CN107395581B - Two-dimensional code generation and reading method, device, system, equipment and storage medium - Google Patents
Two-dimensional code generation and reading method, device, system, equipment and storage mediumDownload PDFInfo
- Publication number
- CN107395581B CN107395581BCN201710560433.6ACN201710560433ACN107395581BCN 107395581 BCN107395581 BCN 107395581BCN 201710560433 ACN201710560433 ACN 201710560433ACN 107395581 BCN107395581 BCN 107395581B
- Authority
- CN
- China
- Prior art keywords
- information
- algorithm
- server
- key
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0478—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/06009—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking
- G06K19/06037—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code with optically detectable marking multi-dimensional coding
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K7/00—Methods or arrangements for sensing record carriers, e.g. for reading patterns
- G06K7/10—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
- G06K7/14—Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation using light without selection of wavelength, e.g. sensing reflected white light
- G06K7/1404—Methods for optical code recognition
- G06K7/1408—Methods for optical code recognition the method being specifically adapted for the type of code
- G06K7/1417—2D bar codes
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/068—Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computing Systems (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Computer Vision & Pattern Recognition (AREA)
- Artificial Intelligence (AREA)
- Toxicology (AREA)
- General Health & Medical Sciences (AREA)
- Electromagnetism (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
Translated fromChinese
Description
Translated fromChinese技术领域technical field
本发明实施例涉及信息安全技术,尤其涉及一种二维码生成及读取方法、装置、系统、设备和存储介质。The embodiments of the present invention relate to information security technologies, and in particular, to a method, apparatus, system, device and storage medium for generating and reading a two-dimensional code.
背景技术Background technique
二维码技术是在二维方向上用黑白相间的图形表达数据信息的技术。随着技术的发展,二维码应用场景越来越多,例如,支付、验证、防伪认证、信息显示、广告、购票等。这就涉及到二维码的保护问题,以免二维码被伪造、盗用。Two-dimensional code technology is a technology that expresses data information with black and white graphics in two-dimensional direction. With the development of technology, there are more and more application scenarios of QR code, such as payment, verification, anti-counterfeiting authentication, information display, advertisement, ticket purchase, etc. This involves the protection of the two-dimensional code to prevent the two-dimensional code from being forged and stolen.
如果仅是简单的采用密钥对二维码信息进行加密,使用特定设备扫描二维码,进行解密以读取二维码信息,一旦密钥泄露,则二维码内容很容易被窃取,导致用户信息泄露或发生财产损失。If you simply encrypt the QR code information with a key, scan the QR code with a specific device, and decrypt it to read the QR code information, once the key is leaked, the content of the QR code can easily be stolen, resulting in User information is leaked or property damage occurs.
发明内容SUMMARY OF THE INVENTION
本发明实施例提供一种二维码生成及读取方法、装置、系统、设备和存储介质,以保证二维码信息的安全性。Embodiments of the present invention provide a method, device, system, device and storage medium for generating and reading a two-dimensional code, so as to ensure the security of two-dimensional code information.
第一方面,本发明实施例提供了一种二维码生成方法,包括:In a first aspect, an embodiment of the present invention provides a method for generating a two-dimensional code, including:
客户端接收第一服务器发送的密文、第一密钥信息和加密后的第一验证信息,其中,所述第一密钥信息是依次使用第一算法和第二算法对所述密文使用的密钥进行加密得到,所述第二算法与所述客户端唯一对应;The client receives the ciphertext, the first key information, and the encrypted first verification information sent by the first server, wherein the first key information is used for the ciphertext using the first algorithm and the second algorithm in sequence The key is encrypted to obtain, and the second algorithm is uniquely corresponding to the client;
所述客户端利用所述第二算法对所述第一验证信息进行验证;The client verifies the first verification information by using the second algorithm;
验证通过后,所述客户端根据第一时间因子及第二密钥信息生成第二验证信息,并利用所述第二算法对所述第二验证信息进行加密;After the verification is passed, the client generates second verification information according to the first time factor and the second key information, and uses the second algorithm to encrypt the second verification information;
所述客户端根据所述密文、第二密钥信息及加密后的第二验证信息生成二维码。The client generates a two-dimensional code according to the ciphertext, the second key information and the encrypted second verification information.
第二方面,本发明实施例还提供了一种二维码读取方法,包括:In a second aspect, an embodiment of the present invention also provides a method for reading a two-dimensional code, including:
第二服务器获取二维码中的密文、第二密钥信息和加密后的第二验证信息;The second server obtains the ciphertext, the second key information and the encrypted second verification information in the two-dimensional code;
所述第二服务器将所述加密后的第二验证信息发送给第一服务器进行验证;The second server sends the encrypted second verification information to the first server for verification;
所述第二服务器接收到验证通过消息后,利用第一算法对所述第二密钥信息进行解密,得到密钥,其中所述第一算法与所述第二服务器唯一对应;After receiving the verification pass message, the second server decrypts the second key information using a first algorithm to obtain a key, wherein the first algorithm uniquely corresponds to the second server;
所述第二服务器利用所述密钥对所述密文进行解密,得到二维码信息。The second server decrypts the ciphertext by using the key to obtain two-dimensional code information.
第三方面,本发明实施例还提供了一种二维码生成装置,应用于客户端,所述装置包括:In a third aspect, an embodiment of the present invention further provides a two-dimensional code generation device, which is applied to a client, and the device includes:
信息接收模块,用于接收第一服务器发送的密文、第一密钥信息和加密后的第一验证信息,其中,所述第一密钥信息是依次使用第一算法和第二算法对所述密文使用的密钥进行加密得到,所述第二算法与所述客户端唯一对应;The information receiving module is configured to receive the ciphertext, the first key information and the encrypted first verification information sent by the first server, wherein the first key information is used to sequentially use the first algorithm and the second algorithm to The key used in the ciphertext is encrypted to obtain, and the second algorithm is uniquely corresponding to the client;
信息验证模块,用于利用所述第二算法对所述第一验证信息进行验证;an information verification module, configured to verify the first verification information by using the second algorithm;
验证信息生成模块,用于在验证通过后,根据第一时间因子及第二密钥信息生成第二验证信息,并利用所述第二算法对所述第二验证信息进行加密;a verification information generation module, configured to generate second verification information according to the first time factor and the second key information after the verification is passed, and encrypt the second verification information by using the second algorithm;
二维码生成模块,用于根据所述密文、第二密钥信息及加密后的第二验证信息生成二维码。A two-dimensional code generation module is used to generate a two-dimensional code according to the ciphertext, the second key information and the encrypted second verification information.
第四方面,本发明实施例还提供了一种二维码生成系统,包括:客户端和第一服务器;In a fourth aspect, an embodiment of the present invention further provides a two-dimensional code generation system, including: a client and a first server;
所述客户端包括本发明任意实施例所述的二维码生成装置;The client includes the two-dimensional code generating device described in any embodiment of the present invention;
所述第一服务器,用于向所述客户端发送密文、第一密钥信息和加密后的第一验证信息。The first server is configured to send the ciphertext, the first key information and the encrypted first verification information to the client.
第五方面,本发明实施例还提供了一种二维码读取装置,应用于第二服务器,所述装置包括:In a fifth aspect, an embodiment of the present invention further provides a two-dimensional code reading device, which is applied to the second server, and the device includes:
信息获取模块,用于获取二维码中的密文、第二密钥信息和加密后的第二验证信息;an information acquisition module for acquiring the ciphertext, the second key information and the encrypted second verification information in the two-dimensional code;
信息发送模块,用于将所述加密后的第二验证信息发送给第一服务器进行验证;an information sending module, configured to send the encrypted second verification information to the first server for verification;
第一解密模块,用于在接收到验证通过消息后,利用第一算法对所述第二密钥信息进行解密,得到密钥,其中所述第一算法与所述第二服务器唯一对应;a first decryption module, configured to decrypt the second key information by using a first algorithm to obtain a key after receiving the verification pass message, wherein the first algorithm uniquely corresponds to the second server;
第二解密模块,用于利用所述密钥对所述密文进行解密,得到二维码信息。The second decryption module is used for decrypting the ciphertext by using the key to obtain two-dimensional code information.
第六方面,本发明实施例还提供了一种二维码读取系统,包括:第一服务器和第二服务器;In a sixth aspect, an embodiment of the present invention further provides a two-dimensional code reading system, including: a first server and a second server;
所述第二服务器包括本发明任意实施例所述的二维码读取装置;The second server includes the two-dimensional code reading device described in any embodiment of the present invention;
所述第一服务器,用于接收加密后的第二验证信息;利用第二算法对所述加密后的第二验证信息进行解密,得到所述第二验证信息,其中所述第二算法与生成所述二维码的客户端唯一对应;根据第二时间因子及本地存储的第二密钥信息,利用第三算法生成第四验证信息;以及比较所述第二验证信息与所述第四验证信息,如果所述第二验证信息与所述第四验证信息一致,返回验证通过消息给所述第二服务器。The first server is configured to receive the encrypted second verification information; decrypt the encrypted second verification information by using a second algorithm to obtain the second verification information, wherein the second algorithm and the generated The client side of the two-dimensional code is uniquely corresponding; according to the second time factor and the second key information stored locally, the third algorithm is used to generate the fourth verification information; and the second verification information is compared with the fourth verification information If the second verification information is consistent with the fourth verification information, a verification passed message is returned to the second server.
第七方面,本发明实施例还提供了一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述程序时实现如本发明任意实施例所述的二维码生成方法,或者实现如本发明任意实施例所述的二维码读取方法。In a seventh aspect, an embodiment of the present invention further provides a computer device, including a memory, a processor, and a computer program stored in the memory and running on the processor, the processor implementing the program as described in the present invention when the processor executes the program The two-dimensional code generation method described in any embodiment, or the two-dimensional code reading method described in any embodiment of the present invention is implemented.
第八方面,本发明实施例还提供了一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现如本发明任意实施例所述的二维码生成方法,或者实现如本发明任意实施例所述的二维码读取方法。In an eighth aspect, an embodiment of the present invention further provides a computer-readable storage medium on which a computer program is stored, and when the program is executed by a processor, implements the method for generating a two-dimensional code according to any embodiment of the present invention, or The two-dimensional code reading method according to any embodiment of the present invention is realized.
本发明实施例对二维码信息进行加密,对加密该二维码信息的密钥进行双重加密,且只有具备对应算法的客户端或服务器才可以解密得到该密钥,由此保证了二维码信息及密钥的安全性,防止泄露;二维码中的验证信息包括时间因子,具备时效性,能够有效防止二维码被盗用;在第一验证信息验证通过后,才进行生成二维码的相关操作,进一步保证了信息的安全性。相应的,在读取二维码时,利用第一服务器验证二维码中的第二验证信息,验证通过后,才进行密钥信息的解密和密文的解密,以读取二维码信息,保证读取的二维码信息是安全可靠的。In the embodiment of the present invention, the two-dimensional code information is encrypted, and the key used for encrypting the two-dimensional code information is double-encrypted, and only the client or server with the corresponding algorithm can decrypt the key to obtain the key, thus ensuring the two-dimensional code. The security of the code information and the key to prevent leakage; the verification information in the two-dimensional code includes the time factor, which is time-sensitive and can effectively prevent the two-dimensional code from being stolen; after the first verification information is verified, the two-dimensional code is generated. The relevant operations of the code further ensure the security of the information. Correspondingly, when reading the two-dimensional code, the first server is used to verify the second verification information in the two-dimensional code, and after the verification is passed, the decryption of the key information and the decryption of the ciphertext are performed to read the two-dimensional code information. , to ensure that the read QR code information is safe and reliable.
附图说明Description of drawings
图1是本发明实施例一提供的二维码生成方法的流程图;1 is a flowchart of a method for generating a two-dimensional code provided in Embodiment 1 of the present invention;
图2是本发明实施例三提供的二维码生成方法的交互流程图;2 is an interactive flowchart of a method for generating a two-dimensional code provided in Embodiment 3 of the present invention;
图3是本发明实施例四提供的二维码读取方法的流程图;3 is a flowchart of a two-dimensional code reading method provided in Embodiment 4 of the present invention;
图4是本发明实施例四提供的二维码读取方法的交互流程图;4 is an interactive flowchart of a two-dimensional code reading method provided in Embodiment 4 of the present invention;
图5是本发明实施例五提供的二维码生成装置的结构框图;5 is a structural block diagram of a two-dimensional code generating apparatus provided by Embodiment 5 of the present invention;
图6是本发明实施例六提供的二维码生成系统的结构框图;6 is a structural block diagram of a two-dimensional code generation system provided by Embodiment 6 of the present invention;
图7是本发明实施例七提供的二维码读取装置的结构框图;7 is a structural block diagram of a two-dimensional code reading device provided in Embodiment 7 of the present invention;
图8是本发明实施例八提供的二维码读取系统的结构框图;8 is a structural block diagram of a two-dimensional code reading system provided by Embodiment 8 of the present invention;
图9是本发明实施例九提供的一种设备的结构示意图。FIG. 9 is a schematic structural diagram of a device according to Embodiment 9 of the present invention.
具体实施方式Detailed ways
下面结合附图和实施例对本发明作进一步的详细说明。可以理解的是,此处所描述的具体实施例仅仅用于解释本发明,而非对本发明的限定。另外还需要说明的是,为了便于描述,附图中仅示出了与本发明相关的部分而非全部结构。The present invention will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present invention, but not to limit the present invention. In addition, it should be noted that, for the convenience of description, the drawings only show some but not all structures related to the present invention.
实施例一Example 1
图1是本发明实施例一提供的二维码生成方法的流程图,本实施例可适用于用户购票的情况,例如购买车票、门票等,生成包含票务信息的二维码,该二维码可以用于检票。该方法可以由二维码生成装置来执行,例如终端上安装的APP、对应于唯一用户的专用购票终端等。如图1所示,该方法具体包括如下步骤:FIG. 1 is a flowchart of a method for generating a two-dimensional code provided in Embodiment 1 of the present invention. This embodiment can be applied to a situation where a user purchases a ticket, such as buying a ticket, a ticket, etc., to generate a two-dimensional code containing ticket information. The code can be used for ticket checking. The method can be performed by a two-dimensional code generating device, such as an APP installed on the terminal, a dedicated ticket-purchasing terminal corresponding to a unique user, and the like. As shown in Figure 1, the method specifically includes the following steps:
步骤110,客户端接收第一服务器发送的密文、第一密钥信息和加密后的第一验证信息。
其中,密文是使用密钥对二维码信息进行加密得到的,二维码信息可以是票务信息,例如,包括日期、时间、车次、座位、起点、终点、乘车人信息等的车票信息,包括日期、时间、项目、地址、座位号等的门票信息(例如,电影票、音乐会票、游乐园的票等)。The ciphertext is obtained by encrypting the two-dimensional code information with a key, and the two-dimensional code information may be ticket information, for example, ticket information including date, time, train number, seat, starting point, ending point, passenger information, etc. , ticket information including date, time, item, address, seat number, etc. (eg, movie tickets, concert tickets, amusement park tickets, etc.).
第一密钥信息是依次使用第一算法和第二算法对密钥进行加密得到的,第二算法与客户端唯一对应,第一算法与第二服务器(即出票方的服务器,例如车站后台服务器、门票后台服务器等)唯一对应。第一服务器作为生成二维码及读取二维码的中间平台,存储有第一算法及该算法与第二服务器的对应关系、第二算法及该算法与客户端的对应关系,在实际应用中,第一服务器可以存储多个算法及各算法与客户端(或服务器)的对应关系。The first key information is obtained by encrypting the key using the first algorithm and the second algorithm in sequence, the second algorithm uniquely corresponds to the client, the first algorithm and the second server (that is, the server of the ticket issuer, such as the station backstage) server, ticket backend server, etc.) unique correspondence. As an intermediate platform for generating two-dimensional codes and reading two-dimensional codes, the first server stores the first algorithm and the corresponding relationship between the algorithm and the second server, the second algorithm and the corresponding relationship between the algorithm and the client. , the first server may store multiple algorithms and the corresponding relationship between each algorithm and the client (or server).
第二服务器仅存储其唯一对应的第一算法中的一部分,该部分使得第一服务器使用第一算法加密的内容只有第二服务器可以解密,且第二服务器使用第一算法加密的内容只有第一服务器可以解密,具体的,第一算法可以包括两个算法对:加密算法A1及对应的解密算法A1’、加密算法A2及对应的解密算法A2’,第二服务器中存储加密算法A1和解密算法A2’,由此便可实现第一服务器与第二服务器的互相解密。The second server only stores a part of its unique corresponding first algorithm, this part makes the content encrypted by the first server using the first algorithm only the second server can decrypt, and the content encrypted by the second server using the first algorithm can only be decrypted by the first The server can decrypt. Specifically, the first algorithm can include two algorithm pairs: encryption algorithm A1 and corresponding decryption algorithm A1', encryption algorithm A2 and corresponding decryption algorithm A2', and the second server stores encryption algorithm A1 and decryption algorithm. A2', thereby realizing mutual decryption between the first server and the second server.
客户端仅存储其唯一对应的第二算法中的一部分,该部分使得第一服务器使用第二算法加密的内容只有客户端可以解密,且客户端使用第二算法加密的内容只有第一服务器可以解密,具体的,第二算法可以包括两个算法对:加密算法B1及对应的解密算法B1’、加密算法B2及对应的解密算法B2’,客户端中存储加密算法B1和解密算法B2’,由此便可实现第一服务器与客户端的互相解密。The client only stores a part of its unique corresponding second algorithm, which enables only the client to decrypt the content encrypted by the first server using the second algorithm, and only the first server can decrypt the content encrypted by the client using the second algorithm. , Specifically, the second algorithm may include two algorithm pairs: encryption algorithm B1 and corresponding decryption algorithm B1', encryption algorithm B2 and corresponding decryption algorithm B2', and the client stores encryption algorithm B1 and decryption algorithm B2', which is composed of In this way, mutual decryption between the first server and the client can be realized.
第一服务器可以插件的形式向第二服务器下发第一算法中的一部分,以及向客户端下发第二算法中的一部分,算法的标识信息可以是插件号。第二服务器能够生成二维码信息,因此密文由第二服务器生成。第一密钥信息由第一服务器生成。第一验证信息由第一服务器生成,用于客户端验证二维码信息来源是否可靠,具体的,第一验证信息可以是摘要信息。The first server may deliver a part of the first algorithm to the second server and a part of the second algorithm to the client in the form of a plug-in, and the identification information of the algorithm may be a plug-in number. The second server can generate the two-dimensional code information, so the ciphertext is generated by the second server. The first key information is generated by the first server. The first verification information is generated by the first server, and is used by the client to verify whether the source of the two-dimensional code information is reliable. Specifically, the first verification information may be digest information.
步骤120,客户端利用第二算法对第一验证信息进行验证。验证通过,则表示二维码信息来源可靠。
步骤130,验证通过后,客户端根据第一时间因子及第二密钥信息生成第二验证信息,并利用第二算法对第二验证信息进行加密。
其中,第二验证信息用于检票时验证二维码来源是否可靠。第一时间因子可以是客户端与第一服务器预先约定的OTP(One-time Password,动态口令)时间;也可以使用当前时间,在客户端生成第二验证信息时,与第一服务器进行时间同步,例如,设置时间因子的变化值,那么第一服务器根据变化的时间及其它相应信息生成的验证信息,与第二验证信息构成一个验证组,二者相同,则验证通过。Wherein, the second verification information is used to verify whether the source of the two-dimensional code is reliable during ticket checking. The first time factor can be an OTP (One-time Password, dynamic password) time pre-agreed by the client and the first server; the current time can also be used to synchronize time with the first server when the client generates the second verification information For example, if the change value of the time factor is set, the verification information generated by the first server according to the changed time and other corresponding information forms a verification group with the second verification information. If the two are the same, the verification is passed.
步骤140,客户端根据密文、第二密钥信息及加密后的第二验证信息生成二维码。
其中,第二密钥信息是第一服务器使用第一算法对密钥进行加密得到的,具体的,第二密钥信息可以是客户端利用第二算法对第一密钥信息进行解密得到。生成二维码的方式可以使用现有方法,例如,Code One、Maxi Code、QR Code等,本发明对此不进行详细说明。由此可见,根据上述步骤生成的二维码包括:密文(包含票务信息)、第二密钥信息(包含加密票务信息的密钥)以及加密后的第二验证信息(第二验证信息可以用于验证二维码来源是否可靠)。The second key information is obtained by encrypting the key by the first server using the first algorithm. Specifically, the second key information may be obtained by decrypting the first key information by the client using the second algorithm. The way of generating the two-dimensional code can use existing methods, for example, Code One, Maxi Code, QR Code, etc., which will not be described in detail in the present invention. It can be seen that the two-dimensional code generated according to the above steps includes: cipher text (including ticket information), second key information (including the key of encrypted ticket information) and encrypted second verification information (the second verification information can be Used to verify that the source of the QR code is reliable).
本实施例的技术方案,对二维码信息进行加密,对加密该二维码信息的密钥进行双重加密,且只有具备对应算法的客户端或服务器才可以解密得到该密钥,由此保证了二维码信息及密钥的安全性,防止泄露;二维码中的验证信息包括时间因子,具备时效性,能够有效防止二维码被盗用;在第一验证信息验证通过后(即确定二维码信息来源可靠后),才进行生成二维码的相关操作,进一步保证了信息的安全性。In the technical solution of this embodiment, the two-dimensional code information is encrypted, and the key for encrypting the two-dimensional code information is double-encrypted, and only the client or server with the corresponding algorithm can decrypt and obtain the key, thereby ensuring that The security of the two-dimensional code information and key is prevented to prevent leakage; the verification information in the two-dimensional code includes a time factor, which is time-sensitive and can effectively prevent the two-dimensional code from being stolen; After the source of the QR code information is reliable), the related operations of generating the QR code are performed, which further ensures the security of the information.
相应的,在读取二维码时,需要先对二维码中的第二验证信息进行验证,验证通过后,才进行密钥信息和密文的解密操作,即使不法分子获得了密钥,也无法正确进行二维码读取流程,从而无法窃取二维码信息。如果不法分子伪造了二维码,由于其不能伪造正确的第二验证信息,则无法正确进行二维码读取流程,则伪造的二维码是无效的。Correspondingly, when reading the two-dimensional code, the second verification information in the two-dimensional code needs to be verified first, and after the verification is passed, the decryption operation of the key information and the ciphertext is performed, even if the criminals obtain the key, Also, the two-dimensional code reading process cannot be performed correctly, so that the two-dimensional code information cannot be stolen. If the criminals forge the two-dimensional code, because they cannot forge the correct second verification information, the two-dimensional code reading process cannot be performed correctly, and the forged two-dimensional code is invalid.
上述生成的二维码可以打印出来或者显示在用户终端上,以进行检票。The two-dimensional code generated above can be printed out or displayed on the user terminal for ticket checking.
在上述技术方案的基础上,步骤120可以包括:客户端根据客户端用户信息,利用第三算法生成第三验证信息;客户端利用第二算法对加密后的第一验证信息进行解密,得到第一验证信息;客户端比较第一验证信息与第三验证信息,如果第一验证信息与第三验证信息一致,则验证通过。On the basis of the above technical solution,
其中,客户端用户信息可以包括以下一种或几种:用户身份信息、手机号、用户地址、用户登陆客户端的账号密码、第二算法的标识信息(如插件号)或时间信息等。第三算法可以是哈希算法,例如,MD2、MD4、MD5或SHA-1等。第一验证信息是第一服务器利用哈希算法对所接收的客户端用户信息进行处理得到。如果验证通过,表明客户端所接收的信息(如密文、第一密钥信息)的来源是可靠的。The client user information may include one or more of the following: user identity information, mobile phone number, user address, account password of the user logging in to the client, identification information of the second algorithm (such as plug-in number) or time information, etc. The third algorithm may be a hash algorithm, eg, MD2, MD4, MD5, or SHA-1, or the like. The first verification information is obtained by processing the received client user information by the first server using a hash algorithm. If the verification is passed, it indicates that the source of the information (eg ciphertext, first key information) received by the client is reliable.
在上述技术方案的基础上,步骤130可以包括:客户端利用第二算法对第一密钥信息进行解密,得到第二密钥信息;客户端根据第一时间因子及第二密钥信息,利用第三算法生成第二验证信息。第二验证信息中包括时间因子,具备时效性,能够有效防止二维码被盗用。另外,第二密钥信息是使用第一算法对密钥进行加密的信息,由于第一算法与第二服务器唯一对应,因此,除了第二服务器之外,其他设备并不能读取并验证该二维码中的二维码信息。Based on the above technical solution,
实施例二Embodiment 2
本实施例在上述实施例一的基础上,提供了第一算法和第二算法的生成方式,具体的,由第一服务器生成第一算法和第二算法,本地保存生成的算法及算法与客户端(或服务器)的对应关系,并将算法的一部分下发给对应的客户端(或服务器),该部分算法使得对应的客户端(或服务器)与第一服务器能够互相解密。生成算法的主要思想是:第一服务器根据客户端(或服务器)的用户信息生成与该用户信息关联的两个密钥参数,根据这两个密钥参数、预设加密算法及对应的解密算法(即预设对称算法),生成客户端(或服务器)唯一对应的算法。通过算法重构,不同的用户对应不同的算法,从而可以增强安全性。Based on the above-mentioned first embodiment, this embodiment provides a method for generating the first algorithm and the second algorithm. Specifically, the first algorithm and the second algorithm are generated by the first server, and the generated algorithm and the algorithm are stored locally with the client The corresponding relationship between the client (or server) and the part of the algorithm is delivered to the corresponding client (or server), and this part of the algorithm enables the corresponding client (or server) and the first server to decrypt each other. The main idea of the generation algorithm is: the first server generates two key parameters associated with the user information according to the user information of the client (or server), and according to the two key parameters, the preset encryption algorithm and the corresponding decryption algorithm (that is, a preset symmetric algorithm), and generate a unique algorithm corresponding to the client (or server). Through algorithm reconstruction, different users correspond to different algorithms, thereby enhancing security.
在实际应用中,客户端可以向第一服务器申请认证,如果客户端具备二维码生成算法,则认证通过。第一服务器生成对应的算法后,以插件的形式下发算法的一部分给对应的客户端或服务器,客户端或服务器接收到插件后,安装该插件。In practical applications, the client can apply to the first server for authentication, and if the client has a two-dimensional code generation algorithm, the authentication is passed. After the first server generates the corresponding algorithm, it distributes a part of the algorithm in the form of a plug-in to the corresponding client or server, and the client or server installs the plug-in after receiving the plug-in.
针对第二服务器,可以通过如下步骤生成第二服务器唯一对应的第一算法:For the second server, the first algorithm uniquely corresponding to the second server can be generated by the following steps:
(1)第一服务器接收第二服务器发送的第一用户信息,其中,第一用户信息是能够唯一标识第二服务器和/或第二服务器使用者的信息。(1) The first server receives the first user information sent by the second server, where the first user information is information that can uniquely identify the second server and/or the user of the second server.
(2)第一服务器根据第一用户信息生成第一密钥参数和第二密钥参数,其中,第一密钥参数和第二密钥参数可以是随机数。(2) The first server generates the first key parameter and the second key parameter according to the first user information, where the first key parameter and the second key parameter may be random numbers.
(3)第一服务器根据第一密钥参数、第二密钥参数、第一预设加密算法及对应的第一预设解密算法,生成第一算法。其中,第一算法包括:第一加密算法A1及对应的第一解密算法A1’、第二加密算法A2及对应的第二解密算法A2’。(3) The first server generates the first algorithm according to the first key parameter, the second key parameter, the first preset encryption algorithm and the corresponding first preset decryption algorithm. The first algorithm includes: a first encryption algorithm A1 and a corresponding first decryption algorithm A1', a second encryption algorithm A2 and a corresponding second decryption algorithm A2'.
第一预设加密算法及对应的第一预设解密算法可以是第一服务器内部存储的算法,也可以是根据服务器使用者输入的信息确定的算法,如SM4算法等。本发明实施例对第一预设加密算法及对应的第一预设解密算法不作限定,目前或将来的加解密算法均可包括在本发明内容中。The first preset encryption algorithm and the corresponding first preset decryption algorithm may be an algorithm internally stored in the first server, or may be an algorithm determined according to information input by a user of the server, such as an SM4 algorithm. This embodiment of the present invention does not limit the first preset encryption algorithm and the corresponding first preset decryption algorithm, and current or future encryption and decryption algorithms can be included in the content of the present invention.
具体的,可以根据第一密钥参数和第一预设加密算法生成第一加密算法,根据第一密钥参数和第一预设解密算法生成第一解密算法,根据第二密钥参数和第一预设加密算法生成第二加密算法,根据第二密钥参数和第一预设解密算法生成第二解密算法。Specifically, the first encryption algorithm may be generated according to the first key parameter and the first preset encryption algorithm, the first decryption algorithm may be generated according to the first key parameter and the first preset decryption algorithm, and the first decryption algorithm may be generated according to the first key parameter and the first preset decryption algorithm. A preset encryption algorithm generates a second encryption algorithm, and the second decryption algorithm is generated according to the second key parameter and the first preset decryption algorithm.
(4)第一服务器向第二服务器发送第一加密算法和第二解密算法。(4) The first server sends the first encryption algorithm and the second decryption algorithm to the second server.
进一步的,步骤(3)中根据密钥参数和预设算法生成新的算法,其生成(或称为重构)机制至少包括以下一种:根据密钥参数确定新算法的运算顺序;根据密钥参数确定新算法的分组数据块的结构以及分组数据块的运算顺序;根据密钥参数确定新算法中的固定参数。以根据第一密钥参数和第一预设加密算法生成第一加密算法为例,其生成机制至少包括以下一种:根据第一密钥参数确定第一加密算法的运算顺序;根据第一密钥参数确定第一加密算法的分组数据块的结构以及分组数据块的运算顺序;根据第一密钥参数确定第一加密算法中的固定参数。Further, in step (3), a new algorithm is generated according to the key parameters and the preset algorithm, and its generation (or called reconstruction) mechanism includes at least one of the following: determining the operation order of the new algorithm according to the key parameters; The key parameter determines the structure of the packet data block of the new algorithm and the operation sequence of the packet data block; the fixed parameter in the new algorithm is determined according to the key parameter. Taking the generation of the first encryption algorithm according to the first key parameter and the first preset encryption algorithm as an example, the generation mechanism includes at least one of the following: determining the operation order of the first encryption algorithm according to the first key parameter; The key parameter determines the structure of the packet data block of the first encryption algorithm and the operation sequence of the packet data block; the fixed parameter in the first encryption algorithm is determined according to the first key parameter.
