Network encryption and decryption method and device for data, storage medium and electronic device
阅读说明:本技术 数据的网络加密、解密方法和装置、存储介质、电子装置 (Network encryption and decryption method and device for data, storage medium and electronic device ) 是由 陈步青 于 2019-08-30 设计创作,主要内容包括:本发明提供了一种数据的网络加密、解密方法和装置、存储介质、电子装置,其中,数据的网络加密方法包括:接收调用方发送的网络请求,并针对网络请求生成待发送数据;获取用于配置待发送数据中每个字段的加密方式和加密密钥的配置信息,其中,待发送数据包括多个字段;基于配置信息对待发送数据进行加密,得到加密数据;将配置信息转换为符合预设协议的字段解密协议语句,其中,预设协议为与调用方预先约定的语法协议;将加密数据和字段解密协议语句通过网络发送至调用方。通过本发明,解决了相关技术中网络传输数据时加密方式不够灵活的技术问题。(The invention provides a method and a device for network encryption and decryption of data, a storage medium and an electronic device, wherein the method for network encryption of data comprises the following steps: receiving a network request sent by a calling party, and generating data to be sent aiming at the network request; acquiring configuration information for configuring an encryption mode and an encryption key of each field in data to be transmitted, wherein the data to be transmitted comprises a plurality of fields; encrypting data to be sent based on the configuration information to obtain encrypted data; converting the configuration information into a field decryption protocol statement which accords with a preset protocol, wherein the preset protocol is a grammatical protocol which is agreed with a calling party in advance; and sending the encrypted data and the field decryption protocol statement to a calling party through a network. The invention solves the technical problem that the encryption mode is not flexible enough when the network transmits data in the related technology.)
1. A method for network encryption of data, the method comprising:
receiving a network request sent by a calling party, and generating data to be sent aiming at the network request;
acquiring configuration information for configuring an encryption mode and an encryption key of each field in the data to be transmitted, wherein the data to be transmitted comprises a plurality of fields;
encrypting the data to be sent based on the configuration information to obtain encrypted data;
converting the configuration information into a field decryption protocol statement conforming to a preset protocol, wherein the preset protocol is a grammatical protocol agreed with the calling party in advance;
and sending the encrypted data and the field decryption protocol statement to the caller through a network.
2. The method of claim 1, wherein the encrypting the data to be transmitted based on the configuration information to obtain encrypted data comprises:
determining a field to be encrypted currently;
determining an encryption mode and an encryption key corresponding to the field to be encrypted currently based on the configuration information;
calling an encryption mode corresponding to the field to be encrypted currently, and encrypting the field to be encrypted currently by using the encryption key to obtain an encrypted field;
after each field in the data to be sent is encrypted, the encrypted fields of each field are spliced into the encrypted data.
3. The method according to claim 2, wherein the obtaining configuration information for configuring an encryption mode and an encryption key for each field in the data to be transmitted comprises:
acquiring a configuration file at a specified position by using a configuration reading module;
and reading the configuration information from the configuration file by using the configuration reading module.
4. The method of claim 1, wherein converting the configuration information into a field decryption protocol statement conforming to a predetermined protocol comprises:
generating a protocol statement template which accords with the preset protocol according to the field structure of the data to be sent, wherein the protocol statement template comprises characters to be replaced of a decryption definition field of each field in the data to be sent, and the decryption definition field is used for defining a decryption mode and a decryption key of a corresponding field in the data to be sent;
replacing the character to be replaced of each decryption definition field in the protocol statement template with an identification character used for representing a decryption mode and a decryption key of a corresponding field in the data to be transmitted to obtain the field decryption protocol statement.
5. A method for network decryption of data, the method comprising:
receiving encrypted data and field decryption protocol statements fed back by a service party according to a network request;
analyzing the field decryption protocol statement based on a preset protocol to obtain a decryption mode and a decryption key of each field in the encrypted data;
calling a corresponding decryption mode for each field in the encrypted data, and decrypting by using a corresponding decryption key to obtain decrypted data of each field in the encrypted data;
and splicing the decrypted data of all fields in the encrypted data into original data.
6. The method according to claim 5, wherein the field decryption protocol statement includes a plurality of decryption definition fields, each decryption definition field is used to define a decryption manner and a decryption key for a corresponding field in the encrypted data, and the parsing the field decryption protocol statement based on a preset protocol to obtain the decryption manner and the decryption key for each field in the encrypted data includes:
determining a corresponding field of each decryption definition field in the field decryption protocol statement in the encrypted data based on the preset protocol;
and analyzing the identification character of each decryption definition field in the field decryption protocol statement to determine the decryption mode and the decryption key of each field in the encrypted data.
7. An apparatus for network encryption of data, the apparatus comprising:
the receiving module is used for receiving a network request sent by a calling party and generating data to be sent aiming at the network request;
an obtaining module, configured to obtain configuration information for configuring an encryption mode and an encryption key of each field in the data to be sent, where the data to be sent includes a plurality of fields;
the encryption module is used for encrypting the data to be sent based on the configuration information to obtain encrypted data;
the conversion module is used for converting the configuration information into a field decryption protocol statement which accords with a preset protocol, wherein the preset protocol is a grammatical protocol which is agreed with the calling party in advance;
and the sending module is used for sending the encrypted data and the field decryption protocol statement to the caller through a network.
8. An apparatus for network decryption of data, the apparatus comprising:
the receiving module is used for receiving the encrypted data and the field decryption protocol statement fed back by the service party aiming at the network request;
the analysis module is used for analyzing the field decryption protocol statements based on a preset protocol to obtain a decryption mode and a decryption key of each field in the encrypted data;
the decryption module is used for calling a corresponding decryption mode for each field in the encrypted data and decrypting by using a corresponding decryption key to obtain decrypted data of each field in the encrypted data;
and the splicing module is used for splicing the decrypted data of all the fields in the encrypted data into original data.
9. A storage medium, in which a computer program is stored, wherein the computer program is arranged to perform the method of any of claims 1 to 6 when executed.
10. An electronic device comprising a memory and a processor, wherein the memory has stored therein a computer program, and wherein the processor is arranged to execute the computer program to perform the method of any of claims 1 to 6.
Technical Field
The invention relates to the field of data encryption, in particular to a network encryption and decryption method and device for data, a storage medium and an electronic device.
Background
At present, under a C/S (Client/Server) architecture and a B/S (Browser/Server) architecture, when service information needs to be encrypted, HTTPS (Hypertext transfer protocol Secure) encryption transmission is usually only used for encrypting transmission, and sensitive data is not encrypted in addition, or all data are encrypted in other encryption manners without distinguishing data needing to be encrypted from data not needing to be encrypted. If the control encrypts specific data, the expansibility and the configurability of the control are poor, and network framework level codes need to be changed in the process of development and each product iteration, or logic processing encryption fields are additionally developed in the network call of each service module, so that a large amount of repeated development is caused.
In view of the above problems in the related art, no effective solution has been found at present.
Disclosure of Invention
The embodiment of the invention provides a method and a device for network encryption and decryption of data, a storage medium and an electronic device, which at least solve the technical problem that the encryption mode is not flexible enough when the network transmits data in the prior art.
According to an embodiment of the present invention, there is provided a network encryption method of data, including: receiving a network request sent by a calling party, and generating data to be sent aiming at the network request; acquiring configuration information for configuring an encryption mode and an encryption key of each field in data to be transmitted, wherein the data to be transmitted comprises a plurality of fields; encrypting data to be sent based on the configuration information to obtain encrypted data; converting the configuration information into a field decryption protocol statement which accords with a preset protocol, wherein the preset protocol is a grammatical protocol which is agreed with a calling party in advance; and sending the encrypted data and the field decryption protocol statement to a calling party through a network.
Further, encrypting the data to be transmitted based on the configuration information to obtain encrypted data includes: determining a field to be encrypted currently; determining an encryption mode and an encryption key corresponding to a field to be encrypted at present based on the configuration information; calling an encryption mode corresponding to the field to be encrypted at present, and encrypting the field to be encrypted at present by using an encryption key to obtain an encrypted field; after each field in the data to be transmitted is encrypted, the encrypted fields of each field are spliced into encrypted data.
Further, acquiring configuration information for configuring an encryption mode and an encryption key of each field in data to be transmitted includes: acquiring a configuration file at a specified position by using a configuration reading module; and reading the configuration information from the configuration file by using a configuration reading module.
Further, converting the configuration information into a field decryption protocol statement conforming to a preset protocol, including: generating a protocol statement template which accords with a preset protocol according to a field structure of data to be transmitted, wherein the protocol statement template comprises characters to be replaced of a decryption definition field of each field in the data to be transmitted, and the decryption definition field is used for defining a decryption mode and a decryption key of a corresponding field in the data to be transmitted; and replacing the character to be replaced of each decryption definition field in the protocol statement template with an identification character for representing the decryption mode and the decryption key of the corresponding field in the data to be transmitted to obtain the field decryption protocol statement.
According to an embodiment of the present invention, there is provided a method for network decryption of data, the method including: receiving encrypted data and field decryption protocol statements fed back by a service party according to a network request; analyzing the field decryption protocol statements based on a preset protocol to obtain a decryption mode and a decryption key of each field in the encrypted data; calling a corresponding decryption mode for each field in the encrypted data, and decrypting by using a corresponding decryption key to obtain decrypted data of each field in the encrypted data; and splicing the decrypted data of all fields in the encrypted data into original data.
Further, the field decryption protocol statement includes a plurality of decryption definition fields, each decryption definition field is used to define a decryption mode and a decryption key of a corresponding field in the encrypted data, and the field decryption protocol statement is analyzed based on a preset protocol to obtain the decryption mode and the decryption key of each field in the encrypted data, including: determining a corresponding field of each decryption definition field in the field decryption protocol statement in the encrypted data based on a preset protocol; and analyzing the identification character of each decryption definition field in the field decryption protocol statement to determine the decryption mode and the decryption key of each field in the encrypted data.
According to another embodiment of the present invention, there is provided a network encryption apparatus for data, including: the receiving module is used for receiving the network request sent by the calling party and generating data to be sent aiming at the network request; the device comprises an acquisition module, a processing module and a processing module, wherein the acquisition module is used for acquiring configuration information used for configuring an encryption mode and an encryption key of each field in data to be transmitted, and the data to be transmitted comprises a plurality of fields; the encryption module is used for encrypting the data to be sent based on the configuration information to obtain encrypted data; the conversion module is used for converting the configuration information into a field decryption protocol statement which accords with a preset protocol, wherein the preset protocol is a grammatical protocol which is agreed with a calling party in advance; and the sending module is used for sending the encrypted data and the field decryption protocol statement to the calling party through the network.
According to another embodiment of the present invention, there is provided a network decrypting apparatus of data, including: the receiving module is used for receiving the encrypted data and the field decryption protocol statement fed back by the service party aiming at the network request; the analysis module is used for analyzing the field decryption protocol statements based on a preset protocol to obtain a decryption mode and a decryption key of each field in the encrypted data; the decryption module is used for calling a corresponding decryption mode for each field in the encrypted data and decrypting by using a corresponding decryption key to obtain decrypted data of each field in the encrypted data; and the splicing module is used for splicing the decrypted data of all the fields in the encrypted data into original data.
According to a further embodiment of the present invention, there is also provided a storage medium having a computer program stored therein, wherein the computer program is arranged to perform the steps of any of the above method embodiments when executed.
According to yet another embodiment of the present invention, there is also provided an electronic device, including a memory in which a computer program is stored and a processor configured to execute the computer program to perform the steps in any of the above method embodiments.
According to the invention, each field in the original data can be respectively used for different encryption modes and keys for encryption, the field decryption protocol statement for defining the decryption method and the decryption key of each field is generated by utilizing the predefined grammar protocol, so that the receiver determines the decryption mode and the decryption key of each field, and after the receiver receives the encrypted data and the field decryption protocol statement through the network, the field decryption protocol statement is analyzed by utilizing the predefined grammar protocol to determine the decryption mode and the decryption key of each field, thereby solving the technical problem that the encryption mode is not flexible enough when the data is transmitted through the network in the related technology, and achieving the technical effect of flexibly adopting different encryption modes respectively aiming at each field.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the invention without limiting the invention. In the drawings:
FIG. 1 is a flow chart of a method of network encryption of data according to an embodiment of the present invention;
FIG. 2 is a flow chart of a method of network decryption of data according to an embodiment of the invention;
FIG. 3 is a schematic diagram of a network encryption apparatus for data according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of a network decryption device for data according to an embodiment of the present invention;
fig. 5 is a block diagram of a hardware structure of an electronic apparatus according to an embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present application better understood, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments, and the embodiments and features in the embodiments of the present application may be combined with each other without conflict. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that the terms "first," "second," and the like in the description and claims of this application and in the drawings described above are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.