WO2023103425A1 - Communicative connection method, system, and apparatus, storage medium, and processor - Google Patents

Communicative connection method, system, and apparatus, storage medium, and processor Download PDF

Info

Publication number
WO2023103425A1
WO2023103425A1 PCT/CN2022/110338 CN2022110338W WO2023103425A1 WO 2023103425 A1 WO2023103425 A1 WO 2023103425A1 CN 2022110338 W CN2022110338 W CN 2022110338W WO 2023103425 A1 WO2023103425 A1 WO 2023103425A1
Authority
WO
WIPO (PCT)
Prior art keywords
preset
application program
random value
signature
verification
Prior art date
Application number
PCT/CN2022/110338
Other languages
French (fr)
Chinese (zh)
Inventor
袁伟
Original Assignee
青岛海尔科技有限公司
海尔智家股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 青岛海尔科技有限公司, 海尔智家股份有限公司 filed Critical 青岛海尔科技有限公司
Publication of WO2023103425A1 publication Critical patent/WO2023103425A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Definitions

  • the present disclosure relates to the communication field, and in particular, to a communication connection method, system, device, storage medium, and processor.
  • connection between common application apps and BLE devices There are two types of connection between common application apps and BLE devices. One is direct connection without any connection verification measures, and the other is common secret key verification, which is easy to be stolen by attackers. Thus maliciously connecting the device.
  • Embodiments of the present disclosure provide a communication connection method, system, device, storage medium, and processor, so as to at least solve the technical problem of an insecure communication connection between an application program and a device.
  • a communication connection method including: receiving a connection request initiated by an application; generating an encrypted password based on the connection request; sending the encrypted password and a preset random value to the An application program, wherein the application program generates verification information according to the encrypted password and the preset random value; verifies the verification information to obtain a verification result; establishes communication with the application program according to the verification result connect.
  • a communication connection method including: sending a connection request to the device to be connected; receiving an encrypted password and a preset random value provided by the device to be connected, wherein the The device to be connected generates the encrypted password according to the connection request, and the device to be connected pre-stores the preset random value; generates verification information according to the encrypted password and the preset random value; The device sends verification information, wherein the device to be connected verifies the verification information to obtain a verification result; and according to the
  • a communication connection system including: an application program configured to send a connection request to a device to be connected; receive an encrypted password and a preset random value provided by the device to be connected; Generate verification information according to the encrypted password and the preset random value; send the verification information to the device to be connected; the device to be connected is set to generate an encrypted password based on the connection request, and the returned by the application program Verifying the verification information to obtain a verification result; establishing a communication connection with the application program according to the verification result.
  • a communication connection device including: a first receiving unit configured to receive a connection request initiated by an application program; a first generation unit configured to generate an encrypted message based on the connection request password; a first sending unit configured to send the encrypted password and a preset random value to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value; a verification unit , configured to verify the verification information to obtain a verification result; an establishing unit configured to establish a communication connection with the application program according to the verification result.
  • a communication connection device including: a second sending unit configured to send a connection request to the device to be connected; a second receiving unit configured to receive the device to be connected An encrypted password and a preset random value are provided, wherein the device to be connected generates the encrypted password according to the connection request, and the device to be connected pre-stores the preset random value; the second generation unit is configured to Generate verification information according to the encrypted password and the preset random value; the third sending unit is configured to send verification information to the device to be connected, wherein the device to be connected verifies the verification information to obtain verification result; and establish a communication connection according to the verification result.
  • a computer-readable storage medium includes a stored program, wherein when the program is running, the computer-readable storage medium is controlled
  • the device executes the communication connection method described above.
  • a processor configured to run a program, wherein the above-mentioned communication connection method is executed when the program is running.
  • the connection request initiated by the application program is received; an encrypted password is generated based on the connection request; the encrypted password and the preset random value are sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value ;Verify the verification information returned by the application program to obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is generated according to a preset random value and an encrypted password, and the encrypted password is based on
  • the connection request is dynamically generated, so the verification information for each communication connection establishment will be different, and even if the verification information is stolen by others, there will be no malicious connection, thus solving the problem of insecure communication between the application and the device technical problem.
  • FIG. 1 is a flowchart 1 of a communication connection method according to an embodiment of the present disclosure
  • FIG. 2 is a second flowchart of a communication connection method according to an embodiment of the present disclosure
  • FIG. 3 is a schematic diagram of a security mechanism for connecting an App to a BLE device according to an embodiment of the present disclosure
  • Fig. 4 is a schematic diagram of a communication connection system according to an embodiment of the present disclosure.
  • FIG. 5 is a first schematic diagram of a communication connection device according to an embodiment of the present disclosure.
  • FIG. 6 is a second schematic diagram of a communication connection device according to an embodiment of the present disclosure.
  • Fig. 7 is a structural block diagram of an optional electronic device according to an embodiment of the present disclosure.
  • an embodiment of a communication connection method is provided. It should be noted that the steps shown in the flowcharts of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, and, although in The flowcharts show a logical order, but in some cases the steps shown or described may be performed in an order different from that shown or described herein.
  • Fig. 1 is a flow chart 1 of a communication connection method according to an embodiment of the present disclosure. As shown in Fig. 1, the method includes the following steps:
  • Step S102 receiving a connection request initiated by an application
  • Step S104 generating an encrypted password based on the connection request
  • Step S106 sending the encrypted password and the preset random value to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value;
  • Step S108 verifying the verification information to obtain a verification result
  • Step S110 establishing a communication connection with the application program according to the verification result.
  • the connection request initiated by the application program is received; an encrypted password is generated based on the connection request; the encrypted password and the preset random value are sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value ;Verify the verification information returned by the application program to obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is generated according to a preset random value and an encrypted password, and the encrypted password is based on
  • the connection request is dynamically generated, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, there will be no malicious connection, which achieves the purpose of ensuring the security of the communication connection and the application program
  • the technical effect of the secure communication connection with the device thereby solving the technical problem of the insecure communication connection between the application program and the device.
  • the encrypted password may be a challenge code
  • the preset random value may be a preset salt value
  • the communication connection method shown in Figure 1 can be applied on the side of the device to be connected, respond to the connection request initiated by the application program, feed back the encrypted password and preset random value to the application program, and receive the application program according to the encrypted password and preset random value.
  • the verification information generated by the value, and then realize the communication connection between the device to be connected and the application program based on the verification information.
  • the above-mentioned communication connections include: Bluetooth communication connections, WiFi communication connections, and other wireless communication connections; and may also include various priority communication connections based on verification-based connections.
  • the encrypted password may be randomly generated according to the connection request, and a different encrypted password may be generated for each connection.
  • the preset random value may be a unique identifier pre-stored in the device to be connected, and the device to be connected may feed back the preset random value to the application program APP that initiates the connection request.
  • the preset random value may be provided by the application program when the connected device is connected to the application program for the first time.
  • verifying the verification information returned by the application program, and obtaining the verification result includes: restoring the verification information using an encrypted password, and then performing verification based on the restored verification information to obtain the verification result.
  • verifying the verification information returned by the application program, and obtaining the verification result includes: restoring the verification information according to the encrypted password to obtain the verification signature; judging whether the verification signature is consistent with the preset signature, wherein the preset signature Determine according to a preset random value; if the verification signature is consistent with the preset signature, determine that the verification result is verified; if the verification signature is inconsistent with the preset signature, determine that the verification result is not verified.
  • the preset signature may be generated according to a preset random value.
  • the preset signature can be generated in the following way: generate the confusion array mix[] according to the preset random value and the preset array "0123456789abcdefABCD ⁇ 0"0123456789abcdefABCD ⁇ 0"; then use the sha256 encryption algorithm to encrypt the confusion array mix[] performs encryption operations; finally take out 10 hash algorithm bytes, convert the bytes into strings, and then concatenate the converted strings and convert them into data to obtain the preset signature.
  • the verification information is generated based on the encrypted password and the preset random value
  • the verification information is generated based on the encrypted password and the preset random value
  • the verification information can be restored to obtain the verification signature. If the verification signature is consistent with the preset signature stored in the device to be connected, it proves that the communication connection between the application program and the device to be connected is legal, thus Establish a communication connection between the application program and the device to be connected.
  • the verification information can be generated by the application program, and the specific process includes: according to the preset random value fed back by the device to be connected, the verification signature is generated using the preset signature generation method, and then the verification information is generated based on the preset signature and encrypted password , and then in the process of restoring the verification information by the device to be connected, the verification signature can be restored based on the encrypted password.
  • a preset signature generation method may be pre-stored in the device to be connected.
  • the method further includes: detecting whether the device to be connected is connected to the application for the first time; In the case of , the preset random value and preset signature provided by the application are stored, and a communication connection with the application is established, wherein the application generates a preset signature according to the preset random value.
  • the preset random value and the preset signature stored in the device to be connected are provided by the application program, if the device to be connected establishes a communication connection with the application program for the first time, the There will be no preset random value and preset signature provided by the application. In this case, the device to be connected and the application can directly establish a communication connection without verification, and then the device to be connected can receive the application.
  • the preset random value and preset signature provided by the program are stored, and the preset random value and preset signature are stored to provide verification for the next communication connection between the device to be connected and the application program.
  • detecting whether the device to be connected is connected to the application for the first time includes: detecting whether the device to be connected has a preset random value and a preset signature provided by the application; If there is a preset random value and preset signature provided by the application, it is considered that the device to be connected is connected to the application for the first time; if the preset random value and preset signature provided by the application are stored in the device to be connected, Then it is considered that the device to be connected is not connected with the application program for the first time.
  • detecting whether the device to be connected is connected to the application program for the first time can be performed on the device to be connected side, the application program side, or both the device to be connected side and the application program side.
  • the device to be connected it is detected whether the device to be connected is connected to the application program for the first time, which can be determined by detecting whether there is a preset random value and a preset signature provided by the application program in the device to be connected. If the preset random value and preset signature provided by the application are stored in the device, it is determined that it is not the first connection; if the preset random value and preset signature provided by the application are not stored in the device to be connected, it is determined that it is the first one connection.
  • connection record of the device to be connected is determined to be the first connection, a preset random value and a preset signature will be provided to the device to be connected after the connection; if the connection record of the device to be connected is included in the historical connection record, it is determined not to be the first connections.
  • the detection result establishes a communication connection between the device to be connected and the application program.
  • Fig. 2 is a flowchart 2 of a communication connection method according to an embodiment of the present disclosure. As shown in Fig. 2, the method includes the following steps:
  • Step S202 sending a connection request to the device to be connected
  • Step S204 receiving an encrypted password and a preset random value provided by the device to be connected, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset random value in advance;
  • Step S206 generating verification information according to the encrypted password and the preset random value
  • Step S208 sending verification information to the device to be connected, wherein the device to be connected verifies the verification information to obtain a verification result; and establishes a communication connection according to the verification result.
  • a connection request is sent to the device to be connected; an encrypted password and a preset random value provided by the device to be connected are received, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset Random value; generate verification information according to the encrypted password and preset random value; send verification information to the device to be connected, wherein, the device to be connected verifies the verification information and obtains the verification result; and establishes a communication connection according to the verification result; due to the establishment of the communication connection
  • the verification information is generated according to the preset random value and encrypted password, and the encrypted password is dynamically generated based on the connection request, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, it will not In the case of a malicious connection, the purpose of ensuring the security of the communication connection is achieved, the technical effect of ensuring a secure communication connection between the application program and the device is achieved, and the technical problem of the insecure communication connection between the application program
  • the communication connection method shown in Figure 2 can be applied on the application side, send a connection request to the device to be connected, obtain the encrypted password and preset random value fed back by the device to be connected, and then verify the information according to the encrypted password and preset random value, And send the verification information to the device to be connected for verification, and then realize the communication connection between the device to be connected and the application program based on the verification result of the device to be connected.
  • the above-mentioned communication connections include: Bluetooth communication connections, WiFi communication connections, and other wireless communication connections; and may also include various priority communication connections based on verification-based connections.
  • generating the verification information according to the encrypted password and the preset random value includes: according to the preset random value fed back by the device to be connected, using a preset signature generation method to generate the verification signature, and then generating the verification information based on the preset signature and the encrypted password , and then in the process of restoring the verification information by the device to be connected, the verification signature can be restored based on the encrypted password.
  • the method further includes: detecting whether the application program is connected to the device to be connected for the first time; In the case of , the application generates a preset random value and a preset signature, and sends the preset random value and the preset signature to the device to be connected, wherein the preset signature is determined according to the preset random value.
  • detecting whether the application program is connected to the device to be connected for the first time includes: querying whether the historical connection record of the application program includes the connection record of the device to be connected; If there is no connection record of the device, it is considered that the device to be connected is connected to the application for the first time; if the historical connection record includes the connection record of the device to be connected, it is considered that the device to be connected is not connected to the application for the first time.
  • the communication connection between the application program APP and the BLE Bluetooth low energy device is taken as an example below for description.
  • the present disclosure also provides an optional embodiment, which provides a security mechanism for connecting an App to a BLE device.
  • FIG. 3 is a schematic diagram of a connection security mechanism between an App and a BLE device according to an embodiment of the present disclosure. As shown in FIG. 3 , the connection security mechanism is as follows:
  • the BLE device (Bluetooth Low Energy device) does not have any data when it leaves the factory.
  • the first connection of the application app will write the preset salt value Salt Value and preset signature Signature to the BLE device, and the BLE device will write the preset salt value Salt Value Value and preset signature Signature are stored directly
  • the verification information Verification is generated by the XOR operation of each byte of the preset signature Signature (generated from the preset salt value Salt Value) and the challenge code Challenge Code (read from the firmware).
  • the BLE device After the BLE device obtains the verification information Verification, it uses it and the Challenge Code randomly generated by this connection to perform an XOR operation to restore the verification signature Signature.
  • the technical solution provided by this disclosure in order to ensure the secure connection between the BLE device and the App, uses dynamic signatures and dynamic challenge codes to verify the signature of the device connection, and the secret key sent by the BLE device every time it is connected is dynamically generated. There is no security risk if someone else steals it. It ensures the safe connection between the application app and the BLE device, and prevents attackers from connecting to the BLE device to maliciously tamper with the data.
  • the connection time will be relatively increased; therefore, using this solution for critical and sensitive services can ensure the connection safety.
  • connection verification Due to the connection of the BLE device on the APP side of the application, the security of the connection verification is also very important. If the connection is not encrypted and verified, it is easy for an attacker to connect to the device and then maliciously tamper with the data of the BLE device. Ordinary devices generally do not encrypt Connection, or the use of static key verification is too simple and easy to be cracked; therefore, the connection method of this scheme can effectively prevent attackers from maliciously connecting devices.
  • FIG. 4 is a schematic diagram of a communication connection system according to an embodiment of the present disclosure.
  • the system includes: an application program 42 configured to send a connection request to the device to be connected; receive the encrypted password and password provided by the device to be connected Preset random value; generate verification information according to the encrypted password and preset random value; send verification information to the device to be connected; the device 44 to be connected is set to generate an encrypted password based on the connection request, and verify the verification information returned by the application program to obtain Validation results; establish a communication connection with the application based on the validation results.
  • the application program is set to send a connection request to the device to be connected; receive the encrypted password and the preset random value provided by the device to be connected; generate verification information according to the encrypted password and the preset random value; Send verification information; the device to be connected is set to generate an encrypted password based on the connection request, verify the verification information returned by the application program, and obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is Generated according to the preset random value and encrypted password, and the encrypted password is dynamically generated based on the connection request, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, there will be no malicious connection In this situation, the purpose of ensuring the security of the communication connection is achieved, the technical effect of ensuring a secure communication connection between the application program and the device is achieved, and the technical problem of the insecure communication connection between the application program and the device is solved.
  • the device to be connected is also set to: restore the verification information according to the encrypted password to obtain the verification signature; judge whether the verification signature is consistent with the preset signature, wherein the preset signature is determined according to a preset random value; If the verification signature is consistent with the preset signature, it is determined that the verification result is passed the verification; when the verification signature is inconsistent with the preset signature, it is determined that the verification result is not passed the verification.
  • the application program is also configured to query whether the historical connection record includes the connection record of the device to be connected; if the connection record of the device to be connected is not included in the historical connection record, it is considered that the device to be connected is the first Connect with the application once; when the application connects with the device to be connected for the first time, generate a preset random value and a preset signature, and send the preset random value and preset signature to the device to be connected, Among them, the preset signature is determined according to the preset random value; the device to be connected is also set to detect whether there is a preset random value and preset signature provided by the application; if the device to be connected does not have the preset random value and preset signature, it is considered that the device to be connected is connecting with the application for the first time; when the device to be connected is connecting with the application for the first time, store the preset random value and preset Set a signature and establish a communication connection with the application.
  • an embodiment of a communication connection device is also provided.
  • the communication connection device can be configured to execute the communication connection method in the embodiment of the present disclosure, and the communication connection method in the embodiment of the present disclosure can be Executed in the communication connection device.
  • FIG. 5 is a first schematic diagram of a communication connection device according to an embodiment of the present disclosure.
  • the device may include: a first receiving unit 51 configured to receive a connection request initiated by an application program; a first generating unit 53 , configured to generate an encrypted password based on the connection request; the first sending unit 55 is configured to send the encrypted password and a preset random value to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value; the verification unit 57 , is configured to verify the verification information to obtain a verification result; the establishment unit 59 is configured to establish a communication connection with the application program according to the verification result.
  • the first receiving unit 51 in this embodiment can be configured to execute step S102 in the embodiment of the present application
  • the first generating unit 53 in this embodiment can be configured to execute step S104 in the embodiment of the present application
  • the first sending unit 55 in this embodiment may be configured to execute step S106 in this embodiment of the application
  • the verification unit 57 in this embodiment may be configured to execute step S108 in this embodiment of this application
  • the establishing unit 59 may be configured to execute step S110 in this embodiment of the present application.
  • the examples and application scenarios implemented by the above modules and corresponding steps are the same, but are not limited to the content disclosed in the above embodiments.
  • the connection request initiated by the application program is received; an encrypted password is generated based on the connection request; the encrypted password and the preset random value are sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value ;Verify the verification information returned by the application program to obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is generated according to a preset random value and an encrypted password, and the encrypted password is based on
  • the connection request is dynamically generated, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, there will be no malicious connection, which achieves the purpose of ensuring the security of the communication connection and the application program
  • the technical effect of the secure communication connection with the device thereby solving the technical problem of the insecure communication connection between the application program and the device.
  • the verification unit includes: a restoration module configured to restore verification information according to an encrypted password to obtain a verification signature; a first judging module configured to judge whether the verification signature is consistent with a preset signature, wherein the preset The signature is determined according to a preset random value; the first determination module is set to determine that the verification result is passed the verification when the verification signature is consistent with the preset signature; the second determination module is configured to determine that the verification signature is inconsistent with the preset signature In this case, it is determined that the verification result is not passed the verification.
  • the device further includes: a first detection unit configured to detect whether the device to be connected is connected to the application program for the first time after receiving the connection request initiated by the application program; a storage unit configured to When the device to be connected is connected to the application program for the first time, store the preset random value and preset signature provided by the application program, and establish a communication connection with the application program, wherein the application program generates a preset random value based on the preset random value.
  • a first detection unit configured to detect whether the device to be connected is connected to the application program for the first time after receiving the connection request initiated by the application program
  • a storage unit configured to When the device to be connected is connected to the application program for the first time, store the preset random value and preset signature provided by the application program, and establish a communication connection with the application program, wherein the application program generates a preset random value based on the preset random value.
  • Set signature configured to detect whether the device to be connected is connected to the application program for the first time after receiving the connection request initiated by the application
  • the first detection unit includes: a detection module, configured to detect whether the device to be connected has a preset random value and a preset signature provided by the application; a third determination module, configured to If there is no preset random value and preset signature provided by the application in the device, it is considered that the device to be connected is connected to the application for the first time; The preset random value and preset signature, it is considered that the device to be connected is not the first time to connect with the application.
  • an embodiment of a communication connection device is also provided.
  • the communication connection device can be configured to execute the communication connection method in the embodiment of the present disclosure, and the communication connection method in the embodiment of the present disclosure can be Executed in the communication connection device.
  • Fig. 6 is a second schematic diagram of a communication connection device according to an embodiment of the present disclosure.
  • the device may include: a second sending unit 61 configured to send a connection request to the device to be connected; a second receiving unit 63.
  • the device to be connected Set to receive an encrypted password and a preset random value provided by the device to be connected, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset random value in advance;
  • the second generating unit 65 is configured to An encrypted password and a preset random value generate verification information;
  • the third sending unit 67 is configured to send verification information to the device to be connected, wherein the device to be connected verifies the verification information to obtain a verification result; and establishes a communication connection with the device according to the verification result .
  • the second sending unit 61 in this embodiment can be configured to perform step S202 in the embodiment of the present application
  • the second receiving unit 63 in this embodiment can be configured to perform step S204 in the embodiment of the present application
  • the second generating unit 65 in this embodiment may be configured to execute step S206 in the embodiment of the present application
  • the third sending unit 67 in this embodiment may be configured to execute step S208 in the embodiment of the present application.
  • the examples and application scenarios implemented by the above modules and corresponding steps are the same, but are not limited to the content disclosed in the above embodiments.
  • a connection request is sent to the device to be connected; an encrypted password and a preset random value provided by the device to be connected are received, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset Random value; generate verification information according to the encrypted password and preset random value; send verification information to the device to be connected, wherein, the device to be connected verifies the verification information and obtains the verification result; and establishes a communication connection according to the verification result; due to the establishment of the communication connection
  • the verification information is generated according to the preset random value and encrypted password, and the encrypted password is dynamically generated based on the connection request, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, it will not In the case of a malicious connection, the purpose of ensuring the security of the communication connection is achieved, the technical effect of ensuring a secure communication connection between the application program and the device is achieved, and the technical problem of the insecure communication connection between the application program
  • the device further includes: a second detection unit, configured to detect whether the application program is connected to the device to be connected for the first time after sending a connection request to the device to be connected; a fourth sending unit, It is set that when the application connects with the device to be connected for the first time, the application generates a preset random value and a preset signature, and sends the preset random value and the preset signature to the device to be connected, wherein, the preset The signature is determined based on a preset random value.
  • the second detection unit includes: a query module, configured to query whether the connection record of the device to be connected is included in the historical connection record of the application program; If the connection record of the device to be connected is included, it is considered that the device to be connected is connected to the application program for the first time; the sixth determination module is set to if the connection record of the device to be connected is included in the historical connection record, it is considered that the device to be connected is not the first One connection with the application.
  • Embodiments of the present disclosure may provide a computer terminal, and the computer terminal may be any computer terminal device in a group of computer terminals.
  • the foregoing computer terminal may also be replaced with a terminal device such as a mobile terminal.
  • the foregoing computer terminal may be located in at least one network device among multiple network devices of the computer network.
  • the above-mentioned computer terminal can call the information stored in the memory and the application program through the transmission device through the processor, so as to perform the following steps: receive the connection request initiated by the application program; generate an encrypted password based on the connection request; convert the encrypted password and The preset random value is sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value; verifies the verification information returned by the application program to obtain a verification result; establishes a communication connection with the application program according to the verification result.
  • the connection request initiated by the application program is received; an encrypted password is generated based on the connection request; the encrypted password and the preset random value are sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value ;Verify the verification information returned by the application program to obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is generated according to a preset random value and an encrypted password, and the encrypted password is based on
  • the connection request is dynamically generated, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, there will be no malicious connection, which achieves the purpose of ensuring the security of the communication connection and the application program
  • the technical effect of the secure communication connection with the device thereby solving the technical problem of the insecure communication connection between the application program and the device.
  • the above-mentioned processor may also execute the program code in the following steps: restore the verification information according to the encrypted password to obtain the verification signature; judge whether the verification signature is consistent with the preset signature, wherein the preset signature is determined according to a preset random value; If the verification signature is consistent with the preset signature, it is determined that the verification result is passed the verification; when the verification signature is inconsistent with the preset signature, it is determined that the verification result is not passed the verification.
  • the above-mentioned processor can also execute the program code of the following steps: after receiving the connection request initiated by the application program, detect whether the device to be connected is connected to the application program for the first time; When the program is connected, the preset random value and the preset signature provided by the application program are stored, and a communication connection with the application program is established, wherein the application program generates the preset signature according to the preset random value.
  • the above-mentioned processor can also execute the program code of the following steps: detecting whether the device to be connected has a preset random value and a preset signature provided by the application; if the device to be connected does not store the preset random value and preset signature, it is considered that the device to be connected is the first time to connect with the application; if there is a preset random value and preset signature provided by the application in the device to be connected, it is considered that the device to be connected is not the first to connect to the application.
  • the above-mentioned computer terminal can call the information and application programs stored in the memory through the transmission device through the processor to perform the following steps: send a connection request to the device to be connected; receive the encrypted password and preset password provided by the device to be connected; Set a random value, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset random value in advance; generates verification information according to the encrypted password and the preset random value; sends verification information to the device to be connected, wherein, the device to be connected
  • the connecting device verifies the verification information to obtain a verification result; and establishes a communication connection according to the verification result.
  • a connection request is sent to the device to be connected; an encrypted password and a preset random value provided by the device to be connected are received, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset Random value; generate verification information according to the encrypted password and preset random value; send verification information to the device to be connected, wherein, the device to be connected verifies the verification information and obtains the verification result; and establishes a communication connection according to the verification result; due to the establishment of the communication connection
  • the verification information is generated according to the preset random value and encrypted password, and the encrypted password is dynamically generated based on the connection request, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, it will not In the case of a malicious connection, the purpose of ensuring the security of the communication connection is achieved, the technical effect of ensuring a secure communication connection between the application program and the device is achieved, and the technical problem of the insecure communication connection between the application program
  • the above-mentioned processor can also execute the program code of the following steps: after the connection request sent to the device to be connected, detect whether the application program is connected to the device to be connected for the first time; When the device is connected, the application program generates a preset random value and a preset signature, and sends the preset random value and the preset signature to the device to be connected, wherein the preset signature is determined according to the preset random value.
  • the above-mentioned processor can also execute the program code of the following steps: query whether the historical connection record of the application program includes the connection record of the device to be connected; if the historical connection record does not include the connection record of the device to be connected, it is considered It is the first time that the connected device is connected with the application; if the historical connection record includes the connection record of the device to be connected, it is considered that the device to be connected is not connected with the application for the first time.
  • Embodiments of the present disclosure also provide a computer-readable storage medium.
  • the above-mentioned computer-readable storage medium may be configured to store the program code executed by the above-mentioned data transmission method.
  • the above-mentioned computer-readable storage medium may be located in any computer terminal in the group of computer terminals in the computer network, or in any mobile terminal in the group of mobile terminals.
  • the storage medium is configured to store program code configured to perform the following steps: receiving a connection request initiated by an application; generating an encrypted password based on the connection request; sending the encrypted password and a preset random value to An application program, wherein the application program generates verification information according to the encrypted password and a preset random value; verifies the verification information returned by the application program to obtain a verification result; establishes a communication connection with the application program according to the verification result.
  • the connection request initiated by the application program is received; an encrypted password is generated based on the connection request; the encrypted password and the preset random value are sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value ;Verify the verification information returned by the application program to obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is generated according to a preset random value and an encrypted password, and the encrypted password is based on
  • the connection request is dynamically generated, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, there will be no malicious connection, which achieves the purpose of ensuring the security of the communication connection and the application program
  • the technical effect of the secure communication connection with the device thereby solving the technical problem of the insecure communication connection between the application program and the device.
  • the storage medium is set to store the program code configured to perform the following steps: restore the verification information according to the encrypted password to obtain the verification signature; determine whether the verification signature is consistent with the preset signature, wherein the preset The signature is determined according to a preset random value; if the verification signature is consistent with the preset signature, the verification result is determined to be verified; if the verification signature is inconsistent with the preset signature, the verification result is determined to be failed verification.
  • the storage medium is configured to store program code configured to execute the following steps: after receiving the connection request initiated by the application program, detecting whether the device to be connected is connected to the application program for the first time; When the device to be connected is connected to the application program for the first time, store the preset random value and preset signature provided by the application program, and establish a communication connection with the application program, wherein the application program generates a preset random value based on the preset random value.
  • Set signature configured to store program code configured to execute the following steps: after receiving the connection request initiated by the application program, detecting whether the device to be connected is connected to the application program for the first time; When the device to be connected is connected to the application program for the first time, store the preset random value and preset signature provided by the application program, and establish a communication connection with the application program, wherein the application program generates a preset random value based on the preset random value. Set signature.
  • the storage medium is configured to store program code configured to perform the following steps: detect whether the device to be connected has a preset random value and a preset signature provided by the application program; If there is no preset random value and preset signature provided by the application, it is considered that the device to be connected is connected to the application for the first time; if the preset random value and preset signature provided by the application are stored in the device to be connected , it is considered that the device to be connected is not the first time to connect with the application.
  • the storage medium is configured to store program code configured to perform the following steps: send a connection request to the device to be connected; receive an encrypted password and a preset random value provided by the device to be connected, wherein, The device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset random value in advance; generates verification information according to the encrypted password and the preset random value; sends verification information to the device to be connected, wherein the device to be connected performs verification on the verification information Verifying to obtain a verification result; and establishing a communication connection according to the verification result.
  • a connection request is sent to the device to be connected; an encrypted password and a preset random value provided by the device to be connected are received, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset Random value; generate verification information according to the encrypted password and preset random value; send verification information to the device to be connected, wherein, the device to be connected verifies the verification information and obtains the verification result; and establishes a communication connection according to the verification result; due to the establishment of the communication connection
  • the verification information is generated according to the preset random value and encrypted password, and the encrypted password is dynamically generated based on the connection request, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, it will not In the case of a malicious connection, the purpose of ensuring the security of the communication connection is achieved, the technical effect of ensuring a secure communication connection between the application program and the device is achieved, and the technical problem of the insecure communication connection between the application program
  • the storage medium is configured to store a program code configured to execute the following steps: after a connection request is sent to the device to be connected, detect whether the application is connected to the device to be connected for the first time; When the application connects with the device to be connected for the first time, the application generates a preset random value and a preset signature, and sends the preset random value and the preset signature to the device to be connected, wherein the preset signature is based on The preset random value is determined.
  • the storage medium is set to store the program code configured to perform the following steps: query whether the historical connection record of the application program includes the connection record of the device to be connected; if the historical connection record does not include the connection record of the device to be connected; If there is no connection record of the connected device, it is considered that the device to be connected is connected to the application for the first time; if the historical connection record includes the connection record of the device to be connected, it is considered that the device to be connected is not connected to the application for the first time.
  • the electronic device for implementing the communication connection method described above.
  • the electronic device includes a memory 702 and a processor 704, and the memory 702 stores computer program, the processor 704 is configured to execute the steps in any one of the above method embodiments through a computer program.
  • the foregoing electronic device may be located in at least one network device among multiple network devices of the computer network.
  • the above-mentioned processor may be configured to execute the following steps through a computer program:
  • FIG. 7 does not limit the structure of the above-mentioned electronic device.
  • the electronic device may also include more or less components than those shown in FIG. 7 (such as a network interface, etc.), or have a different configuration from that shown in FIG. 7 .
  • the memory 702 can be used to store software programs and modules, such as program instructions/modules corresponding to the communication connection method and device in the embodiments of the present disclosure, and the processor 704 runs the software programs and modules stored in the memory 702 to execute various A functional application and data processing, that is, to realize the above-mentioned communication connection method.
  • the memory 702 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory.
  • the memory 702 may further include a memory that is remotely located relative to the processor 704, and these remote memories may be connected to the terminal through a network.
  • the aforementioned networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof.
  • the memory 702 may include, but is not limited to, the first receiving unit 51, the first generation unit 53, the first sending unit 55, the verification unit 57, and the establishment unit in the communication connection device. 59. In addition, it may also include but not limited to other module units in the above-mentioned communication connection device, which will not be repeated in this example.
  • the above-mentioned transmission device 706 is configured to receive or send data via a network.
  • the specific examples of the above-mentioned network may include a wired network and a wireless network.
  • the transmission device 706 includes a network adapter (Network Interface Controller, NIC), which can be connected with other network devices and a router through a network cable so as to communicate with the Internet or a local area network.
  • the transmission device 706 is a radio frequency (Radio Frequency, RF) module, which is used to communicate with the Internet in a wireless manner.
  • RF Radio Frequency
  • the above-mentioned electronic device further includes: a display 708 for displaying the above-mentioned communication connection; and a connection bus 710 for connecting various module components in the above-mentioned electronic device.
  • the disclosed technical content can be realized in other ways.
  • the device embodiments described above are only illustrative.
  • the division of the units may be a logical function division.
  • multiple units or components may be combined or may be Integrate into another system, or some features may be ignored, or not implemented.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of units or modules may be in electrical or other forms.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple units. Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.
  • each functional unit in each embodiment of the present disclosure may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit.
  • the above-mentioned integrated units can be implemented in the form of hardware or in the form of software functional units.
  • the integrated unit is realized in the form of a software function unit and sold or used as an independent product, it can be stored in a computer-readable storage medium.
  • the technical solution of the present disclosure is essentially or part of the contribution to the prior art, or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , including several instructions to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in various embodiments of the present disclosure.
  • the aforementioned storage media include: U disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disk or optical disc, etc., which can store program codes. .

Abstract

The present disclosure provides a communicative connection method, system, and apparatus, a storage medium, and a processor. The method comprises: receiving a connection request initiated by an application program; generating an encrypted password on the basis of the connection request; transmitting the encrypted password and a preset random value to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value; verifying the verification information returned by the application program to obtain a verification result; according to the verification result, establishing a communicative connection with the application program.

Description

通信连接方法、系统、装置、存储介质及处理器Communication connection method, system, device, storage medium and processor
本公开要求于2021年12月10日提交中国专利局、申请号为202111511059.3、发明名称“通信连接方法、系统、装置、存储介质及处理器”的中国专利申请的优先权,其全部内容通过引用结合在本公开中。This disclosure claims the priority of the Chinese patent application with the application number 202111511059.3 and the title of the invention "communication connection method, system, device, storage medium and processor" filed with the China Patent Office on December 10, 2021, the entire contents of which are incorporated by reference incorporated in this disclosure.
技术领域technical field
本公开涉及通信领域,具体而言,涉及一种通信连接方法、系统、装置、存储介质及处理器。The present disclosure relates to the communication field, and in particular, to a communication connection method, system, device, storage medium, and processor.
背景技术Background technique
普通的应用程序App和BLE设备连接,有两种,其中,一种是直接连接没有任何连接校验措施,另一种是普通的秘钥校验,这种秘钥很容易被攻击者窃取,从而恶意连接设备。There are two types of connection between common application apps and BLE devices. One is direct connection without any connection verification measures, and the other is common secret key verification, which is easy to be stolen by attackers. Thus maliciously connecting the device.
针对上述应用程序与设备之间的通信连接不安全的问题,目前尚未提出有效的解决方案。Aiming at the above-mentioned problem of insecure communication connection between the application program and the device, no effective solution has been proposed so far.
发明内容Contents of the invention
本公开实施例提供了一种通信连接方法、系统、装置、存储介质及处理器,以至少解决应用程序与设备之间的通信连接不安全的技术问题。Embodiments of the present disclosure provide a communication connection method, system, device, storage medium, and processor, so as to at least solve the technical problem of an insecure communication connection between an application program and a device.
根据本公开实施例的一个方面,提供了一种通信连接方法,包括:接收应用程序发起的连接请求;基于所述连接请求生成加密口令;将所述加密口令和预设随机值发送至所述应用程序,其中,所述应用程序根据所述加密口令和所述预设随机值生成验证信息;对所述验证信息进行验证,得到验证结果;根据所述验证结果建立与所述应用程序的通信连接。According to an aspect of an embodiment of the present disclosure, a communication connection method is provided, including: receiving a connection request initiated by an application; generating an encrypted password based on the connection request; sending the encrypted password and a preset random value to the An application program, wherein the application program generates verification information according to the encrypted password and the preset random value; verifies the verification information to obtain a verification result; establishes communication with the application program according to the verification result connect.
根据本公开实施例的另一方面,还提供了一种通信连接方法,包括:向待连接设备发出的连接请求;接收所述待连接设备提供的加密口令和预设随机值,其中,所述待连接设备根据所述连接请求生成所述加密口令,所述待连接设备预先存有所述预设随机值;根据所述加密口令和所述预设随机值生成验证信息;向所述待连接设备发送验证信息,其中,所述待连接设备对所述验证信息进行验证,得到验证结果;并根据所According to another aspect of the embodiments of the present disclosure, there is also provided a communication connection method, including: sending a connection request to the device to be connected; receiving an encrypted password and a preset random value provided by the device to be connected, wherein the The device to be connected generates the encrypted password according to the connection request, and the device to be connected pre-stores the preset random value; generates verification information according to the encrypted password and the preset random value; The device sends verification information, wherein the device to be connected verifies the verification information to obtain a verification result; and according to the
根据本公开实施例的另一方面,还提供了一种通信连接系统,包括:应用程序, 设置为向待连接设备发送连接请求;接收所述待连接设备提供的加密口令和预设随机值;根据所述加密口令和所述预设随机值生成验证信息;向所述待连接设备发送验证信息;待连接设备,设置为基于所述连接请求生成加密口令,对所述应用程序返回的所述验证信息进行验证,得到验证结果;根据所述验证结果建立与所述应用程序的通信连接。According to another aspect of the embodiments of the present disclosure, there is also provided a communication connection system, including: an application program configured to send a connection request to a device to be connected; receive an encrypted password and a preset random value provided by the device to be connected; Generate verification information according to the encrypted password and the preset random value; send the verification information to the device to be connected; the device to be connected is set to generate an encrypted password based on the connection request, and the returned by the application program Verifying the verification information to obtain a verification result; establishing a communication connection with the application program according to the verification result.
根据本公开实施例的另一方面,还提供了一种通信连接装置,包括:第一接收单元,设置为接收应用程序发起的连接请求;第一生成单元,设置为基于所述连接请求生成加密口令;第一发送单元,设置为将所述加密口令和预设随机值发送至所述应用程序,其中,所述应用程序根据所述加密口令和所述预设随机值生成验证信息;验证单元,设置为对所述验证信息进行验证,得到验证结果;建立单元,设置为根据所述验证结果建立与所述应用程序的通信连接。According to another aspect of the embodiments of the present disclosure, there is also provided a communication connection device, including: a first receiving unit configured to receive a connection request initiated by an application program; a first generation unit configured to generate an encrypted message based on the connection request password; a first sending unit configured to send the encrypted password and a preset random value to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value; a verification unit , configured to verify the verification information to obtain a verification result; an establishing unit configured to establish a communication connection with the application program according to the verification result.
根据本公开实施例的另一方面,还提供了一种通信连接装置,包括:第二发送单元,设置为向待连接设备发出的连接请求;第二接收单元,设置为接收所述待连接设备提供的加密口令和预设随机值,其中,所述待连接设备根据所述连接请求生成所述加密口令,所述待连接设备预先存有所述预设随机值;第二生成单元,设置为根据所述加密口令和所述预设随机值生成验证信息;第三发送单元,设置为向所述待连接设备发送验证信息,其中,所述待连接设备对所述验证信息进行验证,得到验证结果;并根据所述验证结果建立通信连接。According to another aspect of the embodiments of the present disclosure, there is also provided a communication connection device, including: a second sending unit configured to send a connection request to the device to be connected; a second receiving unit configured to receive the device to be connected An encrypted password and a preset random value are provided, wherein the device to be connected generates the encrypted password according to the connection request, and the device to be connected pre-stores the preset random value; the second generation unit is configured to Generate verification information according to the encrypted password and the preset random value; the third sending unit is configured to send verification information to the device to be connected, wherein the device to be connected verifies the verification information to obtain verification result; and establish a communication connection according to the verification result.
根据本公开实施例的另一方面,还提供了一种计算机可读存储介质,所述计算机可读存储介质包括存储的程序,其中,在所述程序运行时控制所述计算机可读存储介质所在设备执行上述通信连接方法。According to another aspect of the embodiments of the present disclosure, there is also provided a computer-readable storage medium, the computer-readable storage medium includes a stored program, wherein when the program is running, the computer-readable storage medium is controlled The device executes the communication connection method described above.
根据本公开实施例的另一方面,还提供了一种处理器,所述处理器设置为运行程序,其中,所述程序运行时执行上述通信连接方法。According to another aspect of the embodiments of the present disclosure, there is also provided a processor, the processor is configured to run a program, wherein the above-mentioned communication connection method is executed when the program is running.
在本公开实施例中,接收应用程序发起的连接请求;基于连接请求生成加密口令;将加密口令和预设随机值发送至应用程序,其中,应用程序根据加密口令和预设随机值生成验证信息;对应用程序返回的验证信息进行验证,得到验证结果;根据验证结果建立与应用程序的通信连接;由于建立通信连接的验证信息是根据预设随机值和加密口令生成的,且加密口令是基于连接请求动态生成的,因此每次建立通信连接的验证信息将是不同的,进而即便验证信息被别人窃取也不会出现恶意连接的情况,进而解决了应用程序与设备之间的通信连接不安全技术问题。In the embodiment of the present disclosure, the connection request initiated by the application program is received; an encrypted password is generated based on the connection request; the encrypted password and the preset random value are sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value ;Verify the verification information returned by the application program to obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is generated according to a preset random value and an encrypted password, and the encrypted password is based on The connection request is dynamically generated, so the verification information for each communication connection establishment will be different, and even if the verification information is stolen by others, there will be no malicious connection, thus solving the problem of insecure communication between the application and the device technical problem.
附图说明Description of drawings
此处所说明的附图用来提供对本公开的进一步理解,构成本申请的一部分,本公开的示意性实施例及其说明设置为解释本公开,并不构成对本公开的不当限定。在附图中:The drawings described here are used to provide a further understanding of the present disclosure, and constitute a part of the present application. The exemplary embodiments of the present disclosure and their descriptions are set to explain the present disclosure, and do not constitute undue limitations on the present disclosure. In the attached picture:
图1是根据本公开实施例的一种通信连接方法的流程图一;FIG. 1 is a flowchart 1 of a communication connection method according to an embodiment of the present disclosure;
图2是根据本公开实施例的一种通信连接方法的流程图二;FIG. 2 is a second flowchart of a communication connection method according to an embodiment of the present disclosure;
图3是根据本公开实施例的一种App与BLE设备连接安全机制的示意图;3 is a schematic diagram of a security mechanism for connecting an App to a BLE device according to an embodiment of the present disclosure;
图4是根据本公开实施例的一种通信连接系统的示意图;Fig. 4 is a schematic diagram of a communication connection system according to an embodiment of the present disclosure;
图5是根据本公开实施例的一种通信连接装置的示意图一;FIG. 5 is a first schematic diagram of a communication connection device according to an embodiment of the present disclosure;
图6是根据本公开实施例的一种通信连接装置的示意图二;FIG. 6 is a second schematic diagram of a communication connection device according to an embodiment of the present disclosure;
图7是根据本公开实施例的一种可选的电子装置的结构框图。Fig. 7 is a structural block diagram of an optional electronic device according to an embodiment of the present disclosure.
具体实施方式Detailed ways
为了使本技术领域的人员更好地理解本公开方案,下面将结合本公开实施例中的附图,对本公开实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本公开一部分的实施例,而不是全部的实施例。基于本公开中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都应当属于本公开保护的范围。In order to enable those skilled in the art to better understand the present disclosure, the technical solutions in the embodiments of the present disclosure will be clearly and completely described below in conjunction with the drawings in the embodiments of the present disclosure. Obviously, the described embodiments are only It is an embodiment of a part of the present disclosure, but not all of the embodiments. Based on the embodiments in the present disclosure, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts shall fall within the protection scope of the present disclosure.
需要说明的是,本公开的说明书和权利要求书及上述附图中的术语“第一”、“第二”等是用于区别类似的对象,而不必用于描述特定的顺序或先后次序。应该理解这样使用的数据在适当情况下可以互换,以便这里描述的本公开的实施例能够以除了在这里图示或描述的那些以外的顺序实施。此外,术语“包括”和“具有”以及他们的任何变形,意图在于覆盖不排他的包含,例如,包含了一系列步骤或单元的过程、方法、系统、产品或设备不必限于清楚地列出的那些步骤或单元,而是可包括没有清楚地列出的或对于这些过程、方法、产品或设备固有的其它步骤或单元。It should be noted that the terms "first" and "second" in the specification and claims of the present disclosure and the above drawings are used to distinguish similar objects, but not necessarily used to describe a specific sequence or sequence. It is to be understood that the data so used are interchangeable under appropriate circumstances such that the embodiments of the disclosure described herein can be practiced in sequences other than those illustrated or described herein. Furthermore, the terms "comprising" and "having", as well as any variations thereof, are intended to cover a non-exclusive inclusion, for example, a process, method, system, product or device comprising a sequence of steps or elements is not necessarily limited to the expressly listed instead, may include other steps or elements not explicitly listed or inherent to the process, method, product or apparatus.
根据本公开实施例,提供了一种通信连接方法实施例,需要说明的是,在附图的流程图示出的步骤可以在诸如一组计算机可执行指令的计算机系统中执行,并且,虽然在流程图中示出了逻辑顺序,但是在某些情况下,可以以不同于此处的顺序执行所示出或描述的步骤。According to an embodiment of the present disclosure, an embodiment of a communication connection method is provided. It should be noted that the steps shown in the flowcharts of the accompanying drawings can be executed in a computer system such as a set of computer-executable instructions, and, although in The flowcharts show a logical order, but in some cases the steps shown or described may be performed in an order different from that shown or described herein.
图1是根据本公开实施例的一种通信连接方法的流程图一,如图1所示,该方法包括如下步骤:Fig. 1 is a flow chart 1 of a communication connection method according to an embodiment of the present disclosure. As shown in Fig. 1, the method includes the following steps:
步骤S102,接收应用程序发起的连接请求;Step S102, receiving a connection request initiated by an application;
步骤S104,基于连接请求生成加密口令;Step S104, generating an encrypted password based on the connection request;
步骤S106,将加密口令和预设随机值发送至应用程序,其中,应用程序根据加密口令和预设随机值生成验证信息;Step S106, sending the encrypted password and the preset random value to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value;
步骤S108,对验证信息进行验证,得到验证结果;Step S108, verifying the verification information to obtain a verification result;
步骤S110,根据验证结果建立与应用程序的通信连接。Step S110, establishing a communication connection with the application program according to the verification result.
在本公开实施例中,接收应用程序发起的连接请求;基于连接请求生成加密口令;将加密口令和预设随机值发送至应用程序,其中,应用程序根据加密口令和预设随机值生成验证信息;对应用程序返回的验证信息进行验证,得到验证结果;根据验证结果建立与应用程序的通信连接;由于建立通信连接的验证信息是根据预设随机值和加密口令生成的,且加密口令是基于连接请求动态生成的,因此每次建立通信连接的验证信息将是不同的,进而即便验证信息被别人窃取也不会出现恶意连接的情况,达到了确保通信连接安全的目的,实现了确保应用程序与设备之间进行安全通信连接的技术效果,进而解决了应用程序与设备之间的通信连接不安全技术问题。In the embodiment of the present disclosure, the connection request initiated by the application program is received; an encrypted password is generated based on the connection request; the encrypted password and the preset random value are sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value ;Verify the verification information returned by the application program to obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is generated according to a preset random value and an encrypted password, and the encrypted password is based on The connection request is dynamically generated, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, there will be no malicious connection, which achieves the purpose of ensuring the security of the communication connection and the application program The technical effect of the secure communication connection with the device, thereby solving the technical problem of the insecure communication connection between the application program and the device.
可选地,加密口令可以是挑战码,预设随机值可以是预设的盐值。Optionally, the encrypted password may be a challenge code, and the preset random value may be a preset salt value.
图1所示的通信连接方法可以应用在待连接设备一侧,对应用程序发起的连接请求进行响应,向应用程序反馈加密口令和预设随机值,并接收应用程序根据加密口令和预设随机值生成的验证信息,再基于验证信息实现待连接设备与应用程序的通信连接。The communication connection method shown in Figure 1 can be applied on the side of the device to be connected, respond to the connection request initiated by the application program, feed back the encrypted password and preset random value to the application program, and receive the application program according to the encrypted password and preset random value. The verification information generated by the value, and then realize the communication connection between the device to be connected and the application program based on the verification information.
需要说明的是,上述通信连接包括:蓝牙通信连接,WiFi通信连接等多种无线方式的通信连接;也可以包括基于验证方式连接的多种优先通信连接。It should be noted that the above-mentioned communication connections include: Bluetooth communication connections, WiFi communication connections, and other wireless communication connections; and may also include various priority communication connections based on verification-based connections.
在上述步骤S104中,加密口令可以是根据连接请求随机生成的,每次连接可以生成不同的加密口令。In the above step S104, the encrypted password may be randomly generated according to the connection request, and a different encrypted password may be generated for each connection.
在上述步骤S106中,预设随机值可以是预先存储在待连接设备中的唯一标识,待连接设备可以向发起连接请求的应用程序APP反馈该预设随机值。In the above step S106, the preset random value may be a unique identifier pre-stored in the device to be connected, and the device to be connected may feed back the preset random value to the application program APP that initiates the connection request.
可选地,预设随机值可以是连接设备与应用程序第一次连接时,由应用程序提供的。Optionally, the preset random value may be provided by the application program when the connected device is connected to the application program for the first time.
在上述步骤S106中,对应用程序返回的验证信息进行验证,得到验证结果包括:使用加密口令还原验证信息,再基于还原的验证信息进行验证,来得到验证结果。In the above step S106, verifying the verification information returned by the application program, and obtaining the verification result includes: restoring the verification information using an encrypted password, and then performing verification based on the restored verification information to obtain the verification result.
作为一种可选的实施例,对应用程序返回的验证信息进行验证,得到验证结果包括:根据加密口令还原验证信息,得到验证签名;判断验证签名与预设签名是否一致,其中,预设签名根据预设随机值确定;在验证签名与预设签名一致的情况下,确定验证结果为通过验证;在验证签名与预设签名不一致的情况下,确定验证结果为未通过验证。As an optional embodiment, verifying the verification information returned by the application program, and obtaining the verification result includes: restoring the verification information according to the encrypted password to obtain the verification signature; judging whether the verification signature is consistent with the preset signature, wherein the preset signature Determine according to a preset random value; if the verification signature is consistent with the preset signature, determine that the verification result is verified; if the verification signature is inconsistent with the preset signature, determine that the verification result is not verified.
可选地,预设签名可以是根据预设随机值生成的。Optionally, the preset signature may be generated according to a preset random value.
作为一种可选的实例,预设签名可以通过如下方式生成:根据预设随机值和预设数组“0123456789abcdefABCD\0"0123456789abcdefABCD\0"生成混淆数组mix[];然后采用sha256加密算法对混淆数组mix[]进行加密运算;最后取出10个哈希算法字节,并把字节转换成字符串,然后把转换的字符串连起来并转换成数据,即可得到预设签名。As an optional example, the preset signature can be generated in the following way: generate the confusion array mix[] according to the preset random value and the preset array "0123456789abcdefABCD\0"0123456789abcdefABCD\0"; then use the sha256 encryption algorithm to encrypt the confusion array mix[] performs encryption operations; finally take out 10 hash algorithm bytes, convert the bytes into strings, and then concatenate the converted strings and convert them into data to obtain the preset signature.
本公开上述实施例,由于预设签名是基于预设随机值生成的,且验证信息是根据加密口令和预设随机值生成的,因此,在已知预设随机值和加密口令,且已知预设签名生成方式的情况下,可以对验证信息进行还原,得到验证签名,若验证签名与待连接设备存储的预设签名一致,则证明本次应用程序和待连接设备的通信连接合法,从而建立应用程序和待连接设备而的通信连接。In the above embodiments of the present disclosure, since the preset signature is generated based on the preset random value, and the verification information is generated based on the encrypted password and the preset random value, when the preset random value and the encrypted password are known, and the known In the case of the preset signature generation method, the verification information can be restored to obtain the verification signature. If the verification signature is consistent with the preset signature stored in the device to be connected, it proves that the communication connection between the application program and the device to be connected is legal, thus Establish a communication connection between the application program and the device to be connected.
可选地,验证信息可以由应用程序生成,其具体过程包括:根据待连接设备反馈的预设随机值,采用预设签名的生成方式生成验证签名,再基于预设签名和加密口令生成验证信息,进而在待连接设备对验证信息进行还原的过程中,基于加密口令即可还原出验证签名。Optionally, the verification information can be generated by the application program, and the specific process includes: according to the preset random value fed back by the device to be connected, the verification signature is generated using the preset signature generation method, and then the verification information is generated based on the preset signature and encrypted password , and then in the process of restoring the verification information by the device to be connected, the verification signature can be restored based on the encrypted password.
可选地,待连接设备内可以预先存有预设签名的生成方式。Optionally, a preset signature generation method may be pre-stored in the device to be connected.
作为一种可选的实施例,在接收应用程序发起的连接请求之后,方法还包括:检测待连接设备是否第一次与应用程序进行连接;在待连接设备是第一次与应用程序进行连接的情况下,存储应用程序提供的预设随机值和预设签名,并建立与应用程序的通信连接,其中,应用程序根据预设随机值生成预设签名。As an optional embodiment, after receiving the connection request initiated by the application, the method further includes: detecting whether the device to be connected is connected to the application for the first time; In the case of , the preset random value and preset signature provided by the application are stored, and a communication connection with the application is established, wherein the application generates a preset signature according to the preset random value.
本公开上述实施例,由于待连接设备中存储的预设随机值和预设签名都是由应用程序提供的,因此,若待连接设备与应用程序第一次建立通信连接,则待连接设备中就不会存有应用程序提供的预设随机值和预设签名,在这种情况下,待连接设备与应用程序可以在不进行验证的情况下直接建立通信连接,进而待连接设备可以接收应用程序提供的预设随机值和预设签名,并将该预设随机值和预设签名存储,为待连接设备与应用程序的下一次通信连接提供验证。In the above embodiments of the present disclosure, since the preset random value and the preset signature stored in the device to be connected are provided by the application program, if the device to be connected establishes a communication connection with the application program for the first time, the There will be no preset random value and preset signature provided by the application. In this case, the device to be connected and the application can directly establish a communication connection without verification, and then the device to be connected can receive the application. The preset random value and preset signature provided by the program are stored, and the preset random value and preset signature are stored to provide verification for the next communication connection between the device to be connected and the application program.
作为一种可选的实施例,检测待连接设备是否第一次与应用程序进行连接包括: 检测待连接设备是否存有应用程序提供的预设随机值和预设签名;若待连接设备中未存有应用程序提供的预设随机值和预设签名,则认为待连接设备是第一次与应用程序进行连接;若待连接设备中存有应用程序提供的预设随机值和预设签名,则认为待连接设备不是第一次与应用程序进行连接。As an optional embodiment, detecting whether the device to be connected is connected to the application for the first time includes: detecting whether the device to be connected has a preset random value and a preset signature provided by the application; If there is a preset random value and preset signature provided by the application, it is considered that the device to be connected is connected to the application for the first time; if the preset random value and preset signature provided by the application are stored in the device to be connected, Then it is considered that the device to be connected is not connected with the application program for the first time.
可选地,检测待连接设备是否第一次与应用程序进行连接,既可以在待连接设备侧进行,也可以在应用程序侧进行,还可以在待连接设备侧和应用程序侧同时进行。Optionally, detecting whether the device to be connected is connected to the application program for the first time can be performed on the device to be connected side, the application program side, or both the device to be connected side and the application program side.
可选地,在待连接设备侧检测待连接设备是否第一次与应用程序进行连接,可以通过检测待连接设备中是否存有应用程序提供的预设随机值和预设签名确定,若待连接设备中存有应用程序提供的预设随机值和预设签名,则确定不是第一次连接;若待连接设备中未存有应用程序提供的预设随机值和预设签名,则确定是第一次连接。Optionally, on the side of the device to be connected, it is detected whether the device to be connected is connected to the application program for the first time, which can be determined by detecting whether there is a preset random value and a preset signature provided by the application program in the device to be connected. If the preset random value and preset signature provided by the application are stored in the device, it is determined that it is not the first connection; if the preset random value and preset signature provided by the application are not stored in the device to be connected, it is determined that it is the first one connection.
可选地,在应用程序侧检测待连接设备是否第一次与应用程序进行连接,可以通过检测应用程序的历史连接记录中是否存在待连接设备的连接记录确定,若历史连接记录中未包括待连接设备的连接记录,则确定是第一次连接,并在连接后向待连接设备提供预设随机值和预设签名;若历史连接记录中包括待连接设备的连接记录,则确定不是第一次连接。Optionally, on the application side, it is detected whether the device to be connected is connected to the application program for the first time, which can be determined by detecting whether there is a connection record of the device to be connected in the historical connection record of the application program. If the connection record of the connected device is determined to be the first connection, a preset random value and a preset signature will be provided to the device to be connected after the connection; if the connection record of the device to be connected is included in the historical connection record, it is determined not to be the first connections.
可选地,在待连接设备侧和应用程序侧同步检测待连接设备是否第一次与应用程序进行连接,在待连接设备和应用程序的检测结果相同时,确定检测结果正确,并按照确定的检测结果建立待连接设备与应用程序的通信连接。Optionally, synchronously detect whether the device to be connected is connected to the application for the first time on the side of the device to be connected and the application program, and when the detection results of the device to be connected and the application program are the same, determine that the detection result is correct, and follow the determined The detection result establishes a communication connection between the device to be connected and the application program.
图2是根据本公开实施例的一种通信连接方法的流程图二,如图2所示,该方法包括如下步骤:Fig. 2 is a flowchart 2 of a communication connection method according to an embodiment of the present disclosure. As shown in Fig. 2, the method includes the following steps:
步骤S202,向待连接设备发出的连接请求;Step S202, sending a connection request to the device to be connected;
步骤S204,接收待连接设备提供的加密口令和预设随机值,其中,待连接设备根据连接请求生成加密口令,待连接设备预先存有预设随机值;Step S204, receiving an encrypted password and a preset random value provided by the device to be connected, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset random value in advance;
步骤S206,根据加密口令和预设随机值生成验证信息;Step S206, generating verification information according to the encrypted password and the preset random value;
步骤S208,向待连接设备发送验证信息,其中,待连接设备对验证信息进行验证,得到验证结果;并根据验证结果建立通信连接。Step S208, sending verification information to the device to be connected, wherein the device to be connected verifies the verification information to obtain a verification result; and establishes a communication connection according to the verification result.
在本公开实施例中,向待连接设备发出的连接请求;接收待连接设备提供的加密口令和预设随机值,其中,待连接设备根据连接请求生成加密口令,待连接设备预先存有预设随机值;根据加密口令和预设随机值生成验证信息;向待连接设备发送验证信息,其中,待连接设备对验证信息进行验证,得到验证结果;并根据验证结果建立通信连接;由于建立通信连接的验证信息是根据预设随机值和加密口令生成的,且加 密口令是基于连接请求动态生成的,因此每次建立通信连接的验证信息将是不同的,进而即便验证信息被别人窃取也不会出现恶意连接的情况,达到了确保通信连接安全的目的,实现了确保应用程序与设备之间进行安全通信连接的技术效果,进而解决了应用程序与设备之间的通信连接不安全技术问题。In the embodiment of the present disclosure, a connection request is sent to the device to be connected; an encrypted password and a preset random value provided by the device to be connected are received, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset Random value; generate verification information according to the encrypted password and preset random value; send verification information to the device to be connected, wherein, the device to be connected verifies the verification information and obtains the verification result; and establishes a communication connection according to the verification result; due to the establishment of the communication connection The verification information is generated according to the preset random value and encrypted password, and the encrypted password is dynamically generated based on the connection request, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, it will not In the case of a malicious connection, the purpose of ensuring the security of the communication connection is achieved, the technical effect of ensuring a secure communication connection between the application program and the device is achieved, and the technical problem of the insecure communication connection between the application program and the device is solved.
图2所示的通信连接方法可以应用在应用程序一侧,向待连接设备发出连接请求,获取待连接设备反馈的加密口令和预设随机值,再根据加密口令和预设随机值验证信息,并将验证信息发送至待连接设备进行验证,再基于待连接设备的验证结果实现待连接设备与应用程序的通信连接。The communication connection method shown in Figure 2 can be applied on the application side, send a connection request to the device to be connected, obtain the encrypted password and preset random value fed back by the device to be connected, and then verify the information according to the encrypted password and preset random value, And send the verification information to the device to be connected for verification, and then realize the communication connection between the device to be connected and the application program based on the verification result of the device to be connected.
需要说明的是,上述通信连接包括:蓝牙通信连接,WiFi通信连接等多种无线方式的通信连接;也可以包括基于验证方式连接的多种优先通信连接。It should be noted that the above-mentioned communication connections include: Bluetooth communication connections, WiFi communication connections, and other wireless communication connections; and may also include various priority communication connections based on verification-based connections.
可选地,根据加密口令和预设随机值生成验证信息包括:根据待连接设备反馈的预设随机值,采用预设签名的生成方式生成验证签名,再基于预设签名和加密口令生成验证信息,进而在待连接设备对验证信息进行还原的过程中,基于加密口令即可还原出验证签名。Optionally, generating the verification information according to the encrypted password and the preset random value includes: according to the preset random value fed back by the device to be connected, using a preset signature generation method to generate the verification signature, and then generating the verification information based on the preset signature and the encrypted password , and then in the process of restoring the verification information by the device to be connected, the verification signature can be restored based on the encrypted password.
作为一种可选的实施例,在向待连接设备发出的连接请求之后,方法还包括:检测应用程序是否第一次与待连接设备进行连接;在应用程序第一次与待连接设备进行连接的情况下,应用程序生成预设随机值和预设签名,并将预设随机值和预设签名发送至待连接设备,其中,预设签名根据预设随机值确定。As an optional embodiment, after sending the connection request to the device to be connected, the method further includes: detecting whether the application program is connected to the device to be connected for the first time; In the case of , the application generates a preset random value and a preset signature, and sends the preset random value and the preset signature to the device to be connected, wherein the preset signature is determined according to the preset random value.
作为一种可选的实施例,检测应用程序是否第一次与待连接设备进行连接包括:查询应用程序的历史连接记录中是否包括待连接设备的连接记录;若历史连接记录中未包括待连接设备的连接记录,则认为待连接设备是第一次与应用程序进行连接;若历史连接记录中包括待连接设备的连接记录,则认为待连接设备不是第一次与应用程序进行连接。As an optional embodiment, detecting whether the application program is connected to the device to be connected for the first time includes: querying whether the historical connection record of the application program includes the connection record of the device to be connected; If there is no connection record of the device, it is considered that the device to be connected is connected to the application for the first time; if the historical connection record includes the connection record of the device to be connected, it is considered that the device to be connected is not connected to the application for the first time.
为了便于说明,下面以应用程序APP与BLE低功耗蓝牙设备的通信连接为例,进行说明。For the convenience of description, the communication connection between the application program APP and the BLE Bluetooth low energy device is taken as an example below for description.
本公开还提供了一种可选实施例,该可选实施例提供了一种App与BLE设备连接安全机制。The present disclosure also provides an optional embodiment, which provides a security mechanism for connecting an App to a BLE device.
图3是根据本公开实施例的一种App与BLE设备连接安全机制的示意图,如图3所示,连接安全机制如下:FIG. 3 is a schematic diagram of a connection security mechanism between an App and a BLE device according to an embodiment of the present disclosure. As shown in FIG. 3 , the connection security mechanism is as follows:
1)BLE设备(低功耗蓝牙设备)出厂时没有任何数据,应用程序App第一次连接会给BLE设备写入预设盐值Salt Value和预设签名Signature,BLE设备把预设盐值 Salt Value和预设签名Signature直接存储起来1) The BLE device (Bluetooth Low Energy device) does not have any data when it leaves the factory. The first connection of the application app will write the preset salt value Salt Value and preset signature Signature to the BLE device, and the BLE device will write the preset salt value Salt Value Value and preset signature Signature are stored directly
2)当应用程序App第二次和BLE设备连接时,首先读取之前存储的预设盐值Salt Value和随机生成的挑战码Challenge Code,然后经过算法生成验证信息Verification,并把它写入BLE设备。2) When the application App connects to the BLE device for the second time, it first reads the previously stored preset salt value Salt Value and the randomly generated challenge code Challenge Code, then generates the verification information Verification through an algorithm, and writes it into the BLE equipment.
其中,验证信息Verification由预设签名Signature(由预设盐值Salt Value生成)和挑战码Challenge Code(从固件读取的)的每个字节经过异或运算生成。Among them, the verification information Verification is generated by the XOR operation of each byte of the preset signature Signature (generated from the preset salt value Salt Value) and the challenge code Challenge Code (read from the firmware).
3)BLE设备获得验证信息Verification后,用它和本次连接随机生成的挑战码Challenge Code做异或运算还原出验证签名Signature。3) After the BLE device obtains the verification information Verification, it uses it and the Challenge Code randomly generated by this connection to perform an XOR operation to restore the verification signature Signature.
4)用还原出得验证签名Signature和第一次写入的预设Signature做比较,相等则解密成功,BLE设备与应用程序App连接,否则解密失败BLE设备主动断开连接。4) Compare the restored verification signature Signature with the preset Signature written for the first time, if they are equal, the decryption is successful, and the BLE device is connected to the application App, otherwise the decryption fails and the BLE device actively disconnects.
本公开提供的技术方案,为保证BLE设备和App安全的建立连接,通过使用动态签名、动态挑战码,对设备连接进行签名校验,每次连接BLE设备发送的秘钥都是动态生成的被别人窃取也没有安全风险,保证应用程序App与BLE设备安全连接,防止攻击者连接BLE设备恶意篡改数据。The technical solution provided by this disclosure, in order to ensure the secure connection between the BLE device and the App, uses dynamic signatures and dynamic challenge codes to verify the signature of the device connection, and the secret key sent by the BLE device every time it is connected is dynamically generated. There is no security risk if someone else steals it. It ensures the safe connection between the application app and the BLE device, and prevents attackers from connecting to the BLE device to maliciously tamper with the data.
可选地,由于每次连接BLE设备之前都会获取预设盐值和挑战码并计算验证信息Verification,相对来说会增加连接的时间;因此,针对关键及敏感的业务使用本方案能够保证连接的安全性。Optionally, since the preset salt value and challenge code are obtained and the verification information Verification is calculated before each connection to the BLE device, the connection time will be relatively increased; therefore, using this solution for critical and sensitive services can ensure the connection safety.
由于应用程序APP端BLE设备的连接,连接校验安全性也尤为重要,若连接不进行加密校验则容易被攻击者连接设备,然后恶意篡改BLE设备的数据,普通的设备一般不加密就可以连接,或者采用静态秘钥校验过于简单很容易被破解;因此采用本方案的连接方式能有效的避免攻击者的恶意连接设备。Due to the connection of the BLE device on the APP side of the application, the security of the connection verification is also very important. If the connection is not encrypted and verified, it is easy for an attacker to connect to the device and then maliciously tamper with the data of the BLE device. Ordinary devices generally do not encrypt Connection, or the use of static key verification is too simple and easy to be cracked; therefore, the connection method of this scheme can effectively prevent attackers from maliciously connecting devices.
图4是根据本公开实施例的一种通信连接系统的示意图,如图4所示,该系统包括:应用程序42,设置为向待连接设备发送连接请求;接收待连接设备提供的加密口令和预设随机值;根据加密口令和预设随机值生成验证信息;向待连接设备发送验证信息;待连接设备44,设置为基于连接请求生成加密口令,对应用程序返回的验证信息进行验证,得到验证结果;根据验证结果建立与应用程序的通信连接。FIG. 4 is a schematic diagram of a communication connection system according to an embodiment of the present disclosure. As shown in FIG. 4 , the system includes: an application program 42 configured to send a connection request to the device to be connected; receive the encrypted password and password provided by the device to be connected Preset random value; generate verification information according to the encrypted password and preset random value; send verification information to the device to be connected; the device 44 to be connected is set to generate an encrypted password based on the connection request, and verify the verification information returned by the application program to obtain Validation results; establish a communication connection with the application based on the validation results.
在本公开实施例中,应用程序,设置为向待连接设备发送连接请求;接收待连接设备提供的加密口令和预设随机值;根据加密口令和预设随机值生成验证信息;向待连接设备发送验证信息;待连接设备,设置为基于连接请求生成加密口令,对应用程序返回的验证信息进行验证,得到验证结果;根据验证结果建立与应用程序的通信连接;由于建立通信连接的验证信息是根据预设随机值和加密口令生成的,且加密口令 是基于连接请求动态生成的,因此每次建立通信连接的验证信息将是不同的,进而即便验证信息被别人窃取也不会出现恶意连接的情况,达到了确保通信连接安全的目的,实现了确保应用程序与设备之间进行安全通信连接的技术效果,进而解决了应用程序与设备之间的通信连接不安全技术问题。In the embodiment of the present disclosure, the application program is set to send a connection request to the device to be connected; receive the encrypted password and the preset random value provided by the device to be connected; generate verification information according to the encrypted password and the preset random value; Send verification information; the device to be connected is set to generate an encrypted password based on the connection request, verify the verification information returned by the application program, and obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is Generated according to the preset random value and encrypted password, and the encrypted password is dynamically generated based on the connection request, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, there will be no malicious connection In this situation, the purpose of ensuring the security of the communication connection is achieved, the technical effect of ensuring a secure communication connection between the application program and the device is achieved, and the technical problem of the insecure communication connection between the application program and the device is solved.
作为一种可选的实施例,待连接设备还设置为:根据加密口令还原验证信息,得到验证签名;判断验证签名与预设签名是否一致,其中,预设签名根据预设随机值确定;在验证签名与预设签名一致的情况下,确定验证结果为通过验证;在验证签名与预设签名不一致的情况下,确定验证结果为未通过验证。As an optional embodiment, the device to be connected is also set to: restore the verification information according to the encrypted password to obtain the verification signature; judge whether the verification signature is consistent with the preset signature, wherein the preset signature is determined according to a preset random value; If the verification signature is consistent with the preset signature, it is determined that the verification result is passed the verification; when the verification signature is inconsistent with the preset signature, it is determined that the verification result is not passed the verification.
作为一种可选的实施例,应用程序,还设置为查询历史连接记录中是否包括待连接设备的连接记录;若历史连接记录中未包括待连接设备的连接记录,则认为待连接设备是第一次与应用程序进行连接;在应用程序第一次与待连接设备进行连接的情况下,生成预设随机值和预设签名,并将预设随机值和预设签名发送至待连接设备,其中,预设签名根据预设随机值确定;待连接设备,还设置为检测是否存有应用程序提供的预设随机值和预设签名;若待连接设备中未存有应用程序提供的预设随机值和预设签名,则认为待连接设备是第一次与应用程序进行连接;在待连接设备是第一次与应用程序进行连接的情况下,存储应用程序提供的预设随机值和预设签名,并建立与应用程序的通信连接。As an optional embodiment, the application program is also configured to query whether the historical connection record includes the connection record of the device to be connected; if the connection record of the device to be connected is not included in the historical connection record, it is considered that the device to be connected is the first Connect with the application once; when the application connects with the device to be connected for the first time, generate a preset random value and a preset signature, and send the preset random value and preset signature to the device to be connected, Among them, the preset signature is determined according to the preset random value; the device to be connected is also set to detect whether there is a preset random value and preset signature provided by the application; if the device to be connected does not have the preset random value and preset signature, it is considered that the device to be connected is connecting with the application for the first time; when the device to be connected is connecting with the application for the first time, store the preset random value and preset Set a signature and establish a communication connection with the application.
根据本公开实施例,还提供了一种通信连接装置实施例,需要说明的是,该通信连接装置可以设置为执行本公开实施例中的通信连接方法,本公开实施例中的通信连接方法可以在该通信连接装置中执行。According to an embodiment of the present disclosure, an embodiment of a communication connection device is also provided. It should be noted that the communication connection device can be configured to execute the communication connection method in the embodiment of the present disclosure, and the communication connection method in the embodiment of the present disclosure can be Executed in the communication connection device.
图5是根据本公开实施例的一种通信连接装置的示意图一,如图5所示,该装置可以包括:第一接收单元51,设置为接收应用程序发起的连接请求;第一生成单元53,设置为基于连接请求生成加密口令;第一发送单元55,设置为将加密口令和预设随机值发送至应用程序,其中,应用程序根据加密口令和预设随机值生成验证信息;验证单元57,设置为对验证信息进行验证,得到验证结果;建立单元59,设置为根据验证结果建立与应用程序的通信连接。FIG. 5 is a first schematic diagram of a communication connection device according to an embodiment of the present disclosure. As shown in FIG. 5 , the device may include: a first receiving unit 51 configured to receive a connection request initiated by an application program; a first generating unit 53 , configured to generate an encrypted password based on the connection request; the first sending unit 55 is configured to send the encrypted password and a preset random value to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value; the verification unit 57 , is configured to verify the verification information to obtain a verification result; the establishment unit 59 is configured to establish a communication connection with the application program according to the verification result.
需要说明的是,该实施例中的第一接收单元51可以设置为执行本申请实施例中的步骤S102,该实施例中的第一生成单元53可以设置为执行本申请实施例中的步骤S104,该实施例中的第一发送单元55可以设置为执行本申请实施例中的步骤S106,该实施例中的验证单元57可以设置为执行本申请实施例中的步骤S108,该实施例中的建立单元59可以设置为执行本申请实施例中的步骤S110。上述模块与对应的步骤所实现的示例和应用场景相同,但不限于上述实施例所公开的内容。It should be noted that the first receiving unit 51 in this embodiment can be configured to execute step S102 in the embodiment of the present application, and the first generating unit 53 in this embodiment can be configured to execute step S104 in the embodiment of the present application , the first sending unit 55 in this embodiment may be configured to execute step S106 in this embodiment of the application, and the verification unit 57 in this embodiment may be configured to execute step S108 in this embodiment of this application, in this embodiment The establishing unit 59 may be configured to execute step S110 in this embodiment of the present application. The examples and application scenarios implemented by the above modules and corresponding steps are the same, but are not limited to the content disclosed in the above embodiments.
在本公开实施例中,接收应用程序发起的连接请求;基于连接请求生成加密口令;将加密口令和预设随机值发送至应用程序,其中,应用程序根据加密口令和预设随机值生成验证信息;对应用程序返回的验证信息进行验证,得到验证结果;根据验证结果建立与应用程序的通信连接;由于建立通信连接的验证信息是根据预设随机值和加密口令生成的,且加密口令是基于连接请求动态生成的,因此每次建立通信连接的验证信息将是不同的,进而即便验证信息被别人窃取也不会出现恶意连接的情况,达到了确保通信连接安全的目的,实现了确保应用程序与设备之间进行安全通信连接的技术效果,进而解决了应用程序与设备之间的通信连接不安全技术问题。In the embodiment of the present disclosure, the connection request initiated by the application program is received; an encrypted password is generated based on the connection request; the encrypted password and the preset random value are sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value ;Verify the verification information returned by the application program to obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is generated according to a preset random value and an encrypted password, and the encrypted password is based on The connection request is dynamically generated, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, there will be no malicious connection, which achieves the purpose of ensuring the security of the communication connection and the application program The technical effect of the secure communication connection with the device, thereby solving the technical problem of the insecure communication connection between the application program and the device.
作为一种可选的实施例,验证单元包括:还原模块,设置为根据加密口令还原验证信息,得到验证签名;第一判断模块,设置为判断验证签名与预设签名是否一致,其中,预设签名根据预设随机值确定;第一确定模块,设置为在验证签名与预设签名一致的情况下,确定验证结果为通过验证;第二确定模块,设置为在验证签名与预设签名不一致的情况下,确定验证结果为未通过验证。As an optional embodiment, the verification unit includes: a restoration module configured to restore verification information according to an encrypted password to obtain a verification signature; a first judging module configured to judge whether the verification signature is consistent with a preset signature, wherein the preset The signature is determined according to a preset random value; the first determination module is set to determine that the verification result is passed the verification when the verification signature is consistent with the preset signature; the second determination module is configured to determine that the verification signature is inconsistent with the preset signature In this case, it is determined that the verification result is not passed the verification.
作为一种可选的实施例,装置还包括:第一检测单元,设置为在接收应用程序发起的连接请求之后,检测待连接设备是否第一次与应用程序进行连接;存储单元,设置为在待连接设备是第一次与应用程序进行连接的情况下,存储应用程序提供的预设随机值和预设签名,并建立与应用程序的通信连接,其中,应用程序根据预设随机值生成预设签名。As an optional embodiment, the device further includes: a first detection unit configured to detect whether the device to be connected is connected to the application program for the first time after receiving the connection request initiated by the application program; a storage unit configured to When the device to be connected is connected to the application program for the first time, store the preset random value and preset signature provided by the application program, and establish a communication connection with the application program, wherein the application program generates a preset random value based on the preset random value. Set signature.
作为一种可选的实施例,第一检测单元包括:检测模块,设置为检测待连接设备是否存有应用程序提供的预设随机值和预设签名;第三确定模块,设置为若待连接设备中未存有应用程序提供的预设随机值和预设签名,则认为待连接设备是第一次与应用程序进行连接;第四确定模块,设置为若待连接设备中存有应用程序提供的预设随机值和预设签名,则认为待连接设备不是第一次与应用程序进行连接。As an optional embodiment, the first detection unit includes: a detection module, configured to detect whether the device to be connected has a preset random value and a preset signature provided by the application; a third determination module, configured to If there is no preset random value and preset signature provided by the application in the device, it is considered that the device to be connected is connected to the application for the first time; The preset random value and preset signature, it is considered that the device to be connected is not the first time to connect with the application.
根据本公开实施例,还提供了一种通信连接装置实施例,需要说明的是,该通信连接装置可以设置为执行本公开实施例中的通信连接方法,本公开实施例中的通信连接方法可以在该通信连接装置中执行。According to an embodiment of the present disclosure, an embodiment of a communication connection device is also provided. It should be noted that the communication connection device can be configured to execute the communication connection method in the embodiment of the present disclosure, and the communication connection method in the embodiment of the present disclosure can be Executed in the communication connection device.
图6是根据本公开实施例的一种通信连接装置的示意图二,如图6所示,该装置可以包括:第二发送单元61,设置为向待连接设备发出的连接请求;第二接收单元63,设置为接收待连接设备提供的加密口令和预设随机值,其中,待连接设备根据连接请求生成加密口令,待连接设备预先存有预设随机值;第二生成单元65,设置为根据加密口令和预设随机值生成验证信息;第三发送单元67,设置为向待连接设备发送验证信息,其中,待连接设备对验证信息进行验证,得到验证结果;并根据验证结果建立 与通信连接。Fig. 6 is a second schematic diagram of a communication connection device according to an embodiment of the present disclosure. As shown in Fig. 6, the device may include: a second sending unit 61 configured to send a connection request to the device to be connected; a second receiving unit 63. Set to receive an encrypted password and a preset random value provided by the device to be connected, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset random value in advance; the second generating unit 65 is configured to An encrypted password and a preset random value generate verification information; the third sending unit 67 is configured to send verification information to the device to be connected, wherein the device to be connected verifies the verification information to obtain a verification result; and establishes a communication connection with the device according to the verification result .
需要说明的是,该实施例中的第二发送单元61可以设置为执行本申请实施例中的步骤S202,该实施例中的第二接收单元63可以设置为执行本申请实施例中的步骤S204,该实施例中的第二生成单元65可以设置为执行本申请实施例中的步骤S206,该实施例中的第三发送单元67可以设置为执行本申请实施例中的步骤S208。上述模块与对应的步骤所实现的示例和应用场景相同,但不限于上述实施例所公开的内容。It should be noted that the second sending unit 61 in this embodiment can be configured to perform step S202 in the embodiment of the present application, and the second receiving unit 63 in this embodiment can be configured to perform step S204 in the embodiment of the present application , the second generating unit 65 in this embodiment may be configured to execute step S206 in the embodiment of the present application, and the third sending unit 67 in this embodiment may be configured to execute step S208 in the embodiment of the present application. The examples and application scenarios implemented by the above modules and corresponding steps are the same, but are not limited to the content disclosed in the above embodiments.
在本公开实施例中,向待连接设备发出的连接请求;接收待连接设备提供的加密口令和预设随机值,其中,待连接设备根据连接请求生成加密口令,待连接设备预先存有预设随机值;根据加密口令和预设随机值生成验证信息;向待连接设备发送验证信息,其中,待连接设备对验证信息进行验证,得到验证结果;并根据验证结果建立通信连接;由于建立通信连接的验证信息是根据预设随机值和加密口令生成的,且加密口令是基于连接请求动态生成的,因此每次建立通信连接的验证信息将是不同的,进而即便验证信息被别人窃取也不会出现恶意连接的情况,达到了确保通信连接安全的目的,实现了确保应用程序与设备之间进行安全通信连接的技术效果,进而解决了应用程序与设备之间的通信连接不安全技术问题。In the embodiment of the present disclosure, a connection request is sent to the device to be connected; an encrypted password and a preset random value provided by the device to be connected are received, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset Random value; generate verification information according to the encrypted password and preset random value; send verification information to the device to be connected, wherein, the device to be connected verifies the verification information and obtains the verification result; and establishes a communication connection according to the verification result; due to the establishment of the communication connection The verification information is generated according to the preset random value and encrypted password, and the encrypted password is dynamically generated based on the connection request, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, it will not In the case of a malicious connection, the purpose of ensuring the security of the communication connection is achieved, the technical effect of ensuring a secure communication connection between the application program and the device is achieved, and the technical problem of the insecure communication connection between the application program and the device is solved.
作为一种可选的实施例,装置还包括:第二检测单元,设置为在向待连接设备发出的连接请求之后,检测应用程序是否第一次与待连接设备进行连接;第四发送单元,设置为在应用程序第一次与待连接设备进行连接的情况下,应用程序生成预设随机值和预设签名,并将预设随机值和预设签名发送至待连接设备,其中,预设签名根据预设随机值确定。As an optional embodiment, the device further includes: a second detection unit, configured to detect whether the application program is connected to the device to be connected for the first time after sending a connection request to the device to be connected; a fourth sending unit, It is set that when the application connects with the device to be connected for the first time, the application generates a preset random value and a preset signature, and sends the preset random value and the preset signature to the device to be connected, wherein, the preset The signature is determined based on a preset random value.
作为一种可选的实施例,第二检测单元包括:查询模块,设置为查询应用程序的历史连接记录中是否包括待连接设备的连接记录;第五确定模块,设置为若历史连接记录中未包括待连接设备的连接记录,则认为待连接设备是第一次与应用程序进行连接;第六确定模块,设置为若历史连接记录中包括待连接设备的连接记录,则认为待连接设备不是第一次与应用程序进行连接。As an optional embodiment, the second detection unit includes: a query module, configured to query whether the connection record of the device to be connected is included in the historical connection record of the application program; If the connection record of the device to be connected is included, it is considered that the device to be connected is connected to the application program for the first time; the sixth determination module is set to if the connection record of the device to be connected is included in the historical connection record, it is considered that the device to be connected is not the first One connection with the application.
本公开的实施例可以提供一种计算机终端,该计算机终端可以是计算机终端群中的任意一个计算机终端设备。可选地,在本实施例中,上述计算机终端也可以替换为移动终端等终端设备。Embodiments of the present disclosure may provide a computer terminal, and the computer terminal may be any computer terminal device in a group of computer terminals. Optionally, in this embodiment, the foregoing computer terminal may also be replaced with a terminal device such as a mobile terminal.
可选地,在本实施例中,上述计算机终端可以位于计算机网络的多个网络设备中的至少一个网络设备。Optionally, in this embodiment, the foregoing computer terminal may be located in at least one network device among multiple network devices of the computer network.
在本实施例中,上述计算机终端通过处理器可以通过传输装置调用存储器存储的信息及应用程序,以执行下述步骤:接收应用程序发起的连接请求;基于连接请求生 成加密口令;将加密口令和预设随机值发送至应用程序,其中,应用程序根据加密口令和预设随机值生成验证信息;对应用程序返回的验证信息进行验证,得到验证结果;根据验证结果建立与应用程序的通信连接。In this embodiment, the above-mentioned computer terminal can call the information stored in the memory and the application program through the transmission device through the processor, so as to perform the following steps: receive the connection request initiated by the application program; generate an encrypted password based on the connection request; convert the encrypted password and The preset random value is sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value; verifies the verification information returned by the application program to obtain a verification result; establishes a communication connection with the application program according to the verification result.
在本公开实施例中,接收应用程序发起的连接请求;基于连接请求生成加密口令;将加密口令和预设随机值发送至应用程序,其中,应用程序根据加密口令和预设随机值生成验证信息;对应用程序返回的验证信息进行验证,得到验证结果;根据验证结果建立与应用程序的通信连接;由于建立通信连接的验证信息是根据预设随机值和加密口令生成的,且加密口令是基于连接请求动态生成的,因此每次建立通信连接的验证信息将是不同的,进而即便验证信息被别人窃取也不会出现恶意连接的情况,达到了确保通信连接安全的目的,实现了确保应用程序与设备之间进行安全通信连接的技术效果,进而解决了应用程序与设备之间的通信连接不安全技术问题。In the embodiment of the present disclosure, the connection request initiated by the application program is received; an encrypted password is generated based on the connection request; the encrypted password and the preset random value are sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value ;Verify the verification information returned by the application program to obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is generated according to a preset random value and an encrypted password, and the encrypted password is based on The connection request is dynamically generated, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, there will be no malicious connection, which achieves the purpose of ensuring the security of the communication connection and the application program The technical effect of the secure communication connection with the device, thereby solving the technical problem of the insecure communication connection between the application program and the device.
可选地,上述处理器还可以执行如下步骤的程序代码:根据加密口令还原验证信息,得到验证签名;判断验证签名与预设签名是否一致,其中,预设签名根据预设随机值确定;在验证签名与预设签名一致的情况下,确定验证结果为通过验证;在验证签名与预设签名不一致的情况下,确定验证结果为未通过验证。Optionally, the above-mentioned processor may also execute the program code in the following steps: restore the verification information according to the encrypted password to obtain the verification signature; judge whether the verification signature is consistent with the preset signature, wherein the preset signature is determined according to a preset random value; If the verification signature is consistent with the preset signature, it is determined that the verification result is passed the verification; when the verification signature is inconsistent with the preset signature, it is determined that the verification result is not passed the verification.
可选地,上述处理器还可以执行如下步骤的程序代码:在接收应用程序发起的连接请求之后,检测待连接设备是否第一次与应用程序进行连接;在待连接设备是第一次与应用程序进行连接的情况下,存储应用程序提供的预设随机值和预设签名,并建立与应用程序的通信连接,其中,应用程序根据预设随机值生成预设签名。Optionally, the above-mentioned processor can also execute the program code of the following steps: after receiving the connection request initiated by the application program, detect whether the device to be connected is connected to the application program for the first time; When the program is connected, the preset random value and the preset signature provided by the application program are stored, and a communication connection with the application program is established, wherein the application program generates the preset signature according to the preset random value.
可选地,上述处理器还可以执行如下步骤的程序代码:检测待连接设备是否存有应用程序提供的预设随机值和预设签名;若待连接设备中未存有应用程序提供的预设随机值和预设签名,则认为待连接设备是第一次与应用程序进行连接;若待连接设备中存有应用程序提供的预设随机值和预设签名,则认为待连接设备不是第一次与应用程序进行连接。Optionally, the above-mentioned processor can also execute the program code of the following steps: detecting whether the device to be connected has a preset random value and a preset signature provided by the application; if the device to be connected does not store the preset random value and preset signature, it is considered that the device to be connected is the first time to connect with the application; if there is a preset random value and preset signature provided by the application in the device to be connected, it is considered that the device to be connected is not the first to connect to the application.
在本实施例中,上述计算机终端通过处理器可以通过传输装置调用存储器存储的信息及应用程序,以执行下述步骤:向待连接设备发出的连接请求;接收待连接设备提供的加密口令和预设随机值,其中,待连接设备根据连接请求生成加密口令,待连接设备预先存有预设随机值;根据加密口令和预设随机值生成验证信息;向待连接设备发送验证信息,其中,待连接设备对验证信息进行验证,得到验证结果;并根据验证结果建立通信连接。In this embodiment, the above-mentioned computer terminal can call the information and application programs stored in the memory through the transmission device through the processor to perform the following steps: send a connection request to the device to be connected; receive the encrypted password and preset password provided by the device to be connected; Set a random value, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset random value in advance; generates verification information according to the encrypted password and the preset random value; sends verification information to the device to be connected, wherein, the device to be connected The connecting device verifies the verification information to obtain a verification result; and establishes a communication connection according to the verification result.
在本公开实施例中,向待连接设备发出的连接请求;接收待连接设备提供的加密口令和预设随机值,其中,待连接设备根据连接请求生成加密口令,待连接设备预先 存有预设随机值;根据加密口令和预设随机值生成验证信息;向待连接设备发送验证信息,其中,待连接设备对验证信息进行验证,得到验证结果;并根据验证结果建立通信连接;由于建立通信连接的验证信息是根据预设随机值和加密口令生成的,且加密口令是基于连接请求动态生成的,因此每次建立通信连接的验证信息将是不同的,进而即便验证信息被别人窃取也不会出现恶意连接的情况,达到了确保通信连接安全的目的,实现了确保应用程序与设备之间进行安全通信连接的技术效果,进而解决了应用程序与设备之间的通信连接不安全技术问题。In the embodiment of the present disclosure, a connection request is sent to the device to be connected; an encrypted password and a preset random value provided by the device to be connected are received, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset Random value; generate verification information according to the encrypted password and preset random value; send verification information to the device to be connected, wherein, the device to be connected verifies the verification information and obtains the verification result; and establishes a communication connection according to the verification result; due to the establishment of the communication connection The verification information is generated according to the preset random value and encrypted password, and the encrypted password is dynamically generated based on the connection request, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, it will not In the case of a malicious connection, the purpose of ensuring the security of the communication connection is achieved, the technical effect of ensuring a secure communication connection between the application program and the device is achieved, and the technical problem of the insecure communication connection between the application program and the device is solved.
可选地,上述处理器还可以执行如下步骤的程序代码:在向待连接设备发出的连接请求之后,检测应用程序是否第一次与待连接设备进行连接;在应用程序第一次与待连接设备进行连接的情况下,应用程序生成预设随机值和预设签名,并将预设随机值和预设签名发送至待连接设备,其中,预设签名根据预设随机值确定。Optionally, the above-mentioned processor can also execute the program code of the following steps: after the connection request sent to the device to be connected, detect whether the application program is connected to the device to be connected for the first time; When the device is connected, the application program generates a preset random value and a preset signature, and sends the preset random value and the preset signature to the device to be connected, wherein the preset signature is determined according to the preset random value.
可选地,上述处理器还可以执行如下步骤的程序代码:查询应用程序的历史连接记录中是否包括待连接设备的连接记录;若历史连接记录中未包括待连接设备的连接记录,则认为待连接设备是第一次与应用程序进行连接;若历史连接记录中包括待连接设备的连接记录,则认为待连接设备不是第一次与应用程序进行连接。Optionally, the above-mentioned processor can also execute the program code of the following steps: query whether the historical connection record of the application program includes the connection record of the device to be connected; if the historical connection record does not include the connection record of the device to be connected, it is considered It is the first time that the connected device is connected with the application; if the historical connection record includes the connection record of the device to be connected, it is considered that the device to be connected is not connected with the application for the first time.
本公开的实施例还提供了一种计算机可读存储介质。可选地,在本实施例中,上述计算机可读存储介质可以设置为保存上述数据传输方法所执行的程序代码。Embodiments of the present disclosure also provide a computer-readable storage medium. Optionally, in this embodiment, the above-mentioned computer-readable storage medium may be configured to store the program code executed by the above-mentioned data transmission method.
可选地,在本实施例中,上述计算机可读存储介质可以位于计算机网络中计算机终端群中的任意一个计算机终端中,或者位于移动终端群中的任意一个移动终端中。Optionally, in this embodiment, the above-mentioned computer-readable storage medium may be located in any computer terminal in the group of computer terminals in the computer network, or in any mobile terminal in the group of mobile terminals.
可选地,在本实施例中,存储介质被设置为存储设置为执行以下步骤的程序代码:接收应用程序发起的连接请求;基于连接请求生成加密口令;将加密口令和预设随机值发送至应用程序,其中,应用程序根据加密口令和预设随机值生成验证信息;对应用程序返回的验证信息进行验证,得到验证结果;根据验证结果建立与应用程序的通信连接。Optionally, in this embodiment, the storage medium is configured to store program code configured to perform the following steps: receiving a connection request initiated by an application; generating an encrypted password based on the connection request; sending the encrypted password and a preset random value to An application program, wherein the application program generates verification information according to the encrypted password and a preset random value; verifies the verification information returned by the application program to obtain a verification result; establishes a communication connection with the application program according to the verification result.
在本公开实施例中,接收应用程序发起的连接请求;基于连接请求生成加密口令;将加密口令和预设随机值发送至应用程序,其中,应用程序根据加密口令和预设随机值生成验证信息;对应用程序返回的验证信息进行验证,得到验证结果;根据验证结果建立与应用程序的通信连接;由于建立通信连接的验证信息是根据预设随机值和加密口令生成的,且加密口令是基于连接请求动态生成的,因此每次建立通信连接的验证信息将是不同的,进而即便验证信息被别人窃取也不会出现恶意连接的情况,达到了确保通信连接安全的目的,实现了确保应用程序与设备之间进行安全通信连接的技术效果,进而解决了应用程序与设备之间的通信连接不安全技术问题。In the embodiment of the present disclosure, the connection request initiated by the application program is received; an encrypted password is generated based on the connection request; the encrypted password and the preset random value are sent to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value ;Verify the verification information returned by the application program to obtain the verification result; establish a communication connection with the application program according to the verification result; since the verification information for establishing a communication connection is generated according to a preset random value and an encrypted password, and the encrypted password is based on The connection request is dynamically generated, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, there will be no malicious connection, which achieves the purpose of ensuring the security of the communication connection and the application program The technical effect of the secure communication connection with the device, thereby solving the technical problem of the insecure communication connection between the application program and the device.
可选地,在本实施例中,存储介质被设置为存储设置为执行以下步骤的程序代码:根据加密口令还原验证信息,得到验证签名;判断验证签名与预设签名是否一致,其中,预设签名根据预设随机值确定;在验证签名与预设签名一致的情况下,确定验证结果为通过验证;在验证签名与预设签名不一致的情况下,确定验证结果为未通过验证。Optionally, in this embodiment, the storage medium is set to store the program code configured to perform the following steps: restore the verification information according to the encrypted password to obtain the verification signature; determine whether the verification signature is consistent with the preset signature, wherein the preset The signature is determined according to a preset random value; if the verification signature is consistent with the preset signature, the verification result is determined to be verified; if the verification signature is inconsistent with the preset signature, the verification result is determined to be failed verification.
可选地,在本实施例中,存储介质被设置为存储设置为执行以下步骤的程序代码:在接收应用程序发起的连接请求之后,检测待连接设备是否第一次与应用程序进行连接;在待连接设备是第一次与应用程序进行连接的情况下,存储应用程序提供的预设随机值和预设签名,并建立与应用程序的通信连接,其中,应用程序根据预设随机值生成预设签名。Optionally, in this embodiment, the storage medium is configured to store program code configured to execute the following steps: after receiving the connection request initiated by the application program, detecting whether the device to be connected is connected to the application program for the first time; When the device to be connected is connected to the application program for the first time, store the preset random value and preset signature provided by the application program, and establish a communication connection with the application program, wherein the application program generates a preset random value based on the preset random value. Set signature.
可选地,在本实施例中,存储介质被设置为存储设置为执行以下步骤的程序代码:检测待连接设备是否存有应用程序提供的预设随机值和预设签名;若待连接设备中未存有应用程序提供的预设随机值和预设签名,则认为待连接设备是第一次与应用程序进行连接;若待连接设备中存有应用程序提供的预设随机值和预设签名,则认为待连接设备不是第一次与应用程序进行连接。Optionally, in this embodiment, the storage medium is configured to store program code configured to perform the following steps: detect whether the device to be connected has a preset random value and a preset signature provided by the application program; If there is no preset random value and preset signature provided by the application, it is considered that the device to be connected is connected to the application for the first time; if the preset random value and preset signature provided by the application are stored in the device to be connected , it is considered that the device to be connected is not the first time to connect with the application.
可选地,在本实施例中,存储介质被设置为存储设置为执行以下步骤的程序代码:向待连接设备发出的连接请求;接收待连接设备提供的加密口令和预设随机值,其中,待连接设备根据连接请求生成加密口令,待连接设备预先存有预设随机值;根据加密口令和预设随机值生成验证信息;向待连接设备发送验证信息,其中,待连接设备对验证信息进行验证,得到验证结果;并根据验证结果建立通信连接。Optionally, in this embodiment, the storage medium is configured to store program code configured to perform the following steps: send a connection request to the device to be connected; receive an encrypted password and a preset random value provided by the device to be connected, wherein, The device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset random value in advance; generates verification information according to the encrypted password and the preset random value; sends verification information to the device to be connected, wherein the device to be connected performs verification on the verification information Verifying to obtain a verification result; and establishing a communication connection according to the verification result.
在本公开实施例中,向待连接设备发出的连接请求;接收待连接设备提供的加密口令和预设随机值,其中,待连接设备根据连接请求生成加密口令,待连接设备预先存有预设随机值;根据加密口令和预设随机值生成验证信息;向待连接设备发送验证信息,其中,待连接设备对验证信息进行验证,得到验证结果;并根据验证结果建立通信连接;由于建立通信连接的验证信息是根据预设随机值和加密口令生成的,且加密口令是基于连接请求动态生成的,因此每次建立通信连接的验证信息将是不同的,进而即便验证信息被别人窃取也不会出现恶意连接的情况,达到了确保通信连接安全的目的,实现了确保应用程序与设备之间进行安全通信连接的技术效果,进而解决了应用程序与设备之间的通信连接不安全技术问题。In the embodiment of the present disclosure, a connection request is sent to the device to be connected; an encrypted password and a preset random value provided by the device to be connected are received, wherein the device to be connected generates an encrypted password according to the connection request, and the device to be connected has a preset Random value; generate verification information according to the encrypted password and preset random value; send verification information to the device to be connected, wherein, the device to be connected verifies the verification information and obtains the verification result; and establishes a communication connection according to the verification result; due to the establishment of the communication connection The verification information is generated according to the preset random value and encrypted password, and the encrypted password is dynamically generated based on the connection request, so the verification information of each communication connection will be different, and even if the verification information is stolen by others, it will not In the case of a malicious connection, the purpose of ensuring the security of the communication connection is achieved, the technical effect of ensuring a secure communication connection between the application program and the device is achieved, and the technical problem of the insecure communication connection between the application program and the device is solved.
可选地,在本实施例中,存储介质被设置为存储设置为执行以下步骤的程序代码:在向待连接设备发出的连接请求之后,检测应用程序是否第一次与待连接设备进行连接;在应用程序第一次与待连接设备进行连接的情况下,应用程序生成预设随机值和预设签名,并将预设随机值和预设签名发送至待连接设备,其中,预设签名根据预设 随机值确定。Optionally, in this embodiment, the storage medium is configured to store a program code configured to execute the following steps: after a connection request is sent to the device to be connected, detect whether the application is connected to the device to be connected for the first time; When the application connects with the device to be connected for the first time, the application generates a preset random value and a preset signature, and sends the preset random value and the preset signature to the device to be connected, wherein the preset signature is based on The preset random value is determined.
可选地,在本实施例中,存储介质被设置为存储设置为执行以下步骤的程序代码:查询应用程序的历史连接记录中是否包括待连接设备的连接记录;若历史连接记录中未包括待连接设备的连接记录,则认为待连接设备是第一次与应用程序进行连接;若历史连接记录中包括待连接设备的连接记录,则认为待连接设备不是第一次与应用程序进行连接。Optionally, in this embodiment, the storage medium is set to store the program code configured to perform the following steps: query whether the historical connection record of the application program includes the connection record of the device to be connected; if the historical connection record does not include the connection record of the device to be connected; If there is no connection record of the connected device, it is considered that the device to be connected is connected to the application for the first time; if the historical connection record includes the connection record of the device to be connected, it is considered that the device to be connected is not connected to the application for the first time.
根据本公开实施例的又一个方面,还提供了一种用于实施上述通信连接方法的电子装置,如图7所示,该电子装置包括存储器702和处理器704,该存储器702中存储有计算机程序,该处理器704被设置为通过计算机程序执行上述任一项方法实施例中的步骤。According to yet another aspect of the embodiments of the present disclosure, there is also provided an electronic device for implementing the communication connection method described above. As shown in FIG. 7 , the electronic device includes a memory 702 and a processor 704, and the memory 702 stores computer program, the processor 704 is configured to execute the steps in any one of the above method embodiments through a computer program.
可选地,在本实施例中,上述电子装置可以位于计算机网络的多个网络设备中的至少一个网络设备。Optionally, in this embodiment, the foregoing electronic device may be located in at least one network device among multiple network devices of the computer network.
可选地,在本实施例中,上述处理器可以被设置为通过计算机程序执行以下步骤:Optionally, in this embodiment, the above-mentioned processor may be configured to execute the following steps through a computer program:
S1,接收应用程序发起的连接请求;S1, receiving the connection request initiated by the application program;
S2,基于所述连接请求生成加密口令;S2, generating an encrypted password based on the connection request;
S3,将所述加密口令和预设随机值发送至所述应用程序,其中,所述应用程序根据所述加密口令和所述预设随机值生成验证信息;S3. Send the encrypted password and the preset random value to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value;
S4,对所述验证信息进行验证,得到验证结果;S4. Verifying the verification information to obtain a verification result;
S5,根据所述验证结果建立与所述应用程序的通信连接。S5. Establish a communication connection with the application program according to the verification result.
可选地,本领域普通技术人员可以理解,图7所示的结构仅为示意,电子装置也可以是智能手机(如Android手机、iOS手机等)、平板电脑、掌上电脑以及移动互联网设备(Mobile Internet Devices,MID)、PAD等终端设备。图7其并不对上述电子装置的结构造成限定。例如,电子装置还可包括比图7中所示更多或者更少的组件(如网络接口等),或者具有与图7所示不同的配置。Optionally, those of ordinary skill in the art can understand that the structure shown in FIG. Internet Devices, MID), PAD and other terminal equipment. FIG. 7 does not limit the structure of the above-mentioned electronic device. For example, the electronic device may also include more or less components than those shown in FIG. 7 (such as a network interface, etc.), or have a different configuration from that shown in FIG. 7 .
其中,存储器702可用于存储软件程序以及模块,如本公开实施例中的通信连接方法和装置对应的程序指令/模块,处理器704通过运行存储在存储器702内的软件程序以及模块,从而执行各种功能应用以及数据处理,即实现上述的通信连接方法。存储器702可包括高速随机存储器,还可以包括非易失性存储器,如一个或者多个磁性存储装置、闪存、或者其他非易失性固态存储器。在一些实例中,存储器702可进一步包括相对于处理器704远程设置的存储器,这些远程存储器可以通过网络连接至终 端。上述网络的实例包括但不限于互联网、企业内部网、局域网、移动通信网及其组合。作为一种示例,如图7所示,上述存储器702中可以但不限于包括上述通信连接装置中的第一接收单元51、第一生成单元53、第一发送单元55、验证单元57、建立单元59。此外,还可以包括但不限于上述通信连接装置中的其他模块单元,本示例中不再赘述。Wherein, the memory 702 can be used to store software programs and modules, such as program instructions/modules corresponding to the communication connection method and device in the embodiments of the present disclosure, and the processor 704 runs the software programs and modules stored in the memory 702 to execute various A functional application and data processing, that is, to realize the above-mentioned communication connection method. The memory 702 may include high-speed random access memory, and may also include non-volatile memory, such as one or more magnetic storage devices, flash memory, or other non-volatile solid-state memory. In some examples, the memory 702 may further include a memory that is remotely located relative to the processor 704, and these remote memories may be connected to the terminal through a network. Examples of the aforementioned networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof. As an example, as shown in FIG. 7, the memory 702 may include, but is not limited to, the first receiving unit 51, the first generation unit 53, the first sending unit 55, the verification unit 57, and the establishment unit in the communication connection device. 59. In addition, it may also include but not limited to other module units in the above-mentioned communication connection device, which will not be repeated in this example.
可选地,上述的传输装置706用于经由一个网络接收或者发送数据。上述的网络具体实例可包括有线网络及无线网络。在一个实例中,传输装置706包括一个网络适配器(Network Interface Controller,NIC),其可通过网线与其他网络设备与路由器相连从而可与互联网或局域网进行通讯。在一个实例中,传输装置706为射频(Radio Frequency,RF)模块,其用于通过无线方式与互联网进行通讯。Optionally, the above-mentioned transmission device 706 is configured to receive or send data via a network. The specific examples of the above-mentioned network may include a wired network and a wireless network. In one example, the transmission device 706 includes a network adapter (Network Interface Controller, NIC), which can be connected with other network devices and a router through a network cable so as to communicate with the Internet or a local area network. In one example, the transmission device 706 is a radio frequency (Radio Frequency, RF) module, which is used to communicate with the Internet in a wireless manner.
此外,上述电子装置还包括:显示器708,用于显示上述通信连接;和连接总线710,用于连接上述电子装置中的各个模块部件。In addition, the above-mentioned electronic device further includes: a display 708 for displaying the above-mentioned communication connection; and a connection bus 710 for connecting various module components in the above-mentioned electronic device.
上述本公开实施例序号仅仅为了描述,不代表实施例的优劣。The serial numbers of the above-mentioned embodiments of the present disclosure are for description only, and do not represent the advantages and disadvantages of the embodiments.
在本公开的上述实施例中,对各个实施例的描述都各有侧重,某个实施例中没有详述的部分,可以参见其他实施例的相关描述。In the above-mentioned embodiments of the present disclosure, the descriptions of each embodiment have their own emphases, and for parts not described in detail in a certain embodiment, reference may be made to relevant descriptions of other embodiments.
在本申请所提供的几个实施例中,应该理解到,所揭露的技术内容,可通过其它的方式实现。其中,以上所描述的装置实施例仅仅是示意性的,例如所述单元的划分,可以为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,单元或模块的间接耦合或通信连接,可以是电性或其它的形式。In the several embodiments provided in this application, it should be understood that the disclosed technical content can be realized in other ways. Wherein, the device embodiments described above are only illustrative. For example, the division of the units may be a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components may be combined or may be Integrate into another system, or some features may be ignored, or not implemented. In another point, the mutual coupling or direct coupling or communication connection shown or discussed may be through some interfaces, and the indirect coupling or communication connection of units or modules may be in electrical or other forms.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or may be distributed to multiple units. Part or all of the units can be selected according to actual needs to achieve the purpose of the solution of this embodiment.
另外,在本公开各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。上述集成的单元既可以采用硬件的形式实现,也可以采用软件功能单元的形式实现。In addition, each functional unit in each embodiment of the present disclosure may be integrated into one processing unit, each unit may exist separately physically, or two or more units may be integrated into one unit. The above-mentioned integrated units can be implemented in the form of hardware or in the form of software functional units.
所述集成的单元如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本公开的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的全部或部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一 台计算机设备(可为个人计算机、服务器或者网络设备等)执行本公开各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、移动硬盘、磁碟或者光盘等各种可以存储程序代码的介质。If the integrated unit is realized in the form of a software function unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present disclosure is essentially or part of the contribution to the prior art, or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , including several instructions to make a computer device (which may be a personal computer, a server, or a network device, etc.) execute all or part of the steps of the methods described in various embodiments of the present disclosure. The aforementioned storage media include: U disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disk or optical disc, etc., which can store program codes. .
以上所述仅是本公开的可选实施方式,应当指出,对于本技术领域的普通技术人员来说,在不脱离本公开原理的前提下,还可以做出若干改进和润饰,这些改进和润饰也应视为本公开的保护范围。The above descriptions are only optional implementations of the present disclosure. It should be pointed out that those skilled in the art can make some improvements and modifications without departing from the principles of the present disclosure. These improvements and modifications It should also be regarded as the protection scope of the present disclosure.

Claims (19)

  1. 一种通信连接方法,包括:A communication connection method, comprising:
    接收应用程序发起的连接请求;Receive connection requests initiated by applications;
    基于所述连接请求生成加密口令;generating an encrypted password based on the connection request;
    将所述加密口令和预设随机值发送至所述应用程序,其中,所述应用程序根据所述加密口令和所述预设随机值生成验证信息;sending the encrypted password and the preset random value to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value;
    对所述验证信息进行验证,得到验证结果;Verifying the verification information to obtain a verification result;
    根据所述验证结果建立与所述应用程序的通信连接。A communication connection with the application program is established according to the verification result.
  2. 根据权利要求1所述的通信连接方法,其中,对所述应用程序返回的所述验证信息进行验证,得到验证结果包括:The communication connection method according to claim 1, wherein, verifying the verification information returned by the application program, and obtaining a verification result includes:
    根据所述加密口令还原所述验证信息,得到验证签名;Restoring the verification information according to the encrypted password to obtain a verification signature;
    判断所述验证签名与预设签名是否一致,其中,所述预设签名根据所述预设随机值确定;judging whether the verification signature is consistent with a preset signature, wherein the preset signature is determined according to the preset random value;
    在所述验证签名与所述预设签名一致的情况下,确定所述验证结果为通过验证;In the case where the verification signature is consistent with the preset signature, determining that the verification result is verified;
    在所述验证签名与所述预设签名不一致的情况下,确定所述验证结果为未通过验证。If the verification signature is inconsistent with the preset signature, it is determined that the verification result fails the verification.
  3. 根据权利要求1所述的通信连接方法,其中,在接收应用程序发起的连接请求之后,所述方法还包括:The communication connection method according to claim 1, wherein, after receiving the connection request initiated by the application program, the method further comprises:
    检测待连接设备是否第一次与所述应用程序进行连接;Detect whether the device to be connected is connected to the application program for the first time;
    在所述待连接设备是第一次与所述应用程序进行连接的情况下,存储所述应用程序提供的预设随机值和预设签名,并建立与所述应用程序的通信连接,其中,所述应用程序根据所述预设随机值生成所述预设签名。When the device to be connected is connected to the application program for the first time, store the preset random value and preset signature provided by the application program, and establish a communication connection with the application program, wherein, The application program generates the preset signature according to the preset random value.
  4. 根据权利要求3所述的通信连接方法,其中,检测所述待连接设备是 否第一次与所述应用程序进行连接包括:The communication connection method according to claim 3, wherein detecting whether the device to be connected is connected with the application program for the first time comprises:
    检测所述待连接设备是否存有所述应用程序提供的所述预设随机值和所述预设签名;Detecting whether the device to be connected has the preset random value and the preset signature provided by the application;
    若所述待连接设备中未存有所述应用程序提供的所述预设随机值和所述预设签名,则认为所述待连接设备是第一次与所述应用程序进行连接;If the preset random value and the preset signature provided by the application do not exist in the device to be connected, it is considered that the device to be connected is connected to the application for the first time;
    若所述待连接设备中存有所述应用程序提供的所述预设随机值和所述预设签名,则认为所述待连接设备不是第一次与所述应用程序进行连接。If the preset random value and the preset signature provided by the application program are stored in the device to be connected, it is considered that the connection between the device to be connected and the application program is not the first time.
  5. 一种通信连接方法,包括:A communication connection method, comprising:
    向待连接设备发出的连接请求;A connection request to the device to be connected;
    接收所述待连接设备提供的加密口令和预设随机值,其中,所述待连接设备根据所述连接请求生成所述加密口令,所述待连接设备预先存有所述预设随机值;receiving an encrypted password and a preset random value provided by the device to be connected, wherein the device to be connected generates the encrypted password according to the connection request, and the device to be connected pre-stores the preset random value;
    根据所述加密口令和所述预设随机值生成验证信息;generating verification information according to the encrypted password and the preset random value;
    向所述待连接设备发送验证信息,其中,所述待连接设备对所述验证信息进行验证,得到验证结果;并根据所述验证结果建立通信连接。Sending verification information to the device to be connected, wherein the device to be connected verifies the verification information to obtain a verification result; and establishes a communication connection according to the verification result.
  6. 根据权利要求5所述的通信连接方法,其中,在向待连接设备发出的连接请求之后,所述方法还包括:The communication connection method according to claim 5, wherein, after sending the connection request to the device to be connected, the method further comprises:
    检测应用程序是否第一次与所述待连接设备进行连接;Detect whether the application is connected to the device to be connected for the first time;
    在所述应用程序第一次与所述待连接设备进行连接的情况下,所述应用程序生成预设随机值和预设签名,并将所述预设随机值和预设签名发送至所述待连接设备,其中,所述预设签名根据所述预设随机值确定。When the application program is connected to the device to be connected for the first time, the application program generates a preset random value and a preset signature, and sends the preset random value and preset signature to the The device to be connected, wherein the preset signature is determined according to the preset random value.
  7. 根据权利要求5所述的通信连接方法,其中,检测应用程序是否第一 次与所述待连接设备进行连接包括:The communication connection method according to claim 5, wherein detecting whether the application program is connected with the device to be connected for the first time comprises:
    查询应用程序的历史连接记录中是否包括所述待连接设备的连接记录;Query whether the historical connection record of the application includes the connection record of the device to be connected;
    若所述历史连接记录中未包括所述待连接设备的连接记录,则认为所述待连接设备是第一次与所述应用程序进行连接;If the historical connection record does not include the connection record of the device to be connected, it is considered that the device to be connected is connected to the application for the first time;
    若所述历史连接记录中包括所述待连接设备的连接记录,则认为所述待连接设备不是第一次与所述应用程序进行连接。If the historical connection record includes the connection record of the device to be connected, it is considered that the device to be connected is not connected with the application program for the first time.
  8. 一种通信连接系统,包括:A communication link system comprising:
    应用程序,设置为向待连接设备发送连接请求;接收所述待连接设备提供的加密口令和预设随机值;根据所述加密口令和所述预设随机值生成验证信息;向所述待连接设备发送验证信息;The application program is set to send a connection request to the device to be connected; receive the encrypted password and preset random value provided by the device to be connected; generate verification information according to the encrypted password and the preset random value; The device sends verification information;
    待连接设备,设置为基于所述连接请求生成加密口令,对所述应用程序返回的所述验证信息进行验证,得到验证结果;根据所述验证结果建立与所述应用程序的通信连接。The device to be connected is configured to generate an encrypted password based on the connection request, verify the verification information returned by the application program, and obtain a verification result; establish a communication connection with the application program according to the verification result.
  9. 根据权利要求8所述的系统,其中,The system of claim 8, wherein,
    所述待连接设备还设置为:根据所述加密口令还原所述验证信息,得到验证签名;判断所述验证签名与预设签名是否一致,其中,所述预设签名根据所述预设随机值确定;在所述验证签名与所述预设签名一致的情况下,确定所述验证结果为通过验证;在所述验证签名与所述预设签名不一致的情况下,确定所述验证结果为未通过验证。The device to be connected is further configured to: restore the verification information according to the encrypted password to obtain a verification signature; determine whether the verification signature is consistent with a preset signature, wherein the preset signature is based on the preset random value Determine; if the verification signature is consistent with the preset signature, determine that the verification result is verified; if the verification signature is inconsistent with the preset signature, determine that the verification result is not approved.
  10. 根据权利要求8所述的系统,其中,The system of claim 8, wherein,
    所述应用程序,还设置为查询历史连接记录中是否包括所述待连接设备的连接记录;若所述历史连接记录中未包括所述待连接设备的连接记录,则认为所述待连接设备是第一次与所述应用程序进行连接;在所述应用程序第一次与所述待连接设备进行连接的情况下,生成预设随机值和预设签名,并将所述预设随机值和预设签名发送至所述待 连接设备,其中,所述预设签名根据所述预设随机值确定;The application program is also configured to query whether the historical connection record includes the connection record of the device to be connected; if the connection record of the device to be connected is not included in the historical connection record, it is considered that the device to be connected is Connecting with the application program for the first time; when the application program is connected with the device to be connected for the first time, generating a preset random value and a preset signature, and combining the preset random value and sending a preset signature to the device to be connected, wherein the preset signature is determined according to the preset random value;
    所述待连接设备,还设置为检测是否存有所述应用程序提供的所述预设随机值和所述预设签名;若所述待连接设备中未存有所述应用程序提供的所述预设随机值和所述预设签名,则认为所述待连接设备是第一次与所述应用程序进行连接;在所述待连接设备是第一次与所述应用程序进行连接的情况下,存储所述应用程序提供的预设随机值和预设签名,并建立与所述应用程序的通信连接。The device to be connected is also configured to detect whether the preset random value and the preset signature provided by the application program exist; if the device to be connected does not store the preset random value and the preset signature, it is considered that the device to be connected is connected with the application for the first time; in the case that the device to be connected is connected with the application for the first time , storing the preset random value and the preset signature provided by the application program, and establishing a communication connection with the application program.
  11. 一种通信连接装置,包括:A communication connection device, comprising:
    第一接收单元,设置为接收应用程序发起的连接请求;The first receiving unit is configured to receive a connection request initiated by an application program;
    第一生成单元,设置为基于所述连接请求生成加密口令;a first generating unit configured to generate an encrypted password based on the connection request;
    第一发送单元,设置为将所述加密口令和预设随机值发送至所述应用程序,其中,所述应用程序根据所述加密口令和所述预设随机值生成验证信息;The first sending unit is configured to send the encrypted password and the preset random value to the application program, wherein the application program generates verification information according to the encrypted password and the preset random value;
    验证单元,设置为对所述验证信息进行验证,得到验证结果;A verification unit configured to verify the verification information to obtain a verification result;
    建立单元,设置为根据所述验证结果建立与所述应用程序的通信连接。An establishing unit configured to establish a communication connection with the application program according to the verification result.
  12. 根据权利要求11所述的通信连接装置,其中,所述验证单元包括:The communication connection device according to claim 11, wherein the verification unit comprises:
    还原模块,设置为根据所述加密口令还原所述验证信息,得到验证签名;A restore module, configured to restore the verification information according to the encrypted password to obtain a verification signature;
    第一判断模块,设置为判断所述验证签名与预设签名是否一致,其中,所述预设签名根据所述预设随机值确定;The first judging module is configured to judge whether the verification signature is consistent with a preset signature, wherein the preset signature is determined according to the preset random value;
    第一确定模块,设置为在所述验证签名与所述预设签名一致的情况下,确定所述验证结果为通过验证;The first determination module is configured to determine that the verification result is passed the verification when the verification signature is consistent with the preset signature;
    第二确定模块,设置为在所述验证签名与所述预设签名不一致的情况下,确定所述验证结果为未通过验证。The second determination module is configured to determine that the verification result fails the verification when the verification signature is inconsistent with the preset signature.
  13. 根据权利要求11所述的通信连接装置,其中,所述装置还包括:The communication connection device according to claim 11, wherein the device further comprises:
    第一检测单元,设置为在接收应用程序发起的连接请求之后,检测待连接设备是否第一次与应用程序进行连接;The first detection unit is configured to detect whether the device to be connected is connected to the application program for the first time after receiving the connection request initiated by the application program;
    存储单元,设置为在待连接设备是第一次与应用程序进行连接的情况下,存储应用程序提供的预设随机值和预设签名,并建立与应用程序的通信连接,其中,应用程序根据预设随机值生成预设签名。The storage unit is configured to store a preset random value and a preset signature provided by the application program when the device to be connected is connected to the application program for the first time, and establish a communication connection with the application program, wherein the application program is based on A preset random value generates a preset signature.
  14. 根据权利要求13所述的通信连接装置,其中,所述第一检测单元包括:The communication connection device according to claim 13, wherein the first detection unit comprises:
    检测模块,设置为检测待连接设备是否存有应用程序提供的预设随机值和预设签名;The detection module is configured to detect whether the device to be connected has a preset random value and a preset signature provided by the application;
    第三确定模块,设置为若待连接设备中未存有应用程序提供的预设随机值和预设签名,则认为待连接设备是第一次与应用程序进行连接;The third determination module is configured to consider that the device to be connected is connected to the application program for the first time if there is no preset random value and preset signature provided by the application program in the device to be connected;
    第四确定模块,设置为若待连接设备中存有应用程序提供的预设随机值和预设签名,则认为待连接设备不是第一次与应用程序进行连接。The fourth determining module is configured to consider that the device to be connected is not the first time to connect with the application if the device to be connected has a preset random value and a preset signature provided by the application.
  15. 一种通信连接装置,包括:A communication connection device, comprising:
    第二发送单元,设置为向待连接设备发出的连接请求;The second sending unit is configured as a connection request sent to the device to be connected;
    第二接收单元,设置为接收所述待连接设备提供的加密口令和预设随机值,其中,所述待连接设备根据所述连接请求生成所述加密口令,所述待连接设备预先存有所述预设随机值;The second receiving unit is configured to receive an encrypted password and a preset random value provided by the device to be connected, wherein the device to be connected generates the encrypted password according to the connection request, and the device to be connected has previously stored the preset random value;
    第二生成单元,设置为根据所述加密口令和所述预设随机值生成验证信息;A second generating unit configured to generate verification information according to the encrypted password and the preset random value;
    第三发送单元,设置为向所述待连接设备发送验证信息,其中,所述待连接设备对所述验证信息进行验证,得到验证结果;并根据所述验证结果建立通信连接。The third sending unit is configured to send verification information to the device to be connected, wherein the device to be connected verifies the verification information to obtain a verification result; and establishes a communication connection according to the verification result.
  16. 根据权利要求15所述的通信连接装置,其中,所述装置还包括:The communication connection device according to claim 15, wherein said device further comprises:
    第二检测单元,设置为在向待连接设备发出的连接请求之后,检测应用程序是否第一次与待连接设备进行连接;The second detection unit is configured to detect whether the application program is connected to the device to be connected for the first time after the connection request sent to the device to be connected;
    第四发送单元,设置为在所述应用程序第一次与所述待连接设备进行连接的情况下,所述应用程序生成预设随机值和预设签名,并将所述预设随机值和预设签名发送至所述待连接设备,其中,所述预设签名根据所述预设随机值确定。The fourth sending unit is configured to generate a preset random value and a preset signature by the application program when the application program is connected to the device to be connected for the first time, and combine the preset random value and the The preset signature is sent to the device to be connected, wherein the preset signature is determined according to the preset random value.
  17. 根据权利要求16所述的通信连接装置,其中,所述第二检测单元包括:The communication connection device according to claim 16, wherein the second detection unit comprises:
    查询模块,设置为查询应用程序的历史连接记录中是否包括所述待连接设备的连接记录;A query module, configured to query whether the connection record of the device to be connected is included in the historical connection record of the application;
    第五确定模块,设置为若所述历史连接记录中未包括所述待连接设备的连接记录,则认为所述待连接设备是第一次与所述应用程序进行连接;The fifth determination module is configured to consider that the device to be connected is connected to the application program for the first time if the historical connection record does not include the connection record of the device to be connected;
    第六确定模块,设置为若所述历史连接记录中包括所述待连接设备的连接记录,则认为所述待连接设备不是第一次与所述应用程序进行连接。The sixth determination module is configured to consider that the connection between the device to be connected and the application program is not the first time if the historical connection record includes the connection record of the device to be connected.
  18. 一种计算机可读存储介质,其中,所述计算机可读存储介质包括存储的程序,其中,在所述程序运行时控制所述计算机可读存储介质所在设备执行权利要求1至7中任意一项所述通信连接方法。A computer-readable storage medium, wherein the computer-readable storage medium includes a stored program, wherein when the program is running, the device where the computer-readable storage medium is located is controlled to perform any one of claims 1 to 7 The communication connection method.
  19. 一种电子装置,包括存储器和处理器,其中,所述存储器中存储有计算机程序,所述处理器被设置为通过所述计算机程序执行所述权利要求1至7任一项中所述的方法。An electronic device, comprising a memory and a processor, wherein a computer program is stored in the memory, and the processor is configured to execute the method described in any one of claims 1 to 7 through the computer program .
PCT/CN2022/110338 2021-12-10 2022-08-04 Communicative connection method, system, and apparatus, storage medium, and processor WO2023103425A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202111511059.3A CN114254342A (en) 2021-12-10 2021-12-10 Communication connection method, system, device, storage medium and processor
CN202111511059.3 2021-12-10

Publications (1)

Publication Number Publication Date
WO2023103425A1 true WO2023103425A1 (en) 2023-06-15

Family

ID=80794759

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/110338 WO2023103425A1 (en) 2021-12-10 2022-08-04 Communicative connection method, system, and apparatus, storage medium, and processor

Country Status (2)

Country Link
CN (1) CN114254342A (en)
WO (1) WO2023103425A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114254342A (en) * 2021-12-10 2022-03-29 青岛海尔科技有限公司 Communication connection method, system, device, storage medium and processor

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106169993A (en) * 2016-06-28 2016-11-30 北京华大领创智能科技有限公司 A kind of safety certifying method, equipment and server
CN110289956A (en) * 2019-06-27 2019-09-27 飞天诚信科技股份有限公司 A kind of cloud speaker updates the method and system of configuration
CN110753345A (en) * 2019-10-08 2020-02-04 武汉光庭信息技术股份有限公司 TBox communication method and TBox device
CN111343634A (en) * 2020-03-05 2020-06-26 深圳市丰鑫科技服务有限公司 Safe connection method and data transmission method between low-power-consumption Bluetooth devices
CN111405537A (en) * 2020-03-23 2020-07-10 杭州涂鸦信息技术有限公司 Bidirectional security authentication method based on ble connection, system and equipment thereof
US20200228337A1 (en) * 2019-01-15 2020-07-16 Thales Avionics, Inc. Inflight entertainment system that securely pairs and communicates with a user device based on multiple security controls
CN113194465A (en) * 2021-04-20 2021-07-30 歌尔股份有限公司 BLE connection verification method and device between terminals and readable storage medium
CN113225690A (en) * 2020-01-21 2021-08-06 华为技术有限公司 Bluetooth connection method, system and electronic equipment
CN114254342A (en) * 2021-12-10 2022-03-29 青岛海尔科技有限公司 Communication connection method, system, device, storage medium and processor

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106169993A (en) * 2016-06-28 2016-11-30 北京华大领创智能科技有限公司 A kind of safety certifying method, equipment and server
US20200228337A1 (en) * 2019-01-15 2020-07-16 Thales Avionics, Inc. Inflight entertainment system that securely pairs and communicates with a user device based on multiple security controls
CN110289956A (en) * 2019-06-27 2019-09-27 飞天诚信科技股份有限公司 A kind of cloud speaker updates the method and system of configuration
CN110753345A (en) * 2019-10-08 2020-02-04 武汉光庭信息技术股份有限公司 TBox communication method and TBox device
CN113225690A (en) * 2020-01-21 2021-08-06 华为技术有限公司 Bluetooth connection method, system and electronic equipment
CN111343634A (en) * 2020-03-05 2020-06-26 深圳市丰鑫科技服务有限公司 Safe connection method and data transmission method between low-power-consumption Bluetooth devices
CN111405537A (en) * 2020-03-23 2020-07-10 杭州涂鸦信息技术有限公司 Bidirectional security authentication method based on ble connection, system and equipment thereof
CN113194465A (en) * 2021-04-20 2021-07-30 歌尔股份有限公司 BLE connection verification method and device between terminals and readable storage medium
CN114254342A (en) * 2021-12-10 2022-03-29 青岛海尔科技有限公司 Communication connection method, system, device, storage medium and processor

Also Published As

Publication number Publication date
CN114254342A (en) 2022-03-29

Similar Documents

Publication Publication Date Title
US10691788B2 (en) Systems and methods for provisioning a camera with a dynamic QR code and a BLE connection
US10681540B2 (en) Communication network system, transmission node, reception node, and message checking method
WO2018050081A1 (en) Device identity authentication method and apparatus, electric device, and storage medium
CN103246842B (en) For verifying the method and apparatus with data encryption
US8214649B2 (en) System and method for secure communications between at least one user device and a network entity
CN108111497B (en) Mutual authentication method and device for camera and server
CN110392014B (en) Communication method and device between Internet of things devices
EP3972293B1 (en) Bluetooth device connection methods and bluetooth devices
CN109150897B (en) End-to-end communication encryption method and device
TW201706900A (en) Method and device for authentication using dynamic passwords
CN111869249A (en) Safe BLE JUST WORKS pairing method for man-in-the-middle attack
JP6190404B2 (en) Receiving node, message receiving method and computer program
CN109831311B (en) Server verification method, system, user terminal and readable storage medium
CN114125832B (en) Network connection method, terminal, network equipment to be distributed and storage medium
CN104836784A (en) Information processing method, client, and server
CN110690956A (en) Bidirectional authentication method and system, server and terminal
WO2023103425A1 (en) Communicative connection method, system, and apparatus, storage medium, and processor
CN111901303A (en) Device authentication method and apparatus, storage medium, and electronic apparatus
CN106714158B (en) WiFi access method and device
CN117041956A (en) Communication authentication method, device, computer equipment and storage medium
US9027096B2 (en) Method and device for enhancing security of user security model
CN116527261A (en) Key recovery method, electronic device and storage medium
CN115987655A (en) Remote access method, system and equipment based on user identity deep recognition
CN106789076B (en) Interaction method and device for server and intelligent equipment
KR100901279B1 (en) Wire/Wireless Network Access Authentication Method using Challenge Message based on CHAP and System thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22902859

Country of ref document: EP

Kind code of ref document: A1