Communication establishment method and apparatus

By introducing a compatibility interface between the terminal and the server, and obtaining compatibility notification messages to determine the appropriate encryption engine and port information, the problem of low communication efficiency caused by encryption engine version mismatch is solved, and efficient communication establishment is achieved.

CN119254818BActive Publication Date: 2026-06-23SHENZHEN COMTOP INFORMATION TECH

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
SHENZHEN COMTOP INFORMATION TECH
Filing Date
2024-10-21
Publication Date
2026-06-23

AI Technical Summary

Technical Problem

Incompatibility between encryption engine versions between mobile terminals and servers leads to inefficient communication establishment, and existing technologies require manual intervention to establish a connection.

Method used

The terminal sends an encrypted communication request through the initial encryption engine. If it fails, it obtains the compatibility notification message from the target server through the compatibility interface. This message contains information about the candidate server's encryption engine and the plaintext message service port. Based on this information, the terminal establishes communication with the server.

Benefits of technology

It improves the efficiency and success rate of communication establishment between mobile terminals and servers, and ensures successful connection even when the encryption engine is incompatible by introducing a compatibility interface.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN119254818B_ABST
    Figure CN119254818B_ABST
Patent Text Reader

Abstract

The application relates to a communication establishment method and device. The method comprises the following steps: sending an encrypted communication establishment request to a target server by using an initial terminal encryption engine, so that the target server establishes encrypted communication with the terminal according to the encrypted communication establishment request; if it is determined that the encrypted communication establishment fails, obtaining a compatibility notification message sent by the target server through a compatibility interface; wherein the compatibility notification message comprises engine information of each candidate server encryption engine supported by the target server and message port information of a plaintext message server port of the target server; and establishing communication with the target server according to the compatibility notification message. The method can improve the efficiency of communication establishment between a mobile terminal and a server.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of security technology, and in particular to a communication establishment method and apparatus. Background Technology

[0002] Currently, mobile terminal and mobile internet technologies are developing rapidly, and most mobile terminals can access the internet and remote networks such as cloud platforms. When a mobile terminal requests network access, it initiates an encrypted connection request to the network server through an encryption engine such as OpenSSL for authentication. Only after successful authentication is the mobile terminal allowed to access the server.

[0003] However, due to potential version mismatches between the encryption engines of the mobile terminal and the server, communication connections between the mobile terminal and the server must be established manually in such cases, which greatly reduces the efficiency of establishing communication between the mobile terminal and the server. Summary of the Invention

[0004] Therefore, it is necessary to provide a communication establishment method and apparatus that can improve the efficiency of communication establishment between mobile terminals and servers, addressing the aforementioned technical problems.

[0005] Firstly, this application provides a communication establishment method applied to a terminal, comprising:

[0006] An initial terminal encryption engine is used to send an encrypted communication establishment request to the target server, so that the target server establishes encrypted communication with the terminal according to the encrypted communication establishment request.

[0007] If it is determined that the encrypted communication establishment failed, the compatibility notification message sent by the target server is obtained through the compatibility interface; wherein, the compatibility notification message includes engine information of each candidate server encryption engine supported by the target server and message port information of the plaintext message service port of the target server;

[0008] Based on the compatibility notification message, establish communication with the target server.

[0009] In one embodiment, determining that encrypted communication failed includes:

[0010] If no connection success response is received from the target server based on the encrypted communication establishment request within the preset time period, or if no connection reset response is received from the target server based on the encrypted communication establishment request, then the encrypted communication establishment is determined to have failed.

[0011] In one embodiment, the engine information of each candidate server-side encryption engine includes the server-side version information of the candidate server-side encryption engine and the engine port information of the engine service port.

[0012] Accordingly, establishing communication with the target server based on the compatibility notification message includes:

[0013] Based on the server version information of each candidate server encryption engine and the terminal version information of each candidate terminal encryption engine supported by the terminal, the encryption engine pairing result of each candidate server encryption engine and each candidate terminal encryption engine is determined.

[0014] Based on the encryption engine pairing result and the compatibility notification message, establish communication with the target server.

[0015] In one embodiment, establishing communication with the target server based on the encryption engine pairing result and the compatibility notification message includes:

[0016] If the encryption engine pairing results contain a target terminal encryption engine and a target server encryption engine with a corresponding relationship, then communication is established with the target server based on the engine information of the target terminal encryption engine and the target server encryption engine.

[0017] If no corresponding target terminal encryption engine and target server encryption engine are found in the encryption engine pairing results, then communication is established with the target server based on the message port information of the plaintext message service port of the target server.

[0018] In one embodiment, the engine port information includes the engine port number and the engine port open time;

[0019] Accordingly, establishing communication with the target server based on the engine information of the target terminal encryption engine and the target server encryption engine includes:

[0020] During the engine port open time, the target terminal encryption engine sends the encrypted communication establishment request to the engine port corresponding to the engine port number, so that the target server establishes encrypted communication with the terminal according to the encrypted communication establishment request.

[0021] In one embodiment, the message port information includes the message port number and the message port open time;

[0022] Accordingly, establishing communication with the target server based on the message port information of the plaintext message service port of the target server includes:

[0023] During the message port open time, a communication establishment request is sent to the plaintext message service port corresponding to the message port number, so that the target server can establish communication with the terminal according to the communication establishment request.

[0024] In one embodiment, the compatibility interface is an interface pre-established for the terminal to receive messages sent by the target server based on the User Datagram Protocol.

[0025] Secondly, this application also provides a communication establishment method, applied to a target server, including:

[0026] The receiving terminal uses the initial terminal encryption engine to send an encrypted communication establishment request;

[0027] Based on the encrypted communication establishment request, determine whether there is a server encryption engine among the candidate server encryption engines supported by the target server that corresponds to the initial terminal encryption engine;

[0028] If not, a compatibility notification message is sent to the compatibility interface of the terminal so that the terminal can establish communication with the target server according to the compatibility notification message; wherein, the compatibility notification message includes engine information of each candidate server encryption engine supported by the target server and message port information of the plaintext message service port of the target server.

[0029] Thirdly, this application also provides a communication establishment device, configured in a terminal, comprising:

[0030] The request sending module is used to send an encrypted communication establishment request to the target server using an initial terminal encryption engine, so that the target server establishes encrypted communication with the terminal according to the encrypted communication establishment request.

[0031] The message acquisition module is used to acquire a compatibility notification message sent by the target server through a compatibility interface if it is determined that the encrypted communication establishment has failed; wherein, the compatibility notification message includes engine information of each candidate server encryption engine supported by the target server and message port information of the plaintext message service port of the target server.

[0032] A communication establishment module is used to establish communication with the target server based on the compatibility notification message.

[0033] Fourthly, this application also provides a communication establishment apparatus, configured on a target server, comprising:

[0034] The request receiving module is used to receive encrypted communication establishment requests sent by the terminal using the initial terminal encryption engine;

[0035] The engine determination module is used to determine, based on the encrypted communication establishment request, whether there is a server encryption engine among the candidate server encryption engines supported by the target server that corresponds to the initial terminal encryption engine.

[0036] The message sending module is used to send a compatibility notification message to the compatibility interface of the terminal if the compatibility interface does not exist, so that the terminal can establish communication with the target server according to the compatibility notification message; wherein, the compatibility notification message includes engine information of each candidate server encryption engine supported by the target server and message port information of the plaintext message service port of the target server.

[0037] Fifthly, this application also provides a computer device, including a memory and a processor, wherein the memory stores a computer program, and the processor executes the computer program to implement the steps involved in the first and second aspects described above.

[0038] Sixthly, this application also provides a computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, implements the steps involved in the first and second aspects described above.

[0039] In a seventh aspect, this application also provides a computer program product, including a computer program that, when executed by a processor, implements the steps involved in the first and second aspects described above.

[0040] The aforementioned communication establishment method and apparatus involve the terminal sending an encrypted communication establishment request to the target server using an initial terminal encryption engine, enabling the target server to establish encrypted communication with the terminal based on the request. If the encrypted communication establishment fails, a compatibility notification message sent by the target server is obtained through a compatibility interface. This compatibility notification message includes engine information for each candidate server encryption engine supported by the target server and message port information for the target server's plaintext message service port. Communication is then established with the target server based on the compatibility notification message. This scheme, by introducing a compatibility interface into the terminal, allows the terminal to receive a compatibility notification message from the target server after the initial terminal encryption engine fails to send an encrypted communication establishment request. Since the compatibility notification message contains engine and message port information, the terminal can further establish a connection with the target server based on the compatibility notification message, improving the efficiency and success rate of communication establishment. Attached Figure Description

[0041] To more clearly illustrate the technical solutions in the embodiments or related technologies of this application, the accompanying drawings used in the description of the embodiments or related technologies will be briefly introduced below. Obviously, the accompanying drawings described below are only some embodiments of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0042] Figure 1 This is a diagram illustrating the application environment of a communication establishment method in one embodiment.

[0043] Figure 2 This is a flowchart illustrating a communication establishment method in one embodiment;

[0044] Figure 3 This is a schematic diagram illustrating the process of establishing communication with the target server in one embodiment;

[0045] Figure 4 This is a schematic diagram illustrating the process of establishing communication with the target server in another embodiment;

[0046] Figure 5 A flowchart illustrating the communication establishment method in another embodiment;

[0047] Figure 6 This is a flowchart illustrating the communication establishment method in yet another embodiment;

[0048] Figure 7 This is a structural block diagram of a communication establishment device in one embodiment;

[0049] Figure 8 A structural block diagram of a communication establishment device in another embodiment;

[0050] Figure 9 This is an internal structural diagram of a computer device in one embodiment. Detailed Implementation

[0051] To make the objectives, technical solutions, and advantages of this application clearer, the following detailed description is provided in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative and not intended to limit the scope of this application.

[0052] The communication establishment method provided in this application embodiment can be applied to, for example, Figure 1In the application environment shown, terminal 101 can be any smart device equipped with an identity authentication proxy component, such as a camera, smart meter, or drone nest; target server 102 is the server of the access control gateway. Terminal 101 and target server 102 communicate via DTLS (Datagram Transport Layer Security) and encrypt data using an encryption engine. Optionally, terminal 101 sends an encrypted communication establishment request to target server 102 using an initial terminal encryption engine, enabling target server 102 to establish encrypted communication with the terminal based on the request. If encrypted communication establishment fails, a compatibility notification message sent by target server 102 is obtained through a compatibility interface. This compatibility notification message includes engine information for each candidate server encryption engine supported by target server 102 and message port information for the plaintext message service port of the target server. Communication is then established with target server 102 based on the compatibility notification message.

[0053] In one embodiment, such as Figure 2 As shown, a communication establishment method is provided, which is applied to... Figure 1 Taking terminal 101 as an example, the explanation includes the following steps:

[0054] S201, the initial terminal encryption engine sends an encrypted communication establishment request to the target server so that the target server can establish encrypted communication with the terminal according to the encrypted communication establishment request.

[0055] The initial terminal encryption engine can be any encryption engine supported by the terminal; the target server is the access control gateway associated with the terminal. The encrypted communication establishment request is used to request the establishment of encrypted communication with the target server. In this embodiment, the encrypted communication establishment request carries the terminal's identification information and the version information of the initial terminal encryption engine, etc.

[0056] Optionally, the terminal can use the initial terminal encryption engine to send an encrypted communication establishment request to the target server. For example, it can use its standard encryption engine (openssl0.7, openssl-unknown old version, gmssl, boringssl, etc.) to send an encrypted communication establishment request to the target server. The sending port can be 10300.

[0057] Furthermore, after receiving the encrypted communication establishment request sent by the terminal, the target server will identify the terminal's encryption engine. If it finds that the target server does not support the terminal's initial encryption engine, it will reject the terminal's connection.

[0058] S202, if it is determined that the encrypted communication failed to be established, the compatibility notification message sent by the target server is obtained through the compatibility interface.

[0059] The compatibility interface is a pre-established interface for the terminal to receive messages sent by the target server based on the User Datagram Protocol (UDP). It should be noted that, to ensure the port is not attacked, the interface's receiving permissions are set to receive messages sent by the server based on UDP. The compatibility notification message includes engine information for each candidate server encryption engine supported by the target server and message port information for the target server's plaintext message service port. The engine information describes the attributes of the candidate server encryption engines; in this embodiment, the engine information includes, but is not limited to, the server version information of the candidate server encryption engine and the engine port information of the engine service port.

[0060] Optionally, after identifying an initial terminal encryption engine that does not support the terminal, the target server will either not send a connection success response to the terminal, or it will send a connection reset response. Therefore, if the terminal does not receive a connection success response from the target server based on the encrypted communication establishment request within a preset time period, or receives a connection reset response from the target server based on the encrypted communication establishment request, it is determined that the encrypted communication establishment has failed.

[0061] At this point, the target server will send a compatibility notification to the terminal's compatibility interface. This notification includes engine information for each candidate server encryption engine supported by the target server and message port information for the target server's plaintext message service port. The terminal receives the compatibility notification message sent by the target server by listening to the compatibility interface.

[0062] S203, establish communication with the target server based on the compatibility notification message.

[0063] Optionally, based on the engine information of each candidate server encryption engine supported by the target server and the message port information of the plaintext message service port of the target server in the compatibility notification message, and taking into account the actual situation, a suitable candidate server encryption engine can be selected from each candidate server encryption engine to establish communication with the target server; or, communication can be established with the target server through the message port of the plaintext message service port.

[0064] In the above communication establishment method, the terminal uses an initial terminal encryption engine to send an encrypted communication establishment request to the target server, enabling the target server to establish encrypted communication with the terminal based on the request. If the encrypted communication establishment fails, a compatibility notification message sent by the target server is obtained through a compatibility interface. This compatibility notification message includes engine information for each candidate server encryption engine supported by the target server and message port information for the target server's plaintext message service port. Communication is then established with the target server based on the compatibility notification message. This scheme, by introducing a compatibility interface into the terminal, allows the terminal to receive a compatibility notification message from the target server after the initial terminal encryption engine's encrypted communication establishment request fails. Since the compatibility notification message contains engine and message port information, the terminal can further establish a connection with the target server based on the compatibility notification message, improving the efficiency and success rate of communication establishment.

[0065] In one embodiment, the engine information of each candidate server-side encryption engine includes the server-side version information of the candidate server-side encryption engine and the engine port information of the engine service port; based on this, such as Figure 3 As shown, a method for establishing communication with a target server is provided. The above-mentioned S203 is further refined and specifically includes the following steps:

[0066] S301, based on the server version information of each candidate server encryption engine and the terminal version information of each candidate terminal encryption engine supported by the terminal, determine the encryption engine pairing result of each candidate server encryption engine and each candidate terminal encryption engine.

[0067] The encryption engine pairing result is the result obtained by pairing each candidate server encryption engine with each candidate terminal encryption engine.

[0068] Optionally, the terminal queries the terminal version information of each candidate server encryption engine supported by the terminal based on the version information of each candidate server encryption engine in the compatibility notification message, matches the encryption engine supported by the terminal from each candidate server encryption engine, and generates an encryption engine pairing result based on the matching result.

[0069] S302 establishes communication with the target server based on the encryption engine pairing result and compatibility notification message.

[0070] Optionally, communication can be established with the target server based on the encryption engine pairing results, using the successfully paired candidate terminal encryption engine and candidate server encryption engine. Alternatively, communication can be established with the target server via the message port of the plaintext message service port based on the compatibility notification message.

[0071] In this embodiment, the terminal pairs each candidate server encryption engine with each candidate terminal encryption engine, and establishes communication with the target server based on the pairing results and in conjunction with compatibility notification messages, thereby ensuring the success rate and efficiency of the communication establishment process.

[0072] Optionally, the engine port information includes the engine port number and the engine port open time. Based on this, in one embodiment, such as... Figure 4 As shown, a method for establishing communication with a target server is provided. The above S302 is further refined and specifically includes the following steps:

[0073] S401, if the encryption engine pairing results contain a target terminal encryption engine and a target server encryption engine with a corresponding relationship, then establish communication with the target server based on the engine information of the target terminal encryption engine and the target server encryption engine.

[0074] Optionally, if the encryption engine pairing results show a corresponding target terminal encryption engine and target server encryption engine, it indicates that the target server and the terminal can communicate encryptedly through the encryption engines. Therefore, communication can be established with the target server based on the engine information of the target terminal encryption engine and the target server encryption engine. There are many methods for establishing communication with the target server based on the engine information of the target terminal encryption engine and the target server encryption engine, and no limitation is made in this application.

[0075] Optionally, the engine port information includes the engine port number and the engine port open time. Based on this, a method for establishing communication with the target server based on the engine information of the target terminal's encryption engine and the target server's encryption engine involves sending an encrypted communication establishment request to the engine port corresponding to the engine port number through the target terminal's encryption engine during the engine port open time. This allows the target server to establish encrypted communication with the terminal based on the encrypted communication establishment request. The engine port open time refers to the time during which the engine port is open to the terminal, i.e., the time during which the terminal is allowed to send messages to the engine port. Optionally, after receiving the encrypted communication establishment request, the target server establishes an encrypted communication connection with the terminal and sends a connection success response to the terminal.

[0076] S402, if there is no corresponding target terminal encryption engine and target server encryption engine in the encryption engine pairing results, then establish communication with the target server according to the message port information of the plaintext message service port of the target server.

[0077] Optionally, if the encryption engine pairing results do not contain a corresponding target terminal encryption engine and target server encryption engine, it indicates that encrypted communication between the target server and the terminal cannot be established through the encryption engine. Therefore, in order to successfully establish communication with the target server, instant communication can also be established with the target server based on the plaintext message service port of the target server. There are many methods for establishing communication with the target server based on the message port information of the target server's plaintext message service port, and no limitation is made in this application.

[0078] Optionally, the message port information includes the message port number and the message port open time. Based on this, a method for establishing communication with a target server based on the message port information of the target server's plaintext message service port involves sending a communication establishment request to the plaintext message service port corresponding to the message port number during the message port open time, so that the target server can establish communication with the terminal according to the communication establishment request. The message port open time is the time during which the plaintext message service port is open to the terminal, i.e., the time during which the terminal is allowed to send messages to the plaintext message service port. Optionally, after receiving the communication establishment request, the target server will establish a communication connection with the terminal and send a connection success response message back to the terminal.

[0079] In this embodiment of the application, based on the encryption engine pairing result, in the absence of a corresponding target terminal encryption engine and target server encryption engine, a message can be sent to the target server through the plaintext message service port during the message port opening time. This ensures the establishment of communication between the terminal and the target server, as well as the security of communication between the terminal and the target server.

[0080] In one embodiment, such as Figure 5 As shown, a communication establishment method is provided, which is applied to... Figure 1 Taking target server 102 as an example, the explanation includes the following steps:

[0081] S501, The receiving terminal sends an encrypted communication establishment request using the initial terminal encryption engine.

[0082] The encrypted communication request is used to request the establishment of encrypted communication with the target server. In this embodiment, the encrypted communication establishment request carries the terminal's identification information and the version information of the initial terminal encryption engine, etc.

[0083] S502, based on the encrypted communication establishment request, determine whether there is a server encryption engine among the candidate server encryption engines supported by the target server that corresponds to the initial terminal encryption engine.

[0084] Optionally, based on the version information of the initial terminal encryption engine carried in the encrypted communication establishment request, it can be searched to see if there is a server encryption engine corresponding to the initial terminal encryption engine among the candidate server encryption engines supported by the target server.

[0085] S503, if not present, sends a compatibility notification message to the terminal's compatibility interface so that the terminal can establish communication with the target server based on the compatibility notification message.

[0086] The compatibility notification message includes engine information for each candidate server encryption engine supported by the target server and message port information for the plaintext message service port of the target server.

[0087] Optionally, if there is no server-side encryption engine among the candidate server-side encryption engines supported by the target server that corresponds to the initial terminal encryption engine, a compatibility notification message can be generated based on the engine information of each candidate server-side encryption engine supported by the target server and the message port information of the plaintext message service port of the target server. The compatibility notification message is then sent to the compatibility interface of the terminal so that the terminal can establish communication with the target server based on the compatibility notification message.

[0088] In this embodiment, the target server receives an encrypted communication establishment request sent by the terminal using the initial terminal encryption engine. Based on the encrypted communication establishment request, it determines whether a server-side encryption engine corresponding to the initial terminal encryption engine exists among the candidate server-side encryption engines supported by the target server. If not, it sends a compatibility notification message to the terminal's compatibility interface, enabling the terminal to establish communication with the target server based on the compatibility notification message. The compatibility notification message includes engine information for each candidate server-side encryption engine supported by the target server and message port information for the target server's plaintext message service port. This scheme, by not directly rejecting the terminal's access when no server-side encryption engine corresponding to the initial terminal encryption engine exists among the candidate server-side encryption engines, but instead sending a compatibility notification message to the terminal's compatibility interface, allows the terminal to further establish a communication connection with the target server based on the compatibility notification message, thus improving the success rate and efficiency of the communication connection between the terminal and the target server.

[0089] Figure 6 This is a communication signaling diagram for a communication establishment method in another embodiment. Based on the above embodiments, this embodiment provides an optional example of a communication establishment method. (In conjunction with...) Figure 6 The specific implementation process is as follows:

[0090] S601, the terminal uses the initial terminal encryption engine to send an encrypted communication establishment request to the target server, so that the target server can establish encrypted communication with the terminal according to the encrypted communication establishment request.

[0091] S602, the target server receives an encrypted communication establishment request sent by the terminal using the initial terminal encryption engine.

[0092] S603, the target server determines whether there is a server encryption engine corresponding to the initial terminal encryption engine among the candidate server encryption engines supported by the target server according to the encrypted communication establishment request; if it exists, it establishes a communication encryption connection with the terminal; if it does not exist, it executes S604.

[0093] S604, the target server sends a compatibility notification message to the terminal's compatibility interface so that the terminal can establish communication with the target server based on the compatibility notification message.

[0094] The compatibility notification message includes engine information for each candidate server encryption engine supported by the target server and message port information for the plaintext message service port of the target server.

[0095] S605, the terminal obtains the compatibility notification message sent by the target server through the compatibility interface.

[0096] The engine information for each candidate server-side encryption engine includes the server-side version information and the engine port information of the engine service port.

[0097] Optionally, if no successful connection response is received from the target server within a preset time period, or a connection reset response is received from the target server within a preset time period, then the encrypted communication establishment is determined to have failed.

[0098] S606, the terminal determines the encryption engine pairing result of each candidate server encryption engine and each candidate terminal encryption engine based on the server version information of each candidate server encryption engine in the compatibility notification message and the terminal version information of each candidate terminal encryption engine supported by the terminal.

[0099] S607, the terminal determines whether there is a corresponding target terminal encryption engine and target server encryption engine in the encryption engine pairing results; if they exist, then execute S608; if they do not exist, then execute S609.

[0100] S608: During the engine port open time, the terminal sends an encrypted communication establishment request to the engine port corresponding to the engine port number through the target terminal encryption engine.

[0101] S609, during the message port open time, the terminal sends a communication establishment request to the plaintext message service port corresponding to the message port number.

[0102] The specific processes of S601-S609 described above can be found in the description of the above method embodiments. Their implementation principles and technical effects are similar, and will not be repeated here.

[0103] It should be understood that although the steps in the flowcharts of the embodiments described above are shown sequentially according to the arrows, these steps are not necessarily executed in the order indicated by the arrows. Unless explicitly stated herein, there is no strict order restriction on the execution of these steps, and they can be executed in other orders. Moreover, at least some steps in the flowcharts of the embodiments described above may include multiple steps or multiple stages. These steps or stages are not necessarily completed at the same time, but can be executed at different times. The execution order of these steps or stages is not necessarily sequential, but can be performed alternately or in turn with other steps or at least some of the steps or stages of other steps.

[0104] Based on the same inventive concept, this application also provides a communication establishment apparatus for implementing the communication establishment method described above. The solution provided by this apparatus is similar to the implementation described in the above method; therefore, the specific limitations in one or more communication establishment apparatus embodiments provided below can be found in the limitations of the communication establishment method described above, and will not be repeated here.

[0105] In one embodiment, such as Figure 7 As shown, a communication establishment device 700 is provided, including: a request sending module 710, a message acquisition module 720, and a communication establishment module 730, wherein:

[0106] The request sending module 710 is used to send an encrypted communication establishment request to the target server using the initial terminal encryption engine, so that the target server can establish encrypted communication with the terminal according to the encrypted communication establishment request.

[0107] The message acquisition module 720 is used to acquire the compatibility notification message sent by the target server through the compatibility interface if it is determined that the encrypted communication establishment has failed. The compatibility notification message includes engine information of each candidate server encryption engine supported by the target server and message port information of the plaintext message service port of the target server.

[0108] The communication establishment module 730 is used to establish communication with the target server based on the compatibility notification message.

[0109] The aforementioned communication establishment device involves the terminal sending an encrypted communication establishment request to the target server using an initial terminal encryption engine. This allows the target server to establish encrypted communication with the terminal based on the request. If the encrypted communication establishment fails, a compatibility notification message from the target server is obtained through a compatibility interface. This compatibility notification message includes engine information for each candidate server encryption engine supported by the target server and message port information for the target server's plaintext message service port. Communication is then established with the target server based on the compatibility notification message. This scheme, by introducing a compatibility interface into the terminal, allows the terminal to receive a compatibility notification message from the target server after the initial terminal encryption engine fails to send an encrypted communication establishment request. Since the compatibility notification message contains engine and message port information, the terminal can further establish a connection with the target server based on the compatibility notification message, improving the efficiency and success rate of communication establishment.

[0110] In one embodiment, the message acquisition module 720 is used for:

[0111] If no successful connection response is received from the target server within the preset time period, or if a connection reset response is received from the target server within the same time period, then the encrypted communication establishment is deemed to have failed.

[0112] In one embodiment, the engine information of each candidate server-side encryption engine includes the server-side version information of the candidate server-side encryption engine and the engine port information of the engine service port; the communication establishment module 730 includes:

[0113] The result determination unit is used to determine the encryption engine pairing result of each candidate server encryption engine and each candidate terminal encryption engine based on the server version information of each candidate server encryption engine and the terminal version information of each candidate terminal encryption engine supported by the terminal.

[0114] The communication establishment unit is used to establish communication with the target server based on the encryption engine pairing results and compatibility notification messages.

[0115] In one embodiment, the communication establishment unit includes:

[0116] The first communication subunit is used to establish communication with the target server based on the engine information of the target terminal encryption engine and the target server encryption engine if there are corresponding target terminal encryption engines and target server encryption engines in the encryption engine pairing results.

[0117] The second communication subunit is used to establish communication with the target server based on the message port information of the plaintext message service port of the target server if there is no corresponding target terminal encryption engine and target server encryption engine in the encryption engine pairing result.

[0118] In one embodiment, the engine port information includes the engine port number and the engine port open time; the first communication subunit is specifically used for:

[0119] During the engine port open time, the target terminal encrypts the engine and sends an encrypted communication establishment request to the engine port corresponding to the engine port number, so that the target server can establish encrypted communication with the terminal according to the encrypted communication establishment request.

[0120] In one embodiment, the message port information includes the message port number and the message port open time; the second communication subunit is specifically used for:

[0121] During the message port open time, a communication establishment request is sent to the plaintext message service port corresponding to the message port number, so that the target server can establish communication with the terminal according to the communication establishment request.

[0122] In one embodiment, the compatibility interface is an interface pre-established for the terminal to receive messages sent by the target server based on the User Datagram Protocol.

[0123] In one embodiment, such as Figure 8 As shown, a communication establishment apparatus 800 is provided, including: a request receiving module 810, an engine determining module 820, and a message sending module 830, wherein:

[0124] The request receiving module 810 is used to receive the encrypted communication establishment request sent by the terminal using the initial terminal encryption engine.

[0125] The engine determination module 820 is used to determine, based on the encrypted communication establishment request, whether there is a server encryption engine among the candidate server encryption engines supported by the target server that corresponds to the initial terminal encryption engine.

[0126] The message sending module 830 is used to send a compatibility notification message to the terminal's compatibility interface if the interface does not exist, so that the terminal can establish communication with the target server based on the compatibility notification message; wherein, the compatibility notification message includes engine information of each candidate server encryption engine supported by the target server and message port information of the plaintext message service port of the target server.

[0127] The aforementioned communication establishment device involves the target server receiving an encrypted communication establishment request sent by the terminal using the initial terminal encryption engine. Based on the encrypted communication establishment request, the target server determines whether a server-side encryption engine corresponding to the initial terminal encryption engine exists among its supported candidate server-side encryption engines. If not, a compatibility notification message is sent to the terminal's compatibility interface, enabling the terminal to establish communication with the target server based on the compatibility notification message. The compatibility notification message includes engine information for each candidate server-side encryption engine supported by the target server and message port information for the target server's plaintext message service port. This scheme, by not directly rejecting the terminal's access when no server-side encryption engine corresponding to the initial terminal encryption engine exists among the candidate server-side encryption engines, but instead sending a compatibility notification message to the terminal's compatibility interface, allows the terminal to further establish a communication connection with the target server based on the compatibility notification message, thereby improving the success rate and efficiency of communication connections between the terminal and the target server.

[0128] Each module in the aforementioned communication establishment device can be implemented entirely or partially through software, hardware, or a combination thereof. These modules can be embedded in the processor of a computer device in hardware form or independent of it, or stored in the memory of a computer device in software form, so that the processor can call and execute the operations corresponding to each module.

[0129] In one exemplary embodiment, a computer device is provided, which may be a server, and its internal structure diagram may be as follows: Figure 9 As shown, this computer device includes a processor, memory, input / output (I / O) interfaces, and a communication interface. The processor, memory, and I / O interfaces are connected via a system bus, and the communication interface is also connected to the system bus via the I / O interfaces. The processor provides computational and control capabilities. The memory includes non-volatile storage media and internal memory. The non-volatile storage media stores the operating system, computer programs, and databases. The internal memory provides the environment for the operating system and computer programs stored in the non-volatile storage media to run. The I / O interfaces are used for exchanging information between the processor and external devices. The communication interface is used for communicating with external terminals via a network connection. When the computer program is executed by the processor, it implements a communication establishment method.

[0130] Those skilled in the art will understand that Figure 9The structure shown is merely a block diagram of a portion of the structure related to the present application and does not constitute a limitation on the computer device to which the present application is applied. Specific computer devices may include more or fewer components than those shown in the figure, or combine certain components, or have different component arrangements.

[0131] In one embodiment, a computer device is provided, including a memory and a processor, wherein the memory stores a computer program, and the processor executes the computer program to implement the steps of the communication establishment method provided in the above embodiment.

[0132] In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored, which, when executed by a processor, implements the steps of the communication establishment method provided in the above embodiments.

[0133] In one embodiment, a computer program product is provided, including a computer program that, when executed by a processor, implements the steps of the communication establishment method provided in the above embodiments.

[0134] It should be noted that the data involved in this application (including but not limited to data used for analysis, data stored, data displayed, etc.) are all information and data that have been fully authorized by all parties, and the collection, use and processing of the relevant data must comply with relevant regulations.

[0135] Those skilled in the art will understand that all or part of the processes in the above embodiments can be implemented by a computer program instructing related hardware. The computer program can be stored in a non-volatile computer-readable storage medium. When executed, the computer program can include the processes of the embodiments described above. Any references to memory, databases, or other media used in the embodiments provided in this application can include at least one of non-volatile and volatile memory. Non-volatile memory can include read-only memory (ROM), magnetic tape, floppy disk, flash memory, optical memory, high-density embedded non-volatile memory, resistive random access memory (ReRAM), magnetic random access memory (MRAM), ferroelectric random access memory (FRAM), phase change memory (PCM), graphene memory, etc. Volatile memory can include random access memory (RAM) or external cache memory, etc. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM). The databases involved in the embodiments provided in this application may include at least one type of relational database and non-relational database. Non-relational databases may include, but are not limited to, blockchain-based distributed databases. The processors involved in the embodiments provided in this application may be general-purpose processors, central processing units, graphics processing units, digital signal processors, programmable logic devices, quantum computing-based data processing logic devices, etc., and are not limited to these.

[0136] The technical features of the above embodiments can be combined in any way. For the sake of brevity, not all possible combinations of the technical features in the above embodiments are described. However, as long as there is no contradiction in the combination of these technical features, they should be considered to be within the scope of this specification.

[0137] The embodiments described above are merely illustrative of several implementation methods of this application, and while the descriptions are specific and detailed, they should not be construed as limiting the scope of this patent application. It should be noted that those skilled in the art can make various modifications and improvements without departing from the concept of this application, and these all fall within the protection scope of this application. Therefore, the protection scope of this application should be determined by the appended claims.

Claims

1. A communication establishment method, characterized in that, Applied to a terminal, the method includes: An initial terminal encryption engine is used to send an encrypted communication establishment request to the target server, so that the target server establishes encrypted communication with the terminal according to the encrypted communication establishment request. If no connection success response is received from the target server based on the encrypted communication establishment request within a preset time period, or if a connection reset response is received from the target server based on the encrypted communication establishment request, then a compatibility notification message sent by the target server is obtained through the compatibility interface. The compatibility notification message includes server version information and engine port information of each candidate server encryption engine supported by the target server, as well as message port information of the target server's plaintext message service port. The compatibility interface is a pre-established interface for the terminal to receive messages sent by the target server based on the User Datagram Protocol (UDP). Based on the compatibility notification message, establish communication with the target server.

2. The method according to claim 1, characterized in that, The step of establishing communication with the target server based on the compatibility notification message includes: Based on the server version information of each candidate server encryption engine and the terminal version information of each candidate terminal encryption engine supported by the terminal, the encryption engine pairing result of each candidate server encryption engine and each candidate terminal encryption engine is determined. Based on the encryption engine pairing result and the compatibility notification message, establish communication with the target server.

3. The method according to claim 2, characterized in that, The step of establishing communication with the target server based on the encryption engine pairing result and the compatibility notification message includes: If the encryption engine pairing results contain a target terminal encryption engine and a target server encryption engine with a corresponding relationship, then communication is established with the target server based on the engine information of the target terminal encryption engine and the target server encryption engine. If no corresponding target terminal encryption engine and target server encryption engine are found in the encryption engine pairing results, then communication is established with the target server based on the message port information of the plaintext message service port of the target server.

4. The method according to claim 3, characterized in that, The engine port information includes the engine port number and the engine port opening time; Accordingly, establishing communication with the target server based on the engine information of the target terminal encryption engine and the target server encryption engine includes: During the engine port open time, the target terminal encryption engine sends the encrypted communication establishment request to the engine port corresponding to the engine port number, so that the target server establishes encrypted communication with the terminal according to the encrypted communication establishment request.

5. The method according to claim 3, characterized in that, The message port information includes the message port number and the message port opening time; Accordingly, establishing communication with the target server based on the message port information of the plaintext message service port of the target server includes: During the message port open time, a communication establishment request is sent to the plaintext message service port corresponding to the message port number, so that the target server can establish communication with the terminal according to the communication establishment request.

6. A communication establishment method, characterized in that, Applied to the target server, including: The receiving terminal uses the initial terminal encryption engine to send an encrypted communication establishment request; Based on the encrypted communication establishment request, determine whether there is a server encryption engine among the candidate server encryption engines supported by the target server that corresponds to the initial terminal encryption engine; If not, a compatibility notification message is sent to the compatibility interface of the terminal, so that the terminal can establish communication with the target server according to the compatibility notification message; wherein, the compatibility notification message includes server version information and engine port information of each candidate server encryption engine supported by the target server, as well as message port information of the plaintext message service port of the target server; the compatibility interface is an interface pre-established for the terminal to receive messages sent by the target server based on the User Datagram Protocol.

7. A communication establishment device, characterized in that, Configured in a terminal, the device includes: The request sending module is used to send an encrypted communication establishment request to the target server using an initial terminal encryption engine, so that the target server establishes encrypted communication with the terminal according to the encrypted communication establishment request. The message acquisition module is used to acquire a compatibility notification message sent by the target server through a compatibility interface if it does not receive a connection success response from the target server based on the encrypted communication establishment request within a preset time period, or receives a connection reset response from the target server based on the encrypted communication establishment request. The compatibility notification message includes server version information and engine port information of each candidate server encryption engine supported by the target server, as well as message port information of the plaintext message service port of the target server. The compatibility interface is a pre-established interface for the terminal to receive messages sent by the target server based on the User Datagram Protocol (UDP). A communication establishment module is used to establish communication with the target server based on the compatibility notification message.

8. A communication establishment device, characterized in that, Configured on the target server, the device includes: The request receiving module is used to receive encrypted communication establishment requests sent by the terminal using the initial terminal encryption engine; The engine determination module is used to determine, based on the encrypted communication establishment request, whether there is a server encryption engine among the candidate server encryption engines supported by the target server that corresponds to the initial terminal encryption engine. The message sending module is configured to send a compatibility notification message to the compatibility interface of the terminal if the compatibility interface does not exist, so that the terminal can establish communication with the target server according to the compatibility notification message; wherein, the compatibility notification message includes server version information and engine port information of each candidate server encryption engine supported by the target server, as well as message port information of the plaintext message service port of the target server; the compatibility interface is an interface pre-established for the terminal to receive messages sent by the target server based on the User Datagram Protocol.

9. A computer device comprising a memory and a processor, wherein the memory stores a computer program, characterized in that, When the processor executes the computer program, it implements the steps of the method according to any one of claims 1 to 6.

10. A computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 6.