本实施方式中,第一用户信息是唯一的,因此第一密钥参数和第二密钥参数是与该第一用户信息关联且不可预见的,重构得到的第一算法也是唯一的,因而能够提高基于该算法得到的信息的复杂性和安全性。In this implementation manner, the first user information is unique, so the first key parameter and the second key parameter are associated with the first user information and are unpredictable, and the reconstructed first algorithm is also unique, so The complexity and security of the information obtained based on the algorithm can be improved.
针对客户端,可以通过如下步骤生成客户端唯一对应的第二算法:For the client, the second algorithm uniquely corresponding to the client can be generated by the following steps:
(1)第一服务器接收客户端发送的第二用户信息,其中,第二用户信息是能够唯一标识用户的信息,例如用户名、密码、手机号等。(1) The first server receives the second user information sent by the client, where the second user information is information that can uniquely identify the user, such as user name, password, mobile phone number, and the like.
(2)第一服务器根据第二用户信息生成第三密钥参数和第四密钥参数,其中,第三密钥参数和第四密钥参数可以是随机数。(2) The first server generates the third key parameter and the fourth key parameter according to the second user information, where the third key parameter and the fourth key parameter may be random numbers.
(3)第一服务器根据第三密钥参数、第四密钥参数、第二预设加密算法及对应的第二预设解密算法,生成第二算法。其中,第二算法包括:第三加密算法B1及对应的第三解密算法B1’、第四加密算法B2及对应的第四解密算法B2’。(3) The first server generates the second algorithm according to the third key parameter, the fourth key parameter, the second preset encryption algorithm and the corresponding second preset decryption algorithm. The second algorithm includes: a third encryption algorithm B1 and a corresponding third decryption algorithm B1', a fourth encryption algorithm B2 and a corresponding fourth decryption algorithm B2'.
第二预设加密算法及对应的第二预设解密算法可以是第一服务器内部存储的算法,也可以是根据用户输入信息确定的算法,如SM4算法等。本发明实施例对第二预设加密算法及对应的第二预设解密算法不作限定,目前或将来的加解密算法均可包括在本发明内容中。The second preset encryption algorithm and the corresponding second preset decryption algorithm may be an algorithm internally stored in the first server, or may be an algorithm determined according to user input information, such as an SM4 algorithm. This embodiment of the present invention does not limit the second preset encryption algorithm and the corresponding second preset decryption algorithm, and current or future encryption and decryption algorithms can be included in the content of the present invention.
具体的,可以根据第三密钥参数和第二预设加密算法生成第三加密算法,根据第三密钥参数和第二预设解密算法生成第三解密算法,根据第四密钥参数和第二预设加密算法生成第四加密算法,根据第四密钥参数和第二预设解密算法生成第四解密算法。Specifically, the third encryption algorithm may be generated according to the third key parameter and the second preset encryption algorithm, the third decryption algorithm may be generated according to the third key parameter and the second preset decryption algorithm, and the third encryption algorithm may be generated according to the third key parameter and the second preset decryption algorithm. The second preset encryption algorithm generates a fourth encryption algorithm, and the fourth decryption algorithm is generated according to the fourth key parameter and the second preset decryption algorithm.
(4)第一服务器向客户端发送第三加密算法和第四解密算法。(4) The first server sends the third encryption algorithm and the fourth decryption algorithm to the client.
进一步的,步骤(3)中根据密钥参数和预设算法生成新的算法,其生成(或称为重构)机制至少包括以下一种:根据密钥参数确定新算法的运算顺序;根据密钥参数确定新算法的分组数据块的结构以及分组数据块的运算顺序;根据密钥参数确定新算法中的固定参数。以根据第三密钥参数和第二预设加密算法生成第三加密算法为例,其生成机制至少包括以下一种:根据第三密钥参数确定第三加密算法的运算顺序;根据第三密钥参数确定第三加密算法的分组数据块的结构以及分组数据块的运算顺序;根据第三密钥参数确定第三加密算法中的固定参数。Further, in step (3), a new algorithm is generated according to the key parameters and the preset algorithm, and its generation (or called reconstruction) mechanism includes at least one of the following: determining the operation order of the new algorithm according to the key parameters; The key parameter determines the structure of the packet data block of the new algorithm and the operation sequence of the packet data block; the fixed parameter in the new algorithm is determined according to the key parameter. Taking the generation of the third encryption algorithm according to the third key parameter and the second preset encryption algorithm as an example, the generation mechanism includes at least one of the following: determining the operation order of the third encryption algorithm according to the third key parameter; The key parameter determines the structure of the packet data block of the third encryption algorithm and the operation sequence of the packet data block; the fixed parameter in the third encryption algorithm is determined according to the third key parameter.
本实施方式中,第二用户信息是唯一的,因此第三密钥参数和第四密钥参数是与该第二用户信息关联且不可预见的,重构得到的第二算法也是唯一的,因而能够提高基于该算法得到的信息的复杂性和安全性。In this embodiment, the second user information is unique, so the third key parameter and the fourth key parameter are associated with the second user information and are unpredictable, and the reconstructed second algorithm is also unique, so The complexity and security of the information obtained based on the algorithm can be improved.
实施例三Embodiment 3
图2是本发明实施例三提供的二维码生成方法的交互流程图,本实施例在实施例一和实施例二的基础上,增加了二维码生成过程中第一服务器与第二服务器所执行的相关操作。本实施例对实施例一和二中的相关内容不再进行重复解释,具体请参考实施例一。第二服务器存储有第一算法A中的一部分,即第一加密算法A1和第二解密算法A2’。客户端存储有第二算法B中的一部分,即第三加密算法B1和第四解密算法B2’。第一服务器中存储有完整的第一算法A和第二算法B,即:第一加密算法A1及对应的第一解密算法A1’、第二加密算法A2及对应的第二解密算法A2’;第三加密算法B1及对应的第三解密算法B1’、第四加密算法B2及对应的第四解密算法B2’。FIG. 2 is an interactive flowchart of the method for generating a two-dimensional code provided in Embodiment 3 of the present invention. On the basis of Embodiment 1 and Embodiment 2, this embodiment adds a first server and a second server in the process of generating a two-dimensional code. related operations performed. In this embodiment, the relevant content in Embodiments 1 and 2 will not be repeatedly explained. For details, please refer to Embodiment 1. The second server stores a part of the first algorithm A, namely the first encryption algorithm A1 and the second decryption algorithm A2'. The client stores a part of the second algorithm B, namely the third encryption algorithm B1 and the fourth decryption algorithm B2'. The first server stores the complete first algorithm A and the second algorithm B, namely: the first encryption algorithm A1 and the corresponding first decryption algorithm A1', the second encryption algorithm A2 and the corresponding second decryption algorithm A2'; The third encryption algorithm B1 and the corresponding third decryption algorithm B1', the fourth encryption algorithm B2 and the corresponding fourth decryption algorithm B2'.
如图2所示,该方法具体包括如下步骤:As shown in Figure 2, the method specifically includes the following steps:
步骤210,第二服务器接收客户端发送的请求信息。Step 210, the second server receives the request information sent by the client.
其中,请求信息可以是购票请求,以启动整个二维码生成的流程。请求信息携带有客户端用户信息和需求信息,其中,客户端用户信息可以包括以下一种或几种:用户身份信息、手机号、用户地址、用户登陆客户端的账号密码、第二算法的标识信息(如插件号)或时间信息等;需求信息可以是用户输入或选择的日期、时间、车次、起点、终点、项目、地址、座位号等与所购买的票务相关的信息。在实际应用中,用户可以在购票界面(如,打开APP所呈现的购票界面或者专用购票终端上显示的购票界面)输入或选择需求信息,然后客户端将该需求信息与客户端用户信息发送给第二服务器。Wherein, the request information may be a ticket purchase request to start the entire process of generating the two-dimensional code. The request information carries client user information and demand information, where the client user information may include one or more of the following: user identity information, mobile phone number, user address, account password of the user logging in to the client, and identification information of the second algorithm (such as plug-in number) or time information, etc.; the demand information can be the date, time, train number, starting point, destination, item, address, seat number and other information related to the purchased ticket entered or selected by the user. In practical applications, the user can input or select the demand information on the ticket purchase interface (eg, the ticket purchase interface presented by opening the APP or the ticket purchase interface displayed on the special ticket purchase terminal), and then the client terminal associates the demand information with the client terminal. The user information is sent to the second server.
步骤220,第二服务器根据请求信息生成二维码信息M,并利用密钥key对二维码信息M进行加密,得到密文M’。第二服务器使用第一算法A中的第一加密算法A1对密钥key进行加密,得到第三密钥信息A1(key)。Step 220, the second server generates the two-dimensional code information M according to the request information, and encrypts the two-dimensional code information M with the key key to obtain the ciphertext M'. The second server encrypts the key key using the first encryption algorithm A1 in the first algorithm A to obtain third key information A1 (key).
其中,根据请求信息生成二维码信息,可以是对客户端用户信息和需求信息进行整合得到二维码信息。Wherein, generating the two-dimensional code information according to the request information may be obtained by integrating the client user information and the demand information to obtain the two-dimensional code information.
步骤230,第二服务器向第一服务器发送密文M’、第三密钥信息A1(key)和客户端用户信息。Step 230, the second server sends the ciphertext M', the third key information A1 (key) and the client user information to the first server.
步骤240,第一服务器接收第二服务器发送的密文M’、第三密钥信息A1(key)和客户端用户信息。第一服务器利用第一算法A中的第一解密算法A1’对第三密钥信息A1(key)进行解密,得到密钥key。第一服务器依次使用第一算法A中的第二加密算法A2和第二算法B中的第四加密算法B2对密钥key进行加密,得到第一密钥信息B2(A2(key))。Step 240: The first server receives the ciphertext M', the third key information A1 (key) and the client user information sent by the second server. The first server decrypts the third key information A1(key) by using the first decryption algorithm A1' in the first algorithm A to obtain the key key. The first server sequentially encrypts the key key using the second encryption algorithm A2 in the first algorithm A and the fourth encryption algorithm B2 in the second algorithm B to obtain first key information B2 (A2(key)).
其中,第一服务器可以利用客户端用户信息查找与该客户端对应的第二算法B,还可以利用第二服务器的标识信息(该标识信息可以通过第一服务器与第二服务器间的通信获取,例如,第二服务器发送信息时会给出自己的标识作为通信源端)查找与该第二服务器对应的第一算法A。Wherein, the first server can use the client user information to find the second algorithm B corresponding to the client, and can also use the identification information of the second server (the identification information can be obtained through the communication between the first server and the second server, For example, when the second server sends information, it will give its own identity as the communication source) to search for the first algorithm A corresponding to the second server.
步骤250,第一服务器根据客户端用户信息,利用第三算法(如哈希算法)生成第一验证信息V(S),并利用第二算法B中的第四加密算法B2对第一验证信息V(S)进行加密,得到加密后的第一验证信息B2(V(S))。Step 250, the first server uses a third algorithm (such as a hash algorithm) to generate the first verification information V(S) according to the user information of the client, and uses the fourth encryption algorithm B2 in the second algorithm B to verify the first verification information. V(S) is encrypted to obtain encrypted first verification information B2(V(S)).
步骤260,第一服务器将密文M’、第一密钥信息B2(A2(key))和加密后的第一验证信息B2(V(S))发送给客户端。Step 260, the first server sends the ciphertext M', the first key information B2 (A2(key)) and the encrypted first verification information B2(V(S)) to the client.
步骤270,客户端接收第一服务器发送的密文M’、第一密钥信息B2(A2(key))和加密后的第一验证信息B2(V(S))。客户端利用第二算法B对第一验证信息V(S)进行验证,具体的,客户端利用第三算法(哈希算法)对本地的客户端用户信息进行处理,生成第三验证信息V(S)’;客户端利用第二算法B中的第四解密算法B2’对加密后的第一验证信息B2(V(S))进行解密,得到第一验证信息V(S);比较V(S)与V(S)’,如果二者一致,则验证通过。Step 270: The client receives the ciphertext M', the first key information B2(A2(key)) and the encrypted first verification information B2(V(S)) sent by the first server. The client uses the second algorithm B to verify the first verification information V(S). Specifically, the client uses the third algorithm (hash algorithm) to process the local client user information to generate the third verification information V(S). S)'; the client uses the fourth decryption algorithm B2' in the second algorithm B to decrypt the encrypted first verification information B2(V(S)) to obtain the first verification information V(S); compare V( S) and V(S)', if they are consistent, the verification is passed.
步骤280,验证通过后,客户端利用第二算法B中的第四解密算法B2’对第一密钥信息B2(A2(key))进行解密,得到第二密钥信息A2(key)。Step 280: After the verification is passed, the client uses the fourth decryption algorithm B2' in the second algorithm B to decrypt the first key information B2(A2(key)) to obtain the second key information A2(key).
步骤290,客户端根据第一时间因子t1及第二密钥信息A2(key)生成第二验证信息V(C),并利用第二算法B中的第三加密算法B1对第二验证信息V(C)进行加密,得到加密后的第二验证信息B1(V(C));根据密文M’、第二密钥信息A2(key)及加密后的第二验证信息B1(V(C))生成二维码。具体的,客户端利用第三算法(哈希算法)对第一时间因子t1及第二密钥信息A2(key)进行处理,即可生成第二验证信息V(C)。Step 290, the client generates the second verification information V(C) according to the first time factor t1 and the second key information A2 (key), and uses the third encryption algorithm B1 in the second algorithm B to interpret the second verification information V. (C) Encryption is performed to obtain the encrypted second verification information B1 (V(C)); according to the ciphertext M', the second key information A2 (key) and the encrypted second verification information B1 (V(C) )) to generate a QR code. Specifically, the client can generate the second verification information V(C) by processing the first time factor t1 and the second key information A2 (key) by using the third algorithm (hash algorithm).
本实施例中,第一服务器对密钥进行两次加密,且只有对应的客户端或服务器使用对应的算法才可以解密得到密钥,保证了密钥及二维码信息的安全性。第一服务器生成第一验证信息,供客户端验证二维码信息的来源是否可靠,验证通过后才进行生成二维码的相关操作,进一步保证了信息的安全可靠。另外,第一服务器与第二服务器之间的信息传输,都是经过算法加密的,且该算法与第一服务器唯一对应,其他设备不能解密,能够保证信息安全。In this embodiment, the first server encrypts the key twice, and only the corresponding client or server can decrypt to obtain the key by using the corresponding algorithm, which ensures the security of the key and the two-dimensional code information. The first server generates first verification information for the client to verify whether the source of the two-dimensional code information is reliable, and the related operations of generating the two-dimensional code are performed only after the verification is passed, which further ensures the safety and reliability of the information. In addition, the information transmission between the first server and the second server is encrypted by an algorithm, and the algorithm uniquely corresponds to the first server, which cannot be decrypted by other devices, which can ensure information security.
实施例四Embodiment 4
图3是本发明实施例四提供的二维码读取方法的流程图,本实施例可适用于检验具有二维码的票务,例如车票、门票等。该方法可以由二维码读取装置来执行,例如扫描终端和服务器。本实施例所读取的二维码是通过上述任意实施例生成的二维码,二维码生成方法与二维码读取方法属于同一发明构思。本实施例对实施例一至三中的相关内容不再进行重复解释,具体参考实施例一至三。如图3所示,该二维码读取方法具体包括如下步骤:FIG. 3 is a flowchart of a method for reading a two-dimensional code provided in Embodiment 4 of the present invention. This embodiment is applicable to checking tickets with two-dimensional codes, such as train tickets, tickets, and the like. The method can be performed by a two-dimensional code reading device, such as a scanning terminal and a server. The two-dimensional code read in this embodiment is a two-dimensional code generated by any of the above embodiments, and the two-dimensional code generation method and the two-dimensional code reading method belong to the same inventive concept. In this embodiment, the relevant content in Embodiments 1 to 3 will not be repeatedly explained, and specific reference is made to Embodiments 1 to 3. As shown in Figure 3, the two-dimensional code reading method specifically includes the following steps:
步骤310,第二服务器获取二维码中的密文、第二密钥信息和加密后的第二验证信息。
其中,可以通过扫描设备扫描二维码,获取二维码中的密文、第二密钥信息和加密后的第二验证信息,并将获取的信息传输给第二服务器。密文是使用密钥对二维码信息进行加密得到的。第二密钥信息是使用第一算法对密钥进行加密得到的,第一算法与第二服务器唯一对应。第二验证信息是客户端根据第一时间因子及第二密钥信息,利用第三算法(可以是哈希算法)生成的,第二验证信息用于检票时验证二维码来源是否可靠。The two-dimensional code can be scanned by a scanning device to obtain the ciphertext, the second key information and the encrypted second verification information in the two-dimensional code, and the obtained information is transmitted to the second server. The ciphertext is obtained by encrypting the QR code information with a key. The second key information is obtained by encrypting the key using a first algorithm, and the first algorithm uniquely corresponds to the second server. The second verification information is generated by the client using a third algorithm (which may be a hash algorithm) according to the first time factor and the second key information, and the second verification information is used to verify whether the source of the QR code is reliable during ticket checking.
步骤320,第二服务器将加密后的第二验证信息发送给第一服务器进行验证。
步骤330,第二服务器接收到验证通过消息后,利用第一算法对第二密钥信息进行解密,得到密钥。其中,验证通过表示二维码的来源可靠。
步骤340,第二服务器利用密钥对密文进行解密,得到二维码信息。
由此便完成了二维码的读取,第二服务器还可以将二维码信息与预存信息进行比对,并输出验证结果,验证结果可以输出给与扫描终端连接的设备,例如,报警灯、扬声器、显示屏等。如果二维码信息与预存信息完全匹配,则输出二维码正确;如果二维码信息与预存信息不匹配,则输出二维码错误,从而实现二维码检票。其中,第二服务器作为出票方的服务器,存储有其管理的所有票务信息。Thus, the reading of the two-dimensional code is completed, and the second server can also compare the two-dimensional code information with the pre-stored information, and output the verification result. The verification result can be output to the device connected to the scanning terminal, for example, an alarm light , speakers, displays, etc. If the two-dimensional code information completely matches the pre-stored information, the output of the two-dimensional code is correct; if the two-dimensional code information does not match the pre-stored information, the output of the two-dimensional code is wrong, thereby realizing the two-dimensional code ticket inspection. Wherein, the second server serves as the server of the ticket maker, and stores all the ticket information managed by the second server.
本实施例的技术方案,利用第一服务器验证二维码中的第二验证信息,验证通过后,即确定二维码来源可靠后,才进行密钥信息的解密和密文的解密,以读取二维码信息,保证读取的二维码信息是安全可靠的;同时第二验证信息包括时间因子,具备时效性,能够有效防止二维码被盗用。即使不法分子获得了密钥,也无法正确进行二维码读取流程,从而无法窃取二维码信息。如果不法分子伪造了二维码,由于其不能伪造正确的第二验证信息,则无法正确进行二维码读取流程,则伪造的二维码是无效的。In the technical solution of this embodiment, the first server is used to verify the second verification information in the two-dimensional code. After the verification is passed, that is, after the source of the two-dimensional code is determined to be reliable, the decryption of the key information and the decryption of the ciphertext are performed to read The two-dimensional code information is obtained to ensure that the read two-dimensional code information is safe and reliable; at the same time, the second verification information includes a time factor, which is time-sensitive and can effectively prevent the two-dimensional code from being stolen. Even if the criminals obtain the key, the QR code reading process cannot be performed correctly, so that the QR code information cannot be stolen. If the criminals forge the two-dimensional code, because they cannot forge the correct second verification information, the two-dimensional code reading process cannot be performed correctly, and the forged two-dimensional code is invalid.
在上述技术方案的基础上,步骤320可以包括:第一服务器接收加密后的第二验证信息;第一服务器利用第二算法对加密后的第二验证信息进行解密,得到第二验证信息,其中第二算法与生成二维码的客户端唯一对应;第一服务器根据第二时间因子及本地存储的第二密钥信息,利用第三算法生成第四验证信息;第一服务器比较第二验证信息与第四验证信息,如果第二验证信息与第四验证信息一致,返回验证通过消息给第二服务器。Based on the above technical solution,
其中,第二时间因子可以是客户端与第一服务器预先约定的OTP(One-timePassword,动态口令)时间;也可以在客户端生成第二验证信息时,与第一服务器进行时间同步的时间。第四验证信息是第一服务器利用第二算法对第二时间因子及本地存储的第二密钥信息进行处理得到的,如果验证通过,表明所扫描的二维码来源可靠。The second time factor may be an OTP (One-timePassword, dynamic password) time pre-agreed by the client and the first server; it may also be a time for time synchronization with the first server when the client generates the second verification information. The fourth verification information is obtained by the first server using the second algorithm to process the second time factor and the locally stored second key information. If the verification is passed, it indicates that the source of the scanned two-dimensional code is reliable.
如图4所示,为二维码读取方法的交互流程图,包括如下步骤:As shown in Figure 4, it is an interactive flow chart of the two-dimensional code reading method, including the following steps:
步骤410,第二服务器获取二维码中的密文M’、第二密钥信息A2(key)及加密后的第二验证信息B1(V(C))。Step 410, the second server obtains the ciphertext M', the second key information A2 (key) and the encrypted second verification information B1 (V (C)) in the two-dimensional code.
步骤420,第二服务器向第一服务器发送B1(V(C))。Step 420, the second server sends B1(V(C)) to the first server.
步骤430,第一服务器使用第三解密算法B1’对B1(V(C))进行解密得到第二验证信息V(C);第一服务器利用哈希算法对t2和本地的A2(key)进行处理,生成第四验证信息V(C)’,将V(C)’与第二验证信息V(C)比较,如果二者一致,则验证通过。Step 430, the first server uses the third decryption algorithm B1' to decrypt B1(V(C)) to obtain the second verification information V(C); the first server uses the hash algorithm to decrypt t2 and the local A2(key). Process, generate fourth verification information V(C)', compare V(C)' with the second verification information V(C), and if the two are consistent, the verification is passed.
步骤440,第一服务器向第二服务器发送验证通过消息。Step 440, the first server sends a verification pass message to the second server.
步骤450,第二服务器接收到验证通过消息后,利用第二解密算法A2’对第二密钥信息A2(key)进行解密,得到密钥key,利用key解密密文M’,得到二维码信息M。Step 450, after the second server receives the verification pass message, it uses the second decryption algorithm A2' to decrypt the second key information A2 (key) to obtain the key key, and uses the key to decrypt the ciphertext M' to obtain the two-dimensional code. Information M.
以购票及检票场景为例,用户使用具有二维码生成算法的终端(如用户的手机或用户购买的专属于该用户的购票终端)向第一服务器申请授权,第一服务器根据用户信息进行算法重构,得到与该用户唯一对应的第二算法,用户终端下载并安装对应的第二算法插件后,用户即可使用该终端进行购票。具体的,可以使用实施例一至三所述的方法生成票务二维码。Taking the ticket purchase and ticket checking scenario as an example, the user applies for authorization to the first server using a terminal with a QR code generation algorithm (such as the user's mobile phone or a ticket purchase terminal purchased by the user exclusively for the user), and the first server uses the user information according to the user's information. The algorithm is reconstructed to obtain the second algorithm uniquely corresponding to the user. After the user terminal downloads and installs the corresponding second algorithm plug-in, the user can use the terminal to purchase tickets. Specifically, the method described in Embodiments 1 to 3 may be used to generate the ticket QR code.
出票方服务器向第一服务器申请授权,第一服务器根据服务器信息或使用者信息进行算法重构,得到与该服务器唯一对应的第一算法,出票方服务器下载并安装对应的第一算法插件后,即可进行检票。具体的,可以根据实施例四所述的方法读取票务二维码,并检验读取的信息是否正确,如果正确,则检票成功,用户可以正常乘车、观赏(电影、音乐会)或游玩。The biller server applies to the first server for authorization, the first server reconstructs the algorithm according to the server information or user information, and obtains the first algorithm uniquely corresponding to the server, and the biller server downloads and installs the corresponding first algorithm plug-in After that, check in. Specifically, the two-dimensional code for ticketing can be read according to the method described in Embodiment 4, and it is checked whether the read information is correct. If it is correct, the ticket checking is successful, and the user can ride, watch (movies, concerts) or play normally. .
在购票及检票过程中,实现了客户端对二维码信息来源,以及第一服务器对二维码来源的双向验证,且两次验证均需要客户端唯一对应的算法才可以进行,使得二维码信息不易被窃取,由第一服务器生成的唯一对应客户端的算法保护的二维码是难以被伪造的,杜绝了使用伪造二维码窃取用户信息和财产,或者对用户设备进行攻击的可能性,保证了二维码相关信息传输的安全性和完整性。In the process of ticket purchase and ticket checking, the two-way verification of the source of the QR code information by the client and the source of the QR code by the first server is realized, and both verifications require the unique algorithm corresponding to the client. The QR code information is not easy to be stolen, and the only QR code generated by the first server corresponding to the algorithm protection of the client is difficult to be forged, eliminating the possibility of using forged QR codes to steal user information and property, or to attack user equipment. It ensures the security and integrity of QR code related information transmission.
实施例五Embodiment 5
图5是本发明实施例五提供的二维码生成装置的结构框图,该装置可以应用于客户端,可以用于实现上述实施例所述的二维码生成方法,具体实施细节可参考方法实施例,本实施例不再赘述。如图5所示,该二维码生成装置包括:信息接收模块510、信息验证模块520、验证信息生成模块530和二维码生成模块540。FIG. 5 is a structural block diagram of a two-dimensional code generation device provided in Embodiment 5 of the present invention. The device can be applied to a client and can be used to implement the two-dimensional code generation method described in the above embodiment. For specific implementation details, please refer to Method Implementation For example, this embodiment will not describe it again. As shown in FIG. 5 , the two-dimensional code generating apparatus includes: an
信息接收模块510,用于接收第一服务器发送的密文、第一密钥信息和加密后的第一验证信息,其中,第一密钥信息是依次使用第一算法和第二算法对密文使用的密钥进行加密得到,第二算法与客户端唯一对应;The
信息验证模块520,用于利用第二算法对第一验证信息进行验证;an
验证信息生成模块530,用于在验证通过后,根据第一时间因子及第二密钥信息生成第二验证信息,并利用第二算法对第二验证信息进行加密;The verification
二维码生成模块540,用于根据密文、第二密钥信息及加密后的第二验证信息生成二维码。The two-dimensional
本实施例的技术方案,对二维码信息进行加密,对加密该二维码信息的密钥进行双重加密,且只有具备对应算法的客户端或服务器才可以解密得到该密钥,由此保证了二维码信息及密钥的安全性,防止泄露;二维码中的验证信息包括时间因子,具备时效性,能够有效防止二维码被盗用;在第一验证信息验证通过后(即确定二维码信息来源可靠后),才进行生成二维码的相关操作,进一步保证了信息的安全性。In the technical solution of this embodiment, the two-dimensional code information is encrypted, and the key for encrypting the two-dimensional code information is double-encrypted, and only the client or server with the corresponding algorithm can decrypt and obtain the key, thereby ensuring that The security of the two-dimensional code information and key is prevented to prevent leakage; the verification information in the two-dimensional code includes a time factor, which is time-sensitive and can effectively prevent the two-dimensional code from being stolen; After the source of the QR code information is reliable), the related operations of generating the QR code are performed, which further ensures the security of the information.
进一步的,信息验证模块520可以包括:第一信息生成单元,用于根据客户端用户信息,利用第三算法生成第三验证信息;验证信息解密单元,用于利用第二算法对加密后的第一验证信息进行解密,得到第一验证信息;信息验证单元,用于比较第一验证信息与第三验证信息,如果第一验证信息与第三验证信息一致,则验证通过。Further, the
进一步的,验证信息生成模块530可以包括:解密单元,用于利用第二算法对第一密钥信息进行解密,得到第二密钥信息;第二信息生成单元,用于根据第一时间因子及第二密钥信息,利用第三算法生成第二验证信息。Further, the verification
本发明实施例所提供的二维码生成装置可执行本发明任意实施例所提供的二维码生成方法,具备执行方法相应的功能模块和有益效果。The two-dimensional code generating apparatus provided by the embodiment of the present invention can execute the two-dimensional code generating method provided by any embodiment of the present invention, and has corresponding functional modules and beneficial effects of the execution method.
实施例六Embodiment 6
图6是本发明实施例六提供的二维码生成系统的结构框图,该系统可以用于实现本发明实施例所述的二维码生成方法,具体实施细节可参考方法实施例,本实施例不再赘述。如图6所示,该二维码生成系统包括:客户端100和第一服务器200。其中,客户端100包括实施例五所述的二维码生成装置,第一服务器200用于向客户端100发送密文、第一密钥信息和加密后的第一验证信息。FIG. 6 is a structural block diagram of a two-dimensional code generation system provided by Embodiment 6 of the present invention. The system can be used to implement the two-dimensional code generation method described in the embodiment of the present invention. For specific implementation details, please refer to the method embodiment, this embodiment No longer. As shown in FIG. 6 , the two-dimensional code generation system includes: a
如图6所示,上述系统还可以包括:第二服务器300,用于接收客户端100发送的请求信息,其中请求信息携带有客户端用户信息和需求信息;根据请求信息生成二维码信息,并利用密钥对二维码信息进行加密,得到密文;使用第一算法对密钥进行加密,得到第三密钥信息;以及向第一服务器200发送密文、第三密钥信息和客户端用户信息。As shown in FIG. 6 , the above-mentioned system may further include: a
进一步的,第一服务器200还用于:接收第二服务器300发送的密文、第三密钥信息和客户端用户信息;利用第一算法对第三密钥信息进行解密,得到密钥;依次使用第一算法和第二算法对密钥进行加密,得到第一密钥信息,其中,第一算法与第二服务器300唯一对应;根据客户端用户信息,利用第三算法生成第一验证信息,并利用第二算法对第一验证信息进行加密;将密文、第一密钥信息和加密后的第一验证信息发送给客户端100。Further, the
第一服务器200还可以用于进行算法重构,生成与客户端100唯一对应的算法,以及与第二服务器300唯一对应的算法。The
针对第二服务器300,第一服务器200还可以用于:接收第二服务器300发送的第一用户信息;根据第一用户信息生成第一密钥参数和第二密钥参数;根据第一密钥参数、第二密钥参数、第一预设加密算法及对应的第一预设解密算法,生成第一算法,其中,第一算法包括:第一加密算法及对应的第一解密算法、第二加密算法及对应的第二解密算法;向第二服务器300发送第一算法中的第一加密算法和第二解密算法。For the
针对客户端100,第一服务器200还可以用于:接收客户端100发送的第二用户信息;根据第二用户信息生成第三密钥参数和第四密钥参数;根据第三密钥参数、第四密钥参数、第二预设加密算法及对应的第二预设解密算法,生成第二算法,其中,第二算法包括:第三加密算法及对应的第三解密算法、第四加密算法及对应的第四解密算法;向客户端100发送第二算法中的第三加密算法和第四解密算法。For the
本发明实施例所提供的二维码生成系统可执行本发明任意实施例所提供的二维码生成方法,具备执行方法相应的功能模块和有益效果。The two-dimensional code generation system provided by the embodiment of the present invention can execute the two-dimensional code generation method provided by any embodiment of the present invention, and has functional modules and beneficial effects corresponding to the execution method.
实施例七Embodiment 7
图7是本发明实施例七提供的二维码读取装置的结构框图,该装置可以应用于第二服务器,可以用于实现本发明实施例所述的二维码读取方法,具体实施细节可参考方法实施例,本实施例不再赘述。如图7所示,该二维码读取装置包括:信息获取模块710、信息发送模块720、第一解密模块730和第二解密模块740。7 is a structural block diagram of a two-dimensional code reading device provided in Embodiment 7 of the present invention. The device can be applied to a second server, and can be used to implement the two-dimensional code reading method described in the embodiment of the present invention. The specific implementation details Reference may be made to the method embodiment, which is not repeated in this embodiment. As shown in FIG. 7 , the two-dimensional code reading device includes: an
信息获取模块710,用于获取二维码中的密文、第二密钥信息和加密后的第二验证信息;优选的,可以从扫描终端中获取二维码中的信息;The
信息发送模块720,用于将加密后的第二验证信息发送给第一服务器进行验证;an
第一解密模块730,用于在接收到验证通过消息后,利用第一算法对第二密钥信息进行解密,得到密钥,其中第一算法与第二服务器唯一对应;The
第二解密模块740,用于利用密钥对密文进行解密,得到二维码信息。The
本实施例的技术方案,利用第一服务器验证二维码中的第二验证信息,验证通过后,即确定二维码来源可靠后,才进行密钥信息的解密和密文的解密,以读取二维码信息,保证读取的二维码信息是安全可靠的;同时第二验证信息包括时间因子,具备时效性,能够有效防止二维码被盗用。In the technical solution of this embodiment, the first server is used to verify the second verification information in the two-dimensional code. After the verification is passed, that is, the source of the two-dimensional code is determined to be reliable, the decryption of the key information and the decryption of the ciphertext are performed to read The two-dimensional code information is obtained to ensure that the read two-dimensional code information is safe and reliable; at the same time, the second verification information includes a time factor, which is time-sensitive and can effectively prevent the two-dimensional code from being stolen.
本发明实施例所提供的二维码读取装置可执行本发明任意实施例所提供的二维码读取方法,具备执行方法相应的功能模块和有益效果。The two-dimensional code reading device provided by the embodiment of the present invention can execute the two-dimensional code reading method provided by any embodiment of the present invention, and has functional modules and beneficial effects corresponding to the execution method.
实施例八Embodiment 8
图8是本发明实施例八提供的二维码读取系统的结构框图,该系统可以用于实现本发明实施例所述的二维码读取方法,具体实施细节可参考方法实施例,本实施例不再赘述。如图8所示,该二维码读取系统包括:第一服务器200和第二服务器300。8 is a structural block diagram of a two-dimensional code reading system provided in Embodiment 8 of the present invention. The system can be used to implement the two-dimensional code reading method described in the embodiment of the present invention. The embodiments are not repeated here. As shown in FIG. 8 , the two-dimensional code reading system includes: a
其中,第二服务器300包括实施例七所述的二维码读取装置,第一服务器200用于:接收加密后的第二验证信息;利用第二算法对加密后的第二验证信息进行解密,得到第二验证信息,其中第二算法与生成二维码的客户端唯一对应;根据第二时间因子及本地存储的第二密钥信息,利用第三算法生成第四验证信息;以及比较第二验证信息与第四验证信息,如果第二验证信息与第四验证信息一致,返回验证通过消息给第二服务器300。The
本发明实施例所提供的二维码读取系统可执行本发明任意实施例所提供的二维码读取方法,具备执行方法相应的功能模块和有益效果。The two-dimensional code reading system provided by the embodiment of the present invention can execute the two-dimensional code reading method provided by any embodiment of the present invention, and has functional modules and beneficial effects corresponding to the execution method.
实施例九Embodiment 9
本实施例提供了一种计算机设备,包括存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,处理器执行该程序时,可以实现如本发明实施例一至三中任一所述的二维码生成方法,或者实现如本发明实施例四所述的二维码读取方法。This embodiment provides a computer device, including a memory, a processor, and a computer program stored in the memory and running on the processor. When the processor executes the program, it can implement any one of Embodiments 1 to 3 of the present invention. The two-dimensional code generation method described above, or the two-dimensional code reading method described in Embodiment 4 of the present invention is implemented.
具体的,本实施例的计算机设备可以是安装有客户端的终端,终端中的处理器执行存储器存储的程序时,可以实现本发明实施例的二维码生成方法中客户端的操作。Specifically, the computer device in this embodiment may be a terminal with a client installed. When the processor in the terminal executes the program stored in the memory, the operation of the client in the two-dimensional code generation method of the embodiment of the present invention may be implemented.
本实施例的计算机设备还可以是服务器,服务器中的处理器执行存储器存储的程序时,可以实现本发明实施例的二维码生成方法和二维码读取方法中第一服务器的操作。The computer device in this embodiment may also be a server. When the processor in the server executes the program stored in the memory, the operation of the first server in the two-dimensional code generating method and the two-dimensional code reading method of the embodiment of the present invention may be implemented.
本实施例的计算机设备还可以是服务器,服务器中的处理器执行存储器存储的程序时,可以实现本发明实施例的二维码生成方法和二维码读取方法中第二服务器的操作。The computer device in this embodiment may also be a server. When the processor in the server executes the program stored in the memory, the operation of the second server in the two-dimensional code generating method and the two-dimensional code reading method of the embodiment of the present invention can be implemented.
下面以终端为例,结合图9说明计算机设备的具体结构。图9是本发明实施例九提供的一种计算机设备的结构示意图,如图9所示,该计算机设备包括:处理器910、存储器920、输入装置930和输出装置940;计算机设备中处理器910的数量可以是一个或多个,图9中以一个处理器910为例;计算机设备中的处理器910、存储器920、输入装置930和输出装置940可以通过总线或其他方式连接,图9中以通过总线连接为例。Taking a terminal as an example below, the specific structure of the computer device will be described with reference to FIG. 9 . FIG. 9 is a schematic structural diagram of a computer device according to Embodiment 9 of the present invention. As shown in FIG. 9 , the computer device includes: a
存储器920作为一种计算机可读存储介质,可用于存储软件程序、计算机可执行程序以及模块,如本发明实施例的二维码生成方法中对应的程序指令/模块(例如,二维码生成装置中的信息接收模块510、信息验证模块520、验证信息生成模块530和二维码生成模块540)。处理器910通过运行存储在存储器920中的软件程序、指令以及模块,从而执行计算机设备的各种功能应用以及数据处理,即实现上述的二维码生成方法。As a computer-readable storage medium, the
存储器920可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序;存储数据区可存储根据终端的使用所创建的数据等。此外,存储器920可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他非易失性固态存储器件。在一些实例中,存储器920可进一步包括相对于处理器910远程设置的存储器,这些远程存储器可以通过网络连接至计算机设备。上述网络的实例包括但不限于互联网、企业内部网、局域网、移动通信网及其组合。The
输入装置930可用于接收输入的数字或字符信息,以及产生与计算机设备的用户设置以及功能控制有关的键信号输入,例如,接收用户输入或选择的购票相关信息。输出装置940可包括显示屏等显示设备,用于显示二维码。The
实施例十Embodiment ten
本实施例提供一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现如本发明实施例一至三中任一所述的二维码生成方法,或者实现如本发明实施例四所述的二维码读取方法。This embodiment provides a computer-readable storage medium on which a computer program is stored, and when the program is executed by a processor, implements the two-dimensional code generation method described in any one of the first to third embodiments of the present invention, or implements the two-dimensional code generation method as described in this embodiment. The two-dimensional code reading method described in the fourth embodiment of the invention.
具体的,本实施例提供的计算机可读存储介质,其上存储的计算机程序被处理器执行时,可以实现本发明实施例的二维码生成方法中客户端的操作。即该存储介质可以设置在终端上。Specifically, when the computer program stored on the computer-readable storage medium provided in this embodiment is executed by the processor, the operations of the client in the two-dimensional code generation method of the embodiment of the present invention can be implemented. That is, the storage medium can be set on the terminal.
本实施例提供的计算机可读存储介质,其上存储的计算机程序被处理器执行时,也可以实现本发明实施例的二维码生成方法和二维码读取方法中第一服务器的操作。即该存储介质可以设置在服务器上,例如,第一服务器。When the computer program stored on the computer-readable storage medium provided in this embodiment is executed by the processor, the operations of the first server in the two-dimensional code generation method and the two-dimensional code reading method of the embodiment of the present invention can also be implemented. That is, the storage medium may be set on a server, for example, the first server.
本实施例提供的计算机可读存储介质,其上存储的计算机程序被处理器执行时,还可以实现本发明实施例的二维码生成方法和二维码读取方法中第二服务器的操作。即该存储介质可以设置在服务器上,例如,第二服务器。When the computer program stored on the computer-readable storage medium provided in this embodiment is executed by the processor, the operation of the second server in the two-dimensional code generating method and the two-dimensional code reading method of the embodiment of the present invention can also be implemented. That is, the storage medium may be set on a server, for example, a second server.
通过以上关于实施方式的描述,所属领域的技术人员可以清楚地了解到,本发明可借助软件及必需的通用硬件来实现,当然也可以通过硬件实现,但很多情况下前者是更佳的实施方式。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品可以存储在计算机可读存储介质中,如计算机的软盘、只读存储器(Read-Only Memory,ROM)、随机存取存储器(RandomAccess Memory,RAM)、闪存(FLASH)、硬盘或光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述的方法。From the above description of the embodiments, those skilled in the art can clearly understand that the present invention can be realized by software and necessary general-purpose hardware, and of course can also be realized by hardware, but in many cases the former is a better embodiment . Based on such understanding, the technical solutions of the present invention can be embodied in the form of software products in essence or the parts that make contributions to the prior art, and the computer software products can be stored in a computer-readable storage medium, such as a floppy disk of a computer , read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), flash memory (FLASH), hard disk or CD, etc., including several instructions to make a computer device (which can be a personal computer, A server, or a network device, etc.) executes the methods described in the various embodiments of the present invention.
值得注意的是,上述二维码生成装置及系统、二维码读取装置及系统的实施例中,所包括的各个单元和模块只是按照功能逻辑进行划分的,但并不局限于上述的划分,只要能够实现相应的功能即可;另外,各功能单元的具体名称也只是为了便于相互区分,并不用于限制本发明的保护范围。It is worth noting that in the above-mentioned embodiments of the two-dimensional code generation device and system, and the two-dimensional code reading device and system, the units and modules included are only divided according to functional logic, but are not limited to the above-mentioned division. , as long as the corresponding functions can be realized; in addition, the specific names of the functional units are only for the convenience of distinguishing from each other, and are not used to limit the protection scope of the present invention.
注意,上述仅为本发明的较佳实施例及所运用技术原理。本领域技术人员会理解,本发明不限于这里所述的特定实施例,对本领域技术人员来说能够进行各种明显的变化、重新调整和替代而不会脱离本发明的保护范围。因此,虽然通过以上实施例对本发明进行了较为详细的说明,但是本发明不仅仅限于以上实施例,在不脱离本发明构思的情况下,还可以包括更多其他等效实施例,而本发明的范围由所附的权利要求范围决定。Note that the above are only preferred embodiments of the present invention and applied technical principles. Those skilled in the art will understand that the present invention is not limited to the specific embodiments described herein, and various obvious changes, readjustments and substitutions can be made by those skilled in the art without departing from the protection scope of the present invention. Therefore, although the present invention has been described in detail through the above embodiments, the present invention is not limited to the above embodiments, and can also include more other equivalent embodiments without departing from the concept of the present invention. The scope is determined by the scope of the appended claims.
Claims (13)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710560433.6ACN107395581B (en) | 2017-07-11 | 2017-07-11 | Two-dimensional code generation and reading method, device, system, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710560433.6ACN107395581B (en) | 2017-07-11 | 2017-07-11 | Two-dimensional code generation and reading method, device, system, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107395581A CN107395581A (en) | 2017-11-24 |
| CN107395581Btrue CN107395581B (en) | 2020-11-17 |
Family
ID=60339108
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710560433.6AActiveCN107395581B (en) | 2017-07-11 | 2017-07-11 | Two-dimensional code generation and reading method, device, system, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107395581B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108495309B (en)* | 2018-02-06 | 2022-03-25 | 咪咕文化科技有限公司 | Information processing method, electronic device and storage medium |
| CN110119643B (en) | 2018-02-07 | 2020-11-03 | 北京三快在线科技有限公司 | Two-dimensional code generation method and device and two-dimensional code identification method and device |
| CN108650082B (en)* | 2018-05-08 | 2020-10-30 | 腾讯科技(深圳)有限公司 | Encryption and verification method of information to be verified, related device and storage medium |
| CN109034996A (en)* | 2018-06-07 | 2018-12-18 | 郝迎晓 | Information processing method, the apparatus and system of bank account are opened up based on two dimensional code |
| CN108960385A (en)* | 2018-06-29 | 2018-12-07 | 苏州酷豆物联科技有限公司 | Two dimensional code generation and verification method and system based on the encryption of multiple code key |
| CN110071907A (en)* | 2019-03-01 | 2019-07-30 | 阿里巴巴集团控股有限公司 | The generation method and device of two dimensional code |
| CN109949521A (en)* | 2019-03-07 | 2019-06-28 | 爱布客(武汉)科技有限公司 | A kind of method of self-help book returning, system, terminal and storage medium |
| CN110908660B (en)* | 2019-11-21 | 2022-10-28 | 苏州达家迎信息技术有限公司 | Two-dimensional code generation method and device, computer equipment and storage medium |
| CN113852587A (en)* | 2020-06-28 | 2021-12-28 | 山东爱城市网信息技术有限公司 | Two-dimensional code remote authorization method and equipment based on encryption algorithm |
| CN112788046A (en)* | 2021-01-22 | 2021-05-11 | 中信银行股份有限公司 | Method and system for encrypting transmission information |
| CN112987942B (en)* | 2021-03-10 | 2024-04-16 | 京东科技控股股份有限公司 | Method, device and system for inputting information by keyboard, electronic equipment and storage medium |
| CN115001676B (en)* | 2022-06-02 | 2022-12-02 | 深圳市爱克信智能股份有限公司 | Two-dimensional code encryption method, decryption method, system, terminal and storage medium |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102843377A (en)* | 2012-09-13 | 2012-12-26 | 杭州也要买电子商务有限公司 | Fast encryption method for social websites |
| CN103561023A (en)* | 2013-10-31 | 2014-02-05 | 曙光云计算技术有限公司 | Method and device for sending and receiving communication information |
| US8924712B2 (en)* | 2011-11-14 | 2014-12-30 | Ca, Inc. | Using QR codes for authenticating users to ATMs and other secure machines for cardless transactions |
| CN104598801A (en)* | 2015-01-23 | 2015-05-06 | 上海众人科技有限公司 | Dynamic two-dimension code generation method based on algorithm reconstruction |
| CN104618334A (en)* | 2014-12-29 | 2015-05-13 | 通邮(中国)科技有限公司 | Method and system for generating and verifying dynamic two-dimensional code |
| CN105162764A (en)* | 2015-07-30 | 2015-12-16 | 北京石盾科技有限公司 | Dual authentication method, system and device for SSH safe login |
| CN105592080A (en)* | 2015-12-18 | 2016-05-18 | 汕头市超声仪器研究所有限公司 | Interactive identity authentication method between terminals |
| CN106780775A (en)* | 2016-11-22 | 2017-05-31 | 中南大学 | two-dimensional code electronic ticket management method and system |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9256881B2 (en)* | 2013-11-08 | 2016-02-09 | Vattaca, LLC | Authenticating and managing item ownership and authenticity |
| US10362114B2 (en)* | 2015-12-14 | 2019-07-23 | Afero, Inc. | Internet of things (IoT) apparatus and method for coin operated devices |
- 2017
- 2017-07-11CNCN201710560433.6Apatent/CN107395581B/enactiveActive
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8924712B2 (en)* | 2011-11-14 | 2014-12-30 | Ca, Inc. | Using QR codes for authenticating users to ATMs and other secure machines for cardless transactions |
| CN102843377A (en)* | 2012-09-13 | 2012-12-26 | 杭州也要买电子商务有限公司 | Fast encryption method for social websites |
| CN103561023A (en)* | 2013-10-31 | 2014-02-05 | 曙光云计算技术有限公司 | Method and device for sending and receiving communication information |
| CN104618334A (en)* | 2014-12-29 | 2015-05-13 | 通邮(中国)科技有限公司 | Method and system for generating and verifying dynamic two-dimensional code |
| CN104598801A (en)* | 2015-01-23 | 2015-05-06 | 上海众人科技有限公司 | Dynamic two-dimension code generation method based on algorithm reconstruction |
| CN105162764A (en)* | 2015-07-30 | 2015-12-16 | 北京石盾科技有限公司 | Dual authentication method, system and device for SSH safe login |
| CN105592080A (en)* | 2015-12-18 | 2016-05-18 | 汕头市超声仪器研究所有限公司 | Interactive identity authentication method between terminals |
| CN106780775A (en)* | 2016-11-22 | 2017-05-31 | 中南大学 | two-dimensional code electronic ticket management method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107395581A (en) | 2017-11-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107395581B (en) | Two-dimensional code generation and reading method, device, system, equipment and storage medium | |
| US11799668B2 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| US11050555B2 (en) | Method for remotely acquiring secret key, POS terminal and storage medium | |
| CN110519260B (en) | Information processing method and information processing device | |
| CN109150548B (en) | Digital certificate signing and signature checking method and system and digital certificate system | |
| KR100670005B1 (en) | Verification device, system and integrity verification method for remotely verifying the integrity of memory for mobile platform | |
| CN110690956B (en) | Bidirectional authentication method and system, server and terminal | |
| TWI529641B (en) | System for verifying data displayed dynamically by mobile and method thereof | |
| CN111401901A (en) | Authentication method and device of biological payment device, computer device and storage medium | |
| CN103281187A (en) | Security authentication method, equipment and system | |
| US20250111032A1 (en) | Method and device for verifying display terminal, storage medium, and electronic device | |
| KR102032210B1 (en) | User authentication processing apparatus capable of simple authentication by inputting personal identification number and operating method thereof | |
| CN107948186A (en) | A kind of safety certifying method and device | |
| USRE49968E1 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| CN106453430A (en) | Method and device for verifying encrypted data transmission paths | |
| JP2009199147A (en) | Communication control method and communication control program | |
| CN108933766B (en) | Method and client for improving equipment ID security | |
| CN112559979A (en) | Method for protecting software library authorized use on POS machine through hardware security chip | |
| CN111510416A (en) | Data information transmission method, electronic device and readable storage medium | |
| CN112737790B (en) | Data transmission method and device, server and client terminal | |
| CN116132041A (en) | Key processing method and device, storage medium and electronic equipment | |
| CN115242471A (en) | Information transmission method and device, electronic equipment and computer readable storage medium | |
| CN106411964A (en) | Traceable and encrypted data transmission method and device | |
| CN112417424A (en) | Authentication method and system for power terminal | |
| CN114125830B (en) | APP data encryption transmission method, device and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right | Effective date of registration:20241025 Address after:Room 503, Building 3, No. 6 Xicheng Xi'an North Road, Xinluo District, Longyan City, Fujian Province 364031 Patentee after:Xie Xinyong Country or region after:China Address before:Room 211, building 4, No. 1411, Yecheng Road, Jiading Industrial Zone, Jiading District, Shanghai, 201821 Patentee before:SHANGHAI PEOPLENET SECURITY TECHNOLOGY Co.,Ltd. Country or region before:China | |
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right | Effective date of registration:20241104 Address after:Room 703-8, Building 5, No. 98 Lianshi Lake West Road, Mentougou District, Beijing, 102308 Patentee after:Beijing Qiluo Technology Co.,Ltd. Country or region after:China Address before:Room 503, Building 3, No. 6 Xicheng Xi'an North Road, Xinluo District, Longyan City, Fujian Province 364031 Patentee before:Xie Xinyong Country or region before:China |