CN116628636A - Software code hosting method, system, computer device and storage medium - Google Patents
Software code hosting method, system, computer device and storage medium Download PDFInfo
- Publication number
- CN116628636A CN116628636A CN202310569157.5A CN202310569157A CN116628636A CN 116628636 A CN116628636 A CN 116628636A CN 202310569157 A CN202310569157 A CN 202310569157A CN 116628636 A CN116628636 A CN 116628636A
- Authority
- CN
- China
- Prior art keywords
- software code
- receiving end
- software
- receiving
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000012795 verification Methods 0.000 claims abstract description 65
- 239000012634 fragment Substances 0.000 claims abstract description 63
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 23
- 238000004590 computer program Methods 0.000 claims description 30
- 230000008569 process Effects 0.000 abstract description 9
- 238000005516 engineering process Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000001343 mnemonic effect Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 108700038352 BIP protocol Proteins 0.000 description 1
- OKTJSMMVPCPJKN-UHFFFAOYSA-N Carbon Chemical compound [C] OKTJSMMVPCPJKN-UHFFFAOYSA-N 0.000 description 1
- 230000004913 activation Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 229910021389 graphene Inorganic materials 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000012797 qualification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/105—Arrangements for software license management or administration, e.g. for managing licenses at corporate level
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
- G06F21/445—Program or device authentication by mutual authentication, e.g. between devices or programs
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The application relates to a software code hosting method, a system, a computer device and a storage medium, which are applied to a software code hosting system, wherein the method comprises the following steps: generating private key fragments corresponding to a sending end, a notarization end and a receiving end of the software code based on a hosting request of the sending end of the software code; receiving a software code and first proving information provided by the transmitting end; under the condition that the first proving information passes verification, verifying the second proving information provided by the receiving end; generating a complete signature by using an elliptic curve algorithm based on private key fragments of the sending end, the notarization end and the receiving end under the condition that the second proving information passes verification; and determining whether the complete signature is correct, and if so, transmitting the software code to the receiving end. By adopting the method, reliable software code delivery can be realized on the basis of guaranteeing the privacy of the software code, and the safety of the software code delivery process is improved.
Description
Technical Field
The present application relates to the field of blockchain technologies, and in particular, to a software code hosting method, a system, a computer device, and a storage medium.
Background
In the software development process, if one party with software requirements does not have the condition of software development, software needs to be entrusted to a software service provider of the other party for development, and the high value and confidentiality of the software code lead to easy benefit disputes when the two parties deliver the software code, and reliable software code delivery cannot be completed. In order to realize the delivery of the software code, in the related technology, the software code of the service side is generally uploaded to a third party platform, after the third party platform performs the auditing, the software code is delivered to the receiver according to the auditing result, and the third party platform can acquire the related software code in the auditing process, so that the risk of code leakage exists.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a software code hosting method, system, computer device, and storage medium that enable reliable software code delivery while ensuring the privacy of the software code.
In a first aspect, the present application provides a software code hosting method, the method comprising:
generating private key fragments corresponding to a sending end, a notarization end and a receiving end of the software code based on a hosting request of the sending end of the software code;
receiving a software code and first proving information provided by the transmitting end;
under the condition that the first proving information passes verification, verifying the second proving information provided by the receiving end;
generating a complete signature by using an elliptic curve algorithm based on private key fragments of the sending end, the notarization end and the receiving end under the condition that the second proving information passes verification;
and determining whether the complete signature is correct, and if so, transmitting the software code to the receiving end.
In one embodiment, when the first certification information provided by the sending end passes the verification, the method includes, before verifying the second certification information provided by the receiving end:
based on the software code, generating corresponding software, and verifying the first proving information provided by the sending end;
and under the condition that the first proving information passes verification, verifying the second proving information provided by the receiving end.
In one embodiment, the hosting request includes sender information and receiver information of the software code, and the generating private key fragments of the sender, the notarization terminal, and the receiver includes:
and respectively generating private key fragments of the sending end, the notarization end and the receiving end by using a gg18 calculation algorithm based on the hosting request.
In one embodiment, in the case that the verification of the first certification information provided by the sending end passes, the verification of the second certification information provided by the receiving end includes:
transmitting verification passing information to a receiving end of the software code under the condition that the first certification information provided by the transmitting end passes verification;
and based on the verification passing information, receiving an acquisition request of the receiving end, and verifying the second proving information provided by the receiving end.
In one embodiment, the determining whether the complete signature is correct, and if so, sending the software code to the receiving end includes:
and determining whether the complete signature is correct or not based on the intelligent contract of the software code hosting system, and if so, automatically sending the software code to the receiving end.
In a second aspect, the present application also provides a software code hosting system, the system comprising a private key matching module, a software receiving module, an information verification module, a private key verification module, and an access control module, wherein,
the private key matching module is used for respectively distributing private key fragments to the sending end, the receiving end and the notarization end of the software code under the condition that the first proving information provided by the sending end of the software code passes verification;
the software receiving module is used for receiving the software code and the first proving information provided by the sending end;
the information verification module is used for verifying the second certification information provided by the receiving end under the condition that the first certification information provided by the sending end passes verification;
the private key verification module is used for generating a complete signature by using an elliptic curve algorithm based on private key fragments of the sending end, the notarization end and the receiving end under the condition that the second certification information provided by the receiving end passes verification;
and the access control module is used for determining whether the complete signature is correct, and if so, transmitting the software code to the receiving end.
In one embodiment, the system further includes a code component library module, where the code component library module is configured to receive and store the software code of the transmitting end, generate software corresponding to the software code, and scan and verify quality and copyright information of the software code to generate a software quality report and a copyright usage report of the software code.
In a third aspect, the present application also provides a computer device comprising a memory storing a computer program and a processor implementing the above-mentioned first aspect when executing the computer program.
In a fourth aspect, the present application also provides a computer readable storage medium having stored thereon a computer program which when executed by a processor implements the above described aspects.
In a fifth aspect, the application also provides a computer program product comprising a computer program, characterized in that the computer program, when executed by a processor, implements the contents of the first aspect described above.
The software code hosting method, the system, the computer equipment and the storage medium generate private key fragments corresponding to the sending end, the notarization end and the receiving end of the software code based on the hosting request of the sending end of the software code; receiving a software code and first proving information provided by the transmitting end; under the condition that the first proving information passes verification, verifying the second proving information provided by the receiving end; generating a complete signature by using an elliptic curve algorithm based on private key fragments of the sending end, the notarization end and the receiving end under the condition that the second proving information passes verification; and determining whether the complete signature is correct, if so, transmitting the software code to the receiving end, realizing reliable software code delivery on the basis of ensuring the privacy of the software code, and improving the safety of the software code delivery process.
Drawings
FIG. 1 is an application environment diagram of a software code hosting method in one embodiment;
FIG. 2 is a flow diagram of a software code hosting method in one embodiment;
FIG. 3 is a flowchart illustrating steps performed in step S203 in one embodiment;
fig. 4 is an internal structural diagram of a computer device in one embodiment.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present application more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the application.
The multi-signature technology is a technology that a plurality of users digitally sign the same message, and ensures the trust degree of digital information through the intervention of a proper third party. The blockchain technology has the characteristics of decentralization, information disclosure and tamper resistance, and can be used as a software code delivery realization scene.
The software code hosting method provided by the embodiment of the application can be applied to an application environment shown in figure 1. The terminal 101 includes a transmitting end 11, a notarizing end 21 and a receiving end 31, the terminal 101 communicates with a server 102 through a network, a software code hosting system 100 is built on the server 102, the software code hosting system 100 includes a private key matching module 10, a software receiving module 20, an information verifying module 30, a private key verifying module 40, an access control module 50 and a code component library module 60, and a data storage system 103 can store software code data that the server 102 needs to process. The data storage system 103 may be integrated on the server 102 or may be located on a cloud or other network server. On the software code hosting system 100, the private key matching module 10 generates private key fragments corresponding to a sender 11, a notarization end 21 and a receiver 31 of the software code based on a hosting request of the sender 11 of the software code; the software receiving module 20 receives the software code and the first certification information provided by the transmitting end 11; the information verification module 30 verifies the second certification information provided by the receiving end under the condition that the first certification information passes verification; the private key verification module 40 generates a complete signature by using an elliptic curve algorithm based on fragments corresponding to private key fragments of the sending end 11, the notarization end 21 and the receiving end 31 when the second certification information passes verification; the access control module 50 determines if the complete signature is correct and if so, sends the software code to the receiving end 31.
The terminal 101 may be, but not limited to, various personal computers, notebook computers, smart phones, tablet computers, and internet of things devices, which may be smart televisions, smart vehicle devices, and the like. The server 102 may be implemented as a stand-alone server or as a server cluster of multiple servers.
The code build library module 60 integrates a Black Duck plug-in and a Veracode plug-in. The Black Duck plug-in is used for scanning a third party code library referenced in the software code when the software code generates corresponding software, detecting whether the used third party code library has security holes and copyright problems, and generating a copyright use report of the third party code library. The Veracode plug-in is used for detecting whether the software code has loopholes and security risks, and the quality of the software code is evaluated in a multi-dimensional mode and a software quality report is generated.
In one embodiment, as shown in fig. 2, a software code hosting method is provided, and the application of the method to the application environment in fig. 1 is taken as an example for illustration, and the method includes the following steps:
s201, generating private key fragments corresponding to a sending end, a notarization end and a receiving end of the software code based on a hosting request of the sending end of the software code.
Specifically, before software code hosting, a hosting request of a sending end is received, and private key fragments corresponding to the sending end, a notarization end and a receiving end are generated.
S202, receiving the software code and the first proving information provided by the sending end.
The first proving information comprises matching degree of the software code and corresponding software, functional information of the software code, operation instructions of the corresponding software and the like.
And S203, verifying the second proving information provided by the receiving end under the condition that the first proving information passes verification.
In one embodiment, the following steps are further included before S203:
and generating corresponding software based on the software code, and verifying the first proving information provided by the transmitting end.
Specifically, the software code hosting system 100 receives the software code, generates corresponding software on the code component library module 60, and validates the first attestation information. If the software code on the code component library module 60 can generate corresponding software, the software is consistent with the software requirement of the receiving end, and the software quality report and the copyright usage report of the third party library meet the requirement of the receiving end, the first proving information provided by the sending end is verified, otherwise, the first proving information is not verified.
In this embodiment, by whether the software code of the transmitting end 11 can generate corresponding software in the software code hosting system 100, the first certification information is verified, and when the notarization end 21 is introduced to host the software code, the software code does not need to be disclosed to the notarization end 21, so that the verification of the software code is realized on the premise of ensuring the privacy of the software code.
Optionally, in one embodiment, generating the private key fragments of the sending end, the notarization end and the receiving end specifically includes the following steps:
and respectively generating private key fragments of the sending end, the notarization end and the receiving end by using a gg18 calculation algorithm based on the hosting request.
Specifically, a point is randomly taken on the ellipse secp256k1 by using an elliptic curve algorithm and subjected to a gg18 calculation algorithm, so that a configurable number of private key fragments can be generated. And generating private key fragments of the sending end, the notarization end and the receiving end respectively based on the hosting request of the sending end.
S204, under the condition that the second proving information passes verification, generating a complete signature by using an elliptic curve algorithm based on private key fragments of the sending end, the notarization end and the receiving end.
The second proving information comprises payment information corresponding to the software code, function information of the software code, quality requirement information, copyright statement information and the like.
Specifically, the notarization terminal 21 verifies the second certification information provided by the receiving terminal 31, and in the case that the second certification information passes, the private key verification module 40 of the software code hosting system 100 receives the fragments of the private keys of the transmitting terminal 11, the notarization terminal 21 and the receiving terminal 31, and generates a complete signature by using elliptic curve algorithm (ECDSA algorithm).
In one embodiment, as shown in fig. 3, S203 further includes the following steps:
s302, when the first proving information provided by the sending end passes verification, sending verification passing information to the receiving end of the software code.
S304, based on the verification passing information, receiving an acquisition request of the receiving end, and verifying second proving information provided by the receiving end.
Wherein the second attestation information is a proof of receipt of the corresponding software code. The acquiring request includes acquiring a software code and software corresponding to the software code.
Specifically, in the case that the first certification information is verified, the receiving end 31 receives the verification passing information of the notarization end 21, and sends an acquisition request to the notarization end 21, and the notarization end 21 verifies the second certification information provided by the receiving end 31, and confirms the receiving qualification of the software code of the receiving end. Then, in the case where the second certification information passes, the private key verification module 40 receives the private key fragments of each of the transmitting end 11, the notarizing end 21, and the receiving end 31.
S205, determining whether the complete signature is correct, and if so, transmitting the software code to the receiving end.
Specifically, on the software code hosting system 100, based on the intelligent contract of the blockchain decentralization, whether the complete signature is correct is judged, and if so, the software code and the software corresponding to the software code are automatically sent to the receiving end 31.
In the software code hosting method, private key fragments corresponding to the sending end, the notarization end and the receiving end of the software code are generated based on the hosting request of the sending end of the software code; receiving a software code and first proving information provided by the transmitting end; under the condition that the first proving information passes verification, verifying the second proving information provided by the receiving end; generating a complete signature by using an elliptic curve algorithm based on private key fragments of the sending end, the notarization end and the receiving end under the condition that the second proving information passes verification; and determining whether the complete signature is correct, if so, transmitting the software code to the receiving end, realizing reliable software code delivery on the basis of ensuring the privacy of the software code, and improving the safety of the software code delivery process.
In one example embodiment, a software code hosting method is provided, which is applied to a software code hosting system, wherein a software service party is a sending end of a software code, a software user party is a receiving end of the software code, a notarization department is a notarization end of the software code, and after the software service party completes the software code and the software with corresponding functions according to project contract specification with the software user party, the software service party uploads the software code to a code component library module of the software code hosting system, and specifically includes the following steps:
s401, receiving a hosting request sent by a sending end, randomly taking a point from an ellipse secp256k1 based on the hosting request by a private key matching module of a software code hosting system, respectively generating private key fragments of the sending end, a notarization end and a receiving end by using a gg18 calculation algorithm, and distributing the private key fragments to the sending end, the notarization end and the receiving end.
S402, after the sending end completes the software codes, the software codes are uploaded to a code component library module of the software code hosting system, the software codes are operated, whether corresponding software is generated or not is judged, and the notarization end verifies the first proving information provided by the sending end based on a software generation result.
If the corresponding software can be generated, the software corresponds to the function of the software required by the receiving end, and the software quality report and the copyright use report accord with the agreement, the first proving information passes verification to obtain the authentication information of the notarization end, the notarization end sends the authentication information to a private key matching module of the software code hosting system and the receiving end, and otherwise, the authentication failure information is returned to the sending end.
S403, under the condition that the first proving information is verified, verification passing information is sent to a receiving end of the software code, and the receiving end initiates an acquisition request based on the verification passing information and provides second proving information for verification. And the public certificate end verifies the second proving information, and under the condition that verification is passed, a private key verification module of the software code hosting system receives private key fragments of the sending end, the public certificate end and the receiving end and generates a complete signature by using an ECDSA elliptic curve algorithm.
S404, the complete signature is sent to an access control module of the software code hosting system, whether the complete signature is correct or not is judged by utilizing a blockchain intelligent contract on the access control module, if so, the software code and the corresponding software are automatically sent to a receiving end, otherwise, hosting failure information is returned to the sending end, a notarizing end and the receiving end.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
In one embodiment, a private key fragment encryption and decryption device is provided, and functions of the device are to encrypt and decrypt private key fragments, and the private key fragment encryption and decryption device is respectively bound to a sending end, a notarization end and a receiving end of a software code. Wherein the private key fragment encryption and decryption device is an offline device.
Specifically, private key fragments of a transmitting end, a notarizing end and a receiving end generated by combining an elliptic curve secp256k1 with a gg18 algorithm are all clear texts, and the leakage of the private key fragments easily causes the safety problem of a software code delivery process, so that the private key fragment encryption and decryption equipment encrypts and decrypts the private key fragments of the transmitting end, the notarizing end and the receiving end based on a BIP protocol, and the safety of the software code delivery process is improved.
Illustratively, the private key fragment encryption and decryption device generates a master key seed based on the BIP32 protocol, generates a mnemonic word easy to memorize from the master key seed based on the BIP39 protocol, and derives a tree-structured key character string from the mnemonic word of the master key seed based on the BIP44 protocol, wherein each key character string represents a symmetrically-encrypted key and can be used for encrypting and decrypting the private key fragment. The mnemonic is used for retrieving and recovering the equipment when the equipment is lost.
Specifically, when private key fragments of a sending end, a notarization end and a receiving end are generated on the software code hosting system, private key fragments are respectively bound to the sending end, the notarization end and the receiving end to encrypt and decrypt equipment. And the activation equipment generates respective mnemonics for the sending end, the notarization end and the receiving end respectively, encrypts the private key fragments by using the key character strings, wherein the encrypted key character strings are obtained by scanning the two-dimension codes of the private key fragment encryption and decryption equipment through a user camera of the software code hosting system, and the private key fragment encryption and decryption equipment is bound with the corresponding account through scanning the two-dimension codes of the user of the software code hosting system.
Optionally, the encryption key of the private key fragment encryption and decryption device may be reset according to a key string of a tree structure, so as to provide different encryption keys for the private key fragments received by each terminal.
Optionally, when decrypting by using the private key fragment encryption and decryption device, the information of the account is obtained by scanning the account two-dimensional code of the software code hosting system, the private key fragment encryption and decryption device searches the key character string encrypted by the private key fragment based on the information of the account, and the private key fragment encryption and decryption device generates a key two-dimensional code to be displayed on the device screen. And the user side of the account on the software code hosting system receives the key character string by scanning the encryption key two-dimensional code through the camera of the private electronic equipment, so as to realize decryption of the private key fragments.
In the embodiment, the provided private key fragment encryption and decryption equipment ensures the security of private key fragments of a sending end, a notarization end and a receiving end, and can dynamically generate different encryption keys at the same time, thereby avoiding the leakage problem caused by a long-time fixed key. Meanwhile, the decryption process performs offline interaction with the software code hosting system in a two-dimensional code mode, and the risk of network leakage is avoided.
In one embodiment, a computer device is provided, which may be a server, the internal structure of which may be as shown in fig. 4. The computer device includes a processor, a memory, an Input/Output interface (I/O) and a communication interface. The processor, the memory and the input/output interface are connected through a system bus, and the communication interface is connected to the system bus through the input/output interface. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system, computer programs, and a database. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The database of the computer device is for storing software code data. The input/output interface of the computer device is used to exchange information between the processor and the external device. The communication interface of the computer device is used for communicating with an external terminal through a network connection. The computer program is executed by a processor to implement a software code hosting method.
It will be appreciated by persons skilled in the art that the architecture shown in fig. 4 is merely a block diagram of some of the architecture relevant to the present inventive arrangements and is not limiting as to the computer device to which the present inventive arrangements are applicable, and that a particular computer device may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
In one embodiment, a computer device is provided comprising a memory and a processor, the memory having stored therein a computer program, the processor when executing the computer program performing the steps of:
generating private key fragments corresponding to a sending end, a notarization end and a receiving end of the software code based on a hosting request of the sending end of the software code;
receiving a software code and first proving information provided by the transmitting end;
under the condition that the first proving information passes verification, verifying the second proving information provided by the receiving end;
generating a complete signature by using an elliptic curve algorithm based on private key fragments of the sending end, the notarization end and the receiving end under the condition that the second proving information passes verification;
and determining whether the complete signature is correct, and if so, transmitting the software code to the receiving end.
In one embodiment, the processor when executing the computer program further performs the steps of: based on the software code, generating corresponding software, and verifying the first proving information provided by the sending end; under the condition that the first certification information passes verification, verifying the second certification information provided by the receiving end
In one embodiment, the processor when executing the computer program further performs the steps of: and respectively generating private key fragments of the sending end, the notarization end and the receiving end by using a gg18 calculation algorithm based on the hosting request.
In one embodiment, the processor when executing the computer program further performs the steps of: transmitting verification passing information to a receiving end of the software code under the condition that the first certification information provided by the transmitting end passes verification; and based on the verification passing information, receiving an acquisition request of the receiving end, and verifying the second proving information provided by the receiving end.
In one embodiment, the processor when executing the computer program further performs the step of determining whether the complete signature is correct based on an intelligent contract of the software code hosting system, and if so, transmitting the software code to the receiving end.
In one embodiment, a computer readable storage medium is provided having a computer program stored thereon, which when executed by a processor, performs the steps of:
generating private key fragments corresponding to a sending end, a notarization end and a receiving end of the software code based on a hosting request of the sending end of the software code;
receiving a software code and first proving information provided by the transmitting end;
under the condition that the first proving information passes verification, verifying the second proving information provided by the receiving end;
generating a complete signature by using an elliptic curve algorithm based on private key fragments of the sending end, the notarization end and the receiving end under the condition that the second proving information passes verification;
and determining whether the complete signature is correct, and if so, transmitting the software code to the receiving end.
In one embodiment, the computer program when executed by the processor further performs the steps of: based on the software code, generating corresponding software, and verifying the first proving information provided by the sending end; and under the condition that the first proving information passes verification, verifying the second proving information provided by the receiving end.
In one embodiment, the computer program when executed by the processor further performs the steps of: and respectively generating private key fragments of the sending end, the notarization end and the receiving end by using a gg18 calculation algorithm based on the hosting request.
In one embodiment, the computer program when executed by the processor further performs the steps of: transmitting verification passing information to a receiving end of the software code under the condition that the first certification information provided by the transmitting end passes verification; and based on the verification passing information, receiving an acquisition request of the receiving end, and verifying the second proving information provided by the receiving end.
In one embodiment, the computer program when executed by the processor further performs the steps of: and determining whether the complete signature is correct or not based on the intelligent contract of the software code hosting system, and if so, automatically sending the software code to the receiving end.
In one embodiment, a computer program product is provided comprising a computer program which, when executed by a processor, implements the methods and steps of the embodiments described above.
It should be noted that, the user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present application are information and data authorized by the user or sufficiently authorized by each party, and the collection, use and processing of the related data need to comply with the related laws and regulations and standards of the related country and region.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the embodiments provided herein may include at least one of a relational database and a non-relational database. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processor referred to in the embodiments provided in the present application may be a general-purpose processor, a central processing unit, a graphics processor, a digital signal processor, a programmable logic unit, a data processing logic unit based on quantum computing, or the like, but is not limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The foregoing examples illustrate only a few embodiments of the application and are described in detail herein without thereby limiting the scope of the application. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the application, which are all within the scope of the application. Accordingly, the scope of the application should be assessed as that of the appended claims.
Claims (10)
1. A software code hosting method applied to a software code hosting system, the method comprising:
generating private key fragments corresponding to a sending end, a notarization end and a receiving end of the software code based on a hosting request of the sending end of the software code;
receiving a software code and first proving information provided by the transmitting end;
under the condition that the first proving information passes verification, verifying the second proving information provided by the receiving end;
generating a complete signature by using an elliptic curve algorithm based on private key fragments of the sending end, the notarization end and the receiving end under the condition that the second proving information passes verification;
and determining whether the complete signature is correct, and if so, transmitting the software code to the receiving end.
2. The software code hosting method according to claim 1, wherein, in the case that the first certification information provided by the transmitting end is verified, before verifying the second certification information provided by the receiving end, the method comprises:
based on the software code, generating corresponding software, and verifying the first proving information provided by the sending end;
and under the condition that the first proving information passes verification, verifying the second proving information provided by the receiving end.
3. The software code hosting method of claim 1, wherein the hosting request includes sender information and receiver information of the software code, and wherein generating private key fragments for the sender, notarized side, and receiver comprises:
and respectively generating private key fragments of the sending end, the notarization end and the receiving end by using a gg18 calculation algorithm based on the hosting request.
4. The software code hosting method of claim 1, wherein the verifying the second attestation information provided by the receiving end if the first attestation information provided by the sending end is verified to pass comprises:
transmitting verification passing information to a receiving end of the software code under the condition that the first certification information provided by the transmitting end passes verification;
and based on the verification passing information, receiving an acquisition request of the receiving end, and verifying the second proving information provided by the receiving end.
5. The software code hosting method of claim 1, wherein the determining whether the complete signature is correct, and if so, transmitting the software code to the receiving end comprises:
and determining whether the complete signature is correct or not based on the intelligent contract of the software code hosting system, and if so, automatically sending the software code to the receiving end.
6. A software code hosting system, wherein the system comprises a private key matching module, a software receiving module, an information verification module, a private key verification module and an access control module, wherein,
the private key matching module is used for generating private key fragments corresponding to the sending end, the public certificate end and the receiving end of the software code based on the hosting request of the sending end of the software code;
the software receiving module is used for receiving the software code and the first proving information provided by the sending end;
the information verification module is used for verifying the second certification information provided by the receiving end under the condition that the first certification information provided by the sending end passes verification;
the private key verification module is used for generating a complete signature by using an elliptic curve algorithm based on private key fragments of the sending end, the notarization end and the receiving end under the condition that the second certification information provided by the receiving end passes verification;
and the access control module is used for determining whether the complete signature is correct, and if so, transmitting the software code to the receiving end.
7. The system of claim 6, further comprising a code component library module, wherein,
the code component library module is used for receiving and storing the software codes of the sending end, generating software corresponding to the software codes, scanning and verifying the quality and copyright information of the software codes, and generating a software quality report and a copyright use report of the software codes.
8. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor implements the steps of the method of any one of claims 1 to 5 when the computer program is executed.
9. A computer readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the method of any of claims 1 to 5.
10. A computer program product comprising a computer program, characterized in that the computer program, when being executed by a processor, implements the steps of the method according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310569157.5A CN116628636A (en) | 2023-05-16 | 2023-05-16 | Software code hosting method, system, computer device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310569157.5A CN116628636A (en) | 2023-05-16 | 2023-05-16 | Software code hosting method, system, computer device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116628636A true CN116628636A (en) | 2023-08-22 |
Family
ID=87641126
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310569157.5A Pending CN116628636A (en) | 2023-05-16 | 2023-05-16 | Software code hosting method, system, computer device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116628636A (en) |
-
2023
- 2023-05-16 CN CN202310569157.5A patent/CN116628636A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109194466B (en) | Block chain-based cloud data integrity detection method and system | |
| US7839278B2 (en) | Volatile device keys and applications thereof | |
| CN112131316B (en) | Data processing method and device applied to block chain system | |
| Yu et al. | Improved security of a dynamic remote data possession checking protocol for cloud storage | |
| Hao et al. | Deleting secret data with public verifiability | |
| Yu et al. | Remote data possession checking with enhanced security for cloud storage | |
| US20100115260A1 (en) | Universal secure token for obfuscation and tamper resistance | |
| CN111294203B (en) | Information transmission method | |
| US10158613B1 (en) | Combined hidden dynamic random-access devices utilizing selectable keys and key locators for communicating randomized data together with sub-channels and coded encryption keys | |
| CN111131336B (en) | Resource access method, device, equipment and storage medium under multi-party authorization scene | |
| CN109005196A (en) | Data transmission method, data decryption method, device and electronic equipment | |
| US8862893B2 (en) | Techniques for performing symmetric cryptography | |
| CN116049802B (en) | Application single sign-on method, system, computer equipment and storage medium | |
| CN117155549A (en) | Key distribution method, key distribution device, computer equipment and storage medium | |
| CN116684102A (en) | Message transmission method, message verification method, device, equipment, medium and product | |
| US10623384B2 (en) | Combined hidden dynamic random-access devices utilizing selectable keys and key locators for communicating randomized data together with sub-channels and coded encryption keys | |
| CN116015846A (en) | Identity authentication method, identity authentication device, computer equipment and storage medium | |
| CN114553557A (en) | Key calling method, key calling device, computer equipment and storage medium | |
| CN116628636A (en) | Software code hosting method, system, computer device and storage medium | |
| CN114499875A (en) | Service data processing method and device, computer equipment and storage medium | |
| CN116599771B (en) | Data hierarchical protection transmission method and device, storage medium and terminal | |
| CN117010000B (en) | Data security service method, device, computer equipment and storage medium | |
| CN114567444B (en) | Digital signature verification method, device, computer equipment and storage medium | |
| WO2023134576A1 (en) | Data encryption method, attribute authorization center, and storage medium | |
| CN117371051A (en) | Data matching method, device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |