[go: up one dir, main page]

CN113098824A - Method, device, system, equipment and medium for transmitting request message of CXF framework - Google Patents

Method, device, system, equipment and medium for transmitting request message of CXF framework Download PDF

Info

Publication number
CN113098824A
CN113098824A CN201911335767.9A CN201911335767A CN113098824A CN 113098824 A CN113098824 A CN 113098824A CN 201911335767 A CN201911335767 A CN 201911335767A CN 113098824 A CN113098824 A CN 113098824A
Authority
CN
China
Prior art keywords
request
data
http request
encryption
digest
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911335767.9A
Other languages
Chinese (zh)
Inventor
赵江涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Group Shanxi Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Group Shanxi Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Group Shanxi Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201911335767.9A priority Critical patent/CN113098824A/en
Publication of CN113098824A publication Critical patent/CN113098824A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses a method, a device, a system, equipment and a medium for transmitting a request message based on a CXF framework. The method comprises the following steps: creating an HTTP request and generating an encryption and decryption key corresponding to the HTTP request; encrypting the request data of the HTTP request by using an encryption and decryption key to obtain request ciphertext data; calculating the abstract of the request data according to an abstract algorithm, and encrypting the abstract by using a first public key to obtain an abstract signature of the request data; encrypting the encryption and decryption key by adopting the first public key to obtain ciphertext data of the encryption and decryption key; generating a HTTP request message based on the creation time of the HTTP request, request ciphertext data, the digest signature of the request data and ciphertext data of an encryption and decryption key; and sending the request message to a CXF receiving end of the HTTP request. According to the scheme provided by the embodiment of the invention, the transmission safety of the request message can be improved.

Description

Method, device, system, equipment and medium for transmitting request message of CXF framework
Technical Field
The present invention relates to the field of communications, and in particular, to a method, an apparatus, a system, a device, and a medium for transmitting a request packet based on a CXF framework.
Background
With the development of the internet, a service-oriented architecture (CXF) has almost become the mainstream of an enterprise application architecture, and CXF has been applied to various software industries as a data interaction mode between systems, and has become an important function in the systems. The risk of secure transmission of data is involved when the system starts to transmit data.
Disclosure of Invention
Embodiments of the present invention provide a method, an apparatus, a system, a device, and a medium for transmitting a request packet based on a CXF framework, which can improve transmission security of the request packet.
In a first aspect, a CXF framework-based request packet transmission method is provided, where the method is applied to a CXF initiator of an HTTP request, and includes: creating a hypertext transfer protocol (HTTP) request and generating an encryption and decryption key corresponding to the HTTP request; encrypting the request data of the HTTP request by using an encryption and decryption key to obtain request ciphertext data; calculating the abstract of the request data according to an abstract algorithm, and encrypting the abstract by using a first public key to obtain an abstract signature of the request data; encrypting the encryption and decryption key by adopting the first public key to obtain ciphertext data of the encryption and decryption key; generating a HTTP request message based on the creation time of the HTTP request, request ciphertext data, the digest signature of the request data and ciphertext data of an encryption and decryption key; and sending the request message to a CXF receiving end of the HTTP request.
According to the CXF frame-based request message transmission method in the embodiment of the invention, in the HTTP request transmission process, the encryption and decryption key can be used for encrypting the request data, and the ciphertext data of the encryption and decryption key, the digest signature of the request data and the creation time of the HTTP request are transmitted to the receiving end of the HTTP request through the HTTP request message, so that the transmission security of the request message can be improved.
In an optional implementation manner, encrypting the request data of the current HTTP request by using an encryption/decryption key to obtain request ciphertext data includes: converting the text format of the request data to obtain the request data in the character string format; and encrypting the request data in the character string format by using the encryption and decryption key to obtain request ciphertext data.
By the embodiment, the text format of the request data is converted into the character string format and then transmitted, so that the transmission rate of the data can be improved.
In an alternative embodiment, computing a digest of the requested data according to a digest algorithm includes: converting the text format of the request data to obtain the request data in the character string format; and calculating the request data in the character string format by using a summary algorithm to obtain the summary of the request data.
By the implementation mode, the text format of the request data is converted into the character string format and then the abstract is calculated, so that the transmission rate of the data can be improved.
In an optional implementation manner, generating the HTTP request packet based on the creation time of the HTTP request, the request ciphertext data, the digest signature of the request data, and the ciphertext data of the encryption/decryption key includes: writing the creating time of the HTTP request into a timestamp field of a message header of the HTTP request message; writing the abstract signature of the request data into an authentication field of a message header of the HTTP request message; writing the cipher text data of the encryption and decryption key into a security key field of a message header of the HTTP request message; and writing the request ciphertext data into the message body of the HTTP request message.
By the embodiment, the information is placed at the predefined position of the HTTP request message, so that the receiving party can accurately read the information such as the creation time of the HTTP request, the request ciphertext data, the digest signature of the request data, the ciphertext data of the encryption and decryption keys and the like from the HTTP request message.
In an alternative embodiment, the encryption and decryption keys are AES keys.
By the embodiment, the request data ciphertext is prevented from being illegally reversely decrypted
In a second aspect, a CXF framework-based request packet transmission method is provided, where the method is applied to a CXF receiving end of an HTTP request, and includes: receiving an HTTP request message sent by an initiating terminal of an HTTP request; verifying the authenticity of the HTTP request by using the creation time in the HTTP request message; if the verification result shows that the HTTP request has authenticity, decrypting the ciphertext data of the encryption and decryption key in the HTTP request message by using a first private key corresponding to the first public key to obtain the encryption and decryption key; decrypting the request ciphertext data in the HTTP request message by using the encryption and decryption key obtained by decryption to obtain the request data of the HTTP request; calculating an auxiliary verification abstract of the request data obtained by decryption by using an abstract algorithm, and decrypting an abstract signature of the request data in the HTTP request message by using a first private key to obtain an abstract of the request data; if the auxiliary verification abstract is consistent with the abstract of the request data, verifying that the request data of the HTTP request has integrity, responding to the request data of the HTTP request obtained by decryption, and generating response ciphertext data; and sending the response ciphertext data to the CXF initiating end of the HTTP request.
According to the CXF frame-based request message transmission method in the embodiment of the invention, in the HTTP request transmission process, the encryption and decryption key can be used for encrypting the request data, and the ciphertext data of the encryption and decryption key, the digest signature of the request data and the creation time of the HTTP request are transmitted to the CXF receiving end of the HTTP request through the HTTP request message, so that the transmission security of the request message can be improved.
In an alternative embodiment, generating response ciphertext data in response to the request data of the decrypted HTTP request includes: responding to the request data of the HTTP request obtained by decryption to generate response data; and encrypting the response data by using the encryption and decryption key to obtain response ciphertext data.
In an optional implementation manner, verifying the authenticity of the HTTP request by using the creation time in the HTTP request message includes: acquiring the current moment; if the time difference between the creation time and the current time is less than or equal to the preset time, verifying that the HTTP request is authentic; and if the time difference between the creation time and the current time is greater than the preset time, verifying that the HTTP request does not have authenticity.
Through the embodiment, the request message received by the CXF receiving end can be guaranteed to have authenticity.
In a third aspect, a CXF framework-based request packet transmission apparatus is provided, including: the request creating module is used for creating a hypertext transfer protocol (HTTP) request, acquiring the creating time of the HTTP request and generating an encryption and decryption key corresponding to the HTTP request; the first encryption module is used for encrypting the request data of the HTTP request by using the encryption and decryption key to obtain request ciphertext data; the digest signature generation module is used for calculating the digest of the request data according to a digest algorithm and encrypting the digest by using a first public key to obtain a digest signature of the request data; the second encryption module is used for encrypting the encryption and decryption key by adopting the first public key to obtain ciphertext data of the encryption and decryption key; the message generation module is used for generating the HTTP request message based on the creation time of the request, the request ciphertext data, the digest signature of the request data and the ciphertext data of the encryption and decryption keys; and the sending module is used for sending the request message to a receiving end of the request.
In a fourth aspect, a CXF framework-based request packet transmission apparatus is provided, including: the receiving module is used for receiving an HTTP request message sent by an initiating end of an HTTP request; the verification module is used for verifying the authenticity of the HTTP request by utilizing the creation time in the HTTP request message; the first decryption module is used for decrypting the ciphertext data of the encryption and decryption key in the HTTP request message by using a first private key corresponding to the first public key to obtain the encryption and decryption key if the verification result shows that the HTTO request has authenticity; the second decryption module is used for decrypting the request ciphertext data in the HTTP request message by using the encryption and decryption key obtained by decryption to obtain the request data of the HTTP request; the third decryption module is used for calculating the auxiliary verification digest of the request data obtained by decryption by using a digest algorithm, and decrypting the digest signature of the request data in the HTTP request message by using the first private key to obtain the digest of the request data; the response module is used for verifying the integrity of the request data of the HTTP request if the auxiliary verification abstract is consistent with the abstract of the request data, responding to the request data of the HTTP request obtained by decryption, and generating response ciphertext data; and the sending module is used for sending the response ciphertext data to the CXF initiating end of the HTTP request.
In a fifth aspect, a CXF framework-based request packet transmission system is provided, which includes: a CXF initiator configured to implement the HTTP request of the request packet transmission method provided in the first aspect or any optional implementation manner of the first aspect, and a CXF receiver configured to implement the HTTP request of the request packet transmission method provided in the second aspect or any optional implementation manner of the second aspect.
In a sixth aspect, there is provided an apparatus comprising: a memory for storing a program; a processor, configured to run a program stored in a memory, to execute the method for transmitting a request packet based on a CXF framework according to the first aspect or any optional implementation manner of the first aspect, or to execute the method for transmitting a request packet based on a CXF framework according to the second aspect or any optional implementation manner of the second aspect.
A seventh aspect provides a computer storage medium, where computer program instructions are stored on the computer storage medium, and when executed by a processor, implement the method for transmitting a request packet based on a CXF framework provided in the first aspect or any optional implementation manner of the first aspect, or implement the method for transmitting a request packet based on a CXF framework provided in the second aspect or any optional implementation manner of the second aspect.
According to the CXF frame-based request message transmission method, device, system, equipment and medium in the embodiment of the invention, in the HTTP request transmission process, the encryption and decryption key can be used for encrypting the request data, and the ciphertext data of the encryption and decryption key, the digest signature of the request data and the creation time of the HTTP request are transmitted to the receiving end of the HTTP request through the HTTP request message, so that the transmission security of the request message can be improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic flow chart of a method for transmitting a request packet based on a CXF framework according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of another method for transmitting a request packet based on a CXF framework according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a request packet transmission apparatus based on a CXF framework according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of another CXF framework-based request packet transmission apparatus according to an embodiment of the present invention;
fig. 5 is a system architecture diagram of a CXF framework-based request packet transmission system according to an embodiment of the present invention;
fig. 6 is a structural diagram of an exemplary hardware architecture of a request packet transmission device based on a CXF framework according to an embodiment of the present invention.
Detailed Description
Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not to be construed as limiting the invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present invention by illustrating examples of the present invention.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The embodiment of the invention provides a CXF (extensible markup language) framework-based request message transmission scheme, which can be applied to a specific scene of transmitting an HTTP (hyper text Transfer Protocol) request message between an initiating terminal and a receiving terminal of the HTTP request. According to the technical scheme provided by the embodiment of the invention, in the transmission process of the HTTP request, the encryption and decryption key can be used for encrypting the request data, and the ciphertext data of the encryption and decryption key, the digest signature of the request data and the creation time of the HTTP request are transmitted to the receiving end of the HTTP request through the HTTP request message, so that the transmission safety of the request message can be improved.
For better understanding of the present invention, a method, an apparatus, a system, a device, and a medium for transmitting a request packet based on a CXF framework according to an embodiment of the present invention will be described in detail below with reference to the accompanying drawings.
Fig. 1 is a schematic flow chart of a method for transmitting a request packet based on a CXF framework according to an embodiment of the present invention. The execution subject of each step of the embodiment of the present invention may be a CXF initiator of an HTTP request. As shown in fig. 1, the method 100 for transmitting a request packet based on a CXF framework in this embodiment may include the following steps S110 to S160.
S110, creating an HTTP request and generating an encryption and decryption key corresponding to the HTTP request. Specifically, in the embodiment of the present invention, each time an HTTP request is created, an encryption/decryption key corresponding to the request is correspondingly generated. In one embodiment, the HTTP request of an embodiment of the present invention conforms to a Representational State Transfer (REST) mode.
In S110, each time an http request is created, an encryption/decryption key needs to be dynamically generated to encrypt the requested data using the encryption/decryption key. The generation of a new encryption and decryption key is required for each request mainly to prevent data leakage. If the same encryption and decryption keys are used fixedly, data is exposed to the risk of leakage if the encryption and decryption keys are leaked.
And S120, encrypting the request data of the HTTP request by using the encryption and decryption key to obtain request ciphertext data. In order to prevent the request data ciphertext from being illegally and reversely decrypted, the encryption and decryption key may be an Advanced Encryption Standard (AES) key.
In one embodiment, S120 includes a first step and a second step.
The method comprises the following steps of firstly, converting the text format of the request data to obtain the request data in the character string format. Illustratively, the text data of the request data may be converted into a JAVA description Object Notation (json) string format. Specifically, the GSON package (i.e., a Java library used to convert Java objects into JSON data) can be utilized to generate the requested data in JSON string format. The request data may also be converted into other character string formats other than the json format, such as ASCII format, according to the actual scene and the working requirement, which is not described herein again.
And a second step of encrypting the request data in the character string format by using the encryption and decryption key to obtain request ciphertext data.
Through the two steps of S120, the text format of the request data is converted into the string format and then transmitted, so that the data transmission rate can be increased.
It should be noted that, in the embodiment of the present invention, because the data size of the request data is large, a symmetric encryption algorithm is selected when the request data is encrypted, and the encryption speed can be ensured.
S130, calculating the abstract of the request data according to an abstract algorithm, and encrypting the abstract by using the first public key to obtain an abstract signature of the request data.
First, for the Digest Algorithm in S130, the embodiment of the present invention may adopt an MD5 Message Digest Algorithm (MD5 Message-Digest Algorithm, MD5), a Secure Hash Algorithm (Secure Hash Algorithm, sha1), a sha256 Algorithm (i.e., a Hash value Algorithm), an SM3 Algorithm (i.e., a cryptographic Hash function standard), and the like. The encryption algorithm of the digest is not limited, and may be a symmetric encryption algorithm or an asymmetric encryption algorithm, which is not limited. In one example, to prevent reverse cracking of requested data through its digest, the MD5 algorithm may be selected as the digest algorithm.
Secondly, for the first public key, the asymmetric encryption algorithm corresponding to the first public key may be an RSA algorithm (i.e. an asymmetric encryption algorithm), an Elliptic encryption algorithm (ECC), an Elgamal algorithm (i.e. an asymmetric encryption algorithm), a back-pack algorithm, etc., which is not limited herein. In one example, to increase security strength, the first public key may be an RSA public key generated based on an RSA algorithm.
It should be noted that, in the embodiment of the present invention, since the data volume of the digest of the requested data is small, an asymmetric encryption algorithm with a complicated encryption algorithm is selected when the digest is encrypted, and the security of the digest data can be ensured while the encryption speed is ensured.
In addition, different keys are adopted when calculating the digest signatures of the request ciphertext data and the request data, so that the safety of the data is ensured.
In one embodiment, since the request data may be first converted into the request data in the character string format when the request data is encrypted in S120, correspondingly, a digest of the request data in the character string format may also be generated in S130. Specifically, the embodiment of S130 may include the following first and second steps.
The first step is to convert the text format of the request data to obtain the request data in the character string format. For specific implementation of this step, reference may be made to the description of the first step in S120 in the foregoing embodiment of the present invention, and details are not described herein again.
And secondly, calculating the request data in the character string format by using a summary algorithm to obtain the summary of the request data. For the specific implementation of this step, reference may be made to the description of the summary algorithm in S120 in the above embodiment of the present invention, and details are not described herein again.
The text format of the requested data is converted into the character string format and then the abstract is calculated, so that the transmission rate of the data can be improved.
S140, the encryption and decryption key is encrypted by the first public key to obtain ciphertext data of the encryption and decryption key. The specific content of the first public key may refer to the related description of the first public key in S120, and is not described herein again.
Since the AES key may also need to be passed in order for the receiver to view the requested plaintext data when passing the requested ciphertext data. The first public key is adopted to encrypt the encryption and decryption key, so that the security of the AES key can be ensured.
S150, generating the HTTP request message based on the creating time of the HTTP request, the request ciphertext data, the digest signature of the request data and the ciphertext data of the encryption and decryption keys. In order to ensure the credibility of the creation time of the current HTTP request, the creation time of the current HTTP request may be a trusted timestamp acquired from the rights trusted timestamp service center.
In S150, in order to enable the receiving side to read information such as the creation time of the HTTP request, request ciphertext data, the digest signature of the request data, and ciphertext data of the encryption/decryption key from the HTTP request message, the information may be placed at a predefined position of the HTTP request message.
In one embodiment, a specific implementation of S150 includes the following first to fourth steps.
The method comprises the steps of firstly, writing the creation time of the HTTP request into a TimesTamp TimeTamp field of a message header of the HTTP request message.
And secondly, writing the abstract signature of the request data into an Authentication field of a message header of the HTTP request message.
And thirdly, writing the cipher text data of the encryption and decryption key into a security key SecurityKey field of a message header of the HTTP request message.
And fourthly, writing the request ciphertext data into a message body HTTP body of the HTTP request message.
It should be noted that, in the embodiment of the present invention, the execution sequence between the first step and the fourth step in S150 is not limited, and may be executed synchronously or asynchronously.
And S160, sending the request message to the CXF receiving end of the HTTP request.
According to the CXF frame-based request message transmission method, device, system, equipment and medium in the embodiment of the invention, in the HTTP request transmission process, the encryption and decryption key can be used for encrypting the request data, and the ciphertext data of the encryption and decryption key, the digest signature of the request data and the creation time of the HTTP request are transmitted to the receiving end of the HTTP request through the HTTP request message, so that the transmission security of the request message can be improved.
After the CXF sending end sends the HTTP request message to the CXF receiving end, the CXF receiving end needs to perform security verification based on the HTTP request message, extract real request data after the verification is passed, and respond to the real request data to return the request message. Specifically, the following part of the embodiment of the present invention specifically describes the steps executed by the CXF receiving end.
Fig. 2 is a schematic flow chart of another method for transmitting a request packet based on a CXF framework according to an embodiment of the present invention. The execution main body of each step of the embodiment of the present invention may be a CXF receiving end of an HTTP request. As shown in fig. 2, the method 200 for transmitting a request packet based on a CXF framework in this embodiment may include the following steps S210 to S270.
S210, receiving an HTTP request message sent by a CXF initiating end of the HTTP request. The specific content of the HTTP request packet is described in detail in the related description of the CXF framework-based request packet transmission method 100 in the foregoing embodiment of the present invention, which is described in conjunction with fig. 1, and is not described herein again.
S220, verifying the authenticity of the HTTP request by using the creation time in the HTTP request message. Specifically, the creation time of the HTTP request packet may be extracted from the HTTP request packet, and the creation time may be compared with the current time for verification.
In an embodiment, since the CXF sending end writes the creation time in the HTTP request message into a predefined field of the HTTP request message, for example, a timestmamp field of a header of the HTTP request message. After obtaining the HTTP request message, the creation time needs to be extracted from the predefined field.
In one embodiment, after the creation time is extracted from the HTTP request message, S220 further includes the following first to third steps.
The method comprises the first step of obtaining the current time. In order to ensure the credibility of the current time, the current time may be a trusted time obtained from a trusted time source.
And secondly, if the time difference between the creation time and the current time is less than or equal to the preset time, verifying that the HTTP request is authentic. The preset time period may be set according to a specific work scene and a work requirement, and may be set to five minutes, for example. That is, if the time interval between the current time and the creation time is within five minutes, the HTTP request is considered authentic, and S230 may be continuously performed downward.
And step three, if the time difference between the creation time and the current time is greater than the preset time, verifying that the HTTP request does not have authenticity. Illustratively, if the time interval between the current time and the creation time exceeds five minutes, the HTTP request is considered not authentic, that is, the HTTP request message is illegal. In one example, after determining that the HTTP request is not authentic, the CXF receiver may not respond to the HTTP request message and discard the HTTP request message.
And S230, if the verification result shows that the HTTP request has authenticity, decrypting the ciphertext data of the encryption and decryption key in the HTTP request message by using the first private key corresponding to the first public key to obtain the encryption and decryption key. Wherein the first private key and the first public key may be generated using the same asymmetric encryption algorithm. For example, after the CXF receiving end generates the first public key and the first private key by using the asymmetric encryption algorithm, the CXF receiving end may store the first private key and send the first public key to the CXF sending end. The first public key may be an RSA public key, and the first private key may be an RSA private key.
In one embodiment, after obtaining the HTTP request message, ciphertext data of the encryption and decryption keys may need to be extracted from the predefined field. For example, the SecurityKey field of the header of the message may be requested from HTTP.
S240, the encrypted and decrypted key obtained by decryption is used for decrypting the request ciphertext data in the HTTP request message to obtain the request data of the HTTP request.
In one embodiment, if the CXF sending end first converts the request data into a predefined string format and then encrypts the converted request data to obtain the request ciphertext data. Correspondingly, after the CXF receiving end decrypts the request ciphertext data, the original request data of the HTTP request can be obtained only after the decrypted request plaintext data is decoded by using the decoding format corresponding to the character string format.
In one embodiment, after obtaining the HTTP request message, the request ciphertext data may need to be extracted from the predefined field. For example, the request ciphertext data may be extracted from the body HTTP body of the HTTP request message.
And S250, calculating the auxiliary verification digest of the request data obtained by decryption by using a digest algorithm, and decrypting the digest signature of the request data in the HTTP request message by using the first private key to obtain the digest of the request data. The digest algorithm in S250 needs to be the same as the digest algorithm used by the CXF sender of the HTTP request. For example, as in the md5 algorithm.
For example, if the digest algorithm md5 algorithm and the first secret key is the RSA private key, the implementation of S250 includes: first, the request data decrypted in S240 is digested by md5 to generate an auxiliary verification digest md5 Str. Secondly, the digest signature of the request data is obtained, and the RSA private key stored at the receiving end is used for decryption to obtain the digest rsaDecryptStr of the request data.
In some embodiments, after obtaining the HTTP request message, it is also necessary to extract the digest signature of the request data from the predefined field. For example, a digest signature of the request data may be extracted from the Authentication field of the header of the HTTP request message.
In one embodiment, if the CXF sender converts the request data into the string format first and then generates the request encrypted data, and the request data digest signature is generated by using the request data in the string format. Then in S250, a digest may be calculated for the request data in the string format decrypted in S240, and an auxiliary verification digest may be generated.
And S260, if the auxiliary verification abstract is consistent with the abstract of the request data, verifying that the request data of the HTTP request has integrity, responding to the request data of the HTTP request obtained by decryption, and generating response ciphertext data.
In one embodiment, S260 specifically includes: and responding to the request data of the HTTP request obtained by decryption to generate response data. And encrypting the response data by using the encryption and decryption key to obtain response ciphertext data. The response data may be a message indicating that the response to the HTTP request is successful, or may be a message indicating that the response to the HTTP request is failed.
In an embodiment, there is also a case that the auxiliary verification digest is not consistent with the digest of the requested data, and if it is determined that the auxiliary verification digest is not consistent with the digest of the requested data, it is proved that the requested data decrypted in S240 has no integrity and may be illegally tampered. To ensure data security, the requested data may be discarded and responses to the requested data denied.
And S270, sending the response ciphertext data to the CXF initiating end of the HTTP request.
According to the CXF frame-based request message transmission method in the embodiment of the invention, in the HTTP request transmission process, the request data can be encrypted by using the encryption and decryption key, the ciphertext data of the encryption and decryption key, the digest signature of the request data and the creation time of the HTTP request are transmitted to the CXF receiving end of the HTTP request through the HTTP request message, and the CXF receiving end can verify the integrity of the request data by using the digest signature of the request data, for example, the authenticity of the HTTP request at the creation time of the HTTP request, so that the transmission security of the request message can be improved.
An apparatus according to an embodiment of the present invention will be described in detail below with reference to the accompanying drawings.
Based on the same inventive concept, the embodiment of the invention provides a device for transmitting a request message based on a CXF framework. Fig. 3 is a schematic structural diagram of a request packet transmission apparatus based on a CXF framework according to an embodiment of the present invention. As shown in fig. 3, the CXF framework-based request message transmission apparatus 300 includes a request creation module 310, a first encryption module 320, a digest signature generation module 330, a second encryption module 340, a message generation module 350, and a transmission module 360.
The request creating module 310 is configured to create a hypertext transfer protocol HTTP request, obtain a creation time of the current HTTP request, and generate an encryption and decryption key corresponding to the current HTTP request.
The first encryption module 320 is configured to encrypt the request data of the current HTTP request by using the encryption and decryption key to obtain request ciphertext data.
The digest signature generation module 330 is configured to calculate a digest of the requested data according to a digest algorithm, and encrypt the digest by using the first public key to obtain a digest signature of the requested data.
The second encryption module 340 is configured to encrypt the encryption and decryption key by using the first public key to obtain ciphertext data of the encryption and decryption key.
The message generating module 350 is configured to generate the HTTP request message based on the creation time of the request, the request ciphertext data, the digest signature of the request data, and the ciphertext data of the encryption/decryption key.
The sending module 360 is configured to send the request packet to the CXF receiving end of the request.
In some embodiments, the first encryption module 320 specifically includes a format conversion unit and an encryption unit.
The format conversion unit is used for converting the text format of the request data to obtain the request data in the character string format.
And the encryption unit is used for encrypting the request data in the character string format by using the encryption and decryption key to obtain the request ciphertext data.
In some embodiments, digest signature generation module 330 includes a format conversion unit and a digest calculation unit.
The format conversion unit is used for converting the text format of the request data to obtain the request data in the character string format.
And the abstract calculating unit is used for calculating the request data in the character string format by using an abstract algorithm to obtain the abstract of the request data.
In some embodiments, the message generation module 350 includes first to fourth generation units.
And the first generating unit is used for writing the creation time of the HTTP request into a timestamp field of a message header of the HTTP request message.
And the second generation unit is used for writing the abstract signature of the request data into the authentication field of the message header of the HTTP request message.
And the third generating unit is used for writing the cipher text data of the encryption and decryption key into the security key field of the message header of the HTTP request message.
And the fourth generating unit is used for writing the request ciphertext data into the message body of the HTTP request message.
In some embodiments, the encryption and decryption keys are Advanced Encryption Standard (AES) keys.
Other details of the CXF framework-based request packet transmission apparatus according to the embodiment of the present invention are similar to the CXF framework-based request packet transmission method according to the embodiment of the present invention described above with reference to fig. 1, and are not described herein again.
According to the CXF frame-based request message transmission device in the embodiment of the invention, in the HTTP request transmission process, the encryption and decryption key can be used for encrypting the request data, and the ciphertext data of the encryption and decryption key, the digest signature of the request data and the creation time of the HTTP request are transmitted to the receiving end of the HTTP request through the HTTP request message, so that the transmission security of the request message can be improved.
Based on the same inventive concept, the embodiment of the invention provides a device for transmitting a request message based on a CXF framework. Fig. 4 is a schematic structural diagram of another CXF framework-based request packet transmission apparatus according to an embodiment of the present invention. As shown in fig. 4, the CXF framework-based request packet transmission apparatus 400 includes:
the receiving module 410 is configured to receive an HTTP request message sent by an originating end of an HTTP request.
And the verification module 420 is configured to verify the authenticity of the HTTP request by using the creation time in the HTTP request message.
And the first decryption module 430 is configured to, if the verification result indicates that the HTTO request has authenticity, decrypt the ciphertext data of the encryption and decryption key in the HTTP request message by using the first private key corresponding to the first public key to obtain the encryption and decryption key.
The second decryption module 440 is configured to decrypt the request ciphertext data in the HTTP request message by using the encryption and decryption key obtained by decryption, so as to obtain the request data of the HTTP request.
The third decryption module 450 is configured to calculate an auxiliary verification digest of the decrypted request data by using a digest algorithm, and decrypt a digest signature of the request data in the HTTP request message by using the first private key to obtain a digest of the request data.
The response module 460 is configured to verify that the requested data of the HTTP request has integrity if the auxiliary verification digest is consistent with the digest of the requested data, and generate response ciphertext data in response to the decrypted requested data of the HTTP request.
A sending module 470, configured to send the response ciphertext data to the CXF initiating end of the HTTP request.
In some embodiments, the response module 460 includes a data generation unit and an encryption unit.
The data generation unit is used for responding to the request data of the HTTP request obtained by decryption and generating response data.
And the encryption unit is used for encrypting the response data by using the encryption and decryption key to obtain response ciphertext data.
In some embodiments, the verification module 420 includes a time of day acquisition unit and a verification unit.
A time obtaining unit for obtaining the current time;
the verification unit is used for verifying the authenticity of the HTTP request if the time difference between the creation time and the current time is less than or equal to the preset time length; and if the time difference between the creation time and the current time is greater than the preset time, verifying that the HTTP request does not have authenticity.
According to the CXF frame-based request message transmission device in the embodiment of the invention, in the HTTP request transmission process, the encryption and decryption key can be used for encrypting the request data, and the ciphertext data of the encryption and decryption key, the digest signature of the request data and the creation time of the HTTP request are transmitted to the receiving end of the HTTP request through the HTTP request message, so that the transmission security of the request message can be improved.
Other details of the CXF framework-based request packet transmission apparatus according to the embodiment of the present invention are similar to the CXF framework-based request packet transmission method according to the embodiment of the present invention described above with reference to fig. 2, and are not described herein again.
Based on the same inventive concept, fig. 5 is a system architecture diagram of a CXF framework-based request message transmission system according to an embodiment of the present invention. As shown in fig. 5, the CXF framework-based request message transmission system 500 includes a CXF initiator 510 and a CXF receiver 520.
The CXF initiator 510 may implement the method 100 for transmitting a request packet based on the CXF framework described in connection with fig. 1. Specifically, the CXF initiator 510 may be implemented as the CXF framework-based request packet transmission apparatus 300 described in conjunction with fig. 3. Illustratively, the CXF initiator 510 may be a CXF client in a CXF framework.
The CXF receiving end 520 may implement the CXF framework-based request packet transmission method 200 described in conjunction with fig. 2. Specifically, the CXF initiator 520 may be implemented as the CXF framework-based request packet transmission apparatus 400 described in conjunction with fig. 4. Illustratively, the CXF receive end 520 may be a CXF service end in a CXF framework.
Fig. 6 is a structural diagram of an exemplary hardware architecture of a request packet transmission device based on a CXF framework according to an embodiment of the present invention.
As shown in fig. 6, the CXF framework-based request message transmission apparatus 600 includes an input device 601, an input interface 602, a central processor 603, a memory 604, an output interface 605, and an output device 606. The input interface 602, the central processing unit 603, the memory 604, and the output interface 605 are connected to each other through a bus 610, and the input device 601 and the output device 606 are connected to the bus 610 through the input interface 602 and the output interface 605, respectively, and further connected to other components of the CXF framework-based request packet transmission device 600.
Specifically, the input device 601 receives input information from the outside, and transmits the input information to the central processor 603 through the input interface 602; the central processor 603 processes input information based on computer-executable instructions stored in the memory 604 to generate output information, stores the output information temporarily or permanently in the memory 604, and then transmits the output information to the output device 606 through the output interface 605; the output device 606 outputs the output information to the outside of the CXF framework-based request message transmission device 600 for use by the user.
That is, the CXF framework-based request message transmission apparatus shown in fig. 6 may also be implemented to include: a memory storing computer-executable instructions; and a processor, which when executing computer executable instructions may implement the method 100 for transmitting a request packet based on a CXF framework described in the embodiment of the present invention with reference to fig. 1, or which when executing computer executable instructions may implement the method 200 for transmitting a request packet based on a CXF framework described in the embodiment of the present invention with reference to fig. 2.
An embodiment of the present invention further provides a computer storage medium, where computer program instructions are stored on the computer storage medium, and when being executed by a processor, the computer program instructions implement the method 100 for transmitting a request packet based on a CXF framework described in the embodiment of the present invention with reference to fig. 1, or when being executed by the processor, the computer program instructions implement the method 200 for transmitting a request packet based on a CXF framework described in the embodiment of the present invention with reference to fig. 2.
It is to be understood that the invention is not limited to the specific arrangements and instrumentality described above and shown in the drawings. A detailed description of known methods is omitted herein for the sake of brevity. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications and additions or change the order between the steps after comprehending the spirit of the present invention.
The functional blocks shown in the above structural block diagrams may be implemented as hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an Application Specific Integrated Circuit (ASIC), suitable firmware, plug-in, function card, or the like. When implemented in software, the elements of the invention are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine-readable medium or transmitted by a data signal carried in a carrier wave over a transmission medium or a communication link. A "machine-readable medium" may include any medium that can store or transfer information. Examples of a machine-readable medium include electronic circuits, semiconductor memory devices, ROM, flash memory, Erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, Radio Frequency (RF) links, and so forth. The code segments may be downloaded via computer networks such as the internet, intranet, etc.
As will be apparent to those skilled in the art, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

Claims (13)

1.一种基于CXF框架的请求报文传输方法,其特征在于,所述方法应用于HTTP请求的CXF发起端,所述方法包括:1. a request message transmission method based on CXF framework, is characterized in that, described method is applied to the CXF initiator end of HTTP request, and described method comprises: 创建超文本传输协议HTTP请求,并生成与本次HTTP请求对应的加解密密钥;Create a hypertext transfer protocol HTTP request, and generate an encryption and decryption key corresponding to this HTTP request; 利用所述加解密密钥对本次HTTP请求的请求数据加密,得到请求密文数据;Encrypt the request data of this HTTP request by using the encryption/decryption key to obtain the request ciphertext data; 依据摘要算法,计算所述请求数据的摘要,并利用第一公钥对所述摘要进行加密,得到所述请求数据的摘要签名;Calculate the digest of the request data according to the digest algorithm, and encrypt the digest with the first public key to obtain the digest signature of the request data; 采用所述第一公钥对所述加解密密钥进行加密,得到所述加解密密钥的密文数据;Encrypt the encryption/decryption key by using the first public key to obtain ciphertext data of the encryption/decryption key; 基于本次HTTP请求的创建时刻、所述请求密文数据、所述请求数据的摘要签名和所述加解密密钥的密文数据,生成本次HTTP请求报文;Generate this HTTP request message based on the creation time of this HTTP request, the request ciphertext data, the digest signature of the request data, and the ciphertext data of the encryption/decryption key; 将所述本次请求报文发送至所述本次HTTP请求的CXF接收端。Send the current request message to the CXF receiving end of the current HTTP request. 2.根据权利要求1所述的方法,其特征在于,所述利用所述加解密密钥对本次HTTP请求的请求数据加密,得到请求密文数据,包括:2. method according to claim 1, is characterized in that, described utilizing described encryption and decryption key to encrypt the request data of this HTTP request, obtain request ciphertext data, comprising: 将所述请求数据的文本格式进行转换,得到字符串格式的请求数据;Convert the text format of the request data to obtain the request data in string format; 利用所述加解密密钥对字符串格式的请求数据加密,得到请求密文数据。The request data in the string format is encrypted by using the encryption/decryption key to obtain the request ciphertext data. 3.根据权利要求2所述的方法,其特征在于,所述依据摘要算法,计算所述请求数据的摘要,包括:3. The method according to claim 2, wherein, calculating the digest of the requested data according to a digest algorithm, comprising: 将所述请求数据的文本格式进行转换,得到所述字符串格式的请求数据;Converting the text format of the request data to obtain the request data in the string format; 利用所述摘要算法对所述字符串格式的请求数据进行计算,得到所述请求数据的摘要。The request data in the string format is calculated by using the digest algorithm to obtain a digest of the request data. 4.根据权利要求1所述的方法,其特征在于,所述基于所述本次HTTP请求的创建时刻、所述请求密文数据、所述请求数据的摘要签名和所述加解密密钥的密文数据,生成本次HTTP请求报文,包括:4 . The method according to claim 1 , wherein the method based on the creation time of the current HTTP request, the request ciphertext data, the digest signature of the request data and the encryption/decryption key. 5 . Ciphertext data, to generate this HTTP request message, including: 将所述本次HTTP请求的创建时刻写入所述本次HTTP请求报文的报文头的时间戳字段;以及,Write the creation time of the HTTP request this time into the timestamp field of the message header of the HTTP request message; and, 将所述请求数据的摘要签名写入所述本次HTTP请求报文的报文头的认证字段;以及,Write the digest signature of the request data into the authentication field of the message header of the HTTP request message of this time; and, 将所述加解密密钥的密文数据写入所述本次HTTP请求报文的报文头的安全密钥字段;以及,Write the ciphertext data of the encryption/decryption key into the security key field of the message header of the current HTTP request message; and, 将所述请求密文数据写入所述本次HTTP请求报文的报文体。Write the request ciphertext data into the message body of the current HTTP request message. 5.根据权利要求1所述的方法,其特征在于,所述加解密密钥为高级加密标准AES密钥。5. The method according to claim 1, wherein the encryption and decryption key is an Advanced Encryption Standard (AES) key. 6.一种基于CXF框架的请求报文传输方法,其特征在于,所述方法应用于HTTP请求的CXF接收端,所述方法包括:6. a request message transmission method based on CXF framework, is characterized in that, described method is applied to the CXF receiving end of HTTP request, and described method comprises: 接收由所述HTTP请求的发起端发送的HTTP请求报文;receiving the HTTP request message sent by the initiator of the HTTP request; 利用所述HTTP请求报文中的创建时刻,验证所述HTTP请求的真实性;Utilize the creation moment in the HTTP request message to verify the authenticity of the HTTP request; 若验证结果表示所述HTTP请求具备真实性,利用与所述第一公钥对应的第一私钥对所述HTTP请求报文中的所述加解密密钥的密文数据进行解密,得到所述加解密密钥;If the verification result indicates that the HTTP request is authentic, use the first private key corresponding to the first public key to decrypt the ciphertext data of the encryption/decryption key in the HTTP request message, and obtain the the encryption/decryption key; 利用解密得到的所述加解密密钥对所述HTTP请求报文中的请求密文数据进行解密,得到所述HTTP请求的请求数据;Decrypt the request ciphertext data in the HTTP request message by using the encryption/decryption key obtained by decryption to obtain the request data of the HTTP request; 利用摘要算法,计算所述解密得到的所述请求数据的辅助验证摘要,以及,利用所述第一私钥对所述HTTP请求报文中的所述请求数据的摘要签名进行解密,得到所述请求数据的摘要;Use a digest algorithm to calculate the auxiliary verification digest of the request data obtained by the decryption, and decrypt the digest signature of the request data in the HTTP request message by using the first private key, to obtain the a summary of the requested data; 若所述辅助验证摘要和所述请求数据的摘要一致,验证所述HTTP请求的请求数据具备完整性,并对解密得到的所述HTTP请求的请求数据作出响应,生成响应密文数据;If the auxiliary verification digest is consistent with the digest of the request data, verify that the request data of the HTTP request has integrity, and respond to the decrypted request data of the HTTP request to generate response ciphertext data; 将所述响应密文数据发送至所述HTTP请求的CXF发起端。Send the response ciphertext data to the CXF initiator of the HTTP request. 7.根据权利要求6所述的方法,其特征在于,所述对解密得到的所述HTTP请求的请求数据作出响应,生成响应密文数据,包括:7. The method according to claim 6, wherein the request data of the HTTP request obtained by decryption is responded to, and the response ciphertext data is generated, comprising: 响应解密得到的所述HTTP请求的请求数据,生成响应数据;The request data of the described HTTP request obtained in response to decryption is generated, and response data is generated; 利用所述加解密密钥对所述响应数据加密,得到所述响应密文数据。The response data is encrypted by using the encryption/decryption key to obtain the response ciphertext data. 8.根据权利要求6所述的方法,其特征在于,所述利用所述HTTP请求报文中的创建时刻,验证所述HTTP请求的真实性,包括:8. The method according to claim 6, wherein the use of the creation time in the HTTP request message to verify the authenticity of the HTTP request, comprising: 获取当前时刻;get the current moment; 若所述创建时刻与所述当前时刻的时间差小于等于预设时长,则验证所述HTTP请求具备真实性;If the time difference between the creation moment and the current moment is less than or equal to a preset duration, verify that the HTTP request is authentic; 若所述创建时刻与所述当前时刻的时间差大于预设时长,则验证所述HTTP请求不具备真实性。If the time difference between the creation time and the current time is greater than a preset time period, it is verified that the HTTP request does not have authenticity. 9.一种基于CXF框架的请求报文传输装置,其特征在于,所述装置包括:9. A request message transmission device based on a CXF framework, wherein the device comprises: 请求创建模块,用于创建超文本传输协议HTTP请求,获取本次HTTP请求的创建时刻并生成与本次HTTP请求对应的加解密密钥;The request creation module is used to create a hypertext transfer protocol HTTP request, obtain the creation moment of this HTTP request, and generate an encryption and decryption key corresponding to this HTTP request; 第一加密模块,用于利用所述加解密密钥对本次HTTP请求的请求数据加密,得到请求密文数据;The first encryption module is used to encrypt the request data of this HTTP request by using the encryption and decryption key to obtain the request ciphertext data; 摘要签名生成模块,用于依据摘要算法,计算所述请求数据的摘要,并利用第一公钥对所述摘要进行加密,得到所述请求数据的摘要签名;The digest signature generation module is configured to calculate the digest of the request data according to the digest algorithm, and encrypt the digest with the first public key to obtain the digest signature of the request data; 第二加密模块,用于采用所述第一公钥对所述加解密密钥进行加密,得到所述加解密密钥的密文数据;a second encryption module, configured to encrypt the encryption/decryption key by using the first public key to obtain ciphertext data of the encryption/decryption key; 报文生成模块,用于基于所述本次请求的创建时刻、所述请求密文数据、所述请求数据的摘要签名和所述加解密密钥的密文数据,生成本次HTTP请求报文;The message generation module is used to generate this HTTP request message based on the creation time of the current request, the request ciphertext data, the digest signature of the request data and the ciphertext data of the encryption and decryption keys ; 发送模块,用于将所述本次请求报文发送至所述本次请求的接收端。A sending module, configured to send the current request message to the receiving end of the current request. 10.一种基于CXF框架的请求报文传输装置,其特征在于,所述装置包括:10. A request message transmission device based on a CXF framework, wherein the device comprises: 接收模块,用于接收由所述HTTP请求的发起端发送的HTTP请求报文;a receiving module, configured to receive the HTTP request message sent by the initiator of the HTTP request; 验证模块,用于利用所述HTTP请求报文中的创建时刻,验证所述HTTP请求的真实性;A verification module, for using the creation moment in the HTTP request message to verify the authenticity of the HTTP request; 第一解密模块,用于若验证结果表示所述HTTO请求具备真实性,利用与所述第一公钥对应的第一私钥对所述HTTP请求报文中的所述加解密密钥的密文数据进行解密,得到所述加解密密钥;The first decryption module is configured to use the first private key corresponding to the first public key to encrypt the encryption/decryption key in the HTTP request message if the verification result indicates that the HTTP request is authentic. decrypt the text data to obtain the encryption and decryption key; 第二解密模块,用于利用解密得到的所述加解密密钥对所述HTTP请求报文中的请求密文数据进行解密,得到所述HTTP请求的请求数据;The second decryption module is used to decrypt the request ciphertext data in the HTTP request message by using the encryption/decryption key obtained by decryption to obtain the request data of the HTTP request; 第三解密模块,用于利用摘要算法,计算所述解密得到的所述请求数据的辅助验证摘要,以及,利用所述第一私钥对所述HTTP请求报文中的所述请求数据的摘要签名进行解密,得到所述请求数据的摘要;A third decryption module, configured to use a digest algorithm to calculate the auxiliary verification digest of the request data obtained by the decryption, and use the first private key to digest the request data in the HTTP request message The signature is decrypted to obtain a digest of the requested data; 响应模块,用于若所述辅助验证摘要和所述请求数据的摘要一致,验证所述HTTP请求的请求数据具备完整性,并对解密得到的所述HTTP请求的请求数据作出响应,生成响应密文数据;The response module is used to verify that the request data of the HTTP request has integrity if the auxiliary verification digest is consistent with the digest of the request data, and to respond to the decrypted request data of the HTTP request, and generate a response password. text data; 发送模块,用于将所述响应密文数据发送至所述HTTP请求的CXF发起端。A sending module, configured to send the response ciphertext data to the CXF initiator of the HTTP request. 11.一种基于CXF框架的请求报文传输系统,其特征在于,所述系统包括:11. A request message transmission system based on CXF framework, is characterized in that, described system comprises: 用于实现权利要求1至5任一项所述的请求报文传输方法的HTTP请求的CXF发起端,和用于实现权利要求6至8任一项所述的请求报文传输方法的HTTP请求的CXF接收端。The CXF initiator of the HTTP request for realizing the request message transmission method described in any one of claims 1 to 5, and the HTTP request for realizing the request message transmission method described in any one of claims 6 to 8 CXF receiver. 12.一种基于CXF框架的请求报文传输设备,其特征在于,所述设备包括:12. A request message transmission device based on a CXF framework, wherein the device comprises: 存储器,用于存储程序;memory for storing programs; 处理器,用于运行所述存储器中存储的所述程序,以执行权利要求1-8任一权利要求所述的基于CXF框架的请求报文传输方法。The processor is configured to run the program stored in the memory to execute the CXF framework-based request message transmission method according to any one of claims 1-8. 13.一种计算机存储介质,其特征在于,所述计算机存储介质上存储有计算机程序指令,所述计算机程序指令被处理器执行时实现权利要求1-8任一权利要求所述的基于CXF框架的请求报文传输方法。13. A computer storage medium, characterized in that, computer program instructions are stored on the computer storage medium, and when the computer program instructions are executed by a processor, the CXF-based framework described in any one of claims 1-8 is realized The request message transmission method.
CN201911335767.9A 2019-12-23 2019-12-23 Method, device, system, equipment and medium for transmitting request message of CXF framework Pending CN113098824A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911335767.9A CN113098824A (en) 2019-12-23 2019-12-23 Method, device, system, equipment and medium for transmitting request message of CXF framework

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911335767.9A CN113098824A (en) 2019-12-23 2019-12-23 Method, device, system, equipment and medium for transmitting request message of CXF framework

Publications (1)

Publication Number Publication Date
CN113098824A true CN113098824A (en) 2021-07-09

Family

ID=76664008

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911335767.9A Pending CN113098824A (en) 2019-12-23 2019-12-23 Method, device, system, equipment and medium for transmitting request message of CXF framework

Country Status (1)

Country Link
CN (1) CN113098824A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1654852A2 (en) * 2003-07-11 2006-05-10 International Business Machines Corporation System and method for authenticating clients in a client-server environment
CN102025505A (en) * 2010-12-16 2011-04-20 浪潮(北京)电子信息产业有限公司 Advanced encryption standard (AES) algorithm-based encryption/decryption method and device
CN105429753A (en) * 2015-12-30 2016-03-23 宇龙计算机通信科技(深圳)有限公司 Voice data method for improving security of VoLTE communication, system and mobile terminal
CN105553932A (en) * 2015-11-30 2016-05-04 青岛海尔智能家电科技有限公司 Method, device and system of remote control safety binding of intelligent home appliance
CN109802825A (en) * 2017-11-17 2019-05-24 深圳市金证科技股份有限公司 A kind of data encryption, the method for decryption, system and terminal device
CN110198295A (en) * 2018-04-18 2019-09-03 腾讯科技(深圳)有限公司 Safety certifying method and device and storage medium

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1654852A2 (en) * 2003-07-11 2006-05-10 International Business Machines Corporation System and method for authenticating clients in a client-server environment
CN102025505A (en) * 2010-12-16 2011-04-20 浪潮(北京)电子信息产业有限公司 Advanced encryption standard (AES) algorithm-based encryption/decryption method and device
CN105553932A (en) * 2015-11-30 2016-05-04 青岛海尔智能家电科技有限公司 Method, device and system of remote control safety binding of intelligent home appliance
CN105429753A (en) * 2015-12-30 2016-03-23 宇龙计算机通信科技(深圳)有限公司 Voice data method for improving security of VoLTE communication, system and mobile terminal
CN109802825A (en) * 2017-11-17 2019-05-24 深圳市金证科技股份有限公司 A kind of data encryption, the method for decryption, system and terminal device
CN110198295A (en) * 2018-04-18 2019-09-03 腾讯科技(深圳)有限公司 Safety certifying method and device and storage medium

Similar Documents

Publication Publication Date Title
US12375304B2 (en) Mutual authentication of confidential communication
US11985239B2 (en) Forward secrecy in transport layer security (TLS) using ephemeral keys
EP3642997B1 (en) Secure communications providing forward secrecy
US20240356730A1 (en) Computer-implemented system and method for highly secure, high speed encryption and transmission of data
US20210367767A1 (en) Methods and systems for secure network communication
US9698984B2 (en) Re-encrypted data verification program, re-encryption apparatus and re-encryption system
JP2001051596A (en) Device and method for generating/verifying data
CN111769938B (en) Key management system and data verification system of block chain sensor
US11528127B2 (en) Computer-implemented system and method for highly secure, high speed encryption and transmission of data
CN116830523A (en) threshold key exchange
CN113810779B (en) Code stream signature verification method, device, electronic equipment and computer readable medium
US20250286711A1 (en) Network arrangement for secure use of a private key remotely accessed through an open network
KR101793528B1 (en) Certificateless public key encryption system and receiving terminal
Kalka et al. A Comprehensive Review of TLSNotary Protocol
CN113098824A (en) Method, device, system, equipment and medium for transmitting request message of CXF framework
CN115442046A (en) Signature method, signature device, electronic equipment and storage medium
US20240333478A1 (en) Quantum-resistant cryptosystem and electronic device included in the same
Ruan Building blocks of the security and management engine

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210709

RJ01 Rejection of invention patent application after publication