CN102025738B - Method, equipment and system for processing transaction message - Google Patents
Method, equipment and system for processing transaction message Download PDFInfo
- Publication number
- CN102025738B CN102025738B CN201010580896.7A CN201010580896A CN102025738B CN 102025738 B CN102025738 B CN 102025738B CN 201010580896 A CN201010580896 A CN 201010580896A CN 102025738 B CN102025738 B CN 102025738B
- Authority
- CN
- China
- Prior art keywords
- transaction message
- message section
- client host
- cipher key
- key equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 239000003550 marker Substances 0.000 claims description 29
- 238000004891 communication Methods 0.000 claims description 22
- 230000000694 effects Effects 0.000 claims description 17
- 238000012790 confirmation Methods 0.000 claims description 11
- 238000003672 processing method Methods 0.000 claims description 11
- 238000012163 sequencing technique Methods 0.000 claims 1
- 238000012546 transfer Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 5
- SGUAFYQXFOLMHL-UHFFFAOYSA-N 2-hydroxy-5-{1-hydroxy-2-[(4-phenylbutan-2-yl)amino]ethyl}benzamide Chemical compound C=1C=C(O)C(C(N)=O)=CC=1C(O)CNC(C)CCC1=CC=CC=C1 SGUAFYQXFOLMHL-UHFFFAOYSA-N 0.000 description 4
- 229940108522 trandate Drugs 0.000 description 4
- 230000005540 biological transmission Effects 0.000 description 3
- 230000001186 cumulative effect Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Landscapes
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention provides a method, equipment and a system for processing a transaction message and belongs to the field of information security. The method comprises the steps of: generating the transaction message by a client host according to transaction information, dividing the transaction message into a plurality of sections based on the fact whether the content in the transaction message needs to be displayed, sending the divided transaction message to intelligent secret key equipment and simultaneously marking the transaction message needing to be displayed, receiving the divided transaction message sections by the intelligent secret key equipment, operating the transaction message sections and judging whether the transaction message sections need to be displayed, if yes, storing the transaction message sections needing to be displayed in a display cache area, displaying the transaction message sections stored in the display cache area after receiving a signature instruction, performing signature operation, and then feeding back the signature result to the client host, if no, directly displaying the transaction message sections stored in the display cache area after receiving the signature instruction, performing the signature operation, and feeding back the signature result to the client host.
Description
Technical field
The present invention relates to information security field, particularly a kind of processing method of transaction message, equipment and system.
Background technology
At present, the transmission of network file, internet bank trade have become people's life or a part for work, so the fail safe of network just becomes the focus that people pay close attention to more.
In order to ensure network data, in transmitting procedure, can, by people's malicious modification, there is not digital signature technology.Digital signature technology carries out the technology of authentication.Along with development and the application of this technology, in the process that bank concludes the business especially on the net, the signature process of data has been developed into and can in a kind of intelligent cipher key equipment, have been carried out.The process that the signature of data is carried out in intelligent cipher key equipment mainly comprises: client host is before mailing to server by data, first data are sent to intelligent cipher key equipment inside, in the signature process of the inner complete paired data of intelligent cipher key equipment, with this, guarantee the fail safe of data message again.
In the prior art, in order to guarantee the fail safe of digital signature, normally in intelligent cipher key equipment inside, according to default rule, transaction message is resolved, then to resolving the content obtaining, sign, but the resource-constrained due to intelligent cipher key equipment, in intelligent cipher key equipment inside, more complicated or longer transaction message is resolved and is just relatively difficult to realize, therefore be also difficult to process the rule of more complicated, can not process longer transaction message.
Summary of the invention
In order to solve deficiency of the prior art, the invention provides a kind of processing method, equipment and system of transaction message, guaranteed the fail safe of signature, improved flexibility, accelerated the treatment effeciency to transaction message.
A processing method for transaction message, described method comprises:
Client host and intelligent cipher key equipment connect, and according to Transaction Information, generate transaction message;
Whether described client host needs to show according to the content in described transaction message is divided into some sections by described transaction message;
Described client host is issued described intelligent cipher key equipment successively by the transaction message section after described cutting apart, and the transaction message section simultaneously needs being shown is carried out mark;
Transaction message section after cutting apart described in described intelligent cipher key equipment receives, carries out computing to described transaction message section, and judges whether described transaction message section needs to show;
If desired, by the described transaction message Duan Cundao display buffer district that needs to show, and show and be stored in the transaction message section in display buffer district after receiving signature command, carry out signature operation, signature result is returned to described client host;
If do not need, directly after receiving signature command, show and be stored in the transaction message section in display buffer district, and carry out signature operation, signature result is returned to described client host.
A client host, described client host is connected with intelligent cipher key equipment, comprising:
Interface module, for being connected with described intelligent cipher key equipment;
Communication module, for carrying out communication with described intelligent cipher key equipment;
Input module, for inputting relationship trading information for user;
Generation module, for generating transaction message according to the described Transaction Information of user's input;
Judge module, for judging whether the content of described transaction message needs to show;
Cut apart module, for judging according to described judge module whether the content of the described transaction message obtaining needs to show, described transaction message is divided into some sections;
Mark module, carries out mark for the transaction message section that described needs are shown.
An intelligent cipher key equipment, described intelligent cipher key equipment is connected with client host, comprising:
Interface module, for being connected with described client host;
Communication module, for carrying out communication with described client host, specifically for receiving the transaction message section after cutting apart that described client host sends;
Computing module, for carrying out computing to described transaction message section;
Judge module, for judging whether described transaction message section needs to show;
Memory module, the transaction message section showing for storing needs that the judgement of described judge module obtains;
Display module, for the transaction message section that shows that described memory module is stored;
Signature blocks, for carrying out signature operation.
A treatment system for transaction message, described system comprises client host and intelligent cipher key equipment, described intelligent cipher key equipment is connected with described client host;
Described client host, for connecting with described intelligent cipher key equipment, according to Transaction Information, generate transaction message, described transaction message is resolved, according to the content in described transaction message, whether need to show described transaction message is divided into some sections, transaction message section after described cutting apart is sent to described intelligent cipher key equipment, and the transaction message section simultaneously needs being shown is carried out mark;
Described intelligent cipher key equipment, for receiving the transaction message section after cutting apart that described client host sends, described transaction message section is carried out to computing, judge whether described transaction message section needs to show, if desired, by in described transaction message Duan Cundao display buffer district, and be stored in the transaction message section in display buffer district described in showing after receiving signature command, carry out signature operation, and signature result is returned to described client host, if do not need, described in directly showing, be stored in the transaction message section in display buffer district after receiving signature command, carry out signature operation, and signature result is returned to described client host.
Beneficial effect of the present invention is: the invention provides the method, apparatus and system that a kind of transaction message is processed, by method, apparatus and system provided by the invention, transaction message can be resolved at client host, without resolving in intelligent cipher key equipment inside, and guaranteed the safety that intelligent cipher key equipment is signed to the information of needs signature, improve flexibility, accelerated the treatment effeciency to transaction message.
Accompanying drawing explanation
The flow chart of the processing method of a kind of transaction message that Fig. 1 provides for the present embodiment;
The structure chart of the treatment facility of a kind of transaction message that Fig. 2 provides for the present embodiment;
The treatment system figure of a kind of transaction message that Fig. 3 provides for the present embodiment.
Embodiment
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing, embodiment of the present invention is done further and described in detail.
Embodiment 1
The embodiment of the present invention provides a kind of processing method of transaction message, and the intelligent cipher key equipment of specifically take describes as USBKey.In the present embodiment, USB Key is connected to client host, and on above-mentioned USB Key with output device and input unit.
Referring to Fig. 1, a kind of processing method of transaction message, specific implementation step is as follows:
Step 101: client host and USB Key connect;
Step 102: client host receives the Transaction Information of user's input, and generate transaction message according to above-mentioned Transaction Information;
In the present embodiment step 102, the Transaction Information of user that client host receives input can be that the input unit by client host receives, simultaneously on USB Key during with input unit, the Transaction Information of user's input that client host receives can be also that the input unit by USB Key receives;
In embodiments of the present invention, the Transaction Information of user's input can be:
Produce account: 6222030200000384
Proceed to account: 6227881000987
The amount of money: 1000.5
Time: 2009-12-06
In embodiments of the present invention, the form of transaction message has multiple;
Preferably, in the present embodiment, can generate the transaction message of XML form according to above-mentioned Transaction Information, be transaction message 1, and particularly, transaction message 1 is:
<, xml, version = "1.0" encoding = "utf-8",> <SignData> <TradeType,name="Industry transfer"> innerTransfer </ TradeType> <SubType, name = "payroll card "> salary, card </ SubType> <Timestamp> 12345 </ Timestamp> <Fields> <PayerAcNo,name="Transfer accounts:"> 6222030200000384 </ PayerAcNo> <PayeeAcNo, name =" turn into account: "> 6227881000987 </ PayeeAcNo> <Amount,name="cash:"> 1000.5 </ Amount> <TranDate,name="time:"> 2009-12-06 </ TranDate> <JnlNo> xxxxxxx </ JnlNo> </ Fields> </ SignData>
Or,
In the embodiment of the present invention, the Transaction Information of user's input can also be:
Proceed to account number: 6227881000987
The amount of money: 1000.5
Correspondingly, according to above-mentioned Transaction Information, also can generate the transaction message that is not XML form, be transaction message 2, and particularly, the transaction message 2 of generation is:
The * toAccountNo=6227881000987*amount=1000.5*purpose=transaction payment of transferring accounts in accountNoFrom=6222030200000384*fromName=is capable * remark=2009-12-06
Whether step 103: client host is resolved transaction message, need to show according to the content in transaction message transaction message is divided into some sections;
In the present embodiment step 103, whether client host needs to show that according to the content in transaction message transaction message is divided into the operation of some sections to be specially:
Whether client host first needs to show according to the content in the rule judgment transaction message of making an appointment, whether according to the content in transaction message, need to show again transaction message is divided into some sections, the rule of wherein making an appointment is that client host and USB Key make an appointment;
Particularly, in the present embodiment, when transaction message is the transaction message of XML form, the rule of making an appointment is:
Judge in transaction message whether contain Fields element, in transaction message, contain Fields element, and the daughter element of Fields element is with name attribute, needs the content showing to comprise the value of name attribute and the value of element; And for other elements in transaction message, if in these elements with name attribute, the content that needs to show also comprises the value of name attribute in these elements; And the display section of each element has a line of one's own;
For example, according to above-mentioned rule, can obtain needing in the transaction message 1 of the present embodiment the content showing to be:
In row, transfer accounts
Wage card
Produce account: 6222030200000384
Proceed to account: 6227881000987
The amount of money: 1000.5
Time: 2009-12-06
Correspondingly, the some transaction message sections after transaction message 1 is cut apart are specially:
<?xml?version=″1.0″encoding=″utf-8″?><SignData><TradeType?name=″
In row, transfer accounts
″>innerTransfer</TradeType><SubType?name=″
Wage card
″>salary card</SubType><Timestamp>12345</Timestamp><Fields><PayerAcNo?name=″
Produce account:
″>
6222030200000384
</PayerAcNo><PayeeAcNo?name=″
Proceed to account:
″>
6227881000987
</PayeeAcNo><Amount?name=″
The amount of money:
″>
1000.5
</Amount><TranDate?name=″
Time:
″>
2009-12-06
</TranDate><JnlNo>xxxxxxx</JnlNo></Fields></SignData>
From above-mentioned transaction message, can find out that transaction message and former transaction message cutting apart are as broad as long, transaction message is not cut apart transaction message is changed, every a line just represents one section of transaction message after cutting apart, in the present embodiment, client host has been divided into 21 sections by transaction message;
Or,
When transaction message is not the transaction message of XML form, and transaction message is specially X=Y structure, and centre is while separating with No. *, and the rule of making an appointment can also be:
The Y when content need showing is X=toAccountNo and X=amount, what wherein toAccountNo represented in practical business is to proceed to account number, and Amount represents, is the amount of money;
For example, according to above-mentioned rule, can obtain needing in the transaction message 2 of the present embodiment the content showing to be:
6227881000987
1000.5
Correspondingly, the some transaction message sections after transaction message 2 is cut apart are specially:
* toAccountNo=transfers accounts in accountNoFrom=6222030200000384*fromName=is capable
6227881000987
*amount=
1000.5
* purpose=transaction payment * remark=2009-12-06
From above-mentioned transaction message, also can find out transaction message is not cut apart transaction message is changed, every a line just represents one section of transaction message after cutting apart, and in the present embodiment, client host has been divided into 5 sections by transaction message;
, in the present embodiment, can also will between the some transaction message sections after cutting apart, with separator, separate meanwhile, separator can be " * " number, " # " and "; " etc.
Step 104: client host is issued USB Key successively by several transaction message sections after cutting apart, the transaction message section simultaneously needs being shown is carried out mark;
Particularly, in the present embodiment, client host is issued USB Key by some Hash instructions by the some transaction message sections after cutting apart, wherein every instruction comprises a transaction message section, the length of each transaction message section can be not identical, last transaction message section can be issued USBKey by Ha sh instruction equally, and then use does not show that with the Sign instruction of data transaction message is sent, or directly with Sign instruction, carries last transaction message section and issue USB Key;
Wherein, the method that the transaction message section that needs are shown is carried out mark has two kinds, is respectively:
Method one, carries out mark with checking marker character to the transaction message section of needs demonstration;
The transaction message 1 of take describes as example, and in transaction message 1, the transaction message section that need to carry out mark is specially:
In row, transfer accounts
Wage card
Produce account:
6222030200000384
Proceed to account:
6227881000987
The amount of money:
1000.5
Time:
2009-12-06
Wherein, checking marker character is that client host and USB Key make an appointment, and with checking marker character, transaction message section is carried out to mark transaction message itself is not had to any change;
Further, in the present embodiment, the word and the control character that in can also the transaction message section after cutting apart, add the modified of some computings that do not participate in signing, to improve display effect, improve user's experience, the word of these modifieds and control character can't change transaction message section and precedence thereof.
Method two, carries out mark by the corresponding flag bit of each transaction message section being arranged to the transaction message section that needs are shown, wherein flag bit refer to that client host and USB Key make an appointment by some bytes;
In the present embodiment, each transaction message section after cutting apart first flag bit of all making an appointment, by the first flag bit being arranged to the transaction message section that not only can show needs, carry out mark, can also whether participate in computing to this transaction message section and carry out mark, when the first flag bit is set to the first about definite value, represent that this transaction message section participates in computing, but do not need to show, when the first flag bit is set to the second about definite value, represent that this transaction message section participates in computing, and need to show, when the first flag bit is set to the 3rd about definite value, represent that this transaction message section does not participate in computing, but need to show, wherein the first about definite value, the second about definite value and the 3rd about definite value are that client host and USB Key make an appointment,
Particularly, the present embodiment be take the first about definite value, the second about definite value and the 3rd about definite value and is respectively 0,1 and 2 and illustrates as example, is about to the first flag bit and is set at 0 o'clock, represents that this transaction message section participates in computing, but does not need to show; The first flag bit is set at 1 o'clock, represents that this transaction message section participates in computing, and need to show; The first flag bit is set at 2 o'clock, represents that this transaction message section does not participate in computing, but need to show;
In the method, client host also needs to pass down some and need to show but the Chinese Fields that do not need to participate in signature in the transaction message section passing down after cutting apart, so that user understands;
The transaction message 2 of specifically take describes as example, in transaction message 2, client host passes " proceed to account number: " and " amount of money: " Chinese Fields under also needing in the transaction message section passing down after cutting apart, and by the first flag bit of each transaction message section correspondence is arranged, whether each transaction message section is needed to show and whether need to participate in computing carry out mark, specific as follows:
* toAccountNo=transfers accounts in accountNoFrom=6222030200000384*fromName=is capable
The first flag bit is set to 0;
Proceed to account number:
The first flag bit is set to 2;
6227881000987
The first flag bit is set to 1;
*amount=
The first flag bit is set to 0;
The amount of money:
The first flag bit is set to 2;
1000.5
The first flag bit is set to 1;
* purpose=transaction payment * remark=2009-12-06
The first flag bit is set to 0;
Further, in order to strengthen display effect, make user's easy to understand, can also when making an appointment the first flag bit, arrange second flag bit, by the second flag bit is set when the first flag bit is set, strengthen display effect, specifically see table;
Correspondingly, the actual sequence of message passing is down as follows:
Correspondingly, final display effect is:
Proceed to account number: 6227881000987
The amount of money: 1000.5
Step 105:USB Key receives several transaction message sections after cutting apart of client host transmission successively, and to the transaction message section the receiving HASH computing of dividing into groups, the result and the remaining part of grouping that retain this calculating, as the initial parameters of next Hash grouping computing, and cumulative data length;
In the present embodiment step 105, to the transaction message section receiving, the HASH computing of dividing into groups specifically also comprises: judgement is to carry out mark with checking the transaction message section that marker character shows needs, or carries out mark by the first flag bit being arranged to the transaction message section that needs are shown;
When being when checking transaction message section that marker character shows needs and carry out mark, the All Activity message segment that 105 pairs of this steps the receive HASH computing of dividing into groups;
When being when the first flag bit being arranged to the transaction message section that needs are shown and carry out mark, this step 105 also comprises that judgement the first flag bit is set to 0 or 1 or be set to 2, if be set to 0 or at 1 o'clock, represent that this transaction message section need to participate in the computing of signing, to the HASH computing of dividing into groups of this transaction message section, if be set at 2 o'clock, represent that this transaction message section does not need to participate in signature computing, do not need the HASH computing of dividing into groups of this transaction message section.
Whether the transaction message section that step 106:USB Key judgement receives needs to show, if desired, performs step 107, otherwise directly performs step 108;
In the present embodiment, correspondingly, USB Key judges whether transaction message section needs the method showing also to comprise two kinds, specific as follows:
Method 1, judges in transaction message section whether contain the marker character of checking of making an appointment, if having, illustrates that this transaction message section need to show, if do not have, illustrates that this transaction message section does not need to show;
Method 2, the first flag bit of judgement transaction message section correspondence is to be set to 0, is still set to 1 or 2, if be set to 0, represents that this transaction message section does not need to show, if be set to 1 or 2, represents that this transaction message section need to show.
Step 107: by this transaction message Duan Cundao display buffer district;
Step 108: whether the instruction that judgement receives is Sign instruction, if, perform step 109, if not, return to step 105, continue, to next section of transaction message section the receiving HASH computing of dividing into groups, to retain result and the remaining part of grouping of this calculating, as the initial parameters of next Hash grouping computing, and cumulative data length;
Step 109: add these data that receive, data total length cover on the basis of current initial parameters, generate the final Hash result of whole message;
Step 110:USB Key demonstration is stored in the transaction message section in buffer memory viewing area, waits for user's input information;
In the present embodiment, if take transaction message 1 during as example, the information that USB Key shows can be:
In row, transfer accounts
Wage card
Produce account: 6222030200000384
Proceed to account: 6227881000987
The amount of money: 1000.5
Time: 2009-12-06
Or the information of demonstration can also be:
The wage card of transferring accounts in row produces account: 6222030200000384 proceed to account: 6227881000987 amount of money: 1000.5 times: 2009-12-06
If take transaction message 2 during as example, the information that USB Key shows can be:
Proceed to account number: 6227881000987
The amount of money: 1000.5
Step 111: the information to user's input judges, if the information of user's input is cancellation information, performs step 112, if the information of user's input is confirmation, performs step 113;
Step 112:USB Key is to client host main frame prompting error message or cancellation information;
Step 113:USB Key signs to the final Ha sh result calculating in step 109, and signature result is returned to client host.
A kind of method that the present embodiment provides transaction message to process, the method providing by the present embodiment, transaction message can be resolved at client host, without resolving in USB Key inside, and guaranteed the safety that USB Key signs to the information of needs signature, improve flexibility, accelerated the treatment effeciency to transaction message.
Embodiment 2
The embodiment of the present invention provides a kind of client host 20 and a kind of intelligent cipher key equipment 30, so that the method in above-described embodiment 1 is implemented.Wherein, intelligent cipher key equipment 30 is connected with client host 20, and referring to Fig. 2, client host 20 comprises: interface module 21, communication module 22, input module 23, generation module 24, judge module 25, cut apart module 26 and mark module 27;
Interface module 21, connects for client host 20 and intelligent cipher key equipment 30;
Communication module 22, for client host 20 and intelligent cipher key equipment 30, carry out communication, specifically for the transaction message section after cutting apart is sent to intelligent cipher key equipment 30, to intelligent cipher key equipment 30, send signature command, error message or the cancellation information also for receiving intelligent cipher key equipment 30, returned, and the signature result of also returning for receiving intelligent cipher key equipment 30;
Input module 23, for inputting relationship trading information for user;
Generation module 24, generates transaction message for the Transaction Information of inputting by input module 23 according to user;
Whether judge module 25, need to show for the content of the rule judgment transaction message according to making an appointment;
Cut apart module 26, for whether needing to show according to the content of transaction message, transaction message is cut apart, transaction message is divided into some sections;
Correspondingly, communication module 22 is specifically for sending to successively intelligent cipher key equipment 30 by cutting apart the some sections of transaction message that module 26 obtains;
Mark module 27, carries out mark for the transaction message section that needs are shown.
In an embodiment, the method that the transaction message section that 27 pairs of needs of mark module show is carried out mark has two kinds, as follows:
Method 1, carries out mark with checking the transaction message section that marker character shows needs;
Method 2, carries out mark by the first flag bit of every section of transaction message section correspondence is arranged to the transaction message section that needs are shown;
Further, when the transaction message section showing when 2 pairs of needs of using method is carried out mark, in order to strengthen display effect, can also arrange the second flag bit of every section of transaction message section correspondence, thereby strengthen display effect, be convenient to user and understand.
In the present embodiment, client host 20 can also comprise:
Parsing module 28, for resolving cutting apart the transaction message that 26 pairs of transaction message of module generate generation module 24 before cutting apart;
Add module 29, for the transaction message section after cutting apart, add modified word and the control character of some computings that do not participate in signing, to improve display effect, improve user's experience.
The modules of the embodiment of the present invention can be integrated in one, and also can separatedly dispose, and above-mentioned module can be merged into a module, also can further split into a plurality of submodules.
Further, in the present embodiment, intelligent cipher key equipment 30 also comprises: interface module 31, communication module 32, computing module 33, judge module 34, memory module 35, display module 36, input module 37 and signature blocks 38;
Interface module 31, connects for intelligent cipher key equipment 30 and client host 20;
Communication module 32, carries out communication for intelligent cipher key equipment 30 and client host 20, the some transaction message sections that send specifically for receiving client host 20;
Computing module 33, for the transaction message section that communication module 32 the is received HASH computing of dividing into groups, retains result and the remaining part of grouping of this calculating, as the initial parameters of next Hash grouping computing, and cumulative data length;
Judge module 34, for judging whether the transaction message section that communication module 32 receives needs to show;
Correspondingly, in the present embodiment, whether the transaction message section that judgement receives needs the method showing also to have two kinds, as follows:
Whether method 1, contain the marker character of checking of making an appointment in the transaction message section that judgement receives, if having, represents that this transaction message section need to show, if do not have, represents that this transaction message section does not need to show;
Method 2, the first flag bit of the transaction message section correspondence that judgement receives is to be set to the first about definite value, still be set to the second about definite value or the 3rd about definite value, if while being set to the first about definite value, represent that this transaction message section does not need to show, if while being set to the second about definite value or the 3rd about definite value, represent that this transaction message section need to show.
Correspondingly, in the present embodiment, before 33 pairs of transaction message sections of computing module are divided into groups HASH computing, judge module 34 also carries out mark for judging with checking transaction message section that marker character shows needs, or carries out mark by the first flag bit being arranged to the transaction message section that needs are shown;
When being when checking transaction message section that marker character shows needs and carry out mark, the All Activity message segment that 33 pairs of communication modules 32 of computing module the receive HASH computing of dividing into groups;
When being when the first flag bit being arranged to the transaction message section that needs are shown and carry out mark, judge module 34 is also for judging that the first flag bit is set to the first about definite value or the second about definite value or is set to the 3rd about definite value, if while being set to the first about definite value or the second about definite value, represent that this transaction message section need to participate in the computing of signing, the HASH computing of dividing into groups of 33 pairs of these transaction message sections of computing module, if while being set to the 3rd about definite value, represent that this transaction message section does not need to participate in signature computing, computing module 33 does not need the HASH computing of dividing into groups of this transaction message section.
Memory module 35, in the time of need to showing, stores this transaction message section for obtaining transaction message section when judge module 34 judgements;
Further, whether judge module 34 is also Sign instruction for judging that communication module 32 receives instruction, if, computing module 33 also for adding these data that receive, data total length cover on the basis of current initial parameters, generate the final Hash result of whole message, if not, the transaction message section that computing module 33 continues that communication module 32 the is received HASH computing of dividing into groups.
Display module 36, for showing the transaction message section that is stored in buffer memory viewing area;
Input module 37, for inputting Transaction Information for user, also for inputting cancellation information or confirmation for user;
Correspondingly, judge module 34 is also cancellation information or confirmation for what judge that user inputs by input module 37;
If cancellation information, communication module 32 is also for sending error message or cancellation information to client host 20;
If confirmation, signature blocks 38 for when judge module 33 judgement, obtain user's input be confirmation time, the final Ha sh result that computing module 33 is obtained is signed;
Correspondingly, communication module 32 also returns to client host 20 for the signature result that signature blocks 38 is obtained.
The present embodiment provides a kind of client host and a kind of intelligent cipher key equipment, transaction message can be resolved at client host, without resolving in intelligent cipher key equipment inside, and guaranteed the safety that intelligent cipher key equipment is signed to the information of needs signature, improve flexibility, accelerated the treatment effeciency to transaction message.
Embodiment 3
The present embodiment provides a kind for the treatment of system of transaction message, and referring to Fig. 3, this system comprises client host 20 and intelligent cipher key equipment 30, and intelligent cipher key equipment 30 is connected with client host 20;
Wherein client host 20, for connecting with intelligent cipher key equipment 30, according to the Transaction Information of user's input, generate transaction message, transaction message is resolved, according to the content in transaction message, whether need to show transaction message is divided into some sections, by some HASH instructions, several transaction message sections after cutting apart are sent to intelligent cipher key equipment 30 successively, the transaction message section simultaneously needs being shown is carried out mark;
Intelligent cipher key equipment 30, some the HASH instructions that include the transaction message section after cutting apart that send for receiving successively client host 20, to the transaction message section the receiving HASH computing of dividing into groups, the transaction message section that needs are shown is deposited in buffer memory viewing area, after the signature command that receives client host 20 transmissions, show the transaction message section that need to show, and sign, and signature result is returned to described client host 20.
In the present embodiment, the Transaction Information of user's input can be the Transaction Information that user passes through the input unit input of client host 20, can also be the Transaction Information that user passes through the input unit input of intelligent cipher key equipment 30;
Further, the method that 20 pairs of client hosts need the transaction message section of demonstration to carry out mark has two kinds, as follows:
Method 1, carries out mark with checking the transaction message section that marker character shows needs;
Method 2, carries out mark by the first flag bit of every section of transaction message section correspondence is arranged to the transaction message section that needs are shown;
Further, when the transaction message section showing when 2 pairs of needs of using method is carried out mark, in order to strengthen display effect, can also arrange the second flag bit of every section of transaction message section correspondence, thereby strengthen display effect, be convenient to user and understand.
And in the present embodiment, the transaction message section that 30 pairs of intelligent cipher key equipments receive is divided into groups before HASH computing, also comprise: judgement is to carry out mark with checking the transaction message section that marker character shows needs, or carry out mark by the first flag bit being arranged to the transaction message section that needs are shown;
When being when checking transaction message section that marker character shows needs and carry out mark, the All Activity message segment that 30 pairs of intelligent cipher key equipments the receive HASH computing of dividing into groups;
When being when the first flag bit being arranged to the transaction message section that needs are shown and carry out mark, intelligent cipher key equipment 30 also comprises that judgement the first flag bit is set to 0 or 1 or be set to 2, if be set to 0 or at 1 o'clock, represent that this transaction message section need to participate in the computing of signing, to the HASH computing of dividing into groups of this transaction message section, if be set at 2 o'clock, represent that this transaction message section does not need to participate in signature computing, do not need the HASH computing of dividing into groups of this transaction message section.
After the transaction message receiving after cutting apart, also comprise: whether the transaction message section that judgement receives needs to show wherein judge whether transaction message section needs the method showing also to have two kinds, as follows:
Whether method 1, contain the marker character of checking of making an appointment in the transaction message section that judgement receives, if having, represents that this transaction message section need to show, if do not have, represents that this transaction message section does not need to show;
Method 2, the first flag bit of the transaction message section correspondence that judgement receives is to be set to the first about definite value, still be set to the second about definite value or the 3rd about definite value, if while being set to the first about definite value, represent that this transaction message section does not need to show, if while being set to the second about definite value or the 3rd about definite value, represent that this transaction message section need to show.
Correspondingly, the transaction message section that the needs that are stored in buffer memory viewing area are shown divides into groups can also comprise before HASH computing: judge whether this transaction message section that need to show needs to participate in signature computing, the first flag bit that judges this transaction message section correspondence is to be set to the second about definite value, still be set to the 3rd about definite value, if while being set to the second about definite value, represent that this transaction message section need to participate in the computing of signing, to the HASH computing of dividing into groups of this transaction message section, if while being set to the 3rd about definite value, represent that this transaction message section does not need to participate in signature computing, do not need the HASH computing of dividing into groups of this transaction message section.
Correspondingly, intelligent cipher key equipment 30 is stored in the transaction message section in display buffer district described in showing, carries out signature operation, and the operation that signature result is returned to client host 20 is specially:
Intelligent cipher key equipment 30 demonstrations are stored in the transaction message section in buffer memory viewing area, wait for user's input information, if the information of user's input is cancellation information, intelligent cipher key equipment 30 is to client host 20 prompting error message or cancellation information, if the information of user's input is confirmation, 30 pairs of final operation results of intelligent cipher key equipment are signed, and signature result is returned to client host 20.
The present embodiment provides a kind for the treatment of system of transaction message, transaction message can be resolved at client host, without resolving in intelligent cipher key equipment inside, and guaranteed the safety that intelligent cipher key equipment is signed to the information of needs signature, improve flexibility, accelerated the treatment effeciency to transaction message.
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited to this, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; can expect easily changing or replacing, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion by the described protection range with claim.
Claims (9)
1. a processing method for transaction message, is characterized in that, described method comprises:
Client host and intelligent cipher key equipment connect, and according to Transaction Information, generate transaction message;
Whether described client host needs to show according to the content in described transaction message is divided into some sections by described transaction message;
Described client host is issued described intelligent cipher key equipment successively by the transaction message section after described cutting apart, and the transaction message section simultaneously needs being shown is carried out mark;
Transaction message section after cutting apart described in described intelligent cipher key equipment receives, to the HASH computing of dividing into groups of described transaction message section, and judges whether described transaction message section needs to show;
If desired, by the described transaction message Duan Cundao display buffer district that needs to show, and show and be stored in the transaction message section in display buffer district after receiving signature command, carry out signature operation, signature result is returned to described client host;
If do not need, directly after receiving signature command, show and be stored in the transaction message section in display buffer district, and carry out signature operation, signature result is returned to described client host;
The method that the transaction message section that described client host shows needs is carried out mark specifically comprises:
With the marker character of checking of making an appointment, the described transaction message section showing that needs is carried out to mark;
Or,
By first flag bit corresponding with described transaction message section of making an appointment arranged, the described transaction message section showing that needs is carried out to mark;
To described transaction message section, the divide into groups operation of HASH computing specifically also comprises described intelligent cipher key equipment:
Judge that described client host is to carry out mark with checking the transaction message section that marker character shows needs, or carry out mark by first flag bit of making an appointment being arranged to the transaction message section that needs are shown;
When judgement, obtaining is when checking transaction message section that marker character shows needs and carry out mark, and described intelligent cipher key equipment is to the HASH computing of dividing into groups of the described All Activity message segment receiving;
When judgement, obtaining is when described the first flag bit of making an appointment being arranged to the transaction message section that needs are shown carry out mark, described intelligent cipher key equipment also needs to judge that the first flag bit is set to the first about definite value or the second about definite value or is set to the 3rd about definite value, if while being set to the first about definite value or the second about definite value, represent that described transaction message section need to participate in the computing of signing, described transaction message section is carried out to computing, if while being set to the 3rd about definite value, represent that described transaction message section does not need to participate in signature computing, do not need described transaction message section to carry out computing,
Described intelligent cipher key equipment judges whether described transaction message section needs the method showing specifically to comprise:
Described intelligent cipher key equipment judges the marker character of checking of making an appointment described in whether containing in described transaction message section, if that makes an appointment described in containing checks marker character, represent that described transaction message section need to show, if that makes an appointment described in not containing checks marker character, represent that described transaction message section does not need to show;
Or,
First flag bit corresponding with described transaction message section that described intelligent cipher key equipment judgement is made an appointment is to be set to the first about definite value, still be set to the second about definite value or the 3rd about definite value, if while being set to the first about definite value, represent that described transaction message section does not need to show, if while being set to the second about definite value or the 3rd about definite value, represent that described transaction message section need to show.
2. the processing method of transaction message according to claim 1, it is characterized in that, described Transaction Information is specially described client host and by the input unit of described client host, receives the Transaction Information of user's input, or described Transaction Information is also specially described client host by the Transaction Information of the input unit reception user input of described intelligent cipher key equipment.
3. the processing method of transaction message according to claim 1, it is characterized in that, when described client host is when checking marker character the described transaction message section that needs to show is carried out to mark, before described client host sends to described intelligent cipher key equipment by the transaction message section after described cutting apart, described method also comprises:
The modified word and the control character that in the transaction message section of described client host after described cutting apart, add some computings that do not participate in signing, to improve display effect, improve user's experience, and described modified word and control character can't change the sequencing of content and the described transaction message section of described transaction message section;
Or,
When described client host carries out mark by first flag bit corresponding with described transaction message section of making an appointment arranged to the described transaction message section that need to show, before described client host sends to described intelligent cipher key equipment by the transaction message section after described cutting apart, described method also comprises:
Described client host, by second flag bit arrange corresponding with described transaction message section of making an appointment strengthened to display effect, is convenient to user and is understood, and improves user's experience.
4. the processing method of transaction message according to claim 1, it is characterized in that, described intelligent cipher key equipment is stored in the transaction message section in display buffer district described in showing, carries out signature operation, and the operation that signature result is returned to described client host is specially:
Described intelligent cipher key equipment is stored in the transaction message section in buffer memory viewing area described in showing, waits for user's input information;
If the information of described user's input is cancellation information, described intelligent cipher key equipment is to described client host prompting error message or cancellation information;
If the information of described user's input is confirmation, described intelligent cipher key equipment is signed to final operation result, and signature result is returned to described client host.
5. an intelligent cipher key equipment, is characterized in that, described intelligent cipher key equipment is connected with client host, comprising:
Interface module, for being connected with described client host;
Communication module, for carrying out communication with described client host, specifically for receiving the transaction message section after cutting apart that described client host sends;
Computing module, for HASH computing that described transaction message section is divided into groups;
Judge module, for judging whether described transaction message section needs to show;
Memory module, the transaction message section showing for storing needs that the judgement of described judge module obtains;
Display module, for the transaction message section that shows that described memory module is stored;
Signature blocks, for carrying out signature operation;
Before described computing module carries out computing to transaction message section, described judge module is also for judging that described client host is to carry out mark with checking the transaction message section that marker character shows needs, or carries out mark by first flag bit of making an appointment being arranged to the transaction message section that needs are shown;
When judgement, obtaining is when checking transaction message section that marker character shows needs and carry out mark, and described computing module carries out computing to All Activity message segment;
When judgement, obtaining is when described the first flag bit of making an appointment being arranged to the transaction message section that needs are shown carry out mark, described judge module is also for judging that the first flag bit is set to the first about definite value or the second about definite value or is set to the 3rd about definite value, if while being set to the first about definite value or the second about definite value, represent that described transaction message section need to participate in the computing of signing, described computing module carries out computing to described transaction message section, if while being set to the 3rd about definite value, represent that described transaction message section does not need to participate in signature computing, described computing module does not need described transaction message section to carry out computing,
Described judge module judges whether described transaction message section needs the method showing specifically to comprise:
Described judge module judges in described transaction message section, whether to contain the identifier of checking of making an appointment, if described in containing, make an appointment check identifier, represent that described transaction message section need to show; If that makes an appointment described in not containing checks identifier, represent that described transaction message section does not need to show;
Or,
First flag bit corresponding with described transaction message section that described judge module judgement is made an appointment is to be set to described the first about definite value, still be set to described the second about definite value or the 3rd about definite value, if be set to described the first about definite value, represent that described transaction message section does not need to show, if be set to described the second about definite value or described the 3rd about definite value, represent that described transaction message section need to show.
6. intelligent cipher key equipment according to claim 5, is characterized in that, described intelligent cipher key equipment also comprises:
Input module, for inputting relationship trading information for user, and also for inputting cancellation information or confirmation for user.
7. intelligent cipher key equipment according to claim 5, is characterized in that, described judge module is also cancellation information or confirmation for what judge that user inputs;
When described user input be cancellation information time, described communication module is also for returning to error message or cancellation information to described client host;
When described user input be confirmation time, described signature blocks is for signing to final operation result;
Correspondingly, described communication module is also for returning to described client host by signature result.
8. a treatment system for transaction message, is characterized in that, described system comprises client host and intelligent cipher key equipment, and described intelligent cipher key equipment is connected with described client host;
Described client host, for connecting with described intelligent cipher key equipment, according to Transaction Information, generate transaction message, described transaction message is resolved, according to the content in described transaction message, whether need to show described transaction message is divided into some sections, transaction message section after described cutting apart is sent to described intelligent cipher key equipment, and the transaction message section simultaneously needs being shown is carried out mark;
Described intelligent cipher key equipment, for receiving the transaction message section after cutting apart that described client host sends, to the HASH computing of dividing into groups of described transaction message section, judge whether described transaction message section needs to show, if desired, by in described transaction message Duan Cundao display buffer district, and show and be stored in the transaction message section in display buffer district after receiving signature command, carry out signature operation, and signature result is returned to described client host, if do not need, described in directly showing, be stored in the transaction message section in display buffer district after receiving signature command, carry out signature operation, and signature result is returned to described client host,
The method that described client host carries out mark to the described transaction message section that need to show specifically comprises:
With the marker character of checking of making an appointment, the described transaction message section showing that needs is carried out to mark;
Or,
By first flag bit corresponding with described transaction message section of making an appointment arranged, the described transaction message section showing that needs is carried out to mark;
To described transaction message section, the divide into groups operation of HASH computing specifically also comprises described intelligent cipher key equipment:
Judge that described client host is to carry out mark with checking the transaction message section that marker character shows needs, or carry out mark by first flag bit of making an appointment being arranged to the transaction message section that needs are shown;
When judgement, obtaining is when checking transaction message section that marker character shows needs and carry out mark, and described intelligent cipher key equipment is to the HASH computing of dividing into groups of the described All Activity message segment receiving;
When judgement, obtaining is when described the first flag bit of making an appointment being arranged to the transaction message section that needs are shown carry out mark, described intelligent cipher key equipment also needs to judge that the first flag bit is set to the first about definite value or the second about definite value or is set to the 3rd about definite value, if while being set to the first about definite value or the second about definite value, represent that described transaction message section need to participate in the computing of signing, described transaction message section is carried out to computing, if while being set to the 3rd about definite value, represent that described transaction message section does not need to participate in signature computing, do not need described transaction message section to carry out computing,
Described intelligent cipher key equipment judges whether described transaction message section needs the operation showing to be specially:
Described intelligent cipher key equipment is by judging that whether containing the marker character of checking of making an appointment in described transaction message section judges whether described transaction message section needs to show, if that makes an appointment described in not having checks marker character, represent that described transaction message section does not need to show, if that makes an appointment described in containing checks marker character, represent that described transaction message section need to show;
Or,
Described intelligent cipher key equipment is by judging that the first flag bit of described transaction message section correspondence is to be set to the first about definite value, still be set to the second about definite value or the 3rd about definite value and judge whether described transaction message section needs to show, if while being set to the first about definite value, represent that this transaction message section does not need to show, if while being set to the second about definite value or the 3rd about definite value, represent that this transaction message section need to show.
9. the treatment system of transaction message according to claim 8, it is characterized in that, described intelligent cipher key equipment is stored in the transaction message section in display buffer district described in showing, carries out signature operation, and the operation that signature result is returned to described client host is specially:
Described intelligent cipher key equipment is stored in the transaction message section in buffer memory viewing area described in showing, wait for user's input information, if the information of described user's input is cancellation information, described intelligent cipher key equipment is to described client host prompting error message or cancellation information, if the information of described user's input is confirmation, described intelligent cipher key equipment is signed to final operation result, and signature result is returned to described client host.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010580896.7A CN102025738B (en) | 2010-12-03 | 2010-12-03 | Method, equipment and system for processing transaction message |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201010580896.7A CN102025738B (en) | 2010-12-03 | 2010-12-03 | Method, equipment and system for processing transaction message |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102025738A CN102025738A (en) | 2011-04-20 |
| CN102025738B true CN102025738B (en) | 2014-03-26 |
Family
ID=43866592
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201010580896.7A Active CN102025738B (en) | 2010-12-03 | 2010-12-03 | Method, equipment and system for processing transaction message |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102025738B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103268437B (en) * | 2013-05-10 | 2016-02-24 | 飞天诚信科技股份有限公司 | A kind of method improving signed data security |
| CN107609872A (en) * | 2017-09-07 | 2018-01-19 | 北京海泰方圆科技股份有限公司 | transaction message processing and sending method and device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101051907A (en) * | 2007-05-14 | 2007-10-10 | 北京握奇数据***有限公司 | Safety certifying method and its system for facing signature data |
| CN101221641A (en) * | 2007-12-20 | 2008-07-16 | 魏恺言 | On-line trading method and its safety affirmation equipment |
| CN101304569A (en) * | 2008-04-24 | 2008-11-12 | 中山大学 | Mobile authentication system based on intelligent mobile phone |
-
2010
- 2010-12-03 CN CN201010580896.7A patent/CN102025738B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101051907A (en) * | 2007-05-14 | 2007-10-10 | 北京握奇数据***有限公司 | Safety certifying method and its system for facing signature data |
| CN101221641A (en) * | 2007-12-20 | 2008-07-16 | 魏恺言 | On-line trading method and its safety affirmation equipment |
| CN101304569A (en) * | 2008-04-24 | 2008-11-12 | 中山大学 | Mobile authentication system based on intelligent mobile phone |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102025738A (en) | 2011-04-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102132304B (en) | Form filling with digital identities, and automatic password generation | |
| CN101820346B (en) | Secure digital signature method | |
| CN109815051A (en) | The data processing method and system of block chain | |
| CN103886456A (en) | Payment system based on dynamic display two-dimension code and implementation method thereof | |
| CN110515965A (en) | Business paper processing method, device, computer equipment and storage medium | |
| CN101236629A (en) | On-line payment system and payment procedure | |
| CN110705976A (en) | Intelligent medical settlement method and system based on big data, electronic equipment and storage medium | |
| CN104765580A (en) | Cloud printing technology supported intelligent control system for bill printing | |
| CN102073803A (en) | Device, method and system for enhancing safety of USBKEY | |
| CN110796531A (en) | Web-based accounting voucher generation method and system | |
| CN110493074A (en) | A kind of test method and system of server and client | |
| CN104168117A (en) | Voice digital signature method | |
| CN109614596B (en) | Electronic bill processing method, device and system | |
| CN102025738B (en) | Method, equipment and system for processing transaction message | |
| CN105468771B (en) | Recommend the method and device of software | |
| CN108885667A (en) | Safety risk management system, server, control method and non-transitory computer-readable medium | |
| CN109831414A (en) | A kind of delivery management method and system of electronic invoice | |
| CN101408970A (en) | Method, system and apparatus for implementing batch electronic transaction, and electronic signing tool | |
| CN105373918A (en) | Multi-POS terminal integrated payment system and method | |
| Olsen et al. | Internet elections: unsafe in any home? | |
| CN102609842A (en) | Payment cipher device based on hardware signature equipment, and application method of payment cipher device | |
| CN103020506A (en) | Key equipment and method integrating photographing and bar code identification technologies | |
| CN115001768A (en) | Data interaction method, device and equipment based on block chain and storage medium | |
| CN113779528A (en) | Multi-system front-end page integration method, device, equipment and medium | |
| CN110111074A (en) | Contract based on block chain is transferred accounts execution method, equipment and the medium of clause |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 17th floor, building B, Huizhi building, No.9, Xueqing Road, Haidian District, Beijing 100085 Patentee after: Feitian Technologies Co.,Ltd. Country or region after: China Address before: 100085 17th floor, block B, Huizhi building, No.9 Xueqing Road, Haidian District, Beijing Patentee before: Feitian Technologies Co.,Ltd. Country or region before: China |
|
| CP03 | Change of name, title or address |