CN105913256A - Trade method and trade system of electronic signature device - Google Patents

Abstract

The invention provides a trade method and trade system of an electronic signature device. The trade method comprises the following steps: the electronic signature device sending a trade request including a trade sum to a server; the server receiving the trade request, ducting the trade sum from a bank account of the electronic signature device, obtaining at least one first unit data packet, and sending the at least one unit data packet to the electronic signature device, wherein each first unit data packet represents one currency face value among multiple currency face values, and the total of the currency face values represented by the at least one first unit data packet is equal to the trade sum; and the electronic signature device receiving the at least one first unit data packet, and storing the at least one first unit data packet in a security chip. By use of the technical scheme provided by the invention, offline electronic trade can be truly realized.

Description

The method of commerce of a kind of electronic signature equipment and transaction system

Technical field

The present invention relates to a kind of electronic technology field, particularly relate to method of commerce and the transaction system of a kind of electronic signature equipment.

Background technology

In existing electronic transaction, the fund of user is deposited in the account in digital form, such as: user holds the money of 100 yuan Gold, this fund is stored in the user account of bank server in digital form, and after 10 yuan when customer consumption, bank takes Business device needs the fund 100 in user account to be rewritten as 90, to complete the clearance of account.In order to ensure the safety of fund numerical value, After bank server rewrites numerical value, revised fund numerical value 90 be signed.Because user is traded rear account every time Amount of money numerical value in family all can change, so bank server to process for the numerical value after variation every time.Namely Saying, existing electronic transaction bank server to be relied on, the electronic transaction needs that user is carried out and bank server are carried out in real time Synchronize, it is impossible to realize many off-line transactions of complete independently in the case of not networking.

Summary of the invention

It is contemplated that at least solve one of the problems referred to above.

Present invention is primarily targeted at the method for commerce that a kind of electronic signature equipment is provided.

Another object of the present invention is to provide a kind of transaction system.

For reaching above-mentioned purpose, technical scheme is specifically achieved in that

Scheme 1, the method for commerce of a kind of electronic signature equipment, including: transaction request is sent to server by electronic signature equipment, Wherein, described transaction request at least includes: dealing money；Described server receives described transaction request, in described electronic signature The bank account of equipment deducts described dealing money, obtains at least one first unit data bag, and by described at least one first Unit data bag sends to described electronic signature equipment；Wherein, each first unit data bag represents in multiple currency denomination Planting currency denomination, the summation of at least one currency denomination representated by the first unit data bag described is equal to described dealing money；Institute State electronic signature equipment and receive at least one first unit data bag described, at least one first unit data bag described is stored in In safety chip.

Scheme 2, according to the method for commerce described in scheme 1, described each first unit data bag at least includes: the first units Described first unit data signed the first signed data obtained according to, described server；In described electronic signature equipment by described Before at least one first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment is to institute State the first signed data to verify, after being verified, perform described electronic signature equipment by least one first units described The step being stored in safety chip according to bag.

Scheme 3, according to the method for commerce described in scheme 1, described transaction request also includes: setting of described electronic signature equipment Standby mark；Described each first unit data bag at least includes: the first unit data, described server are to described first units The second signed data obtained according to the device identification signature with described electronic signature equipment；Described electronic signature equipment by described extremely Before a few first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment is to described Second signed data is verified, performs described electronic signature equipment by least one first unit data described after being verified The step that bag is stored in safety chip.

Scheme 4, according to the method for commerce described in any one of scheme 1 to 3, described electronic signature equipment by described at least one After first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment is according to receiving Currency denomination representated by the number of at least one the first unit data bag described and described each first unit data bag calculates and connects The summation of the currency denomination representated by the first unit data bag received is the most consistent with the dealing money in described transaction request, as The most inconsistent, then send, to described server, the request of repeating transmission；Described server receives described repeating transmission and asks.

Scheme 5, according to the method for commerce described in scheme 4, described server receive described retransmit request after, described method Also include: described server retransmits request to described electronic signature equipment transmission retransmission of information, wherein, described repeating transmission according to described Information includes at least one first unit data bag described；Described electronic signature equipment receives described retransmission of information, will store before Described in described safety chip, at least one first unit data bag is deleted, and again stores the described of described server repeating transmission At least one first unit data bag.

Scheme 6, according to the method for commerce described in scheme 4, described server receive described retransmit request after, described method Also include: described server retransmits request to described electronic signature equipment transmission retransmission of information, wherein, described repeating transmission according to described Information includes the first unit data bag that described electronic signature equipment does not receives；Described electronic signature equipment does not receives described The first unit data bag be stored in described safety chip.

Scheme 7, according to the method for commerce described in any one of scheme 1 to 6, described electronic signature equipment by described at least one Before first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment utilizes its safe core Sheet distribution is for storing the memory space of at least one the first unit data bag described；Described electronic signature equipment is by described at least one Individual first unit data bag is stored in safety chip, including: described electronic signature equipment is by least one first units described It is stored in the described memory space of correspondence according to bag, and is set to take by the status word of the memory space of described correspondence.

Scheme 8, according to the method for commerce described in any one of scheme 1 to 7, described electronic signature equipment by described at least one After first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment utilizes counter Count value obtains total number of the first currently stored unit data bag.

Scheme 9, according to the method for commerce described in any one of scheme 1 to 8, described electronic signature equipment by described at least one After first unit data bag is stored in safety chip, described method also includes: described electronic signature equipment is by described trade gold Volume counts current account balance, shows described dealing money and/or described current account balance to holding user.

Scheme 10, according to the method for commerce described in any one of scheme 2 to 9, described first unit data at least includes: currency face Value Data, or, currency sequence number and currency denomination data；Described first unit data bag the most also includes one below: distribution Bank identifier and bank certificate sequence number.

Scheme 11, a kind of transaction system, described system includes: electronic signature equipment and server；Described electronic signature equipment, For sending transaction request to described server, wherein, described transaction request at least includes: dealing money；Described server, For receiving the transaction request that described electronic signature equipment sends, the bank account in described electronic signature equipment deducts described transaction The amount of money, obtains at least one first unit data bag, and sends at least one first unit data bag described to described electronics label Name equipment；Wherein, each first unit data bag represents a kind of currency denomination in multiple currency denomination, described at least one The summation of the currency denomination representated by one unit data bag is equal to described dealing money；Described electronic signature equipment, for from described Server receives at least one first unit data bag described, and at least one first unit data bag described is stored in safety chip In.

Scheme 12, according to the transaction system described in scheme 11, described each first unit data bag at least includes: the first unit The first signed data that described first unit data signature is obtained by data, described server；Described electronic signature equipment, also uses In before at least one first unit data bag described is stored in safety chip, described first signed data is verified, The operation being stored in safety chip by least one first unit data bag described is performed after being verified.

Scheme 13, according to the transaction system described in scheme 11, described transaction request also includes: described electronic signature equipment Device identification；Described each first unit data bag at least includes: the first unit data, described server are to described first unit The second signed data that the device identification signature of data and described electronic signature equipment obtains；Described electronic signature equipment, is additionally operable to Before at least one first unit data bag described is stored in safety chip, described second signed data is verified, The operation being stored in safety chip by least one first unit data bag described is performed after being verified.

Scheme 14, according to the transaction system described in any one of scheme 11 to 13, described electronic signature equipment, be additionally operable to by institute State after at least one first unit data bag is stored in safety chip, according at least one first units described in receiving The the first unit data bag institute received is calculated according to the currency denomination representated by the number wrapped and described each first unit data bag The summation of the currency denomination represented is the most consistent with the dealing money in described transaction request, if it is inconsistent, to described service Device sends the request of repeating transmission；Described server, is used for receiving described repeating transmission and asks.

Scheme 15, according to the transaction system described in scheme 14, described server, for retransmitting request to described electricity according to described Sub-signature device sends retransmission of information, and wherein, described retransmission of information includes at least one first unit data bag described；Described electricity Sub-signature device, is used for receiving described retransmission of information, will be stored in before in described safety chip described at least one is first single Bit data bag is deleted, and again stores at least one first unit data bag described that described server is retransmitted.

Scheme 16, according to the transaction system described in scheme 14, described server, for retransmitting request to described electricity according to described Sub-signature device sends retransmission of information, and wherein, described retransmission of information includes the first unit that described electronic signature equipment does not receives Packet；Described electronic signature equipment, for being stored in described the first unit data bag not received in described safety chip.

Scheme 17, according to the transaction system described in any one of scheme 11 to 16, described electronic signature equipment, for by described Before at least one first unit data bag is stored in safety chip, utilize the distribution of its safety chip described in store at least one The memory space of individual first unit data bag；Described electronic signature equipment, for depositing at least one first unit data bag described It is stored in safety chip, including: described electronic signature equipment is right for being stored in by least one first unit data bag described In the described memory space answered, and it is set to take by the status word of the memory space of described correspondence.

Scheme 18, according to the transaction system described in any one of scheme 11 to 17, described electronic signature equipment, be additionally operable to by institute State after at least one first unit data bag is stored in safety chip, utilize the count value of counter to obtain currently stored Total number of one unit data bag.

Scheme 19, according to the transaction system described in any one of scheme 11 to 18, described electronic signature equipment, be additionally operable to by institute State after at least one first unit data bag is stored in safety chip, described dealing money is counted current account balance, to Hold user and show described dealing money and/or described current account balance.

Scheme 20, according to the transaction system described in any one of scheme 12 to 19, described first unit data at least includes: currency Identification information, or, currency sequence number and currency denomination data；Described first unit data bag the most also includes one below: send out Row bank identifier and bank certificate sequence number.

As seen from the above technical solution provided by the invention, the invention provides a kind of electronic signature equipment method of commerce and Transaction system.The technical scheme using the present invention to provide, can be stored in the electricity of user by the fund of user with the form of packet In sub-signature device, and the number of packet is one or more.User is when consumption, because fund is no longer the shape with numerical value Formula is stored in electronic signature equipment, so electronic signature equipment need not the numerical value by changing storage with server networking, Only need the one or more first unit data bags meeting spending amount are sent to beneficiary, thus, electronic signature equipment Being no longer necessary to rely on server to carry out networking pay when carrying out electronic transaction with other electronic signature equipment, server is no longer necessary to Electronic signature equipment is supervised, thus realizes off line electronic transaction veritably.

Accompanying drawing explanation

In order to be illustrated more clearly that the technical scheme of the embodiment of the present invention, the required accompanying drawing used in embodiment being described below It is briefly described, it should be apparent that, the accompanying drawing in describing below is only some embodiments of the present invention, for this area From the point of view of those of ordinary skill, on the premise of not paying creative work, it is also possible to obtain other accompanying drawings according to these accompanying drawings.

The flow chart of the method for commerce of the electronic signature equipment that Fig. 1 provides for the embodiment of the present invention 1；

The structural representation of the transaction system that Fig. 2 provides for the embodiment of the present invention 2.

Detailed description of the invention

Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, Obviously, described embodiment is only a part of embodiment of the present invention rather than whole embodiments.Reality based on the present invention Execute example, the every other embodiment that those of ordinary skill in the art are obtained under not making creative work premise, broadly fall into Protection scope of the present invention.

In describing the invention, it is to be understood that term " " center ", " longitudinally ", " laterally ", " on ", D score, " front ", Orientation or the position relationship of the instruction such as " afterwards ", "left", "right", " vertically ", " level ", " top ", " end ", " interior ", " outward " are base In orientation shown in the drawings or position relationship, it is for only for ease of the description present invention and simplifies description rather than instruction or hint institute The device that refers to or element must have specific orientation, with specific azimuth configuration and operation, therefore it is not intended that to the present invention Restriction.Additionally, term " first ", " second " are only used for describing purpose, and it is not intended that instruction or hint relative importance Or quantity or position.

In describing the invention, it should be noted that unless otherwise clearly defined and limited, term " install ", " being connected ", " connect " and should be interpreted broadly, connect for example, it may be fixing, it is also possible to be to removably connect, or be integrally connected；Permissible It is to be mechanically connected, it is also possible to be electrical connection；Can be to be joined directly together, it is also possible to be indirectly connected to by intermediary, can be two The connection of individual element internal.For the ordinary skill in the art, can understand that above-mentioned term is in the present invention with concrete condition In concrete meaning.

Below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.

Embodiment 1

The flow chart of the method for commerce of a kind of electronic signature equipment that Fig. 1 provides for the present embodiment.Embodiment of the method shown in Fig. 1, Comprise the following steps S11 to S13:

Step S11, transaction request is sent to server by electronic signature equipment, and wherein, described transaction request at least includes: hand over The easily amount of money.

In the present embodiment, electronic signature equipment can be the electronic equipment with signature function, such as, has the intelligence of signature function Energy blocks U-shield of (mass transit card, bank card, purchase card etc.), industrial and commercial bank etc..In a kind of optional embodiment of the present embodiment, Transaction request is sent to server by electronic signature equipment, specifically, electronic signature equipment can with external equipment (such as PC or Mobile terminal etc.) set up connection, by this external equipment, transaction request is sent to server.Or, electronic signature equipment has There are wireline interface or wave point, set up wired connection or wireless connection with server, directly transaction request is sent to server. Wherein, radio connection can be marched into the arena the mode such as communication and WIFI to include bluetooth, NFC.Thus, electricity in the present embodiment Transaction request can be sent to server by sub-signature device in several ways.As the optional embodiment of one, server Including bank server or third-party server, such as, third-party server can be the purchase card stored value server in certain market.

Such as, this electronic signature equipment needs the operation performing to supplement with money, just to server (bank server or the purchase card in market Stored value server) send the transaction request for supplementing with money, the dealing money carried in this transaction request is that electronic signature equipment please Seek the amount of money numerical value that server is supplemented with money, in order to server returns first unit data corresponding with dealing money to electronic signature equipment Bag (i.e. the summation of the currency denomination of the first unit data bag that server returns is equal to dealing money).

Step S12, server receives transaction request, and the bank account in electronic signature equipment deducts dealing money, obtains at least One the first unit data bag, and at least one first unit data bag above-mentioned is sent to electronic signature equipment；Wherein, each First unit data bag represents a kind of currency denomination in multiple currency denomination, representated by least one first unit data bag above-mentioned The summation of currency denomination equal to dealing money.

In the present embodiment, each first unit data bag represents a kind of currency denomination in multiple currency denomination, say, that goods Coin face amount has multiple, when electronic signature equipment only receives a first unit data bag from server, and this first units A kind of currency denomination therein is only represented according to bag.When electronic signature equipment receives multiple first unit data bag from server, Multiple first unit data bags can represent multiple different currency denomination, and such as, the number of the first unit data bag is 3, Each first unit data bag respectively representative money face amount 1 yuan, 2 yuan and 5 yuan；Or, multiple first unit data bags can To represent identical currency denomination, such as, the number of the first unit data bag is 3, and each first unit data Bao Jun represents Currency denomination 1 yuan；Again or, the currency denomination representated by multiple first unit data bags had both included identical also include not phase Same currency denomination, such as, the number of the first unit data bag is 3, each first unit data bag representative money face respectively It is worth 1 yuan, 1 yuan and 2 yuan.Thus, at least one first unit data Bao Suodai that electronic signature equipment receives from server The currency denomination of table has combination flexibly.

In a kind of optional embodiment of the present embodiment, at least including the first unit data in the first unit data bag, this is first years old Unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data.Wherein, currency denomination data It is the currency denomination representated by the first unit data bag, identifies the currency denomination representated by the first unit data bag, currency with this The unique serial number of each first unit data bag of serial number, the most different currency sequence numbers in the first unit data bag is different. Thereby, it is possible to ensure the uniqueness of each first unit data bag, in order to recognize the true and false of the first unit data bag.As one Planting optional embodiment, the first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number. Wherein, the bank of issue is designated the identification information of the bank issuing this first unit data bag, thus can inquire about according to this mark To the relevant information of the corresponding bank of issue, and, electronic signature equipment can be according to bank of issue's mark and bank certificate sequence number Obtain the bank certificate of the corresponding bank of issue, bank certificate includes the PKI of the bank of issue, in order to electricity in subsequent operation Sub-signature device utilizes the PKI of the bank of issue that the signature of the first unit data completes checking.

In a kind of optional embodiment of the present embodiment, the first unit data bag the most also includes: the first unit data and clothes The first signed data that first unit data signature is obtained by business device.As the optional embodiment of one, server by utilizing self Private key respectively the first unit data in each first unit data bag is signed, obtain and each first unit data bag The first corresponding signed data.At least one is carried the first unit data bag of the first signed data and sends to electronics by server Signature device, in order in subsequent operation, electronic signature equipment utilizes the authenticity of public key verifications the first unit data bag of server.

In the another kind of optional embodiment of the present embodiment, electronic signature equipment is sent in the transaction request of server also include: The device identification of electronic signature equipment；Each first unit data bag at least includes: the first unit data, server are single to first The second signed data that the device identification signature of bit data and electronic signature equipment obtains.As the optional embodiment of one, clothes Business device utilizes the private key of self to sign the device identification of the first unit data and electronic signature equipment, obtains and each first unit The second signed data that packet is corresponding.At least one is carried the first unit data bag of the second signed data and sends by server To electronic signature equipment, in order in subsequent operation, electronic signature equipment utilizes public key verifications the first unit data bag of server Correctness.

In the present embodiment, server, can be from this electronic signature equipment pair after receiving the transaction request that electronic signature equipment sends The account answered deducts the dealing money of electronic signature equipment request, and issues the summation of currency denomination for electronic signature equipment and be equal to At least one of dealing money the first unit data bag, receives these the first unit data bags in electronic signature equipment, i.e. supplements with money After success, just can complete off-line transaction with other electronic signature equipment, i.e. need not again just can be to other with server networking Electronic signature equipment transfers accounts (will the first unit data bag be transmitted to other electronic signature equipment).Each first unit data bag institute The currency denomination represented can be the same or different, and is sent to the number of the first unit data bag of electronic signature equipment and each Currency denomination representated by individual first unit data bag can be determined according to dealing money by server, it is also possible to is set by electronic signature Rear notification server is determined, such as, as the optional embodiment of the one in the present embodiment, electronic signature for according to dealing money The transaction request that equipment sends can also be carried kind and the number of the first unit data bag.The former server can be real flexibly Issuing of existing first unit data bag, the latter can meet user to the number of the first unit data bag and the demand of face amount.? In a kind of optional embodiment of the present embodiment, each first unit data bag represents a kind of currency denomination in multiple currency denomination, Such as, the currency denomination representated by the first unit data bag includes: 1 yuan, 2 yuan, 5 yuan, 10 yuan, 20 yuan, 50 yuan and 100 Unit, certainly, if following country has issued new currency denomination or other in addition to making by RMB are regional, national Currency denomination fall within protection scope of the present invention, the present embodiment is only illustrated with RMB face amount.Such as, electricity Transaction request is sent to server by sub-signature device, and wherein, the dealing money that transaction request includes is 10 yuan, and electronic signature sets Standby receive 5 the first unit data bags from server, the currency denomination representated by 5 the first unit data bags be respectively 1 yuan, 1 Unit, 1 yuan, 2 yuan and 5 yuan, the summation of the currency denomination representated by 5 the first unit data bags is 10 yuan, with dealing money Equal.Certainly, when the dealing money that transaction request includes is 10 yuan, electronic signature equipment can also receive 10 from server Individual the first unit data bag representing 1 yuan of currency denomination, or, 2 the first unit data bags representing 5 yuan of currency denominations, Or, 1 the first unit data bag representing 10 yuan of currency denominations.It is to say, the first electron unit monetary data Bao Suodai The currency denomination of table and number can be with flexible combination, it is only necessary to make at least one currency representated by the first unit data bag received The summation of face amount is equal to dealing money, the most only as a example by dealing money is 10 yuan, identical for other amount of money Numerical Principles, The most no longer illustrate.Thus, determine the number of the first unit data bag at server according to dealing money, and each In the case of face amount representated by one unit data bag, server can realize issuing of the first unit data bag, Ke Yiyou flexibly Various combinations；The number of the first unit data bag, and each first units is determined according to dealing money in electronic signature equipment In the case of the face amount representated by bag, can be by the currency face representated by the first unit data bag of the number of request and correspondence Value sends to server, thus can meet user to the number of the first unit data bag and the demand of face amount.

The security of data transmission in the first unit data packet procedures is issued in order to improve server further, a kind of at the present embodiment In optional embodiment, electronic signature equipment can also receive the ciphertext data of at least one the first unit data bag from server, Wherein, at least one first unit data bag is encrypted by server and to obtain by these ciphertext data, and electronic signature equipment is permissible This ciphertext data deciphering obtains the first unit data bag original text, and server and electronic signature equipment can add solution by symmetric key Close or unsymmetrical key encryption and decryption mode realizes the safe transmission of data.As the optional mode of one, server is at least one The cipher mode that individual first unit data bag is encrypted includes: the PKI of server by utilizing electronic signature equipment at least one One unit data bag is encrypted (this mode being asymmetric-key encryption), or, server by utilizing is assisted with electronic signature equipment At least one first unit data bag is encrypted by the symmetric key that business obtains.Electronic signature equipment receive ciphertext data it After, utilize the manner of decryption corresponding with the cipher mode of server ciphertext data to be decrypted, obtain at least one first unit Packet is in plain text, i.e. utilize the private key of electronic signature equipment that this ciphertext data deciphering obtains the first unit data bag (this in plain text Mode for unsymmetrical key deciphering), or, electronic signature equipment utilizes the symmetric key consulting to obtain with server to this ciphertext Data deciphering obtains the first unit data bag in plain text.Thus, it is possible to prevent from the first unit data from wrapping in transmitting procedure being replicated or Distort, improve the security of data transmission.

Step S13, electronic signature equipment receives at least one first unit data bag above-mentioned, by least one first unit above-mentioned Packet is stored in safety chip.

In a kind of optional embodiment of the present embodiment, electronic signature equipment is provided with safety chip, inside this safety chip Have independent processor and memory cell, PKI digital certificate and key, and other characteristics can be stored, data are entered Row encryption and decryption computing, provides the user data encryption and identification safety authentication service, in the present embodiment, the peace of electronic signature equipment In full chip, the first unit data bag of storage can not illegally be read, it is ensured that the Information Security of storage.

In the present embodiment, before step S13, this method of commerce also includes: electronic signature equipment utilizes its safety chip to distribute For storing the memory space of at least one the first unit data bag above-mentioned.Electronic signature equipment in step S13 by above-mentioned at least One the first unit data bag is stored in safety chip, specifically includes: electronic signature equipment is by least one first unit above-mentioned Packet is stored in the memory space of correspondence, and is set to take by the status word of corresponding memory space.Wherein, safe core Sheet is each first unit data bag one memory space of distribution, and a memory space can only store a first unit data bag, And the transaction record of electronic signature equipment also can record each the first unit data bag received from server in a transaction deposit The position of the memory space of storage.It is the most occupied that the status word of memory space is used for identifying this memory space, if by Take, then electronic signature equipment can not store the first unit data bag at this occupied memory space.When safety chip distribution When all memory spaces are the most occupied, electronic signature equipment needs make requests on server update packet or apply for new depositing The operation in storage space, wherein, as the optional embodiment of one, electronic signature equipment can apply for that new memory space is to deposit The first unit data bag that storage is newly received.As the optional embodiment of another kind, electronic signature equipment can also be to server Request updates the first locally stored unit data bag, and such as, electronic signature equipment can be with request server by locally stored N The first unit data bag that individual (N is the positive integer more than 1) represents little face amount replaces with 1 or M (M < N) and represents big First unit data bag of currency denomination stores, as long as the amount of currency of storage is constant, the most just can discharge multiple Memory space, thus save the first unit data bag that memory space is newly received with storage.Additionally, in order to improve further The security of data storage, in the present embodiment, each first unit data bag can also be encrypted by electronic signature equipment Obtain the ciphertext data of each first unit data bag, and each ciphertext data are stored in the memory space of correspondence.Thus, Can ensure that the first unit data bag in the memory space being stored in safety chip can not be guaranteed with this by fraudulent copying or change Store the security of the first unit data bag.

In the present embodiment, in order to be further ensured that the authenticity of the first unit data bag that electronic signature equipment stores, as one Planting optional embodiment, before step S13, this method of commerce also includes: the first signed data is entered by electronic signature equipment Row checking, performs the step being stored in safety chip by least one first unit data bag above-mentioned after being verified.Wherein, First signed data is that the first unit data is signed and obtained by server, therefore, optional implements the present embodiment is a kind of In mode, each first unit data bag at least includes: the first unit data signature is obtained by the first unit data and server The first signed data so that electronic signature equipment can verify the authenticity of the first unit data bag.Optional as one Embodiment, the first signed data is that the first unit data is signed the number of signature obtained by the private key of server by utilizing self According to.Accordingly, electronic signature equipment carries out checking to the first signed data and specifically includes: electronic signature equipment utilizes this server PKI the first signed data is carried out sign test.As a example by server is as bank server, bank server is to the first unit data Carry out HASH computing and obtain the summary message A1 of the first unit data, and utilize the private key of bank server self that this summary is reported The literary composition A1 computing that carries out signing obtains the first signed data, and carries and be issued to electronic signature equipment in the first unit data bag.Electricity Sub-signature device can utilize the PKI of this bank server that the first signed data is carried out sign test, specifically, electronic signature equipment The PKI utilizing bank server carries out computing and obtains operation result A2 the first electronic signature data, and single to first received The first unit data in bit data bag carries out HASH computing and obtains the summary message A3 of the first unit data, by operation result A2 Comparing with summary message A3, if comparison result is consistent, then the first electronic signature data sign test is passed through by electronic signature equipment. Wherein, electronic signature equipment can identify according to the bank certificate sequence number in the first unit data bag and/or the bank of issue and obtain bank PKI, such as, electronic signature equipment can identify according to the bank of issue in the first unit data bag, from to be verified the Bank of issue's server that one signed data is corresponding obtains the bank certificate of this bank, and obtains the public affairs of this bank from bank certificate Key；The most such as, electronic signature equipment can prestore the bank certificate of each bank, demonstrate,proves according to the bank in the first unit data bag Preface number obtains the bank certificate corresponding with the first signed data to be verified from each bank certificate prestored, and from correspondence Bank certificate obtains the PKI of bank.Thus, electronic signature equipment utilizes the PKI of bank to carry in the first unit data bag The first signed data carry out sign test, the authenticity of the first unit data bag can be verified.Foregoing description is only with server as bank Illustrating as a example by server, but the present embodiment is not limited to bank server, other third-party server such as supermarket shopping card stores up Within the detailed description of the invention of value server etc. belongs to protection scope of the present invention.

Further, electronic signature equipment, on the premise of the first unit data bag guaranteeing to receive is true, still wants to confirm clothes again The object that business device sends is this electronic signature equipment the most really, to avoid storing the packet that server is sent out, in step S13 by mistake Before, this method of commerce also includes: the second signed data is verified by electronic signature equipment, performs upper after being verified State the operation that at least one first unit data bag is stored in safety chip.Second signed data is that server is to the first units Obtain according to the device identification signature with electronic signature equipment, therefore, in a kind of optional embodiment of the present embodiment, electronics Signature device is sent in the transaction request of server also include: the device identification of electronic signature equipment；Each first unit data Bag at least includes: the device identification signature of the first unit data and electronic signature equipment is obtained by the first unit data, server Second signed data, so that electronic signature equipment can verify authenticity and the correctness of the first unit data bag.As one Planting optional embodiment, the second signed data is that the private key of server by utilizing server self is to the first unit data and electronics label The device identification of name equipment carries out the signed data obtained of signing, say, that the signature object of each second signed data is every The combination of the device identification of individual first unit data and electronic signature equipment.Accordingly, electronic signature equipment is to the second signed data Carry out checking to specifically include: electronic signature equipment utilizes the PKI of server respectively each second signed data to be carried out sign test.With As a example by server is bank server, bank server utilizes the private key of self to set the first unit data and electronic signature equipment Standby mark carries out signature and obtains the second signed data, and carries and be issued to electronic signature equipment in the first unit data bag.Electronics Signature device can utilize the PKI of this bank server that the second signed data is carried out sign test.Wherein, electronic signature equipment is permissible The bank certificate obtaining this bank is identified according to the bank certificate sequence number in the first unit data bag and/or the bank of issue, and from bank Obtaining the PKI of this bank in certificate, such as, electronic signature equipment can identify according to the bank of issue in the first unit data bag, The PKI of this bank is obtained from bank of issue's server corresponding with the second signed data to be verified；The most such as, electronic signature sets The bank certificate of standby each bank that can prestore, according to the bank certificate sequence number in the first unit data bag from each bank prestored Certificate obtains the bank certificate corresponding with the second signed data to be verified, and from corresponding bank certificate, obtains the public affairs of bank Key.Thus, electronic signature equipment utilizes the PKI of bank that the second signed data carried in the first unit data bag is carried out sign test, It is possible not only to verify the authenticity of the first unit data bag, it is also possible to prove that the first unit data bag strictly bank server issues To this electronic signature equipment, i.e. verify the correctness of the first unit data bag.Foregoing description is only with server as bank server As a example by illustrate, but the present embodiment is not limited to bank server, and other third-party server such as supermarket shopping card Stored Value services Within the detailed description of the invention of device etc. belongs to protection scope of the present invention.

In order to ensure that electronic signature equipment is collected money less, i.e. ensure the total of the first unit data bag that electronic signature equipment receives The amount of money is equal to dealing money, and in a kind of optional embodiment of the present embodiment, after step s 13, this method of commerce also wraps Include: electronic signature equipment is according to the number of at least one the first unit data bag above-mentioned received and each first unit data Currency denomination representated by bag calculates in summation and the transaction request of the currency denomination representated by the first unit data bag received Dealing money is the most consistent, if it is inconsistent, send, to server, the request of repeating transmission；Server receives this repeating transmission request.Such as, Dealing money is 10 yuan, and electronic signature equipment receives 5 the first unit data bags from server, calculates 5 the first units Whether being equal to 10 yuan according to the summation of the currency denomination representated by bag, if less than 10 yuan, then server sends the request of repeating transmission.By This, electronic signature equipment can solve representated by the first unit data bag of receiving by sending, to server, the request of repeating transmission The not enough problem of currency denomination.

In electronic signature equipment after server sends the request of repeating transmission, electronic signature equipment can receive the repeating transmission letter that server returns Breath, the content according to the request of retransmitting is different, and the retransmission of information that server returns also can be different, such as, retransmit in request and can take The device identification of having electronic signature device, transaction record are (such as the numbering of every transaction, accounts information, timestamp, dealing money And the number of the first unit data bag received and representative currency denomination etc., these server sides also can corresponding be remembered Record), in order to a certain transaction that server lookup to this electronic signature equipment is corresponding, all these transactions of repeating transmission corresponding first Unit data bag is to electronic signature equipment, the most such as, retransmits the number that can also carry the first unit data bag received in request (mark of a first unit data bag can be uniquely identified, if server is each first unit data bag configuration according to bag mark Unique mark, or currency sequence number), after server receives these package identifications, can inquire and Lou send out or transmitting procedure In lost which the first unit data bag, the first unit data bag that is that these leakages generated or that lose in transmitting procedure sends to the most electric Sub-signature device.Below the first unit data bag is retransmitted with regard to server illustrative:

Such as, after server receives the request of repeating transmission, this method of commerce also includes: server is asked to electronics label according to repeating transmission Name equipment sends retransmission of information, and wherein, retransmission of information includes at least one first unit data bag；Electronic signature equipment receives weight Photos and sending messages, deletes at least one the first unit data bag being stored in before in safety chip, and storage server is retransmitted again At least one first unit data bag.As the optional embodiment of one, electronic signature equipment is sending repeating transmission to server After request, receive the retransmission of information that server sends according to the request of repeating transmission, wherein, this repeating transmission request at least includes: electronics label The device identification of name equipment and transaction record, retransmission of information includes at least one first unit data bag, i.e. optionally real at this Executing in mode, server has retransmitted, to electronic signature equipment, whole first unit data bags that a transaction is corresponding, at the present embodiment In, server, when being traded with per-unit electronics signature instrument, also can store transaction record corresponding to each transaction (as often The number of the first unit data bag of the numbering of transaction, accounts information, timestamp, dealing money and transmission and representative Currency denomination etc.) and the device identification of electronic signature equipment, can be inquired this according to device identification and transaction record The a certain transaction that electronic signature equipment is corresponding, in this optional embodiment, the electronic signature equipment that server can will inquire First unit data bag of this transaction of request repeat is all retransmitted to electronic signature equipment, to ensure that electronic signature equipment receives The transaction errorless (such as supplementing with money errorless) of the first complete unit data bag, server and electronic signature equipment.

In order to ensure that electronic signature equipment will not repeat to store packet, receive the first of server repeating transmission in electronic signature equipment Before unit data bag, this method of commerce also includes: electronic signature equipment by be stored in before in safety chip at least one One unit data bag is deleted (i.e. in this optional embodiment, owing to server can be by the first unit data Bao Quan of this transaction Portion resends to electronic signature equipment, whole first units of this transaction that electronic signature equipment must will receive before According to bag, i.e. before at least one first unit data bag corresponding to this transaction of being stored in safety chip delete), and again deposit At least one first unit data bag that storage server is retransmitted, wherein, electronic signature equipment is performing above-mentioned deletion the first units After operation according to bag, can be set to vacant by the status word of shared memory space, electronic signature equipment can will connect again The the first unit data bag received stores to the memory space of the distribution of safety chip before, and the state of memory space that will take Word is set to take, and thereby guarantees that electronic signature equipment will not repeat to store the first identical unit data bag, and ensures same depositing Storage space can only store a first unit data bag.

For example, for the transaction of a numbered 1*******, the dealing money in the transaction request of electronic signature equipment is 10 yuan, 5 the first unit data bags representing 2 yuan of currency denominations respectively that electronic signature equipment reception server sends, but by Loss of data in transmitting procedure, electronic signature equipment only receives 4 the first unit datas representing 2 yuan of currency denominations respectively Bag, currency denomination summation is 8 yuan, unequal with dealing money 10 yuan.For this transaction, electronic signature equipment is to server Sending the request of repeating transmission, and receive the retransmission of information that server sends according to the request of repeating transmission, this repeating transmission request includes: electronic signature The device identification of equipment and transaction record, server, can be according to device identification and transaction after receiving this repeating transmission request Record queries is to this transaction corresponding to this electronic signature equipment, and server can be by the electronic signature equipment request repeat that inquires First unit data bag of this transaction all retransmits that to be sent to this of electronic signature equipment to electronic signature equipment, i.e. server heavy Photos and sending messages includes 5 the first unit data bags representing 2 yuan of currency denominations respectively.Electronic signature equipment will be stored in safety before In chip 4 represent the first unit data bag of 2 yuan of currency denominations respectively and delete, and again store 5 of server repeating transmission Represent the first unit data bag of 2 yuan of currency denominations respectively.Thus, needed for electronic signature equipment is not received by a transaction Whole first unit data bag time, server can be by the whole first unit data packet retransmissions needed for this transaction to electronics label Name equipment, so that transaction can smoothly complete.

The most such as, after server receives the request of repeating transmission, this method of commerce also includes: server is asked to electronics according to repeating transmission Signature device sends retransmission of information, and wherein, retransmission of information includes the first unit data bag that electronic signature equipment does not receives.Electricity The the first unit data bag not received is stored in safety chip by sub-signature device.

As the optional embodiment of one, electronic signature equipment after sending, to server, the request of repeating transmission, receive server according to The retransmission of information that the request of repeating transmission sends, wherein, at least includes in this repeating transmission request: the device identification of electronic signature equipment, transaction The package identification of each the first unit data bag recorded and receive, retransmission of information includes that electronic signature equipment does not receives The first unit data bag, i.e. in this optional embodiment, server to electronic signature equipment retransmitted in a transaction leak The first unit data bag that is that send out or that lose in transmitting procedure, can inquire this electronics label according to device identification and transaction record The a certain transaction that name equipment is corresponding, server can will not have in this transaction of this electronic signature equipment request repeat that inquire Those first unit data packet retransmissions corresponding to the package identification that inquires are to electronic signature equipment, to ensure electronic signature equipment Receive the transaction errorless (such as supplementing with money errorless) of the first complete unit data bag, server and electronic signature equipment.With in a upper example Optional embodiment compare, this optional embodiment can reduce the volume of transmitted data of server, is substantially reduced the work of server Make load, improve the operating efficiency that server is retransmitted.

In this optional embodiment, after electronic signature equipment receives the first unit data bag that server is retransmitted, electronics label The the first unit data bag not received before is stored in safety chip by name equipment, i.e. electronic signature equipment will receive again The first unit data bag be stored in before safety chip in the memory space of distribution, and the status word of the memory space taken is put For taking, thereby guarantee that same memory space can only store a first unit data bag.

For example, for the transaction of a numbered 1*******, the dealing money in the transaction request of electronic signature equipment is 5 yuan, electronic signature equipment receives 2 the first unit data bags (abbreviations 2 representing 2 yuan of currency denominations respectively that server sends Metadata bag), and 1 the first unit data bag (being called for short 1 metadata bag) representing 1 yuan of currency denomination, but due to transmission During loss of data, electronic signature equipment only receives 22 metadata bags, and currency denomination summation is 4 yuan, with trade gold Volume 5 yuan is unequal.For this transaction, electronic signature equipment sends, to server, the request of repeating transmission, and receives server according to weight The retransmission of information that the request of sending out sends, also carries the package identification of 22 metadata bags in the request of retransmitting, and server receives After asking to this repeating transmission, all first unit data bags of its correspondence can be inquired for this transaction of this electronic signature equipment, Just it appeared that retransmit the package identification not having 1 metadata bag in request, this 1 metadata packet retransmission can be given electricity by server Sub-signature device, i.e. server are sent to this retransmission of information of electronic signature equipment and include 11 metadata bag.Electronic signature sets Standby 11 metadata bag by server repeating transmission is stored in safety chip.In the present embodiment, electronic signature equipment is to server Can include the package identification of part the first unit data bag being received in the repeating transmission request sent, server is permissible The the first unit data bag needing in retransmission of information to carry is determined according to the package identification in the request of retransmitting.Thus, electronics is worked as When signature device is not received by the whole first unit data bag needed for a transaction, server can be by unreceived part One unit data packet retransmission, to electronic signature equipment, not only reduces the transmission quantity of retransmission data, also ensure that transaction can be smooth Complete.

Below it is all to illustrate as a example by the embodiment of a transaction, in the present embodiment, every in many transactions Transaction can realize in the manner described above.

In the present embodiment, the memory space of electronic signature equipment is limited after all, accordingly, it would be desirable to monitor electronic signature at any time The remaining space of equipment, in order to instant-free memory space, it is to avoid do not have redundant space to cause Fail Transaction in process of exchange Problem.In a kind of optional embodiment of the present embodiment, electronic signature equipment is additionally provided with counter, by this counter The residual memory space of electronic signature equipment can be monitored in real time.Specifically, after step s 13, this method of commerce also includes: Electronic signature equipment utilizes the count value of counter to obtain total number of the first currently stored unit data bag.Specifically, often One transaction Counter all can receive the number of the first unit data bag, after many transactions, counting plus this transaction The count value of device can be accumulated to a numerical value, when this numerical value reaches default value, the memory space of electronic signature equipment has been described Be assigned, there is no a unnecessary memory space, now, electronic signature equipment need to make requests on server update packet or Person applies for the operation (as mentioned above) of new memory space.In the present embodiment, the size of each memory space is identical, Mei Ge The size of one unit data bag is identical, and mates with the size of memory space, and such as, electronic signature equipment gives first unit The size of the memory space of allocation of packets is that the memory space of 2M, this 2M can store a first unit data bag, and one It is 1G that individual safety chip reserves the space of storage the first unit data bag, then, this electronic signature equipment at most can store 512 Individual first unit data bag, i.e. default value can be set to 512.Thus, it is possible to the residue of monitoring electronic signature equipment is empty in real time Between, and discharge unnecessary memory space in time, it is to avoid in process of exchange, there is no the problem that redundant space causes Fail Transaction. Certainly, electronic signature equipment can also utilize the count value of counter to obtain the first of the every kind of currency denomination stored in safety chip Total number of unit data bag.Thus, electronic signature equipment can be according to the goods representated by every kind of first unit data bag of storage Coin face amount and number obtain the sums of money of the first currently stored unit data bag.

In a kind of optional embodiment of the present embodiment, after step s 13, this method of commerce also includes: electronic signature sets For dealing money is counted current account balance, show dealing money and/or current account balance to holding user.Thus, hold The user of electronic signature equipment can inquire about dealing money and current account balance on the equipment of oneself.

The method of commerce of the electronic signature equipment of the present embodiment offer is provided, the fund of user can be stored with the form of packet In the electronic signature equipment of user, and the number of packet is one or more.User is when consumption, because fund is no longer It is stored in electronic signature equipment with the form of numerical value, so electronic signature equipment need not deposit by networking to change with server The numerical value of storage, it is only necessary to the one or more first unit data bags meeting spending amount are sent to beneficiary, thus, electricity Sub-signature device is no longer necessary to rely on server to carry out networking and pays when carrying out electronic transaction with other electronic signature equipment, service Device is no longer necessary to supervise electronic signature equipment, thus realizes off line electronic transaction veritably.

Embodiment 2

The structural representation of a kind of transaction system that Fig. 2 provides for the present embodiment.As in figure 2 it is shown, this system includes: electronics label Name equipment 20 and server 30, wherein:

Electronic signature equipment 20, for sending transaction request to server 30, wherein, transaction request at least includes: trade gold Volume；Server 30, for receiving the transaction request that electronic signature equipment sends, the bank account in electronic signature equipment is deducted and is handed over The easily amount of money, obtains at least one first unit data bag, and sends at least one first unit data bag above-mentioned to electronic signature Equipment 20；Wherein, each first unit data bag represents a kind of currency denomination in multiple currency denomination, above-mentioned at least one The summation of the currency denomination representated by one unit data bag is equal to dealing money；Electronic signature equipment 20, for from server 30 Receive at least one first unit data bag above-mentioned, at least one first unit data bag above-mentioned is stored in safety chip.

In the present embodiment, electronic signature equipment 20 can be the electronic equipment with signature function, such as, has signature function Smart card (mass transit card, bank card, purchase card etc.), the U-shield etc. of industrial and commercial bank.At a kind of optional embodiment of the present embodiment In, electronic signature equipment 20, for sending transaction request to server 30.Specifically, electronic signature equipment 20 can be with External equipment (such as PC or mobile terminal etc.) is set up and is connected, and is sent transaction request to server 30 by this external equipment. Or, electronic signature equipment 20 has wireline interface or wave point, sets up wired connection or wireless connection with server, directly Transaction request is sent to server 30.Wherein, radio connection can include that bluetooth, NFC march into the arena communication and WIFI Etc. mode.Thus, in the present embodiment, transaction request can be sent to server 30 by electronic signature equipment 20 in several ways. As the optional embodiment of one, server 30 includes bank server or third-party server, such as, third-party server It can be the purchase card stored value server in certain market.

Such as, this electronic signature equipment 20 needs to perform the operation supplemented with money, just to server 30 (bank server or market Purchase card stored value server) send the transaction request for supplementing with money, the dealing money carried in this transaction request is electronic signature The amount of money numerical value that equipment 20 request server 30 is supplemented with money, in order to server 30 returns and dealing money to electronic signature equipment 20 (i.e. the summation of the currency denomination of the first unit data bag that server 30 returns is equal to trade gold for the first corresponding unit data bag Volume).

In the present embodiment, server 30, for receiving the transaction request that electronic signature equipment 20 sends, in electronic signature equipment The bank account deduction dealing money of 20 correspondences, obtains at least one first unit data bag, and by least one first list above-mentioned Bit data bag sends to electronic signature equipment 20, and wherein, each first unit data bag represents a kind of goods in multiple currency denomination Coin face amount, the summation of at least one currency denomination representated by the first unit data bag above-mentioned is equal to described dealing money.

In the present embodiment, each first unit data bag represents a kind of currency denomination in multiple currency denomination, say, that goods Coin face amount has multiple, and when electronic signature equipment 20 only receives a first unit data bag from server 30, this is first years old Unit data bag only represents a kind of currency denomination therein.When electronic signature equipment 20 receives multiple first list from server 30 During bit data bag, multiple first unit data bags can represent multiple different currency denomination, such as, the first unit data bag Number is 3, each first unit data bag respectively representative money face amount 1 yuan, 2 yuan and 5 yuan；Or, multiple first Unit data bag can represent identical currency denomination, and such as, the number of the first unit data bag is 3, each first unit Packet equal representative money face amount 1 yuan；Again or, the currency denomination representated by multiple first unit data bags had both included identical The currency denomination also including differing, such as, the number of the first unit data bag is 3, and each first unit data bag divides Other representative money face amount 1 yuan, 1 yuan and 2 yuan.Thus, electronic signature equipment 20 receive from server 30 at least one Currency denomination representated by first unit data bag has combination flexibly.

In a kind of optional embodiment of the present embodiment, at least including the first unit data in the first unit data bag, this is first years old Unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data.Wherein, currency denomination data It is the currency denomination representated by the first unit data bag, identifies the currency denomination representated by the first unit data bag, currency with this The unique serial number of each first unit data bag of serial number, the most different currency sequence numbers in the first unit data bag is different. Thereby, it is possible to ensure the uniqueness of each first unit data bag, in order to recognize the true and false of the first unit data bag.As one Planting optional embodiment, the first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number. Wherein, the bank of issue is designated the identification information of the bank issuing this first unit data bag, thus can inquire about according to this mark To the relevant information of the corresponding bank of issue, and, electronic signature equipment 20 can be according to bank of issue's mark and bank certificate sequence Number obtain the bank certificate of the corresponding bank of issue, bank certificate includes the PKI of the bank of issue, in order in subsequent operation Electronic signature equipment utilizes the PKI of the bank of issue that the signature of the first unit data completes checking.

In a kind of optional embodiment of the present embodiment, the first unit data bag the most also includes: the first unit data and clothes The first signed data that first unit data signature is obtained by business device 30.As the optional embodiment of one, server 30 profit Respectively the first unit data in each first unit data bag is signed with the private key of self, obtain and each first unit The first signed data that packet is corresponding.At least one is carried the first unit data bag of the first signed data and sends out by server 30 Deliver to electronic signature equipment 20, in order in subsequent operation, electronic signature equipment 20 utilizes public key verifications first list of server 30 The authenticity of bit data bag.

In the another kind of optional embodiment of the present embodiment, electronic signature equipment 20 is sent in the transaction request of server 30 Also include: the device identification of electronic signature equipment 20；Each first unit data bag at least includes: the first unit data, service The second signed data that the device identification signature of the first unit data and electronic signature equipment 20 is obtained by device 30.Can as one The embodiment of choosing, server 30 utilizes the private key device identification label to the first unit data and electronic signature equipment 20 of self Name, obtains second signed data corresponding with each first unit data bag.At least one is carried the second signature by server 30 First unit data bag of data sends to electronic signature equipment 20, in order in subsequent operation, electronic signature equipment 20 utilizes clothes The correctness of public key verifications the first unit data bag of business device 30.

In the present embodiment, server 30, can be from this electronic signature after receiving the transaction request that electronic signature equipment 20 sends The account that equipment is corresponding is deducted the dealing money of electronic signature equipment request, and issues the total of currency denomination for electronic signature equipment At least one first unit data bag with equal to dealing money, receives these the first unit data bags in electronic signature equipment 20, I.e. after successful recharging, just can complete off-line transaction with other electronic signature equipment, i.e. need not networks with server 30 more just may be used Transferring accounts to other electronic signature equipment (will the first unit data bag be transmitted to other electronic signature equipment).Each first unit Currency denomination representated by packet can be the same or different, and is sent to the first unit data bag of electronic signature equipment 20 Number and each currency denomination representated by the first unit data bag can be determined according to dealing money by server 30, it is also possible to Rear notification server 30 is determined according to dealing money by electronic signature equipment 20, such as, optional as the one in the present embodiment Embodiment, can also carry kind and the number of the first unit data bag in the transaction request that electronic signature equipment 20 sends. The former can realize issuing of the first unit data bag by server 30 flexibly, and the latter can meet user to the first unit data bag Number and the demand of face amount.In a kind of optional embodiment of the present embodiment, each first unit data bag represents multiple goods A kind of currency denomination in coin face amount, such as, the currency denomination representated by the first unit data bag includes: 1 yuan, 2 yuan, 5 yuan, 10 yuan, 20 yuan, 50 yuan and 100 yuan, certainly, if following country has issued new currency denomination or except making employment Other regional, national currency denominations outside people's coin fall within protection scope of the present invention, only with RMB face in the present embodiment Value is illustrated.Such as, transaction request is sent to server 30 by electronic signature equipment 20, wherein, and transaction request bag The dealing money included is 10 yuan, and electronic signature equipment 20 receives 5 the first unit data bags from server 30, and 5 first single Currency denomination representated by bit data bag is respectively 1 yuan, 1 yuan, 1 yuan, 2 yuan and 5 yuan, 5 the first unit data Bao Suodai The summation of the currency denomination of table is 10 yuan, equal with dealing money.Certainly, the dealing money included when transaction request is 10 yuan Time, electronic signature equipment 20 can also receive 10 the first unit data bags representing 1 yuan of currency denomination from server 30, or Person, 2 the first unit data bags representing 5 yuan of currency denominations, or, 1 the first units representing 10 yuan of currency denominations According to bag.It is to say, the currency denomination representated by the first electron unit monetary data bag can be with flexible combination with number, it is only necessary to make The summation of the currency denomination representated by least one received the first unit data bag is equal to dealing money, the most only to hand over As a example by easily the amount of money is 10 yuan, identical for other amount of money Numerical Principles, the most no longer illustrate.Thus, at server 30 Determine the number of the first unit data bag, and each face amount representated by the first unit data bag according to dealing money in the case of, Server 30 can realize issuing of the first unit data bag flexibly, can have various combination；In electronic signature equipment 20 basis In the case of dealing money determines the number of the first unit data bag, and each face amount representated by the first unit data bag, can So that the currency denomination representated by the number of request and the first unit data bag of correspondence is sent to server 30, thus can expire Foot user is to the number of the first unit data bag and the demand of face amount.

The security of data transmission in the first unit data packet procedures is issued, at the present embodiment one in order to improve server 30 further Plant in optional embodiment, electronic signature equipment 20, it is additionally operable to receive at least one first unit data bag from server 30 Ciphertext data, wherein, at least one first unit data bag above-mentioned is encrypted by server 30 and to obtain by these ciphertext data, Electronic signature equipment 20 can obtain the first unit data bag original text to this ciphertext data deciphering, and server 30 and electronic signature set Standby 20 safe transmission that can realize data by the way of symmetric key encryption and decryption or unsymmetrical key encryption and decryption.Can as one The mode of choosing, the cipher mode that at least one first unit data bag is encrypted by server 30 includes: server 30 utilizes The PKI of electronic signature equipment 20 is encrypted (this mode being asymmetric-key encryption) at least one first unit data bag, Or, server 30 utilizes the symmetric key consulting to obtain with electronic signature equipment 20 to enter at least one first unit data bag Row encryption.Electronic signature equipment 20, after receiving ciphertext data, utilizes the deciphering corresponding with the cipher mode of server 30 Ciphertext data are decrypted by mode, obtain at least one first unit data bag in plain text, i.e. utilize electronic signature equipment 20 Private key obtains the first unit data bag (this is the mode of unsymmetrical key deciphering) in plain text to this ciphertext data deciphering, or, electronics Signature device 20 utilizes the symmetric key consulting to obtain with server 30 that this ciphertext data deciphering is obtained the first unit data Bao Ming Literary composition.It is replicated thus, it is possible to prevent the first unit data from wrapping in transmitting procedure or distorts, improve the security of data transmission.

In the present embodiment, electronic signature equipment 20, for receiving at least one first unit data bag above-mentioned from server 30, At least one first unit data bag above-mentioned is stored in safety chip.

In a kind of optional embodiment of the present embodiment, electronic signature equipment 20 is provided with safety chip, in this safety chip Portion has independent processor and memory cell, can store PKI digital certificate and key, and other characteristics, to data Carry out encryption and decryption computing, provide the user data encryption and identification safety authentication service, in the present embodiment, electronic signature equipment 20 Safety chip in storage the first unit data bag can not illegally be read, it is ensured that the Information Security of storage.

In the present embodiment, electronic signature equipment 20, for being stored in safety chip by least one first unit data bag above-mentioned Before in, its safety chip is utilized to distribute for the memory space storing at least one the first unit data bag above-mentioned.Electronic signature Equipment 20, for being stored in safety chip by least one first unit data bag above-mentioned, specifically includes: electronic signature equipment 20, in the memory space that at least one first unit data bag above-mentioned is stored in correspondence, and by corresponding memory space Status word is set to take.Wherein, safety chip is each first unit data bag one memory space of distribution, a storage sky Between can only store a first unit data bag, and the transaction record of electronic signature equipment 20 also can record in a transaction from clothes The position of the memory space of each the first unit data bag storage that business device 30 receives.The status word of memory space is used for identifying this Memory space is the most occupied, if the most occupied, then electronic signature equipment 20 can not be at this occupied memory space Store the first unit data bag.When all memory spaces of safety chip distribution are the most occupied, electronic signature equipment 20 needs Make requests on server 30 more new data packets or apply for the operation of new memory space, wherein, as the optional embodiment party of one Formula, electronic signature equipment 20 can apply for the first unit data bag that new memory space is newly received with storage.As another kind Optional embodiment, electronic signature equipment 20 can also update the first locally stored unit data bag to server 30 request, Such as, locally stored N number of (N is the positive integer more than 1) can be represented by electronic signature equipment 20 with request server 30 First unit data bag of little face amount replaces with 1 or M (M < N) and represents the first unit data bag of big currency denomination and carry out Storage, as long as the amount of currency of storage is constant, the most just can discharge multiple memory space, thus save memory space The the first unit data bag being newly received with storage.Additionally, for the security improving data storage further, this embodiment party In formula, each first unit data bag can also be encrypted and obtain the close of each first unit data bag by electronic signature equipment 20 Literary composition data, and each ciphertext data are stored in the memory space of correspondence.Thus, it is possible to ensure to be stored in depositing of safety chip The first unit data bag in storage space can not be by fraudulent copying or change, the security guaranteeing to store the first unit data bag with this.

In the present embodiment, in order to be further ensured that the authenticity of the first unit data bag that electronic signature equipment 20 stores, as A kind of optional embodiment, electronic signature equipment 20, it is additionally operable at least one first unit data bag above-mentioned is being stored in peace Before in full chip, the first signed data is verified, perform at least one first unit data above-mentioned after being verified The operation that bag is stored in safety chip.Wherein, the first signed data is that server 30 carries out signature to the first unit data and obtains , therefore, in a kind of optional embodiment of the present embodiment, each first unit data bag at least includes: the first units According to this and the first unit data is signed the first signed data of obtaining by server 30, so that electronic signature equipment 20 is permissible Verify the authenticity of the first unit data bag.As the optional embodiment of one, the first signed data is that server 30 utilizes certainly First unit data is signed the signed data obtained by the private key of body.Accordingly, electronic signature equipment 20 is to the first number of signature Specifically include according to carrying out checking: electronic signature equipment 20, for utilizing the PKI of this server 30 that first signed data is carried out Sign test.As a example by server 30 is as bank server, bank server carries out HASH computing to the first unit data and obtains first The summary message A1 of unit data, and utilize the private key of bank server self this summary message A1 is carried out sign computing obtain First signed data, and carry and be issued to electronic signature equipment 20 in the first unit data bag.Electronic signature equipment 20 is permissible The PKI utilizing this bank server carries out sign test to the first signed data, and specifically, electronic signature equipment 20 utilizes bank service The PKI of device carries out computing and obtains operation result A2 the first electronic signature data, and in the first unit data bag received First unit data carries out HASH computing and obtains the summary message A3 of the first unit data, by operation result A2 and summary message A3 compares, if comparison result is consistent, then the first electronic signature data sign test is passed through by electronic signature equipment 20.Wherein, Electronic signature equipment 20 can identify according to the bank certificate sequence number in the first unit data bag and/or the bank of issue and obtain bank PKI, such as, electronic signature equipment 20 can identify according to the bank of issue in the first unit data bag, from to be verified the Bank of issue's server 30 that one signed data is corresponding obtains the bank certificate of this bank, and obtains this bank from bank certificate PKI；The most such as, electronic signature equipment 20 can prestore the bank certificate of each bank, according to the silver in the first unit data bag Row certificate serial number obtains the bank certificate corresponding with the first signed data to be verified from each bank certificate prestored, and from right The bank certificate answered obtains the PKI of bank.Thus, electronic signature equipment 20 utilizes the PKI of bank to the first unit data bag In the first signed data of carrying carry out sign test, the authenticity of the first unit data bag can be verified.Foregoing description is only with server 30 illustrate for as a example by bank server, but the present embodiment is not limited to bank server, other third-party server such as supermarket Within the detailed description of the invention of purchase card stored value server etc. belongs to protection scope of the present invention.

Further, electronic signature equipment 20, on the premise of the first unit data bag guaranteeing to receive is true, still wants to confirm again The object that server sends is this electronic signature equipment 20 the most really, to avoid storing the packet that server is sent out, electronics label by mistake Name equipment 20, is additionally operable to before being stored in safety chip by least one first unit data bag above-mentioned, to the second number of signature According to verifying, after being verified, perform the operation being stored in safety chip by least one first unit data bag described. Second signed data is that the device identification signature of the first unit data and electronic signature equipment 20 is obtained by server, therefore, In a kind of optional embodiment of the present embodiment, electronic signature equipment 20 is sent in the transaction request of server also include: electronics The device identification of signature device 20；Each first unit data bag at least includes: the first unit data, server are to the first unit The second signed data that the device identification signature of data and electronic signature equipment 20 obtains, so that electronic signature equipment 20 can To verify authenticity and the correctness of the first unit data bag.As the optional embodiment of one, the second signed data is service Device utilizes the private key of server self to sign the device identification of the first unit data and electronic signature equipment 20 label obtained Name data, say, that the signature object of each second signed data is each first unit data and electronic signature equipment 20 The combination of device identification.Accordingly, electronic signature equipment 20 carries out checking to the second signed data and specifically includes: electronic signature sets Standby 20 utilize the PKI of server respectively each second signed data to be carried out sign test.As a example by server is as bank server, silver The private key of row server by utilizing self carries out signature to the device identification of the first unit data and electronic signature equipment 20 and obtains second Signed data, and carry and be issued to electronic signature equipment 20 in the first unit data bag.Electronic signature equipment 20 can utilize The PKI of this bank server carries out sign test to the second signed data.Wherein, electronic signature equipment 20 can be according to the first units Obtain the bank certificate of this bank according to the bank certificate sequence number in bag and/or bank of issue's mark, and from bank certificate, obtain this silver The PKI of row, such as, electronic signature equipment 20 can identify according to the bank of issue in the first unit data bag, from to be verified Bank of issue's server corresponding to the second signed data obtain the PKI of this bank；The most such as, electronic signature equipment 20 can be pre- Deposit the bank certificate of each bank, obtain from each bank certificate prestored according to the bank certificate sequence number in the first unit data bag Take the bank certificate corresponding with the second signed data to be verified, and from corresponding bank certificate, obtain the PKI of bank.Thus, Electronic signature equipment 20 utilizes the PKI of bank that the second signed data carried in the first unit data bag is carried out sign test, not only may be used To verify the authenticity of the first unit data bag, it is also possible to prove that the first unit data bag strictly bank server is handed down to this electricity Sub-signature device 20, i.e. verify the correctness of the first unit data bag.Foregoing description is only as a example by server is as bank server Illustrate, but the present embodiment is not limited to bank server, other third-party server such as supermarket shopping card stored value server etc. Detailed description of the invention belong to protection scope of the present invention within.

In order to ensure that electronic signature equipment 20 is collected money less, i.e. ensure the first unit data that electronic signature equipment 20 receives The total amount of bag, equal to dealing money, in a kind of optional embodiment of the present embodiment, electronic signature equipment 20, is additionally operable to After at least one first unit data bag above-mentioned is stored in safety chip, according at least one first list above-mentioned received Currency denomination representated by the number of bit data bag and each first unit data bag calculates the first unit data bag institute received The summation of the currency denomination represented is the most consistent with the dealing money in transaction request, if it is inconsistent, send to server 30 Retransmit request.Server 30, is used for receiving this repeating transmission request.Such as, dealing money is 10 yuan, electronic signature equipment 20 from Server 30 receives 5 the first unit data bags, and the summation calculating the currency denomination representated by 5 the first unit data bags is No being equal to 10 yuan, if less than 10 yuan, then server 30 sends the request of repeating transmission.Thus, electronic signature equipment 20 can be led to Cross and send, to server 30, the request of repeating transmission, the problem solving the deficiency of the currency denomination representated by the first unit data bag received.

In electronic signature equipment 20 after server 30 sends the request of repeating transmission, electronic signature equipment 20 can receive server 30 The retransmission of information returned, the content according to the request of retransmitting is different, and the retransmission of information that server 30 returns also can be different, such as, weight Send out request can be carried the device identification of electronic signature equipment 20, transaction record (as the numbering of every transaction, accounts information, Timestamp, dealing money and the number of the first unit data bag received and representative currency denomination etc., these clothes Business device 30 side also can corresponding record), in order to server 30 inquires a certain transaction of this electronic signature equipment 20 correspondence, The first unit data bag that all this transaction of repeating transmission is corresponding, to electronic signature equipment 20, the most such as, is retransmitted in request and can also be taken The package identification of the first unit data bag that band receives (can uniquely identify the mark of a first unit data bag, such as clothes Business device 30 is unique mark of each first unit data bag configuration, or currency sequence number), server 30 receives these data After bag mark, can inquire and Lou send out or transmitting procedure lost which the first unit data bag, these leakages are sent out or transmission During lose first unit data bag send to electronic signature equipment 20.Below the first unit data is retransmitted with regard to server 30 Wrap illustrative:

Such as, server 30, for sending retransmission of information according to the request of retransmitting to electronic signature equipment 20, wherein, retransmit letter Breath includes at least one first unit data bag；Electronic signature equipment 20, is used for receiving retransmission of information, will be stored in safety before At least one in chip the first unit data bag is deleted, and at least one first unit data that storage server 30 is retransmitted again Bag.As the optional embodiment of one, electronic signature equipment 20, after sending, to server 30, the request of repeating transmission, signs electronically Equipment 20 receives the retransmission of information that server 30 sends according to the request of repeating transmission, wherein, at least includes: electronics in this repeating transmission request The device identification of signature device 20 and transaction record, retransmission of information includes at least one first unit data bag, i.e. optional at this Embodiment in, server 30 has retransmitted, to electronic signature equipment 20, whole first unit data bags that a transaction is corresponding, In the present embodiment, server 30, when being traded with per-unit electronics signature instrument, also can store the friendship that each transaction is corresponding Easily record (as every transaction numbering, accounts information, timestamp, dealing money and transmission the first unit data bag Several and representative currency denomination etc.) and the device identification of electronic signature equipment 20, according to device identification and transaction note Record can inquire a certain transaction of this electronic signature equipment 20 correspondence, and in this optional embodiment, server 30 can be by First unit data bag of this transaction of electronic signature equipment 20 request repeat inquired all is retransmitted to electronic signature equipment 20, to ensure that electronic signature equipment 20 receives the first complete unit data bag, server 30 and the friendship of electronic signature equipment 20 The most errorless (such as supplementing with money errorless).

In order to ensure that electronic signature equipment 20 will not repeat to store packet, receive server 30 in electronic signature equipment 20 Before the first unit data bag retransmitted, electronic signature equipment 20, for by be stored in before in safety chip at least one the One unit data bag is deleted (i.e. in this optional embodiment, owing to server 30 can be by the first unit data bag of this transaction All resend to electronic signature equipment 20, electronic signature equipment 20 must will receive before whole the of this transaction One unit data bag, i.e. before at least one first unit data bag corresponding to this transaction of being stored in safety chip delete), And at least one first unit data bag that storage server 30 is retransmitted again, wherein, electronic signature equipment 20 is above-mentioned in execution After deleting the operation of the first unit data bag, can be set to vacant by the status word of shared memory space, electronic signature sets Again the first unit data bag received can be stored to the memory space of the distribution of safety chip before by standby 20, and will take The status word of memory space be set to take, thereby guarantee that electronic signature equipment 20 will not repeat to store the first identical units According to bag, and ensure that same memory space can only store a first unit data bag.

For example, for the transaction of a numbered 1*******, the trade gold in the transaction request of electronic signature equipment 20 Volume is 10 yuan, and electronic signature equipment 20 receives 5 the first units representing 2 yuan of currency denominations respectively that server 30 sends According to bag, but due to loss of data in transmitting procedure, electronic signature equipment 20 only receives 4 and represents 2 yuan of currency denominations respectively First unit data bag, currency denomination summation is 8 yuan, unequal with dealing money 10 yuan.For this transaction, electronic signature Equipment 20 sends, to server 30, the request of repeating transmission, and receives the retransmission of information that server 30 sends, this repeating transmission according to the request of repeating transmission Request includes: the device identification of electronic signature equipment 20 and transaction record, server 30 receive this repeating transmission request after, Can inquire this transaction of this electronic signature equipment 20 correspondence according to device identification and transaction record, server 30 can be by First unit data bag of this transaction of electronic signature equipment 20 request repeat inquired all is retransmitted to electronic signature equipment 20, i.e. server 30 is sent to this retransmission of information of electronic signature equipment 20 and includes 5 represent 2 yuan of currency denominations respectively One unit data bag.Electronic signature equipment 20 represents the of 2 yuan of currency denominations respectively by be stored in before in safety chip 4 One unit data bag is deleted, and 5 the first unit datas representing 2 yuan of currency denominations respectively that storage server 30 is retransmitted again Bag.Thus, during whole first unit data bag needed for electronic signature equipment 20 is not received by a transaction, server 30 can be by the whole first unit data packet retransmissions needed for this transaction to electronic signature equipment 20, so that transaction can be smooth Complete.

The most such as, server 30, for sending retransmission of information according to the request of retransmitting to electronic signature equipment 20, wherein, retransmit Information includes the first unit data bag that electronic signature equipment 20 does not receives.Electronic signature equipment 20, for not receiving The first unit data bag be stored in safety chip.

As the optional embodiment of one, electronic signature equipment 20, after sending, to server 30, the request of repeating transmission, signs electronically Equipment 20 receives the retransmission of information that server 30 sends according to the request of repeating transmission, wherein, at least includes: electronics in this repeating transmission request The device identification of signature device 20, transaction record and the package identification of each the first unit data bag received, retransmit letter Breath includes the first unit data bag that electronic signature equipment 20 does not receives, i.e. in this optional embodiment, server 30 The first unit data bag that is that leakage in a transaction is sent out or that lose in transmitting procedure has been retransmitted, according to equipment to electronic signature equipment 20 Mark and transaction record can inquire a certain transaction of this electronic signature equipment 20 correspondence, and server 30 can will inquire This electronic signature equipment 20 request repeat this transaction in those first units corresponding to the package identification that do not inquires Data packet retransmission is to electronic signature equipment 20, to ensure that electronic signature equipment 20 receives the first complete unit data bag, and service Device 30 and the transaction errorless (such as supplementing with money errorless) of electronic signature equipment 20.Compared with the optional embodiment in a upper example, originally may be used Select embodiment can reduce the volume of transmitted data of server 30, be substantially reduced the live load of server 30, improve server 30 operating efficiencies retransmitted.

In this optional embodiment, after electronic signature equipment 20 receives the first unit data bag that server 30 is retransmitted, Electronic signature equipment 20, for being stored in safety chip by the first unit data bag not received before, i.e. electronic signature sets Again the first unit data bag received is stored in the memory space distributed before safety chip by standby 20, and by depositing of taking The status word in storage space is set to take, and thereby guarantees that same memory space can only store a first unit data bag.

For example, for the transaction of a numbered 1*******, the trade gold in the transaction request of electronic signature equipment 20 Volume is 5 yuan, and electronic signature equipment 20 receives 2 the first units representing 2 yuan of currency denominations respectively that server 30 sends According to bag (being called for short 2 metadata bags), and 1 the first unit data bag (being called for short 1 metadata bag) representing 1 yuan of currency denomination, But due to loss of data in transmitting procedure, electronic signature equipment 20 only receives 22 metadata bags, and currency denomination summation is 4 Unit, unequal with dealing money 5 yuan.For this transaction, electronic signature equipment 20 sends, to server 30, the request of repeating transmission, And receive the retransmission of information that server 30 sends according to the request of repeating transmission, the request of retransmitting also carries the number of 22 metadata bags According to bag mark, after server 30 receives this repeating transmission request, this transaction for this electronic signature equipment 20 can inquire All first unit data bags of its correspondence, just it appeared that retransmit the package identification not having 1 metadata bag in request, service This 1 metadata packet retransmission can be sent to electronic signature equipment 20 to electronic signature equipment 20, i.e. server 30 by device 30 This retransmission of information includes 11 metadata bag.11 metadata bag storage that server 30 is retransmitted by electronic signature equipment 20 In safety chip.In the present embodiment, electronic signature equipment 20 can include in the repeating transmission request that server 30 sends The package identification of part the first unit data bag being received, server 30 can be according to the package identification in the request of retransmitting Determine the first unit data bag needing in retransmission of information to carry.Thus, it is not received by a friendship when electronic signature equipment 20 During easily required whole first unit data bag, server 30 can be by unreceived part the first unit data packet retransmission to electronics Signature device 20, not only reduces the transmission quantity of retransmission data, also ensure that transaction can smoothly complete.

Below it is all to illustrate as a example by the embodiment of a transaction, in the present embodiment, every in many transactions Transaction can realize in the manner described above.

In the present embodiment, the memory space of electronic signature equipment 20 is limited after all, accordingly, it would be desirable to monitoring electronics label at any time The remaining space of name equipment 20, in order to instant-free memory space, it is to avoid do not have redundant space to cause transaction in process of exchange Failed problem.In a kind of optional embodiment of the present embodiment, electronic signature equipment 20 is additionally provided with counter, by this Counter can monitor the residual memory space of electronic signature equipment 20 in real time.Specifically, electronic signature equipment 20, it is additionally operable to After being stored in safety chip by least one first unit data bag above-mentioned, the count value of counter is utilized currently to be deposited Total number of the first unit data bag of storage.Specifically, all the can be received plus this transaction at each transaction Counter The number of one unit data bag, after many transactions, the count value of counter can be accumulated to a numerical value, when this numerical value reaches During default value, illustrate that the memory space of electronic signature equipment 20 is assigned, there is no a unnecessary memory space, now, Electronic signature equipment 20 needs make requests on server 30 more new data packets or apply for operation (the as above institute of new memory space State).In the present embodiment, the size of each memory space is identical, and the size of each first unit data bag is identical, and with storage The size coupling in space, such as, electronic signature equipment 20 to the size of the memory space of a first unit data bag distribution is The memory space of 2M, this 2M can store a first unit data bag, and a safety chip reserves storage the first units Space according to bag is 1G, then, this electronic signature equipment 20 at most can store 512 the first unit data bags, the most default Numerical value can be set to 512.Thus, it is possible to monitor in real time the remaining space of electronic signature equipment 20, and discharge in time unnecessary Memory space, it is to avoid do not have the problem that redundant space causes Fail Transaction in process of exchange.Certainly, electronic signature equipment 20, Can be also used for utilizing the count value of counter to obtain the total of the first unit data bag of every kind of currency denomination of storage in safety chip Number.Thus, electronic signature equipment 20 can be according to the currency denomination and individual representated by every kind of first unit data bag of storage Number obtains the sums of money of the first currently stored unit data bag.

In a kind of optional embodiment of the present embodiment, electronic signature equipment 20, it is additionally operable to by least one first list above-mentioned After bit data bag is stored in safety chip, dealing money is counted current account balance, show dealing money to holding user And/or current account balance.Thus, the user holding electronic signature equipment 20 can inquire about dealing money on the equipment of oneself And current account balance.

The transaction system using the present embodiment to provide, can be stored in the electronics label of user by the fund of user with the form of packet In name equipment, and the number of packet is one or more.User is when consumption, because fund is no longer to deposit with the form of numerical value It is stored in electronic signature equipment, so electronic signature equipment need not the numerical value by changing storage with server networking, it is only necessary to The one or more first unit data bags meeting spending amount are sent to beneficiary, thus, electronic signature equipment with Other electronic signature equipment carry out being no longer necessary to rely on server to carry out networking during electronic transaction and pay, and server is no longer necessary to electricity Sub-signature device is supervised, thus realizes off line electronic transaction veritably.

Any process described otherwise above or method describe and are construed as in flow chart or at this, represent include one or The module of code, fragment or the part of the executable instruction of the more steps for realizing specific logical function or process, and The scope of the preferred embodiment of the present invention includes other realization, wherein can not be by order that is shown or that discuss, including root According to involved function by basic mode simultaneously or in the opposite order, performing function, this should be by embodiments of the invention institute Belong to those skilled in the art to be understood.

Should be appreciated that each several part of the present invention can realize by hardware, software, firmware or combinations thereof.In above-mentioned enforcement In mode, multiple steps or method can be with storing the software or firmware that in memory and be performed by suitable instruction execution system Realize.Such as, if realized with hardware, with the most the same, available following technology well known in the art In any one or their combination realize: have and patrol for the discrete of logic gates that data-signal is realized logic function Collect circuit, there is the special IC of suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate Array (FPGA) etc..

Those skilled in the art are appreciated that it is permissible for realizing all or part of step that above-described embodiment method carries Instructing relevant hardware by program to complete, described program can be stored in a kind of computer-readable recording medium, this journey Sequence upon execution, including one or a combination set of the step of embodiment of the method.

Additionally, each functional unit in each embodiment of the present invention can be integrated in a processing module, it is also possible to be each Unit is individually physically present, it is also possible to two or more unit are integrated in a module.Above-mentioned integrated module is the most permissible The form using hardware realizes, it would however also be possible to employ the form of software function module realizes.If described integrated module is with software merit Can the form of module realize and as independent production marketing or when using, it is also possible to be stored in the storage of embodied on computer readable and be situated between In matter.

Storage medium mentioned above can be read-only storage, disk or CD etc..

In the description of this specification, reference term " embodiment ", " some embodiments ", " example ", " concrete example ", Or specific features, structure, material or the feature that the description of " some examples " etc. means to combine this embodiment or example describes comprises In at least one embodiment or example of the present invention.In this manual, the schematic representation to above-mentioned term not necessarily refers to It is identical embodiment or example.And, the specific features of description, structure, material or feature can at any one or Multiple embodiments or example combine in an appropriate manner.

Although above it has been shown and described that embodiments of the invention, it is to be understood that above-described embodiment is exemplary, Being not considered as limiting the invention, those of ordinary skill in the art is in the case of without departing from the principle of the present invention and objective Above-described embodiment can be changed within the scope of the invention, revise, replace and modification.The scope of the present invention is by appended power Profit requires and equivalent limits.

Claims (10)

1. the method for commerce of an electronic signature equipment, it is characterised in that including:

Transaction request is sent to server by electronic signature equipment, and wherein, described transaction request at least includes: dealing money；

Described server receives described transaction request, and the bank account in described electronic signature equipment deducts described dealing money, obtains Take at least one first unit data bag, and at least one first unit data bag described is sent to described electronic signature equipment；

Wherein, each first unit data bag represents a kind of currency denomination in multiple currency denomination, at least one first list described The summation of the currency denomination representated by bit data bag is equal to described dealing money；

Described electronic signature equipment receives at least one first unit data bag described, by least one first unit data bag described It is stored in safety chip.

Method of commerce the most according to claim 1, it is characterised in that

Described each first unit data bag at least includes: the first unit data, described server are to described first unit data label The first signed data that name obtains；

Before at least one first unit data bag described is stored in safety chip by described electronic signature equipment, described method Also include:

Described first signed data is verified by described electronic signature equipment, performs described electronic signature equipment after being verified The step that at least one first unit data bag described is stored in safety chip.

Method of commerce the most according to claim 1, it is characterised in that

Described transaction request also includes: the device identification of described electronic signature equipment；

Described each first unit data bag at least includes: the first unit data, described server to described first unit data and The second signed data that the device identification signature of described electronic signature equipment obtains；

Before at least one first unit data bag described is stored in safety chip by described electronic signature equipment, described method Also include:

Described second signed data is verified by described electronic signature equipment, performs described electronic signature equipment after being verified The step that at least one first unit data bag described is stored in safety chip.

4. according to the method for commerce described in any one of claims 1 to 3, it is characterised in that in described electronic signature equipment by institute Stating after at least one first unit data bag is stored in safety chip, described method also includes:

Described electronic signature equipment is according to the number and described each first of at least one the first unit data bag described received Currency denomination representated by unit data bag calculates the summation of the currency denomination representated by the first unit data bag received with described Dealing money in transaction request is the most consistent, if it is inconsistent, send, to described server, the request of repeating transmission；

Described server receives described repeating transmission and asks.

5. according to the method for commerce described in any one of claim 2 to 4, it is characterised in that

Described first unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data；

Described first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number.

6. a transaction system, it is characterised in that described system includes: electronic signature equipment and server；

Described electronic signature equipment, for sending transaction request to described server, wherein, described transaction request at least includes: Dealing money；

Described server, for receiving the transaction request that described electronic signature equipment sends, in the bank of described electronic signature equipment Account deducts described dealing money, obtains at least one first unit data bag, and by least one first unit data bag described Send to described electronic signature equipment；

Wherein, each first unit data bag represents a kind of currency denomination in multiple currency denomination, at least one first list described The summation of the currency denomination representated by bit data bag is equal to described dealing money；

Described electronic signature equipment, for receiving at least one first unit data bag described from described server, by described at least One the first unit data bag is stored in safety chip.

Transaction system the most according to claim 6, it is characterised in that

Described each first unit data bag at least includes: the first unit data, described server are to described first unit data label The first signed data that name obtains；

Described electronic signature equipment, is additionally operable to before being stored in safety chip by least one first unit data bag described, Described first signed data is verified, performs at least one first unit data bag described is stored in peace after being verified Operation in full chip.

Transaction system the most according to claim 6, it is characterised in that

Described transaction request also includes: the device identification of described electronic signature equipment；

Described each first unit data bag at least includes: the first unit data, described server to described first unit data and The second signed data that the device identification signature of described electronic signature equipment obtains；

Described electronic signature equipment, is additionally operable to before being stored in safety chip by least one first unit data bag described, Described second signed data is verified, performs at least one first unit data bag described is stored in peace after being verified Operation in full chip.

9. according to the transaction system described in any one of claim 6 to 8, it is characterised in that

Described electronic signature equipment, is additionally operable to after being stored in safety chip by least one first unit data bag described, Goods representated by number according at least one the first unit data bag described in receiving and described each first unit data bag Coin face amount calculates summation and the dealing money in described transaction request of the currency denomination representated by the first unit data bag received The most consistent, if it is inconsistent, send, to described server, the request of repeating transmission；

Described server, is used for receiving described repeating transmission and asks.

10. according to the transaction system described in any one of claim 7 to 9, it is characterised in that

Described first unit data at least includes: currency denomination data, or, currency sequence number and currency denomination data；

Described first unit data bag the most also includes one below: the bank of issue identifies and bank certificate sequence number.