CN115580418A - Information acquisition method and device, computer equipment and storage medium - Google Patents

Information acquisition method and device, computer equipment and storage medium Download PDF

Info

Publication number
CN115580418A
CN115580418A CN202110751463.1A CN202110751463A CN115580418A CN 115580418 A CN115580418 A CN 115580418A CN 202110751463 A CN202110751463 A CN 202110751463A CN 115580418 A CN115580418 A CN 115580418A
Authority
CN
China
Prior art keywords
information
application
key information
decryption
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110751463.1A
Other languages
Chinese (zh)
Inventor
王�锋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen TCL New Technology Co Ltd
Original Assignee
Shenzhen TCL New Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen TCL New Technology Co Ltd filed Critical Shenzhen TCL New Technology Co Ltd
Priority to CN202110751463.1A priority Critical patent/CN115580418A/en
Publication of CN115580418A publication Critical patent/CN115580418A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Power Engineering (AREA)
  • Multimedia (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the application provides an information acquisition method, an information acquisition device, computer equipment and a storage medium, and can respond to an information acquisition request carrying an application identifier of a first application and acquire encrypted information corresponding to the application identifier from an information storage directory of a second application; decrypting the encrypted information based on the decryption parameters to obtain decrypted information; verifying the key information contained in the decryption information; and if the verification is passed, acquiring target information matched with the information acquisition request from the information storage directory of the second application. The first application of the embodiment of the application can acquire the information of the second application only through the security authentication, that is, the embodiment of the application decrypts the encrypted information and verifies the key information contained in the decrypted information, so that the first application can acquire the information of the second application, the information of the second application can be prevented from being stolen by the first application, and the information of the second application is prevented from being leaked.

Description

Information acquisition method and device, computer equipment and storage medium
Technical Field
The present application relates to the field of data processing technologies, and in particular, to an information acquisition method and apparatus, a computer device, and a storage medium.
Background
In Android development, data is often acquired from application to application in a cross-process manner through an aid id (Android Interface Definition Language). The user center application provides user information such as login, registration, account number and the like to the third party application through the AIDL, so that any third party application can acquire the user information of the user center application through the AIDL, and the user information is easily stolen by the third party application, so that the user information is leaked, and the safety of the user information cannot be guaranteed.
Disclosure of Invention
The embodiment of the application provides an information acquisition method, an information acquisition device, computer equipment and a storage medium, which can prevent information leakage.
An information acquisition method, comprising:
responding to an information acquisition request carrying an application identifier of a first application, and acquiring encrypted information corresponding to the application identifier from an information storage directory of a second application, wherein the encrypted information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the first key information and the second key information by using an encryption parameter;
decrypting the encrypted information based on the decryption parameters to obtain decrypted information, wherein the decryption parameters are parameters corresponding to the encryption parameters;
verifying the key information contained in the decryption information;
and if the verification is passed, acquiring target information matched with the information acquisition request from the information storage directory of the second application.
Correspondingly, an embodiment of the present application provides an information acquisition apparatus, including:
the response unit is used for responding to an information acquisition request carrying an application identifier of a first application, acquiring encrypted information corresponding to the application identifier from an information storage directory of a second application, wherein the encrypted information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the first key information and the second key information by using an encryption parameter;
the decryption unit is used for decrypting the encrypted information based on the decryption parameters to obtain the decryption information, and the decryption parameters are parameters corresponding to the encryption parameters;
the verification unit is used for verifying the key information contained in the decryption information;
and the acquisition unit is used for acquiring the target information matched with the information acquisition request from the information storage directory of the second application if the verification is passed.
In some embodiments, the decryption unit may be further configured to screen, based on the first decryption parameter, a decryption string that meets a preset condition from the encrypted information, so as to obtain an initial decryption string; based on the initial decryption string, decryption information is determined.
In some embodiments, the decryption unit may be further configured to decrypt the initial decryption string according to the second decryption parameter to obtain initial decryption information; the initial decryption information is divided to obtain decrypted first key information and decrypted second key information, wherein the first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package; and determining the decrypted first key information and the decrypted second key information as the decrypted information.
In some embodiments, the verification unit may be further configured to obtain preset first key information according to the decrypted first key information; comparing the decrypted first key information with preset first key information; and if the decrypted first key information is different from the preset first key information, the verification result is that the verification is not passed.
In some embodiments, the verification unit may be further specifically configured to, in some embodiments, further include an encryption unit, and specifically may be configured to acquire a registration request of the first application for the second application; acquiring first key information and second key information according to the registration request, wherein the first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package; fusing the first key information and the second key information to obtain information to be encrypted; acquiring a first encryption parameter based on the information to be encrypted, and encrypting the information to be encrypted according to the first encryption parameter to obtain an initial encryption character string; determining encryption information based on the initial encryption string; and binding the encryption information with the application identification of the first application.
In some embodiments, the encryption unit may be further configured to obtain a second encryption parameter based on the initial encryption string; and fusing the initial encryption character string and the second encryption parameter to obtain encryption information.
In some embodiments, the information acquiring apparatus further includes a sending unit, which may be specifically configured to send the target information to the first application through the second application.
In some embodiments, the sending unit may be further configured to obtain a current time and an initial time, where the initial time is a time in response to the information obtaining request; and if the difference value between the current time and the initial time is smaller than a preset threshold value, sending the target information to the first application through the second application.
In addition, the embodiment of the application also provides a computer device, which comprises a memory and a processor; the memory stores a computer program, and the processor is used for executing the computer program in the memory to execute the operation in any one of the information acquisition methods provided by the embodiments of the present application.
In addition, a storage medium is further provided, where a computer program is stored, and the computer program is suitable for being loaded by a processor to execute any one of the information acquisition methods provided in the embodiments of the present application.
The method and the device for acquiring the application identifier of the first application can respond to an information acquisition request carrying the application identifier of the first application, and acquire the encrypted information corresponding to the application identifier from an information storage directory of a second application, wherein the encrypted information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the information by using an encryption parameter; decrypting the encrypted information based on the decryption parameter to obtain decryption information, wherein the decryption parameter is a parameter corresponding to the encryption parameter; verifying the key information contained in the decryption information; and if the verification is passed, acquiring target information matched with the information acquisition request from the information storage directory of the second application. The first application of the embodiment of the application can acquire the information of the second application only through the security authentication, that is, the first application can acquire the information of the second application only by decrypting the encrypted information and verifying the key information contained in the decrypted information, so that the information of the second application can be prevented from being stolen by the first application, and the information of the second application is prevented from being leaked.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a scene schematic diagram of an information acquisition method provided in an embodiment of the present application;
fig. 2 is a flowchart schematically illustrating an information acquisition method according to an embodiment of the present disclosure;
fig. 3 is a schematic flowchart of acquiring encrypted information according to an embodiment of the present application;
fig. 4 is a second schematic flowchart of an information acquisition method according to an embodiment of the present application;
fig. 5 is a three-diagram schematically illustrating a flow of an information acquisition method according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an information acquisition apparatus according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of a computer device provided in an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The embodiment of the application provides an information acquisition method, an information acquisition device, computer equipment and a storage medium. The information acquisition device may be integrated in a computer device, and the computer device may be a server or a terminal.
The server may be an independent physical server, a server cluster or a distributed system formed by a plurality of physical servers, or a cloud server providing basic cloud computing services such as cloud service, a cloud database, cloud computing, a cloud function, cloud storage, network service, cloud communication, middleware service, domain name service, security service, network acceleration service (CDN), big data and an artificial intelligence platform. The terminal may be, but is not limited to, a smart phone, a tablet computer, a laptop computer, a desktop computer, a smart speaker, a smart watch, and the like. The terminal and the server may be directly or indirectly connected through wired or wireless communication, and the application is not limited herein.
For example, referring to fig. 1, taking an example that an information obtaining apparatus is integrated in an intelligent television, the intelligent television responds to an information obtaining request of a first application for a second application, where the information obtaining request carries an application identifier of the first application, and obtains encrypted information corresponding to the application identifier from an information storage directory of the second application, where the encrypted information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the first key information and the second key information by using an encryption parameter; decrypting the encrypted information based on the decryption parameter to obtain decryption information, wherein the decryption parameter is a parameter corresponding to the encryption parameter; verifying the key information contained in the decryption information; and if the verification is passed, acquiring target information matched with the information acquisition request from the information storage directory of the second application.
The first application and the second application are both applications in the smart television, and the first application can be a third-party application.
The method for fusing the first key information of the first application and the second key information of the second application may be various, for example, the first key information and the second key information are directly spliced; for example, the first key information is cut, the second key information is cut, and the cut first key information and the cut second key information are spliced.
The following are detailed below. It should be noted that the following description of the embodiments is not intended to limit the preferred order of the embodiments.
The embodiment will be described in terms of an information acquisition apparatus, which may be specifically integrated in a computer device, where the computer device may be a server, or may be a terminal or other devices; the terminal may include a tablet Computer, a notebook Computer, a Personal Computer (PC), a wearable device, a virtual reality device, or other intelligent devices capable of acquiring data.
As shown in fig. 2, the specific flow of the information acquisition method is as follows:
101. and responding to an information acquisition request carrying the application identifier of the first application, and acquiring the encrypted information corresponding to the application identifier from the information storage directory of the second application.
The first application and the second application may be installed on different terminals, or may be installed on the same terminal, which may be set according to actual requirements.
The encryption information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the first key information and the second key information by using the encryption parameters. The encryption information is preset information and is bound with the application identifier of the first application, and the encryption information can be obtained through a registration request of the first application for the second application after the first application is installed on the terminal.
Specifically, as shown in fig. 3, the encrypted information is obtained as follows:
s1, acquiring a registration request of a first application for a second application.
The registration request may be triggered by a user operating on the first application after the first application is installed, or may be triggered by a user operating on the second application.
S2, acquiring the first key information and the second key information according to the registration request.
The first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package. The first key information may be an MD5 value corresponding to the first application package, an MD4 value, an MD3 value corresponding to the first application package, or a randomly generated character string with a specified number of bits, such as a 64-bit character string. The second key information may be an MD5 value corresponding to the second application package, an MD4 value, an MD3 value corresponding to the second application package, or a randomly generated character string with a specified number of bits, such as a 32-bit character string.
And S3, fusing the first key information and the second key information to obtain information to be encrypted.
For example, the first key information is an MD5 value corresponding to the first application package, the second key information is an MD5 value corresponding to the second application package, both the MD5 value corresponding to the first application package and the MD5 value corresponding to the second application package may be 32-bit character strings, and after the MD5 value corresponding to the first application package and the MD5 value corresponding to the second application package are spliced, 64-bit character strings are formed, that is, information to be encrypted is formed.
For example, the first key information may be an MD5 value corresponding to the first application package, the second key information may be an MD5 value corresponding to the second application package, the MD5 value corresponding to the first application package is a 128-bit character string, and the MD5 value corresponding to the second application package may be a 32-bit character string. And cutting the MD5 value corresponding to the first application packet, wherein the MD5 value corresponding to the cut first application packet can be a 32-bit character string, and splicing the MD5 value corresponding to the cut first application packet and the MD5 value corresponding to the second application packet to form a 64-bit character string, namely to form the information to be encrypted.
And S4, acquiring a first encryption parameter based on the information to be encrypted, and encrypting the information to be encrypted according to the first encryption parameter to obtain an initial encryption character string.
The first encryption parameter may be a key or a random string with a specified number of bits. For example, the information to be encrypted is a 64-bit character string, the first encryption parameter is a key, and the 64-bit character string is encrypted by the key to obtain an initial encryption character string. For example, the first encryption parameter is a random character string with a specified digit, the information to be encrypted is a character string with 64 digits, and the initial encryption character string is obtained by fusing the random character string with the specified digit and the character string with 64 digits.
And S5, determining encryption information based on the initial encryption character string.
The initial encryption character string may be determined as the encryption information, or the initial encryption character string may be further processed to obtain the encryption information.
Specifically, a second encryption parameter is obtained based on the initial encryption character string, and the initial encryption character string and the second encryption parameter are fused to obtain encryption information.
The second encryption parameter may be a key or a random string with a specified number of bits. For example, taking the random character string with the second encryption parameter as the designated digit as an example, the random character string with the designated digit and the initial encryption character string may be directly spliced to obtain the encryption information.
And S6, binding the encrypted information with the application identifier of the first application.
102. And decrypting the encrypted information based on the decryption parameters to obtain decrypted information.
And the decryption parameters are parameters corresponding to the encryption parameters. The decryption parameters may comprise a first decryption parameter, a second decryption parameter. The decryption process for the encrypted information is as follows:
specifically, when the decryption parameter comprises a first decryption parameter, based on the first decryption parameter, a decryption character string meeting a preset condition is screened out from the encrypted information, and an initial decryption character string is obtained; based on the initial decryption string, decryption information is determined.
For example, the first decryption parameter may be a character string with a specified number of bits, such as a character string with 32 bits as the first decryption parameter, specifically, the first decryption parameter may be a first 32-bit character string in the encryption information, the first decryption parameter may be a second 32-bit character string in the encryption information, and the first decryption parameter may be a second 64-bit character string in the encryption information. The preset condition may be a character string with a preset number of bits in the encrypted information, such as a first 32-bit character string in the encrypted information, a first 64-bit character string in the encrypted information, and a second 32-bit character string in the encrypted information. The preset condition corresponds to the first decryption parameter.
For example, the character string in the encrypted message is a 128-bit character string, the first decryption parameter is a last 32-bit character string in the encrypted message, and the preset condition is a first 96-bit character string in the encrypted message. Based on the first decryption parameter, the character string in the encrypted information is cut, the last 32-bit character string in the encrypted information is removed, and the first 96-bit character string in the encrypted information is screened out, so that the initial decryption character string is obtained, namely the initial decryption character string is the first 96-bit character string in the encrypted information.
Specifically, when the decryption parameters further include a second decryption parameter, the initial decryption character string is decrypted according to the second decryption parameter, and initial decryption information is obtained; the initial decryption information is divided to obtain decrypted first key information and decrypted second key information, wherein the first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package; and determining the decrypted first key information and the decrypted second key information as the decrypted information.
The second decryption parameter may be a key, and the key may be a symmetric key or an asymmetric key. For example, the initial decryption string is decrypted by using the key to obtain initial decryption information. Since the initial decryption information may be obtained by fusing the first key information and the second key information, the initial decryption information is divided to obtain the decrypted first key information and the decrypted second key information. The first key information may be an MD5 value corresponding to the first application package, and the second key information may be an MD5 value corresponding to the second application package.
103. The key information contained in the decryption information is verified.
For example, only the first key information may be verified, only the second key information may be verified, the first key information and the second key information may be simultaneously verified, and the first key information and the second key information may also be sequentially verified.
In the embodiment of the application, preferably, the first key information and the second key information are verified in sequence, and specifically, the preset first key information is obtained according to the decrypted first key information; comparing the decrypted first key information with preset first key information; and if the decrypted first key information is different from the preset first key information, the verification result is that the verification is failed.
Specifically, if the decrypted first key information is the same as the preset first key information, acquiring preset second key information; comparing the decrypted second key information with preset second key information; and if the decrypted second key information is the same as the preset second key information, the verification result is that the verification is passed. Therefore, the first key information and the second key information are verified according to the sequence, double verification is achieved substantially, information safety of the second application can be guaranteed, and information leakage is avoided.
In addition, in the embodiment of the present application, the second key information may be verified first, and then the first key information is verified, where the verification process is the same as above, and only the verification order of the first key information and the second key information is different from above.
The preset first key information may be key information generated in a process of registering the first application with the second application, that is, the preset first key information is first key information before encryption. The preset second key information may be key information generated in a process of registering the first application with the second application, that is, the preset second key information is the second key information before encryption.
104. And if the verification is passed, acquiring target information matched with the information acquisition request from the information storage directory of the second application.
The target information can be user information, including information such as a nickname, an account number and a password of a user; the target information may be historical operation information of the user, for example, when the second application is a microblog, the historical operation information of the user may represent a preference of the user for microblog content.
Specifically, after the target information matched with the information acquisition request is acquired, the target information is sent to the first application through the second application.
More specifically, the current time is acquired, and an initial time, which is a time in response to the information acquisition request; and if the difference value between the current time and the initial time is smaller than a preset threshold value, sending the target information to the first application through the second application. Through further time verification, the safety of the information of the second application can be further guaranteed.
The method and the device for acquiring the application identifier of the first application can respond to an information acquisition request carrying the application identifier of the first application, and acquire the encrypted information corresponding to the application identifier from an information storage directory of a second application, wherein the encrypted information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the information by using an encryption parameter; decrypting the encrypted information based on the decryption parameter to obtain decryption information, wherein the decryption parameter is a parameter corresponding to the encryption parameter; verifying the key information contained in the decryption information; and if the verification is passed, acquiring target information matched with the information acquisition request from the information storage directory of the second application. The first application of the embodiment of the application can acquire the information of the second application only through the security authentication, that is, the embodiment of the application decrypts the encrypted information and verifies the key information contained in the decrypted information, so that the first application can acquire the information of the second application, the information of the second application can be prevented from being stolen by the first application, and the information of the second application is prevented from being leaked.
The method described in the above examples is further illustrated in detail below by way of example.
In this embodiment, the information acquisition apparatus is specifically integrated in a computer device, the computer device is an intelligent television, for example, the first application is a user center application, the user center application is an application providing account services for all applications on the intelligent television, and the second application is a third party application on the intelligent television, such as applications of youku, love art, tencent, and the like.
As shown in fig. 4, an information obtaining method specifically includes the following steps:
201. the smart television sends an information acquisition request to the second application through the first application, wherein the information acquisition request carries the application identifier of the first application.
202. And the intelligent television responds to the information acquisition request and acquires the encrypted information corresponding to the application identifier from the information storage directory of the second application.
The smart television can check the application identifier, and if the application identifier is the same as the preset application identifier, the smart television can acquire the encrypted information corresponding to the application identifier from the information storage directory of the second application.
The encryption information is bound with the application identifier of the first application in advance, so that the smart television can obtain the corresponding encryption information according to the application identifier.
The encryption information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the first key information and the second key information by using the encryption parameters.
The encryption process may be: the intelligent television acquires a registration request of a first application for a second application; acquiring first key information and second key information according to the registration request, wherein the first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package; fusing the first key information and the second key information to obtain information to be encrypted; acquiring a first encryption parameter based on the information to be encrypted, and encrypting the information to be encrypted according to the first encryption parameter to obtain an initial encryption character string; acquiring a second encryption parameter based on the initial encryption character string; and fusing the initial encryption character string and the second encryption parameter to obtain encryption information.
For example, the first key information is an MD5 value corresponding to the third-party application package, and the second key information is an MD5 value corresponding to the user-centric application package. The smart television acquires the MD5 value corresponding to the third-party application package and the MD5 value corresponding to the user center application package, and splices the MD5 value corresponding to the third-party application package and the MD5 value corresponding to the user center application package to obtain the information to be encrypted. Then, the smart television acquires a first encryption parameter, wherein the first encryption parameter can be a symmetric key or an asymmetric key, and the smart television encrypts information to be encrypted through the first encryption parameter to acquire an initial encryption character string. And then, the smart television acquires a second encryption parameter, wherein the second encryption parameter can be a character string with a specified number, and the second encryption parameter and the initial encryption character string are spliced to obtain encryption information.
203. And the intelligent television decrypts the encrypted information based on the decryption parameter to obtain the decryption information.
The decryption parameter is a parameter corresponding to the encryption parameter, and the decryption parameter may include a first decryption parameter and a second decryption parameter.
The decryption process may be as follows: screening decryption character strings meeting preset conditions from the encrypted information based on the first decryption parameters to obtain initial decryption character strings; decrypting the initial decryption character string according to the second decryption parameter to obtain initial decryption information; the initial decryption information is divided to obtain decrypted first key information and decrypted second key information, wherein the first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package; and determining the decrypted first key information and the decrypted second key information as the decrypted information.
For example, the first decryption parameter is a string of a specified number of bits, which may be the last 32-bit string in the encrypted information. The second decryption parameter may be a symmetric key or an asymmetric key. And the intelligent television removes the later 32-bit character string in the encrypted information according to the first decryption parameter to obtain an initial decryption character string. After the decryption of the second decryption parameter and the segmentation of the initial decryption information, the first key information obtained by the smart television is the MD5 value corresponding to the third-party application package, and the second key information is the MD5 value corresponding to the user center application package.
204. And the intelligent television verifies the key information contained in the decryption information.
The key information comprises decrypted first key information and decrypted second key information, the first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package.
Specifically, preset first key information is obtained according to the decrypted first key information; comparing the decrypted first key information with preset first key information; if the decrypted first key information is different from the preset first key information, the verification result is that the verification is not passed; if the decrypted first key information is the same as the preset first key information, acquiring preset second key information; comparing the decrypted second key information with preset second key information; and if the decrypted second key information is the same as the preset second key information, the verification result is that the verification is passed.
205. And if the verification is passed, acquiring target information matched with the information acquisition request from the information storage directory of the second application.
The target information is user information, which may include information such as a nickname, an account number, and a password of the user.
206. And the intelligent television sends the target information to the first application through the second application.
According to the information acquisition method described in the above embodiment, further detailed description will be given below by way of example. The information acquisition device is specifically integrated in computer equipment, the computer equipment is an intelligent television, the first application is a user center application, the user center application is an application for providing account services for all applications on the intelligent television, the second application is a third party application on the intelligent television, such as application of Youkou, aiqiyi, tencent and the like, the first encryption parameter is an RSA public key, the second encryption parameter is a 32-bit character string, the first decryption parameter is a 32-bit character string, and the second decryption information is an RSA private key.
The smart television sends a registration request to the user center application through the third party application, and according to the registration request, the smart television obtains the MD5 value of the user center application package and the MD5 value of the third party application package, wherein the MD5 value of the user center application package is referred to as a first MD5 value, and the MD5 value of the third party application package is referred to as a second MD5 value. The smart television splices the first MD5 value and the second MD5 value to obtain information to be encrypted; then, encrypting the information to be encrypted by adopting an RSA public key to obtain an initial encryption character string; and secondly, splicing the 32-bit character string after the initial encryption character string to obtain encryption information. And the intelligent television stores the encrypted information in a storage directory corresponding to the user center application, and binds the encrypted information with the application identifier of the third party application.
As shown in fig. 5, when the third-party application acquires target information from the user center application, the target information may be user information. The intelligent television sends an information acquisition request to the user center application through the third-party application, and the information acquisition request carries the application identification of the third-party application. The smart television firstly checks the application identifier, and if the application identifier is different from the preset application identifier, the third-party application cannot acquire the target information from the user center application, namely the acquisition of the target information fails. If the application identification is the same as the preset application identification, the AIDL service package is called so as to realize the communication between the third-party application and the user center application.
And then, the intelligent television acquires the encrypted information corresponding to the application identifier from the information storage directory applied by the user center.
Then, the smart television decrypts the encrypted information, specifically: and removing the 32-bit character string after the character string in the encrypted information to obtain an initial decrypted character string, decrypting the initial decrypted character string by adopting an RSA private key to obtain initial decrypted information, and segmenting the initial decrypted information to obtain a decrypted first MD5 value and a decrypted second MD5 value.
Then, the decrypted first MD5 value and the decrypted second MD5 value are verified, specifically: acquiring a preset first MD5 value according to the decrypted first MD5 value; comparing the decrypted first MD5 value with a preset first MD5 value; if the decrypted first MD5 value is different from the preset first MD5 value, the verification result is that the verification is not passed, and the third-party application cannot acquire the target information from the user center application, namely the acquisition of the target information fails. If the decrypted first MD5 value is the same as the preset first MD5 value, acquiring a preset second MD5 value; comparing the decrypted second MD5 value with a preset second MD5 value; and if the decrypted second MD5 value is the same as the preset second MD5 value, the verification result is that the verification is passed, and the third-party application acquires the target information from the user center application, namely the target information is acquired successfully.
And if the verification is passed, acquiring target information matched with the information acquisition request from the information storage directory of the user center application, and sending the target information to the third-party application.
The method and the device for acquiring the application identifier of the first application can respond to an information acquisition request carrying the application identifier of the first application, and acquire the encrypted information corresponding to the application identifier from an information storage directory of a second application, wherein the encrypted information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the information by using an encryption parameter; decrypting the encrypted information based on the decryption parameter to obtain decryption information, wherein the decryption parameter is a parameter corresponding to the encryption parameter; verifying the key information contained in the decryption information; and if the verification is passed, acquiring target information matched with the information acquisition request from the information storage directory of the second application. The first application of the embodiment of the application can acquire the information of the second application only through the security authentication, that is, the embodiment of the application decrypts the encrypted information and verifies the key information contained in the decrypted information, so that the first application can acquire the information of the second application, the information of the second application can be prevented from being stolen by the first application, and the information of the second application is prevented from being leaked.
In order to better implement the above method, the present application further provides an information acquisition apparatus, which may be integrated in a computer device, such as a server or a terminal, and the terminal may include a tablet computer, a notebook computer, and/or a personal computer.
For example, as shown in fig. 6, the information acquisition apparatus may include a response unit 301, a decryption unit 302, a verification unit 303, an acquisition unit 304, an encryption unit 305, and a transmission unit 306, as follows:
(1) A response unit 301;
the response unit 301 may be configured to, in response to an information obtaining request carrying an application identifier of a first application, obtain, from an information storage directory of a second application, encrypted information corresponding to the application identifier, where the encrypted information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the first key information and the second key information with an encryption parameter.
(2) A decryption unit 302;
the decryption unit 302 may be configured to decrypt the encrypted information based on the decryption parameter to obtain decrypted information, where the decryption parameter is a parameter corresponding to the encryption parameter.
Specifically, the decryption unit 302 may be configured to screen out, based on the first decryption parameter, a decryption string that meets a preset condition from the encrypted information, so as to obtain an initial decryption string; based on the initial decryption string, decryption information is determined.
Specifically, the decryption unit 302 may be configured to decrypt the initial decryption string according to the second decryption parameter to obtain initial decryption information; the initial decryption information is divided to obtain decrypted first key information and decrypted second key information, wherein the first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package; and determining the decrypted first key information and the decrypted second key information as the decrypted information.
(3) A verification unit 303;
the verifying unit 303 may be configured to verify key information included in the decryption information.
Specifically, the verifying unit 303 may be configured to obtain preset first key information according to the decrypted first key information; comparing the decrypted first key information with preset first key information; and if the decrypted first key information is different from the preset first key information, the verification result is that the verification is not passed.
Specifically, the verifying unit 303 may be configured to obtain preset second key information if the decrypted first key information is the same as the preset first key information; comparing the decrypted second key information with preset second key information; and if the decrypted second key information is the same as the preset second key information, the verification result is that the verification is passed.
(4) An acquisition unit 304;
the obtaining unit 304 may be configured to obtain, if the verification passes, the target information matching the information obtaining request from the information storage directory of the second application.
(5) An encryption unit 305;
an encryption unit 305, which may be configured to obtain a registration request of a first application for a second application; acquiring first key information and second key information according to the registration request, wherein the first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package; fusing the first key information and the second key information to obtain information to be encrypted; acquiring a first encryption parameter based on the information to be encrypted, and encrypting the information to be encrypted according to the first encryption parameter to obtain an initial encryption character string; determining encryption information based on the initial encryption string; and binding the encrypted information with the application identification of the first application.
Specifically, the encryption unit 305 may be configured to obtain a second encryption parameter based on the initial encryption string; and fusing the initial encryption character string and the second encryption parameter to obtain encryption information.
(6) A transmitting unit 306;
a sending unit 306, configured to send the target information to the first application through the second application.
Specifically, the sending unit 306 may be further configured to obtain a current time and an initial time, where the initial time is a time in response to the information obtaining request; and if the difference value between the current time and the initial time is smaller than a preset threshold value, sending the target information to the first application through the second application.
As can be seen from the above, the response unit 301 in this embodiment of the application may be configured to, in response to an information acquisition request carrying an application identifier of a first application, acquire, from an information storage directory of a second application, encrypted information corresponding to the application identifier, where the encrypted information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the information by using an encryption parameter; a decryption unit 302, configured to decrypt the encrypted information based on the decryption parameter to obtain decrypted information, where the decryption parameter is a parameter corresponding to the encryption parameter; a verifying unit 303, configured to verify key information included in the decryption information; the obtaining unit 304 may be configured to obtain, if the verification passes, the target information matching the information obtaining request from the information storage directory of the second application. The first application of the embodiment of the application can acquire the information of the second application only through the security authentication, that is, the embodiment of the application decrypts the encrypted information and verifies the key information contained in the decrypted information, so that the first application can acquire the information of the second application, the information of the second application can be prevented from being stolen by the first application, and the information of the second application is prevented from being leaked.
The embodiment of the present application further provides a computer device, as shown in fig. 7, which shows a schematic structural diagram of the computer device according to the embodiment of the present application, specifically:
the computer device may include components such as a processor 401 of one or more processing cores, memory 402 of one or more computer-readable storage media, a power supply 403, and an input unit 404. Those skilled in the art will appreciate that the computer device configuration illustrated in FIG. 7 does not constitute a limitation of computer devices, and may include more or fewer components than those illustrated, or some components may be combined, or a different arrangement of components. Wherein:
the processor 401 is a control center of the computer device, connects various parts of the entire computer device using various interfaces and lines, performs various functions of the computer device and processes data by operating or executing software programs and/or modules stored in the memory 402 and calling data stored in the memory 402, thereby integrally monitoring the computer device. Optionally, processor 401 may include one or more processing cores; preferably, the processor 401 may integrate an application processor, which mainly handles operating systems, user interfaces, computer programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 401.
The memory 402 may be used to store software programs and modules, and the processor 401 executes various functional applications and data processing by operating the software programs and modules stored in the memory 402. The memory 402 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, a computer program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data created according to use of the computer device, and the like. Further, the memory 402 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, the memory 402 may also include a memory controller to provide the processor 401 access to the memory 402.
The computer device further comprises a power supply 403 for supplying power to the various components, and preferably, the power supply 403 is logically connected to the processor 401 through a power management system, so that the functions of managing charging, discharging, and power consumption are realized through the power management system. The power supply 403 may also include any component of one or more dc or ac power sources, recharging systems, power failure detection circuitry, power converters or inverters, power status indicators, and the like.
The computer device may also include an input unit 404, the input unit 404 being operable to receive input numeric or character information communications, and to generate keyboard, mouse, joystick, optical or trackball signal inputs related to user settings and function control.
Although not shown, the computer device may further include a display unit and the like, which are not described in detail herein. Specifically, in this embodiment, the processor 401 in the computer device loads the executable file corresponding to the process of one or more computer programs into the memory 402 according to the following instructions, and the processor 401 runs the computer program stored in the memory 402, so as to implement various functions as follows:
responding to an information acquisition request carrying an application identifier of a first application, and acquiring encrypted information corresponding to the application identifier from an information storage directory of a second application, wherein the encrypted information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the first key information and the second key information by using an encryption parameter; decrypting the encrypted information based on the decryption parameters to obtain decrypted information, wherein the decryption parameters are parameters corresponding to the encryption parameters; verifying the key information contained in the decryption information; and if the verification is passed, acquiring target information matched with the information acquisition request from the information storage directory of the second application.
The above operations can be implemented in the foregoing embodiments, and are not described in detail herein.
It will be understood by those skilled in the art that all or part of the steps of the methods of the above embodiments may be performed by a computer program, which may be stored in a computer-readable storage medium and loaded and executed by a processor, or by related hardware controlled by the computer program.
To this end, the present application provides a storage medium, in which a computer program is stored, where the computer program can be loaded by a processor to execute any one of the information acquisition methods provided in the present application.
The above operations can be implemented in the foregoing embodiments, and are not described in detail herein.
Wherein the storage medium may include: read Only Memory (ROM), random Access Memory (RAM), magnetic or optical disks, and the like.
Since the instructions stored in the storage medium may execute the steps of any information acquisition method provided in the embodiment of the present application, beneficial effects that can be achieved by any information acquisition method provided in the embodiment of the present application may be achieved, for details, see the foregoing embodiments, and are not described herein again.
According to one aspect of the application, there is provided, among other things, a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions to cause the computer device to perform the method provided in the various alternative implementations provided by the embodiments described above.
The information acquisition method, the information acquisition device, the computer device, and the storage medium provided in the embodiments of the present application are described in detail above, and a specific example is applied in the present application to explain the principle and the implementation of the present application, and the description of the above embodiments is only used to help understand the method and the core idea of the present application; meanwhile, for those skilled in the art, according to the idea of the present application, the specific implementation manner and the application scope may be changed, and in summary, the content of the present specification should not be construed as a limitation to the present application.

Claims (12)

1. An information acquisition method, comprising:
responding to an information acquisition request carrying an application identifier of a first application, and acquiring encrypted information corresponding to the application identifier from an information storage directory of a second application, wherein the encrypted information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the first key information and the second key information by using an encryption parameter;
decrypting the encrypted information based on decryption parameters to obtain decryption information, wherein the decryption parameters are parameters corresponding to the encryption parameters;
verifying the key information contained in the decryption information;
and if the verification is passed, acquiring target information matched with the information acquisition request from the information storage directory of the second application.
2. The information acquisition method according to claim 1, wherein the decryption parameter includes a first decryption parameter; the decrypting the encrypted information based on the decryption parameter to obtain the decryption information includes:
screening decryption character strings meeting preset conditions from the encrypted information based on the first decryption parameters to obtain initial decryption character strings;
determining the decryption information based on the initial decryption string.
3. The information acquisition method according to claim 2, wherein the decryption parameter further includes a second decryption parameter; the determining the decryption information based on the initial decryption string includes:
decrypting the initial decryption character string according to the second decryption parameter to obtain initial decryption information;
dividing the initial decryption information to obtain decrypted first key information and decrypted second key information, wherein the first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package;
and determining the decrypted first key information and the decrypted second key information as the decryption information.
4. The information acquisition method according to claim 1, wherein the key information includes decrypted first key information and decrypted second key information, the first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package; the verifying the key information included in the decryption information includes:
acquiring preset first key information according to the decrypted first key information;
comparing the decrypted first key information with the preset first key information;
and if the decrypted first key information is different from the preset first key information, the verification result is that the verification is failed.
5. The information acquisition method according to claim 4, wherein after comparing the decrypted first key information with the preset first key information, the method comprises:
if the decrypted first key information is the same as the preset first key information, acquiring preset second key information;
comparing the decrypted second key information with the preset second key information;
and if the decrypted second key information is the same as the preset second key information, the verification result is that the verification is passed.
6. The information acquisition method according to claim 1, wherein before acquiring, in response to the information acquisition request carrying the application identifier of the first application, the encrypted information corresponding to the application identifier from the information storage directory of the second application, the method includes:
acquiring a registration request of the first application for the second application;
acquiring first key information and second key information according to the registration request, wherein the first key information is key information corresponding to the first application package, and the second key information is key information corresponding to the second application package;
fusing the first key information and the second key information to obtain information to be encrypted;
acquiring a first encryption parameter based on the information to be encrypted, and encrypting the information to be encrypted according to the first encryption parameter to obtain an initial encryption character string;
determining encryption information based on the initial encryption string;
and binding the encrypted information with the application identifier of the first application.
7. The information acquisition method according to claim 6, wherein said determining encryption information based on the initial encryption string comprises:
acquiring a second encryption parameter based on the initial encryption character string;
and fusing the initial encryption character string and the second encryption parameter to obtain the encryption information.
8. The information acquisition method according to claim 1, wherein the information acquisition request is a request sent to the second application by the first application; if the verification is passed, after the target information matched with the information acquisition request is acquired from the information storage directory of the second application, the method includes:
and sending the target information to the first application through the second application.
9. The information acquisition method according to claim 8, wherein the sending the target information to the first application by the second application includes:
acquiring current time and initial time, wherein the initial time is the time responding to the information acquisition request;
and if the difference value between the current time and the initial time is smaller than a preset threshold value, the target information is sent to the first application through the second application.
10. An information acquisition apparatus characterized by comprising:
a response unit, configured to, in response to an information acquisition request carrying an application identifier of a first application, acquire, from an information storage directory of a second application, encrypted information corresponding to the application identifier, where the encrypted information is obtained by fusing first key information of the first application and second key information of the second application and encrypting the fused information by using an encryption parameter;
the decryption unit is used for decrypting the encrypted information based on decryption parameters to obtain decryption information, wherein the decryption parameters are parameters corresponding to the encryption parameters;
the verification unit is used for verifying the key information contained in the decryption information;
and the acquisition unit is used for acquiring the target information matched with the information acquisition request from the information storage directory of the second application if the verification is passed.
11. A computer device comprising a memory and a processor; the memory stores a computer program, and the processor is configured to execute the computer program in the memory to perform the operations of the information acquisition method according to any one of claims 1 to 9.
12. A storage medium storing a computer program adapted to be loaded by a processor to execute the information acquisition method according to any one of claims 1 to 9.
CN202110751463.1A 2021-07-02 2021-07-02 Information acquisition method and device, computer equipment and storage medium Pending CN115580418A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110751463.1A CN115580418A (en) 2021-07-02 2021-07-02 Information acquisition method and device, computer equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110751463.1A CN115580418A (en) 2021-07-02 2021-07-02 Information acquisition method and device, computer equipment and storage medium

Publications (1)

Publication Number Publication Date
CN115580418A true CN115580418A (en) 2023-01-06

Family

ID=84579091

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110751463.1A Pending CN115580418A (en) 2021-07-02 2021-07-02 Information acquisition method and device, computer equipment and storage medium

Country Status (1)

Country Link
CN (1) CN115580418A (en)

Similar Documents

Publication Publication Date Title
US10601590B1 (en) Secure secrets in hardware security module for use by protected function in trusted execution environment
EP3324572A1 (en) Information transmission method and mobile device
CN107040520B (en) Cloud computing data sharing system and method
US8848922B1 (en) Distributed encryption key management
CN109145628B (en) Data acquisition method and system based on trusted execution environment
CN111538977B (en) Cloud API key management method, cloud platform access method, cloud API key management device, cloud platform access device and server
CN111031037A (en) Authentication method and device for object storage service and electronic equipment
US20230051561A1 (en) Method for processing live broadcast information stream
CN107872315B (en) Data processing method and intelligent terminal
CN109711178B (en) Key value pair storage method, device, equipment and storage medium
CN117240625B (en) Tamper-resistant data processing method and device and electronic equipment
CN110602132A (en) Data encryption and decryption processing method
US10621319B2 (en) Digital certificate containing multimedia content
CN109995534B (en) Method and device for carrying out security authentication on application program
CN108574658B (en) Application login method and device
CN111382451A (en) Security level identification method and device, electronic equipment and storage medium
JP2017183930A (en) Server management system, server device, server management method, and program
EP3975015B1 (en) Applet package sending method and device and computer readable medium
CN115580418A (en) Information acquisition method and device, computer equipment and storage medium
CN114117388A (en) Device registration method, device registration apparatus, electronic device, and storage medium
CN114595465A (en) Data encryption processing method and device and electronic equipment
CN110248166B (en) Video information processing method, client, electronic device and storage medium
CN111698299B (en) Session object replication method, device, distributed micro-service architecture and medium
WO2022206203A1 (en) Connection resilient multi-factor authentication
CN116112172B (en) Android client gRPC interface security verification method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination