CN103138938A - SM2 certificate application method based on cryptographic service provider (CSP) - Google Patents
SM2 certificate application method based on cryptographic service provider (CSP) Download PDFInfo
- Publication number
- CN103138938A CN103138938A CN2013100950353A CN201310095035A CN103138938A CN 103138938 A CN103138938 A CN 103138938A CN 2013100950353 A CN2013100950353 A CN 2013100950353A CN 201310095035 A CN201310095035 A CN 201310095035A CN 103138938 A CN103138938 A CN 103138938A
- Authority
- CN
- China
- Prior art keywords
- certificate
- data
- digital
- csp
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of network safety, and provides an SM2 certificate application method based on cryptographic service provider (CSP). The method comprises the steps: applying an SM2 digital certificate: calling a CSP interface through a local safe control of a client, generating a key pair which is used for manufacturing the SM2 certificate, generating a PKCS#10 request used for applying of the SM2 certificate, and sending the request to a certificate authority (CA) center; leading in the SM2 digital certificate: calling the CSP interface to analyze data sent back from the CA center, and leading SM2 digital certificate data into a local safe device to be stored; using the SM2 certificate to carry out digital signing: in the local safe device, carrying out the signing on a hash value of SM3 of to-be-signed data through a secret key. Through the SM2 certificate application method, the problem that in an existing technology, a national cryptographic algorithm theory cannot be converted into an actual safe application is solved, and safe application of a national cryptographic algorithm based on the SM2 digital certificate is achieved.
Description
Technical field
The present invention relates to the network security technology field, particularly a kind of SM2 certificate request and application process based on CSP.
Background technology
Digital signature claims again Electronic Signature, is a kind of technology that relies on additional information or cipher processing that digital information or its transmit leg are proved, the main secret key encryption mode of using realizes at present.One cover numeral signature usually defines the computing of two kinds of complementations and uses pair of secret keys, and transmit leg utilization we's private key is signed to data, and the recipient utilizes corresponding PKI that digital signature is verified.
The safety and reliability of digital signature mainly depends on key algorithm, and the most influential public key encryption algorithm is RSA Algorithm at present, and it is recommended as the public key data encryption standard by ISO.But the fail safe of RSA Algorithm depends on large several computing, and the generation of its key is very complicated, and because grouping is large, key length is long, algorithm computing cost is very high, and speed is slower.In addition, due to regular the following of Factorization of large number, also there is certain potential safety hazard in RSA Algorithm, can only constantly increase key length for improving fail safe, causes the execution efficient of algorithm constantly to reduce.
In the case, need a kind of algorithm safely and efficiently badly and substitute RSA, national Password Management office works out and discloses a series of commercial cipher algorithms (hereinafter referred to as " the close algorithm of state ") for this reason, and it comprises Standard Symmetric Multivariate algorithm SM1, the rivest, shamir, adelman SM2 based on elliptic curve ECC, data summarization algorithm SM3 and grouping symmetry blocks cryptographic algorithm SM4 etc.The close algorithm of state provides the theoretical property of alternative RSA Algorithm to instruct, but wants to become unified, universally acknowledged safety standard, still need a large amount of conscientiously can with safety applications support the close algorithm of state, and further check is done in its fail safe.How the close algorithm application of state is become the popularization institute problem needing to overcome of the close algorithm of state in the every field of information security.
Summary of the invention
In view of this, the invention provides a kind of SM2 certificate request and application process based on CSP, to solve the problem that the close theory of algorithm of state can't be converted into actual safety applications in prior art.
For solving the problems of the technologies described above, SM2 certificate request and the application process based on CSP of the present invention comprises step:
SM2 applying digital certificate: utilize the safe control of client terminal local to call the CSP interface, generate to be used for make the key pair of SM2 certificate, generate the PKCS#10 request that is used for application SM2 digital certificate and send to the CA center;
The SM2 digital certificate imports: call the CSP interface and resolve the data that the CA center is returned, wherein SM2 digital certificate data is imported in local security equipment preserve;
Use the SM2 certificate to carry out digital signature: in local security equipment, to use signature with the SM2 private key, the SM3 cryptographic Hash of data to be signed to be signed.
Preferably, described SM2 applying digital certificate step detailed process is:
Utilize the PKCS#10 request of the safe control proposition SM2 applying digital certificate of client terminal local;
Call the CSP interface and create cryptographic key containers;
Generate to be used for make the key pair of SM2 certificate;
The SM2 PKI of deriving described cipher key pair is integrated in described PKCS#10 request;
Organization certificate information is integrated in described PKCS#10 request;
Create SM3 Hash handle, calculate the SM3 cryptographic Hash of described SM2 PKI and certificate information;
Described SM3 cryptographic Hash is carried out SM2 signs and is integrated in described PKCS#10 request;
Generate complete PKCS#10 request and send to the CA center.
Preferably, it is characterized in that, the described SM2 digital certificate data of importing comprises SM2 signing certificate data.
Preferably, use double certificate if carry out simultaneously digital signature and digital encryption, the described SM2 digital certificate data of importing also comprises SM2 encrypted certificate data.
Preferably, the importing process of described signing certificate data is specially:
Obtain the CSP context; Obtain the signature SM2 private key handle that CSP preserves; Parse the SM2 signing certificate from the data that described CA center is returned, and import in local security equipment.
Preferably, the importing process of described encrypted certificate data is:
Obtain the CSP context; Parse the encryption key corresponding with described SM2 encrypted certificate of SM2 encrypted certificate and encryption from the data that described CA center is returned, and import in local security equipment.
Preferably, described use SM2 certificate carries out digital signature step detailed process and is:
Call the CSP interface and obtain signature SM2 private key handle; Create SM3 Hash handle; Calculate the SM3 cryptographic Hash of data to be signed; Obtain described SM3 cryptographic Hash and it is carried out the SM2 signature.
Preferably, if carry out simultaneously digital signature and digital encryption, carry out the double certificate application, generate described key to the time, generate simultaneously signature key to interim encryption key to this two pairs of SM2 keys pair.
Preferably, the encryption key corresponding with described SM2 encrypted certificate of described encryption is made of the private key of curve point component, encryption and the SM3 cryptographic Hash of described private key.
Pass through such scheme, the invention provides a kind of SM2 certificate request and application process based on CSP, solve the problem that the close theory of algorithm of state can't be converted into actual safety applications in the prior art, realized the safety applications based on the close algorithm of state of SM2 digital certificate.
Description of drawings
Fig. 1 is based on the SM2 certificate request of CSP and the basic procedure schematic diagram of application process in one embodiment of the present of invention;
Fig. 2 is applying digital certificate schematic flow sheet in one embodiment of the present of invention;
Fig. 3 is signing certificate guiding flow schematic diagram in one embodiment of the present of invention;
Fig. 4 is encrypted certificate guiding flow schematic diagram in one embodiment of the present of invention;
Fig. 5 uses the certificate schematic flow sheet of signing in one embodiment of the present of invention.
Embodiment
Below in conjunction with each accompanying drawing, the technical scheme in the embodiment of the present invention is carried out clear, complete description, obviously, described embodiment is a part of embodiment of the present invention, rather than whole embodiment.Based on the embodiment in the present invention, the every other embodiment that those of ordinary skills obtain under the prerequisite of not making creative work belongs to the scope of protection of the invention.
Network security is exactly the information security on network in essence, even in network, data are protected, is not subjected to destruction, change, leakage accidental or malice, and the operation reliably continuously of assurance system guarantees that network service does not interrupt.The factor that affects network security is a lot, but in most cases, because networking client software and hardware scarce capacity, applied environment complexity and the precautionary measures are limited, it more easily becomes the security breaches in whole system.In the present invention, in order to guarantee the secure communication of client, utilize CSP(Cryptographic Service Provider, cryptographic services supplier) provide safety applications based on the close algorithm of state, by using SM2 certificate etc. to carry out digital signature, realized client identity checking safely and efficiently.
CSP is Microsoft is used for providing third party's encrypting module on windows platform standard interface, it utilizes the CryptoAPI(Cryptography Application Programming Interface) can realize the cryptographic algorithm of some standards, as the basic RSA Algorithm of asymmetric encryption, DES algorithm and MD5 or the SHA1 digest algorithm etc. of symmetric cryptography.But current not any one CSP module provides the safe software/hardware equipment based on the close algorithm of state.In one embodiment of the invention, in order to realize the safety applications of a close algorithm of state in CSP, mainly use the SM2 certificate to carry out the digital signature of client, particularly as shown in Figure 1, method of the present invention comprises step:
SM2 applying digital certificate: utilize the safe control of client terminal local to call the CSP interface, generate to be used for make the key pair of SM2 certificate, generate the PKCS#10 request that is used for application SM2 digital certificate and send to CA(Certificate Authority, certification authority) center;
The SM2 digital certificate imports: call the CSP interface and resolve the data that the CA center is returned, wherein SM2 digital certificate data is imported in local security equipment preserve;
Use the SM2 certificate to carry out digital signature: in local security equipment, to use signature with the SM2 private key, the SM3 cryptographic Hash of data to be signed to be signed.
The below is described further the specific operation process of above steps.As shown in Figure 2, described SM2 applying digital certificate step specifically comprises: (PKCS is one group of public key cryptography standard that U.S. RSA data security company and affiliate thereof formulate to utilize the safe control of client terminal local to propose to be used for the PKCS#10 request of application SM2 digital certificate, The Public-Key Cryptography Standards, its No. 10 standard to describe certificate request syntax); Call the CSP interface and create cryptographic key containers (calling the CryptAcquireContext interface); Generate and be used for making the key of SM2 certificate to (calling the CryptGenKey interface); The SM2 PKI of deriving described cipher key pair is integrated in described PKCS#10 request (calling the CryptExportKey interface); Organization certificate information is integrated into (certificate information comprises version number, authentication theme, public key information and other information attributes etc.) in described PKCS#10 request; Create SM3 Hash handle (calling the CryptCreateHash interface), calculate the SM3 cryptographic Hash (calling the CryptHashData interface) of described SM2 PKI and certificate information; Described SM3 cryptographic Hash is carried out SM2 signature (calling the CryptSignHash interface) and is integrated in described PKCS#10 request; Generate complete PKCS#10 request and send to the CA center.under default situations, only be used for digital signature by pair of secret keys to applying for a signing certificate, further, if need to carry out digital encryption when carrying out digital signature, need to apply for double certificate in the application stage, this cryptographic key containers that requires to create can be stored two pairs of keys simultaneously, and generate key to the time to generate simultaneously two pairs of SM2 keys right---a pair ofly be signature key, a pair of is interim encryption key, (private key is used for data are signed signature key to being used for signature, PKI is issued the CA center with PKCS#10 request and is used for the validity of checking PKCS#10 and produces signing certificate), interim encryption key is to being that related data is carried out encryption and decryption and used once that (PKI is issued the CA center with the PKCS#10 request when CA issues encrypted certificate, be encrypted for pair private key data corresponding with encrypted certificate when CA issues encrypted certificate, the data that private key is used for returning from CA decrypt private key data corresponding to encrypted certificate, and this interim encryption key is not to just re-using after decrypting above-mentioned data).Generally, after CA receives at the center PKCS#10 request of certificate request, issue corresponding certificate and return to the safe control of client terminal local according to this request, wherein, the certificate of issuing is standard x 509 form certificates, and this certificate comprises the contents such as version number, sequence number, signature value, issuer, public key information, extend information.
Subsequently, certificate imports the SM2 digital certificate data that imports in step and comprises SM2 signing certificate data and SM2 encrypted certificate data (if not requiring that digital encryption need not encrypted certificate), and this makes this step be further divided into two processes: signing certificate imports (as shown in Figure 3)---and call the CSP interface and obtain CSP context (calling the CryptAcquireContext interface); Obtain the SM2 private key handle (calling the CryptGetUserKey interface) that CSP preserves; Also therefrom import SM2 public key signature certificate (calls the CryptSetKeyParam interface) to the data that parsing CA returns at the center in local security equipment;
And encrypted certificate imports (as shown in Figure 4)---call the CSP interface and obtain CSP context (calling the CryptAcquireContext interface); The encryption key corresponding with the SM2 encrypted certificate (calling the CryptImportKey interface) and the SM2 encrypted certificate (calling the CryptSetKeyParam interface) that parse encryption from the data that the CA center is returned import in local security equipment.Need to prove, this encryption key is CA center generation, be that the CA center is after receiving the request of application encrypted certificate, generate encryption key pair, PKI wherein is used for generating the SM2 encrypted certificate, private key is presented to client (also can be by aforesaid interim encryption key to carrying out encryption and decryption when private key data returns, detailed process is existing the description above, do not repeat them here) together with this SM2 encrypted certificate after encrypting.
At last, as shown in Figure 5, use the SM2 certificate to carry out digital signature: to call the CSP interface and obtain for the SM2 private key handle (calling the CryptAcquireCertificatePrivateKey interface) of signing; Create SM3 Hash handle (calling the CryptCreateHash interface); Calculate the SM3 cryptographic Hash (calling the CryptHashData interface) of data to be signed; Obtain described SM3 cryptographic Hash (calling the CryptGetHashParam interface) and it is carried out SM2 signature (calling the CryptSignData interface).
In formal communication process subsequently, guarantee the data of integrality or non repudiation for needs, signing certificate is held end and is used private key corresponding to signing certificate that above-mentioned data are signed, and the opposite end uses the SM2 signing certificate to verify; Needs are guaranteed the data of fail safe, use the SM2 encrypted certificate that data are encrypted, encrypted certificate is held end and is used private key corresponding to encrypted certificate that above-mentioned enciphered data is decrypted.
The CSP interface that more than calls is standard interface, and its concrete occupation mode repeats no more, and the below is described further the PKI of SM2 cipher key pair in the present invention and the data structure of private key.Wherein, the data structure of SM2 PKI comprises following 2 parts:
BLOBHEADER;
SM2PUBLICKEYBLOB
Wherein BLOBHEADER is Microsoft's standard; SM2PUBLICKEYBLOB is the self-defining data structure:
typedef?struct?Struct_SM2PUBLICKEYBLOB{
ULONG BitLen; The actual bit length of // modulus, value is: 256
BYTE?XCoordinate[SM2_MAX_XCOORDINATE_BITS_LEN/8];
BYTE?YCoordinate[SM2_MAX_YCOORDINATE_BITS_LEN/8];
}SM2PUBLICKEYBLOB,*PSM2PUBLICKEYBLOB;
Annotate: 1, the BLOBHEADER value can be ignored at present;
2, the X of SM2 PKI, Y value are little-endian (LITTLE-ENDIAN), and are 32 byte, so the rear 32byte of XCoordinate, YCoordinate all mends 0.
The data structure of SM2 private key comprises following 2 parts:
BLOBHEADER;
SM2PRIVATEKEYBLOB
Wherein BLOBHEADER is Microsoft's standard definition; SM2PRIVATEKEYBLOB is the self-defining data structure.
1. BLOBHEADER structure value is as follows:
typedef?struct_PUBLICKEYSTRUC{
BYTE bType; // value is: PRIVATEKEYBLOB (0x7)
BYTE bVersion; // value is: CUR_BLOB_VERSION (0x2)
WORD reserved; // value is: 0x1-represent that the SM2 private key is the form of encrypting
ALG_ID aiKeyAlg; // value is: CALG_SM2_KEYX
}BLOBHEADER,PUBLICKEYSTRUC;
2. SM2PRIVATEKEYBLOB data structure definition:
typedef?struct_SM2PRIVATEKEYBLOB{
ULONG AlgID; // value is: CALG_SM2_SIGN or KEYX
ULONG EncryptedPrivateKeyBitLen; Actual bit (bit) length of // encryption SM2 private key EncryptedPrivateKey
BYTE*EncryptedPrivateKey; The SM2 key of // encryption is to (public and private key) data
}SM2PRIVATEKEYBLOB,*PSM2PRIVATEKEYBLOB;
Annotate: 1, the value of B parameter itLen represents the actual bit length of encryption key.
2, encryption key EncryptedPrivateKey form is C1||C2||C3.C1(x, y), x wherein, y is respectively 32 byte curve point components, the data of C2 for encrypting, C3 is 32 byte SM3 cryptographic Hash (using the SM3 hash algorithm to carry out value after Hash operation to private key).
3, be that the x||y||d(deciphering is carried out when importing the encrypted certificate private key to the form after above-mentioned encryption key deciphering), x wherein, y is the PKI coordinate points (being aforementioned curve point component) of 32 bytes, and d is the private key (by to obtaining after above-mentioned C2 deciphering) of 32 bytes.
In sum, the present invention expands the standard C SP interface that Microsoft provides, a kind of SM2 certificate request and application process based on CSP is provided, the method has realized the safety applications based on the close algorithm of state of SM2 digital certificate, has solved the problem that the close theory of algorithm of state can't be converted into actual safety applications in the prior art.SM2 and SM3 algorithm are the domestic cryptographic algorithms that State Commercial Cryptography Administration is assert, the level of security of 256 private keys of SM2 algorithm is better than the level of security of 2048 of RSA Algorithms, significantly is better than the RSA Algorithm of 2048 on signature speed.The realization of the method is to improving constantly China country message safety level, guaranteeing applying of national interests and the autonomous cryptographic algorithm of China, has great and realistic meaning widely.
Above execution mode only is used for explanation the present invention; and be not limitation of the present invention; the those of ordinary skill in relevant technologies field; without departing from the spirit and scope of the present invention; can also make a variety of changes and modification; therefore all technical schemes that are equal to also belong to category of the present invention, and scope of patent protection of the present invention should be defined by the claims.
Claims (9)
1. SM2 certificate request and application process based on a CSP, is characterized in that, described method comprises step:
SM2 applying digital certificate: utilize the safe control of client terminal local to call the CSP interface, generate to be used for make the key pair of SM2 certificate, generate the PKCS#10 request that is used for application SM2 digital certificate and send to the CA center;
The SM2 digital certificate imports: call the CSP interface and resolve the data that the CA center is returned, wherein SM2 digital certificate data is imported in local security equipment preserve;
Use the SM2 certificate to carry out digital signature: in local security equipment, to use signature with the SM2 private key, the SM3 cryptographic Hash of data to be signed to be signed.
2. method according to claim 1, is characterized in that, described SM2 applying digital certificate step detailed process is:
Utilize the PKCS#10 request of the safe control proposition SM2 applying digital certificate of client terminal local;
Call the CSP interface and create cryptographic key containers;
Generate to be used for make the key pair of SM2 certificate;
The SM2 PKI of deriving described cipher key pair is integrated in described PKCS#10 request;
Organization certificate information is integrated in described PKCS#10 request;
Create SM3 Hash handle, calculate the SM3 cryptographic Hash of described SM2 PKI and certificate information;
Described SM3 cryptographic Hash is carried out SM2 signs and is integrated in described PKCS#10 request;
Generate complete PKCS#10 request and send to the CA center.
3. method according to claim 1, is characterized in that, the described SM2 digital certificate data of importing comprises SM2 signing certificate data.
4. method according to claim 3, is characterized in that, uses double certificate if carry out simultaneously digital signature and digital encryption, and the described SM2 digital certificate data of importing also comprises SM2 encrypted certificate data.
5. method according to claim 3, is characterized in that, the importing process of described signing certificate data is specially:
Obtain the CSP context; Obtain the signature SM2 private key handle that CSP preserves; Parse the SM2 signing certificate from the data that described CA center is returned, and import in local security equipment.
6. method according to claim 4, is characterized in that, the importing process of described encrypted certificate data is:
Obtain the CSP context; Parse the encryption key corresponding with described SM2 encrypted certificate of SM2 encrypted certificate and encryption from the data that described CA center is returned, and import in local security equipment.
7. method according to claim 1, is characterized in that, described use SM2 certificate carries out digital signature step detailed process and is:
Call the CSP interface and obtain signature SM2 private key handle; Create SM3 Hash handle; Calculate the SM3 cryptographic Hash of data to be signed; Obtain described SM3 cryptographic Hash and it is carried out the SM2 signature.
8. method according to claim 2, is characterized in that, if carry out simultaneously digital signature and digital encryption, carries out the double certificate application, generate described key to the time, generate simultaneously signature key to interim encryption key to this two pairs of SM2 keys pair.
9. method according to claim 6, is characterized in that, the encryption key corresponding with described SM2 encrypted certificate of described encryption is made of the private key of curve point component, encryption and the SM3 cryptographic Hash of described private key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310095035.3A CN103138938B (en) | 2013-03-22 | 2013-03-22 | Based on SM2 certificate request and the application process of CSP |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310095035.3A CN103138938B (en) | 2013-03-22 | 2013-03-22 | Based on SM2 certificate request and the application process of CSP |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103138938A true CN103138938A (en) | 2013-06-05 |
| CN103138938B CN103138938B (en) | 2016-01-20 |
Family
ID=48498294
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310095035.3A Active CN103138938B (en) | 2013-03-22 | 2013-03-22 | Based on SM2 certificate request and the application process of CSP |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103138938B (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104301113A (en) * | 2014-10-17 | 2015-01-21 | 飞天诚信科技股份有限公司 | Digital signing method and system based on multiple certificates and multiple purposes |
| CN105530090A (en) * | 2015-12-31 | 2016-04-27 | 中国建设银行股份有限公司 | Key negotiation method and device |
| CN105743655A (en) * | 2016-03-25 | 2016-07-06 | 中国科学院信息工程研究所 | Implementation method of SM2 signature verification through separate hash calculation and signature verification calculation |
| CN106452783A (en) * | 2016-09-26 | 2017-02-22 | 上海兆芯集成电路有限公司 | Computer system and safe execution method |
| CN103795719B (en) * | 2014-01-23 | 2017-09-19 | 广东电网公司电力科学研究院 | Terminal security equipment simplify configuration management method and system |
| CN107276961A (en) * | 2016-04-06 | 2017-10-20 | 北京天威诚信电子商务服务有限公司 | A kind of method and device based on cipher algorithm encryption and ciphertext data |
| CN107360002A (en) * | 2017-08-15 | 2017-11-17 | 武汉信安珞珈科技有限公司 | A kind of application method of digital certificate |
| CN107579830A (en) * | 2017-08-04 | 2018-01-12 | 深圳市文鼎创数据科技有限公司 | The method and intelligent key safety means of a kind of signature |
| CN108052821A (en) * | 2017-11-25 | 2018-05-18 | 珠海横琴新区润成科技股份有限公司 | The safe encryption method of E-seal |
| CN108270558A (en) * | 2016-12-30 | 2018-07-10 | 上海格尔软件股份有限公司 | A kind of private key introduction method based on temporary key pair |
| CN110048855A (en) * | 2019-04-23 | 2019-07-23 | 东软集团股份有限公司 | Introducing method and call method and device, equipment, the Fabric platform of national secret algorithm |
| CN110691060A (en) * | 2018-07-06 | 2020-01-14 | 武汉信安珞珈科技有限公司 | Method and system for realizing remote equipment password service based on CSP interface |
| CN111343126A (en) * | 2018-12-18 | 2020-06-26 | 武汉信安珞珈科技有限公司 | Method and system for processing digital certificate application |
| CN111628873A (en) * | 2020-07-28 | 2020-09-04 | 四川省数字证书认证管理中心有限公司 | Method for storing digital certificate solidified data telegraph text |
| CN112714121A (en) * | 2020-12-23 | 2021-04-27 | 航天信息股份有限公司 | Method and system for processing industrial internet digital certificate |
| CN115442146A (en) * | 2022-09-06 | 2022-12-06 | 安徽省极光智能科技有限公司 | Data secure transmission system and method based on cryptographic algorithm |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101340285A (en) * | 2007-07-05 | 2009-01-07 | 杭州中正生物认证技术有限公司 | Method and system for identity authentication by finger print USBkey |
| US20100299519A1 (en) * | 2008-01-23 | 2010-11-25 | China Iwncomm Co., Ltd. | Method for managing wireless multi-hop network key |
| CN102842005A (en) * | 2011-06-21 | 2012-12-26 | 国民技术股份有限公司 | CSP (chip scale package) module of TSPI (telephony service provider interface) based on TSM (tivoli storage manager) and CSP implementation method |
-
2013
- 2013-03-22 CN CN201310095035.3A patent/CN103138938B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101340285A (en) * | 2007-07-05 | 2009-01-07 | 杭州中正生物认证技术有限公司 | Method and system for identity authentication by finger print USBkey |
| US20100299519A1 (en) * | 2008-01-23 | 2010-11-25 | China Iwncomm Co., Ltd. | Method for managing wireless multi-hop network key |
| CN102842005A (en) * | 2011-06-21 | 2012-12-26 | 国民技术股份有限公司 | CSP (chip scale package) module of TSPI (telephony service provider interface) based on TSM (tivoli storage manager) and CSP implementation method |
Cited By (23)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103795719B (en) * | 2014-01-23 | 2017-09-19 | 广东电网公司电力科学研究院 | Terminal security equipment simplify configuration management method and system |
| CN104301113A (en) * | 2014-10-17 | 2015-01-21 | 飞天诚信科技股份有限公司 | Digital signing method and system based on multiple certificates and multiple purposes |
| CN104301113B (en) * | 2014-10-17 | 2017-07-14 | 飞天诚信科技股份有限公司 | One kind is based on the multiduty digital signature method of many certificates and system |
| CN105530090A (en) * | 2015-12-31 | 2016-04-27 | 中国建设银行股份有限公司 | Key negotiation method and device |
| CN105743655A (en) * | 2016-03-25 | 2016-07-06 | 中国科学院信息工程研究所 | Implementation method of SM2 signature verification through separate hash calculation and signature verification calculation |
| CN105743655B (en) * | 2016-03-25 | 2019-07-16 | 中国科学院信息工程研究所 | Hash calculation and signature sign test calculate isolated SM2 signature sign test implementation method |
| CN107276961A (en) * | 2016-04-06 | 2017-10-20 | 北京天威诚信电子商务服务有限公司 | A kind of method and device based on cipher algorithm encryption and ciphertext data |
| CN107276961B (en) * | 2016-04-06 | 2021-04-02 | 北京天威诚信电子商务服务有限公司 | Method and device for encrypting and decrypting data based on cryptographic algorithm |
| CN106452783A (en) * | 2016-09-26 | 2017-02-22 | 上海兆芯集成电路有限公司 | Computer system and safe execution method |
| CN106452783B (en) * | 2016-09-26 | 2021-02-09 | 上海兆芯集成电路有限公司 | Computer system and method for secure execution |
| CN108270558A (en) * | 2016-12-30 | 2018-07-10 | 上海格尔软件股份有限公司 | A kind of private key introduction method based on temporary key pair |
| CN107579830B (en) * | 2017-08-04 | 2020-12-11 | 深圳市文鼎创数据科技有限公司 | Signature method and intelligent key safety equipment |
| CN107579830A (en) * | 2017-08-04 | 2018-01-12 | 深圳市文鼎创数据科技有限公司 | The method and intelligent key safety means of a kind of signature |
| CN107360002B (en) * | 2017-08-15 | 2020-02-07 | 武汉信安珞珈科技有限公司 | Application method of digital certificate |
| CN107360002A (en) * | 2017-08-15 | 2017-11-17 | 武汉信安珞珈科技有限公司 | A kind of application method of digital certificate |
| CN108052821A (en) * | 2017-11-25 | 2018-05-18 | 珠海横琴新区润成科技股份有限公司 | The safe encryption method of E-seal |
| CN110691060A (en) * | 2018-07-06 | 2020-01-14 | 武汉信安珞珈科技有限公司 | Method and system for realizing remote equipment password service based on CSP interface |
| CN111343126A (en) * | 2018-12-18 | 2020-06-26 | 武汉信安珞珈科技有限公司 | Method and system for processing digital certificate application |
| CN110048855A (en) * | 2019-04-23 | 2019-07-23 | 东软集团股份有限公司 | Introducing method and call method and device, equipment, the Fabric platform of national secret algorithm |
| CN110048855B (en) * | 2019-04-23 | 2022-03-15 | 东软集团股份有限公司 | Introduction method and calling method of cryptographic algorithm, device, equipment and Fabric platform |
| CN111628873A (en) * | 2020-07-28 | 2020-09-04 | 四川省数字证书认证管理中心有限公司 | Method for storing digital certificate solidified data telegraph text |
| CN112714121A (en) * | 2020-12-23 | 2021-04-27 | 航天信息股份有限公司 | Method and system for processing industrial internet digital certificate |
| CN115442146A (en) * | 2022-09-06 | 2022-12-06 | 安徽省极光智能科技有限公司 | Data secure transmission system and method based on cryptographic algorithm |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103138938B (en) | 2016-01-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103138938B (en) | Based on SM2 certificate request and the application process of CSP | |
| US11323276B2 (en) | Mutual authentication of confidential communication | |
| CN103118027B (en) | The method of TLS passage is set up based on the close algorithm of state | |
| CN102594558B (en) | Anonymous digital certificate system and verification method of trustable computing environment | |
| CN101789865B (en) | Dedicated server used for encryption and encryption method | |
| CN102547688B (en) | Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel | |
| CN107483191B (en) | SM2 algorithm key segmentation signature system and method | |
| US11223486B2 (en) | Digital signature method, device, and system | |
| CN105447407A (en) | Off-line data encryption method and decryption method and corresponding apparatus and system | |
| CN110113150B (en) | Encryption method and system based on non-certificate environment and capable of repudiation authentication | |
| CN104243456A (en) | Signing and decrypting method and system applied to cloud computing and based on SM2 algorithm | |
| CN107425971B (en) | Certificateless data encryption/decryption method and device and terminal | |
| CN101771699A (en) | Method and system for improving SaaS application security | |
| CN109800588B (en) | Dynamic bar code encryption method and device and dynamic bar code decryption method and device | |
| CN105790938A (en) | System and method for generating safety unit key based on reliable execution environment | |
| CN110401615A (en) | A kind of identity identifying method, device, equipment, system and readable storage medium storing program for executing | |
| CN101720071A (en) | Short message two-stage encryption transmission and secure storage method based on safety SIM card | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
| WO2023151479A1 (en) | Data processing method, and device | |
| WO2023160420A1 (en) | Group message encryption method and apparatus, device and storage medium | |
| WO2023184858A1 (en) | Timestamp generation method and apparatus, and electronic device and storage medium | |
| CN1316405C (en) | Method for obtaining digital siguature and realizing data safety | |
| CN107249002B (en) | Method, system and device for improving safety of intelligent electric energy meter | |
| CN103425939B (en) | A kind of SM3 algorithm realization method and system in JAVA environment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |