CN110955921A - Electronic signature method, device, equipment and storage medium - Google Patents

Electronic signature method, device, equipment and storage medium Download PDF

Info

Publication number
CN110955921A
CN110955921A CN201911249228.3A CN201911249228A CN110955921A CN 110955921 A CN110955921 A CN 110955921A CN 201911249228 A CN201911249228 A CN 201911249228A CN 110955921 A CN110955921 A CN 110955921A
Authority
CN
China
Prior art keywords
signature
file
electronic signature
hash value
signed
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911249228.3A
Other languages
Chinese (zh)
Inventor
王春华
叶璐
俞新华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Group Jiangsu Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Group Jiangsu Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Group Jiangsu Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN201911249228.3A priority Critical patent/CN110955921A/en
Publication of CN110955921A publication Critical patent/CN110955921A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Strategic Management (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Human Resources & Organizations (AREA)
  • Physics & Mathematics (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Data Mining & Analysis (AREA)
  • Economics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Bioethics (AREA)
  • Marketing (AREA)
  • Operations Research (AREA)
  • Quality & Reliability (AREA)
  • Tourism & Hospitality (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an electronic signature method, device, equipment and storage medium. The method comprises the following steps: receiving an electronic signature request for a file to be signed sent by a Subscriber Identity Module (SIM) card, wherein the SIM card is installed on a terminal; responding to the electronic signature request, acquiring a file to be signed, calculating a first hash value of the file to be signed, and sending the first hash value to the SIM card; receiving a signature value generated based on the first hash value and sent by the SIM card, and verifying the signature value; and if the verification is passed, performing electronic signature processing on the file to be signed, generating the file subjected to electronic signature, and sending the file subjected to electronic signature to the SIM card. According to the embodiment of the invention, the safety of the electronic signature can be improved, the cost can be reduced, and the user experience can be improved.

Description

Electronic signature method, device, equipment and storage medium
Technical Field
The invention belongs to the technical field of digital signatures, and particularly relates to an electronic signature method, device, equipment and storage medium.
Background
With the application of information technology and computer networks in various fields of society, electronic collaborative office application is becoming more and more extensive, and the advantages of high efficiency and resource saving are increasingly highlighted.
In electronic cooperative work, how to ensure the integrity and confidentiality of electronic documents, the identity of document senders and the anti-repudiation of signers becomes a problem to be solved urgently.
Disclosure of Invention
Embodiments of the present invention provide an electronic signature method, apparatus, device, and computer storage medium, which can perform electronic signature on a file through a Subscriber Identity Module (SIM) mobile signature and a remote collaborative signature, thereby solving the security problem of electronic signature and the user experience problem.
In a first aspect, an embodiment of the present invention provides an electronic signature method, where the method includes: receiving an electronic signature request for a file to be signed sent by a Subscriber Identity Module (SIM) card, wherein the SIM card is installed on a terminal; responding to the electronic signature request, acquiring a file to be signed, calculating a first hash value of the file to be signed, and sending the first hash value to the SIM card; receiving a signature value generated based on the first hash value and sent by the SIM card, and verifying the signature value; and if the verification is passed, performing electronic signature processing on the file to be signed, generating the file subjected to electronic signature, and sending the file subjected to electronic signature to the SIM card.
In one possible implementation, the signature value is decrypted to obtain a second hash value; and verifying whether the first hash value is consistent with the second hash value, and if so, passing the verification. Through the operation at the terminal, can accomplish visual electron signature, need not additionally to install special customer end signature software, also need not to carry intelligent password key, the security is good, convenient to use, user experience are good.
In one possible implementation, whether the terminal has open use authorization for the electronic seal is verified, and if so, electronic signature processing is performed on the file to be signed.
In one possible implementation, the first hash value is sent to the SIM card through the gateway.
In one possible implementation, the signature value generated based on the first hash value sent by the SIM card is received via the gateway.
In a second aspect, an embodiment of the present invention provides an electronic signature method, where the method includes: the SIM card sends an electronic signature request for a file to be signed to a server; receiving a first hash value of a file to be signed, which is sent by a server and generated based on the file to be signed; generating a signature value based on the first hash value, and sending the signature value to the server, wherein the signature value is used for verifying the security of the first hash value by the server; and if the signature value passes the verification at the server, receiving the file after the electronic signature sent by the server.
In one possible implementation, a personal identification number PIN code of a SIM card input by a user is received; verifying whether a PIN (Personal Identification Number) is consistent with a preset PIN; and if the first hash value is consistent with the second hash value, digitally signing the first hash value through a user certificate and/or a private key stored in the SIM card security chip to obtain a signature value. The signature key is safely stored in an encryption chip of the SIM card, and the safety is guaranteed.
In a third aspect, an embodiment of the present invention provides a processing apparatus, where the apparatus includes:
the signature file processing module is used for receiving an electronic signature request for a file to be signed, which is sent by a Subscriber Identity Module (SIM) card, wherein the SIM card is installed on a terminal, responds to the electronic signature request, acquires the file to be signed, calculates a first hash value of the file to be signed, and sends the first hash value to the SIM card;
the SIM card mobile signature module is used for receiving a signature value which is sent by the SIM card and generated based on the first Hash value, and verifying the signature value;
and the signature management module is used for performing electronic signature processing on the file to be signed if the verification is passed, generating a file subjected to electronic signature, and sending the file subjected to electronic signature to the SIM card.
In a fourth aspect, an embodiment of the present invention provides a processing apparatus, where the apparatus includes:
the electronic signature request module is used for sending an electronic signature request for the file to be signed to the server side by the SIM card;
the digital signature module is used for receiving a first hash value of the file to be signed, which is sent by the server and generated based on the file to be signed, generating a signature value based on the first hash value, and sending the signature value to the server, wherein the signature value is used for verifying the safety of the first hash value by the server;
and the signature file acquisition module is used for receiving the electronically signed file sent by the server if the signature value passes the verification of the server.
In a fifth aspect, an embodiment of the present invention provides a computing device, where the device includes: a processor and a memory storing computer program instructions; the computer program instructions may be provided to a processor to implement a computing method of the first aspect or any possible implementation of the first aspect, or to a processor to implement a computing method of the second aspect or any possible implementation of the second aspect, when the computer program instructions are executed by the processor.
In a sixth aspect, an embodiment of the present invention provides a computer storage medium, on which computer program instructions are stored, and the computer program instructions, when executed by a processor, implement the processing method according to the first aspect or any one of the possible implementations of the first aspect, or the computer program instructions, when executed by the processor, implement the processing method according to the second aspect or any one of the possible implementations of the second aspect.
According to the electronic signature method, the electronic signature device, the electronic signature equipment and the computer storage medium, the signature key safely stored in the encryption chip of the SIM card is adopted, the SIM card mobile signature technology and the remote cooperative signature technology are adopted, the electronic signature operation is carried out on the file, the safety is guaranteed, and therefore the user terminal does not need to install special electronic signature software and carry extra password equipment, the cost can be reduced, and the user experience can be improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required to be used in the embodiments of the present invention will be briefly described below, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a schematic flow chart of an electronic signature method according to an embodiment of the present invention;
FIG. 2 is a flow chart of another electronic signature method according to an embodiment of the present invention;
FIG. 3 is a diagram illustrating a logic structure of an electronic signature method according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of an electronic signature implementation process provided by an embodiment of the present invention;
FIG. 5 is a schematic structural diagram of a processing apparatus according to an embodiment of the present invention;
FIG. 6 is a schematic structural diagram of another processing apparatus provided in an embodiment of the present invention;
fig. 7 is a schematic diagram of an exemplary hardware architecture provided by an embodiment of the present invention.
Detailed Description
Features and exemplary embodiments of various aspects of the present invention will be described in detail below, and in order to make objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not to be construed as limiting the invention. It will be apparent to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present invention by illustrating examples of the present invention.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
In order to improve the security of electronic signature and enhance user experience, an embodiment of the present invention provides an electronic signature method, which is applied to an electronic signature server.
Fig. 1 is a schematic flow chart of an electronic signature method according to an embodiment of the present invention, which is applied to an electronic signature server, and the method includes:
s101, receiving an electronic signature request for a file to be signed sent by a Subscriber Identity Module (SIM) card, wherein the SIM card is installed on a terminal; and responding to the electronic signature request, acquiring the file to be signed, calculating a first hash value of the file to be signed, and sending the first hash value to the SIM card.
The electronic signature service side receives an electronic signature request sent by the SIM card for a file to be signed, searches the file to be signed according to the electronic signature request, analyzes the file to be signed according to a Portable Document Format (PDF) file structure after finding the file to be signed, calculates a first hash value of the file to be signed, then returns the first hash value of the file to be signed to the terminal, and sends a request for digitally signing the first hash value of the file to be signed to the SIM card.
And sending the first hash value to the SIM card through the gateway, and sending the first hash value to the SIM card of the user mobile phone through the data short message gateway by the electronic signature service end, namely sending the data to be signed to the SIM card of the user mobile phone in a data short message mode.
S102, receiving a signature value generated based on the first hash value and sent by the SIM card, and verifying the signature value.
The electronic signature service end receives the signature value sent by the SIM card and carries out decryption operation on the signature value to obtain a second hash value; and verifying whether the first hash value of the file to be signed is consistent with the second hash value obtained by carrying out decryption operation on the signature value, and if so, passing the verification so as to carry out subsequent signature operation.
And the electronic signature service end receives a signature value generated based on the first hash value and sent by the SIM card through the gateway, and the electronic signature service end receives the signature value returned by the SIM card through the data short message gateway.
S103, if the verification is passed, performing electronic signature processing on the file to be signed, generating a file subjected to electronic signature, and sending the file subjected to electronic signature to the SIM card.
And verifying whether the terminal is authorized for opening the electronic seal, and if so, performing electronic signature processing on the file to be signed. Verifying the use authority of the user on the electronic seal, and ensuring that the user can legally use the electronic seal to perform electronic signature processing on a file to be signed; and carrying out electronic signature processing on the file to be signed to generate a visual electronic signature file. And returning the visual electronic signature file, namely the file after the electronic signature, to the SIM card. The user can use the terminal of oneself to accomplish visual electron and sign a seal, need not additionally to install special customer end signing and sealing software, also need not to carry intelligent password key, and the security is good, convenient to use, user experience are good.
Fig. 2 is a schematic flow chart of another electronic signature method according to an embodiment of the present invention, which is applied to a terminal, and the method includes:
s201, the SIM card sends an electronic signature request for the file to be signed to the server. And the user requests the electronic signature server to perform electronic signature processing on the file to be signed through the SIM card.
S202, receiving a first hash value of the file to be signed, which is sent by the server and generated based on the file to be signed; generating a signature value based on the first hash value, and sending the signature value to the server, wherein the signature value is used for verifying the security of the first hash value by the server; and if the signature value passes the verification at the server, receiving the file after the electronic signature sent by the server.
Receiving a Personal Identification Number (PIN) of a Subscriber Identity Module (SIM) card input by a user; verifying whether the PIN code is consistent with a preset PIN code; and if the first hash value is consistent with the second hash value, digitally signing the first hash value through a user certificate and/or a private key stored in the SIM card security chip to obtain a signature value. The signature key is safely stored in an encryption chip of the SIM card, and the safety is guaranteed.
In one embodiment, after receiving a data short message containing a first hash value, an SIM card of a user terminal automatically calls a user certificate and a private key stored in a security chip of the SIM card to digitally sign the first hash value, and after the user inputs a correct PIN code corresponding to the SIM card, the user completes the digital signature operation on the first hash value to obtain a signature value. No extra password equipment is required to be invested, and the cost is relatively low.
The terminal sends the signature value to the electronic signature server, and the electronic signature server verifies the security of the signature value.
And S203, if the signature value passes the verification at the server, receiving the file after the electronic signature sent by the server.
If the security of the signature value passes the verification at the electronic signature service end, the terminal receives the file after the electronic signature sent by the electronic signature service end.
The electronic signature method provided by the invention adopts an SIM card mobile signature technology and a remote cooperative signature technology, calculates the hash value of a file to be signed by an electronic signature system, and sends the hash value to a user SIM card through a data short message gateway; the user SIM card uses the user certificate and the private key which are safely stored in the safety chip of the user SIM card to carry out data signature processing on the hash value and transmits the signature value back to the electronic signature system through the data short message gateway; after the electronic signature system verifies the signature, the electronic signature operation is carried out on the file, and the signature key has high security level, low cost and good user experience.
The SIM card mobile signature technology, the business system sends the data to be signed to the SIM card of the user terminal by way of data short message, the SIM card automatically uses the user certificate/private key stored safely on the encryption chip to perform digital signature operation on the data to be signed, and returns the signature value to the business system by way of data short message, the business system includes: an electronic signature system.
The remote collaborative signing technology divides the electronic signing process into two parts of user signature and electronic signing document synthesis according to the pdf file electronic signing implementation principle; the user signature part can reuse the existing safe, mature and efficient digital signature realization system or scheme, the electronic signature file synthesis function is completed by the electronic signature system, and the whole complete electronic signature realization process needs the cooperation of the user signature system and the electronic signature system.
In an embodiment, fig. 3 is a logic architecture diagram of an electronic signature method according to an embodiment of the present invention, including:
the SIM card is used for carrying out digital signature operation on the received data to be signed by using a user certificate or a private key stored in a security chip of the SIM card to obtain a signature value of the data to be signed and transmitting the signature value back to the electronic signature system through a data short message gateway. The SIM card is installed on a mobile phone of a user, and a security chip is arranged in the SIM card to ensure the storage and operation security of a private key of the user.
And the electronic signature system is used for receiving an electronic signature request of a user, performing visual electronic signature processing on the file and generating a legal and credible visual electronic signature file. The method comprises the following steps: signature file processing module, electronic seal management module and SIM card mobile signature module.
And the signature file processing module is used for analyzing the file to be signed according to the PDF file structure, calculating the hash value of the file to be signed, and performing electronic signature processing on the file to be signed to generate a visual electronic signature file.
And the electronic seal management module is used for managing the electronic seal and the use permission of the user and ensuring that the user can legally use the electronic seal to carry out electronic signature processing on the file.
And the SIM card mobile signature module is used for carrying out signature operation on the file to be signed by adopting the SIM card mobile signature technology to obtain a signature value corresponding to the file to be signed.
And the data short message gateway is used for transmitting data short message information and is responsible for sending the hash value of the file to be signed to the SIM card and returning the digital signature value obtained after the hash value of the file to be signed by the user is digitally signed to the electronic signature system.
The invention comprehensively applies digital signature technology, data short message technology, SIM card mobile signature technology and the like, and innovatively realizes a safe, reliable and efficient file visualization electronic signature method.
In an embodiment, fig. 4 is a schematic view illustrating an implementation flow of an electronic signature provided in an embodiment of the present invention, including:
s1, the user sends a request to the signature file processing module of the electronic signature system to instruct the electronic signature processing of the file to be signed.
S2, the signature file processing module of the electronic signature system searches for the file to be signed and calculates the first hash value of the file to be signed.
S3, the signature file processing module of the electronic signature system sends a request for digital signature of the file to be signed to the SIM card mobile signature module of the electronic signature system.
S4, the SIM card mobile signature module of the electronic signature system requests the data short message gateway to send the first hash value.
S5, the data short message gateway sends the data short message containing the first hash value to the SIM card of the user terminal.
S6, the user terminal receives the data short message containing the first hash value through the SIM card, and automatically calls the user certificate and the private key stored in the security chip to perform digital signature processing on the first hash value.
S7, the user inputs the PIN code at the terminal.
And S8, verifying whether the PIN code input by the user at the terminal is correct, and finishing digital signature processing of the first hash value after verifying that the PIN code is correct to obtain a signature value.
And S9, the user terminal sends the data short message containing the signature value to the data short message gateway through the SIM card.
S10, the data short message gateway transmits back the data short message containing the signature value to the SIM card mobile signature module of the electronic signature system.
S11, the security of the signature value verified by the SIM card mobile signature module of the electronic signature system specifically includes: carrying out decryption operation on the signature value to obtain a second hash value; and verifying whether the first hash value of the file to be signed is consistent with the second hash value obtained by carrying out decryption operation on the signature value, and if so, passing the verification.
And S12, after the verification is passed, returning the signature value to the signature file processing module of the electronic signature system.
S13, the signature file processing module of the electronic signature system sends the request of obtaining the electronic seal to the seal management module of the electronic signature system.
S14, the seal management module of the electronic signature system verifies the use authority of the electronic seal.
And S15, returning the electronic seal to the signature file processing module of the electronic signature system after the verification is passed.
S16, the signature file processing module of the electronic signature system carries out electronic signature processing on the file to be signed, and generates a visual electronic signature file.
And S17, storing the generated visual electronic signature file.
And S18, returning the signature processing result and the visual signature file to the user terminal.
S19, the user terminal checks the signature processing result and the visual signature file.
The invention adopts the SIM card mobile signature technology and the remote cooperative signature technology to carry out electronic signature operation on the file, the signature key is safely stored in the encryption chip of the SIM card, the safety is guaranteed, and the problem of safe storage of the signature key can be effectively solved; the file electronic signature process is completed by the cooperation of the user mobile phone/SIM card and the service terminal electronic signature system, the client terminal does not need to install special electronic signature software, the user does not need to carry extra password equipment, the service terminal does not need to invest special password equipment, the cost is reduced, and the user experience is improved.
Fig. 5 is a schematic structural diagram of a processing apparatus according to an embodiment of the present invention, where the processing apparatus includes:
the signature file processing module 510 is configured to receive an electronic signature request for a file to be signed, which is sent by a subscriber identity module SIM card, where the SIM card is installed on a terminal, and in response to the electronic signature request, obtains the file to be signed, calculates a first hash value of the file to be signed, and sends the first hash value to the SIM card.
In one embodiment, the SIM card mobile signature module 510 in this embodiment of the present invention is further configured to send the first hash value to the SIM card through the gateway.
And the SIM card mobile signature module 520 is configured to receive a signature value generated based on the first hash value and sent by the SIM card, and verify the signature value.
In an embodiment, the SIM card mobile signature module 520 in the embodiment of the present invention is further configured to perform a decryption operation on the signature value to obtain a second hash value; and verifying whether the first hash value is consistent with the second hash value, and if so, passing the verification.
In one embodiment, the SIM card mobile signature module 520 in this embodiment of the present invention is further configured to receive a signature value generated based on the first hash value and sent by the SIM card through the gateway.
And the signature management module 530 is configured to, if the verification passes, perform electronic signature processing on the file to be signed, generate an electronically signed file, and send the electronically signed file to the SIM card.
In an embodiment, the signature management module 530 in the embodiment of the present invention is further configured to verify whether the terminal opens an authorization to use the electronic seal, and if so, perform electronic signature processing on the file to be signed.
Each module of the processing apparatus provided in this embodiment may implement the method in fig. 1, and implement the technical effect of the method in fig. 1, and for brevity, will not be described again here.
Fig. 6 is a schematic structural diagram of another processing apparatus provided in an embodiment of the present invention, where the processing apparatus includes:
and the electronic signature request module 610 is used for sending an electronic signature request for the file to be signed to the server side by the SIM card.
The digital signature module 620 is configured to receive a first hash value of a to-be-signed file generated based on the to-be-signed file and sent by a server, generate a signature value based on the first hash value, and send the signature value to the server, where the signature value is used for verifying the security of the first hash value by the server; and if the signature value passes the verification at the server, receiving the file after the electronic signature sent by the server.
In one embodiment, the digital signature module 620 in the embodiment of the present invention is further configured to receive a personal identification number PIN code of the SIM card input by the user; verifying whether the PIN code is consistent with a preset PIN code; and if the first hash value is consistent with the second hash value, digitally signing the first hash value through a user certificate and/or a private key stored in the SIM card security chip to obtain a signature value. The signature key is safely stored in an encryption chip of the SIM card, the safety is guaranteed, no additional password equipment is required to be invested, and the cost is relatively low.
The terminal sends the signature value to the electronic signature server, and the electronic signature server verifies the security of the signature value.
And a signature file obtaining module 630, configured to receive the electronically signed file sent by the server if the signature value passes verification at the server.
Each module of the processing apparatus provided in this embodiment may implement the method in fig. 1, and implement the technical effect of the method in fig. 1, and for brevity, will not be described again here.
Fig. 7 is a schematic diagram illustrating a hardware structure of an electronic signature method according to an embodiment of the present invention.
The processing device may include a processor 701 and a memory 702 storing computer program instructions.
Specifically, the processor 701 may include a Central Processing Unit (CPU), an Application Specific Integrated Circuit (ASIC), or one or more Integrated circuits configured to implement the embodiments of the present invention.
Memory 702 may include a mass storage for data or instructions. By way of example, and not limitation, memory 702 may include a Hard Disk Drive (HDD), a floppy Disk Drive, flash memory, an optical Disk, a magneto-optical Disk, tape, or a Universal Serial Bus (USB) Drive or a combination of two or more of these. Memory 702 may include removable or non-removable (or fixed) media, where appropriate. The memory 702 may be internal or external to the integrated gateway disaster recovery device, where appropriate. In a particular embodiment, the memory 702 is non-volatile solid-state memory. In a particular embodiment, the memory 702 includes Read Only Memory (ROM). Where appropriate, the ROM may be mask-programmed ROM, Programmable ROM (PROM), Erasable PROM (EPROM), Electrically Erasable PROM (EEPROM), electrically rewritable ROM (EAROM), or flash memory or a combination of two or more of these.
The processor 701 may implement any one of the processing methods shown in fig. 1, 2, and 4 by reading and executing computer program instructions stored in the memory 702.
In one example, the processing device may also include a communication interface 703 and a bus 710. As shown in fig. 5, the processor 701, the memory 702, and the communication interface 703 are connected by a bus 710 to complete mutual communication.
The communication interface 703 is mainly used for implementing communication between modules, apparatuses, units and/or devices in the embodiment of the present invention.
The bus 710 includes hardware, software, or both to couple the components of the electronic signature device to each other. By way of example, and not limitation, a bus may include an Accelerated Graphics Port (AGP) or other graphics bus, an Enhanced Industry Standard Architecture (EISA) bus, a Front Side Bus (FSB), a Hypertransport (HT) interconnect, an Industry Standard Architecture (ISA) bus, an infiniband interconnect, a Low Pin Count (LPC) bus, a memory bus, a Micro Channel Architecture (MCA) bus, a Peripheral Component Interconnect (PCI) bus, a PCI-Express (PCI-X) bus, a Serial Advanced Technology Attachment (SATA) bus, a video electronics standards association local (VLB) bus, or other suitable bus or a combination of two or more of these. Bus 710 may include one or more buses, where appropriate. Although specific buses have been described and shown in the embodiments of the invention, any suitable buses or interconnects are contemplated by the invention.
The processing device may execute the electronic signature method in the embodiment of the present invention, thereby implementing the electronic signature method and apparatus described in conjunction with fig. 1 and 4.
In addition, in combination with the electronic signature method in the foregoing embodiments, the embodiments of the present invention may provide a computer storage medium to implement. The computer storage medium having computer program instructions stored thereon; the computer program instructions, when executed by a processor, implement any of the electronic signature methods of the above embodiments.
It is to be understood that the invention is not limited to the specific arrangements and instrumentality described above and shown in the drawings. A detailed description of known methods is omitted herein for the sake of brevity. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present invention are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications and additions or change the order between the steps after comprehending the spirit of the present invention.
The functional blocks shown in the above-described structural block diagrams can be implemented in software, and the elements of the present invention are programs or code segments used to perform desired tasks. The program or code segments may be stored in a machine-readable medium or transmitted by a data signal carried in a carrier wave over a transmission medium or a communication link. A "machine-readable medium" may include any medium that can store or transfer information. Examples of a machine-readable medium include electronic circuits, semiconductor memory devices, ROM, flash memory, Erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, Radio Frequency (RF) links, and so forth. The code segments may be downloaded via computer networks such as the internet, intranet, etc.
It should also be noted that the exemplary embodiments mentioned in this patent describe some methods or systems based on a series of steps or devices. However, the present invention is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be performed in an order different from the order in the embodiments, or may be performed simultaneously.
As described above, only the specific embodiments of the present invention are provided, and it can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the system, the module and the unit described above may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again. It should be understood that the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present invention, and these modifications or substitutions should be covered within the scope of the present invention.

Claims (11)

1. An electronic signature method is applied to an electronic signature server, and the method comprises the following steps:
receiving an electronic signature request for a file to be signed sent by a Subscriber Identity Module (SIM) card, wherein the SIM card is installed on a terminal;
responding to the electronic signature request, acquiring the file to be signed, calculating a first hash value of the file to be signed, and sending the first hash value to the SIM card;
receiving a signature value which is sent by an SIM card and generated based on the first hash value, and verifying the signature value;
and if the verification is passed, carrying out electronic signature processing on the file to be signed, generating a file subjected to electronic signature, and sending the file subjected to electronic signature to the SIM card.
2. The method of claim 1, wherein the verifying the signature value comprises:
carrying out decryption operation on the signature value to obtain a second hash value;
and verifying whether the first hash value is consistent with the second hash value, and if so, passing the verification.
3. The method according to claim 1, before performing electronic signature processing on the file to be signed, further comprising:
and verifying whether the terminal is authorized for opening the electronic seal, and if so, performing electronic signature processing on the file to be signed.
4. The method of claim 1, wherein sending the first hash value to the SIM card comprises:
and sending the first hash value to the SIM card through a gateway.
5. The method of claim 1, wherein receiving a signature value sent by a SIM card and generated based on the first hash value comprises:
and receiving the signature value generated based on the first hash value and sent by the SIM card through the gateway.
6. An electronic signature method is applied to a terminal, the terminal comprises a SIM card, and the method comprises the following steps:
the SIM card sends an electronic signature request for a file to be signed to a server;
receiving a first hash value of the file to be signed, which is sent by the server and generated based on the file to be signed;
generating a signature value based on the first hash value, and sending the signature value to the server, wherein the signature value is used for verifying the security of the first hash value by the server;
and if the signature value passes the verification at the server, receiving the file after the electronic signature sent by the server.
7. The method of claim 6, wherein generating the signature value based on the first hash value comprises: receiving a Personal Identification Number (PIN) of a Subscriber Identity Module (SIM) card input by a user;
verifying whether the PIN code is consistent with a preset PIN code;
and if the first hash value is consistent with the second hash value, digitally signing the first hash value through a user certificate and/or a private key stored in the SIM card security chip to obtain the signature value.
8. An electronic signature server, comprising:
the signature file processing module is used for receiving an electronic signature request for a file to be signed, which is sent by a Subscriber Identity Module (SIM) card, wherein the SIM card is installed on a terminal, responding to the electronic signature request, acquiring the file to be signed, calculating a first hash value of the file to be signed, and sending the first hash value to the SIM card;
the SIM card mobile signature module is used for receiving a signature value which is sent by the SIM card and generated based on the first hash value, and verifying the signature value;
and the signature management module is used for carrying out electronic signature processing on the file to be signed if the verification is passed, generating a file subjected to electronic signature, and sending the file subjected to electronic signature to the SIM card.
9. A terminal, the terminal comprising a SIM card, comprising:
the electronic signature request module is used for sending an electronic signature request for a file to be signed to a server side by the SIM card;
the digital signature module is used for receiving a first hash value of the file to be signed, which is sent by the server and generated based on the file to be signed, generating a signature value based on the first hash value, and sending the signature value to the server, wherein the signature value is used for verifying the security of the first hash value by the server;
and the signature file acquisition module is used for receiving the electronically signed file sent by the server if the signature value passes the verification of the server.
10. A computing device, the device comprising: a processor and a memory storing computer program instructions;
the processor, when executing the computer program instructions, implements the electronic signature method of any one of claims 1-5, or the processor, when executing the computer program instructions, implements the electronic signature method of claim 6 or 7.
11. A computer storage medium having stored thereon computer program instructions which, when executed by a processor, implement the electronic signature method of any one of claims 1 to 5 or which, when executed by a processor, implement the electronic signature method of claim 6 or 7.
CN201911249228.3A 2019-12-09 2019-12-09 Electronic signature method, device, equipment and storage medium Pending CN110955921A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911249228.3A CN110955921A (en) 2019-12-09 2019-12-09 Electronic signature method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911249228.3A CN110955921A (en) 2019-12-09 2019-12-09 Electronic signature method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN110955921A true CN110955921A (en) 2020-04-03

Family

ID=69980334

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911249228.3A Pending CN110955921A (en) 2019-12-09 2019-12-09 Electronic signature method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110955921A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111859431A (en) * 2020-07-24 2020-10-30 招商局通商融资租赁有限公司 Electronic file signature method and device, electronic equipment and storage medium
CN113890738A (en) * 2020-07-03 2022-01-04 中移互联网有限公司 Electronic signature method and device
CN114066339A (en) * 2020-08-04 2022-02-18 ***通信集团终端有限公司 Goods signing method, device, equipment and storage medium
CN114710265A (en) * 2022-04-18 2022-07-05 江苏卓飞智能科技有限公司 Trusted electronic file online and offline integrated system and method thereof

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101577917A (en) * 2009-06-16 2009-11-11 深圳市星龙基电子技术有限公司 Safe dynamic password authentication method based on mobile phone
CN101661573A (en) * 2008-08-28 2010-03-03 北京书生国际信息技术有限公司 Method for producing electronic seal and method for using electronic seal
US20170017646A1 (en) * 2015-07-14 2017-01-19 Adobe Systems Incorporated Tracking and facilitating renewal of documents using an electronic signature system
CN107204853A (en) * 2017-06-30 2017-09-26 上海测吧信息技术有限公司 A kind of wireless digital signature method of use mobile phone
CN107911378A (en) * 2017-11-29 2018-04-13 济南浪潮高新科技投资发展有限公司 A kind of system and method for online Electronic Signature
CN108259176A (en) * 2016-12-28 2018-07-06 中国电信股份有限公司 Digital signature method, system and terminal based on mobile phone card
CN109756341A (en) * 2018-12-05 2019-05-14 新华三技术有限公司 Electronic signature method and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101661573A (en) * 2008-08-28 2010-03-03 北京书生国际信息技术有限公司 Method for producing electronic seal and method for using electronic seal
CN101577917A (en) * 2009-06-16 2009-11-11 深圳市星龙基电子技术有限公司 Safe dynamic password authentication method based on mobile phone
US20170017646A1 (en) * 2015-07-14 2017-01-19 Adobe Systems Incorporated Tracking and facilitating renewal of documents using an electronic signature system
CN108259176A (en) * 2016-12-28 2018-07-06 中国电信股份有限公司 Digital signature method, system and terminal based on mobile phone card
CN107204853A (en) * 2017-06-30 2017-09-26 上海测吧信息技术有限公司 A kind of wireless digital signature method of use mobile phone
CN107911378A (en) * 2017-11-29 2018-04-13 济南浪潮高新科技投资发展有限公司 A kind of system and method for online Electronic Signature
CN109756341A (en) * 2018-12-05 2019-05-14 新华三技术有限公司 Electronic signature method and device

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
王益民等: "《电子政务规划与设计》", 30 June 2013 *
董雪梅著: "《数字时代的金融服务研究》", 31 May 2017 *
鹤荣育等: "基于安全SIM卡的移动应用安全框架", 《第三届中美电子商务高级论坛论文集》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113890738A (en) * 2020-07-03 2022-01-04 中移互联网有限公司 Electronic signature method and device
CN111859431A (en) * 2020-07-24 2020-10-30 招商局通商融资租赁有限公司 Electronic file signature method and device, electronic equipment and storage medium
CN114066339A (en) * 2020-08-04 2022-02-18 ***通信集团终端有限公司 Goods signing method, device, equipment and storage medium
CN114710265A (en) * 2022-04-18 2022-07-05 江苏卓飞智能科技有限公司 Trusted electronic file online and offline integrated system and method thereof

Similar Documents

Publication Publication Date Title
CN110955921A (en) Electronic signature method, device, equipment and storage medium
JP4681554B2 (en) How to use reliable hardware-based identity credentials in runtime package signing for secure mobile communications and expensive transaction execution
CN112232814B (en) Encryption and decryption methods of payment key, payment authentication method and terminal equipment
CN108173659B (en) Certificate management method and system based on UKEY equipment and terminal equipment
EP2961094A1 (en) System and method for generating a random number
CN113569267B (en) Privacy safety data set intersection method, device, equipment and storage medium
CN110636043A (en) File authorization access method, device and system based on block chain
CN109660346B (en) Information hosting method, device, equipment and computer storage medium
CN111431719A (en) Mobile terminal password protection module, mobile terminal and password protection method
CN112084234B (en) Data acquisition method, device, equipment and medium
CN109981287B (en) Code signing method and storage medium thereof
CN111062059B (en) Method and device for service processing
CN109391473B (en) Electronic signature method, device and storage medium
CN109299944B (en) Data encryption method, system and terminal in transaction process
CN114463012A (en) Authentication method, payment method, device and equipment
CN115344848B (en) Identification acquisition method, device, equipment and computer readable storage medium
CN112084527A (en) Data storage and acquisition method, device, equipment and medium
CN114386075A (en) Data transmission channel establishing method, data transmission device, data transmission equipment and medium
CN114584324A (en) Identity authorization method and system based on block chain
CN110619236A (en) File authorization access method, device and system based on file credential information
CN110490003B (en) User trusted data generation method, user trusted data acquisition method, device and system
CN114444062A (en) Method, system, electronic equipment and storage medium for identity information authentication
CN114205237A (en) Authentication method and device of application program, electronic equipment and computer storage medium
CN117201033A (en) Blind signature device, system and method
CN117332387A (en) User permission determination method, device, equipment and computer storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination