
| WO2021003980A1 (en) | Blacklist sharing method and apparatus, computer device and storage medium | |
| CN107612683B (en) | Encryption and decryption method, device, system, equipment and storage medium | |
| US9160535B2 (en) | Truly anonymous cloud key broker | |
| CN110084599B (en) | Key processing method, device, equipment and storage medium | |
| CN111835774B (en) | Data processing method, device, equipment and storage medium | |
| CN109194669B (en) | Data transmission method, device, equipment and medium of lightweight node | |
| CN109951295B (en) | Key processing and using method, device, equipment and medium | |
| CN114615031A (en) | File storage method and device, electronic equipment and storage medium | |
| CN113610526A (en) | Data trust method and device, electronic equipment and storage medium | |
| CN113468599A (en) | File storage certificate method, device, system, equipment and storage medium | |
| CN111698312A (en) | Service processing method, device, equipment and storage medium based on open platform | |
| CN110545542B (en) | Main control key downloading method and device based on asymmetric encryption algorithm and computer equipment | |
| KR20210103615A (en) | Blockchain-based user authentication model | |
| CN113946863A (en) | Data encryption storage method, system, equipment and storage medium | |
| CN110719590B (en) | One-key login method, device, equipment and storage medium based on mobile phone number | |
| CN114448722B (en) | Cross-browser login method and device, computer equipment and storage medium | |
| EP4141721A1 (en) | System and method for secure collection and display of sensitive data | |
| CN116132041A (en) | Key processing method and device, storage medium and electronic equipment | |
| CN115659378A (en) | Case record information evidence storing method and related equipment | |
| CN114117404A (en) | User authentication method, device, equipment, system and storage medium | |
| CN113904865A (en) | Log transmission method and device based on asymmetric algorithm | |
| CN114338156A (en) | Data processing method, device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |