A file transfer processing method and apparatus
By generating configuration files and utilizing character indexes and information bodies at index levels, the problem of uncertain file transfer status is solved, achieving reliability and security in file transfer, supporting file verification and encryption, and adapting to different business needs.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- CHINA CONSTRUCTION BANK
- Filing Date
- 2023-05-25
- Publication Date
- 2026-06-05
AI Technical Summary
Existing file transfer tools may cause problems for the recipient when transferring large files or when network transfers are slow, making it difficult to determine whether the file transfer is complete. This could lead to system crashes.
By generating a configuration file containing character indexes and index hierarchy information, the receiver can verify the file transfer status, including filename, byte size, hash value, and other information, to ensure file integrity and legitimacy.
It solves the uncertainty of file transmission status for the receiver, supports file verification and encryption functions to prevent tampering, provides extended information items to adapt to different business needs, and improves the reliability and security of file transmission.
Smart Images

Figure CN116633916B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of data processing technology, and in particular to a file transfer processing method and apparatus. Background Technology
[0002] Data exchange is common between application systems, typically using files as the medium for this interaction. Current file transfer solutions include: dedicated tools such as FTP (File Transfer Protocol), HTTP, or custom file transfer tools.
[0003] In the process of developing this invention, the inventors discovered that existing file transfer tools have at least the following problems: when the file is large or the network transmission is slow, the receiving party may only write part of the data to the file, while the receiving party only sees that the file has arrived at the specified directory. It is difficult to determine whether the file has been completely transferred or is in the process of being transferred. Simultaneous reading and writing of a file may occur, which may lead to system crashes in severe cases. Summary of the Invention
[0004] In view of this, embodiments of the present invention provide a file transfer processing method and apparatus, which can at least solve the problem in the prior art where the receiver cannot determine the file transfer status.
[0005] To achieve the above objectives, according to one aspect of the present invention, a file transfer processing method applied to a sender is provided, comprising:
[0006] In response to the selection and transmission operation of the target file, an information body content management strategy is obtained; wherein, the information body content management strategy includes a character index and a corresponding index level;
[0007] Using the value retrieval method corresponding to each character index, the corresponding data is extracted from the target file, and the extracted data is arranged according to the index level to generate an information body;
[0008] The number of bytes in the information body is determined, and the number of bytes is used as header information. The header information and the information body are processed according to a preset file format to generate a configuration file.
[0009] Obtain recipient information, send the target file and the configuration file to the recipient, so that the recipient can use the configuration file to perform verification processing on the target file.
[0010] Optionally, the character index includes one or more of the target file's filename, file size in bytes, and file hash value, wherein the file hash value is obtained by hashing the content of the target file;
[0011] The method further includes adding a preset field as a suffix after the filename to serve as the filename of the configuration file.
[0012] Optionally, the character index may also include one or more of the following: sender information, receiver information, encryption / decryption parameters, and whether to encrypt.
[0013] The method further includes:
[0014] The target file is encrypted using unencrypted encryption / decryption parameters;
[0015] Based on the identifier in the recipient information, determine the recipient's public key, and use the recipient's public key to encrypt the unencrypted encryption / decryption parameters to obtain the encryption / decryption parameters;
[0016] Set the encryption parameter to yes.
[0017] Optionally, the character index includes extended information items, the data of which is obtained through input.
[0018] Optionally, the information body may also include signature information, which is obtained by signing other information in the information body.
[0019] To achieve the above objectives, according to one aspect of the present invention, a file transfer processing method applied to a receiver is provided, comprising:
[0020] The system receives the target file and configuration file sent by the sender, parses the configuration file to obtain header information and information body; wherein, the information body includes character indexes and corresponding data, and there is an index hierarchy relationship between the character indexes;
[0021] Obtain the current number of bytes in the information body, and in response to the number of bytes being equal to the number of bytes recorded in the header information, determine that the configuration file has been successfully transmitted;
[0022] Data corresponding to each character index is extracted from the information body, and the extracted data is used to perform verification processing on the target file according to the character index hierarchy.
[0023] Optionally, the character index includes one or more of the target file's filename, file size in bytes, and file hash value, wherein the file hash value is obtained by hashing the content of the target file;
[0024] The step of performing verification processing on the target file using the extracted data according to the character index hierarchy includes:
[0025] The filenames of the target file and the configuration file are matched. If the matching result is a match, the current file size in bytes of the target file is obtained.
[0026] In response to the current file size being equal to the file size in the information body, it is determined that the target file has been successfully transmitted;
[0027] In response to the completion of the transmission of the target file, the content of the target file is hashed. In response to the fact that the resulting file hash value is the same as the file hash value in the information body, the target file is determined to be valid.
[0028] Optionally, the character index may also include one or more of the following: sender information, receiver information, encryption / decryption parameters, and whether to encrypt.
[0029] The step of performing verification processing on the target file using the extracted data according to the character index hierarchy includes:
[0030] In response to the fact that the sender information is in a preset blacklist, the target file and the configuration file are intercepted.
[0031] In response to the value of the encryption parameter being yes, the encryption / decryption parameter is decrypted using the private key to obtain the decrypted encryption / decryption parameter;
[0032] Using the decrypted encryption / decryption parameters, the target file is decrypted to obtain the decrypted file.
[0033] Optionally, the character index includes extended information items, and the step of using the extracted data to perform verification processing on the target file according to the character index hierarchy includes:
[0034] Determine the business attributes of the extended information, and use the verification method corresponding to the business attributes to perform verification processing on the extended information.
[0035] Optionally, the information body includes signature information, and the step of verifying the target file using the extracted data according to the character index hierarchy includes:
[0036] Based on the information in the information body other than the signature information, the signature information is verified. If the verification result is successful, the information in the information body is determined to be correct.
[0037] To achieve the above objectives, according to another aspect of the present invention, a file transfer processing apparatus for use by a sender is provided, comprising:
[0038] The acquisition module is used to acquire the information body content management strategy in response to the selection and transmission operation of the target file; wherein, the information body content management strategy includes a character index and a corresponding index level;
[0039] The extraction module is used to extract corresponding data from the target file using the value method corresponding to each character index, and to arrange the extracted data according to the index level to generate an information body;
[0040] The generation module is used to determine the number of bytes in the information body, use the number of bytes as header information, and process the header information and the information body according to a preset file format to generate a configuration file;
[0041] The transmission module is used to obtain recipient information and send the target file and the configuration file to the recipient, so that the recipient can use the configuration file to perform verification processing on the target file.
[0042] Optionally, the character index includes one or more of the target file's filename, file size in bytes, and file hash value, wherein the file hash value is obtained by hashing the content of the target file;
[0043] The device further includes adding a preset field as a suffix after the filename to serve as the filename of the configuration file.
[0044] Optionally, the character index may also include one or more of the following: sender information, receiver information, encryption / decryption parameters, and whether to encrypt.
[0045] The method further includes:
[0046] The target file is encrypted using unencrypted encryption / decryption parameters;
[0047] Based on the identifier in the recipient information, determine the recipient's public key, and use the recipient's public key to encrypt the unencrypted encryption / decryption parameters to obtain the encryption / decryption parameters;
[0048] Set the encryption parameter to yes.
[0049] Optionally, the character index includes extended information items, the data of which is obtained through input.
[0050] Optionally, the information body may also include signature information, which is obtained by signing other information in the information body.
[0051] To achieve the above objectives, according to another aspect of the present invention, a file transfer processing apparatus for a receiver is provided, comprising:
[0052] The receiving module is used to receive the target file and configuration file sent by the sender, parse the configuration file to obtain header information and information body; wherein, the information body includes character indexes and corresponding data, and there is an index hierarchy relationship between the character indexes;
[0053] The determination module is used to obtain the current number of bytes in the information body, and in response to the number of bytes being equal to the number of bytes recorded in the header information, determine that the configuration file has been transmitted successfully;
[0054] The verification module is used to extract data corresponding to each character index from the information body, and to perform verification processing on the target file using the extracted data according to the character index hierarchy.
[0055] Optionally, the character index includes one or more of the target file's filename, file size in bytes, and file hash value, wherein the file hash value is obtained by hashing the content of the target file;
[0056] The verification module is used for:
[0057] The filenames of the target file and the configuration file are matched. If the matching result is a match, the current file size in bytes of the target file is obtained.
[0058] In response to the current file size being equal to the file size in the information body, it is determined that the target file has been successfully transmitted;
[0059] In response to the completion of the transmission of the target file, the content of the target file is hashed. In response to the fact that the resulting file hash value is the same as the file hash value in the information body, the target file is determined to be valid.
[0060] Optionally, the character index may also include one or more of the following: sender information, receiver information, encryption / decryption parameters, and whether to encrypt.
[0061] The verification module is used for:
[0062] In response to the fact that the sender information is in a preset blacklist, the target file and the configuration file are intercepted.
[0063] In response to the value of the encryption parameter being yes, the encryption / decryption parameter is decrypted using the private key to obtain the decrypted encryption / decryption parameter;
[0064] Using the decrypted encryption / decryption parameters, the target file is decrypted to obtain the decrypted file.
[0065] Optionally, the character index includes extended information items, and the verification module is used for:
[0066] Determine the business attributes of the extended information, and use the verification method corresponding to the business attributes to perform verification processing on the extended information.
[0067] Optionally, the information body includes signature information, and the verification module is used for:
[0068] Based on the information in the information body other than the signature information, the signature information is verified. If the verification result is successful, the information in the information body is determined to be correct.
[0069] To achieve the above objectives, according to another aspect of the present invention, a file transfer processing electronic device is provided.
[0070] The electronic device of this invention includes: one or more processors; and a storage device for storing one or more programs, wherein when the one or more programs are executed by the one or more processors, the one or more processors implement any of the file transfer processing methods described above.
[0071] To achieve the above objectives, according to another aspect of the present invention, a computer-readable medium is provided having a computer program stored thereon, which, when executed by a processor, implements any of the file transfer processing methods described above.
[0072] To achieve the above objectives, according to another aspect of the present invention, a computing program product is provided. The computing program product of the present invention includes a computer program, which, when executed by a processor, implements the file transfer processing method provided in the present invention.
[0073] According to the solution provided by the present invention, one embodiment of the above invention has the following advantages or beneficial effects: For each file that needs to be transmitted, a configuration file is attached. This configuration file can not only be used to verify whether its own transmission is complete, but also to verify whether the target file has been transmitted. This solves the problem of the receiver handling files in the transmission process in existing file transmission scenarios. It also supports verifying the identity information of the data sender and receiver, supports encryption function to ensure data file security and prevent tampering and forgery, and supports setting extended information items to expand the function according to actual business needs.
[0074] The further effects of the aforementioned unconventional alternative methods will be explained below in conjunction with specific implementation methods. Attached Figure Description
[0075] The accompanying drawings are provided to better understand the invention and are not intended to unduly limit the scope of the invention. Wherein:
[0076] Figure 1This is a schematic diagram of the main flow of a file transfer processing method applied to the sender according to an embodiment of the present invention;
[0077] Figure 2 This is a flowchart illustrating an optional file transfer processing method applied to the sender according to an embodiment of the present invention;
[0078] Figure 3 This is a flowchart illustrating a file transfer processing method applied to a receiver according to an embodiment of the present invention.
[0079] Figure 4 This is a flowchart illustrating an optional file transfer processing method applied to a receiver according to an embodiment of the present invention.
[0080] Figure 5 This is a schematic diagram of the main modules of a file transfer processing device applied to the sender according to an embodiment of the present invention;
[0081] Figure 6 This is a schematic diagram of the main modules of a file transfer processing device applied to a receiver according to an embodiment of the present invention;
[0082] Figure 7 This is an exemplary system architecture diagram in which embodiments of the present invention can be applied;
[0083] Figure 8 This is a schematic diagram of the structure of a computer system suitable for implementing the embodiments of the present invention, such as a mobile device or server. Detailed Implementation
[0084] The following description, in conjunction with the accompanying drawings, illustrates exemplary embodiments of the present invention, including various details to aid understanding. These details should be considered merely exemplary. Therefore, those skilled in the art will recognize that various changes and modifications can be made to the embodiments described herein without departing from the scope and spirit of the invention. Similarly, for clarity and brevity, descriptions of well-known functions and structures are omitted in the following description.
[0085] It should be noted that, unless otherwise specified, the embodiments and features described in the present invention can be combined with each other. The collection, analysis, use, transmission, and storage of user personal information involved in the technical solutions of the present invention comply with relevant laws and regulations, are used for legitimate and reasonable purposes, and are not shared, disclosed, or sold outside of these legitimate uses, and are subject to supervision and management by regulatory authorities. Necessary measures should be taken to prevent unauthorized access to such personal information data, ensure that personnel authorized to access personal information data comply with relevant laws and regulations, and ensure the security of user personal information. Once such user personal information data is no longer needed, the risk should be minimized by restricting or even prohibiting data collection and / or deleting the data. Where applicable, including in certain relevant applications, user privacy may be protected by de-identifying data, for example, by removing specific identifiers, controlling the amount or specificity of stored data, controlling how data is stored, and / or other de-identification methods.
[0086] See Figure 1 The diagram shows the main flowchart of a file transfer processing method applied to the sender according to an embodiment of the present invention, which includes the following steps:
[0087] S101: In response to the selection and transmission operation of the target file, obtain the information body content management strategy; wherein, the information body content management strategy includes a character index and a corresponding index level;
[0088] S102: Using the value method corresponding to each character index, extract the corresponding data from the target file, and arrange the extracted data according to the index level to generate an information body;
[0089] S103: Determine the number of bytes in the information body, use the number of bytes as header information, process the header information and the information body according to a preset file format to generate a configuration file;
[0090] S104: Obtain recipient information, send the target file and the configuration file to the recipient, so that the recipient can use the configuration file to perform verification processing on the target file.
[0091] In the above implementation, step S101 is primarily designed for data transmission scenarios. When real-time requirements are not high, files are generally used as the carrier for data interaction. The user selects data on the interface and clicks the transmission option, thereby generating a file containing this data. This file is then transmitted to the receiver as the target file. When sending the target file, the content of the information body must first be set according to the information body content management strategy. The receiver then performs corresponding verification operations on the target file based on the content of the information body.
[0092] The information content management strategy of this solution includes the settings for character indexes and their corresponding index levels. The number of character indexes is preferably multiple, such as "name" and "size," and the corresponding index levels are set as first index level, second index level, third index level, etc., depending on the actual situation of the indexed objects.
[0093] For example, for the target file, the character index includes, but is not limited to, the filename, file size in bytes, and file hash value. The filename is given priority and can be placed at the first index level to determine if the configuration file matches it. This solution mainly addresses whether the file transfer is complete, so the file size in bytes is placed at the second index level. The file hash value is mainly used to verify whether the file content has been tampered with, so it is placed at the third index level.
[0094] For example, for sender information, the character index includes, but is not limited to, the sender identifier. Assuming there is only this one piece of information, it is placed directly in the first index level.
[0095] For example, regarding recipient information, the character index includes, but is not limited to, the recipient identifier. If encryption of the target file is required, the character index also includes the recipient's public key. Therefore, the recipient identifier is placed at the first index level, and the public key at the second index level. To prevent the public key from being illegally obtained by others, it is preferable to only set the recipient identifier here.
[0096] For step S102, this scheme pre-sets the value retrieval method corresponding to each character index. Multiple character indices may have the same value retrieval method. For example, receiver and sender information can be directly obtained from user-selected information, and the target file's filename can be directly obtained from file attributes. Both use the `get` method. However, some value retrieval methods require certain computer techniques. For instance, the target file's byte size needs to be calculated, and the target file's hash value needs to be obtained by hashing the file content.
[0097] In practice, the configuration file body can consist of only the target file's name and file size in bytes. In this case, the configuration file occupies the smallest number of bytes and is only used by the receiver to verify whether the target file has been successfully transmitted. However, if signature authentication or other functions are required for the target file, the configuration file body will contain more information and occupy more bytes, but it will usually not exceed 2KB. In other cases, the size of the configuration file can be adjusted according to actual needs.
[0098] When forming the information body, the data corresponding to each character index can be arranged sequentially according to the index hierarchy, or connected by delimiters according to the index hierarchy, etc., without any restrictions. Then, the character indices of the first index level are arranged in a preset order, or connected by delimiters, etc., to construct the information body.
[0099] For example, in {a:a1:a2-bc:c1}, a, b, and c are all at the first index level, a1 is at the second index level of a, c1 is at the second index level of c, and a2 is at the third index level of a. However, if both a1 and a2 are at the second index level, the structure can be a:a1 / a2, and this scheme does not restrict its form.
[0100] For step S103, only the configuration file's information body has been generated. However, the configuration file is logically in the process of being transmitted. Therefore, a file format is pre-defined for the configuration file, such as header information + information body, or information body + footer information. Taking header information + information body as an example, the first 4 bytes represent the size of the configuration file, i.e., the number of bytes in the information body, followed by the actual content of the information body.
[0101] In this solution, the target file and configuration file differ only in their file extensions, while maintaining the same prefix for both. For example, the target file might be named x.pdf, and the configuration file x.pdf.config. This configuration allows maintenance personnel to visually verify that both the target file and configuration file have arrived in pairs. From a program perspective, the receiving end does not need to parse the contents of the target file and configuration file; it can determine whether both files have arrived simply by matching their filenames.
[0102] For step S104, the sender information and receiver information are usually agreed upon by the user when selecting to send the file. For example, if an enterprise has multiple systems and there is file interaction between these systems, a unified management department can be set up to assign a unique system identifier to each system. Subsequently, the user can determine the sender and receiver by selecting the system identifier. For example, if department A is selected as the sender and department B as the receiver, the file will be sent from department A to department B.
[0103] This method is for file transfer scenarios with multiple senders and multiple receivers, all of whom have system identifiers. For scenarios without system identifiers, users can choose to enter the sender's and receiver's file receiving method, such as email address, WeChat, or cloud storage. This method avoids the problem of receivers receiving files unrelated to them and prevents file information from being leaked to unrelated individuals.
[0104] After obtaining the recipient's information, the target file and configuration file can be sent to the recipient in pairs. After receiving these two files, the recipient can use the header information (or footer information) to determine whether the configuration file has been successfully transmitted. If the result indicates that the transmission is successful, the recipient can then use the content in the message body to determine whether the target file has been successfully transmitted.
[0105] For example, if the current configuration file size is determined to be 2KB, and the header information of the configuration file also records 2KB, then the configuration file is currently in the "transmission completed" state. However, if the current configuration file size is less than the number of bytes recorded in the header information, then the configuration file is currently in the "transmission in progress" state and needs to continue waiting. This solves the problem of the integrity of the configuration file itself during the transmission process.
[0106] For example, if the current target file size is determined to be 1MB, while the target file size in the configuration file body is 2MB, it means the target file is currently in a "transferring" state and we need to continue waiting. However, if the two are equal, it means the target file is currently in a "transfer completed" state, thus resolving the issue of the target file being transferred.
[0107] The method provided in the above embodiments mainly addresses common problems encountered during file transfer and processing. For each target file to be transferred, a configuration file is attached, and the configuration file is transmitted to the receiver along with the target file for transmission status verification. This solves the technical problem of uncertainty regarding the file transmission status at the receiver in existing technologies. By using character indexes and index levels, when the data to be extracted changes, the data can be extracted normally again simply by relying on the character index, without needing to adjust the script function for data extraction, thus greatly improving the efficiency of data extraction.
[0108] See Figure 2 The diagram illustrates an optional file transfer processing method applied to the sender according to an embodiment of the present invention, including the following steps:
[0109] S201: In response to the selection and transmission operation of the target file, obtain the information body content management strategy; wherein, the information body content management strategy includes a character index and a corresponding index level, the character index includes one or more of the target file's file name, file size in bytes, and file hash value, and one or more of the sender information, receiver information, encryption / decryption parameters, and whether to encrypt parameters, and the file hash value is obtained by hashing the content of the target file;
[0110] S202: Extract the corresponding data using the value retrieval method corresponding to each character index, and arrange the extracted data according to the index level to generate the information body;
[0111] S203: Determine the number of bytes in the information body, use the number of bytes as header information, process the header information and the information body according to a preset file format to generate a configuration file;
[0112] S204: Obtain recipient information, send the target file and the configuration file to the recipient, so that the recipient can use the configuration file to perform verification processing on the target file.
[0113] In the above embodiments, steps S202 to S204 can be found in [reference needed]. Figure 1 The description shown will not be repeated here.
[0114] For step S201, the basic information of the character index set in this scheme is shown in Table 1, and may actually include one or more items from the table:
[0115] Table 1
[0116]
[0117] In practice, the configuration file body can consist of only the target file's name and file size in bytes. In this case, the configuration file size is minimal and is only used by the receiver to verify whether the target file has been successfully transmitted. However, if signature authentication or other functions are required for the target file, the configuration file body will contain more information and be larger in bytes, but usually not exceeding 2KB. In other cases, the configuration file size can be adjusted according to actual needs.
[0118] For the target file, a file hash value can also be set, which calculates a string based on all the contents of the file. The receiver can then use the file hash value to verify whether the contents of the target file have been tampered with.
[0119] This scheme verifies the legitimacy of the sender and receiver by setting sender and receiver identifiers. For example, receiver B can blacklist sender A, and upon receiving files from sender A, reject or delete those files. With a receiver identifier present, this scheme also sets encryption / decryption parameters and a decryption / unencryption parameter. These encryption / decryption parameters are the encrypted parameters; the parameters used to encrypt the original file are the unencrypted parameters, resulting in the target file, or the target file can be further encrypted. The second option is preferred. Optionally, a randomly generated key k is used as the unencrypted encryption / decryption parameter. The receiver's public key is obtained based on the receiver identifier, and k is encrypted using the public key to obtain K, which is then used as the encrypted encryption / decryption parameter. However, if encryption is not specified, it can be agreed that these encryption / decryption and decryption / unencryption parameters do not exist.
[0120] This solution also includes extended information items, such as the business order number, as supplementary information for the target file, such as a description of the background of the target file execution. The specific information included is set according to the actual situation, but it usually needs to be entered manually, and the recipient also needs to verify it.
[0121] This scheme also includes signature information to sign other information in the message body. For example, the RSA asymmetric key algorithm is used to sign "filename + sender identifier + receiver identifier + file size in bytes + file hash value + ... + extended information" to prevent these information from being forged or tampered with. This verification still occurs on the receiver's side.
[0122] The method provided in the above embodiments allows the character indexes in the information body to be set according to the actual situation. The value retrieval method corresponding to each character index is different, resulting in different verification methods. Thus, in addition to verifying whether the target file has been transmitted, other verification functions can be implemented.
[0123] See Figure 3 The diagram illustrates a file transfer processing method applied to a receiver according to an embodiment of the present invention, including the following steps:
[0124] S301: Receive the target file and configuration file sent by the sender, parse the configuration file to obtain header information and information body; wherein, the information body includes character indexes and corresponding data, and there is an index hierarchy relationship between the character indexes;
[0125] S302: Obtain the current number of bytes in the information body, and in response to the number of bytes being equal to the number of bytes recorded in the header information, determine that the configuration file has been transmitted successfully;
[0126] S303: Extract the data corresponding to each character index from the information body, and perform verification processing on the target file using the extracted data according to the character index hierarchy.
[0127] In the above embodiments, for steps S301 to S302, after receiving the target file and configuration file sent by the sender, the receiver first checks whether the configuration file is complete. As described above, the configuration file may also be in a "transmitting" state. To solve this problem, the format of the configuration file can be defined as header information + information body. The header information registers the size of the configuration file, i.e., the number of bytes in the information body, and the information body records the contents of Table 1.
[0128] The receiver first determines the number of bytes in the current configuration file, for example, 2k. If the number of bytes recorded in the configuration file header is also 2k, it means that the configuration file is currently in the "transmission completed" state. However, if the number of bytes in the current configuration file is less than the number of bytes recorded in the header, it means that the configuration file is currently in the "transmission in progress" state and needs to continue to wait. This solves the problem of the integrity of the configuration file itself during the transmission process.
[0129] For step S303, the information body of this scheme includes multiple character indices and corresponding data. There is a hierarchical relationship between these character indices, such as the file name, file size in bytes, and file hash value of the target file. Therefore, when verifying that the configuration file has been successfully transmitted, the target file can be verified one by one according to the hierarchical relationship of the character indices. For example, the next character index can be processed after the current character index is processed, or they can be processed simultaneously, or other methods can be used.
[0130] For example, see the target file's filename, file size in bytes, and file hash value. Figure 4 As shown:
[0131] S401: Perform a matching process between the filename of the target file and the filename of the configuration file. If the matching result is a match, it is determined that there is a matching relationship between the target file and the configuration file. For example, the target file is a.pdf, and the configuration file is a.pdf.config. However, if there is no match, it indicates a configuration error, thereby resolving the matching problem between the configuration file and the target file and preventing the configuration file from being forged.
[0132] S402: Obtain the current file size in bytes of the target file. If the current file size in bytes is equal to the file size in bytes in the configuration file body, determine that the target file has been successfully transmitted. For example, if the currently obtained file size in bytes of the target file is 1MB, and the file size in bytes of the target file in the configuration file body is 2MB, then the target file is currently in a "transmitting" state and needs to be waited for. However, if the two are equal, it indicates that the target file is currently in a "transmitted successfully" state, thus resolving the issue of the target file being transmitted. However, if after a certain period of time, such as 10 minutes, the determination result is still "transmitting," it may be abnormal data.
[0133] S403: Perform hash processing on the content of the target file. If the processed file hash value is the same as the file hash value in the information body, the target file is determined to be valid. The file's hash value is calculated using operating system commands, and the processed hash value is matched with the hash value in the configuration file's information body to determine if the two hash values match. If they do not match, the target file data is determined to be abnormal. In this way, it is proven that the target file has not been tampered with during transmission.
[0134] By using character indexes and index levels, the content in the configuration file information body is managed hierarchically. During the verification process, the receiver can verify the target file one by one according to this level. When any level of verification fails, the exception is directly confirmed without the need for full character verification. For example, if the file name matching is abnormal as mentioned above, the last two steps do not need to be executed, thereby improving the verification speed.
[0135] Currently, file transfer tools lack features to verify sender and receiver information. Therefore, this solution requires verifying the sender and receiver's legitimacy before or after confirming the target file has been successfully transferred, is verified as normal, or is verified beforehand. For example, to prevent the sender from sending files that shouldn't be processed, the receiver can set a filtering condition, such as not processing data from non-receivers. This necessitates filtering data within the target file. For instance, it might consider whether to accept data from a specific sender. If system A sends a file to system B, system B, upon receiving the file, will know the sender is system A. If system B's blacklist includes system A, then files sent by system A need to be intercepted. Another scenario involves configuring the sender's key information and determining if the key has expired.
[0136] The configuration file contains fields to indicate whether the target file is encrypted, typically agreed upon by the sender and receiver systems. If the file is unencrypted, this field can be omitted, indicating no encryption, and the corresponding encryption / decryption field will be empty. However, if the file is encrypted, the encryption / decryption field is not empty; it is used to decrypt the encrypted target file to prevent information leakage. For example, the sender's device might encrypt the target file using the receiver's public key, and the receiver would then need to use its own private key to decrypt the file and obtain the target file.
[0137] The configuration file's information body also contains signature information. This signature information is obtained by signing all other information in the information body except for the signature information itself. Therefore, the information in the information body, excluding the signature information, can be used to verify the signature information, such as performing RSA algorithm verification. If the verification passes, it indicates that the information in the information body is authentic and valid, and has not been tampered with or forged. This operation can be performed after verifying that the target file and configuration file match, after verifying that the target file is normal, or after all other verifications have passed. This solution does not restrict the timing of its implementation.
[0138] Currently, ordinary file transfer tools lack the ability to verify file extensibility or add supplementary information to files without altering their original content. This solution's configuration file includes extended information fields, where commonly used fields can be set, or additional information may be required in certain applications, such as a transaction number. This solution provides extended information along with setting business attributes; for example, a business transaction number is a business transaction attribute. Based on the verification methods corresponding to the business transaction attribute, such as security, data encryption, and sender authentication, the information corresponding to that business transaction number is verified.
[0139] The method provided in the above embodiments allows the receiver to verify whether the configuration file has been successfully transmitted based on the header information of the configuration file, and to verify whether the target file has been successfully transmitted and whether its content has been tampered with using the content of the configuration file's information body. The entire process does not modify the target file or add any information; the target file verification is completed solely through the attached configuration file. By using character indexes and index levels, the content of the configuration file's information body is managed hierarchically. During the verification process, the receiver can verify the target file one level at a time according to this hierarchy. If any level of verification fails, an anomaly is directly confirmed without verifying all characters, thereby improving verification speed.
[0140] See Figure 5 The diagram shows a schematic representation of the main modules of a file transfer processing device 500 applied to a sender according to an embodiment of the present invention, including:
[0141] The acquisition module 501 is used to acquire the information body content management strategy in response to the selection and transmission operation of the target file; wherein, the information body content management strategy includes a character index and a corresponding index level;
[0142] The extraction module 502 is used to extract corresponding data from the target file using the value method corresponding to each character index, and to arrange the extracted data according to the index level to generate an information body;
[0143] The generation module 503 is used to determine the number of bytes in the information body, use the number of bytes as header information, process the header information and the information body according to a preset file format, and generate a configuration file.
[0144] The transmission module 504 is used to obtain receiver information and send the target file and the configuration file to the receiver, so that the receiver can use the configuration file to perform verification processing on the target file.
[0145] In the apparatus of this invention, the character index includes one or more of the target file's filename, file size in bytes, and file hash value, wherein the file hash value is obtained by hashing the content of the target file;
[0146] The device further includes adding a preset field as a suffix after the filename to serve as the filename of the configuration file.
[0147] In the device of this invention, the character index further includes one or more of the following: sender information, receiver information, encryption / decryption parameters, and whether to encrypt:
[0148] The device further includes:
[0149] The target file is encrypted using unencrypted encryption / decryption parameters;
[0150] Based on the identifier in the recipient information, determine the recipient's public key, and use the recipient's public key to encrypt the unencrypted encryption / decryption parameters to obtain the encryption / decryption parameters;
[0151] Set the encryption parameter to yes.
[0152] In the device of this invention, the character index includes extended information items, and the data corresponding to the extended information items is obtained through input.
[0153] In the device of the present invention, the information body further includes signature information, which is obtained by signing other information in the information body.
[0154] See Figure 6 The diagram illustrates the main modules of a file transfer processing device 600 for a receiver according to an embodiment of the present invention, including:
[0155] The receiving module 601 is used to receive the target file and configuration file sent by the sender, parse the configuration file to obtain header information and information body; wherein, the information body includes character indexes and corresponding data, and there is an index hierarchy relationship between the character indexes;
[0156] The determination module 602 is used to obtain the current number of bytes in the information body, and in response to the number of bytes being equal to the number of bytes recorded in the header information, determines that the configuration file has been transmitted successfully;
[0157] The verification module 603 is used to extract data corresponding to each character index from the information body, and to perform verification processing on the target file using the extracted data according to the character index hierarchy.
[0158] In the apparatus of this invention, the character index includes one or more of the target file's filename, file size in bytes, and file hash value, wherein the file hash value is obtained by hashing the content of the target file;
[0159] The verification module 603 is used for:
[0160] The filenames of the target file and the configuration file are matched. If the matching result is a match, the current file size in bytes of the target file is obtained.
[0161] In response to the current file size being equal to the file size in the information body, it is determined that the target file has been successfully transmitted;
[0162] In response to the completion of the transmission of the target file, the content of the target file is hashed. In response to the fact that the resulting file hash value is the same as the file hash value in the information body, the target file is determined to be valid.
[0163] In the device of this invention, the character index further includes one or more of the following: sender information, receiver information, encryption / decryption parameters, and whether to encrypt:
[0164] The verification module 603 is used for:
[0165] In response to the fact that the sender information is in a preset blacklist, the target file and the configuration file are intercepted.
[0166] In response to the value of the encryption parameter being yes, the encryption / decryption parameter is decrypted using the private key to obtain the decrypted encryption / decryption parameter;
[0167] Using the decrypted encryption / decryption parameters, the target file is decrypted to obtain the decrypted file.
[0168] In the apparatus of this invention, the character index includes extended information items, and the verification module 603 is used for:
[0169] Determine the business attributes of the extended information, and use the verification method corresponding to the business attributes to perform verification processing on the extended information.
[0170] In the apparatus of this invention, the information body includes signature information, and the verification module 603 is used for:
[0171] Based on the information in the information body other than the signature information, the signature information is verified. If the verification result is successful, the information in the information body is determined to be correct.
[0172] Furthermore, the specific implementation details of the device described in the embodiments of the present invention have been described in detail in the above-described method, so the details will not be repeated here.
[0173] Figure 7 An exemplary system architecture 700 to which embodiments of the present invention can be applied is shown, including terminal devices 701, 702, 703, network 704, and server 705 (this is merely an example).
[0174] Terminal devices 701, 702, and 703 can be various electronic devices with displays and support for web browsing, and have various communication client applications installed. Users can use terminal devices 701, 702, and 703 to interact with server 705 through network 704 to receive or send messages, etc.
[0175] Network 704 is a medium used to provide a communication link between terminal devices 701, 702, 703 and server 705. Network 704 may include various connection types, such as wired or wireless communication links or fiber optic cables, etc.
[0176] Server 705 can be a server that provides various services. It should be noted that the method provided in the embodiments of the present invention is generally executed by server 705, and correspondingly, the device is generally set in server 705.
[0177] It should be understood that Figure 7 The number of terminal devices, networks, and servers shown is merely illustrative. Depending on implementation needs, any number of terminal devices, networks, and servers can be included.
[0178] The following is for reference. Figure 8 It shows a schematic diagram of the structure of a computer system 800 suitable for implementing a terminal device of the present invention. Figure 8 The terminal device shown is merely an example and should not impose any limitations on the functionality and scope of use of the embodiments of the present invention.
[0179] like Figure 8As shown, the computer system 800 includes a central processing unit (CPU) 801, which can perform various appropriate actions and processes based on programs stored in read-only memory (ROM) 802 or programs loaded from storage section 808 into random access memory (RAM) 803. The RAM 803 also stores various programs and data required for the operation of the system 800. The CPU 801, ROM 802, and RAM 803 are interconnected via a bus 804. An input / output (I / O) interface 805 is also connected to the bus 804.
[0180] The following components are connected to I / O interface 805: an input section 806 including a keyboard, mouse, etc.; an output section 807 including a cathode ray tube (CRT), liquid crystal display (LCD), etc., and speakers, etc.; a storage section 808 including a hard disk, etc.; and a communication section 809 including a network interface card such as a LAN card, modem, etc. The communication section 809 performs communication processing via a network such as the Internet. A drive 810 is also connected to I / O interface 805 as needed. A removable medium 811, such as a disk, optical disk, magneto-optical disk, semiconductor memory, etc., is installed on drive 810 as needed so that computer programs read from it can be installed into storage section 808 as needed.
[0181] In particular, according to the embodiments disclosed in this invention, the processes described above with reference to the flowcharts can be implemented as computer software programs. For example, embodiments disclosed in this invention include a computer program product comprising a computer program carried on a computer-readable medium, the computer program containing program code for performing the methods shown in the flowcharts. In such embodiments, the computer program can be downloaded and installed from a network via communication section 809, and / or installed from removable medium 811. When the computer program is executed by central processing unit (CPU) 801, it performs the functions defined above in the system of this invention.
[0182] It should be noted that the computer-readable medium shown in this invention can be a computer-readable signal medium or a computer-readable storage medium, or any combination thereof. A computer-readable storage medium can be, for example,—but not limited to—an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples of a computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer disk, a hard disk, random access memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination thereof. In this invention, a computer-readable storage medium can be any tangible medium containing or storing a program that can be used by or in conjunction with an instruction execution system, apparatus, or device. In this invention, a computer-readable signal medium can include a data signal propagated in baseband or as part of a carrier wave, carrying computer-readable program code. Such propagated data signals can take various forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination thereof. Computer-readable signal media can also be any computer-readable medium other than computer-readable storage media, which can send, propagate, or transmit a program for use by or in connection with an instruction execution system, apparatus, or device. The program code contained on the computer-readable medium can be transmitted using any suitable medium, including but not limited to: wireless, wire, optical fiber, RF, etc., or any suitable combination thereof.
[0183] The flowcharts and block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of the present invention. In this regard, each block in a flowchart or block diagram may represent a module, segment, or portion of code containing one or more executable instructions for implementing a specified logical function. It should also be noted that in some alternative implementations, the functions indicated in the blocks may occur in a different order than those indicated in the drawings. For example, two consecutively indicated blocks may actually be executed substantially in parallel, and they may sometimes be executed in reverse order, depending on the functions involved. It should also be noted that each block in a block diagram or flowchart, and combinations of blocks in a block diagram or flowchart, may be implemented using a dedicated hardware-based system that performs the specified function or operation, or using a combination of dedicated hardware and computer instructions.
[0184] The modules described in the embodiments of the present invention can be implemented in software or hardware. The described modules can also be housed in a processor; for example, a processor may be described as including a receiving module, a determining module, and a verification module. The names of these modules do not necessarily limit the module itself; for example, the verification module may also be described as a "file verification module."
[0185] In another aspect, the present invention also provides a computer-readable medium, which may be included in the device described in the above embodiments; or it may exist independently and not assembled into the device. The computer-readable medium carries one or more programs that, when executed by the device, cause the device to perform any of the file transfer processing methods described above.
[0186] The computer program product of the present invention includes a computer program that, when executed by a processor, implements the file transfer processing method of the embodiments of the present invention.
[0187] The specific embodiments described above do not constitute a limitation on the scope of protection of this invention. Those skilled in the art should understand that various modifications, combinations, sub-combinations, and substitutions can occur depending on design requirements and other factors. Any modifications, equivalent substitutions, and improvements made within the spirit and principles of this invention should be included within the scope of protection of this invention.
Claims
1. A file transfer processing method, characterized in that, Applied to the sender, including: In response to the selection and transmission operation of the target file, an information body content management strategy is obtained; wherein, the information body content management strategy includes a character index and a corresponding index level; Using the value retrieval method corresponding to each character index, the corresponding data is extracted from the target file, and the extracted data is arranged according to the index level to generate an information body; wherein, the information body also includes signature information, which is obtained by signing other information in the information body; The number of bytes in the information body is determined, and the number of bytes is used as header information. The header information and the information body are processed according to a preset file format to generate a configuration file. Obtain recipient information, send the target file and the configuration file to the recipient in pairs, so that the recipient first determines whether the configuration file has been transmitted successfully, and if the result is that the transmission is successful, then use the configuration file to perform verification processing on the target file. It also includes: encrypting the target file using unencrypted encryption / decryption parameters; determining the recipient's public key based on the identifier in the recipient information, and using the recipient's public key to encrypt the unencrypted encryption / decryption parameters to obtain the encryption / decryption parameters; and setting the encryption / decryption parameter to yes. The character index also includes one or more of the following: sender information, receiver information, encryption / decryption parameters, and whether to encrypt.
2. The method according to claim 1, characterized in that, The character index includes one or more of the target file's filename, file size in bytes, and file hash value, wherein the file hash value is obtained by hashing the content of the target file; The method further includes adding a preset field as a suffix after the filename to serve as the filename of the configuration file.
3. The method according to claim 1, characterized in that, The character index includes extended information items, the data of which is obtained through input.
4. A file transfer processing method, characterized in that, Applied to the recipient, including: The system receives the target file and configuration file sent by the sender, parses the configuration file to obtain header information and information body; wherein, the information body includes character indexes and corresponding data, and there is an index hierarchy relationship between the character indexes; the character indexes also include one or more of the following: sender information, receiver information, encryption / decryption parameters, and whether to encrypt; Obtain the current number of bytes in the information body, and in response to the number of bytes being equal to the number of bytes recorded in the header information, determine that the configuration file has been successfully transmitted; Data corresponding to each character index is extracted from the information body. According to the character index hierarchy, the extracted data is used to perform verification processing on the target file, including: in response to the sender information being in a preset blacklist, the target file and the configuration file are intercepted; in response to the value of whether the encryption / decryption parameter is yes, the encryption / decryption parameter is decrypted using a private key to obtain the decrypted encryption / decryption parameter; the decrypted encryption / decryption parameter is used to decrypt the target file to obtain the decrypted file. The information body includes signature information. The step of using the extracted data to verify the target file according to the character index hierarchy includes: performing signature verification processing on the signature information based on the information in the information body other than the signature information, and determining that the information in the information body is correct in response to the verification result being passed.
5. The method according to claim 4, characterized in that, The character index includes one or more of the target file's filename, file size in bytes, and file hash value, wherein the file hash value is obtained by hashing the content of the target file; The step of performing verification processing on the target file using the extracted data according to the character index hierarchy includes: The filenames of the target file and the configuration file are matched. If the matching result is a match, the current file size in bytes of the target file is obtained. In response to the current file size being equal to the file size in the information body, it is determined that the target file has been successfully transmitted; In response to the completion of the transmission of the target file, the content of the target file is hashed. In response to the fact that the resulting file hash value is the same as the file hash value in the information body, the target file is determined to be valid.
6. The method according to claim 4, characterized in that, The character index includes extended information items. The step of performing verification processing on the target file using the extracted data according to the character index hierarchy includes: Determine the business attributes of the extended information, and use the verification method corresponding to the business attributes to perform verification processing on the extended information.
7. A file transfer processing device, characterized in that, Applied to the sender, including: The acquisition module is used to acquire the information body content management strategy in response to the selection and transmission operation of the target file; wherein, the information body content management strategy includes a character index and a corresponding index level; the character index also includes one or more of the following: sender information, receiver information, encryption / decryption parameters, and whether to encrypt parameters; The extraction module is used to extract corresponding data from the target file using a value method corresponding to each character index, and arrange the extracted data according to the index level to generate an information body; wherein, the information body also includes signature information, which is obtained by signing other information in the information body; The generation module is used to determine the number of bytes in the information body, use the number of bytes as header information, and process the header information and the information body according to a preset file format to generate a configuration file; The transmission module is used to obtain the recipient information and send the target file and the configuration file to the recipient in pairs, so that the recipient first determines whether the configuration file has been transmitted successfully. If the result is that the transmission is successful, the recipient then uses the configuration file to perform verification processing on the target file. The device further includes: encrypting the target file using unencrypted encryption / decryption parameters; determining the recipient's public key based on the identifier in the recipient information, and using the recipient's public key to encrypt the unencrypted encryption / decryption parameters to obtain the encryption / decryption parameters; and setting the encryption / decryption parameter to yes.
8. The apparatus according to claim 7, characterized in that, The character index includes one or more of the target file's filename, file size in bytes, and file hash value, wherein the file hash value is obtained by hashing the content of the target file; The device further includes adding a preset field as a suffix after the filename to serve as the filename of the configuration file.
9. The apparatus according to claim 7, characterized in that, The character index includes extended information items, the data of which is obtained through input.
10. A file transfer processing device, characterized in that, Applied to the recipient, including: The receiving module is used to receive the target file and configuration file sent by the sender, parse the configuration file to obtain header information and information body; wherein, the information body includes character indexes and corresponding data, and there is an index hierarchy relationship between the character indexes; the character indexes also include one or more of the following: sender information, receiver information, encryption / decryption parameters, and whether to encrypt; The determination module is used to obtain the current number of bytes in the information body, and in response to the number of bytes being equal to the number of bytes recorded in the header information, determine that the configuration file has been transmitted successfully; The verification module is used to extract data corresponding to each character index from the information body, and to perform verification processing on the target file using the extracted data according to the character index hierarchy. This includes: intercepting the target file and the configuration file in response to the sender information being in a preset blacklist; decrypting the encryption / decryption parameters using a private key in response to the value of the encryption parameter being yes, obtaining the decrypted encryption / decryption parameters; and decrypting the target file using the decrypted encryption / decryption parameters to obtain the decrypted file. The information body includes signature information. The step of performing verification processing on the target file using the extracted data according to the character index hierarchy includes: verifying the signature information based on information in the information body other than the signature information; and determining that the information in the information body is correct in response to a successful verification result.
11. The apparatus according to claim 10, characterized in that, The character index includes one or more of the target file's filename, file size in bytes, and file hash value, wherein the file hash value is obtained by hashing the content of the target file; The verification module is used for: The filenames of the target file and the configuration file are matched. If the matching result is a match, the current file size in bytes of the target file is obtained. In response to the current file size being equal to the file size in the information body, it is determined that the target file has been successfully transmitted; In response to the completion of the transmission of the target file, the content of the target file is hashed. In response to the fact that the resulting file hash value is the same as the file hash value in the information body, the target file is determined to be valid.
12. The apparatus according to claim 10, characterized in that, The character index includes extended information items, and the verification module is used for: Determine the business attributes of the extended information, and use the verification method corresponding to the business attributes to perform verification processing on the extended information.
13. An electronic device, characterized in that, include: One or more processors; Storage device for storing one or more programs. When the one or more programs are executed by the one or more processors, the one or more processors implement the method as described in any one of claims 1-6.
14. A computer-readable medium having a computer program stored thereon, characterized in that, When the program is executed by the processor, it implements the method as described in any one of claims 1-6.
15. A computer program product, comprising a computer program, characterized in that, When the computer program is executed by a processor, it implements the method as described in any one of claims 1-6.