CN117750359A - Data transmission method, device, equipment and storage medium - Google Patents
Data transmission method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN117750359A CN117750359A CN202311801552.8A CN202311801552A CN117750359A CN 117750359 A CN117750359 A CN 117750359A CN 202311801552 A CN202311801552 A CN 202311801552A CN 117750359 A CN117750359 A CN 117750359A
- Authority
- CN
- China
- Prior art keywords
- data
- service
- terminal equipment
- communication process
- receiving
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 92
- 230000005540 biological transmission Effects 0.000 title claims abstract description 57
- 230000006854 communication Effects 0.000 claims abstract description 136
- 238000012545 processing Methods 0.000 claims abstract description 80
- 238000004891 communication Methods 0.000 claims abstract description 67
- 238000012546 transfer Methods 0.000 claims abstract description 31
- 230000008569 process Effects 0.000 claims abstract description 19
- 238000012795 verification Methods 0.000 claims description 21
- 230000006798 recombination Effects 0.000 claims description 5
- 238000005215 recombination Methods 0.000 claims description 5
- 230000006870 function Effects 0.000 abstract description 48
- 238000010586 diagram Methods 0.000 description 5
- 230000008878 coupling Effects 0.000 description 4
- 238000010168 coupling process Methods 0.000 description 4
- 238000005859 coupling reaction Methods 0.000 description 4
- 238000004590 computer program Methods 0.000 description 3
- 230000006978 adaptation Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
Landscapes
- Computer And Data Communications (AREA)
Abstract
The application provides a data transmission method, a device, equipment and a storage medium, wherein the method comprises the following steps: executing a preset handshake process with the terminal equipment based on a transport layer security protocol; receiving a hypertext transfer protocol request sent by a terminal device; creating a corresponding communication process according to the hypertext transfer protocol request; receiving service encryption data transmitted by terminal equipment based on the communication process, decrypting the service encryption data, and generating corresponding service data; and sending the service data to service processing equipment through message queue middleware for corresponding processing. The data transmission method improves the deployment flexibility. Meanwhile, based on the independence of communication functions, applicable service scenes are wider.
Description
Technical Field
The present disclosure relates to the field of communication technologies, and in particular, to a data transmission method, apparatus, device, and storage medium.
Background
M2M (Machine to Machine, machine-to-machine conversation) refers to the transfer of data from one terminal to another, i.e., machine-to-machine communication. The M2M application mainly comprises two parts, namely M2M equipment and an M2M system, wherein the M2M system comprises M2M industry application and an M2M platform, and the M2M platform is a convergence point of data uploading by a terminal and is used for monitoring the scattered M2M equipment. The M2M device communicates with the M2M platform through a mobile communication network. M2M devices are of a wide variety, such as smartwatches, cell phones, etc.
The communication between the current M2M platform and the card in the M2M equipment is that the communication function is integrated in the service on the premise of meeting the international specification, and the data is acquired through the service module, so that the communication with the card is realized. The communication mode is tightly bound with the service functions, and the coupling between the communication functions and the service functions is high, so that the service functions are required to be deployed synchronously when the communication functions are deployed, and the deployment flexibility is required to be improved.
Disclosure of Invention
The application provides a data transmission method, a device, equipment and a storage medium, which are used for solving the problems that the current communication mode is tightly bound with service functions, the coupling between the communication functions and the service functions is higher, so that the service functions are required to be deployed synchronously when the communication functions are deployed, and the deployment flexibility is required to be improved.
A first aspect of the present application provides a data transmission method, including:
executing a preset handshake process with the terminal equipment based on a transport layer security protocol;
receiving a hypertext transfer protocol request sent by a terminal device;
creating a corresponding communication process according to the hypertext transfer protocol request;
receiving service encryption data transmitted by terminal equipment based on the communication process, decrypting the service encryption data, and generating corresponding service data;
and sending the service data to service processing equipment through message queue middleware for corresponding processing.
Further, as described above, the method of performing a preset handshake procedure with a terminal device based on a transport layer security protocol includes:
receiving a transport layer security protocol request sent by a terminal device; the transport layer security protocol request includes: the method comprises the steps of first random data, an available cipher suite list and a unique identifier of a communication card in terminal equipment;
generating a corresponding server message according to a transport layer security protocol request, and sending the server message to terminal equipment; the server message includes: the second random data, the adopted cipher suite and the public key; the adopted password suite corresponds to the available password suite list;
receiving key exchange information sent by terminal equipment; the key exchange information comprises an encrypted premaster key; the premaster secret key is generated by the terminal equipment according to the first random data and the second random data; the premaster secret is encrypted based on the public key;
decrypting the key exchange information to obtain the premaster secret key and verifying the premaster secret key;
and if the verification result is that the verification is successful, sending handshake ending information to the terminal equipment.
Further, as described above, the method for generating the corresponding server side message according to the transport layer security protocol request includes:
verifying the unique identifier;
if the verification result is that the verification is passed, determining the adopted password suite based on the available password suite list;
and determining the preset public key, the second random data and the adopted cipher suite as the server-side message.
Further, in the method as described above, the decrypting the service encrypted data to generate corresponding service data includes:
decrypting the service encryption data according to the private key corresponding to the public key to generate corresponding service data;
judging whether the service data contains a cascading information identifier or not;
and if the cascade information identification is not contained, executing the step of sending the service data to the service processing equipment through the message queue middleware for corresponding processing.
Further, in the method as described above, if it is determined that the concatenation information identifier is included, the method further includes:
continuously receiving other encrypted data transmitted by the terminal equipment based on the communication process;
decrypting the other encrypted data to generate corresponding decrypted data; the decrypted data comprises a concatenation information identifier;
carrying out data recombination on the service data and the decrypted data according to the cascade information identifier contained in the decrypted data and the cascade information identifier contained in the service data to generate corresponding target data;
the sending the service data to the service processing equipment through the message queue middleware for corresponding processing comprises the following steps:
and sending the target data to service processing equipment through message queue middleware for corresponding processing.
Further, in the method as described above, after the sending the service data to the service processing device through the message queue middleware for corresponding processing, the method further includes:
receiving the transmitted data sent by the service processing equipment through the message queue middleware; the issuing data comprises a unique identifier of a communication card in the terminal equipment;
encrypting the transmitted data to generate transmitted encrypted data;
determining a corresponding communication process according to the unique identifier;
and sending the sent encrypted data to a terminal device based on the communication process.
Further, the method as described above, the method further comprising:
receiving a communication process closing instruction sent by the service processing equipment through a message queue middleware; the communication process closing instruction comprises a unique identifier of a communication card in the terminal equipment;
and closing the communication process corresponding to the unique identifier according to the communication process closing instruction.
A second aspect of the present application provides a data transmission apparatus, comprising:
the handshake module is used for executing a preset handshake flow with the terminal equipment based on a transport layer security protocol;
the receiving module is used for receiving the hypertext transfer protocol request sent by the terminal equipment;
the creation module is used for creating a corresponding communication process according to the hypertext transfer protocol request;
the decryption module is used for receiving the service encryption data transmitted by the terminal equipment based on the communication process, decrypting the service encryption data and generating corresponding service data;
and the sending module is used for sending the service data to the service processing equipment through the message queue middleware for corresponding processing.
Further, as described above, the handshake module is specifically configured to:
receiving a transport layer security protocol request sent by a terminal device; the transport layer security protocol request includes: the method comprises the steps of first random data, an available cipher suite list and a unique identifier of a communication card in terminal equipment; generating a corresponding server message according to a transport layer security protocol request, and sending the server message to terminal equipment; the server message includes: the second random data, the adopted cipher suite and the public key; the adopted password suite corresponds to the available password suite list; receiving key exchange information sent by terminal equipment; the key exchange information comprises an encrypted premaster key; the premaster secret key is generated by the terminal equipment according to the first random data and the second random data; the premaster secret is encrypted based on the public key; decrypting the key exchange information to obtain the premaster secret key and verifying the premaster secret key; and if the verification result is that the verification is successful, sending handshake ending information to the terminal equipment.
Further, in the apparatus as described above, the handshake module is specifically configured to, when generating the corresponding server message according to the transport layer security protocol request:
verifying the unique identifier; if the verification result is that the verification is passed, determining the adopted password suite based on the available password suite list; and determining the preset public key, the second random data and the adopted cipher suite as the server-side message.
Further, in the apparatus as described above, the decryption module is specifically configured to, when decrypting the service encrypted data to generate corresponding service data:
decrypting the service encryption data according to the private key corresponding to the public key to generate corresponding service data; judging whether the service data contains a cascading information identifier or not; and if the cascade information identification is not contained, executing the step of sending the service data to the service processing equipment through the message queue middleware for corresponding processing.
Further, in the apparatus as described above, if it is determined that the concatenation information identifier is included, the decryption module is further configured to:
continuously receiving other encrypted data transmitted by the terminal equipment based on the communication process; decrypting the other encrypted data to generate corresponding decrypted data; the decrypted data comprises a concatenation information identifier; carrying out data recombination on the service data and the decrypted data according to the cascade information identifier contained in the decrypted data and the cascade information identifier contained in the service data to generate corresponding target data;
the sending module is specifically configured to:
and sending the target data to service processing equipment through message queue middleware for corresponding processing.
Further, the apparatus as described above, further comprising:
the issuing module is used for receiving issuing data sent by the service processing equipment through the message queue middleware; the issuing data comprises a unique identifier of a communication card in the terminal equipment; encrypting the transmitted data to generate transmitted encrypted data; determining a corresponding communication process according to the unique identifier; and sending the sent encrypted data to a terminal device based on the communication process.
Further, the apparatus as described above, further comprising:
the process closing module is used for receiving a communication process closing instruction sent by the service processing equipment through the message queue middleware; the communication process closing instruction comprises a unique identifier of a communication card in the terminal equipment; and closing the communication process corresponding to the unique identifier according to the communication process closing instruction.
A third aspect of the present application provides an electronic device, comprising: a memory and a processor;
the memory stores computer-executable instructions;
the processor executes computer-executable instructions stored in the memory to implement the data transmission method according to any one of the first aspects.
A fourth aspect of the present application provides a computer-readable storage medium having stored therein computer-executable instructions which, when executed by a processor, are adapted to carry out the data transmission method of any one of the first aspects.
A fifth aspect of the present application provides a computer program product comprising a computer program which, when executed by a processor, implements the data transmission method according to any one of the first aspects.
The application provides a data transmission method, a device, equipment and a storage medium, wherein the method comprises the following steps: executing a preset handshake process with the terminal equipment based on a transport layer security protocol; receiving a hypertext transfer protocol request sent by a terminal device; creating a corresponding communication process according to the hypertext transfer protocol request; receiving service encryption data transmitted by terminal equipment based on the communication process, decrypting the service encryption data, and generating corresponding service data; and sending the service data to service processing equipment through message queue middleware for corresponding processing. According to the data transmission method, communication connection is built with the terminal equipment based on a preset handshake flow, and meanwhile, a corresponding communication process is created based on a hypertext transfer protocol request sent by the terminal equipment so as to receive service encryption data transmitted by the terminal equipment through the communication process. After decrypting the service encrypted data, the decrypted service data is sent to the service processing equipment for corresponding processing through the message queue middleware. Therefore, decoupling of the communication function and the service function is realized, and the deployment communication function and the deployment service function are mutually independent, so that the deployment flexibility is improved. Meanwhile, based on the independence of communication functions, applicable service scenes are wider.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
FIG. 1 is a scenario diagram of a data transmission method in which embodiments of the present application may be implemented;
fig. 2 is a schematic flow chart of a data transmission method provided in the present application;
fig. 3 is a second flow chart of the data transmission method provided in the present application;
fig. 4 is a schematic structural diagram of a data transmission device provided in the present application;
fig. 5 is a schematic structural diagram of an electronic device provided in the present application.
Specific embodiments thereof have been shown by way of example in the drawings and will herein be described in more detail. These drawings and the written description are not intended to limit the scope of the inventive concepts in any way, but to illustrate the concepts of the present application to those skilled in the art by reference to specific embodiments.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples are not representative of all implementations consistent with the present application. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present application as detailed in the accompanying claims.
In the technical scheme of the embodiment of the application, the related processes of collecting, storing, using, processing, transmitting, providing, disclosing and the like of the personal information of the user accord with the regulations of related laws and regulations, and the public order is not violated.
It should be noted that, the user information (including but not limited to user equipment information, user personal information, etc.) and the data (including but not limited to data for analysis, stored data, presented data, etc.) related to the present application are information and data authorized by the user or fully authorized by each party, and the collection, use and processing of the related data need to comply with the related laws and regulations and standards of the related country and region, and provide corresponding operation entries for the user to select authorization or rejection.
The technical scheme of the present application is described in detail below with specific examples. The following embodiments may be combined with each other, and the same or similar concepts or processes may not be described in detail in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
For a clear understanding of the technical solutions of the present application, the prior art solutions will be described in detail first. At present, the communication function is generally integrated in the service function by the aid of the cards in the M2M platform and the M2M equipment, and the M2M platform communicates with the cards in the M2M equipment through the service module in actual application. Because of the binding between the communication function and the service function, when the service module is deployed, the content of the service module needs to be determined first, and then the service module is deployed (the communication function is integrated in the service module). Therefore, in the current communication mode, the service function needs to be deployed synchronously when the communication function is deployed, and the deployment flexibility needs to be improved.
Therefore, aiming at the problems that the communication mode in the prior art is tightly bound with the service function, the coupling between the communication function and the service function is higher, and the service function needs to be synchronously deployed when the communication function is deployed, and the deployment flexibility is to be improved, the inventor finds out in the study that the communication function and the service function can be decoupled, and the communication module which is independently deployed communicates with the terminal equipment, so that the communication function is independent of the service function, the deployment flexibility is improved, and meanwhile, the service scene applicability of the communication function can also be improved.
Specifically, a preset handshake procedure with the terminal device is performed based on the transport layer security protocol. And receiving the hypertext transfer protocol request sent by the terminal equipment. A corresponding communication process is created in accordance with the hypertext transfer protocol request. And receiving service encryption data transmitted by the terminal equipment based on the communication process, decrypting the service encryption data, and generating corresponding service data. And sending the service data to the service processing equipment through the message queue middleware for corresponding processing.
According to the data transmission method, communication connection is built with the terminal equipment based on a preset handshake flow, and meanwhile, a corresponding communication process is created based on a hypertext transfer protocol request sent by the terminal equipment so as to receive service encryption data transmitted by the terminal equipment through the communication process. After decrypting the service encrypted data, the decrypted service data is sent to the service processing equipment for corresponding processing through the message queue middleware. Therefore, decoupling of the communication function and the service function is realized, and the deployment communication function and the deployment service function are mutually independent, so that the deployment flexibility is improved. Meanwhile, based on the independence of communication functions, applicable service scenes are wider.
The inventor puts forward the technical scheme of the application based on the creative discovery.
The application scenario of the data transmission method provided in the embodiment of the present application is described below. As shown in fig. 1, 1 is an electronic device, 2 is a terminal device, 3 is a message queue middleware, and 4 is a service processing device. The network architecture of the application scenario corresponding to the data transmission method provided by the embodiment of the application comprises: an electronic device 1, a terminal device 2, message queue middleware 3 and a service processing device 4. The electronic device 1 may be a server, and the terminal device 2 may be a smart watch, a mobile phone, a vehicle-mounted terminal, or the like.
For example, when data transmission is required, the electronic device 1 establishes communication with the terminal device 2, specifically: (1) executing a preset handshake process with the terminal device based on the transport layer security protocol, and after the handshake process is finished, starting the service data transmission by the terminal device 2 and the electronic device 1, wherein at this time, the electronic device 1 performs the following processing:
(2) and receiving the hypertext transfer protocol request sent by the terminal equipment.
(3) A corresponding communication process is created in accordance with the hypertext transfer protocol request.
(4) And receiving service encryption data transmitted by the terminal equipment based on the communication process, decrypting the service encryption data, and generating corresponding service data.
(5) Send traffic data to message queue middleware 3.
Meanwhile, after receiving the service data, (6) the message queue middleware 3 transmits the service data to the service processing device 4, and the service processing device 4 performs corresponding service processing. After the processing, the service processing device 4 may transmit the data to be issued to the terminal device 2 via the electronic device 1.
Embodiments of the present application are described below with reference to the accompanying drawings.
Fig. 2 is a schematic flow chart of a data transmission method provided in the present application, as shown in fig. 2, in this embodiment, an execution body of the embodiment of the present application is a data transmission device, and the data transmission device may be integrated in an electronic device. The data transmission method provided in this embodiment includes the following steps:
step S101, executing a preset handshake procedure with the terminal device based on the transport layer security protocol.
In this embodiment, the transport layer security protocol (Transport Layer Security Protocol, TLS) is an encryption protocol intended to provide secure communications over a computer network. Communication with the terminal device is established based on a transport layer security protocol.
The preset handshake flow may be different from or the same as the handshake flow between the current M2M platform and the M2M device. For example, the handshake process may be directly performed by sending the public key without sending the certificate corresponding to the M2M platform.
Step S102, receiving a hypertext transfer protocol request sent by a terminal device.
In this embodiment, the transmission data is based on the hypertext transfer protocol (Hyper Text Transfer Protocol, HTTP).
Step S103, creating a corresponding communication process according to the hypertext transfer protocol request.
In this embodiment, the communication process corresponds to each terminal device, and when the terminal device sends a hypertext transfer protocol request or performs a handshake procedure, a unique identifier of the terminal device may be obtained, so that a corresponding communication process is created based on the unique identifier of the terminal device.
Step S104, receiving the service encryption data transmitted by the terminal equipment based on the communication process, decrypting the service encryption data, and generating corresponding service data.
After the handshake flow is completed, the electronic equipment and the terminal equipment exchange password information, and after the service encryption data are received, the corresponding decryption can be carried out according to the decrypted secret key, so that the corresponding service data are obtained.
Step S105, the business data is sent to the business processing equipment for corresponding processing through the message queue middleware.
The data transmission method provided by the embodiment of the application comprises the following steps: and executing a preset handshake flow with the terminal equipment based on the transport layer security protocol. And receiving the hypertext transfer protocol request sent by the terminal equipment. A corresponding communication process is created in accordance with the hypertext transfer protocol request. And receiving service encryption data transmitted by the terminal equipment based on the communication process, decrypting the service encryption data, and generating corresponding service data. And sending the service data to the service processing equipment through the message queue middleware for corresponding processing.
According to the data transmission method, communication connection is built with the terminal equipment based on a preset handshake flow, and meanwhile, a corresponding communication process is created based on a hypertext transfer protocol request sent by the terminal equipment so as to receive service encryption data transmitted by the terminal equipment through the communication process. After decrypting the service encrypted data, the decrypted service data is sent to the service processing equipment for corresponding processing through the message queue middleware. Therefore, decoupling of the communication function and the service function is realized, and the deployment communication function and the deployment service function are mutually independent, so that the deployment flexibility is improved. Meanwhile, based on the independence of communication functions, applicable service scenes are wider.
Fig. 3 is a second flow chart of the data transmission method provided in the present application, and as shown in fig. 3, the data transmission method provided in the present embodiment is further refined based on the data transmission method provided in the previous embodiment of the present application. The data transmission method provided in this embodiment includes the following steps.
Step S201, a transport layer security protocol request sent by a terminal device is received. The transport layer security protocol request includes: the first random data, the list of available cryptographic suites and the unique identification of the communication card in the terminal device.
In this embodiment, the first random data is a 4-byte number consisting of the date and time of the terminal device plus a 28-byte randomly generated number. The available cipher suite list refers to a list of cipher suites available on the terminal device and may include protocol versions, key exchange algorithms, encryption algorithms, hash functions, and the like.
When the transport layer security protocol request is acquired, the data contained in the transport layer security protocol request may be stored in a preset database, and the database may be a Redis (fully called: remote Dictionary Server) database.
The transport layer security protocol request may also be referred to as a Client Hello message in the handshake flow. The Client Hello message may also include a version number corresponding to the highest version supported by the terminal device, a compression algorithm, and the like.
The unique identifier (electronic Identity, eID) of the communication card in the terminal device corresponds to the card, has uniqueness, and can be used for determining the corresponding communication process of the terminal device, checking the identity of the terminal device and the like.
In this embodiment, before S201, the service processing device may further send, through the apparatus of this embodiment, a related message that the service processing is desired to be performed to the terminal device, so that the terminal device actively performs a handshake procedure and a subsequent communication procedure with the electronic device.
Step S202, corresponding server side information is generated according to the transmission layer security protocol request, and the server side information is sent to the terminal equipment. The server message includes: second random data, the cipher suite employed and the public key. The cipher suite employed corresponds to a list of available cipher suites.
In this embodiment, the second random data is similar in structure to the first random data. The Server side message may be called as Server hello information, and after the Server side message is sent to the terminal device, the Server hello done information indicating that the information sending is completed may also be sent, so that the terminal device knows that the information sending is completed.
Optionally, in this embodiment, the generating the corresponding server side message in S202 may specifically be:
and checking the unique identification.
And if the verification result is that the verification is passed, determining the adopted cipher suite based on the available cipher suite list.
And determining the preset public key, the second random data and the adopted cipher suite as a server message.
In this embodiment, the cryptographic suite to be employed, such as a specific encryption algorithm, may be determined from a list of available cryptographic suites.
Step S203, receiving key exchange information sent by the terminal device. The key exchange information includes an encrypted premaster secret. The premaster secret is generated by the terminal device according to the first random data and the second random data. The premaster secret is encrypted based on the public key.
In this embodiment, the key exchange information may also be referred to as a clientKeyExchange. At the same time, a clientchangecipherespe message indicating that all messages after the completion message will be encrypted using the key and algorithm just negotiated, and a clientfinshendsend message that the message transmission is completed, may also be transmitted.
In step S204, the key exchange information is decrypted to obtain the premaster secret, and the premaster secret is verified.
In this embodiment, since the first random data and the second random data exist in the electronic device, the decrypted premaster secret key may be verified.
Step S205, if the verification result is successful, sending handshake ending information to the terminal equipment.
In this embodiment, if the verification is successful, a serverchangecipherespec message agreeing to encrypt with the negotiated key and algorithm and handshake end message serverfinshend may be sent.
In this embodiment, the preset handshake flow specifically includes:
Client Hello、Server Hello、ServerHelloDone、clientKeyExchange、
ClientChangeCipherSpec, clientFinshedSend, serverChangeCipherSpec, serverFinshedSend. Compared with the current common handshake process, the certificate verification process is omitted, and the problem that the certificate cannot be verified due to the fact that the memory of the card is small is solved.
Step S206, receiving the hypertext transfer protocol request sent by the terminal equipment.
In this embodiment, the implementation of S206 is similar to that of S102, and will not be described here again.
Step S207, a corresponding communication process is created according to the hypertext transfer protocol request.
In this embodiment, the implementation of S207 is similar to the implementation of S103, and will not be described here again.
Step S208, receiving service encryption data transmitted by the terminal equipment based on the communication process, and decrypting the service encryption data to generate corresponding service data.
Optionally, in this embodiment, the process of decrypting the service encrypted data in S208 to generate the corresponding service data may specifically be:
and decrypting the service encryption data according to the private key corresponding to the public key to generate corresponding service data.
Judging whether the service data contains the cascade information identification.
If it is determined that the cascade information identification is not included, S209 is performed.
Optionally, in this embodiment, if it is determined that the cascade information identifier is included, the method may further include the following steps:
and continuing to receive other encrypted data transmitted by the terminal equipment based on the communication process.
And decrypting the other encrypted data to generate corresponding decrypted data. The decrypted data includes the concatenation information identification.
And carrying out data recombination on the service data and the decrypted data according to the cascade information identifier contained in the decrypted data and the cascade information identifier contained in the service data, and generating corresponding target data.
At this time, S209 may be replaced with:
and sending the target data to the service processing equipment through the message queue middleware for corresponding processing.
In this embodiment, in order to ensure the integrity of data, the cascade information initiated by the terminal device is recombined for multiple times and then sent to the service processing device when the cascade information is determined.
Step S209, the business data is sent to the business processing equipment for corresponding processing through the message queue middleware.
Optionally, in this embodiment, after S209, the method further includes:
and receiving the transmitted data sent by the service processing equipment through the message queue middleware. The issuing data comprises a unique identification of the communication card in the terminal device.
And encrypting the issuing data to generate the issuing encrypted data.
And determining the corresponding communication process according to the unique identification.
And sending the sent encrypted data to the terminal equipment based on the communication process.
In this embodiment, in consideration of decoupling of the communication function and the service function, the instruction and the channel control issued by the service processing device are connected to the communication module by means of the message queue middleware. Because of the request sent by the terminal equipment, the device of the embodiment can independently newly establish a process link communication, and the unique identification is used as the query keyword to ensure the data accuracy of the card communication. Meanwhile, communication overtime can be set in the interaction process, and the process channel is actively closed and fed back to the service processing equipment when the communication overtime is set.
Optionally, in this embodiment, a flow of closing the channel may be further included, which is specifically as follows:
and receiving a communication process closing instruction sent by the service processing equipment through the message queue middleware. The communication process shutdown indication includes a unique identification of the communication card in the terminal device.
And closing the communication process corresponding to the unique identifier according to the communication process closing instruction.
In this embodiment, when the service processing device prepares to close the communication with the terminal device, the communication process closing instruction may be directly issued, so as to close the channel process corresponding to the unique identifier. Meanwhile, the issued instruction can also be other operation instructions, such as data inquiry, data downloading and the like.
The embodiment realizes the independent and card communication device conforming to the M2M communication specification, can be applied to any M2M platform meeting the specification, and can realize the communication capability with the card by the device only by having service capability, thereby greatly reducing the coupling of the platform communication and the service and being more beneficial to the construction and development of the platform.
Fig. 4 is a schematic structural diagram of a data transmission device provided in the present application, as shown in fig. 4, in this embodiment, the data transmission device 300 may be disposed in an electronic apparatus, and the data transmission device 300 includes:
the handshake module 301 is configured to perform a preset handshake procedure with the terminal device based on the transport layer security protocol.
A receiving module 302, configured to receive a hypertext transfer protocol request sent by a terminal device.
A creation module 303, configured to create a corresponding communication process according to the hypertext transfer protocol request.
The decryption module 304 is configured to receive service encrypted data transmitted by the terminal device based on the communication process, and decrypt the service encrypted data to generate corresponding service data.
And the sending module 305 is configured to send the service data to the service processing device through the message queue middleware for corresponding processing.
The data transmission device provided in this embodiment may execute the technical scheme of the method embodiment shown in fig. 2, and its implementation principle and technical effects are similar to those of the method embodiment shown in fig. 2, and are not described in detail herein.
The data transmission device provided in the present application is further refined on the basis of the data transmission device provided in the previous embodiment, and then the data transmission device 300 includes:
optionally, in this embodiment, the handshake module 301 is specifically configured to:
and receiving a transmission layer security protocol request sent by the terminal equipment. The transport layer security protocol request includes: the first random data, the list of available cryptographic suites and the unique identification of the communication card in the terminal device. And generating a corresponding server message according to the transmission layer security protocol request, and sending the server message to the terminal equipment. The server message includes: second random data, the cipher suite employed and the public key. The cipher suite employed corresponds to a list of available cipher suites. And receiving key exchange information sent by the terminal equipment. The key exchange information includes an encrypted premaster secret. The premaster secret is generated by the terminal device according to the first random data and the second random data. The premaster secret is encrypted based on the public key. Decrypting the key exchange information to obtain the premaster secret and verifying the premaster secret. And if the verification result is that the verification is successful, sending handshake ending information to the terminal equipment.
Optionally, in this embodiment, when generating the corresponding server message according to the transport layer security protocol request, the handshake module 301 is specifically configured to:
and checking the unique identification. And if the verification result is that the verification is passed, determining the adopted cipher suite based on the available cipher suite list. And determining the preset public key, the second random data and the adopted cipher suite as a server message.
Optionally, in this embodiment, when decrypting the service encrypted data, the decryption module 304 is specifically configured to:
and decrypting the service encryption data according to the private key corresponding to the public key to generate corresponding service data. Judging whether the service data contains the cascade information identification. And if the cascade information identification is not contained, executing the step of sending the service data to the service processing equipment through the message queue middleware for corresponding processing.
Optionally, in this embodiment, if it is determined that the concatenation information identifier is included, the decryption module 304 is further configured to:
and continuing to receive other encrypted data transmitted by the terminal equipment based on the communication process. And decrypting the other encrypted data to generate corresponding decrypted data. The decrypted data includes the concatenation information identification. And carrying out data recombination on the service data and the decrypted data according to the cascade information identifier contained in the decrypted data and the cascade information identifier contained in the service data, and generating corresponding target data.
The sending module 305 is specifically configured to:
and sending the target data to the service processing equipment through the message queue middleware for corresponding processing.
Optionally, in this embodiment, the data transmission device 300 further includes:
and the issuing module is used for receiving the issuing data sent by the service processing equipment through the message queue middleware. The issuing data comprises a unique identification of the communication card in the terminal device. And encrypting the issuing data to generate the issuing encrypted data. And determining the corresponding communication process according to the unique identification. And sending the sent encrypted data to the terminal equipment based on the communication process.
Optionally, in this embodiment, the data transmission device 300 further includes:
and the process closing module is used for receiving a communication process closing instruction sent by the service processing equipment through the message queue middleware. The communication process shutdown indication includes a unique identification of the communication card in the terminal device. And closing the communication process corresponding to the unique identifier according to the communication process closing instruction.
The data transmission device provided in this embodiment may execute the technical scheme of the method embodiment shown in fig. 2 to 3, and its implementation principle and technical effects are similar to those of the method embodiment shown in fig. 2 to 3, and are not described in detail herein.
According to embodiments of the present application, there is also provided an electronic device, a computer-readable storage medium, and a computer program product.
As shown in fig. 5, fig. 5 is a schematic structural diagram of the electronic device provided in the present application. Electronic devices are intended for various forms of digital computers, such as laptops, desktops, personal digital assistants, blade servers, mainframes, and other appropriate computers. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the application described and/or claimed herein.
As shown in fig. 5, the electronic device includes: a processor 401 and a memory 402. The various components are interconnected using different buses and may be mounted on a common motherboard or in other manners as desired. The processor may process instructions executing within the electronic device.
Memory 402 is a non-transitory computer-readable storage medium provided herein. The memory stores instructions executable by the at least one processor to cause the at least one processor to perform the data transmission methods provided herein. The non-transitory computer readable storage medium of the present application stores computer instructions for causing a computer to perform the data transmission method provided by the present application.
The memory 402 is used as a non-transitory computer readable storage medium, and may be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules (e.g., the handshake module 301, the receiving module 302, the creating module 303, the decrypting module 304, and the transmitting module 305 shown in fig. 4) corresponding to the data transmission method in the embodiments of the present application. The processor 401 executes various functional applications of the electronic device and data transmission by running non-transitory software programs, instructions and modules stored in the memory 402, i.e. implements the data transmission method in the above-described method embodiments.
Meanwhile, the present embodiment also provides a computer product which, when executed by a processor of an electronic device, enables the electronic device to perform the data transmission method of the above embodiment.
Other embodiments of the examples herein will be apparent to those skilled in the art from consideration of the specification and practice of the invention disclosed herein. This application is intended to cover any adaptations, uses, or adaptations of the embodiments of the application following, in general, the principles of the embodiments and including such departures from the present disclosure as come within known or customary practice within the art to which the embodiments of the application pertains.
It is to be understood that the embodiments of the present application are not limited to the precise arrangements and instrumentalities shown in the drawings, which have been described above, and that various modifications and changes may be made without departing from the scope thereof. The scope of embodiments of the present application is limited only by the appended claims.
Claims (10)
1. A data transmission method, comprising:
executing a preset handshake process with the terminal equipment based on a transport layer security protocol;
receiving a hypertext transfer protocol request sent by a terminal device;
creating a corresponding communication process according to the hypertext transfer protocol request;
receiving service encryption data transmitted by terminal equipment based on the communication process, decrypting the service encryption data, and generating corresponding service data;
and sending the service data to service processing equipment through message queue middleware for corresponding processing.
2. The method according to claim 1, wherein the performing a preset handshake procedure with the terminal device based on the transport layer security protocol comprises:
receiving a transport layer security protocol request sent by a terminal device; the transport layer security protocol request includes: the method comprises the steps of first random data, an available cipher suite list and a unique identifier of a communication card in terminal equipment;
generating a corresponding server message according to a transport layer security protocol request, and sending the server message to terminal equipment; the server message includes: the second random data, the adopted cipher suite and the public key; the adopted password suite corresponds to the available password suite list;
receiving key exchange information sent by terminal equipment; the key exchange information comprises an encrypted premaster key; the premaster secret key is generated by the terminal equipment according to the first random data and the second random data; the premaster secret is encrypted based on the public key;
decrypting the key exchange information to obtain the premaster secret key and verifying the premaster secret key;
and if the verification result is that the verification is successful, sending handshake ending information to the terminal equipment.
3. The method of claim 2, wherein generating the corresponding server side message according to the transport layer security protocol request comprises:
verifying the unique identifier;
if the verification result is that the verification is passed, determining the adopted password suite based on the available password suite list;
and determining the preset public key, the second random data and the adopted cipher suite as the server-side message.
4. The method of claim 2, wherein decrypting the traffic encryption data to generate corresponding traffic data comprises:
decrypting the service encryption data according to the private key corresponding to the public key to generate corresponding service data;
judging whether the service data contains a cascading information identifier or not;
and if the cascade information identification is not contained, executing the step of sending the service data to the service processing equipment through the message queue middleware for corresponding processing.
5. The method of claim 4, wherein if it is determined that the concatenation information identification is included, the method further comprises:
continuously receiving other encrypted data transmitted by the terminal equipment based on the communication process;
decrypting the other encrypted data to generate corresponding decrypted data; the decrypted data comprises a concatenation information identifier;
carrying out data recombination on the service data and the decrypted data according to the cascade information identifier contained in the decrypted data and the cascade information identifier contained in the service data to generate corresponding target data;
the sending the service data to the service processing equipment through the message queue middleware for corresponding processing comprises the following steps:
and sending the target data to service processing equipment through message queue middleware for corresponding processing.
6. The method according to claim 2, wherein after the service data is sent to a service processing device for corresponding processing through a message queue middleware, the method further comprises:
receiving the transmitted data sent by the service processing equipment through the message queue middleware; the issuing data comprises a unique identifier of a communication card in the terminal equipment;
encrypting the transmitted data to generate transmitted encrypted data;
determining a corresponding communication process according to the unique identifier;
and sending the sent encrypted data to a terminal device based on the communication process.
7. The method according to claim 2, wherein the method further comprises:
receiving a communication process closing instruction sent by the service processing equipment through a message queue middleware; the communication process closing instruction comprises a unique identifier of a communication card in the terminal equipment;
and closing the communication process corresponding to the unique identifier according to the communication process closing instruction.
8. A data transmission apparatus, comprising:
the handshake module is used for executing a preset handshake flow with the terminal equipment based on a transport layer security protocol;
the receiving module is used for receiving the hypertext transfer protocol request sent by the terminal equipment;
the creation module is used for creating a corresponding communication process according to the hypertext transfer protocol request;
the decryption module is used for receiving the service encryption data transmitted by the terminal equipment based on the communication process, decrypting the service encryption data and generating corresponding service data;
and the sending module is used for sending the service data to the service processing equipment through the message queue middleware for corresponding processing.
9. An electronic device, comprising: a memory and a processor;
the memory stores computer-executable instructions;
the processor executes computer-executable instructions stored in the memory to implement the data transmission method of any one of claims 1 to 7.
10. A computer-readable storage medium, wherein computer-executable instructions are stored in the computer-readable storage medium, which when executed by a processor are adapted to implement the data transmission method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311801552.8A CN117750359A (en) | 2023-12-25 | 2023-12-25 | Data transmission method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311801552.8A CN117750359A (en) | 2023-12-25 | 2023-12-25 | Data transmission method, device, equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117750359A true CN117750359A (en) | 2024-03-22 |
Family
ID=90282844
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311801552.8A Pending CN117750359A (en) | 2023-12-25 | 2023-12-25 | Data transmission method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117750359A (en) |
-
2023
- 2023-12-25 CN CN202311801552.8A patent/CN117750359A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110708170B (en) | Data processing method and device and computer readable storage medium | |
| CN113612605B (en) | Method, system and equipment for enhancing MQTT protocol identity authentication by using symmetric cryptographic technology | |
| US11303431B2 (en) | Method and system for performing SSL handshake | |
| CN102833253A (en) | Method and server for establishing safe connection between client and server | |
| CN111431713A (en) | Private key storage method and device and related equipment | |
| CN112543166B (en) | Real name login method and device | |
| CN110839240B (en) | Method and device for establishing connection | |
| CN111131416A (en) | Business service providing method and device, storage medium and electronic device | |
| CN112766962A (en) | Method for receiving and sending certificate, transaction system, storage medium and electronic device | |
| CN112672342B (en) | Data transmission method, device, equipment, system and storage medium | |
| CN112437044B (en) | Instant messaging method and device | |
| CN110690969A (en) | Method and system for completing bidirectional SSL/TLS authentication in cooperation of multiple parties | |
| CN109302425B (en) | Identity authentication method and terminal equipment | |
| CN111901335B (en) | Block chain data transmission management method and system based on middle station | |
| CN111553686A (en) | Data processing method and device, computer equipment and storage medium | |
| CN114158046B (en) | Method and device for realizing one-key login service | |
| CN113722726B (en) | Encryption and decryption method and system based on software and hardware cooperation | |
| CN111311412B (en) | Decentralized transaction confirmation method and device and server | |
| CN112995210B (en) | Data transmission method and device and electronic equipment | |
| CN117750359A (en) | Data transmission method, device, equipment and storage medium | |
| CN114707158A (en) | Network communication authentication method and network communication authentication system based on TEE | |
| CN111404901A (en) | Information verification method and device | |
| CN116743377B (en) | Data processing method, device, equipment and storage medium based on blockchain key | |
| CN110225011B (en) | Authentication method and device for user node and computer readable storage medium | |
| CN114244569B (en) | SSL VPN remote access method, system and computer equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |