[go: up one dir, main page]

CN109660494A - The signature method, apparatus and server of electronic contract - Google Patents

The signature method, apparatus and server of electronic contract Download PDF

Info

Publication number
CN109660494A
CN109660494A CN201710941441.5A CN201710941441A CN109660494A CN 109660494 A CN109660494 A CN 109660494A CN 201710941441 A CN201710941441 A CN 201710941441A CN 109660494 A CN109660494 A CN 109660494A
Authority
CN
China
Prior art keywords
signing
identity information
electronic contract
contract
signed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710941441.5A
Other languages
Chinese (zh)
Inventor
严硕
郭宏杰
刘海龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Eidlink Information Technology Co Ltd
Original Assignee
Eidlink Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Eidlink Information Technology Co Ltd filed Critical Eidlink Information Technology Co Ltd
Priority to CN201710941441.5A priority Critical patent/CN109660494A/en
Publication of CN109660494A publication Critical patent/CN109660494A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The embodiment of the invention provides the signature method, apparatus and server of a kind of electronic contract, wherein the signature method of electronic contract includes: to receive electronic contract to be signed, and obtain the plaintext identity information in electronic contract to be signed;The ciphertext identity information of plaintext identity information is generated, and covers the plaintext identity information in electronic contract to be signed using ciphertext identity information;The signed electronic contract for carrying ciphertext identity information is obtained, signed electronic contract is that the digital certificate private key based on contract signatory completes signature.The embodiment of the present invention, the plaintext identity information in electronic contract to be signed is covered using ciphertext identity information, so that plaintext identity information is externally invisible, the privacy information for effectively preventing contract signatory is illegally usurped or is caused the risk of contract signatory's leakage of private information by other people, greatly improves the safety of the privacy informations such as the identity information of contract signatory.

Description

Electronic contract signing method and device and server
Technical Field
The invention relates to the technical field of information processing, in particular to a method, a device and a server for signing an electronic contract.
Background
With the development of electronic technology, electronic contracts appear with the characteristics of long preservation time, convenient transmission, paper saving and the like, although electronic contracts exist in an electronic form, the application of digital certificate technology ensures the safety, the repudiation resistance and the non-tamper resistance of the electronic contracts, and related laws also define the legal effectiveness of the electronic contracts.
At present, an electronic contract is signed by a local terminal or a cloud server, wherein the content of the electronic contract is confirmed by a digital Certificate applied by a user at a Certificate Authority (CA), the electronic contract or a summary of the electronic contract is encrypted by a private key of a contract signing party to generate a digital signature, and the digital signature is added to the electronic contract, so that a signer cannot repudiate the content of the electronic contract, and the content of the contract is ensured to be not falsified. Although the method is seemingly simple to operate, the electronic contract needs to be stored in a local terminal or a cloud server, and meanwhile, part of the electronic contract needs to be exposed to the outside, so that the electronic contract allows a third party to view the electronic contract, and therefore the private information of the contract signing party is easily illegally stolen by others or the private information of the contract signing party is leaked, and the private information of the contract signing party is threatened.
Disclosure of Invention
The invention aims to solve at least one of the technical defects, in particular to the technical defect that the private information in the electronic contract can be illegally stolen or leaked.
According to one aspect, an embodiment of the present invention provides a method for signing an electronic contract, including:
receiving an electronic contract to be signed, and acquiring plaintext identity information in the electronic contract to be signed;
generating ciphertext identity information of the plaintext identity information, and covering the plaintext identity information in the electronic contract to be signed by using the ciphertext identity information;
and acquiring a signed electronic contract carrying the ciphertext identity information, wherein the signed electronic contract is signed based on a digital certificate private key of a contract signing party.
Preferably, the acquiring the plaintext identity information in the electronic contract to be signed includes:
retrieving the electronic contract to be signed to acquire the plaintext identity information; or,
plaintext identity information of the electronic contract to be signed is extracted at a predetermined contract location.
Preferably, the generating of the ciphertext identity information of the plaintext identity information includes:
sending an encoding request of the plaintext identity information to an encoding generation module;
receiving a coding response returned by the coding generation module for the coding request;
and acquiring the ciphertext identity information carried in the coded response.
Preferably, after the obtaining of the ciphertext identity information carried in the encoded response, the method further includes:
and storing the corresponding relation between the ciphertext identity information and the plaintext identity information.
Preferably, the overwriting the plaintext identity information in the electronic contract to be signed with the ciphertext identity information includes:
generating corresponding graphic coding information based on the ciphertext identity information;
and covering the plaintext identity information in the electronic contract to be signed by using the graphical coding information.
Preferably, the acquiring the signed electronic contract carrying the ciphertext identity information includes:
performing electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a stored digital certificate private key of a contract signing party to finish signing the electronic contract; or,
and sending the electronic contract to be signed carrying the ciphertext identity information to a contract signing party, and receiving the electronic contract fed back by the contract signing party and signed by using the electronic contract to be signed carrying the ciphertext identity information by using respective digital certificate private keys.
Preferably, the electronically signing, by using the stored private key of the digital certificate of the contract signing party, the electronic contract to be signed carrying the ciphertext identity information to complete signing of the electronic contract includes:
if the received electronic contract to be signed comes from the first signing party, carrying out electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a stored digital certificate private key applied for the first signing party in advance to obtain a first electronic contract;
sending notification information of a signing contract to a second signing party, wherein the notification information carries the first electronic contract;
receiving response information of an authorized signing contract returned by the second signing party aiming at the notification information;
and electronically signing the first electronic contract by using a stored private key of the digital certificate applied for the second signing party in advance.
Preferably, the sending the electronic contract to be signed carrying the ciphertext identity information to the contract signing party, and receiving the electronic contract fed back by the contract signing party and signed by using the respective digital certificate private key to electronically sign the electronic contract to be signed carrying the ciphertext identity information includes:
sending the electronic contract to be signed carrying the ciphertext identity information to a first signing party, and receiving a second electronic contract returned by the first signing party, wherein the second electronic contract is obtained by the first signing party after the first signing party utilizes a digital certificate private key thereof to electronically sign the electronic contract to be signed carrying the ciphertext identity information;
and sending the second electronic contract to a second signing party, and receiving a third electronic contract returned by the second signing party, wherein the third electronic contract is obtained by the second signing party through electronic signature on the second electronic contract by using a digital certificate private key of the second signing party.
Preferably, the method further comprises the following steps:
receiving a request for checking plaintext identity information corresponding to ciphertext identity information in an electronic contract, which is sent by a user;
and sending a corresponding viewing response to the user according to the viewing permission of the user.
Preferably, the sending a corresponding viewing response to the user according to the viewing right of the user includes:
judging whether the user has a viewing authority or not;
if the user has the checking authority, sending a checking response carrying the plaintext identity information corresponding to the ciphertext identity information to the user;
if the user does not have the viewing authority, sending the viewing request to a related party of the electronic contract, and sending a corresponding viewing response to the user according to the received authorization response returned by the related party to the viewing request; the related party comprises: a contractual signing party or a third party authorized by the contractual signing party.
Preferably, the sending a corresponding viewing response to the user according to the received authorization response returned by the relevant party for the viewing request includes:
and if receiving an authorization response authorizing the checking returned by the relevant parties aiming at the checking request, sending a checking response carrying the plaintext identity information corresponding to the ciphertext identity information to the user.
Preferably, before sending the check response carrying the plaintext identity information corresponding to the ciphertext identity information to the user, the method further includes:
and searching the plaintext identity information corresponding to the ciphertext identity information according to the pre-stored corresponding relationship between the ciphertext identity information and the plaintext identity information.
An embodiment of the present invention also provides, according to another aspect, an apparatus for signing an electronic contract, including:
the receiving module is used for receiving the electronic contract to be signed and acquiring the plaintext identity information in the electronic contract to be signed;
the plaintext processing module is used for generating ciphertext identity information of the plaintext identity information and covering the plaintext identity information in the electronic contract to be signed by using the ciphertext identity information;
and the contract signing module is used for acquiring a signed electronic contract carrying the ciphertext identity information, wherein the signed electronic contract is signed based on a digital certificate private key of a contract signing party.
Preferably, the receiving module is specifically configured to retrieve the electronic contract to be signed to obtain the plaintext identity information; alternatively, plaintext identity information of the electronic contract to be signed is extracted at a predetermined contract location.
Preferably, the plaintext processing module includes: a coding request sending submodule, a coding response receiving submodule and a ciphertext obtaining submodule;
the encoding request sending submodule is used for sending an encoding request of the plaintext identity information to an encoding generation module;
the code response receiving submodule is used for receiving a code response returned by the code generating module aiming at the code request;
and the ciphertext obtaining submodule is used for obtaining the ciphertext identity information carried in the coded response.
Preferably, the apparatus further comprises: a storage submodule;
and the storage submodule is used for storing the corresponding relation between the ciphertext identity information and the plaintext identity information.
Preferably, the plaintext processing module includes: a graph code generation submodule and a coverage submodule;
the graphic code generation submodule is used for generating corresponding graphic code information based on the ciphertext identity information;
and the covering submodule is used for covering the plaintext identity information in the electronic contract to be signed by utilizing the graphic coding information.
Preferably, the contract signing module comprises: the first signing sub-module and the second signing sub-module;
the first signing sub-module is used for carrying out electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using the stored digital certificate private key of the contract signing party so as to finish signing the electronic contract;
and the second signing sub-module is used for sending the electronic contract to be signed carrying the ciphertext identity information to a contract signing party and receiving the electronic contract which is fed back by the contract signing party and is subjected to electronic signature signing on the electronic contract to be signed carrying the ciphertext identity information by using respective digital certificate private keys.
Preferably, the first signing sub-module comprises: the system comprises a first signing subunit, a notification sending subunit, a response receiving subunit and a second signing subunit;
the first signing subunit is used for performing electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a stored digital certificate private key applied to the first signing party in advance when the received electronic contract to be signed comes from the first signing party to obtain a first electronic contract;
the sending notification subunit is configured to send notification information of a signing contract to a second signing party, where the notification information carries the first electronic contract;
the response receiving subunit is configured to receive response information of an authorized signing contract returned by the second signing party for the notification information;
and the second signing subunit is used for electronically signing the first electronic contract by using a stored private key of a digital certificate applied for a second signing party in advance.
Preferably, the second signing sub-module comprises: the first signing party signing subunit and the second signing party signing subunit;
the first signing party signing subunit is used for sending the electronic contract to be signed carrying the ciphertext identity information to the first signing party and receiving a second electronic contract returned by the first signing party, wherein the second electronic contract is the electronic contract obtained by the first signing party performing electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a digital certificate private key of the first signing party;
and the second signing party signing subunit is used for sending the second electronic contract to the second signing party and receiving a third electronic contract returned by the second signing party, wherein the third electronic contract is an electronic contract obtained by the second signing party through electronic signature on the second electronic contract by using a digital certificate private key of the second signing party.
Preferably, the apparatus further comprises: the checking request receiving module and the checking response sending module are connected with the checking request receiving module;
the checking request receiving module is used for receiving a request sent by a user for checking plaintext identity information corresponding to ciphertext identity information in an electronic contract;
and the sending and checking response module is used for sending corresponding checking response to the user according to the checking authority of the user.
Preferably, the sending view response module includes: the judgment sub-module, the first viewing response sub-module and the second viewing response sub-module;
the judgment submodule is used for judging whether the user has the viewing permission;
the first viewing response submodule is used for sending a viewing response carrying plaintext identity information corresponding to the ciphertext identity information to the user when the user has viewing right;
the second viewing response submodule is used for sending the viewing request to a relevant party of the electronic contract when the user does not have the viewing right, and sending a corresponding viewing response to the user according to the received authorization response returned by the relevant party aiming at the viewing request; the related party comprises: a contractual signing party or a third party authorized by the contractual signing party.
Preferably, the second view response submodule is specifically configured to send, to the user, a view response carrying plaintext identity information corresponding to the ciphertext identity information when receiving an authorization response that all relevant parties return authorization to view for the view request.
Preferably, the apparatus further comprises: searching a sub-module;
and the searching submodule is used for searching the plaintext identity information corresponding to the ciphertext identity information according to the pre-stored corresponding relation between the ciphertext identity information and the plaintext identity information.
According to another aspect, an embodiment of the present invention further provides a server, including: the electronic contract signing method comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein the processor realizes the electronic contract signing method when executing the program.
In the first embodiment of the invention, the electronic contract to be signed is received, and the plaintext identity information in the electronic contract to be signed is acquired, so that the cloud server receives the electronic contract sent by the contract signing initiator in time and extracts the plaintext identity information in the electronic contract, thereby providing a precondition guarantee for the subsequent processing of the plaintext information; ciphertext identity information of the plaintext identity information is generated, and the ciphertext identity information is used for covering the plaintext identity information in the electronic contract to be signed, so that the plaintext identity information is invisible to the outside, the risk that the privacy information of the contract signing party is illegally embezzled by other people or the privacy information of the contract signing party is leaked is effectively avoided, and the safety of the privacy information such as the identity information of the contract signing party is greatly improved; the signed electronic contract carrying the ciphertext identity information is obtained, the signed electronic contract is signed based on the digital certificate private key of the contract signing party, the fact that the electronic contract signed by the contract signing party and carrying the ciphertext identity information is stored in the cloud server is guaranteed, and the signed contract can be conveniently checked or externally disclosed by the subsequent contract signing party.
Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The foregoing and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a flowchart illustrating a method of signing an electronic contract according to a first embodiment of the present invention;
fig. 2 is a schematic diagram illustrating a process of signing an electronic contract through a cloud server according to a first embodiment of the present invention;
fig. 3 is a schematic diagram illustrating a process of locally completing signing an electronic contract by a signing party according to a first embodiment of the present invention;
fig. 4 is a flowchart illustrating a method of signing an electronic contract according to a second embodiment of the present invention;
fig. 5 is a schematic diagram of a process for a third party to check the ciphertext identity information in the signed electronic contract according to the second embodiment of the present invention;
fig. 6 is a basic configuration diagram of an electronic contract signing apparatus according to a third embodiment of the present invention;
fig. 7 is a detailed structural diagram of an electronic contract signing apparatus according to a third embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative only and should not be construed as limiting the invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
It will be understood by those skilled in the art that, unless otherwise defined, all terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. It will be further understood that terms, such as those defined in commonly used dictionaries, should be interpreted as having a meaning that is consistent with their meaning in the context of the prior art and will not be interpreted in an idealized or overly formal sense unless expressly so defined herein.
As will be appreciated by those skilled in the art, a "terminal" as used herein includes both devices having a wireless signal receiver, which are devices having only a wireless signal receiver without transmit capability, and devices having receive and transmit hardware, which have devices having receive and transmit hardware capable of two-way communication over a two-way communication link. Such a device may include: a cellular or other communication device having a single line display or a multi-line display or a cellular or other communication device without a multi-line display; PCS (Personal Communications Service), which may combine voice, data processing, facsimile and/or data communication capabilities; a PDA (Personal Digital Assistant), which may include a radio frequency receiver, a pager, internet/intranet access, a web browser, a notepad, a calendar and/or a GPS (Global Positioning System) receiver; a conventional laptop and/or palmtop computer or other device having and/or including a radio frequency receiver. As used herein, a "terminal" or "terminal device" may be portable, transportable, installed in a vehicle (aeronautical, maritime, and/or land-based), or situated and/or configured to operate locally and/or in a distributed fashion at any other location(s) on earth and/or in space. As used herein, a "terminal Device" may also be a communication terminal, a web terminal, a music/video playing terminal, such as a PDA, an MID (Mobile Internet Device) and/or a Mobile phone with music/video playing function, or a smart tv, a set-top box, etc.
Some terminology information related to the signing of the electronic contract that will be used in the following description is described in a unified way, as follows:
the digital certificate (CA certificate) is a string of numbers for marking the identity information of each communication party in Internet communication, and provides a way for verifying the identity of the entities of the two communication parties on the Internet.
The electronic signature is an expression form of the electronic signature, the electronic signature operation is converted into a visual effect which is the same as the paper document stamping operation by using an image processing technology, and meanwhile, the authenticity and the integrity of electronic information and the non-repudiation of a signer are guaranteed by using the electronic signature technology.
The electronic contract has the core function of electronic signature, and the electronic signature is an electronic signature of an electronic document through a cryptographic technology, is not a digital image of a written signature, is similar to a handwritten signature or a seal, and can be called as an electronic seal.
A first embodiment of the present invention provides a method for signing an electronic contract, the specific flow is shown in fig. 1, and the method includes: step 110, receiving an electronic contract to be signed, and acquiring plaintext identity information in the electronic contract to be signed; step 120, generating ciphertext identity information of the plaintext identity information, and covering the plaintext identity information in the electronic contract to be signed by using the ciphertext identity information; and step 130, acquiring a signed electronic contract carrying the ciphertext identity information, wherein the signed electronic contract is signed based on the private key of the digital certificate of the contract signing party.
In the first embodiment of the invention, the electronic contract to be signed is received, and the plaintext identity information in the electronic contract to be signed is acquired, so that the cloud server receives the electronic contract sent by the contract signing initiator in time and extracts the plaintext identity information in the electronic contract, thereby providing a precondition guarantee for the subsequent processing of the plaintext information; ciphertext identity information of the plaintext identity information is generated, and the ciphertext identity information is used for covering the plaintext identity information in the electronic contract to be signed, so that the plaintext identity information is invisible to the outside, the risk that the privacy information of the contract signing party is illegally embezzled by other people or the privacy information of the contract signing party is leaked is effectively avoided, and the safety of the privacy information such as the identity information of the contract signing party is greatly improved; the signed electronic contract carrying the ciphertext identity information is obtained, the signed electronic contract is signed based on the digital certificate private key of the contract signing party, the fact that the electronic contract signed by the contract signing party and carrying the ciphertext identity information is stored in the cloud server is guaranteed, and the signed contract can be conveniently checked or externally disclosed by the subsequent contract signing party.
The following describes in detail a first embodiment of the present invention, specifically as follows:
in step 110, the electronic contract to be signed is received, and the plaintext identity information in the electronic contract to be signed is obtained.
Specifically, when a contract signing party needs to sign an electronic contract on a cloud server, a contract signing initiator uploads a pre-planned electronic contract to be signed to the cloud server through the internet or a client, wherein the electronic contract to be signed carries identity information capable of representing the signing party, such as: the electronic contract signing method comprises the steps that when a contract signing initiator uploads a contract signing electronic contract to a cloud server through a client, the contract signing initiator uploads the electronic contract to be signed to the client firstly, then the electronic contract to be signed is uploaded to the cloud server through the client, and the cloud server receives the electronic contract to be signed, stores the electronic contract to be signed and acquires plaintext identity information of the electronic contract.
Preferably, the obtaining of the plaintext identity information in the electronic contract to be signed comprises: retrieving the electronic contract to be signed to acquire plaintext identity information; alternatively, plaintext identity information of the electronic contract to be signed is extracted at a predetermined contract location.
The cloud server can perform traversal matching with information in the electronic contract to be signed through keywords and the like which are pre-stored and related to the identity information, and obtain corresponding plaintext identity information; or extracting the information at the position according to the position specified in advance by the contract signing party to acquire the corresponding plaintext identity information.
In step 120, ciphertext identity information of the plaintext identity information is generated, and the ciphertext identity information is used to cover the plaintext identity information in the electronic contract to be signed.
Preferably, generating the ciphertext identity information of the plaintext identity information includes: sending a coding request of the plaintext identity information to a coding generation module; receiving a coding response returned by the coding generation module aiming at the coding request; and acquiring the ciphertext identity information carried in the coded response.
Preferably, after the ciphertext identity information carried in the encoded response is obtained, the method further includes: and storing the corresponding relation between the ciphertext identity information and the plaintext identity information.
Preferably, the step of overwriting the plaintext identity information in the electronic contract to be signed with the ciphertext identity information comprises: generating corresponding graphic coding information based on the ciphertext identity information; and covering the plaintext identity information in the electronic contract to be signed with the graphical coding information.
Specifically, the cloud server transmits the obtained plaintext identity information to a code generation module, requests the code generation module to correspondingly encode the plaintext identity information to generate ciphertext identity information corresponding to the plaintext identity information, and receives ciphertext identity information returned by the code generation module, wherein the same user generates the same character string code in the code generation module, the code generation module can be a third-party code generation module or a self-defined code generation module in the cloud server, the code generation module generates a non-pushback character string code (namely, ciphertext identity information) for the transmitted plaintext identity information through a self-defined algorithm and returns the non-pushback character string code to the cloud server, the character string code is generated by special equipment or is realized by a soft algorithm, and the coding algorithm generally adopted by the code generation module is non-pushback, the generated code (namely ciphertext identity information) can not be used by outsiders to calculate corresponding plaintext identity information after being backed by means of big data or database collision and the like, the original identity plaintext is covered by the coded ciphertext identity information, leakage of the plaintext identity information is completely eradicated from the root, even if the electronic contract is illegally obtained by other people, the plaintext identity information in the electronic contract can not be illegally obtained by other people, leakage of privacy information in the electronic contract can not be caused, and user identity information is protected to the maximum extent.
Further, after receiving the ciphertext identity information returned by the code generation module, the cloud server stores the corresponding relationship between the ciphertext identity information and the plaintext identity information, that is, stores the one-to-one corresponding relationship between the ciphertext identity information and the plaintext identity information in the form of a list, a relationship table, or the like.
Further, after receiving the ciphertext identity information returned by the code generation module, the cloud server generates corresponding graphic code information based on the ciphertext identity information, for example: two-dimensional codes, bar codes and the like, and the generated graphic coding information is used for covering the plaintext identity information in the electronic contract to be signed, so that the plaintext identity information in the electronic contract to be signed is invisible to the outside, and the illegal embezzlement of the identity information of the contract signing party by other people or the leakage of the identity information of the contract signing party are prevented.
In step 130, a signed electronic contract carrying the ciphertext identity information is obtained, where the signed electronic contract is signed based on the private key of the digital certificate of the contract signer.
Preferably, the acquiring the signed electronic contract carrying the ciphertext identity information includes: performing electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a stored digital certificate private key of a contract signing party to finish signing the electronic contract; or sending the electronic contract to be signed carrying the ciphertext identity information to a contract signing party, and receiving the electronic contract fed back by the contract signing party and signed by using the electronic contract to be signed carrying the ciphertext identity information by using the respective digital certificate private key.
Preferably, the electronic signature is performed on the electronic contract to be signed carrying the ciphertext identity information by using the stored private key of the digital certificate of the contract signing party, so as to complete the signing of the electronic contract, and the method comprises the following steps: if the received electronic contract to be signed comes from the first signing party, carrying out electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a stored digital certificate private key applied for the first signing party in advance to obtain a first electronic contract; sending notification information of the signing contract to a second signing party, wherein the notification information carries the first electronic contract; receiving response information of the authorized signing contract returned by the second signing party aiming at the notification information; and electronically signing the first electronic contract by using a stored private key of the digital certificate applied for the second signing party in advance.
Preferably, the sending the to-be-signed electronic contract carrying the ciphertext identity information to a contract signing party, and receiving the electronic contract fed back by the contract signing party and signed by using the respective digital certificate private key to electronically sign the to-be-signed electronic contract carrying the ciphertext identity information includes: sending the electronic contract to be signed carrying the ciphertext identity information to a first signing party, and receiving a second electronic contract returned by the first signing party, wherein the second electronic contract is an electronic contract obtained by the first signing party performing electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a digital certificate private key of the first signing party; and sending the second electronic contract to the second signing party, and receiving a third electronic contract returned by the second signing party, wherein the third electronic contract is obtained by the second signing party through electronic signature on the second electronic contract by using the digital certificate private key of the second signing party.
Specifically, the electronic contract to be signed can be signed through the cloud server, and the electronic contract to be signed can also be signed at the local terminal through the signing party.
Further, in the case of signing the electronic contract to be signed through the cloud server, the cloud server performs electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using the stored digital certificate private key of the contract signing party, so as to complete signing of the electronic contract. Specifically, if the received electronic contract to be signed comes from the first signing party, the stored digital certificate private key applied for the first signing party in advance is used for carrying out electronic signature on the electronic contract to be signed carrying the ciphertext identity information to obtain a first electronic contract; sending notification information of a signing contract to a second signing party, wherein the notification information carries the first electronic contract; receiving response information of an authorized signing contract returned by the second signing party aiming at the notification information; and electronically signing the first electronic contract by using a stored private key of the digital certificate applied for the second signing party in advance.
Wherein, if the electronic contract to be signed received by the cloud server comes from the first signing party (such as the first party), the first signing party (first party) agrees to authorize the cloud server to electronically sign the electronic contract to be signed carrying the ciphertext identity information by using the stored digital certificate private key of the first signing party (first party) to obtain a first electronic contract, after the cloud server completes the electronic signature of the first signing party, the electronic signature of a second signing party (for example, the second signing party) needs to be completed, so that after the cloud server completes the electronic signature of the first signing party (the first signing party), the cloud server sends notification information carrying the first electronic contract to the second signing party and notifies the second signing party (the second signing party) of signing the electronic contract, wherein the notification mode comprises mail, telephone, APP notification and the like, and the application document does not limit the electronic signature; the second signing party (second party) checks the first electronic contract and returns response information of the authorized signing contract, namely the second signing party (second party) authorizes the cloud server to use the stored digital certificate private key applied for the second signing party (second party) in advance to electronically sign the first electronic contract, wherein the second signing party (second party) can check the first electronic contract in a mode of logging in a client side of the second signing party (second party) and can check the first electronic contract in other feasible modes, and when the second signing party (second party) checks the first electronic contract in a mode of logging in the client side of the second signing party (second party), the response information of the authorized signing contract is sent to the cloud server through the client side; when the cloud server receives the authorization response of the second signing party (party B), the first electronic contract is electronically signed by using the stored digital certificate private key applied for the second signing party (party B) in advance so as to complete the signing of the electronic contract; after the cloud server finishes signing the electronic contract, the contract signing party can be disclosed or notified on a website, wherein fig. 2 is a schematic diagram of a process of finishing signing the electronic contract through the cloud server.
When the electronic contract to be signed is signed by the cloud server, if there are other signing parties such as the third signing party and the fourth signing party in addition to the first signing party (the originator signing the electronic contract) and the second signing party, the signing processes of the other signing parties are consistent with the processing process of the second signing party.
Further, in the case that the electronic contract to be signed is signed at the local terminal through the signing party, the cloud server sends the electronic contract to be signed carrying the ciphertext identity information to the contract signing party, and receives the electronic contract fed back by the contract signing party and signed by electronically signing the electronic contract to be signed carrying the ciphertext identity information by using the respective digital certificate private key. Specifically, the cloud server sends the electronic contract to be signed carrying the ciphertext identity information to a first signing party and receives a second electronic contract returned by the first signing party, wherein the second electronic contract is the electronic contract obtained by the first signing party performing electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a digital certificate private key of the first signing party; and sending the second electronic contract to the second signing party, and receiving a third electronic contract returned by the second signing party, wherein the third electronic contract is obtained by the second signing party through electronic signature on the second electronic contract by using the digital certificate private key of the second signing party.
The cloud server sends the electronic contract to be signed carrying the ciphertext identity information to a first signing party (A), the first signing party (A) uses a digital certificate private key which is applied in advance and stored locally to electronically sign the electronic contract to be signed carrying the ciphertext identity information, and after the first signing party (A) finishes signing, the signed second electronic contract is sent to the cloud server, and particularly, the first signing party (A) can finish the signing, sending and other processing of the second electronic contract in a mode of logging in a client side of the first signing party (A); the cloud server receives the signed second electronic contract of the first signing party (party A), sends the second electronic contract to the second signing party (party B), and informs the second signing party (party B) to sign the electronic contract, the second signing party (party B) uses a digital certificate private key which is applied in advance and stored locally to electronically sign the second electronic contract, and after the second signing party (party B) finishes signing, the signed third electronic contract is sent to the cloud server, and particularly, the second signing party (party B) can finish the signing, sending and other processing of the third electronic contract in a mode of logging in a client side of the second signing party (party B); after receiving the third electronic contract, the cloud server may disclose or notify the contract signing party on the website, where fig. 3 is a schematic diagram illustrating a process of locally completing signing the electronic contract by the signing party.
When the electronic contract to be signed is signed by the signing party at the local terminal, if there are other signing parties such as the third and fourth signing parties in addition to the first signing party (the originator signing the electronic contract) and the second signing party, the signing process of the other signing parties is identical to the processing process of the second signing party.
Compared with the prior art, the signing method of the electronic contract provided by the first embodiment of the invention covers plaintext identity information by using generated irreversible ciphertext identity information, protects privacy information such as the plaintext identity information in the electronic contract to the greatest extent, prevents the identity information in the contract from being illegally obtained by other people even if the electronic contract is illegally obtained by other people, and prevents the privacy information in the electronic contract from being leaked, so that the privacy leakage risk of the electronic contract after being illegally stolen is reduced from the root, the leakage of the identity information of a contract signing party when the electronic contract is externally disclosed is avoided, meanwhile, the implementation magnitude is light, the implementability is strong, and the signing method can be carried in any electronic contract technology and can complete privacy protection of plaintext identity information by low modification.
The second embodiment of the invention provides a method for signing an electronic contract, which is further improved on the basis of the first embodiment, and the main improvement is that: in the second embodiment of the present invention, a process of a third party user or an enterprise viewing plaintext identity information covered by ciphertext identity information is further provided, which is specifically shown in fig. 4.
Steps 410 to 430 are substantially the same as steps 110 to 130 in the first embodiment, and are not described herein again.
In step 440, a request sent by the user to view plaintext identity information corresponding to the ciphertext identity information in the electronic contract is received.
Specifically, when the third-party user or the enterprise acquires the signed electronic contract, if the plaintext identity information covered by the ciphertext identity information in the electronic contract needs to be checked, the third-party user or the enterprise can log in the client, use the APP or the computer-side control to identify the ciphertext identity information, such as two-dimensional codes, bar codes and the like, and send a request for checking the plaintext identity information corresponding to the ciphertext identity information in the electronic contract to the cloud server so as to apply for the checking right.
In step 450, a corresponding viewing response is sent to the user according to the viewing right of the user.
Preferably, the sending a corresponding viewing response to the user according to the viewing right of the user includes: judging whether the user has the viewing authority; if the user has the checking authority, sending a checking response carrying the plaintext identity information corresponding to the ciphertext identity information to the user; if the user does not have the viewing permission, the viewing request is sent to a related party of the electronic contract, and a corresponding viewing response is sent to the user according to the received authorization response returned by the related party to the viewing request; the related parties comprise: a contractual signing party or a third party authorized by the contractual signing party.
Preferably, according to the received authorization response returned by the relevant party to the viewing request, sending a corresponding viewing response to the user includes: and if receiving an authorization response authorizing the checking returned by the relevant parties aiming at the checking request, sending a checking response carrying the plaintext identity information corresponding to the ciphertext identity information to the user.
Preferably, before sending the check response carrying the plaintext identity information corresponding to the ciphertext identity information to the user, the method further includes: and searching the plaintext identity information corresponding to the ciphertext identity information according to the corresponding relationship between the prestored ciphertext identity information and the plaintext identity information.
Specifically, after receiving a request for checking plaintext identity information corresponding to ciphertext identity information in an electronic contract, sent by a user, a cloud server judges whether the user has a checking authority; if the user has the checking authority, according to the corresponding relation between the pre-stored ciphertext identity information and the plaintext identity information, plaintext identity information corresponding to the ciphertext identity information is searched, and the plaintext identity information is sent to the user; if the user does not have the checking authority, sending the checking request to the relevant parties of the electronic contract, and when receiving an authorization response that the relevant parties all return authorization checking aiming at the checking request, searching plaintext identity information corresponding to the ciphertext identity information according to the corresponding relation between the prestored ciphertext identity information and the plaintext identity information, and sending the plaintext identity information to the user; the related parties include a contract signing party or a third party authorized by the contract signing party, the third party authorized by the contract signing party includes a person authorized by the contract signing party, an organization authorized by the contract signing party and the like, and fig. 5 is a schematic diagram of a process for the third party to view ciphertext identity information in a signed electronic contract.
The second embodiment of the invention further provides a specific processing procedure for checking the plaintext identity information covered by the ciphertext identity information by a third party user or an enterprise, and solves the problem of authorized checking of the plaintext identity information covered by the ciphertext identity information in the electronic contract, so that the plaintext identity information in the electronic contract is only checked by an authorized user or the enterprise, the safety of the plaintext identity information is further ensured, and the plaintext identity information is prevented from being leaked by an untrusted third party.
A third embodiment of the present invention provides an electronic contract signing apparatus, as shown in fig. 6, including: a receiving module S1, a plaintext processing module S2 and a contract signing module S3.
The receiving module S1 is configured to receive the electronic contract to be signed, and obtain plaintext identity information in the electronic contract to be signed;
the plaintext processing module S2 is configured to generate ciphertext identity information of the plaintext identity information, and cover the plaintext identity information in the electronic contract to be signed with the ciphertext identity information;
and the contract signing module S3 is used for acquiring a signed electronic contract carrying the ciphertext identity information, wherein the signed electronic contract is signed based on the private key of the digital certificate of the contract signing party.
According to the signing device of the electronic contract, the generated irreversible ciphertext identity information is used for covering the plaintext identity information, privacy information such as the plaintext identity information in the electronic contract is protected to the maximum extent, even if the electronic contract is illegally acquired by other people, the identity information in the contract cannot be illegally acquired by other people, the privacy information in the electronic contract cannot be leaked, the privacy leakage risk after the electronic contract is illegally stolen is reduced from the root, the leakage of the identity information of a contract signing party when the electronic contract is externally disclosed is avoided, meanwhile, the implementation magnitude is light, the implementability is strong, and the signing device can be carried in any electronic contract technology to complete privacy protection of the identity plaintext information with low modification cost.
Specifically, the receiving module S1 is specifically configured to retrieve the electronic contract to be signed to obtain plaintext identity information; alternatively, plaintext identity information of the electronic contract to be signed is extracted at a predetermined contract location.
Preferably, the plaintext processing module S2 includes: the send encode request submodule S21, the receive encode response submodule S22, and the obtain ciphertext submodule S23, as shown in fig. 7, wherein the send encode request submodule S21 is configured to send an encode request of plaintext identity information to the encode generation module; the receive code response submodule S22 is configured to receive a code response returned by the code generation module in response to the code request; and the ciphertext submodule S23 is used for acquiring the ciphertext identity information carried in the coded response.
Preferably, the apparatus further comprises: the storage submodule S24 is shown in fig. 7, where the storage submodule S24 is configured to store a corresponding relationship between the ciphertext identity information and the plaintext identity information.
Preferably, the plaintext processing module S2 includes: a graphic code generation submodule S25 and an overlay submodule S26, as shown in fig. 7, wherein the graphic code generation submodule S25 is configured to generate corresponding graphic code information based on the ciphertext identity information; and the covering submodule S26 is used for covering the plaintext identity information in the electronic contract to be signed with the graphical coding information.
Preferably, the contract signing module S3 includes: a first signing sub-module S31 and a second signing sub-module S32, as shown in fig. 7, wherein the first signing sub-module S31 is configured to perform an electronic signature on the electronic contract to be signed, which carries the ciphertext identity information, by using the stored private key of the digital certificate of the contract signing party, so as to complete signing of the electronic contract; and the second signing submodule S32 is configured to send the electronic contract to be signed carrying the ciphertext identity information to the contract signing party, and receive the electronic contract after the electronic contract to be signed carrying the ciphertext identity information is electronically signed by using the respective digital certificate private key, which is fed back by the contract signing party.
Preferably, the first signing sub-module S31 comprises: a first signing subunit S311, a sending notification subunit S312, a receiving response subunit S313, and a second signing subunit S314, as shown in fig. 7, where the first signing subunit S311 is configured to, when the received electronic contract to be signed comes from the first signing party, perform an electronic signature on the electronic contract to be signed that carries the ciphertext identity information by using a stored private key of a digital certificate that is applied for the first signing party in advance, so as to obtain the first electronic contract; a sending notification subunit S312, configured to send notification information of the signing contract to the second signing party, where the notification information carries the first electronic contract; a reception response subunit S313 for receiving response information of the authorized signing contract returned by the second signing party for the notification information; the second signing subunit S314 is configured to electronically sign the first electronic contract using the stored private key of the digital certificate previously applied for the second signer.
Preferably, the second signing sub-module S32 comprises: a first signing party signing subunit S321 and a second signing party signing subunit S322, as shown in fig. 7, where the first signing party signing subunit is configured to send the electronic contract to be signed carrying the ciphertext identity information to the first signing party, and receive a second electronic contract returned by the first signing party, where the second electronic contract is an electronic contract obtained by the first signing party using its digital certificate private key to electronically sign the electronic contract to be signed carrying the ciphertext identity information; the second signer signing subunit S322 is configured to send the second electronic contract to the second signer, and receive a third electronic contract returned by the second signer, where the third electronic contract is an electronic contract obtained by the second signer electronically signing the second electronic contract with the digital certificate private key of the second signer.
Preferably, the above apparatus further comprises: the viewing request receiving module S4 and the viewing response sending module S5 are, as shown in fig. 7, the viewing request receiving module S4 is configured to receive a request sent by a user to view plaintext identity information corresponding to the ciphertext identity information in the electronic contract; and the viewing response sending module S5 is used for sending corresponding viewing response to the user according to the viewing authority of the user.
Preferably, the send view response module includes: the judgment sub-module S51, the first view response sub-module S52, and the second view response sub-module S53 are shown in fig. 7, wherein the judgment sub-module S51 is configured to judge whether the user has a view right; the first viewing response submodule S52 is configured to send a viewing response carrying plaintext identity information corresponding to the ciphertext identity information to the user when the user has the viewing right; the second viewing response submodule S53 is configured to, when the user does not have the viewing right, send the viewing request to a relevant party of the electronic contract, and send a corresponding viewing response to the user according to the received authorization response returned by the relevant party for the viewing request; the related parties comprise: a contractual signing party or a third party authorized by the contractual signing party.
Preferably, the second view response submodule is specifically configured to send, to the user, a view response carrying plaintext identity information corresponding to the ciphertext identity information when receiving an authorization response that the relevant parties all return authorization to view for the view request.
Preferably, the above apparatus further comprises: the searching submodule S54, as shown in fig. 7, is configured to search, according to a correspondence between the pre-stored ciphertext identity information and plaintext identity information, plaintext identity information corresponding to the ciphertext identity information in the searching submodule S54.
According to another aspect, the fourth embodiment of the present invention further provides a server, including: the electronic contract signing method comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein the processor realizes the electronic contract signing method of the first embodiment and the second embodiment when executing the program.
Those skilled in the art will appreciate that the present invention includes apparatus directed to performing one or more of the operations described in the present application. These devices may be specially designed and manufactured for the required purposes, or they may comprise known devices in general-purpose computers. These devices have stored therein computer programs that are selectively activated or reconfigured. Such a computer program may be stored in a device (e.g., computer) readable medium, including, but not limited to, any type of disk including floppy disks, hard disks, optical disks, CD-ROMs, and magnetic-optical disks, ROMs (Read-Only memories), RAMs (Random Access memories), EPROMs (Erasable programmable Read-Only memories), EEPROMs (Electrically Erasable programmable Read-Only memories), flash memories, magnetic cards, or optical cards, or any type of media suitable for storing electronic instructions, and each coupled to a bus. That is, a readable medium includes any medium that stores or transmits information in a form readable by a device (e.g., a computer).
It will be understood by those within the art that each block of the block diagrams and/or flowchart illustrations, and combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. Those skilled in the art will appreciate that the computer program instructions may be implemented by a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, implement the features specified in the block or blocks of the block diagrams and/or flowchart illustrations of the present disclosure.
Those of skill in the art will appreciate that various operations, methods, steps in the processes, acts, or solutions discussed in the present application may be alternated, modified, combined, or deleted. Further, various operations, methods, steps in the flows, which have been discussed in the present application, may be interchanged, modified, rearranged, decomposed, combined, or eliminated. Further, steps, measures, schemes in the various operations, methods, procedures disclosed in the prior art and the present invention can also be alternated, changed, rearranged, decomposed, combined, or deleted.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (25)

1. A method of signing an electronic contract, comprising:
receiving an electronic contract to be signed, and acquiring plaintext identity information in the electronic contract to be signed;
generating ciphertext identity information of the plaintext identity information, and covering the plaintext identity information in the electronic contract to be signed by using the ciphertext identity information;
and acquiring a signed electronic contract carrying the ciphertext identity information, wherein the signed electronic contract is signed based on a digital certificate private key of a contract signing party.
2. The method for signing an electronic contract according to claim 1, wherein the acquiring of plaintext identity information in the electronic contract to be signed comprises:
retrieving the electronic contract to be signed to acquire the plaintext identity information; or,
plaintext identity information of the electronic contract to be signed is extracted at a predetermined contract location.
3. The method for signing an electronic contract according to claim 1 or 2, wherein the generating of the ciphertext identity information of the plaintext identity information comprises:
sending an encoding request of the plaintext identity information to an encoding generation module;
receiving a coding response returned by the coding generation module for the coding request;
and acquiring the ciphertext identity information carried in the coded response.
4. The method for signing an electronic contract according to claim 3, further comprising, after the obtaining of the ciphertext identity information carried in the encoded response:
and storing the corresponding relation between the ciphertext identity information and the plaintext identity information.
5. The method for signing an electronic contract according to claim 1 or 2, wherein the overwriting of plaintext identity information in the electronic contract to be signed with the ciphertext identity information comprises:
generating corresponding graphic coding information based on the ciphertext identity information;
and covering the plaintext identity information in the electronic contract to be signed by using the graphical coding information.
6. The method for signing an electronic contract according to claim 1 or 2, wherein the acquiring the signed electronic contract carrying the ciphertext identity information comprises:
performing electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a stored digital certificate private key of a contract signing party to finish signing the electronic contract; or,
and sending the electronic contract to be signed carrying the ciphertext identity information to a contract signing party, and receiving the electronic contract fed back by the contract signing party and signed by using the electronic contract to be signed carrying the ciphertext identity information by using respective digital certificate private keys.
7. The method for signing an electronic contract as claimed in claim 6, wherein the step of electronically signing the electronic contract to be signed carrying the ciphertext identity information by using the stored private key of the digital certificate of the contract signing party to complete signing the electronic contract comprises the steps of:
if the received electronic contract to be signed comes from the first signing party, carrying out electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a stored digital certificate private key applied for the first signing party in advance to obtain a first electronic contract;
sending notification information of a signing contract to a second signing party, wherein the notification information carries the first electronic contract;
receiving response information of an authorized signing contract returned by the second signing party aiming at the notification information;
and electronically signing the first electronic contract by using a stored private key of the digital certificate applied for the second signing party in advance.
8. The method for signing an electronic contract according to claim 6, wherein the sending the electronic contract to be signed carrying the ciphertext identity information to the contract signing party and receiving the electronic contract fed back by the contract signing party after the electronic contract to be signed carrying the ciphertext identity information is electronically signed by using the respective digital certificate private key comprises:
sending the electronic contract to be signed carrying the ciphertext identity information to a first signing party, and receiving a second electronic contract returned by the first signing party, wherein the second electronic contract is obtained by the first signing party after the first signing party utilizes a digital certificate private key thereof to electronically sign the electronic contract to be signed carrying the ciphertext identity information;
and sending the second electronic contract to a second signing party, and receiving a third electronic contract returned by the second signing party, wherein the third electronic contract is obtained by the second signing party through electronic signature on the second electronic contract by using a digital certificate private key of the second signing party.
9. The method of signing an electronic contract of claim 1, further comprising:
receiving a request for checking plaintext identity information corresponding to ciphertext identity information in an electronic contract, which is sent by a user;
and sending a corresponding viewing response to the user according to the viewing permission of the user.
10. The method for signing an electronic contract according to claim 9, wherein said sending a corresponding viewing response to a user according to the user's viewing right comprises:
judging whether the user has a viewing authority or not;
if the user has the checking authority, sending a checking response carrying the plaintext identity information corresponding to the ciphertext identity information to the user;
if the user does not have the viewing authority, sending the viewing request to a related party of the electronic contract, and sending a corresponding viewing response to the user according to the received authorization response returned by the related party to the viewing request; the interested parties include a contract signing party or a third party authorized by the contract signing party.
11. The method for viewing the private information in the electronic contract according to claim 10, wherein the sending a corresponding viewing response to the user according to the received authorization response returned by the relevant party for the viewing request comprises:
and if receiving an authorization response authorizing the checking returned by the relevant parties aiming at the checking request, sending a checking response carrying the plaintext identity information corresponding to the ciphertext identity information to the user.
12. The method for viewing the private information in the electronic contract according to claim 10 or 11, before sending the viewing response carrying the plaintext identification information corresponding to the ciphertext identification information to the user, further comprising:
and searching the plaintext identity information corresponding to the ciphertext identity information according to the pre-stored corresponding relationship between the ciphertext identity information and the plaintext identity information.
13. An electronic contract signing apparatus, comprising:
the receiving module is used for receiving the electronic contract to be signed and acquiring the plaintext identity information in the electronic contract to be signed;
the plaintext processing module is used for generating ciphertext identity information of the plaintext identity information and covering the plaintext identity information in the electronic contract to be signed by using the ciphertext identity information;
and the contract signing module is used for acquiring a signed electronic contract carrying the ciphertext identity information, wherein the signed electronic contract is signed based on a digital certificate private key of a contract signing party.
14. The apparatus for signing an electronic contract according to claim 13, wherein the receiving module is specifically configured to retrieve the electronic contract to be signed to obtain the plaintext identity information; alternatively, plaintext identity information of the electronic contract to be signed is extracted at a predetermined contract location.
15. The apparatus for signing an electronic contract according to claim 13 or 14, wherein the plaintext processing module comprises: a coding request sending submodule, a coding response receiving submodule and a ciphertext obtaining submodule;
the encoding request sending submodule is used for sending an encoding request of the plaintext identity information to an encoding generation module;
the code response receiving submodule is used for receiving a code response returned by the code generating module aiming at the code request;
and the ciphertext obtaining submodule is used for obtaining the ciphertext identity information carried in the coded response.
16. The apparatus for signing an electronic contract according to claim 15, further comprising: a storage submodule;
and the storage submodule is used for storing the corresponding relation between the ciphertext identity information and the plaintext identity information.
17. The apparatus for signing an electronic contract according to claim 13 or 14, wherein the plaintext processing module comprises: a graph code generation submodule and a coverage submodule;
the graphic code generation submodule is used for generating corresponding graphic code information based on the ciphertext identity information;
and the covering submodule is used for covering the plaintext identity information in the electronic contract to be signed by utilizing the graphic coding information.
18. The apparatus for signing an electronic contract according to claim 13 or 14, wherein the contract signing module comprises: the first signing sub-module and the second signing sub-module;
the first signing sub-module is used for carrying out electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using the stored digital certificate private key of the contract signing party so as to finish signing the electronic contract;
and the second signing sub-module is used for sending the electronic contract to be signed carrying the ciphertext identity information to a contract signing party and receiving the electronic contract which is fed back by the contract signing party and is subjected to electronic signature signing on the electronic contract to be signed carrying the ciphertext identity information by using respective digital certificate private keys.
19. The electronic contract signing apparatus of claim 18, wherein said first signing sub-module comprises: the system comprises a first signing subunit, a notification sending subunit, a response receiving subunit and a second signing subunit;
the first signing subunit is used for performing electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a stored digital certificate private key applied to the first signing party in advance when the received electronic contract to be signed comes from the first signing party to obtain a first electronic contract;
the sending notification subunit is configured to send notification information of a signing contract to a second signing party, where the notification information carries the first electronic contract;
the response receiving subunit is configured to receive response information of an authorized signing contract returned by the second signing party for the notification information;
and the second signing subunit is used for electronically signing the first electronic contract by using a stored private key of a digital certificate applied for a second signing party in advance.
20. The electronic contract signing apparatus of claim 18, wherein said second signing sub-module comprises: the first signing party signing subunit and the second signing party signing subunit;
the first signing party signing subunit is used for sending the electronic contract to be signed carrying the ciphertext identity information to the first signing party and receiving a second electronic contract returned by the first signing party, wherein the second electronic contract is the electronic contract obtained by the first signing party performing electronic signature on the electronic contract to be signed carrying the ciphertext identity information by using a digital certificate private key of the first signing party;
and the second signing party signing subunit is used for sending the second electronic contract to the second signing party and receiving a third electronic contract returned by the second signing party, wherein the third electronic contract is an electronic contract obtained by the second signing party through electronic signature on the second electronic contract by using a digital certificate private key of the second signing party.
21. The apparatus for signing an electronic contract according to claim 13, further comprising: the checking request receiving module and the checking response sending module are connected with the checking request receiving module;
the checking request receiving module is used for receiving a request sent by a user for checking plaintext identity information corresponding to ciphertext identity information in an electronic contract;
and the viewing response sending module is used for sending corresponding viewing response to the user according to the viewing permission of the user.
22. The apparatus for signing an electronic contract according to claim 21, wherein said viewing response sending module comprises: the judgment sub-module, the first viewing response sub-module and the second viewing response sub-module;
the judgment submodule is used for judging whether the user has the viewing permission;
the first viewing response submodule is used for sending a viewing response carrying plaintext identity information corresponding to the ciphertext identity information to the user when the user has viewing right;
the second viewing response submodule is used for sending the viewing request to a relevant party of the electronic contract when the user does not have the viewing right, and sending a corresponding viewing response to the user according to the received authorization response returned by the relevant party aiming at the viewing request; the related party comprises: a contractual signing party or a third party authorized by the contractual signing party.
23. The signing device of the electronic contract according to claim 22, wherein the second viewing response submodule is specifically configured to send, to the user, a viewing response carrying plaintext identity information corresponding to the ciphertext identity information, when receiving an authorization response that the relevant parties all return authorization to view in response to the viewing request.
24. The apparatus for signing an electronic contract according to claim 23, further comprising: searching a sub-module;
and the searching submodule is used for searching the plaintext identity information corresponding to the ciphertext identity information according to the pre-stored corresponding relation between the ciphertext identity information and the plaintext identity information.
25. A server comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of signing an electronic contract as claimed in any one of claims 1 to 13 when executing the program.
CN201710941441.5A 2017-10-11 2017-10-11 The signature method, apparatus and server of electronic contract Pending CN109660494A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710941441.5A CN109660494A (en) 2017-10-11 2017-10-11 The signature method, apparatus and server of electronic contract

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710941441.5A CN109660494A (en) 2017-10-11 2017-10-11 The signature method, apparatus and server of electronic contract

Publications (1)

Publication Number Publication Date
CN109660494A true CN109660494A (en) 2019-04-19

Family

ID=66109085

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710941441.5A Pending CN109660494A (en) 2017-10-11 2017-10-11 The signature method, apparatus and server of electronic contract

Country Status (1)

Country Link
CN (1) CN109660494A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110334343A (en) * 2019-06-12 2019-10-15 阿里巴巴集团控股有限公司 The method and system that individual privacy information extracts in a kind of contract
CN111428216A (en) * 2020-04-12 2020-07-17 中信银行股份有限公司 Method, device, storage medium and electronic equipment for identifying client identity based on electronic protocol
CN111431725A (en) * 2020-04-12 2020-07-17 中信银行股份有限公司 Method for signing, changing and verifying validity of electronic agreement in bank system, electronic agreement management system and readable storage medium
CN111585966A (en) * 2020-04-08 2020-08-25 北京科蓝软件系统股份有限公司 End, pipe and cloud integrated internet credible exhibition industry safety system
CN112560110A (en) * 2020-12-08 2021-03-26 爱信诺征信有限公司 Signing method and device of authorization protocol, electronic equipment and storage medium
CN114519206A (en) * 2022-04-21 2022-05-20 杭州天谷信息科技有限公司 Method for anonymously signing electronic contract and signature system
CN114553441A (en) * 2022-04-22 2022-05-27 杭州天谷信息科技有限公司 Electronic contract signing method and system
CN114785506A (en) * 2022-06-17 2022-07-22 杭州天谷信息科技有限公司 Electronic contract signing method
CN115276997A (en) * 2022-05-17 2022-11-01 上海亘岩网络科技有限公司 Electronic signature generation method, apparatus, computer-readable storage medium and electronic device

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008065346A2 (en) * 2006-12-01 2008-06-05 David Irvine Secure messaging and data sharing
CN103377347A (en) * 2012-04-24 2013-10-30 腾讯科技(深圳)有限公司 File encryption and decryption method and device
CN103559451A (en) * 2013-10-21 2014-02-05 宇龙计算机通信科技(深圳)有限公司 Method and device for protecting and displaying privacy information
CN104331800A (en) * 2014-09-27 2015-02-04 武钢集团昆明钢铁股份有限公司 Sale false-proof system and method
CN105245342A (en) * 2015-09-14 2016-01-13 中合国际知识产权股份有限公司 Smart phone-based electronic contract signing method and system
CN105893871A (en) * 2016-03-29 2016-08-24 清华大学 Data safety protection method and device based on data partitioning
CN105989297A (en) * 2015-02-03 2016-10-05 阿里巴巴集团控股有限公司 Encryption and decryption method and device of electronic prescription
CN106301782A (en) * 2016-07-26 2017-01-04 杭州文签网络技术有限公司 A kind of signature method and system of electronic contract
CN106302312A (en) * 2015-05-13 2017-01-04 阿里巴巴集团控股有限公司 Obtain the method and device of e-file
CN106446710A (en) * 2016-09-29 2017-02-22 广州鹤互联网科技有限公司 Signed-document encrypting and safety browsing device and method thereof
CN106850187A (en) * 2017-01-13 2017-06-13 温州大学瓯江学院 A kind of privacy character information encrypted query method and system

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008065346A2 (en) * 2006-12-01 2008-06-05 David Irvine Secure messaging and data sharing
CN103377347A (en) * 2012-04-24 2013-10-30 腾讯科技(深圳)有限公司 File encryption and decryption method and device
CN103559451A (en) * 2013-10-21 2014-02-05 宇龙计算机通信科技(深圳)有限公司 Method and device for protecting and displaying privacy information
CN104331800A (en) * 2014-09-27 2015-02-04 武钢集团昆明钢铁股份有限公司 Sale false-proof system and method
CN105989297A (en) * 2015-02-03 2016-10-05 阿里巴巴集团控股有限公司 Encryption and decryption method and device of electronic prescription
CN106302312A (en) * 2015-05-13 2017-01-04 阿里巴巴集团控股有限公司 Obtain the method and device of e-file
CN105245342A (en) * 2015-09-14 2016-01-13 中合国际知识产权股份有限公司 Smart phone-based electronic contract signing method and system
CN105893871A (en) * 2016-03-29 2016-08-24 清华大学 Data safety protection method and device based on data partitioning
CN106301782A (en) * 2016-07-26 2017-01-04 杭州文签网络技术有限公司 A kind of signature method and system of electronic contract
CN106446710A (en) * 2016-09-29 2017-02-22 广州鹤互联网科技有限公司 Signed-document encrypting and safety browsing device and method thereof
CN106850187A (en) * 2017-01-13 2017-06-13 温州大学瓯江学院 A kind of privacy character information encrypted query method and system

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110334343A (en) * 2019-06-12 2019-10-15 阿里巴巴集团控股有限公司 The method and system that individual privacy information extracts in a kind of contract
CN111585966A (en) * 2020-04-08 2020-08-25 北京科蓝软件系统股份有限公司 End, pipe and cloud integrated internet credible exhibition industry safety system
CN111428216A (en) * 2020-04-12 2020-07-17 中信银行股份有限公司 Method, device, storage medium and electronic equipment for identifying client identity based on electronic protocol
CN111431725A (en) * 2020-04-12 2020-07-17 中信银行股份有限公司 Method for signing, changing and verifying validity of electronic agreement in bank system, electronic agreement management system and readable storage medium
CN112560110A (en) * 2020-12-08 2021-03-26 爱信诺征信有限公司 Signing method and device of authorization protocol, electronic equipment and storage medium
CN114519206A (en) * 2022-04-21 2022-05-20 杭州天谷信息科技有限公司 Method for anonymously signing electronic contract and signature system
CN114553441A (en) * 2022-04-22 2022-05-27 杭州天谷信息科技有限公司 Electronic contract signing method and system
CN115276997A (en) * 2022-05-17 2022-11-01 上海亘岩网络科技有限公司 Electronic signature generation method, apparatus, computer-readable storage medium and electronic device
CN114785506A (en) * 2022-06-17 2022-07-22 杭州天谷信息科技有限公司 Electronic contract signing method

Similar Documents

Publication Publication Date Title
CN109660494A (en) The signature method, apparatus and server of electronic contract
CN107864115B (en) Method for user account login verification by using portable terminal
CN109740384B (en) Data certification method and device based on blockchain
CN108510426B (en) Information security processing method, device, equipment and computer storage medium
US20160140548A1 (en) Method for performing non-repudiation, and payment managing server and user device therefor
CN106534148B (en) Access control method and device for application
JP5167835B2 (en) User authentication system, method, program, and medium
CN106027552A (en) Method and system for accessing cloud storage data by user
CN105591744A (en) Network real-name authentication method and system
CN106709280A (en) Method, client and server for processing information
Doshi et al. A review paper on security concerns in cloud computing and proposed security models
AU2019204724B2 (en) Cryptography chip with identity verification
CN111355591A (en) Block chain account safety management method based on real-name authentication technology
CN111193755A (en) Data access method, data encryption method and data encryption and access system
CN111859439A (en) Electronic contract processing method and device and electronic equipment
CN116232700A (en) Login authentication method, device, computer equipment, storage medium
CN115222002A (en) Two-dimensional code generation method, scanning method, device and electronic device
CN108462699A (en) Based on the encrypted Quick Response Code generation of sequential and verification method and system
CN112733127A (en) Bidirectional authentication method and system based on block chain
Cai et al. DWTAT-DASIS: Fusion of discrete wavelet transform and access tree for distributed authentication in secret image sharing
CN112351043A (en) Vehicle navigation factory setting password management method and system
CN108183802B (en) Digital signature generation method and device
CN109951423B (en) System, method and device for identity authentication and server
CN109951422B (en) Identity authentication method, system, device and server
CN114844661B (en) System, method, equipment and storage medium for realizing remote authority verification management

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190419

RJ01 Rejection of invention patent application after publication