CN106452775A - Method and apparatus for accomplishing electronic signing and signing server - Google Patents
Method and apparatus for accomplishing electronic signing and signing server Download PDFInfo
- Publication number
- CN106452775A CN106452775A CN201510484844.2A CN201510484844A CN106452775A CN 106452775 A CN106452775 A CN 106452775A CN 201510484844 A CN201510484844 A CN 201510484844A CN 106452775 A CN106452775 A CN 106452775A
- Authority
- CN
- China
- Prior art keywords
- cryptographic hash
- digital certificate
- key
- encryption
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 46
- 230000008569 process Effects 0.000 claims description 8
- 230000015572 biosynthetic process Effects 0.000 claims description 7
- 238000003786 synthesis reaction Methods 0.000 claims description 7
- 239000000203 mixture Substances 0.000 claims description 6
- 230000005611 electricity Effects 0.000 claims description 2
- 230000002194 synthesizing effect Effects 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 8
- 230000004048 modification Effects 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 238000010420 art technique Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000004899 motility Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Image Processing (AREA)
Abstract
The invention provides a method and apparatus for accomplishing electronic signing and signing server wherein the method comprises: determining the Hash value of an electronic document to be signed; encrypting the Hash value through the use of the private key corresponding to the public key in a digital certificate; and synthesizing the encrypted Hash value, the digital certificate and the electronic signing image into the electronic document. According to the technical schemes of the invention, it is possible to resolve the problem of the prior art with high cost incurred from the use of USB keys to sign by accomplishing an Internet based signing mode, therefore, reducing the user's cost.
Description
Technical field
The application is related to Internet technical field, more particularly, to a kind of method realizing Electronic Signature, device
And stamped signature server.
Background technology
When the e-file needing Large-Scale Interconnected net financial company is provided the user carries out Electronic Signature,
Prior art is located in U-shield by the private key used by Electronic Signature, when user uses Electronic Signature,
U-shield is inserted computer, Electronic Seal System is passed through relative with the public key in digital certificate in acquisition U-shield
The private key pair electronic document answered carries out stamped signature, because the premise using the program is to make user buy U
Shield, therefore when a large number of users needs Electronic Signature, implementation cost is high, promotes difficulty big.
Content of the invention
In view of this, the application provides a kind of new technical scheme, can solve when customer volume is big with mutual
The Electronic Signature of networking mode real-time applying for electronic document, reduces the skill of the hardware cost of Electronic Signature process
Art problem.
For achieving the above object, the application provides technical scheme as follows:
First aspect according to the application it is proposed that a kind of method realizing Electronic Signature, including:
Determine the cryptographic Hash of the electronic document treating stamped signature;
Described cryptographic Hash is encrypted using the private key corresponding with the public key in digital certificate;
The picture of cryptographic Hash, described digital certificate and described Electronic Signature after described encryption is synthesized to institute
State in electronic document.
Second aspect according to the application it is proposed that a kind of method realizing Electronic Signature, including:
Determine the cryptographic Hash of the electronic document treating stamped signature;
The described cryptographic Hash of described electronic document, the second key are sent to described by the second dedicated network
Third party's business platform, described second key by described stamped signature server and described third party's business platform it
Between default key;
After described third party's business platform is encrypted using cryptographic Hash described in described second secret key pair, lead to
Cross the described cryptographic Hash after described second dedicated network receives described encryption;
The picture of cryptographic Hash, digital certificate and Electronic Signature after described encryption is synthesized to described electronics literary composition
In shelves.
The third aspect according to the application it is proposed that a kind of device realizing Electronic Signature, including:
Determining module, for determining the cryptographic Hash of the electronic document treating stamped signature;
First encrypting module, the described cryptographic Hash for determining to described determining module adopts and digital certificate
In the corresponding private key of public key be encrypted;
Stamped signature synthesis module, for the described cryptographic Hash after encrypting described first encrypting module, described number
The picture of word certificate and described Electronic Signature is synthesized in described electronic document.
Fourth aspect according to the application it is proposed that a kind of stamped signature server, including:
Processor;For storing the memorizer of described processor executable;
Wherein, described processor is configured to:
Determine the cryptographic Hash of the electronic document treating stamped signature;
Described cryptographic Hash is encrypted using the private key corresponding with the public key in digital certificate;
The picture of cryptographic Hash, described digital certificate and described Electronic Signature after described encryption is synthesized to institute
State in electronic document.
The 5th aspect according to the application it is proposed that a kind of stamped signature server, including:
Processor;For storing the memorizer of described processor executable;
Wherein, described processor is configured to:
Determine the cryptographic Hash of the electronic document treating stamped signature;
The described cryptographic Hash of described electronic document, the second key are sent to described by the second dedicated network
Third party's business platform, described second key by described stamped signature server and described third party's business platform it
Between default key;
After described third party's business platform is encrypted using cryptographic Hash described in described second secret key pair, lead to
Cross the described cryptographic Hash after described second dedicated network receives described encryption;
The picture of cryptographic Hash, digital certificate and Electronic Signature after described encryption is synthesized to described electronics literary composition
In shelves.
From above technical scheme, the application is by adopting and the public key phase in digital certificate to cryptographic Hash
Corresponding private key is encrypted, by the picture synthesis of the cryptographic Hash, digital certificate and Electronic Signature after encryption
To in electronic document, thus solving the problems, such as that U-shield stamped signature scheme implementation cost of the prior art is high,
Achieve the pattern of the Internet stamped signature, reduce user cost, by encrypting to cryptographic Hash and will encrypt
Cryptographic Hash afterwards and digital certificate are synthesized on electronic document, improve the safety of Electronic Signature and public letter
Power.
Brief description
Figure 1A shows the stream of the method realizing Electronic Signature according to one example embodiment of the present invention
Journey schematic diagram;
Figure 1B shows the schematic diagram of the picture of the Electronic Signature according to one example embodiment of the present invention;
Fig. 1 C shows the schematic diagram of the digital certificate according to one example embodiment of the present invention;
Fig. 2A shows the method realizing Electronic Signature in accordance with an alternative illustrative embodiment of the present invention
Schematic flow sheet;
Fig. 2 B shows scene graph in accordance with an alternative illustrative embodiment of the present invention;
Fig. 3 A shows the method realizing Electronic Signature in accordance with a further exemplary embodiment of the present invention
Schematic flow sheet;
Fig. 3 B shows scene graph in accordance with a further exemplary embodiment of the present invention;
Fig. 4 A shows the method realizing Electronic Signature in accordance with a further exemplary embodiment of the present invention
Schematic flow sheet;
Fig. 4 B shows scene graph in accordance with a further exemplary embodiment of the present invention;
Fig. 5 shows the structural representation of the stamped signature server according to one example embodiment of the present invention;
Fig. 6 shows and is shown according to the structure realizing electronic seal signing equipment of one example embodiment of the present invention
It is intended to;
Fig. 7 shows the structure realizing electronic seal signing equipment in accordance with an alternative illustrative embodiment of the present invention
Schematic diagram.
Specific embodiment
Here will in detail exemplary embodiment be illustrated, its example is illustrated in the accompanying drawings.Following
When description is related to accompanying drawing, unless otherwise indicated, the same numbers in different accompanying drawings represent same or analogous
Key element.Embodiment described in following exemplary embodiment does not represent the institute consistent with the application
There is embodiment.On the contrary, they be only with such as appended claims in described in detail, the application one
The example of a little consistent apparatus and method of aspect.
It is the purpose only merely for description specific embodiment in term used in this application, and be not intended to be limiting
The application." a kind of " of singulative used in the application and appended claims, " institute
State " and " being somebody's turn to do " be also intended to including most forms, unless context clearly shows that other implications.Also should
Work as understanding, term "and/or" used herein refers to and comprises one or more associated to list item
Any or all possible combination of purpose.
It will be appreciated that though may be described various using term first, second, third, etc. in the application
Information, but these information should not necessarily be limited by these terms.These terms only be used for by same type of information that
This distinguishes.For example, in the case of without departing from the application scope, the first information can also be referred to as
Two information, similarly, the second information can also be referred to as the first information.Depending on linguistic context, as in this institute
Use word " if " can be construed to " and ... when " or " when ... when " or " response
In determination ".
It is that the application is further described, the following example is provided:
According to one embodiment of the application, corresponding with the public key in digital certificate by adopting to cryptographic Hash
Private key be encrypted, the picture of cryptographic Hash, digital certificate and Electronic Signature after encryption is synthesized to electricity
In subdocument, thus solving the problems, such as that U-shield stamped signature scheme implementation cost of the prior art is high, realize
The pattern of the Internet stamped signature, reduces user cost, by cryptographic Hash encryption and will be after encryption
Cryptographic Hash and digital certificate are synthesized on electronic document, improve safety and the public credibility of Electronic Signature.
Figure 1A shows the stream of the method realizing Electronic Signature according to one example embodiment of the present invention
Journey schematic diagram, Figure 1B shows the schematic diagram of the Electronic Signature according to one example embodiment of the present invention,
Fig. 1 C shows the schematic diagram of the digital certificate according to one example embodiment of the present invention;Can apply
On stamped signature server.As shown in Figure 1A, the method realizing Electronic Signature comprises the steps:
Step 101, determines the cryptographic Hash of the electronic document treating stamped signature;
Step 102, is encrypted using the private key corresponding with the public key in digital certificate to cryptographic Hash;
Step 103, the picture of cryptographic Hash, digital certificate and Electronic Signature after encryption is synthesized to electronics
In document.
In a step 101, in one embodiment, electronic document can be local file (for example it was demonstrated that
File, electronic receipt etc.);In another embodiment, electronic document can come from the first business platform,
First business platform can be for paying type of financial business platform (for example, Alipay), accordingly, electronics
Document can prove for assets, bill, electronic receipt;In another embodiment, electronic document can come
From the second business platform, the second business platform can be deposit type of financial business platform (for example, wealth bringing in is precious),
Accordingly, electronic document can be loaning bill and interest proves;In another embodiment, electronic document is permissible
From the 3rd business platform, the 3rd business platform (for example, can net business for the Internet financial business platform
Bank), accordingly, electronic document can be electronic certificate of terminal use's application etc., it follows that
The application is not limited to the source of electronic document.
In one embodiment, Electronic Signature can be the corresponding enterprise of the first business platform Electronic Signature,
The Electronic Signature of the corresponding enterprise of the second business platform, the Electronic Signature of the corresponding enterprise of the 3rd business platform.
In one embodiment, the cryptographic Hash of electronic document can be extracted by Hash (Hash) algorithm.
In a step 102, in one embodiment, can be determined to cryptographic Hash according to the source of electronic document
Cipher mode, for example, if electronic document be derived from the first business platform, can be in stamped signature server
Setting encryption equipment, to be encrypted by first key (alternatively referred to as main key, MainKey) of encryption equipment
Private key in digital certificate;Again for example, if electronic document is derived from the second business platform, can be by the
Cryptographic Hash is sent to Third Party Authentication center (for example, CA center) by one dedicated network, by third party
Authentication center is encrypted by using the private key pair cryptographic Hash corresponding with the public key in digital certificate, it
Afterwards the cryptographic Hash after encrypting is returned to by stamped signature server by the first dedicated network;Again for example, if electric
Subdocument be derived from the 3rd business platform, can by cryptographic Hash, stamped signature server and third party's financial platform it
Between the second key of setting be sent to the encryption equipment of the 3rd business platform by the second dedicated network, by the 3rd
Business platform is encrypted using the second secret key pair cryptographic Hash that both sides set by encryption equipment, afterwards, the
Cryptographic Hash after encryption is returned to stamped signature server by three business platforms again.By the electronics to separate sources
Document is encrypted to cryptographic Hash using different cipher modes, can also meet the business demand of personalization.
In step 103, in one embodiment, can from corresponding business platform (the first business platform,
Second business platform, the 3rd business platform) obtain the picture of corresponding Electronic Signature, by the Kazakhstan after encryption
The synthesis mode that the picture of uncommon value, digital certificate and Electronic Signature is synthesized in electronic document may refer to existing
There is the associated description of technology, will not be described in detail herein.
As shown in Figure 1B, synthesis Electronic Signature on the electronic document is " AB company ", when listening to
During click event on the Electronic Signature of " AB company ", the correlation of the digital certificate shown in display Fig. 1 C
Information, because digital certificate is got by Third Party Authentication center, therefore can make user pass through
The true or false of digital certificate authentication Electronic Signature.
Seen from the above description, the embodiment of the present invention achieves the Internet stamped signature by step S101-S103
Pattern, solve the problems, such as that U-shield stamped signature scheme implementation cost of the prior art is high, reduce user
Cost, is synthesized to electronic document by cryptographic Hash encryption and by the cryptographic Hash after encryption and digital certificate
On, improve safety and the public credibility of Electronic Signature.
Fig. 2A shows the method realizing Electronic Signature in accordance with an alternative illustrative embodiment of the present invention
Schematic flow sheet, Fig. 2 B show in accordance with an alternative illustrative embodiment of the present invention realize Electronic Signature
Method scene graph;The present embodiment is derived from as a example the first business platform provides by electronic document and carries out example
Property explanation.As Fig. 2A institute, the method realizing Electronic Signature comprises the steps:
Step 201, determines the cryptographic Hash of the electronic document treating stamped signature;
Step 202, the corresponding private key of the public key in acquisition digital certificate and digital certificate, this private key
Through encryption;
Step 203, is decrypted to the private key through encryption;
Step 204, is encrypted using the private key pair cryptographic Hash after deciphering;
Step 205, the picture of cryptographic Hash, digital certificate and Electronic Signature after encryption is synthesized to electronics
In document.
The description of above-mentioned steps 201 may refer to the associated description of above-mentioned steps 101, will not be described in detail herein.
In step 202 to step 204, in one embodiment, numeral can be obtained from cloud database
Certificate and the private key through encryption, wherein it is possible to the first key by the encryption equipment on stamped signature server
(alternatively referred to as main key) is encrypted to the private key corresponding with the public key in digital certificate, deposits afterwards
Storage, beyond the clouds in data base, is being carried out to the private key through encryption being stored in cloud database when needed
Deciphering.In another embodiment, cloud database can be stored with magnanimity digital certificate and with numeral card
The corresponding private key of public key in book, thus realize to a large amount of digital certificates and with digital certificate in public key
The safety of corresponding private key is deposited all.
The description of above-mentioned steps 205 may refer to the associated description of above-mentioned steps 103, will not be described in detail herein.
As an exemplary scenario, as shown in Figure 2 B, stamped signature server 22 is from Third Party Authentication center
21 have applied for digital certificate, by the first of the local encryption equipment (not shown) of stamped signature server 22
Key encrypting the private key corresponding with the public key in digital certificate, by the private key after encryption and digital certificate
Store to cloud database 23.Stamped signature server 22 gets needs from the first business platform 24 to be carried out
The electronic document of Electronic Signature, extracts the cryptographic Hash of electronic document, from cloud database using hash algorithm
23 obtain digital certificate and the private key through encryption, are sent to stamped signature server 22 together with cryptographic Hash
In local encryption equipment, in the local encryption equipment of stamped signature server 22 to digital certificate in public key phase
Corresponding private key is decrypted, and obtains the private key corresponding with the public key in digital certificate, and encryption equipment is right again
Cryptographic Hash is encrypted using this private key, finally, stamped signature server 22 by encrypt after cryptographic Hash, numeral
Certificate and Electronic Signature are synthesized on electronic document, and then electronic document can be supplied to user.Due to
Be decrypted by the first secret key pair private key corresponding with the public key in digital certificate, and by with number
The process of the corresponding private key pair cryptographic Hash encryption of word CertPubKey is all in the encryption equipment of stamped signature server
Portion is processed, it is ensured that the private key corresponding with the public key in digital certificate is in the safety using process.
In the present embodiment, private key after digital certificate and encryption due to database purchase beyond the clouds, needing
When Electronic Signature being carried out to electronic document, from cloud database obtain digital certificate and digital certificate plus
Private key after close, can avoid the encryption equipment at Third Party Authentication center in prior art can only preserve limited
The private key corresponding with the public key in digital certificate of quantity, such that it is able to support the big number of the Internet stamped signature
According to the characteristic of amount and high concurrent, and ensure that the safety of the private key corresponding with the public key in digital certificate.
Fig. 3 A shows the method realizing Electronic Signature in accordance with a further exemplary embodiment of the present invention
Schematic flow sheet, Fig. 3 B show in accordance with a further exemplary embodiment of the present invention realize Electronic Signature
Method scene graph;The present embodiment is provided illustrative with electronic document by the second business platform.
As shown in Figure 3A, the method realizing Electronic Signature comprises the steps:
Step 301, determines the cryptographic Hash of the electronic document treating stamped signature;
Step 302, the cryptographic Hash of electronic document is sent in Third Party Authentication by the first dedicated network
The heart, wherein, Third Party Authentication center is used for generating digital certificate and adopting and the public key phase in digital certificate
Corresponding private key pair cryptographic Hash encryption;
Step 303, receives the cryptographic Hash after the encryption of Third Party Authentication center by the first dedicated network;
Step 304, the picture of cryptographic Hash, digital certificate and Electronic Signature after encryption is synthesized to electronics
In document.
The description of above-mentioned steps 301 may refer to the associated description of above-mentioned steps 101, will not be described in detail herein.
In step 302 and step 303, in one embodiment, the first dedicated network can be for being connected to
Stamped signature server and the dedicated communications network of authentication center, do not access other in this dedicated communications network and set
Standby, the cryptographic Hash after the first dedicated network transmits cryptographic Hash and encryption is it can be ensured that the peace of cryptographic Hash
Quan Xing.
The description of above-mentioned steps 304 may refer to the associated description of above-mentioned steps 103, and here is no longer detailed.
As an exemplary scenario, as shown in Figure 3 B, stamped signature server 31 and Third Party Authentication center
32 joint stamped signatures.During joint stamped signature, stamped signature server 31 extracts electronics literary composition by hash algorithm
The cryptographic Hash of shelves, stamped signature server 31 by the first dedicated network, cryptographic Hash is sent in Third Party Authentication
The heart 32, by Third Party Authentication center 32 using the private key pair Hash corresponding with the public key in digital certificate
Value is encrypted, and afterwards, by the first dedicated network, the cryptographic Hash after encrypting is returned to stamped signature server
31, the cryptographic Hash after encrypting, digital certificate, Electronic Signature are synthesized to electronic document by stamped signature server 31
In, and then electronic document can be supplied to user.
In the present embodiment, the cryptographic Hash of electronic document is sent to Third Party Authentication by the first dedicated network
Center, enters centrally through the private key pair cryptographic Hash corresponding with the public key in digital certificate in Third Party Authentication
After row encryption, the cryptographic Hash after encrypting is received by the first dedicated network, by the cryptographic Hash after encryption, number
The picture of word certificate and Electronic Signature is synthesized in electronic document, solves U-shield stamped signature of the prior art
The high problem of scheme implementation cost, reduces user cost, by using being stored in Third Party Authentication center
Corresponding with the public key in digital certificate private key pair cryptographic Hash encryption, then by after digital certificate, encryption
Cryptographic Hash be synthesized on electronic document, improve the public credibility of Electronic Signature, meanwhile, electronics can be made
Document does not go out to be compromised to other unrelated enterprises it is ensured that the business security of electronic document.
Fig. 4 A shows the method realizing Electronic Signature in accordance with a further exemplary embodiment of the present invention
Schematic flow sheet, Fig. 4 B show in accordance with a further exemplary embodiment of the present invention realize Electronic Signature
Method scene graph;The present embodiment is derived from as a example the 3rd business platform provides by electronic document and carries out example
Property explanation.As shown in Figure 4 A, the method realizing Electronic Signature comprises the steps:
Step 401, determines the cryptographic Hash of the electronic document treating stamped signature;
Step 402, the cryptographic Hash of electronic document, the second key are sent to by the second dedicated network
Three party service platform, wherein, the second key is default between stamped signature server and third party's business platform
Key or the key of joint consultation;
Step 403, the cryptographic Hash after the second dedicated network receives encryption;
Step 404, the picture of cryptographic Hash, digital certificate and Electronic Signature after encryption is synthesized to electronics
In document.
The description of above-mentioned steps 401 may refer to the associated description of above-mentioned steps 101, will not be described in detail herein.
In step 402 and step 403, in one embodiment, the second dedicated network can be for being connected to
Stamped signature server and the dedicated communications network of third party's business platform, do not access in this dedicated communications network
Other equipment, the cryptographic Hash after the second dedicated network transmits cryptographic Hash and encryption is it can be ensured that Hash
The safety of value.In one embodiment, third party's business platform can be the first industry in above-described embodiment
Business platform, the second business platform, the 3rd business platform etc. can provide the platform of electronic document.
The description of above-mentioned steps 404 may refer to the associated description of above-mentioned steps 103, and here is no longer detailed.
As an exemplary scenario, as shown in Figure 4 B, stamped signature server 41 is from third party's business platform
42 acquisition electronic documents, are extracted the cryptographic Hash of electronic document, cryptographic Hash are transferred to the using hash algorithm
The encryption equipment of three party service platform 42, passes through the second secret key pair by the encryption equipment of third party's business platform 42
Cryptographic Hash is encrypted, the stamped signature service that then cryptographic Hash after encrypting is returned to by the 3rd business platform 42
Device 41, the cryptographic Hash after encrypting, digital certificate, Electronic Signature are synthesized to electronics by stamped signature server 41
In document, and then electronic document can be supplied to user.
The present embodiment can meet third party's business platform 42 and require to take care of and the public key phase in digital certificate
The demand of corresponding private key, improves the motility of Electronic Signature mode.
By above-described embodiment, can there is being suitable for of different Electronic Signatures in different business scenarios
Scheme, therefore when playing the advantage of operational version of various Electronic Signatures, meets the business of personalization
Demand.
Corresponding to the above-mentioned method realizing Electronic Signature, the application also proposed shown in Fig. 5 according to this
The schematic configuration diagram of the stamped signature server of one exemplary embodiment of application.Refer to Fig. 5, in hardware layer
Face, this webserver includes processor, internal bus, network interface, internal memory and non-volatile deposits
Reservoir, is also possible that the hardware required for other business certainly.Processor is from nonvolatile memory
Read corresponding computer program and then to run in internal memory, logic level is formed and realizes Electronic Signature
Device.Certainly, in addition to software realization mode, the application is not precluded from other implementations, than
As logical device or the mode of software and hardware combining etc. that is to say, that the executive agent of following handling process
It is not limited to each logical block or hardware or logical device.
Fig. 6 is the structural representation of the device realizing Electronic Signature according to one example embodiment of the present invention
Figure;As shown in fig. 6, this device realizing Electronic Signature can include:Determining module 61, first is encrypted
Module 62, stamped signature synthesis module 63.Wherein:
Determining module 61, for determining the cryptographic Hash of the electronic document treating stamped signature;
First encrypting module 62, for cryptographic Hash that determining module 61 is determined using with digital certificate in
The corresponding private key of public key be encrypted;
Stamped signature synthesis module 63, for the cryptographic Hash after encrypting the first encrypting module 62, digital certificate
It is synthesized in electronic document with the picture of Electronic Signature.
Fig. 7 is the structural representation of the device realizing Electronic Signature according to one example embodiment of the present invention
Figure;As shown in fig. 7, on the basis of above-mentioned embodiment illustrated in fig. 6, the first encrypting module 62 may include:
Acquiring unit 621, for obtaining digital certificate and the private corresponding with the public key in digital certificate
Key, this private key is through encryption;
Decryption unit 622, is decrypted for acquiring unit is obtained with 621 private keys through encryption got;
Ciphering unit 623, for being encrypted using the private key pair cryptographic Hash after decryption unit 622 deciphering.
In one embodiment, device may also include:
Second encrypting module 64, for the private corresponding with the public key in digital certificate by the first secret key pair
Key is encrypted;
Memory module 65, for storing private key and digital certificate after the second encrypting module 64 encryption.
In one embodiment, digital certificate and the private key after encryption obtain from cloud database.
In one embodiment, the first encrypting module 62 may include:
First transmitting element 624, for being sent to the cryptographic Hash of electronic document by the first dedicated network
Third Party Authentication center, wherein, Third Party Authentication center is used for generating digital certificate and demonstrate,proving using with numeral
The corresponding private key pair cryptographic Hash encryption of public key in book;
First receiving unit 625, is added from Third Party Authentication center for being received by the first dedicated network
Cryptographic Hash after close.
In one embodiment, the first dedicated network is to be connected to stamped signature server and Third Party Authentication center
Dedicated communications network.
In one embodiment, device may also include:
Sending module 66, for sending out the cryptographic Hash of electronic document, the second key by the second dedicated network
Give third party business platform, wherein, the second key is between stamped signature server and third party's business platform
Default key;
Receiver module 67, for being received after the encryption of Third Party Authentication center by the second dedicated network
Cryptographic Hash.
Above-described embodiment is visible, can have being suitable for of different Electronic Signatures in different business scenarios
Scheme, therefore when playing the advantage of operational version of various Electronic Signatures, meeting individual business needs
Ask.
Those skilled in the art, after considering description and putting into practice invention disclosed herein, will readily occur to this
Other embodiments of application.The application is intended to any modification, purposes or the adaptability of the application
Change, these modifications, purposes or adaptations are followed the general principle of the application and are included this Shen
Please undocumented common knowledge in the art or conventional techniques.Description and embodiments only by
It is considered as exemplary, the true scope of the application and spirit are pointed out by claim below.
Also, it should be noted term " inclusion ", "comprising" or its any other variant be intended to non-exclusive
Property comprise, so that including a series of process of key elements, method, commodity or equipment not only include that
A little key elements, but also include other key elements being not expressly set out, or also include for this process, side
Method, commodity or the intrinsic key element of equipment.In the absence of more restrictions, " include one by sentence
Individual ... " key element that limits is it is not excluded that in process, method, commodity or the equipment including described key element
Also there is other identical element.
The foregoing is only the preferred embodiment of the application, not in order to limit the application, all this
Within the spirit of application and principle, any modification, equivalent substitution and improvement done etc., should be included in
Within the scope of the application protection.
Claims (18)
1. a kind of method realizing Electronic Signature is it is characterised in that being applied on stamped signature server, described
Method includes:
Determine the cryptographic Hash of the electronic document treating stamped signature;
Described cryptographic Hash is encrypted using the private key corresponding with the public key in digital certificate;
The picture of cryptographic Hash, digital certificate and Electronic Signature after described encryption is synthesized to described electronics literary composition
In shelves.
2. method according to claim 1 it is characterised in that described to described cryptographic Hash using with
The corresponding private key of public key in digital certificate is encrypted, including:
Obtain digital certificate and the private key corresponding with the public key in described digital certificate, this private key be through
Cross encryption;
The described private key through encryption is decrypted;
It is encrypted using the cryptographic Hash described in private key pair after described deciphering.
3. method according to claim 2 is it is characterised in that methods described also includes:
It is encrypted by private key described in the first secret key pair;
Store the private key after described digital certificate and encryption.
4. method according to claim 2 is it is characterised in that described digital certificate and described process
The private key of encryption obtains from cloud database.
5. method according to claim 1 it is characterised in that described to described cryptographic Hash using with
The corresponding private key of public key in digital certificate is encrypted, including:
The described cryptographic Hash of described electronic document is sent in Third Party Authentication by the first dedicated network
The heart, wherein, described Third Party Authentication center is used for generating described digital certificate and demonstrate,proving using with described numeral
Cryptographic Hash encryption described in the corresponding private key pair of public key in book;
Described Hash after the encryption of described Third Party Authentication center is received by described first dedicated network
Value.
6. method according to claim 5 is it is characterised in that described first dedicated network is to connect
Dedicated communications network in described stamped signature server and described Third Party Authentication center.
7. a kind of method realizing Electronic Signature is it is characterised in that being applied on stamped signature server, described
Method includes:
Determine the cryptographic Hash of the electronic document treating stamped signature;
The described cryptographic Hash of described electronic document, the second key are sent to described by the second dedicated network
Third party's business platform, described second key be described stamped signature server and described third party's business platform it
Between default key;
After described third party's business platform is encrypted using cryptographic Hash described in described second secret key pair, lead to
Cross described second dedicated network and receive the cryptographic Hash after encryption;
The picture of cryptographic Hash, digital certificate and Electronic Signature after described encryption is synthesized to described electronics literary composition
In shelves.
8. method according to claim 9 is it is characterised in that described second dedicated network is to connect
Dedicated communications network in stamped signature server and described 3rd business platform.
9. a kind of device realizing Electronic Signature is it is characterised in that described device includes:
Determining module, for determining the cryptographic Hash of the electronic document treating stamped signature;
First encrypting module, the described cryptographic Hash for determining to described determining module adopts and digital certificate
In the corresponding private key of public key be encrypted;
Stamped signature synthesis module, for the described cryptographic Hash after encrypting described first encrypting module, described number
The picture of word certificate and described Electronic Signature is synthesized in described electronic document.
10. device according to claim 9 is it is characterised in that described first encrypting module includes:
Acquiring unit, for obtaining digital certificate and the private corresponding with the public key in described digital certificate
Key, this private key is through encryption;
Decryption unit, the described private key through encryption for getting to described acquiring unit is decrypted;
Ciphering unit, for being carried out using the cryptographic Hash described in described private key pair after the deciphering of described decryption unit
Encryption.
11. devices according to claim 10 are it is characterised in that described device also includes:
Second encrypting module, for corresponding with the public key in described digital certificate by the first secret key pair
Private key is encrypted;
Memory module, for storing described digital certificate and corresponding with the public key in described digital certificate
Private key.
12. devices according to claim 10 it is characterised in that described digital certificate and described plus
Private key after close obtains from cloud database.
13. devices according to claim 9 are it is characterised in that described first encrypting module includes:
First transmitting element, for sending out the described cryptographic Hash of described electronic document by the first dedicated network
Give described Third Party Authentication center, wherein, described Third Party Authentication center is used for generating described numeral card
Book is simultaneously encrypted using the cryptographic Hash described in private key pair corresponding with the public key in described digital certificate;
First receiving unit, for being received in described Third Party Authentication by described first dedicated network
Described cryptographic Hash after heart encryption.
14. devices according to claim 13 are it is characterised in that described first dedicated network is even
It is connected on described stamped signature server and the dedicated communications network at described Third Party Authentication center.
15. devices according to claim 9 are it is characterised in that described device also includes:
Sending module, for will the described cryptographic Hash of described electronic document, the second key pass through second special
Network is sent to described 3rd business platform, and described second key is described stamped signature server and the described 3rd
Default key between square business platform;
Receiver module, is added from described Third Party Authentication center for being received by described second dedicated network
Described cryptographic Hash after close.
16. devices according to claim 15 are it is characterised in that described second dedicated network is even
It is connected on stamped signature server and the dedicated communications network of described 3rd business platform.
A kind of 17. stamped signature servers are it is characterised in that described stamped signature server includes:
Processor;
For storing the memorizer of processor executable;
Wherein, described processor is configured to:
Determine the cryptographic Hash of the electronic document treating stamped signature;
Described cryptographic Hash is encrypted using the private key corresponding with the public key in digital certificate;
The picture of described cryptographic Hash, described digital certificate and Electronic Signature after encryption is synthesized to described electricity
In subdocument.
A kind of 18. stamped signature servers are it is characterised in that described stamped signature server includes:
Processor;
For storing the memorizer of processor executable;
Wherein, described processor is configured to:
Determine the cryptographic Hash of the electronic document treating stamped signature;
The described cryptographic Hash of described electronic document, the second key are sent to described by the second dedicated network
Third party's business platform, described second key by described stamped signature server and described third party's business platform it
Between default key;
After described third party's business platform is encrypted using cryptographic Hash described in described second secret key pair, lead to
Cross the described cryptographic Hash after described second dedicated network receives described encryption;
The picture of cryptographic Hash, digital certificate and Electronic Signature after described encryption is synthesized to described electronics literary composition
In shelves.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510484844.2A CN106452775B (en) | 2015-08-07 | 2015-08-07 | Method and device for realizing electronic signature and signature server |
| PCT/CN2016/091524 WO2017024934A1 (en) | 2015-08-07 | 2016-07-25 | Electronic signing method, device and signing server |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510484844.2A CN106452775B (en) | 2015-08-07 | 2015-08-07 | Method and device for realizing electronic signature and signature server |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106452775A true CN106452775A (en) | 2017-02-22 |
| CN106452775B CN106452775B (en) | 2020-01-14 |
Family
ID=57982965
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510484844.2A Active CN106452775B (en) | 2015-08-07 | 2015-08-07 | Method and device for realizing electronic signature and signature server |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN106452775B (en) |
| WO (1) | WO2017024934A1 (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107344454A (en) * | 2017-07-27 | 2017-11-14 | 上海策赢网络科技有限公司 | Digital sealing generation method, service request and offer method and electronic equipment |
| CN108038772A (en) * | 2018-01-24 | 2018-05-15 | 上海百昌拍卖有限公司 | Subject matter auction system and device |
| CN108074175A (en) * | 2018-01-24 | 2018-05-25 | 上海百昌拍卖有限公司 | Electronic signature method and device |
| CN108320224A (en) * | 2018-01-24 | 2018-07-24 | 上海百昌拍卖有限公司 | Subject matter auction system and device |
| WO2018218465A1 (en) * | 2017-05-27 | 2018-12-06 | 深圳市大疆创新科技有限公司 | Electronic signature system, electronic signature server and electronic signature method |
| CN109600228A (en) * | 2018-10-31 | 2019-04-09 | 如般量子科技有限公司 | The signature method and sealing system of anti-quantum calculation based on public keys pond |
| CN109614802A (en) * | 2018-10-31 | 2019-04-12 | 如般量子科技有限公司 | The signature method and sealing system of anti-quantum calculation |
| CN109697603A (en) * | 2018-12-27 | 2019-04-30 | 中国移动通信集团江苏有限公司 | Guard method, device, equipment and the medium of E-seal |
| CN109756341A (en) * | 2018-12-05 | 2019-05-14 | 新华三技术有限公司 | Electronic signature method and device |
| CN111291392A (en) * | 2020-01-22 | 2020-06-16 | 京东数字科技控股有限公司 | Electronic signature method and device, electronic equipment and storage medium |
| CN111865572A (en) * | 2020-06-11 | 2020-10-30 | 天地融科技股份有限公司 | Method and system for joint signature |
Families Citing this family (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110266469B (en) * | 2019-06-18 | 2022-11-29 | 江苏慧世联网络科技有限公司 | Remote online electronic signature method based on WEB script data stream operation |
| CN110555311A (en) * | 2019-07-22 | 2019-12-10 | 航天信息股份有限公司 | Electronic signature system security design method and system based on pure soft cryptographic operation |
| CN110532808B (en) * | 2019-08-20 | 2023-04-11 | 江西金格科技有限公司 | Electronic signature method based on electronic document image object |
| CN110837634B (en) * | 2019-10-24 | 2023-10-27 | 杭州安存网络科技有限公司 | Electronic signature method based on hardware encryption machine |
| CN111277417B (en) * | 2020-01-15 | 2023-12-29 | 浙江华云信息科技有限公司 | Electronic signature implementation method based on national network security technology architecture |
| CN111865605B (en) * | 2020-06-11 | 2023-07-21 | 天地融科技股份有限公司 | Electronic signature method and terminal, electronic signature verification method and terminal |
| CN114676451B (en) * | 2020-12-24 | 2024-06-18 | 航天信息股份有限公司 | Electronic document signing method and device, storage medium and electronic equipment |
| CN113391880B (en) * | 2021-06-21 | 2023-04-07 | 超越科技股份有限公司 | Trusted mirror image transmission method for layered double hash verification |
| CN113537965A (en) * | 2021-07-09 | 2021-10-22 | 萨摩亚商恩旺股份有限公司 | Solid modeling and non-homogeneous virtualization and anti-counterfeiting integration system |
| CN113656766B (en) * | 2021-08-02 | 2024-04-12 | 中金金融认证中心有限公司 | Method, system and storage medium for signing electronic document with saddle stitch chapter |
| CN114239004A (en) * | 2021-11-16 | 2022-03-25 | 中国南方电网有限责任公司 | Electronic signature generation method, device, computer equipment and storage medium |
| CN114861232B (en) * | 2022-03-25 | 2025-03-07 | 山东日照发电有限公司 | Electronic seal system, electronic seal and electronic signature method |
| CN114978772B (en) * | 2022-07-27 | 2022-10-21 | 北京惠朗时代科技有限公司 | Separated storage electronic signature encryption protection system based on Internet |
| CN116436618B (en) * | 2023-06-07 | 2023-08-22 | 江苏意源科技有限公司 | Intelligent code scanning signature system and intelligent code scanning signature method |
| CN117150532B (en) * | 2023-10-30 | 2024-01-26 | 北京敏行通达信息技术有限公司 | Data security guarantee method, device, equipment and readable storage medium |
| CN117692152B (en) * | 2024-02-04 | 2024-05-31 | 杭州天谷信息科技有限公司 | Signature verification network-based signature method, signature verification method and certificate issuing method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030196090A1 (en) * | 2002-04-12 | 2003-10-16 | Ryuji Nagahama | Digital signature system |
| CN101022339A (en) * | 2007-03-23 | 2007-08-22 | 郭传真 | Electronic sign stamp identifying method combined with digital centifi cate and stamp |
| CN101369889A (en) * | 2007-08-13 | 2009-02-18 | 深圳兆日技术有限公司 | System and method for electronic endorsement of document |
| CN103873255A (en) * | 2014-03-03 | 2014-06-18 | 杭州电子科技大学 | Electronic contract off-line signing method based on trusted third party |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7581105B2 (en) * | 2003-12-16 | 2009-08-25 | Sap Aktiengesellschaft | Electronic signing apparatus and methods |
| CN101714222A (en) * | 2008-10-08 | 2010-05-26 | 刘学明 | Safe electronic stamping method based on notarization stamp of notarization institution |
| CN103259665A (en) * | 2013-05-28 | 2013-08-21 | 福建伊时代信息科技股份有限公司 | Method and system of electronic signature |
-
2015
- 2015-08-07 CN CN201510484844.2A patent/CN106452775B/en active Active
-
2016
- 2016-07-25 WO PCT/CN2016/091524 patent/WO2017024934A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030196090A1 (en) * | 2002-04-12 | 2003-10-16 | Ryuji Nagahama | Digital signature system |
| CN101022339A (en) * | 2007-03-23 | 2007-08-22 | 郭传真 | Electronic sign stamp identifying method combined with digital centifi cate and stamp |
| CN101369889A (en) * | 2007-08-13 | 2009-02-18 | 深圳兆日技术有限公司 | System and method for electronic endorsement of document |
| CN103873255A (en) * | 2014-03-03 | 2014-06-18 | 杭州电子科技大学 | Electronic contract off-line signing method based on trusted third party |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2018218465A1 (en) * | 2017-05-27 | 2018-12-06 | 深圳市大疆创新科技有限公司 | Electronic signature system, electronic signature server and electronic signature method |
| CN107344454B (en) * | 2017-07-27 | 2020-06-30 | 上海策赢网络科技有限公司 | Digital seal generation method, service request and providing method and electronic equipment |
| CN107344454A (en) * | 2017-07-27 | 2017-11-14 | 上海策赢网络科技有限公司 | Digital sealing generation method, service request and offer method and electronic equipment |
| CN108038772A (en) * | 2018-01-24 | 2018-05-15 | 上海百昌拍卖有限公司 | Subject matter auction system and device |
| CN108074175A (en) * | 2018-01-24 | 2018-05-25 | 上海百昌拍卖有限公司 | Electronic signature method and device |
| CN108320224A (en) * | 2018-01-24 | 2018-07-24 | 上海百昌拍卖有限公司 | Subject matter auction system and device |
| CN109614802B (en) * | 2018-10-31 | 2020-11-27 | 如般量子科技有限公司 | Anti-quantum-computation signature method and signature system |
| CN109614802A (en) * | 2018-10-31 | 2019-04-12 | 如般量子科技有限公司 | The signature method and sealing system of anti-quantum calculation |
| CN109600228A (en) * | 2018-10-31 | 2019-04-09 | 如般量子科技有限公司 | The signature method and sealing system of anti-quantum calculation based on public keys pond |
| CN109600228B (en) * | 2018-10-31 | 2021-07-27 | 如般量子科技有限公司 | Anti-quantum-computation signature method and system based on public key pool |
| CN109756341A (en) * | 2018-12-05 | 2019-05-14 | 新华三技术有限公司 | Electronic signature method and device |
| CN109756341B (en) * | 2018-12-05 | 2022-03-11 | 新华三技术有限公司 | Electronic signature method and device |
| CN109697603A (en) * | 2018-12-27 | 2019-04-30 | 中国移动通信集团江苏有限公司 | Guard method, device, equipment and the medium of E-seal |
| CN111291392A (en) * | 2020-01-22 | 2020-06-16 | 京东数字科技控股有限公司 | Electronic signature method and device, electronic equipment and storage medium |
| CN111291392B (en) * | 2020-01-22 | 2022-09-06 | 京东科技控股股份有限公司 | Electronic signature method and device, electronic equipment and storage medium |
| CN111865572A (en) * | 2020-06-11 | 2020-10-30 | 天地融科技股份有限公司 | Method and system for joint signature |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2017024934A1 (en) | 2017-02-16 |
| CN106452775B (en) | 2020-01-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106452775A (en) | Method and apparatus for accomplishing electronic signing and signing server | |
| US11799668B2 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| US12093419B2 (en) | Methods and devices for managing user identity authentication data | |
| EP3673609B1 (en) | Method and apparatus for obtaining input of secure multiparty computation protocol | |
| Alketbi et al. | Blockchain for government services—Use cases, security benefits and challenges | |
| CN109829269A (en) | Method, apparatus and system based on E-seal authenticating electronic documents | |
| CN107146120B (en) | Electronic invoice generation method and generation device | |
| WO2018145127A1 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| CN106897879A (en) | Block chain encryption method based on the PKI CLC close algorithms of isomerization polymerization label | |
| CN114580029A (en) | Block chain digital asset privacy protection method, device, equipment and storage medium | |
| Zou et al. | Phosphor: A cloud based DRM scheme with sim card | |
| CN109005196A (en) | Data transmission method, data decryption method, device and electronic equipment | |
| CN112905979B (en) | Electronic signature authorization method and device, storage medium and electronic device | |
| CN111079190A (en) | Block chain supply chain transaction hiding dynamic supervision system and method | |
| TWI734729B (en) | Method and device for realizing electronic signature and signature server | |
| CN116226289A (en) | Electronic certificate management method, device, equipment and storage medium based on blockchain | |
| Penubadi et al. | Sustainable electronic document security: A comprehensive framework integrating encryption, digital signature and watermarking algorithms | |
| CN109547404B (en) | Data acquisition method and server | |
| KR102475434B1 (en) | Security method and system for crypto currency | |
| Vaze | Digital Signature on-line, One Time Private Key [OTPK] | |
| US11132674B2 (en) | Micro trusted network | |
| EP4154142A1 (en) | Systems and methods for whitebox device binding | |
| Khanum et al. | Sensitive data protection at Blockchain endpoints and transactions | |
| USRE49968E1 (en) | Electronic identification verification methods and systems with storage of certification records to a side chain | |
| Rewagad et al. | Use of digital signature and rijndael encryption algorithm to enhanced security of data in cloud computing services |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1233794 Country of ref document: HK |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |