CN103425922A - Method and system for acquiring far-end encryption command based on CSP (Cryptographic Service Provider) - Google Patents
Method and system for acquiring far-end encryption command based on CSP (Cryptographic Service Provider) Download PDFInfo
- Publication number
- CN103425922A CN103425922A CN2013103549105A CN201310354910A CN103425922A CN 103425922 A CN103425922 A CN 103425922A CN 2013103549105 A CN2013103549105 A CN 2013103549105A CN 201310354910 A CN201310354910 A CN 201310354910A CN 103425922 A CN103425922 A CN 103425922A
- Authority
- CN
- China
- Prior art keywords
- csp
- module
- configuration information
- cryptoapi
- local
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a method and a system for acquiring a far-end encryption command based on a CSP (Cryptographic Service Provider). The method comprises the following steps that a local first CSP module and a CSP calling module of a far-end device are established; the first CSP module sends a data packet containing an encryption command request to the CSP calling module; the CSP calling module accesses a second CSP module of encryption smart card equipment connected onto the far-end device through a CryptoAPI of the far-end device, and reads an encryption command of the encryption smart card equipment through the second CSP module; the CSP calling module sends the encryption command back to the first CSP module; the first CSP module sends the encryption command to an application program through a local CryptoAPI. According to the method and the system for acquiring the far-end encryption command based on the CSP, the first CSP module is used for simulating a CSP module of a manufacturer on the basis of a CSP framework, the CSP calling module is used for simulating the application program of an application layer, and through communication docking of the first CSP module and the CSP calling module, the locally running application program can obtain the encryption command of the encryption smart card equipment connected onto the far-end device.
Description
Technical field
The present invention relates to CSP encryption technology field, be specifically related to a kind of method and system of obtaining the far-end encryption instruction based on CSP.
Background technology
CSP (Cryptographic Service Provider, CSP) be the bottom encipher interface of working out for Windows series operating system, realize the encrypted instructions such as encryption, deciphering, digital signature, checking and the data summarization operation of data.Application is by CryptoAPI series function call, and its operand is container, and the public private key pair of encryption, encrypted certificate, signature public private key pair and signing certificate are arranged in a container.Can complete by container the operations such as encryption and decryption, signature sign test.
CSP is the basis of Windows safety applications, realizes that on Windows operating system https-secure browses (being the SSL secure data communication) and realize secure tunnel (as Ipsec) function, all must have CSP to participate in crypto-operation.
The Organization Chart of existing CSP as shown in Figure 1, three application A pplication A have been moved at application layer Application Layer, Application B and Application C, the CryptoAPI of middle layer System Layer is partly the operating system aspect, all access to the U shield all can first be delivered to this one deck, then different with model according to the producer of U shield, access the corresponding CSP of producer module (each CSP module of the Service Provider Layer layer in Fig. 1: (CSP) #1, (CSP) #2, (CSP) #3), realize the true access to U shield equipment by the concrete CSP of producer module again.
During application program access U shield, be by calling the api function of CryptoAPI, realize calling the CSP of producer module.Be below 25 api functions of the CryptoAPI that uses.
| 1 | CPAcquireContext |
| 2 | CPReleaseContext |
| 3 | CPGenKey |
| 4 | CPDeriveKey |
| 5 | CPDestroyKey |
| 6 | CPSetKeyParam |
| 7 | CPGetKeyParam |
| 8 | CPExportKey |
| 9 | CPImportKey |
| 10 | CPEncrypt |
| 11 | CPDecrypt |
| 12 | CPCreateHash |
| 13 | CPHashData |
| 14 | CPHashSessionKey |
| 15 | CPDestroyHash |
| 16 | CPSignHash |
| 17 | CPVerifySignature |
| 18 | CPGenRandom |
| 19 | CPGetUserKey |
| 20 | CPSetProvParam |
| 21 | CPGetProvParam |
| 22 | CPSetHashParam |
| 23 | CPGetHashParam |
| 24 | CPDuplicateHash |
| 25 | CPDuplicateKey |
What this existing CSP framework in Fig. 1 demonstrated is the mode of typical local IP access U shield, and along with the develop rapidly of the network information technology, the widespread use of network trading, the mode of local IP access U shield has had great restriction for the network trading place, the operator wish can telesecurity have access to the U shield, realize the work such as safe network trading anywhere or anytime.
Summary of the invention
The invention provides a kind of method and system of obtaining the far-end encryption instruction based on CSP, can realize remote secure access U shield, to address the above problem.
A kind of method of obtaining the far-end encryption instruction based on CSP that the embodiment of the present invention provides comprises step:
A: set up respectively a local CSP module and the CSP calling module of setting up remote equipment;
B: a CSP module is obtained the encrypted instruction request of being sent by application program by local CryptoAPI, and this encrypted instruction request is encoded and generated request for data bag, the CSP calling module by this application Packet Generation to remote equipment;
The C:CSP calling module is translated into this application packet the 2nd CSP module of the encrypted smart card equipment connected on the CSP function call corresponding with the CryptoAPI of remote equipment the CryptoAPI access remote equipment by remote equipment, reads the encrypted instruction of this encrypted smart card equipment by the 2nd CSP module;
The D:CSP calling module converts encrypted instruction to the result data bag, and this result data bag is beamed back to a described CSP module, the one CSP module is translated as encrypted instruction by the result data bag, and by local CryptoAPI, encrypted instruction is sent to this application program.
Preferably, the step e that also comprises associated registration after described steps A: insert in operating system registration table after the configuration information of the 2nd CSP module being replaced with to the configuration information of a local CSP module.
Preferably, the step of described associated registration comprises:
E1: call a CSP module by local CryptoAPI, sent the request of obtaining the 2nd CSP module configuration information by a CSP module to described CSP calling module;
The E2:CSP calling module is sent to described request of obtaining the 2nd CSP module configuration information the 2nd CSP module and obtains the 2nd CSP module configuration information by the CryptoAPI of remote equipment, then the 2nd CSP module configuration information is beamed back to a CSP module;
E3: the configuration information of the 2nd CSP module that a CSP module is obtained is inserted in operating system registration table after replacing with the configuration information of a local CSP module.
Preferably, transmit data by the socket network bi-directional between a CSP module and CSP module.
Preferably, described encrypted smart card equipment is the U shield.
Based in above-described embodiment, based on CSP, obtaining the method for far-end encryption instruction, the embodiment of the present invention also provides a kind of system of obtaining the far-end encryption instruction based on CSP, comprising:
CSP analogue unit and process simulation unit, for setting up respectively a local CSP module and the CSP calling module of setting up remote equipment;
The encrypted instruction request unit, obtain the encrypted instruction request of being sent by application program by local CryptoAPI for a CSP module, and this encrypted instruction request is encoded and generated request for data bag, the CSP calling module by this application Packet Generation to remote equipment;
The encrypted instruction acquiring unit, for the CSP calling module, this application packet is translated into to the 2nd CSP module of the encrypted smart card equipment connected on the CSP function call corresponding with the CryptoAPI of remote equipment the CryptoAPI access remote equipment by remote equipment, read the encrypted instruction of this encrypted smart card equipment by the 2nd CSP module;
The encrypted instruction feedback unit, convert encrypted instruction to the result data bag for the CSP calling module, and this result data bag is beamed back to a described CSP module, the one CSP module is translated as encrypted instruction by the result data bag, and by local CryptoAPI, encrypted instruction is sent to this application program.
Preferably, also comprise associated registering unit, insert operating system registration table replace with the configuration information of a local CSP module for the configuration information by the 2nd CSP module after.
Preferably, described associated registering unit comprises:
Far-end CSP module configuration information request unit, call a CSP module for the CryptoAPI by local, sent the request of obtaining the 2nd CSP module configuration information to described CSP calling module by a CSP module;
Far-end CSP module configuration information acquiring unit, CryptoAPI for the CSP calling module by remote equipment is sent to described request of obtaining the 2nd CSP module configuration information the 2nd CSP module and obtains the 2nd CSP module configuration information, then the 2nd CSP module configuration information is beamed back to a CSP module;
The configuration information replacement unit, insert operating system registration table replace with the configuration information of a local CSP module for the configuration information of the 2nd CSP module that a CSP module is obtained after.
Technique scheme can be found out, a CSP module that has created a standard in this locality based on the CSP framework due to the embodiment of the present invention is simulated the CSP module of producer, created at remote equipment the application program that the CSP calling module carrys out the simulation application layer, the access of the 2nd CSP module in the encrypted smart card equipment that the communication docking by a CSP module and CSP calling module has realized on local device, remote equipment being connected, thus make the application program of local runtime can obtain the encrypted instruction of the encrypted smart card equipment connected on this remote equipment.
The accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, below will the accompanying drawing of required use in embodiment or description of the Prior Art be briefly described, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skills, under the prerequisite of not paying creative work, can also obtain according to these accompanying drawings other accompanying drawing.
Fig. 1 is existing CSP Organization Chart;
Fig. 2 obtains the process flow diagram of the method for far-end encryption instruction based on CSP in the embodiment of the present invention 1;
Fig. 3 is the CSP extensible frame composition in the embodiment of the present invention 1;
Fig. 4 is the process flow diagram of associated registration step in the embodiment of the present invention 1.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is only the present invention's part embodiment, rather than whole embodiment.Embodiment based in the present invention, those of ordinary skills, not making all other embodiment that obtain under the creative work prerequisite, belong to the scope of protection of the invention.
Embodiment 1:
The embodiment of the present invention provides a kind of method of obtaining the far-end encryption instruction based on CSP, as shown in Figure 2, comprises the steps.
Step 101: set up respectively a local CSP module and the CSP calling module of setting up remote equipment.
The establishment of the establishment of a CSP module and CSP calling module can be carried out also can separately carrying out simultaneously in this step, its fundamental purpose is to set up CSP expansion framework, this CSP expansion framework as shown in Figure 3, the CSP module that the one CSP module is standard, therefore can simulate the CSP module in the actual encrypted smart card device, the device that cryptographic algorithm can be provided that encrypted smart card equipment is the built-in miniature smartcard processor, particularly, encrypted smart card equipment adopts the U shield in embodiments of the present invention, the U shield is the instrument for Web bank's electronic signature and digital authenticating, its built-in miniature smartcard processor, adopt 1024 asymmetric key algorithms to be encrypted online data, deciphering and digital signature, guarantee the confidentiality of online transaction, authenticity, integrality and non-repudiation.
The CSP calling module is for simulating the application program of application layer on remote equipment, it can go to access the CSP module by CryptoAPI as application program, the application programming interface (API) that CryptoAPI provides as the part of Microsoft Windows.CryptoAPI provides one group of function, and these functions allow application programs in mode flexibly, data to be encrypted or digital signature when the responsive private key data to the user provides protection.Actual cryptographic operation is to be carried out by the standalone module that is called CSP (CSP).Therefore, in the embodiment of the present invention, the CSP calling module is be positioned at application layer operation the same as application program.
After setting up a CSP module and CSP calling module in this step, the configuration information of the one CSP module has been recorded in system registry, the CSP module configuration information has comprised program point, program name, concrete producer's encrypted smart card unit type (for example U shield model), make system accurately to call this CSP module according to this configuration information, but the CSP module configuration information (i.e. the 2nd CSP module configuration information) that the CSP module configuration information of identifying due to system default is concrete producer, therefore, need to carry out the step to a CSP module and the registration of the 2nd CSP module relation on local device, the configuration information that is about to the 2nd CSP module is inserted in operating system registration table after replacing with the configuration information of a local CSP module.The step of this associated registration can be carried out association by the mode of artificial modification system registry, but because system registry should not arbitrarily be revised by the user as common profiles, therefore the embodiment of the present invention provides the step of the associated registration of a kind of automatic realization, as shown in Figure 4.
Step 1011: call a CSP module by local CryptoAPI, sent the request of obtaining the 2nd CSP module configuration information by a CSP module to described CSP calling module.Realize the socket network transmission function between a CSP module and CSP calling module in the embodiment of the present invention, between a CSP module and CSP module, by the socket network bi-directional, transmit data.In this step, a CSP module can be encoded described request of obtaining the 2nd CSP module configuration information to process and generate a request data package, so that the safe and reliable transmission of data, the request of this being obtained to the 2nd CSP module configuration information by the form of packet sends to the CSP calling module.
Step 1012:CSP calling module is sent to described request of obtaining the 2nd CSP module configuration information the 2nd CSP module and obtains the 2nd CSP module configuration information by the CryptoAPI of remote equipment, then the 2nd CSP module configuration information is beamed back to a CSP module.After in this step, the CSP calling module receives the request data package in previous step 1011, can be translated request data package, generate the CSP function call, so that this request of obtaining the 2nd CSP module configuration information can have access to by the CryptoAPI of remote equipment on the 2nd CSP module, thereby obtain the 2nd CSP module configuration information, then the 2nd CSP module configuration information is beamed back to a CSP module, being appreciated that this is in before beaming back still can be encoded to the 2nd CSP module configuration information, generate a result data bag, then this result data bag is sent back to a CSP module, and a CSP module still can be translated this result data bag, restore the 2nd CSP module configuration information.
Step 1013: the configuration information of the 2nd CSP module that a CSP module is obtained is inserted in operating system registration table after replacing with the configuration information of a local CSP module.So far step has completed associated registration, as can be seen here, when in system, corresponding application program need to be called the CSP module, because the 2nd CPS module configuration information is replaced by a CSP module configuration information, therefore application program can start a CSP module and carry out remote access the 2nd CSP module according to the CSP module configuration information after replacing, and next can be described further remote access step.
Step 102: a CSP module is obtained the encrypted instruction request of being sent by application program by local CryptoAPI, and this encrypted instruction request is encoded and generated request for data bag, the CSP calling module by this application Packet Generation to remote equipment.
When the application program of moving in system needs cryptographic services, for example industrial and commercial bank's Net silver program need to be accessed the U shield and be obtained key, this application program can send an encrypted instruction request to the CSP module by CryptoAPI, owing in the embodiment of the present invention, with a CSP module, simulating existing local CSP module, therefore a CSP module can be obtained by local CryptoAPI the encrypted instruction request of being sent by this application program, and to encrypted instruction, request is encoded and is generated a request for data bag as in above-mentioned step 1011, then the CSP calling module to remote equipment by this application Packet Generation, thereby realized the effect of a kind of " pipeline transfer ".
Step 103:CSP calling module is translated into this application packet the 2nd CSP module of the encrypted smart card equipment connected on the CSP function call corresponding with the CryptoAPI of remote equipment the CryptoAPI access remote equipment by remote equipment, reads the encrypted instruction of this encrypted smart card equipment by the 2nd CSP module.
In the embodiment of the present invention, the CSP function call corresponding with CryptoAPI relates to 25 altogether, in the background technology of this paper, these 25 function calls made to introduction, repeats no more herein.
Be appreciated that, after the request data package of CSP calling module in receiving previous step 102, still can be translated in the mode in above-mentioned steps 1012, generating function is called, thereby the CryptoAPI by remote equipment has access to the 2nd CSP module, gets encrypted instruction.So far, whole long-range CSP access path is successfully established.
Step 104:CSP calling module converts encrypted instruction to the result data bag, and this result data bag is beamed back to a described CSP module, the one CSP module is translated as encrypted instruction by the result data bag, and by local CryptoAPI, encrypted instruction is sent to this application program.
Mode in this step in the same above-mentioned steps 1012 of CSP calling module is changed the encrypted instruction in previous step 103 (i.e. coding) and is generated a result data bag, then this result data bag is beamed back to a CSP module, the one CSP module is translated the result data bag to be reduced into encrypted instruction, the CSP module that a CSP module now is equivalent in local U shield has encrypted instruction, and can by local CryptoAPI, provide encrypted instruction to the application program of sending before request.
Be understandable that, the embodiment of the present invention is on the not impact of existing encryption flow, just with virtual CSP module (a CSP module), replaced original CSP module (the CSP module that producer is concrete), allow what obtain while obtaining the CSP handle is the CSP module on remote equipment, thereby reach the purpose of carrying out encryption and decryption with the U shield on remote equipment.Therefore, for concrete encryption flow, will not specifically introduce in embodiments of the present invention.
As can be seen from the above technical solutions, technological thought of the present invention is: based on the CSP framework, expanded U shield technology, make computing machine not only can access the smart card device of the machine, can also access the smart card device that is inserted in remote computer, by this equipment, use the safety applications based on smart card.Smart card device based on the CSP framework, all support general CSP interface, and provide a CSP module (being the CSP of producer), the embodiment of the present invention has realized a virtual CSP module (hereinafter referred to as virtual CSP), be arranged on local computer, and the CSP of producer is arranged on remote computer, encrypted smart card equipment (hereinafter referred to as the U shield) is inserted on remote computer too, virtual CSP supports general CSP interface (25 system API), replace the CSP of producer to receive the access from computer security applications, be forwarded on the CSP of producer of remote computer, and reception is from the return message of the CSP of producer, be forwarded back to computer security applications, thereby realized being redirected of the CSP of producer secure access, also just realized being redirected of U shield secure access.While allowing the U shield of user on using remote computer, use impression with consistent at the machine use U shield.The present invention can be applied in the application scenarioss such as desktop and applying virtual, will expand to the smart card device field to the virtual use of application.
Embodiment 2:
The method of the embodiment of the present invention based in above-described embodiment 1 provides a kind of system of obtaining the far-end encryption instruction based on CSP, comprising:
CSP analogue unit and process simulation unit, for setting up respectively a local CSP module and the CSP calling module of setting up remote equipment;
The encrypted instruction request unit, obtain the encrypted instruction request of being sent by application program by local CryptoAPI for a CSP module, and this encrypted instruction request is encoded and generated request for data bag, the CSP calling module by this application Packet Generation to remote equipment;
The encrypted instruction acquiring unit, for the CSP calling module, this application packet is translated into to the 2nd CSP module of the encrypted smart card equipment connected on the CSP function call corresponding with the CryptoAPI of remote equipment the CryptoAPI access remote equipment by remote equipment, read the encrypted instruction of this encrypted smart card equipment by the 2nd CSP module;
The encrypted instruction feedback unit, convert encrypted instruction to the result data bag for the CSP calling module, and this result data bag is beamed back to a described CSP module, the one CSP module is translated as encrypted instruction by the result data bag, and by local CryptoAPI, encrypted instruction is sent to this application program.
In order to realize the associated registration of a CSP module and the 2nd CSP module, also comprise associated registering unit in native system, insert operating system registration table replace with the configuration information of a local CSP module for the configuration information by the 2nd CSP module after.
Particularly, described associated registering unit comprises:
Far-end CSP module configuration information request unit, call a CSP module for the CryptoAPI by local, sent the request of obtaining the 2nd CSP module configuration information to described CSP calling module by a CSP module;
Far-end CSP module configuration information acquiring unit, CryptoAPI for the CSP calling module by remote equipment is sent to described request of obtaining the 2nd CSP module configuration information the 2nd CSP module and obtains the 2nd CSP module configuration information, then the 2nd CSP module configuration information is beamed back to a CSP module;
The configuration information replacement unit, insert operating system registration table replace with the configuration information of a local CSP module for the configuration information of the 2nd CSP module that a CSP module is obtained after.
During use, only need the associated registering unit of operation can complete the auto-associating registration of a CSP module and the 2nd CSP module.
It should be noted that, the contents such as the information interaction between said system and intrasystem each unit, implementation, due to the inventive method embodiment based on same design, particular content can, referring to the narration in the inventive method embodiment, repeat no more herein.
One of ordinary skill in the art will appreciate that all or part of step in the whole bag of tricks of above-described embodiment is to come the hardware that instruction is relevant to complete by program, this program can be stored in a computer-readable recording medium, storage medium can comprise: ROM (read-only memory) (ROM, Read Only Memory), random access memory (RAM, Random Access Memory), disk or CD etc.
Above a kind of method and system of obtaining the far-end encryption instruction based on CSP that the embodiment of the present invention is provided are described in detail, applied specific case herein principle of the present invention and embodiment are set forth, the explanation of above embodiment is just for helping to understand method of the present invention and core concept thereof; , for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention simultaneously.
Claims (8)
1. obtain the method for far-end encryption instruction based on CSP, it is characterized in that, comprise step:
A: set up respectively a local CSP module and the CSP calling module of setting up remote equipment;
B: a CSP module is obtained the encrypted instruction request of being sent by application program by local CryptoAPI, and this encrypted instruction request is encoded and generated request for data bag, the CSP calling module by this application Packet Generation to remote equipment;
The C:CSP calling module is translated into this application packet the 2nd CSP module of the encrypted smart card equipment connected on the CSP function call corresponding with the CryptoAPI of remote equipment the CryptoAPI access remote equipment by remote equipment, reads the encrypted instruction of this encrypted smart card equipment by the 2nd CSP module;
The D:CSP calling module converts encrypted instruction to the result data bag, and this result data bag is beamed back to a described CSP module, the one CSP module is translated as encrypted instruction by the result data bag, and by local CryptoAPI, encrypted instruction is sent to this application program.
2. the method for obtaining the far-end encryption instruction based on CSP as claimed in claim 1, it is characterized in that, also comprise the step e of associated registration after described steps A: insert in operating system registration table after the configuration information of the 2nd CSP module being replaced with to the configuration information of a local CSP module.
3. the method for obtaining the far-end encryption instruction based on CSP as claimed in claim 2, is characterized in that, the step of described associated registration comprises:
E1: call a CSP module by local CryptoAPI, sent the request of obtaining the 2nd CSP module configuration information by a CSP module to described CSP calling module;
The E2:CSP calling module is sent to described request of obtaining the 2nd CSP module configuration information the 2nd CSP module and obtains the 2nd CSP module configuration information by the CryptoAPI of remote equipment, then the 2nd CSP module configuration information is beamed back to a CSP module;
E3: the configuration information of the 2nd CSP module that a CSP module is obtained is inserted in operating system registration table after replacing with the configuration information of a local CSP module.
4. as claim 1 or the 2 or 3 described methods of obtaining the far-end encryption instruction based on CSP, it is characterized in that, between a CSP module and CSP module, by the socket network bi-directional, transmit data.
5. as claim 1 or the 2 or 3 described methods of obtaining the far-end encryption instruction based on CSP, it is characterized in that, described encrypted smart card equipment is the U shield.
6. obtain the system of far-end encryption instruction based on CSP, it is characterized in that, comprising:
CSP analogue unit and process simulation unit, for setting up respectively a local CSP module and the CSP calling module of setting up remote equipment;
The encrypted instruction request unit, obtain the encrypted instruction request of being sent by application program by local CryptoAPI for a CSP module, and this encrypted instruction request is encoded and generated request for data bag, the CSP calling module by this application Packet Generation to remote equipment;
The encrypted instruction acquiring unit, for the CSP calling module, this application packet is translated into to the 2nd CSP module of the encrypted smart card equipment connected on the CSP function call corresponding with the CryptoAPI of remote equipment the CryptoAPI access remote equipment by remote equipment, read the encrypted instruction of this encrypted smart card equipment by the 2nd CSP module;
The encrypted instruction feedback unit, convert encrypted instruction to the result data bag for the CSP calling module, and this result data bag is beamed back to a described CSP module, the one CSP module is translated as encrypted instruction by the result data bag, and by local CryptoAPI, encrypted instruction is sent to this application program.
7. obtain the system of far-end encryption instruction as claim 6 based on CSP, it is characterized in that, also comprise associated registering unit, insert operating system registration table replace with the configuration information of a local CSP module for the configuration information by the 2nd CSP module after.
8. the system of obtaining the far-end encryption instruction based on CSP as claimed in claim 7, is characterized in that, described associated registering unit comprises:
Far-end CSP module configuration information request unit, call a CSP module for the CryptoAPI by local, sent the request of obtaining the 2nd CSP module configuration information to described CSP calling module by a CSP module;
Far-end CSP module configuration information acquiring unit, CryptoAPI for the CSP calling module by remote equipment is sent to described request of obtaining the 2nd CSP module configuration information the 2nd CSP module and obtains the 2nd CSP module configuration information, then the 2nd CSP module configuration information is beamed back to a CSP module;
The configuration information replacement unit, insert operating system registration table replace with the configuration information of a local CSP module for the configuration information of the 2nd CSP module that a CSP module is obtained after.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310354910.5A CN103425922B (en) | 2013-08-14 | 2013-08-14 | The method and system of far-end encryption instruction are obtained based on CSP |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310354910.5A CN103425922B (en) | 2013-08-14 | 2013-08-14 | The method and system of far-end encryption instruction are obtained based on CSP |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103425922A true CN103425922A (en) | 2013-12-04 |
| CN103425922B CN103425922B (en) | 2016-12-28 |
Family
ID=49650647
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310354910.5A Active CN103425922B (en) | 2013-08-14 | 2013-08-14 | The method and system of far-end encryption instruction are obtained based on CSP |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103425922B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104092745A (en) * | 2014-06-30 | 2014-10-08 | 飞天诚信科技股份有限公司 | Method for generating criterion of using intelligent card to login remote computer |
| CN107729760A (en) * | 2017-10-09 | 2018-02-23 | 惠州Tcl移动通信有限公司 | CSP implementation methods and intelligent terminal based on android system |
| CN108762827A (en) * | 2018-04-24 | 2018-11-06 | 北京明华联盟科技有限公司 | Cryptographic Service Provider call method and terminal device |
| CN110691060A (en) * | 2018-07-06 | 2020-01-14 | 武汉信安珞珈科技有限公司 | Method and system for realizing remote equipment password service based on CSP interface |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1842073A (en) * | 2005-03-31 | 2006-10-04 | 联想(北京)有限公司 | Method for realizing external device mapping of network computer |
| CN101908964A (en) * | 2010-08-17 | 2010-12-08 | 公安部第三研究所 | Method for authenticating remote virtual cryptographic equipment |
| CN102412969A (en) * | 2011-11-14 | 2012-04-11 | 深圳市深信服电子科技有限公司 | Method for carrying out authentication by remotely using certificate and secret key, apparatus and system thereof |
-
2013
- 2013-08-14 CN CN201310354910.5A patent/CN103425922B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1842073A (en) * | 2005-03-31 | 2006-10-04 | 联想(北京)有限公司 | Method for realizing external device mapping of network computer |
| CN101908964A (en) * | 2010-08-17 | 2010-12-08 | 公安部第三研究所 | Method for authenticating remote virtual cryptographic equipment |
| CN102412969A (en) * | 2011-11-14 | 2012-04-11 | 深圳市深信服电子科技有限公司 | Method for carrying out authentication by remotely using certificate and secret key, apparatus and system thereof |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104092745A (en) * | 2014-06-30 | 2014-10-08 | 飞天诚信科技股份有限公司 | Method for generating criterion of using intelligent card to login remote computer |
| CN104092745B (en) * | 2014-06-30 | 2017-07-14 | 飞天诚信科技股份有限公司 | A kind of method for generating the criterion that remote computer is logged in using smart card |
| CN107729760A (en) * | 2017-10-09 | 2018-02-23 | 惠州Tcl移动通信有限公司 | CSP implementation methods and intelligent terminal based on android system |
| CN107729760B (en) * | 2017-10-09 | 2022-01-04 | 惠州Tcl移动通信有限公司 | CSP implementation method based on Android system and intelligent terminal |
| CN108762827A (en) * | 2018-04-24 | 2018-11-06 | 北京明华联盟科技有限公司 | Cryptographic Service Provider call method and terminal device |
| CN108762827B (en) * | 2018-04-24 | 2021-02-23 | 北京明华联盟科技有限公司 | Encryption service providing program calling method and terminal equipment |
| CN110691060A (en) * | 2018-07-06 | 2020-01-14 | 武汉信安珞珈科技有限公司 | Method and system for realizing remote equipment password service based on CSP interface |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103425922B (en) | 2016-12-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI701623B (en) | Logistics information transmission method, system and device based on blockchain | |
| CN103647777B (en) | Safety certificate method and bidirectional forwarding detection BFD equipment | |
| CN110502887A (en) | Electric paying method and device | |
| CN110083783A (en) | A kind of method, apparatus, storage medium and computer equipment for sharing link | |
| CN109670803A (en) | Method, apparatus, medium and the electronic equipment tested before online trading | |
| CN101571900A (en) | Software copyright protection method, device and system | |
| CN106921496A (en) | A kind of digital signature method and system | |
| CN103425922A (en) | Method and system for acquiring far-end encryption command based on CSP (Cryptographic Service Provider) | |
| CN108155988A (en) | A kind of moving method, device, equipment and readable storage medium storing program for executing for protecting key | |
| CN108156232A (en) | Data sharing method and device | |
| CN102496112B (en) | Three-screen payment system based on intelligent SD card and realization method thereof | |
| CN106453196A (en) | Secret key writing device, system and method for trusted execution environment | |
| CN105025102B (en) | The network storage call method and storage system of a kind of 3D printing model file | |
| CN107317807A (en) | A kind of apparatus bound method, apparatus and system | |
| CN109428722A (en) | A kind of content delivery method and device | |
| CN115130140B (en) | Safety joint analysis method for multi-party privacy data and financial privacy data | |
| CN104993932A (en) | Method for improving signature safety | |
| CN106888448B (en) | Application downloading method, secure element and terminal | |
| CN103873245B (en) | Dummy machine system data ciphering method and equipment | |
| CN110598427B (en) | Data processing method, system and storage medium | |
| CN104657631B (en) | The processing method and processing device of the channel information of application | |
| CN110880965A (en) | Outgoing electronic document encryption method, system, terminal and storage medium | |
| CN103905624B (en) | Generation method and the mobile phone terminal of digital signature | |
| CN108021801A (en) | Divulgence prevention method, server and storage medium based on virtual desktop | |
| CN107172165A (en) | A kind of method of data synchronization and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C53 | Correction of patent of invention or patent application | ||
| CB02 | Change of applicant information |
Address after: 510623, Guangdong Guangzhou hi tech Industrial Development Zone, Science Town, science Avenue 182, innovation building, C3 District, seventh layers, 701 units, Guangzhou Applicant after: Guangzhou Sunrun Networks Technology Co., Ltd. Address before: 510630, room 2308, building A, hi tech building, five mountain road, Tianhe District, Guangdong, Guangzhou Applicant before: Guangzhou Sunrun Networks Technology Co., Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20180726 Address after: 510700 Guangdong science and Technology Development Zone, Guangzhou, Guangzhou, new science and Technology Development Zone, 182, No. seventh, 701, unit C3, Patentee after: Guangzhou Shang Yun Technology Co., Ltd. Address before: 510623 Guangdong science and Technology Development Zone, Guangzhou, Guangzhou, new science and Technology Development Zone, 182, No. seventh, 701, unit C3, Patentee before: Guangzhou Sunrun Networks Technology Co., Ltd. |