CN117061502A - File transmission method, device, equipment and storage medium - Google Patents

File transmission method, device, equipment and storage medium Download PDF

Info

Publication number
CN117061502A
CN117061502A CN202311056414.1A CN202311056414A CN117061502A CN 117061502 A CN117061502 A CN 117061502A CN 202311056414 A CN202311056414 A CN 202311056414A CN 117061502 A CN117061502 A CN 117061502A
Authority
CN
China
Prior art keywords
file
target
server
parameters
signature information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311056414.1A
Other languages
Chinese (zh)
Inventor
李磊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Baidu Netcom Science and Technology Co Ltd
Original Assignee
Beijing Baidu Netcom Science and Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Baidu Netcom Science and Technology Co Ltd filed Critical Beijing Baidu Netcom Science and Technology Co Ltd
Priority to CN202311056414.1A priority Critical patent/CN117061502A/en
Publication of CN117061502A publication Critical patent/CN117061502A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The disclosure provides a file transmission method, a device, equipment and a storage medium, which relate to the technical field of artificial intelligence, in particular to the technical fields of cloud computing, cloud storage and the like. The file transmission method comprises the following steps: receiving a file transmission request sent by a client, wherein the file transmission request comprises target parameters of a target file and randomly determined first file contents in the target file; if the target parameters pass the target verification, determining that the target file is stored in the server based on the target parameters, and acquiring second file content based on the target parameters in the target file stored in the server; and if the first file content is the same as the second file content, executing file transmission processing on the target file. The method and the device can improve the safety of file transmission.

Description

File transmission method, device, equipment and storage medium
Technical Field
The disclosure relates to the technical field of artificial intelligence, in particular to the technical fields of cloud computing, cloud storage and the like, and particularly relates to a file transmission method, device, equipment and storage medium.
Background
The network disk server provides general cache service for various service requests. In the files uploaded by different users, a certain proportion of repetition exists, that is, some files can be uploaded by a plurality of users, and a plurality of servers can exist. In order to avoid the waste of storage space caused by multiple uploading of the same file, and simultaneously improve the uploading speed of a user, the network disk provides a second uploading function. The second uploading refers to that when a user initiates file uploading, the server side firstly inquires whether the file to be uploaded by the user exists at the server side, if so, the file is directly used, and an uploading success message is returned to the user.
Disclosure of Invention
The disclosure provides a file transmission method, device, equipment and medium.
According to an aspect of the present disclosure, there is provided a file transfer method, including: receiving a file transmission request sent by a client, wherein the file transmission request comprises target parameters of a target file and randomly determined first file contents in the target file; if the target parameters pass the target verification, determining that the target file is stored in the server based on the target parameters, and acquiring second file content based on the target parameters in the target file stored in the server; and if the first file content is the same as the second file content, executing file transmission processing on the target file.
According to another aspect of the present disclosure, there is provided a file transfer method, including: acquiring target parameters of a target file, and randomly determining first file contents in the target file; a file transmission request is sent to a server, wherein the file transmission request comprises the target parameter and the first file content, so that when the target parameter passes target verification and the server determines that the target file is stored in the server based on the target parameter, the server acquires second file content based on the target parameter; and receiving a transmission success message sent by the server, wherein the transmission success message is generated after the server executes file transmission processing on the target file when the first file content is the same as the second file content.
According to another aspect of the present disclosure, there is provided a file transfer apparatus including: the receiving module is used for receiving a file transmission request sent by a client, wherein the file transmission request comprises target parameters of a target file and randomly determined first file contents in the target file; the acquisition module is used for determining that the server side stores the target file based on the target parameter if the target parameter passes target verification, and acquiring second file content based on the target parameter in the target file stored by the server side; and the processing module is used for executing file transmission processing on the target file if the first file content is the same as the second file content.
According to another aspect of the present disclosure, there is provided a file transfer apparatus including: the acquisition module is used for acquiring target parameters of a target file and randomly determining first file contents in the target file; the sending module is used for sending a file transmission request to a server, wherein the file transmission request comprises the target parameter and the first file content, so that when the target parameter passes target verification, and the target parameter is based on the target parameter, the server determines that the target file is stored in the server, and obtains second file content based on the target parameter; the receiving module is used for receiving a transmission success message sent by the server, wherein the transmission success message is generated after the server executes file transmission processing on the target file when the first file content and the second file content are the same.
According to another aspect of the present disclosure, there is provided an electronic device including: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of the above aspects.
According to another aspect of the present disclosure, there is provided a non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the method according to any one of the above aspects.
According to another aspect of the present disclosure, there is provided a computer program product comprising a computer program which, when executed by a processor, implements a method according to any of the above aspects.
According to the technical scheme, the safety of file transmission can be improved.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the disclosure, nor is it intended to be used to limit the scope of the disclosure. Other features of the present disclosure will become apparent from the following specification.
Drawings
The drawings are for a better understanding of the present solution and are not to be construed as limiting the present disclosure. Wherein:
FIG. 1 is a schematic diagram according to a first embodiment of the present disclosure;
FIG. 2 is a schematic diagram according to a second embodiment of the present disclosure;
fig. 3 is a schematic diagram of an application scenario provided according to an embodiment of the present disclosure;
FIG. 4 is a schematic diagram according to a third embodiment of the present disclosure;
FIG. 5 is a schematic diagram according to a fourth embodiment of the present disclosure;
FIG. 6 is a schematic diagram according to a fifth embodiment of the present disclosure;
fig. 7 is a schematic diagram of an electronic device for implementing a file transfer method according to an embodiment of the present disclosure.
Detailed Description
Exemplary embodiments of the present disclosure are described below in conjunction with the accompanying drawings, which include various details of the embodiments of the present disclosure to facilitate understanding, and should be considered as merely exemplary. Accordingly, one of ordinary skill in the art will recognize that various changes and modifications of the embodiments described herein can be made without departing from the scope and spirit of the present disclosure. Also, descriptions of well-known functions and constructions are omitted in the following description for clarity and conciseness.
In the related art, based on a static fingerprint of a file, whether a server side has a file to be uploaded of a user is judged. Static fingerprints include, for example, file size (file size), file content checksum (checksum), such as md5 checksum, sha1 checksum, crc32 checksum, and the like.
However, since static fingerprints are easy to use illegally, security risks are created for the web services, e.g. malicious users propagate some illegal content files using second transfer functions.
In order to improve security of file transfers (e.g., second transfer functions), the present disclosure provides the following embodiments.
Fig. 1 is a schematic diagram according to a first embodiment of the present disclosure. The embodiment provides a file transmission method, which can be applied to a server, and includes:
101. and receiving a file transmission request sent by a client, wherein the file transmission request comprises target parameters of a target file and randomly determined first file contents in the target file.
102. And if the target parameters pass the target verification, determining that the target file is stored in the server based on the target parameters, and acquiring second file content based on the target parameters in the target file stored in the server.
103. And if the first file content is the same as the second file content, executing file transmission processing on the target file.
The target file refers to a file to be transmitted, and takes second transmission as an example, and the target file is a file for realizing a second transmission function. For example, for a certain client, if the client needs to perform a file second transfer function for the file a, the file a is the target file.
The target parameter refers to the relevant parameter of the target file. For example, the target parameters may include: file size (file size), checksum (checksum).
Taking second transfer as an example, the file transfer request may be specifically a file second transfer request. In this embodiment, in order to improve security, the file second transmission request further carries randomly determined file content, where the file content may be referred to as a first file content. Because the first file content is randomly determined, different file second transmission requests can carry different first file contents, so that the non-reusability of the first file content is improved.
After receiving the file second transmission request, the server side can perform target verification on the target parameters, and after passing the target verification, determine whether the server side has stored the target file or not based on the target parameters.
If the server side stores the target file, the second file content can be obtained based on the target parameter.
After the server side obtains the second file content, the first file content and the second file content can be compared, and if the first file content and the second file content are consistent, file second transmission processing is executed, and at the moment, a file second transmission success message can be fed back to the client side. If the file second transmission is inconsistent, file second transmission failure information is fed back to the client.
In this embodiment, the first file content determined randomly is carried in the file transmission request, the second file content is obtained according to the target parameter, and the file transmission processing is executed when the first file content and the second file content are consistent, so that whether the file transmission processing is performed can be determined based on the randomly determined file content.
The above embodiments show the execution flow of the server, and for the client, the execution flow of the client may refer to the next embodiment.
Fig. 2 is a schematic diagram according to a second embodiment of the present disclosure. The embodiment provides a file transmission method, which can be applied to a client, and includes:
201. obtaining target parameters of a target file, and randomly determining first file content in the target file.
202. And sending a file transmission request to a server, wherein the file transmission request comprises the target parameter and the first file content, so that the server obtains a second file content based on the target parameter when the target parameter passes target verification and the server determines that the target file is stored in the server based on the target parameter.
203. And receiving a transmission success message sent by the server, wherein the transmission success message is generated after the server executes file transmission processing on the target file when the first file content is the same as the second file content.
In this embodiment, the first file content determined randomly is carried in the file transmission request, the triggering server side obtains the second file content according to the target parameter, and the file transmission processing is executed when the first file content is consistent with the second file content, so that whether the file transmission processing is performed can be judged based on the randomly determined file content.
In order to better understand the embodiments of the present disclosure, application scenarios provided by the embodiments of the present disclosure are described.
Fig. 3 is a schematic diagram of an application scenario provided in an embodiment of the present disclosure. As shown in fig. 3, the system of the scenario may include a user terminal 301 and a server 302, where the user terminal 301 includes, for example: personal computers (Personal Computer), notebook computers, mobile devices (e.g., cell phones), and the like. Server 302 may be a cloud server or a local server.
The client is deployed on the user terminal 301 and the server is deployed on the server 302. This embodiment takes file seconds as an example. Aiming at a file second transmission function, a client sends a file second transmission request to a server; and the server checks the file second transmission request, if the file second transmission success message is fed back to the client, the file second transmission failure message is not fed back to the client.
The file second transmission request contains target parameters, and the target parameters can include static parameters of a target file, such as file size (file size), checksum (checksum), and specifically one or more of md5 checksum, sha1 checksum and crc32 checksum; the target parameters may also include: the first signature information and the dynamic parameters for generating the first signature information. In addition, the file second transmission request also comprises randomly determined first file content.
After the server receives the file second transmission request, the verification performed may include: integrity and validity checks; after passing the integrity check and the validity check, carrying out signature check on the first signature information; after the signature verification is passed, file verification is carried out, namely whether the server side stores the target file is determined based on the target parameters; if the target file is stored, the file content verification is performed, namely, the second file content stored by the server is obtained based on the target parameter, and whether the first file content is identical with the second file content is compared. After passing the above various checks, the file second transmission processing is executed, namely the target file stored by the server is directly stored in the network disk of the user initiating the file second transmission request, and the file second transmission success message is fed back to the user. If any one of the above checks fails, a file second transmission failure message is fed back to the user.
In the technical scheme of the disclosure, the related processes of collecting, storing, using, processing, transmitting, providing, disclosing and the like of the personal information of the user accord with the regulations of related laws and regulations, and the public order colloquial is not violated.
In combination with the above application scenario, the present disclosure further provides the following embodiments.
Fig. 4 is a schematic diagram according to a third embodiment of the present disclosure. The present embodiment provides a file transmission method, and the present embodiment shows an interaction flow between a client and a server, and takes file second transmission as an example. The method comprises the following steps:
401. the client acquires target parameters of a target file and randomly determines first file content in the target file.
The client can read the target file from the local and acquire the target parameters of the target file according to the current situation.
The target parameters may include static parameters of the target file, such as file size and checksum.
The target parameters may also include: first signature information, and dynamic parameters for generating the first signature information.
The dynamic parameters may include: user ID (uid), client IP address (clientIP), file path (filePath) and fileName (fileName), local timestamp (time), and a random number (randNum) generated randomly.
The acquisition mode of each dynamic parameter is as follows:
user ID: the network disk service can upload files only after a User logs in, and after the User finishes logging in an account, the client can acquire the corresponding User ID, and the corresponding User ID can be acquired through a Cookie or an Access Token;
Client IP address: because the network environment where the client is located is various, in order to ensure the correctness of the IP address, after the client establishes communication with the server, the server returns the detected IP address of the client, and the IP address returned by the server is used when the second transmission request calculates the signature;
file path: i.e., directory name, directory selected by the user when uploading the file;
file name: default use of local filenames;
local timestamp: the local time of the client can be unix time stamp when the file second transmission request is sent, and a certain time window can be used by the server when the time stamp is checked, so long as the difference between the request time stamp and the local time of the server is within a range (for example, 1 minute), thereby ensuring that the time stamp checking failure cannot be caused by inconsistent clocks of the client and the server or delayed request.
Random number: and (5) randomly generating.
In addition, the client can acquire a key, and the dynamic parameter is encrypted by adopting the key to generate the first signature information. Encryption is, for example, a hash (hash) operation using the MD5 algorithm.
In this embodiment, the dynamic parameter is encrypted by using the key to obtain the first signature information, so that the uniqueness of the first signature information can be ensured, and the first signature information is carried in the file second transmission request to perform signature verification, so that the security can be improved.
The key may be sent by the server to the client. For example, after the client establishes a communication connection with the server, the server issues a key to the client through the communication connection.
In this embodiment, the server side gives the client side the secret key from the lower side, so that the probability of secret key leakage can be reduced, the security of the secret key can be improved, and the security of file second transmission can be further improved.
In addition, the file second transmission request also comprises randomly determined first file content. The first file content carried in each file second transmission request is different, for example, may be the content of [0,100KB ], may be the content of [0,50KB), may be the content of [2mb, 2mb+125kb), and the like.
The first file content may be determined based on the random location information and the random length information. The random location information is used to indicate the start location of the first file content, e.g., 0 as described above, and the random length information is used to indicate the size of the first file content, e.g., 100KB as described above.
The random location information and the random length information may be specifically determined according to the first signature information and the file size. The first signature information is obtained by encrypting the dynamic parameter by using a secret key, the encryption algorithm is predetermined, for example, the encryption algorithm is an MD5 algorithm, the first signature information can be obtained by the MD5 algorithm, and the first signature information is a character string with the length of 128 bits. For the character string (first signature information), all or part of the characters may be selected and converted into a sequence of numerical values, that is, the character type first signature information is converted into numerical values, the numerical values are represented by a, the file sizes are also numerical values, and the numerical values are represented by B. Alternatively, A1 may be obtained by converting a character string of a first part (for example, the first 8 bits) of the first signature information into a numerical value, A2 may be obtained by converting a character string of a second part (for example, the 9 th to 10 th bits) of the first signature information into a numerical value, A1% B remainder may be used as random position information, and A2% B remainder may be used as random length information.
In this embodiment, the first location information and the first length information are determined based on the first signature information and the file size, and the first file content is obtained based on the first location information and the first length information.
The file second transmission request contains the dynamic parameters, the first signature information and the first file content, so that different target parameters can be ensured when different users or the same user initiate different file second transmission requests aiming at the same target file. Because the target parameters are different in each file second transmission request and cannot be shared in advance, the file second transmission safety can be improved, and malicious users can be prevented from sharing illegal contents through the file second transmission function.
402. And the client sends a file second transmission request to the server, wherein the file second transmission request comprises the target parameter and the first file content.
403. The server receives a file second transmission request sent by the client.
404. The server performs integrity check and validity check on the target parameter, and determines whether the target parameter passes the integrity check and validity check, if yes, 405 is executed, otherwise 410 is executed.
The integrity check is used for confirming that the target parameters are not missed, namely all the target parameters exist; the validity check is used to confirm the validity of the target parameters, for example, to check whether the parameter type of each target parameter is legal, whether the time is within the validity period, whether the signature is correct, and the like.
In this embodiment, the validity of the target parameter can be ensured by performing integrity check and validity check on the target parameter, so as to improve the security of file second transmission.
405. The server performs signature verification on the first signature information, and determines whether the first signature information passes the signature verification, if yes, 406 is executed, otherwise 410 is executed.
Wherein second signature information may be generated based on the dynamic parameters; and if the first signature information is the same as the second signature information, determining that the signature verification is passed.
Specifically, the client and the server adopt the same encryption algorithm to encrypt the dynamic parameters, the server encrypts the dynamic parameters to obtain second signature information, and the client encrypts the dynamic parameters to obtain first signature information.
After the server side obtains the second signature information, the server side can compare whether the second signature information is the same as the first signature information carried in the file second transmission request, if so, the server side passes the signature verification, and if not, the server side does not pass the signature verification.
In this embodiment, signature verification is performed based on the first signature information and the second signature information, so that security can be improved compared with a scheme of performing only static parameter comparison.
406. The server determines whether the server has stored the target file based on the target parameter, if yes, 407, otherwise 410.
The server side can judge whether the target file is stored or not based on the static parameters carried in the file second transmission request. For example, the static parameters include a file size and a checksum, and if the server has files with the same file size and checksum, it indicates that the server has stored the target file.
407. The server determines second position information and second length information of the second file content based on the first signature information and the file size, and acquires the second file content from the target file stored in the server according to the second position information and the second length information.
The server may determine the first location information and the first length information based on the first signature information and the file size in a similar manner to the manner in which the client determines the first location information and the first length information based on the first signature information and the file size, for example, the server may convert all or part of the first signature information into a value a, the file size is denoted by B, the modulus operation (a% B) is performed as the second location information, and the quotient is performed as the second length information.
After the server side obtains the second position information and the second length information, the server side can obtain corresponding file content in the target file stored in the server side based on the second position information and the second length information, and the corresponding file content is used as second file content.
In this embodiment, the second location information and the second length information are determined based on the first signature information and the file size carried in the file second transmission request, so that the second file content can be efficiently acquired, and the processing efficiency is improved.
408. The server determines whether the first file content is the same as the second file content, if so, 409 is executed, otherwise 410 is executed.
After the server acquires the stored second file content, the second file content can be compared with the first file content carried in the file second transmission request, and whether the second file content and the first file content are identical is judged.
409. And the server side executes file second transmission processing on the target file and feeds back a file second transmission success message to the client side.
410. The server feeds back a file second transmission failure message to the client.
In this embodiment, by including the first file content, the first signature information and the dynamic parameters in the file second transmission request, the possible security risk of static fingerprint comparison of the file in the original second transmission scheme can be solved, the dynamic fingerprint comparison scheme is implemented, the parameters of any two second transmission requests of the same file are inconsistent and cannot be generated in advance, and it can be truly ensured that the second transmission behavior can only occur under the condition that the user locally has the complete file, and illegal transmission of illegal contents by malicious users is avoided. In addition, in the implementation of dynamic fingerprint comparison, the complexity is low, only a small amount of hash calculation operations have little influence on the overall time consumption of a second transmission request, wherein the second transmission request mainly takes time in calculating full-text fingerprints of a file, and data needs to be read from a disk to a memory in calculating the full-text fingerprints. Therefore, the scheme realizes the reinforcement of second transmission under the condition of hardly influencing user experience.
Fig. 5 is a schematic diagram according to a fourth embodiment of the present disclosure. The embodiment provides a file transmission device, which can be located at a server. As shown in fig. 5, the apparatus 500 includes: a receiving module 501, an acquiring module 502 and a processing module 503.
The receiving module 501 is configured to receive a file transfer request sent by a client, where the file transfer request includes a target parameter of a target file and a first file content randomly determined in the target file; the obtaining module 502 is configured to determine that the server has stored the target file based on the target parameter if the target parameter passes the target verification, and obtain, in the target file stored by the server, a second file content based on the target parameter; the processing module 503 is configured to execute file transfer processing on the target file if the first file content is the same as the second file content.
In this embodiment, the first file content determined randomly is carried in the file transmission request, the second file content is obtained according to the target parameter, and the file transmission processing is executed when the first file content and the second file content are consistent, so that whether the file transmission processing is performed can be determined based on the randomly determined file content.
In some embodiments, the target parameters include: first signature information and dynamic parameters for generating the first signature information; the target verification includes: signature verification; the apparatus further comprises: the signature verification module is used for generating second signature information based on the dynamic parameters; and if the first signature information is the same as the second signature information, determining that the signature verification is passed.
In this embodiment, signature verification is performed based on the first signature information and the second signature information, so that security can be improved compared with a scheme of performing only static parameter comparison.
In some embodiments, the target parameters further comprise: file size; the obtaining module 502 is further configured to: determining second location information and second length information of the second file content based on the first signature information and the file size; and if the target parameters pass the target verification, determining that the target file is stored in the server based on the target parameters, and acquiring the second file content based on the second position information and the second length information in the target file stored in the server.
In this embodiment, the second location information and the second length information are determined based on the first signature information and the file size carried in the file transmission request, so that the second file content can be efficiently obtained, and the processing efficiency is improved.
In some embodiments, the target verification further comprises: integrity and validity checks; the apparatus further comprises: the parameter verification module is used for carrying out integrity verification and validity verification on the target parameters; accordingly, the signature verification module is further configured to: and after the target parameter passes the integrity check and the validity check, carrying out signature check on the first signature information.
In this embodiment, the validity of the target parameter may be ensured by performing integrity check and validity check on the target parameter, so as to improve the security of file transmission.
In some embodiments, the apparatus 500 further comprises: and the sending module is used for sending the secret key to the client so that the client adopts the secret key to encrypt the dynamic parameter and then generates the first signature information.
In this embodiment, the server side gives the client side the secret key from the lower side, so that the probability of secret key leakage can be reduced, the security of the secret key can be improved, and the security of file transmission can be further improved.
Fig. 6 is a schematic diagram according to a fifth embodiment of the present disclosure. The present embodiment provides a file transfer device, which may be located at a client. As shown in fig. 6, the apparatus 600 includes: an acquisition module 601, a transmission module 602 and a reception module 603.
The acquiring module 601 is configured to acquire a target parameter of a target file, and randomly determine a first file content in the target file; the sending module 602 is configured to send a file transfer request to a server, where the file transfer request includes the target parameter and the first file content, so that when the target parameter passes a target verification, and it is determined, based on the target parameter, that the server has stored the target file, the server obtains a second file content based on the target parameter; the receiving module 603 is configured to receive a transmission success message sent by the server, where the transmission success message is generated after the server performs file transmission processing on the target file when the first file content is the same as the second file content.
In this embodiment, the first file content determined randomly is carried in the file transmission request, the triggering server side obtains the second file content according to the target parameter, and the file transmission processing is executed when the first file content is consistent with the second file content, so that whether the file transmission processing is performed can be judged based on the randomly determined file content.
In some embodiments, the target parameters include: first signature information and dynamic parameters for generating the first signature information; the obtaining module 601 is further configured to: encrypting the dynamic parameters by adopting a secret key to generate the first signature information; first file content within the target file is randomly determined.
In this embodiment, the dynamic parameter is encrypted by using the key to obtain the first signature information, so that the uniqueness of the first signature information can be ensured, and the first signature information is carried in the file transmission request to perform signature verification, so that the security can be improved.
In some embodiments, the apparatus 600 further comprises: and the transmission module is used for receiving the secret key sent by the server.
In this embodiment, the server side gives the client side the secret key from the lower side, so that the probability of secret key leakage can be reduced, the security of the secret key can be improved, and the security of file transmission can be further improved.
In some embodiments, the obtaining module 601 is further configured to: obtaining target parameters of a target file, wherein the target parameters comprise: first signature information and file size; determining first location information and first length information of the first file content based on the first signature information and the file size; and acquiring the first file content based on the first position information and the first length information.
In this embodiment, the first location information and the first length information are determined based on the first signature information and the file size, and the first file content is obtained based on the first location information and the first length information.
It is to be understood that in the embodiments of the disclosure, the same or similar content in different embodiments may be referred to each other.
It can be understood that "first", "second", etc. in the embodiments of the present disclosure are only used for distinguishing, and do not indicate the importance level, the time sequence, etc.
In the technical scheme of the disclosure, the related processes of collecting, storing, using, processing, transmitting, providing, disclosing and the like of the personal information of the user accord with the regulations of related laws and regulations, and the public order colloquial is not violated.
According to embodiments of the present disclosure, the present disclosure also provides an electronic device, a readable storage medium and a computer program product.
Fig. 7 illustrates a schematic block diagram of an example electronic device 700 that may be used to implement embodiments of the present disclosure. The electronic device 700 is intended to represent various forms of digital computers, such as laptops, desktops, workstations, servers, blade servers, mainframes, and other appropriate computers. The electronic device may also represent various forms of mobile apparatuses, such as personal digital assistants, cellular telephones, smartphones, wearable devices, and other similar computing apparatuses. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the disclosure described and/or claimed herein.
As shown in fig. 7, the electronic device 700 includes a computing unit 701 that can perform various appropriate actions and processes according to a computer program stored in a Read Only Memory (ROM) 702 or a computer program loaded from a storage unit 708 into a Random Access Memory (RAM) 703. In the RAM 703, various programs and data required for the operation of the electronic device 700 may also be stored. The computing unit 701, the ROM 702, and the RAM 703 are connected to each other through a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
Various components in the electronic device 700 are connected to the I/O interface 705, including: an input unit 706 such as a keyboard, a mouse, etc.; an output unit 707 such as various types of displays, speakers, and the like; a storage unit 708 such as a magnetic disk, an optical disk, or the like; and a communication unit 709 such as a network card, modem, wireless communication transceiver, etc. The communication unit 709 allows the electronic device 700 to exchange information/data with other devices through a computer network, such as the internet, and/or various telecommunication networks.
The computing unit 701 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of computing unit 701 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various computing units running machine learning model algorithms, a Digital Signal Processor (DSP), and any suitable processor, controller, microcontroller, etc. The computing unit 701 performs the respective methods and processes described above, such as a file transfer method. For example, in some embodiments, the file transfer method may be implemented as a computer software program tangibly embodied on a machine-readable medium, such as storage unit 708. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 700 via the ROM 702 and/or the communication unit 709. When a computer program is loaded into the RAM 703 and executed by the computing unit 701, one or more steps of the file transfer method described above may be performed. Alternatively, in other embodiments, the computing unit 701 may be configured to perform the file transfer method by any other suitable means (e.g., by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuitry, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems-on-chips (SOCs), complex Programmable Logic Devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
Program code for carrying out methods of the present disclosure may be written in any combination of one or more programming languages. These program code may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus such that the program code, when executed by the processor or controller, causes the functions/operations specified in the flowchart and/or block diagram to be implemented. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. The machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on a computer having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and pointing device (e.g., a mouse or trackball) by which a user can provide input to the computer. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), and the internet.
The computer system may include a client and a server. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service ("Virtual Private Server" or simply "VPS") are overcome. The server may also be a server of a distributed system or a server that incorporates a blockchain.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps recited in the present disclosure may be performed in parallel or sequentially or in a different order, provided that the desired results of the technical solutions of the present disclosure are achieved, and are not limited herein.
The above detailed description should not be taken as limiting the scope of the present disclosure. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present disclosure are intended to be included within the scope of the present disclosure.

Claims (21)

1. A file transfer method comprising:
receiving a file transmission request sent by a client, wherein the file transmission request comprises target parameters of a target file and randomly determined first file contents in the target file;
if the target parameters pass the target verification, determining that the target file is stored in the server based on the target parameters, and acquiring second file content based on the target parameters in the target file stored in the server;
And if the first file content is the same as the second file content, executing file transmission processing on the target file.
2. The method of claim 1, wherein,
the target parameters include: first signature information and dynamic parameters for generating the first signature information;
the target verification includes: signature verification;
if the target parameter passes the target verification, and the target file is determined to be stored in the server based on the target parameter, and before the second file content is acquired based on the target parameter in the target file stored in the server, the method further includes:
generating second signature information based on the dynamic parameters;
and if the first signature information is the same as the second signature information, determining that the signature verification is passed.
3. The method of claim 2, wherein,
the target parameters further include: file size;
and if the target parameter passes the target verification, determining that the target file is stored in the server based on the target parameter, and acquiring the second file content based on the target parameter in the target file stored in the server, wherein the method comprises the following steps:
Determining second location information and second length information of the second file content based on the first signature information and the file size;
and if the target parameters pass the target verification, determining that the target file is stored in the server based on the target parameters, and acquiring the second file content based on the second position information and the second length information in the target file stored in the server.
4. The method of claim 2, wherein,
the target verification further includes: integrity and validity checks;
before the generating the second signature information based on the dynamic parameters, the method further includes:
and carrying out integrity check and validity check on the target parameters.
5. The method of claim 2, prior to receiving the file transfer request sent by the client, the method further comprising:
and sending the key to the client so that the client adopts the key to encrypt the dynamic parameter and then generates the first signature information.
6. A file transfer method comprising:
acquiring target parameters of a target file, and randomly determining first file contents in the target file;
A file transmission request is sent to a server, wherein the file transmission request comprises the target parameter and the first file content, so that when the target parameter passes target verification and the server determines that the target file is stored in the server based on the target parameter, the server acquires second file content based on the target parameter;
and receiving a transmission success message sent by the server, wherein the transmission success message is generated after the server executes file transmission processing on the target file when the first file content is the same as the second file content.
7. The method of claim 6, wherein,
the target parameters include: first signature information and dynamic parameters for generating the first signature information;
the obtaining the target parameters of the target file and randomly determining the first file content in the target file includes:
encrypting the dynamic parameters by adopting a secret key to generate the first signature information;
first file content within the target file is randomly determined.
8. The method of claim 7, wherein before the obtaining the target parameter of the target file and randomly determining the first file content in the target file, the method further comprises:
And receiving the key sent by the server.
9. The method of claim 6, wherein the obtaining the target parameters of the target file and randomly determining the first file content within the target file comprises:
obtaining target parameters of a target file, wherein the target parameters comprise: first signature information and file size;
determining first location information and first length information of the first file content based on the first signature information and the file size;
and acquiring the first file content based on the first position information and the first length information.
10. A file transfer device comprising:
the receiving module is used for receiving a file transmission request sent by a client, wherein the file transmission request comprises target parameters of a target file and randomly determined first file contents in the target file;
the acquisition module is used for determining that the server side stores the target file based on the target parameter if the target parameter passes target verification, and acquiring second file content based on the target parameter in the target file stored by the server side;
and the processing module is used for executing file transmission processing on the target file if the first file content is the same as the second file content.
11. The apparatus of claim 10, wherein,
the target parameters include: first signature information and dynamic parameters for generating the first signature information;
the target verification includes: signature verification;
the apparatus further comprises:
the signature verification module is used for generating second signature information based on the dynamic parameters; and if the first signature information is the same as the second signature information, determining that the signature verification is passed.
12. The apparatus of claim 11, wherein,
the target parameters further include: file size;
the acquisition module is further to:
determining second location information and second length information of the second file content based on the first signature information and the file size;
and if the target parameters pass the target verification, determining that the target file is stored in the server based on the target parameters, and acquiring the second file content based on the second position information and the second length information in the target file stored in the server.
13. The apparatus of claim 11, wherein,
the target verification further includes: integrity and validity checks;
The apparatus further comprises:
the parameter verification module is used for carrying out integrity verification and validity verification on the target parameters;
accordingly, the signature verification module is further configured to: and after the target parameter passes the integrity check and the validity check, carrying out signature check on the first signature information.
14. The apparatus of claim 11, further comprising:
and the sending module is used for sending the secret key to the client so that the client adopts the secret key to encrypt the dynamic parameter and then generates the first signature information.
15. A file transfer device comprising:
the acquisition module is used for acquiring target parameters of a target file and randomly determining first file contents in the target file;
the sending module is used for sending a file transmission request to a server, wherein the file transmission request comprises the target parameter and the first file content, so that when the target parameter passes target verification, and the target parameter is based on the target parameter, the server determines that the target file is stored in the server, and obtains second file content based on the target parameter;
the receiving module is used for receiving a transmission success message sent by the server, wherein the transmission success message is generated after the server executes file transmission processing on the target file when the first file content and the second file content are the same.
16. The apparatus of claim 15, wherein,
the target parameters include: first signature information and dynamic parameters for generating the first signature information;
the acquisition module is further to:
encrypting the dynamic parameters by adopting a secret key to generate the first signature information;
first file content within the target file is randomly determined.
17. The apparatus of claim 16, further comprising:
and the transmission module is used for receiving the secret key sent by the server.
18. The apparatus of claim 15, wherein the acquisition module is further to:
obtaining target parameters of a target file, wherein the target parameters comprise: first signature information and file size;
determining first location information and first length information of the first file content based on the first signature information and the file size;
and acquiring the first file content based on the first position information and the first length information.
19. An electronic device, comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,
the memory stores instructions executable by the at least one processor to enable the at least one processor to perform the method of any one of claims 1-9.
20. A non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the method of any one of claims 1-9.
21. A computer program product comprising a computer program which, when executed by a processor, implements the method according to any of claims 1-9.
CN202311056414.1A 2023-08-21 2023-08-21 File transmission method, device, equipment and storage medium Pending CN117061502A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311056414.1A CN117061502A (en) 2023-08-21 2023-08-21 File transmission method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311056414.1A CN117061502A (en) 2023-08-21 2023-08-21 File transmission method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN117061502A true CN117061502A (en) 2023-11-14

Family

ID=88667320

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311056414.1A Pending CN117061502A (en) 2023-08-21 2023-08-21 File transmission method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN117061502A (en)

Similar Documents

Publication Publication Date Title
WO2018177124A1 (en) Service processing method and device, data sharing system and storage medium
US20200412549A1 (en) Tampering detection system and method for detecting tampering
CN109951546B (en) Transaction request processing method, device, equipment and medium based on intelligent contract
CN114513350B (en) Identity verification method, system and storage medium
CN109150898B (en) Method and apparatus for processing information
CN116781425B (en) Service data acquisition method, device, equipment and storage medium
CN117040914A (en) Information security control method and device, electronic equipment and storage medium
CN114978934B (en) Information desensitizing method and device, electronic equipment and computer readable storage medium
CN116389583A (en) Information transmission method, device, electronic equipment and storage medium
CN113225348B (en) Request anti-replay verification method and device
CN113992345B (en) Webpage sensitive data encryption and decryption method and device, electronic equipment and storage medium
CN113609156B (en) Data query and write method and device, electronic equipment and readable storage medium
CN117061502A (en) File transmission method, device, equipment and storage medium
US11513913B2 (en) Method for storage management, electronic device, and computer program product
CN114398678A (en) Registration verification method and device for preventing electronic file from being tampered, electronic equipment and medium
CN109657481B (en) Data management method and device
CN110912974A (en) Resource processing method and device, electronic equipment and computer readable storage medium
CN117061110B (en) Message sharing method and device, electronic equipment and storage medium
CN114584556B (en) File transmission method and device
CN115664677A (en) Request retransmission preventing method and device, electronic equipment and storage medium
CN118413358A (en) Token processing method, device, equipment and storage medium
CN112783973A (en) Method for determining data integrity, related device and data integrity protection system
CN116980209A (en) User authentication method, device, electronic equipment and storage medium
CN117375846A (en) Resource access method, device, equipment and storage medium
CN116578965A (en) Method, device, equipment and storage medium for checking security of upgrade package

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination