CN116996228A - Compressed file signing method and device, electronic equipment and storage medium - Google Patents
Compressed file signing method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN116996228A CN116996228A CN202310886108.4A CN202310886108A CN116996228A CN 116996228 A CN116996228 A CN 116996228A CN 202310886108 A CN202310886108 A CN 202310886108A CN 116996228 A CN116996228 A CN 116996228A
- Authority
- CN
- China
- Prior art keywords
- file
- byte array
- bytes
- byte
- segment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 24
- 238000004364 calculation method Methods 0.000 claims description 9
- 238000000638 solvent extraction Methods 0.000 claims description 2
- 238000004590 computer program Methods 0.000 description 11
- 238000004891 communication Methods 0.000 description 9
- 238000012545 processing Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 238000005070 sampling Methods 0.000 description 4
- 238000012795 verification Methods 0.000 description 4
- 238000013144 data compression Methods 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000010267 cellular communication Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000011218 segmentation Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 230000007306 turnover Effects 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/06—Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/104—Peer-to-peer [P2P] networks
- H04L67/1074—Peer-to-peer [P2P] networks for supporting data block transmission mechanisms
- H04L67/1078—Resource delivery mechanisms
- H04L67/108—Resource delivery mechanisms characterised by resources being split in blocks or fragments
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
Abstract
The disclosure provides a compressed file signing method, a compressed file signing device, electronic equipment and a storage medium, and relates to the field of security. The method comprises the following steps: obtaining bytes of a specific position of a file to form a byte array; calculating the abstract of the byte array by using an abstract algorithm; and encrypting the abstract by using the private key to generate a signature. By implementing the technical scheme disclosed by the application, the calculated amount required by calculating the abstract can be reduced, and the signature speed is improved.
Description
Technical Field
The present application relates to the field of security, and in particular, to a method, an apparatus, an electronic device, and a storage medium for signing a compressed file.
Background
Digital signatures can be used to verify that a message is coming from a particular object to be sent, and can also be used to prove that the message has not been tampered with, simply by applying an asymmetric encryption algorithm, i.e., encrypting the message with a private key and decrypting the message with a public key.
The existing digital signature has the defect that the time consumption is extremely long when a large file is processed: because the binary stream of the whole file needs to be input as a digest algorithm, no matter what digest algorithm is used, the calculation of the digest of the large file must take very long calculation time, and finally, no matter whether the sender generates a signature or the receiver verifies a message, the calculation consumes long time and calculation resources.
Disclosure of Invention
In order to solve at least one technical problem in the prior art, the present disclosure provides a compressed file signing method, a device, an electronic apparatus and a storage medium.
According to a first aspect of the present disclosure, there is provided a compressed file signing method, including:
obtaining bytes of a specific position of a file to form a byte array;
calculating the abstract of the byte array by using an abstract algorithm;
and encrypting the abstract by using a private key to generate a signature.
Optionally, the byte array includes a base byte array including bytes of the partially compressed data of the file and an additional byte array including bytes of the check code of the file.
Optionally, the additional byte array further comprises bytes of uncompressed size of the file.
Optionally, the byte array includes a basic byte array;
the obtaining bytes of the specific location of the file to form a byte array includes:
dividing the file into m segments according to a preset dividing rule;
and acquiring bytes of preset positions of each segment to form a basic byte array.
Optionally, the preset dividing rule is to divide the file into m segments on average.
Optionally, the bytes of the preset position of the segment are the first p bytes of the segment, or the bytes of the preset position of the segment are the last p bytes of the segment.
Optionally, the byte array includes an additional byte array;
the obtaining bytes of the specific location of the file to form a byte array includes:
determining the file type of the file;
determining byte positions of check codes in the file according to the file type;
and acquiring bytes of the check code in the file according to the byte positions to form the additional byte array.
According to a second aspect of the present disclosure, there is provided a compressed file signing apparatus comprising:
the acquisition module is used for acquiring bytes at specific positions of the file to form a byte array;
the digest calculation module is used for calculating the digest of the byte array by using a digest algorithm;
and the signature generation module is used for encrypting the abstract by using a private key to generate a signature.
According to a third aspect of the present disclosure, there is provided an electronic device comprising:
a processor; and
a memory in which a program is stored,
wherein the program comprises instructions which, when executed by the processor, cause the processor to perform the method according to any of the first aspects of the present disclosure.
According to a fourth aspect of the present disclosure, there is provided a non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the method according to any one of the first aspects of the present disclosure.
According to the one or more technical schemes provided by the embodiment of the application, bytes at specific positions of the file can be acquired to form the byte array, and the signature of the file is generated based on the abstract of the byte array, so that on one hand, the calculated amount required by calculating the abstract can be reduced, the signature speed can be improved, and on the other hand, the signature safety can be considered.
Drawings
The accompanying drawings, which are included to provide a further understanding of the disclosure and are incorporated in and constitute a part of this specification, illustrate exemplary embodiments of the disclosure and together with the description serve to explain the principles of the disclosure.
FIG. 1 illustrates a flow chart of a compressed file signing method according to an exemplary embodiment of the present disclosure;
FIG. 2 illustrates a sub-flowchart of a compressed file signing method according to an exemplary embodiment of the present disclosure;
FIG. 3 illustrates another sub-flowchart of a compressed file signing method according to an exemplary embodiment of the present disclosure;
FIG. 4 illustrates a schematic block diagram of a compressed file device according to an exemplary embodiment of the present disclosure;
fig. 5 illustrates a block diagram of an exemplary electronic device that can be used to implement embodiments of the present disclosure.
Detailed Description
Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure have been shown in the accompanying drawings, it is to be understood that the present disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein, but are provided to provide a more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the present disclosure are for illustration purposes only and are not intended to limit the scope of the present disclosure.
It should be understood that the various steps recited in the method embodiments of the present disclosure may be performed in a different order and/or performed in parallel. Furthermore, method embodiments may include additional steps and/or omit performing the illustrated steps. The scope of the present disclosure is not limited in this respect.
The term "including" and variations thereof as used herein are intended to be open-ended, i.e., including, but not limited to. The term "based on" is based at least in part on. The term "one embodiment" means "at least one embodiment"; the term "another embodiment" means "at least one additional embodiment"; the term "some embodiments" means "at least some embodiments. Related definitions of other terms will be given in the description below. It should be noted that the terms "first," "second," and the like in this disclosure are merely used to distinguish between different devices, modules, or units and are not used to define an order or interdependence of functions performed by the devices, modules, or units.
It should be noted that references to "one", "a plurality" and "a plurality" in this disclosure are intended to be illustrative rather than limiting, and those of ordinary skill in the art will appreciate that "one or more" is intended to be understood as "one or more" unless the context clearly indicates otherwise.
The names of messages or information interacted between the various devices in the embodiments of the present disclosure are for illustrative purposes only and are not intended to limit the scope of such messages or information.
Aspects of the present disclosure are described below with reference to the accompanying drawings.
Referring to fig. 1, a compressed file signing method includes:
s101, acquiring bytes of a specific position of a file to form a byte array.
In one embodiment, the byte array includes a base byte array including bytes of the partially compressed data of the file and an additional byte array including bytes of the check code of the file. The byte of the compressed data is matched with the byte of the check code, so that the accuracy of signature verification can be improved. Optionally, the additional byte array further comprises bytes of uncompressed size of the file.
S102, calculating the digest of the byte array by using a digest algorithm.
The "hash algorithm" or "Digest algorithm" mentioned in this embodiment refers to the same type of algorithm, and by which an input of any length can be kneaded to obtain an algorithm with a fixed pseudo-random output, a SHA (Secure Hash Algorithm secure hash algorithm) algorithm family or an MD (Message Digest algorithm) algorithm family is commonly used. The larger the input of such an algorithm, the longer the computation time, and accordingly, the "hash" or "digest" referred to in the present application refers to the output result of the algorithm.
S103, encrypting the abstract by using the private key to generate a signature.
And encrypting the abstract by using the private key to obtain the signature. The signature can be decrypted by the corresponding public key, and whether the verification is passed or not is judged according to the decrypted digest and the digest obtained by calculation according to the original file by adopting the corresponding calculation mode when the signature is generated.
The public and private keys mentioned in this embodiment are corresponding keys in PKI (Public Key Infrastructure public key infrastructure), one private key for each unique public key, the information encrypted by the private key being decryptable only by the corresponding public key.
The method for signing the compressed file in the embodiment can acquire bytes at specific positions of the file to form a byte array, and generates the signature of the file based on the abstract of the byte array, so that on one hand, the calculated amount required by calculating the abstract can be greatly reduced, the signature speed is improved, the corresponding verification speed is improved, and on the other hand, the safety of the signature can be considered.
In one embodiment, the byte array includes a base byte array. Referring to fig. 2, step S101 includes:
s201, dividing the file into m segments according to a preset dividing rule.
The preset dividing rule can be set according to actual requirements. For compressed files, most of existing lossless data compression algorithms, including ZIP, GZIP, etc., are based on paper A Universal Algorithm for Sequential Data Compression in 1977, and the core is to use a combination of distance and length instead of a repeated byte string. Then, if a byte in the file fluctuates, the compression result following the byte may also fluctuate in conductivity, and the segmented acquisition mode can quickly detect the conductivity fluctuation.
Illustratively, the preset partitioning rule is to divide the file into m segments on average.
The preset dividing rule is to divide the file into m segments at a large-small interval.
Taking the example of dividing the file into m segments on average, the number m of segments can be input or predetermined according to a user; dividing the total length L of the file by the number m of the segments to obtain the length of each segment; and acquiring data corresponding to each segment.
For example, when the total length L of data is not divided by the number n of segments, the remaining data may be uniformly distributed among the preceding segments, and then the data in the remaining segments may be distributed all over to the last segment. Specifically, the total length L of the data is used for taking the remainder of the segmentation number m to obtain a remainder; the remainder is evenly distributed among the preceding segments. More specifically, the remainder is divided by m to obtain the amount of data that needs to be added additionally per segment. These additional data are then distributed evenly in turn over the preceding segments. For example, assume that the data length is 100 and the number of segments is 90. Each segment has a length of 1. The remainder is 10, which 10 needs to be evenly distributed among the preceding segments. The amount of data that needs to be added additionally per segment is 10/90=0.1111, rounded down to 0. Thus, without the need to add additional data, each of the first 90-10 = 80 segments takes 1 data out, and the last 10 data are all allocated to the last segment. It should be noted that the data herein are merely for illustrative purposes, and the above numerical values are not actually adopted.
For example, when the total length L of data is not divided by the number n of segments, the remaining data may be all allocated to the last segment. Specifically, the total length of the data is used for taking the remainder of the segment number m, and the remainder is obtained. The remaining data is fully allocated to the last segment. For example, assume that the data length is 100 and the number of segments is 90. Each segment has a length of 1. The remainder is 10, and all of the 10 data are allocated to the last segment. Each of the first 89 segments takes 1 data and the last segment takes 10 data. It should be noted that the data herein are merely for illustrative purposes, and the above numerical values are not actually adopted.
S202, acquiring bytes of preset positions of each segment to form a basic byte array.
The preset position can be set according to actual requirements.
The preset locations may be, for example, the first p byte locations of the segment.
The preset location may be, for example, the last p byte locations of the segment.
The P value may be set according to actual requirements, for example, a value between 4 and 16, for example, 8. When the file is divided into m segments, a basic byte array with a length of m×p can be obtained.
In one embodiment, the byte array includes an additional byte array. Referring to fig. 3, S101 includes:
s301, determining the file type of the file.
The file type of the file may be determined according to a corresponding file type determining method. For example, it may be determined according to the file type of the file.
S302, determining the byte position of the check code in the file according to the file type.
The byte position of the check code in the file may be determined according to a corresponding byte position determination method. For example, the byte position of the check code in the file may be determined from the relevant format rules for the file type. For example, a relationship list of various file types and byte positions of the check codes may be preset, and the byte positions of the check codes are determined according to the relationship list.
Hereinafter, GZIP files and ZIP files are exemplified.
GZIP file:
according to RFC 1952, a GZIP file contains the following four parts:
1. header, comprising 10 bytes
2. Optional extension head
3. Document body
4. Tail note containing 8 bytes
The tail of each GZIP file includes a CRC32 check code and an uncompressed original data length. Then the additional byte array A2 corresponding to the GZIP file type is the last 8 bytes of the file.
ZIP file:
according to the ZIP file format specification, a ZIP file is made up of several segments, each representing a compressed file. The overall structure is as follows:
[local file header 1]
[file data 1]
[data descriptor 1]
...
[local file header n]
[file data n]
[data descriptor n]
[archive decryption header](EFS)
[archive extra data record](EFS)
[central directory]
[zip64 end of central directory record]
[zip64 end of central directory locator]
[end of central directory record]
the format of each [ local file header ] is as follows:
file name(variable size)
extra field(variable size)
each local file header includes a cyclic redundancy check (CRC 32) and an uncompressed size (uncompressed size). Then, the CRC32 and the bytes corresponding to the uncompressed size in each file segment are acquired to form the additional byte array A2 of the ZIP-type file.
The final byte array A consists of a base byte array A1 and an additional byte array A2.
S303, obtaining bytes of check codes in the file according to the byte positions to form an additional byte array.
In one or more embodiments of the present disclosure, the length of the additional byte array A2 is substantially determined during character acquisition of the file. By selecting the appropriate m and p, the basic byte array A1 can be made much smaller than the file length of the file, and then much less time and computing resources than the full-size computation will be consumed in computing the digest, thereby improving the speed of signing and verification as a whole.
One or more embodiments of the present disclosure may compromise security and efficiency for large compressed files. Taking a certain MRO (Measurement Report of Original Type measurement report raw data) file as an example, the MRO file is about 300-400 m, and it takes about 1000 milliseconds to calculate the MRO file digest according to the existing method. The MRO file is generated once every 15 minutes and then collected by the upper platform. The upper platform must also take about 1000 milliseconds to verify if the MRO file is complete. Obviously, using the existing digital signature method for the MRO file greatly increases the system load and reduces the processing speed.
The upper collection platform collects the latest generated MRO files every 15 minutes. If tampering with the MRO file is desired, this must be done within 15 minutes. On the premise of using the acquired signature, there is a possibility of constructing a file with the same signature but different contents. However, since on the one hand the file is large (MRO files typically have 300-400 m); on the other hand, the tamperer must complete the tampering within a specific time (the tampering of the MRO file must be completed within 15 minutes), and basically it can be considered that the tamperer does not have enough computing resources and time to complete the tampering. The file size and time limit are combined, so that the security of the compressed file signature realized by the sampling technology in the application is ensured.
Referring to fig. 4, a compressed file signing apparatus includes:
the sampling module 401 is configured to use the samples to obtain bytes at a specific location in the file, and form a byte array.
The digest calculation module 402 is configured to calculate a digest of the byte array using a digest algorithm.
The signature generation module 403 is configured to encrypt the digest with the private key to generate a signature.
In one embodiment, the byte array includes a base byte array including bytes of the partially compressed data of the file and an additional byte array including bytes of the check code of the file. Optionally, the additional byte array further comprises bytes of uncompressed size of the file.
In one embodiment, the byte array includes a base byte array; the sampling module 401 is configured to obtain bytes at a specific location of a file, so as to form a byte array, and is specifically configured to: dividing the file into m segments according to a preset dividing rule; bytes of the preset position of each segment are acquired to form a basic byte array.
Optionally, the preset dividing rule is to divide the file into m segments on average.
Optionally, the bytes of the preset position of the segment are the first p bytes of the segment.
Optionally, the bytes of the preset position of the segment are the last p bytes of the segment.
In one embodiment, the byte array includes an additional byte array; the sampling module 401 is configured to obtain bytes at a specific location of a file, so as to form a byte array, and is specifically configured to: determining the file type of the file; determining byte positions of check codes in the file according to the file type; and acquiring bytes of the check codes in the file according to the byte positions to form an additional byte array.
The exemplary embodiments of the present disclosure also provide an electronic device including: at least one processor; and a memory communicatively coupled to the at least one processor. The memory stores a computer program executable by the at least one processor for causing the electronic device to perform a method according to embodiments of the present disclosure when executed by the at least one processor.
The present disclosure also provides a non-transitory computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor of a computer, is for causing the computer to perform a method according to an embodiment of the present disclosure.
The present disclosure also provides a computer program product comprising a computer program, wherein the computer program, when executed by a processor of a computer, is for causing the computer to perform a method according to an embodiment of the present disclosure.
Referring to fig. 5, a block diagram of an electronic device 500 that may be a server or a client of the present disclosure, which is an example of a hardware device that may be applied to aspects of the present disclosure, will now be described. Electronic devices are intended to represent various forms of digital electronic computer devices, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other suitable computers. The electronic device may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices, and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 5, the electronic device 500 includes a computing unit 501 that can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM) 502 or a computer program loaded from a storage unit 508 into a Random Access Memory (RAM) 503. In the RAM 503, various programs and data required for the operation of the device 500 can also be stored. The computing unit 501, ROM 502, and RAM 503 are connected to each other by a bus 504. An input/output (I/O) interface 505 is also connected to bus 504.
A number of components in electronic device 500 are connected to I/O interface 505, including: an input unit 506, an output unit 507, a storage unit 508, and a communication unit 509. The input unit 506 may be any type of device capable of inputting information to the electronic device 500, and the input unit 506 may receive input numeric or character information and generate key signal inputs related to user settings and/or function controls of the electronic device. The output unit 507 may be any type of device capable of presenting information and may include, but is not limited to, a display, speakers, video/audio output terminals, vibrators, and/or printers. Storage unit 504 may include, but is not limited to, magnetic disks, optical disks. The communication unit 509 allows the electronic device 500 to exchange information/data with other devices over a computer network such as the internet and/or various telecommunications networks, and may include, but is not limited to, modems, network cards, infrared communication devices, wireless communication transceivers and/or chipsets, such as bluetooth Tm devices, wiFi devices, wimax devices, cellular communication devices, and/or the like.
The computing unit 501 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of computing unit 501 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, etc. The computing unit 501 performs the various methods and processes described above. For example, in some embodiments, the methods of the disclosed embodiments may be implemented as a computer software program tangibly embodied on a machine-readable medium, such as storage unit 508. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 500 via the ROM 502 and/or the communication unit 509. In some embodiments, the computing unit 501 may be configured to perform the methods of embodiments of the present disclosure by any other suitable means (e.g., by means of firmware).
Program code for carrying out methods of the present disclosure may be written in any combination of one or more programming languages. These program code may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus such that the program code, when executed by the processor or controller, causes the functions/operations specified in the flowchart and/or block diagram to be implemented. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. The machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
As used in this disclosure, the terms "machine-readable medium" and "computer-readable medium" refer to any computer program product, apparatus, and/or device (e.g., magnetic discs, optical disks, memory, programmable Logic Devices (PLDs)) used to provide machine instructions and/or data to a programmable processor, including a machine-readable medium that receives machine instructions as a machine-readable signal. The term "machine-readable signal" refers to any signal used to provide machine instructions and/or data to a programmable processor.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and pointing device (e.g., a mouse or trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the internet.
The computer system may include a client and a server. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other.
Claims (10)
1. A method of signing a compressed file, comprising:
obtaining bytes of a specific position of a file to form a byte array;
calculating the abstract of the byte array by using an abstract algorithm;
and encrypting the abstract by using a private key to generate a signature.
2. The method of claim 1, wherein the byte array comprises a base byte array comprising bytes of partially compressed data of the file and an additional byte array comprising bytes of check code of the file.
3. The method of claim 2, wherein the additional byte array further comprises bytes of uncompressed size of the file.
4. The method of claim 1, wherein the byte array comprises a base byte array;
the obtaining bytes of the specific location of the file to form a byte array includes:
dividing the file into m segments according to a preset dividing rule;
and acquiring bytes of preset positions of each segment to form a basic byte array.
5. The method of claim 4, wherein the preset partitioning rule is to divide the file into m segments on average.
6. The method of claim 4, wherein the bytes of the preset position of the segment are the first p bytes of the segment or the bytes of the preset position of the segment are the last p bytes of the segment.
7. The method of any of claims 1-4, wherein the byte array comprises an additional byte array;
the obtaining bytes of the specific location of the file to form a byte array includes:
determining the file type of the file;
determining byte positions of check codes in the file according to the file type;
and acquiring bytes of the check code in the file according to the byte positions to form the additional byte array.
8. A compressed file signing apparatus comprising:
the acquisition module is used for acquiring bytes at specific positions of the file to form a byte array;
the digest calculation module is used for calculating the digest of the byte array by using a digest algorithm;
and the signature generation module is used for encrypting the abstract by using a private key to generate a signature.
9. An electronic device, comprising:
a processor; and
a memory in which a program is stored,
wherein the program comprises instructions which, when executed by the processor, cause the processor to perform the method according to any of claims 1-7.
10. A non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the method of any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310886108.4A CN116996228A (en) | 2023-07-18 | 2023-07-18 | Compressed file signing method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310886108.4A CN116996228A (en) | 2023-07-18 | 2023-07-18 | Compressed file signing method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116996228A true CN116996228A (en) | 2023-11-03 |
Family
ID=88524184
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310886108.4A Pending CN116996228A (en) | 2023-07-18 | 2023-07-18 | Compressed file signing method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116996228A (en) |
-
2023
- 2023-07-18 CN CN202310886108.4A patent/CN116996228A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109150499B (en) | Method and device for dynamically encrypting data, computer equipment and storage medium | |
| CN102780685B (en) | For the method and system compressed data and encrypt | |
| CN110083606A (en) | Across chain storage method, terminal and storage medium | |
| CN109922049B (en) | Verification device and method based on block chain | |
| EP3819802A1 (en) | Data consistency checking method and data uploading/downloading apparatus | |
| CN112165331A (en) | Data compression method and device, data decompression method and device, storage medium and electronic equipment | |
| US20210099432A1 (en) | Data consistency verification method, and data uploading and downloading device | |
| CN112163412A (en) | Data verification method and device, electronic equipment and storage medium | |
| CN114595466A (en) | Enabling opportunistic authentication of encrypted data | |
| CN115795513A (en) | File encryption method, file decryption method, file encryption device, file decryption device and equipment | |
| CN113158176B (en) | Public key analysis method, device, equipment and storage medium based on SM2 signature | |
| CN110545542A (en) | Main control key downloading method and device based on asymmetric encryption algorithm and computer equipment | |
| CN112436943A (en) | Request deduplication method, device, equipment and storage medium based on big data | |
| CN112184441A (en) | Data processing method, data processing device, node equipment and storage medium | |
| CN116996228A (en) | Compressed file signing method and device, electronic equipment and storage medium | |
| CN113434824B (en) | Software service authorization management method, device, equipment and storage medium | |
| CN115277684A (en) | File transmission method, device, equipment and storage medium | |
| CN110545107B (en) | Data processing method and device, electronic equipment and computer readable storage medium | |
| WO2021097624A1 (en) | File processing method, file processing apparatus, and terminal device | |
| CN112905575A (en) | Data acquisition method, system, storage medium and electronic equipment | |
| CN109407974B (en) | Electronic device, picture deleting method based on mixed binary code and storage medium | |
| CN112184440A (en) | Data processing method, data processing device, node equipment and storage medium | |
| CN117216753B (en) | Password data analysis method and device, electronic equipment and readable storage medium | |
| US20230342206A1 (en) | Hardware-based generation of uncompressed data blocks | |
| CN113742774B (en) | Data processing method and device, readable medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |