CN104579677A - Secure and rapid data signature method - Google Patents
Secure and rapid data signature method Download PDFInfo
- Publication number
- CN104579677A CN104579677A CN201410657600.5A CN201410657600A CN104579677A CN 104579677 A CN104579677 A CN 104579677A CN 201410657600 A CN201410657600 A CN 201410657600A CN 104579677 A CN104579677 A CN 104579677A
- Authority
- CN
- China
- Prior art keywords
- data
- card
- instruction
- private key
- result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention relates to the field of information security, in particular to a secure and rapid data signature method, which comprises the following steps: powering on a card, waiting for receiving an instruction from an upper computer, judging the type of the instruction, and if the instruction is a private key importing instruction, acquiring a cipher text from the private key importing instruction, decrypting the cipher text to obtain a private key by adopting a preset decryption algorithm and a preset key, and storing the private key; if the instruction is a data signature instruction, judging whether an intermediate value exists or not, acquiring own stored intermediate value if the intermediate value exists, acquiring an off-card random number from the data signature instruction, organizing data to be signed according to the off-card random number, signing the private key, the intermediate value and the data to be signed by adopting a preset algorithm to obtain a signature result, and transmitting a signature response comprising the signature result to the upper computer. According to the method, time for signing the data to be signed can be saved on the premise of ensuring data security.
Description
Technical field
The invention belongs to information security field, particularly a kind of data signature method safely and fast.
Background technology
In prior art, when card is to authenticating user identification, first need card to organize data to be signed, calculate PKI according to the private key that card inside is preserved, and then with the PKI calculated, signature operation is carried out to data to be signed, complete authenticating user identification; Invention technician finds, adopt prior art in the process of authenticating user identification, card needs the at substantial time to calculate, and extends the signature time.
Summary of the invention
In order to address the deficiencies of the prior art, the invention provides a kind of data signature method safely and fast, it is characterized in that, comprising:
Step S1: card powers on;
Step S2: the instruction that described card wait-receiving mode host computer issues, and judge the type of described instruction, if import private key instruction, then perform step S3; If data signature instruction, then perform step S4;
Step S3: described card obtains ciphertext from the instruction of described importing private key, adopts default decipherment algorithm and preset-key to be decrypted described ciphertext and obtains private key, preserve described private key, return step S2;
Step S4: described card judges whether therein exists median, is, performs step S9; Otherwise perform step S5;
Step S5: described card judges whether to there is private key, is, obtains described private key, calculates PKI to described private key, preserves described PKI, performs step S6; Otherwise report an error, return step S2;
Step S6: described card obtains the subscriber identity information that self preserves, and calculates the length of described subscriber identity information;
Step S7: described card obtains the data message that self preserves, and calculates the first result to the length of described subscriber identity information, described subscriber identity information, described data message;
Step S8: described card calculates median to described first result and described PKI, preserves described median;
Step S9: described card obtains the outer random number of card from described data signature instruction, data to be signed are organized according to the outer random number of described card, preset algorithm is adopted to sign to described private key, described median and described data to be signed, obtain result of signing, send the signature response comprising described signature result to described host computer, return step S2.
Adopt method provided by the invention, card can process the data signature instruction that host computer issues, and carries out authentication, organizes data to be signed, sign according to the outer random number of the card in data signature instruction.First time, when signing to data to be signed, preserve median, PKI, when non-first time is signed, the median that direct acquisition has been preserved or PKI were signed, and reached the speed improving signature, saved the signature time, strengthen the effect of Consumer's Experience.
Embodiment
Be clearly and completely described to the technical scheme in the embodiment of the present invention below, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
For making the object, technical solutions and advantages of the present invention clearly, will be described in further detail embodiment of the present invention below.
Embodiment 1
The present embodiment provides a kind of data signature method safely and fast, comprising:
Step Q1: card powers on;
Step Q2: the instruction that card wait-receiving mode host computer issues, and the type of decision instruction, if import private key instruction, then perform step Q3; If data signature instruction, then perform step Q4;
Step Q3: card obtains ciphertext from the instruction of importing private key, adopts default decipherment algorithm and preset-key to be decrypted ciphertext and obtains private key, preserve private key, return step Q2;
Particularly, card judges whether therein exists median, is, removes median, from the instruction of importing private key, obtain ciphertext, adopts default decipherment algorithm and preset-key to be decrypted ciphertext and obtains private key, preserve private key, return step Q2; Otherwise from the instruction of importing private key, obtain ciphertext, adopt default decipherment algorithm and preset-key to be decrypted ciphertext and obtain private key, preserve private key, return step Q2.
In the present embodiment, after preserving private key, also comprise: calculate PKI according to private key, preserve PKI, obtain the subscriber identity information self preserved, calculate the length of subscriber identity information, obtain the data message self preserved, first result is calculated to the length of subscriber identity information, subscriber identity information, data message, median is calculated to the first result and PKI, preserve median;
Step Q4: card judges whether therein exists median, is, performs step Q9; Otherwise perform step Q5;
This step can also be: card judges whether to there is median, is, performs step Q9; Otherwise report an error, return step Q2.
Step Q5: card judges whether to there is private key, is, obtains private key, calculates PKI to private key, preserves PKI, performs step Q6; Otherwise report an error, return step Q2;
Step Q6: card obtains the subscriber identity information that self preserves, calculates the length of subscriber identity information;
Also comprise before this step: card judges whether existence first result, is, obtains the first result, perform step Q8; Otherwise perform step Q6;
Step Q7: card obtains the data message that self preserves, calculates the first result to the length of subscriber identity information, subscriber identity information, data message;
In the present embodiment, data message comprises: the first element, the second element, element, the 4th element; Particularly, card obtains the first element, the second element, element, the 4th element, by the length of subscriber identity information, subscriber identity information, the first element, the second element, element and the 4th element sequential concatenation, the result obtained is as the first result.
This step also comprises, and preserves the first result;
Step Q8: card calculates median to the first result and PKI, preserves median;
Particularly, card is by the first result and PKI sequential concatenation, and do Hash calculation to the splicing result obtained, the Hash result obtained is as median.
Step Q9: card obtains the outer random number of card from data signature instruction, organize data to be signed according to the outer random number of card, adopt preset algorithm to sign to private key, median and data to be signed, obtain result of signing, send the signature response comprising signature result to host computer, return step Q2.
Particularly,
Step X0: card obtains the outer random number of card from data signature instruction, organizes data to be signed according to the outer random number of card;
Step X1: card, by median and data to be signed sequential concatenation, carries out Hash calculation to the splicing result obtained, obtains the first result of calculation;
Step X2: card generates card random number, obtains the element and the 4th element of self preserving, calculates, obtain the first numerical value according to card random number, element and the 4th element;
Step X3: card obtains the The Fifth Element that self preserves, calculates according to the first result of calculation, the first numerical value and The Fifth Element, obtains the Part I data of signature result;
Step X4: card judges whether the Part I data of signature result meet pre-conditioned, are return step X2; Otherwise perform step X5;
Step X5: card calculates according to the Part I data of private key, card random number, signature result and The Fifth Element, obtains the Part II data of signature result, performs step X6;
Step X6: card judges whether the Part II data of signature result equal 0, are return step X2; Otherwise perform step X7;
Step X7: card by the Part II data sequence splicing of the Part I data of signature result and signature result, using the splicing result that obtains as signature result;
Step X8: card sends the signature response comprising signature result to host computer, return step Q2.
In the present embodiment, after step Q9, also comprise: card judges whether successfully to carry out signature operation, is, send the signature response comprising signature result to host computer, return step Q2; Otherwise send signature failure information to host computer, return step Q2.
It should be noted that, data signature instruction is Dynamic Data Authentication instruction;
When the instruction that host computer issues is Dynamic Data Authentication instruction, also comprise: card judges that whether Dynamic Data Authentication instruction is legal, is perform step Q4; Otherwise send Dynamic Data Authentication instruction information unauthorized to host computer, return step Q2; Wherein, card judges that whether Dynamic Data Authentication instruction is legal, is specially:
Step a1: card judges whether the value of the first byte of Dynamic Data Authentication instruction is 0X00, is perform step a2; Otherwise send Dynamic Data Authentication instruction information unauthorized to host computer, return step Q2;
Step a2: card judges the 3rd of Dynamic Data Authentication instruction the, whether the value of nybble is 0X00,0X00, is perform step a3; Otherwise send Dynamic Data Authentication instruction information unauthorized to host computer, return step Q2;
Step a3: card obtains to the data in last byte from the 6th byte of Dynamic Data Authentication instruction, calculate the length of the data got, judging that whether the value of the 5th byte of Dynamic Data Authentication instruction is identical with the length of the data got, is perform step a4; Otherwise send Dynamic Data Authentication instruction information unauthorized to host computer, return step Q2;
Step a4: card obtains the application interaction feature preserved in advance, judging whether to support Dynamic Data Authentication operation according to application interaction feature, is perform step Q4; Otherwise send Dynamic Data Authentication instruction information unauthorized to host computer, return step Q2.
Data to be signed are organized according to the outer random number of card, be specially: card generates card dynamic random number, by the first data, the length of card dynamic random number, card dynamic random number and the outer random number sequential concatenation of card self preserved, using the splicing result that obtains as data to be signed.
Data signature instruction is rapid authentication instruction; When the instruction that host computer issues is rapid authentication instruction, also comprise: card judges that whether rapid authentication instruction is legal, is perform step Q4; Otherwise send rapid authentication instruction information unauthorized to host computer, return step Q2;
Wherein, card judges that whether rapid authentication instruction is legal, is specially:
Step b1: card judges whether the value of the first byte of rapid authentication instruction is 0X80, is perform step b2; Otherwise send rapid authentication instruction information unauthorized to host computer, return step Q2;
Step b2: card judges the 3rd of rapid authentication instruction the, whether the value of nybble is 0X00,0X00, is perform step b3; Otherwise send rapid authentication instruction information unauthorized to host computer, return step Q2;
Step b3: card obtains to the data in last byte from the 6th byte of rapid authentication instruction, calculate the length of the data got, judging that whether the value of the 5th byte of rapid authentication instruction is identical with the length of the data got, is perform step b4; Otherwise send rapid authentication instruction information unauthorized to host computer, return step Q2;
Step b4: card obtains the application interaction feature preserved in advance, judging whether to support rapid authentication operation according to application interaction feature, is perform step Q4; Otherwise send rapid authentication instruction information unauthorized to host computer, return step Q2.
Correspondingly, organize data to be signed according to the outer random number of card, be specially: card obtains the key message that self preserves, and will block outer random number and key message sequential concatenation, will splice result as data to be signed.
When the instruction that host computer issues is rapid authentication instruction, also comprise: empty buffer area; When judging that rapid authentication instruction is legal, also comprise:
Rapid authentication instruction is saved in buffer area, the first count value is set to initial value, perform step Q4;
Data signature instruction is the instruction of compound Dynamic Data Authentication, and when the instruction that host computer issues is the instruction of compound Dynamic Data Authentication, card obtains the outer random number of card from data signature instruction, organizes data to be signed, specifically comprise according to the outer random number of card:
Step K 1: card judges whether there are data in buffer area, is, performs step K 2; Otherwise report an error, return step Q2;
Step K 2: card obtains the data in buffer area, the data got and compound Dynamic Data Authentication instruction sequences being spliced, using the splicing result that obtains as treating hash, obtaining the first count value, judge whether the first count value is initial value, is, performs step K 4; Otherwise perform step K 3;
Step K 3: card empties buffer area, is set to initial value by the first count value, performs step K 5;
Step K 4: card will treat that hash is stored in buffer area, upgrades the first count value, performs step K 5;
Step K 5: card is treated hash and carried out Hash calculation, obtains Hash result, obtains the outer random number of card from the instruction of compound Dynamic Data Authentication, organizes data to be signed according to Hash result and the outer random number of card.
Organize data to be signed according to Hash result and the outer random number of card, be specially:
Card obtains the second data that self preserves, obtain the 3rd data of self preserving, obtain ciphertext in the 4th data of self preserving, the card obtaining self preservation, by the outer random number sequential concatenation of ciphertext, Hash result and card in the second data, the 3rd data, the 4th data, card, using the splicing result that obtains as data to be signed.
Data signature instruction is the instruction of compound Dynamic Data Authentication;
When the instruction that host computer issues is the instruction of compound Dynamic Data Authentication, also comprise: card judges that whether the instruction of compound Dynamic Data Authentication is legal, is perform step Q4; Otherwise send compound Dynamic Data Authentication instruction information unauthorized to host computer, return step Q2.Wherein, card judges that whether the instruction of compound Dynamic Data Authentication is legal, is specially:
Step c1: card judges whether the value of the first byte of compound Dynamic Data Authentication instruction is 0X80, is perform step c2; Otherwise send compound Dynamic Data Authentication instruction information unauthorized to host computer, return step Q2;
Step c2: card judges the 3rd of the instruction of compound Dynamic Data Authentication the, whether the value of nybble is 0X00,0X00, is perform step c3; Otherwise send compound Dynamic Data Authentication instruction information unauthorized to host computer, return step Q2;
Step c3: card obtains to the data in last byte from the 6th byte of compound Dynamic Data Authentication instruction, calculate the length of the data got, judging that whether the value of the 5th byte of compound Dynamic Data Authentication instruction is identical with the length of the data got, is perform step c4; Otherwise send compound Dynamic Data Authentication instruction information unauthorized to host computer, return step Q2;
Step c4: card obtains the application interaction feature preserved in advance, judging whether to support the dynamic data authentication operations of compound according to application interaction feature, is perform step Q4; Otherwise send compound Dynamic Data Authentication instruction information unauthorized to host computer, return step Q2.
In the present embodiment, also comprising and generate double secret key instruction, is that when generating double secret key instruction, card generates private key, and preserves private key, returns step Q2 when card receives the instruction that host computer issues.
In the present embodiment, step Q3 to step Q9 can replace with:
Step Q3 ': card obtains ciphertext from the instruction of importing private key, adopts default decipherment algorithm to be decrypted ciphertext and obtains private key and private key mark, preserve private key and private key mark;
Step Q4 ': card obtains private key mark from data signature instruction, judges whether therein exists median corresponding to private key mark, is perform step Q9 '; Otherwise perform step Q5 ';
Step Q5 ': card judges whether to there is private key corresponding to private key mark, is obtain private key, calculates PKI to private key, preserve PKI, perform step Q6; Otherwise report an error, return step Q2;
Step Q9 ': card obtains the outer random number of card from data signature instruction, data to be signed are organized according to the outer random number of card, preset algorithm is adopted to sign to the private key of private key mark correspondence, the median of private key mark correspondence and data to be signed, obtain result of signing, send the signature response comprising signature result to host computer, return step Q2.
Embodiment 2
The present embodiment provides a kind of data signature method safely and fast, comprising:
Step 101: card powers on;
Step 102: the instruction that card wait-receiving mode host computer issues, decision instruction type, if import private key instruction, then performs step 103; If Dynamic Data Authentication instruction, then perform step 105; If rapid authentication instruction, then perform step 116; If the instruction of compound Dynamic Data Authentication, then perform step 127;
In the present embodiment, card is according to the type of the value decision instruction of first, second byte of instruction, if the value of first, second byte is 0X0088, is then Dynamic Data Authentication instruction; If the value of first, second byte is 0X80A8, then it is rapid authentication instruction; The value of first, second byte is 0X80AE, be then the instruction of compound Dynamic Data Authentication.
Wherein, Dynamic Data Authentication instruction is INTERNAL AUTHENTICATE instruction; Rapid authentication instruction is GET PROCESSING OPTIONS instruction; The instruction of compound Dynamic Data Authentication is GENERATE AC instruction;
In the present embodiment, Dynamic Data Authentication instruction, rapid authentication instruction, the instruction of compound Dynamic Data Authentication are data signature instruction;
In the present embodiment, the instruction that host computer issues also comprises: generate double secret key instruction; If generate double secret key instruction, then card generates private key, and preserves private key, returns step 102.
In the present embodiment, to be length be private key is greater than the random number that 0 bit is less than 256 bits.
Step 103: card obtains ciphertext from the instruction of importing private key, adopts default decipherment algorithm and preset-key to be decrypted ciphertext, obtains private key;
Such as: the private key obtained after deciphering is:
FB0EEB34DD4BD85C645F2CD2DD343ECD0ED03349282C3E1BF6DB51F1384FBC76;
Step 104: private key preserved by card, returns step 102;
Step 105: card judges that whether Dynamic Data Authentication instruction is legal, is perform step 106; Otherwise send Dynamic Data Authentication instruction information unauthorized to host computer, return step 102;
In the present embodiment, judge specifically to comprise the method whether Dynamic Data Authentication instruction is legal,
Step a1: card judges whether the value of the first byte of Dynamic Data Authentication instruction is 0X00, is perform step a2; Otherwise 0X6E00 is sent to host computer as Dynamic Data Authentication instruction information unauthorized, returns step 102;
Step a2: card judges the 3rd of Dynamic Data Authentication instruction the, whether the value of nybble is 0X000X00, is perform step a3; Otherwise 0X6A86 is sent to host computer as Dynamic Data Authentication instruction information unauthorized, returns step 102;
Step a3: card obtains to the data in last byte from the 6th byte of Dynamic Data Authentication instruction, calculate the length of the data got, judging that whether the value of the 5th byte of Dynamic Data Authentication instruction is identical with the length of the data got, is perform step a4; Otherwise 0X6700 is sent to host computer as Dynamic Data Authentication instruction information unauthorized, returns step 102;
Step a4: card obtains the application interaction feature preserved in advance, judges whether to support Dynamic Data Authentication operation according to application interaction feature, is that then Dynamic Data Authentication instruction is legal, performs step 106; Otherwise Dynamic Data Authentication instruction is illegal, 0X6985 is sent to host computer as Dynamic Data Authentication instruction information unauthorized, returns step 102;
Preferably, obtain the application interaction feature being kept at card inside in advance, judging whether the value of the 6th of the first byte applying interaction feature is 1, is support that Dynamic Data Authentication operates; Otherwise do not support that Dynamic Data Authentication operates;
Such as: the Dynamic Data Authentication instruction received is 008800000411223344; Wherein, the value of the first byte is 0X00; Three, the value of nybble is 0X00,0X00; Obtain to the data in last byte from the 6th byte of Dynamic Data Authentication instruction, the data got are 11223344, the length of the data got is 4 bytes, the length of the data namely got is 0X04, the value of the 5th byte of Dynamic Data Authentication instruction is 0X04, identical with the length of the data got; Be 1 for the value of the 6th that is kept at the first byte of the application interaction feature of card inside in advance, then Dynamic Data Authentication instruction is legal.
Step 106: card judges whether therein exists median, is, performs step 112; Otherwise perform step 107;
In this step, when judging that card therein does not exist median, also comprising: judge whether to there is PKI, being, perform step 109; Otherwise perform step 107;
Step 107: card judges whether to there is private key, is, performs step 108; Otherwise report an error, return step 102;
Step 108: card obtains private key, calculates PKI to private key, preserves PKI, performs step 109;
Such as, card to the PKI that private key calculates is:
A876F78AABB8C8C0BBC0D03CD76D2AE8AD19FCF176F6B0E7D0C803783B0CBC91
2E00F90B473D38D95A03C1C1B3629D0DA1BD07FC796D7CC6E365C8296245E305;
Step 109: card judges whether existence first result, is perform step 111; Otherwise perform step 110;
The present embodiment, there is not the first result, performs step 110;
Step 110: card obtains the subscriber identity information that self preserves, calculate the length of subscriber identity information, obtain the first element, the second element, element, the 4th element self preserved, first result is calculated to the length of subscriber identity information, subscriber identity information, the first element, the second element, element, the 4th element, preserve the first result, perform step 111;
Particularly, card obtains the subscriber identity information that self preserves, calculate the length of subscriber identity information, obtain the first element, the second element, element, the 4th element self preserved, by the length of subscriber identity information, subscriber identity information, the first element, the second element, element and the 4th element sequential concatenation, the result obtained is as the first result.Wherein, the first element, the second element, element and the 4th element are fixed value, and the first element is:
FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC;
Second element is:
28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93;
Element is:
32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7;
4th element is:
BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0;
Such as: subscriber identity information is: 31323334353637383132333435363738; Be 0X0080 by calculating the length of known subscriber identity information;
First result is: 0X0080
31323334353637383132333435363738
FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC
28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93
32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7
BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0。
Step 111: card calculates median to the first result and PKI, preserves median;
Particularly, card is by the first result and PKI sequential concatenation, and do Hash calculation to the splicing result obtained, the Hash result obtained is as median.
Such as, the median obtained is:
6F73DC832ABB274E6B4A7305BE2A4C0F3B78C77F585B3680FF31814E9FE4AA3B。
Step 112: obtain the outer random number of card from Dynamic Data Authentication instruction, tissue comprises the data to be signed of the outer random number of card, performs step 113;
In the present embodiment, card obtains the value of the 5th byte of Dynamic Data Authentication instruction, using the length of the value of the 5th byte as the outer random number of card, from the 6th byte of Dynamic Data Authentication instruction, obtain the data that the length of length and card random number is outward identical, using the data that get as card random number outward; Card generates card dynamic random number, by the first data, the length of card dynamic random number, card dynamic random number and the outer random number sequential concatenation of card self preserved, using the splicing result that obtains as data to be signed.Wherein, the first data are the data that card inside is preserved, and value is 0X1503, and card dynamic random number length is 2 bytes;
In this step, tissue also comprises after comprising the data to be signed of the outer random number of card, and card upgrades card dynamic random number according to default step-length;
Particularly, card dynamic random number and default step-length are done add operation, the operation result obtained upgrades card dynamic random number; Or card dynamic random number and default step-length are done subtraction, and the operation result obtained upgrades card dynamic random number.
Such as: the value that card obtains the 5th byte of Dynamic Data Authentication instruction is 0X04, it can be used as the length of the outer random number of card, i.e. 4 bytes, the data of 4 byte lengths are obtained from the 6th byte of Dynamic Data Authentication instruction, namely the data got are 11223344, it can be used as the outer random number of card; It is 4A5B that card obtains the inner card dynamic random number preserved; The data to be signed of composition are: 0X1503024A5B11223344;
Step 113: card adopts preset algorithm to sign to private key, median and data to be signed, obtains result of signing;
Preferably, preset algorithm is SM2 algorithm.The length of signature result is 0X40 byte;
Wherein, the method that card adopts SM2 algorithm to sign to private key, median and data to be signed, comprising:
Steps A 1: card, by median and data to be signed sequential concatenation, carries out Hash calculation to the splicing result obtained, obtains the first result of calculation;
Steps A 2: card generates card random number, obtains the element and the 4th element of self preserving, calculates, obtain the first numerical value according to card random number, element and the 4th element;
Wherein, card random number is more than or equal to 1, is less than or equal to the random number of The Fifth Element, and the length of card random number is greater than 0 bit, is less than 256 bits; The Fifth Element be greater than 0 prime number.Preferably, The Fifth Element is:
FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123;
In the present embodiment, card random number and element are done multiplying by card, and the result of calculation obtained is as the first numerical value;
Such as: card random number is:
64D9F366298D40C2B38005B746962ADD1345AC5621D29BD8E673D26033AD96;
First numerical value is:
34793E74567FC6C51100653D96F1FDF6EDDAA7FC160BAB67C7AFA89E1DD704EC,
Steps A 3: card obtains the The Fifth Element that self preserves, calculates according to the first result of calculation, the first numerical value and The Fifth Element, obtains the Part I data of signature result;
In the present embodiment, the first result of calculation and the first numerical value are done add operation by card, and the result of calculation obtained and The Fifth Element do complementation computing, and the result obtained is as the Part I data of signature result;
Such as: The Fifth Element is:
FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123;
The Part I data of signature result are:
0X6B8AECEE54C2C65D174C9311334B76C097B09211E61DD59BC8F7FA9F85A68F1C;
Steps A 4: card judges whether the Part I data of signature result meet pre-conditioned, are return steps A 2; Otherwise perform steps A 5;
In the present embodiment, to be pre-conditionedly specially: the Part I data of signature result equal 0; Or Part I data and the card random number of signature result do add operation, and the result of calculation obtained equals The Fifth Element;
With the data instance in steps A 3, the Part I data of signature result are not equal to 0, and the Part I data of result of signing and card random number do add operation, and the result of calculation obtained is not equal to The Fifth Element, perform steps A 5.
Steps A 5: card calculates according to the Part I data of private key, card random number, signature result and The Fifth Element, obtains the Part II data of signature result, performs steps A 6;
In the present embodiment, card calculates according to the Part I data of private key, card random number, signature result and The Fifth Element, and the method obtaining the Part II data of signature result is specially:
Private key and 1 are carried out add operation by card, obtain operation result, get the inverse of operation result as the second result of calculation; The Part I data of signature result and private key are done multiplying, and the operation result obtained and card random number do subtraction, obtain the 3rd result of calculation; Second result of calculation and the 3rd result of calculation are done multiplying, and the dynamic operation result obtained and The Fifth Element do complementation computing, and the operation result obtained is as the Part II data of signature result.
Such as: the Part II data of the signature result that card calculates are:
0XD5D1022F1346B745203E007ACF7930C1CB72823944FC14FF88DB8FBEDF1DEFD4;
Steps A 6: card judges whether the Part II data of signature result equal 0, are return steps A 2; Otherwise perform steps A 7;
With the data instance in steps A 5, the Part II data of signature result are not equal to 0, perform steps A 7;
Steps A 7: card using signature result Part I data and signature result Part II data as signature result.
In the present embodiment, the Part I data of signature result and the Part II data splicing of signature result, will splice result as signature result.
Such as: the signature result obtained is:
0X6B8AECEE54C2C65D174C9311334B76C097B09211E61DD59BC8F7FA9F85A68F1CD5D1022F1346B745203E007ACF7930C1CB72823944FC14FF88DB8FBEDF1DEFD4;
Step 114: card judges that whether signature operation is successful, is perform step 115; Otherwise send Dynamic Data Authentication signature failure information to host computer, return step 102;
In the present embodiment, Dynamic Data Authentication signature failure information is specially 0X6F81.
Step 115: card returns the Dynamic Data Authentication response comprising signature result to host computer, return step 102;
In the present embodiment, the data head that 0X80 responds as Dynamic Data Authentication by card, using the length of the data field that 0X45 responds as Dynamic Data Authentication, by 0X15,0X03,0X02, card dynamic random number, signature result sequential concatenation, the data field that the splicing result obtained responds as Dynamic Data Authentication, sends to host computer using splicing result as Dynamic Data Authentication response.
Also comprise after the success of card signature operation, obtain the card the result that card inside is preserved, the value of the 3rd byte of card the result and 0X02 are carried out step-by-step or computing, the operation result that obtains replaces the 3rd byte of card the result, using the data obtained after replacing as the card the result after upgrading.
Such as: Dynamic Data Authentication response is:
0X80451503024A5B6B8AECEE54C2C65D174C9311334B76C097B09211E61DD59BC8F7FA9F85A68F1CD5D1022F1346B745203E007ACF7930C1CB72823944FC14FF88DB8FBEDF1DEFD49000;
Step 116: card judges that whether rapid authentication instruction is legal, is perform step 117; Otherwise send rapid authentication instruction information unauthorized to host computer, return step 102;
In the present embodiment, judge specifically to comprise the method whether rapid authentication instruction is legal,
Step b1: card judges whether the value of the first byte of rapid authentication instruction is 0X80, is perform step b2; Otherwise 0X6E00 is sent to host computer as rapid authentication instruction information unauthorized, returns step 102;
Step b2: card judges the 3rd of rapid authentication instruction the, whether the value of nybble is 0X00,0X00, is perform step b3; Otherwise 0X6A86 is sent to host computer as rapid authentication instruction information unauthorized, returns step 102;
Step b3: card obtains to the data in last byte from the 6th byte of rapid authentication instruction, calculate the length of the data got, judging that whether the value of the 5th byte of rapid authentication instruction is identical with the length of the data got, is perform step b4; Otherwise 0X6700 is sent to host computer as rapid authentication instruction information unauthorized, returns step 102;
Step b4: card obtains the application interaction feature preserved in advance, judging whether to support rapid authentication operation according to application interaction feature, is that then rapid authentication instruction is legal; Otherwise rapid authentication instruction is illegal, 0X6985 is sent to host computer as rapid authentication instruction information unauthorized, returns step 102;
Preferably, obtain the application interaction feature being kept at card inside in advance, judge whether the value of the 6th of the first byte applying interaction feature is 1, be, determine to support rapid authentication operation; Otherwise determine not support that rapid authentication operates;
Step 117: card judges whether therein exists median, is, performs step 123; Otherwise perform step 118;
In this step, when judging that card therein does not exist median, also comprise: judge whether to there is PKI, be, perform step 120; Otherwise perform step 118;
Step 118: card judges whether to there is private key, is, performs step 119; Otherwise report an error, return step 102;
Step 119: card obtains private key, calculates PKI to private key, preserves PKI, performs step 120;
Step 120: card judges whether existence first result, is perform step 122; Otherwise perform step 121;
Step 121: card obtains the subscriber identity information that self preserves, calculate the length of subscriber identity information, obtain the first element, the second element, element, the 4th element self preserved, first result is calculated to the length of subscriber identity information, subscriber identity information, the first element, the second element, element, the 4th element, preserve the first result, perform step 122;
This step concrete operation method is identical with step 110.
Step 122: card calculates median to the first result and PKI, preserves median;
This step concrete operation method is identical with step 111.
Step 123: card obtains the outer random number of card from rapid authentication instruction, obtains the key message that card inside is preserved, and organizes data to be signed according to the outer random number of card and key message;
Preferably, from the byte second from the bottom of rapid authentication instruction, obtain forward 4 byte datas, using the data that get as the outer random number of card;
In the present embodiment, key message comprises dealing money, the transaction currency code of 2 byte lengths, the close dynamic random number of state of 8 byte lengths of 6 byte lengths; Outer random number and key message sequential concatenation will be blocked, result will be spliced as data to be signed; Preferably, the length of blocking outer random number is 4 bytes.
Step 124: card adopts preset algorithm to sign to private key, median and data to be signed, obtains result of signing;
In the present embodiment, preset algorithm is SM2 algorithm; The Methods and steps 113 adopting SM2 algorithm to sign to private key, median and data to be signed is identical.
Step 125: card judges that whether signature operation is successful, is perform step 126; Otherwise send rapid authentication signature failure information to host computer, return step 102;
Step 126: card empties buffer area, is set to initial value by the first count value, by rapid authentication instruction stored in buffer area, returns the rapid authentication response comprising signature result, return step 102 to host computer;
In the present embodiment, 0X77,0X81 as data head, the part of data field that signature result responded as rapid authentication, organize rapid authentication to respond by card.
By rapid authentication instruction stored in buffer area, be specially: card, according to the value of the 5th byte of rapid authentication instruction, obtains data from the 6th byte of rapid authentication instruction, by the data that get stored in buffer area; Or card obtains to the data in last byte from the 6th byte of rapid authentication instruction, by the data that get stored in buffer area; Preferably, the initial value of the first count value is 0.
Step 127: card judges that whether the instruction of compound Dynamic Data Authentication is legal, is perform step 128; Otherwise send compound Dynamic Data Authentication instruction information unauthorized to host computer, return step 102;
In the present embodiment, judge specifically to comprise the method whether instruction of compound Dynamic Data Authentication is legal,
Step c1: card judges whether the value of the first byte of compound Dynamic Data Authentication instruction is 0X80, is perform step c2; Otherwise 0X6E00 is sent to host computer as compound Dynamic Data Authentication instruction information unauthorized, returns step 102;
Step c2: card judges whether the value of the 5th of the 3rd byte of compound Dynamic Data Authentication instruction is 1, is perform step c3; Otherwise 0X6A86 is sent to host computer as compound Dynamic Data Authentication instruction information unauthorized, returns step 102;
Step c3: card obtains to the data in last byte from the 6th byte of compound Dynamic Data Authentication instruction, calculate the length of the data got, judging that whether the value of the 5th byte of compound Dynamic Data Authentication instruction is identical with the length of the data got, is perform step c4; Otherwise 0X6700 is sent to host computer as compound Dynamic Data Authentication instruction information unauthorized, returns step 102;
Step c4: card obtains the application interaction feature preserved in advance, judging whether to support the dynamic data authentication operations of compound according to application interaction feature, is that then the instruction of compound Dynamic Data Authentication is legal; Otherwise the instruction of compound Dynamic Data Authentication is illegal, 0X6985 is sent to host computer as compound Dynamic Data Authentication instruction information unauthorized, returns step 102;
Preferably, obtain the application interaction feature being kept at card inside in advance, judging whether the primary value of the first byte applying interaction feature is 1, is support the dynamic data authentication operations of compound; Otherwise do not support the dynamic data authentication operations of compound;
Step 128: card judges whether therein exists median, is, performs step 134; Otherwise perform step 129;
In this step, when judging that card therein does not exist median, also comprise: judge whether to there is PKI, be, perform step 130; Otherwise perform step 129;
Step 129: card judges whether to there is private key, is, performs step 130; Otherwise report an error, return step 102;
Step 130: card obtains private key, calculates PKI to private key, preserves PKI, performs step 131;
Step 131: card judges whether existence first result, is perform step 133; Otherwise perform step 132;
Step 132: card obtains the subscriber identity information that self preserves, calculate the length of subscriber identity information, obtain the first element, the second element, element, the 4th element self preserved, first result is calculated to the length of subscriber identity information, subscriber identity information, the first element, the second element, element, the 4th element, preserve the first result, perform step 133;
This step concrete operation method is identical with step 110.
Step 133: card calculates median to the first result and PKI, preserves median;
This step concrete operation method is identical with step 111.
Step 134: card judges whether there are data in buffer area, is perform step 135; Otherwise report an error, return step 102;
Step 135: card obtains the data in buffer area, the data got and compound Dynamic Data Authentication instruction sequences is spliced, using spliced result as treating hash, performs step 136;
In the present embodiment, card obtains the data field of compound Dynamic Data Authentication instruction, after the data of its sequential concatenation in buffer area, using spliced data as treating hash;
Card obtains the data field of compound Dynamic Data Authentication instruction, be specially: card is according to the value of the 5th byte of compound Dynamic Data Authentication instruction, data are obtained, using the data that the get data field as the instruction of compound Dynamic Data Authentication from the 6th byte of compound Dynamic Data Authentication instruction; Or card obtains to the data in last byte from the 6th byte of compound Dynamic Data Authentication instruction, using the data that the get data field as the instruction of compound Dynamic Data Authentication;
Step 136: card obtains the first count value, judges whether the first count value is initial value, is perform step 137; Otherwise perform step 138;
Preferably, the initial value of the first count value is 0.
Step 137: card will treat that hash is stored in buffer area, upgrades the first count value, performs step 139;
Step 138: card empties buffer area, is set to initial value by the first count value, performs step 139;
Step 139: card is treated hash and carried out Hash calculation, obtains Hash result, obtains the outer random number of card from the instruction of compound Dynamic Data Authentication, organizes data to be signed, perform step 140 according to Hash result and the outer random number of card;
Preferably, from the byte second from the bottom of compound Dynamic Data Authentication instruction, obtain forward 4 byte datas, using the data that get as the outer random number of card;
In the present embodiment, organize data to be signed according to Hash result and the outer random number of card, be specially:
Card obtains the second data that self preserves, obtain the 3rd data of self preserving, obtain ciphertext in the 4th data of self preserving, the card obtaining self preservation, by ciphertext, Hash result, the outer random number sequential concatenation of card in the second data, the 3rd data, the 4th data, card, using the splicing result that obtains as data to be signed.Wherein, the second data are 0X15,0X2C, 0X02, and the 3rd data are the ATC of 2 byte lengths, and the 4th data are the CID of 1 byte length, and in card, data to be signed ciphertext length is 8 bytes.
Step 140: card adopts preset algorithm to sign to private key, median and data to be signed, obtains result of signing;
In the present embodiment, preset algorithm is SM2 algorithm; The Methods and steps 113 adopting SM2 algorithm to sign to private key, median and data to be signed is identical.
Step 141: card judges that whether signature operation is successful, is perform step 142; Otherwise send compound Dynamic Data Authentication signature failure information to host computer, return step 102;
Step 142: card returns the compound Dynamic Data Authentication response comprising signature result to host computer, return step 102;
It should be noted that, step 103 to 104 can also be: card obtains ciphertext from the instruction of importing private key, adopts default decipherment algorithm to be decrypted ciphertext and obtains private key and private key mark, preserve private key and private key mark;
Accordingly, step 106 replaces with: card obtains private key mark from Dynamic Data Authentication instruction, and judging whether inside exists and identify corresponding median with private key, is perform step 112; Otherwise perform step 107 ';
Wherein, card judges inner not exist when identify corresponding median with private key, also comprises: card judges whether that existence identifies corresponding PKI with private key, is perform step 108; Otherwise perform step 107 ';
Step 107 ': card judges whether to exist and identifies corresponding private key with private key, is obtain private key, calculates PKI to private key, preserve PKI, perform step 109; Otherwise report an error end, returns step 102;
Step 113 replaces with: card obtains the outer random number of card from Dynamic Data Authentication instruction, data to be signed are organized according to the outer random number of card, adopt preset algorithm to sign to the private key of private key mark correspondence, the median of private key mark correspondence and data to be signed, obtain result of signing.
Step 117 replaces with: card obtains private key mark from rapid authentication instruction, and judging whether inside exists and identify corresponding median with private key, is perform step 123; Otherwise perform step 118 ';
Wherein, card judges inner not exist when identify corresponding median with private key, also comprises: card judges whether that existence identifies corresponding PKI with private key, is perform step 120; Otherwise perform step 118 ';
Step 118 ': card judges whether to exist and identifies corresponding private key with private key, is obtain private key, calculates PKI to private key, preserve PKI, perform step 119; Otherwise report an error end, returns step 102;
Step 124 replaces with: card obtains the outer random number of card from rapid authentication instruction, data to be signed are organized according to the outer random number of card, adopt preset algorithm to sign to the private key of private key mark correspondence, the median of private key mark correspondence and data to be signed, obtain result of signing.
Step 128 replaces with: card obtains private key mark from the instruction of compound Dynamic Data Authentication, and judging whether inside exists and identify corresponding median with private key, is perform step 134; Otherwise perform step 129 ';
Wherein, card judges inner not exist when identify corresponding median with private key, also comprises: card judges whether that existence identifies corresponding PKI with private key, is perform step 130; Otherwise perform step 129 ';
Step 129 ': card judges whether to exist and identifies corresponding private key with private key, is obtain private key, calculates PKI to private key, preserve PKI, perform step 130; Otherwise report an error end, returns step 102;
Step 140 replaces with: card obtains the outer random number of card from the instruction of compound Dynamic Data Authentication, data to be signed are organized according to the outer random number of card, adopt preset algorithm to sign to the private key of private key mark correspondence, the median of private key mark correspondence and data to be signed, obtain result of signing.
Adopt the method that the present embodiment provides, card can process the Dynamic Data Authentication instruction that host computer issues, and organizes data to be signed, signs to data to be signed and median; Card can process the rapid authentication instruction that host computer issues, and organizes data to be signed, signs to data to be signed and median; Card can process the compound Dynamic Data Authentication instruction that host computer issues, and organizes data to be signed, signs to data to be signed and median; And by the instruction of process private key, private key can be upgraded, and calculates median; Adopt and when private key does not change, directly can use median in this way, save the time of signature.
Above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; change can be expected easily or replace, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (18)
1. a data signature method safely and fast, is characterized in that, comprising:
Step S1: card powers on;
Step S2: the instruction that described card wait-receiving mode host computer issues, and judge the type of described instruction, if import private key instruction, then perform step S3; If data signature instruction, then perform step S4;
Step S3: described card obtains ciphertext from the instruction of described importing private key, adopts default decipherment algorithm and preset-key to be decrypted described ciphertext and obtains private key, preserve described private key, return step S2;
Step S4: described card judges whether therein exists median, is, performs step S9; Otherwise perform step S5;
Step S5: described card judges whether to there is private key, is, obtains described private key, calculates PKI to described private key, preserves described PKI, performs step S6; Otherwise report an error, return step S2;
Step S6: described card obtains the subscriber identity information that self preserves, and calculates the length of described subscriber identity information;
Step S7: described card obtains the data message that self preserves, and calculates the first result to the length of described subscriber identity information, described subscriber identity information, described data message;
Step S8: described card calculates median to described first result and described PKI, preserves described median;
Step S9: described card obtains the outer random number of card from described data signature instruction, data to be signed are organized according to the outer random number of described card, preset algorithm is adopted to sign to described private key, described median and described data to be signed, obtain result of signing, send the signature response comprising described signature result to described host computer, return step S2.
2. the method for claim 1, is characterized in that, described data message comprises: the first element, the second element, element, the 4th element; Described card calculates the first result to the length of described subscriber identity information, described subscriber identity information, described data message, is specially:
Described card is by the length of described subscriber identity information, described subscriber identity information, described first element, described second element, described element and described 4th element sequential concatenation, and the result obtained is as the first result.
3. the method for claim 1, is characterized in that, described step S8 is specially:
Described card, by described first result and described PKI sequential concatenation, does Hash calculation to the splicing result obtained, and the Hash result obtained is as median and preserve.
4. the method for claim 1, is characterized in that, before described step S6, also comprises:
Described card judges whether existence first result, is, obtains described first result, performs step S8; Otherwise perform step S6;
Described step S7, also comprises: preserve described first result.
5. the method for claim 1, is characterized in that, described employing preset algorithm is signed to described private key, described median and described data to be signed, obtains result of signing, is specially:
Step X1: described card, by described median and described data to be signed sequential concatenation, carries out Hash calculation to the splicing result obtained, obtains the first result of calculation;
Step X2: described card generates card random number, obtains the element and the 4th element of self preserving, and calculates, obtain the first numerical value according to described card random number, described element and described 4th element;
Step X3: described card obtains the The Fifth Element that self preserves, calculates according to described first result of calculation, described first numerical value and described The Fifth Element, obtains the Part I data of signature result;
Step X4: described card judges whether the Part I data of described signature result meet pre-conditioned, are return step X2; Otherwise perform step X5;
Step X5: described card calculates according to the Part I data of described private key, described card random number, described signature result and described The Fifth Element, obtains the Part II data of signature result, performs step X6;
Step X6: described card judges whether the Part II data of described signature result equal 0, are return step X2; Otherwise perform step X7;
Step X7: described card by the splicing of the Part II data sequence of the Part I data of described signature result and described signature result, using the splicing result that obtains as signature result.
6. the method for claim 1, is characterized in that, described in obtain signature result after, also comprise:
Described card judges whether successfully to carry out signature operation, is, sends the signature response comprising described signature result, return step S2 to described host computer; Otherwise send signature failure information to described host computer, return step S2.
7. the method for claim 1, is characterized in that, described data signature instruction is Dynamic Data Authentication instruction;
When the instruction that host computer issues is Dynamic Data Authentication instruction, also comprise: described card judges that whether described Dynamic Data Authentication instruction is legal, is perform step S4; Otherwise send Dynamic Data Authentication instruction information unauthorized to described host computer, return step S2;
Describedly organize data to be signed according to the outer random number of described card, be specially: described card generates card dynamic random number, by the first data, the length of described card dynamic random number, the outer random number sequential concatenation of described card dynamic random number and described card self preserved, using the splicing result that obtains as data to be signed.
8. method as claimed in claim 7, it is characterized in that, described card judges that whether described Dynamic Data Authentication instruction is legal, is specially:
Step a1: described card judges whether the value of the first byte of described Dynamic Data Authentication instruction is 0X00, is perform step a2; Otherwise send Dynamic Data Authentication instruction information unauthorized to described host computer, return step S2;
Step a2: described card judges the 3rd of described Dynamic Data Authentication instruction the, whether the value of nybble is 0X00,0X00, is perform step a3; Otherwise send Dynamic Data Authentication instruction information unauthorized to described host computer, return step S2;
Step a3: described card obtains to the data in last byte from the 6th byte of described Dynamic Data Authentication instruction, calculate the length of the data got, judging that whether the value of the 5th byte of described Dynamic Data Authentication instruction is identical with the length of the described data got, is perform step a4; Otherwise send Dynamic Data Authentication instruction information unauthorized to described host computer, return step S2;
Step a4: described card obtains the application interaction feature preserved in advance, judging whether to support Dynamic Data Authentication operation according to described application interaction feature, is perform step S4; Otherwise send Dynamic Data Authentication instruction information unauthorized to described host computer, return step S2.
9. the method for claim 1, is characterized in that, described data signature instruction is rapid authentication instruction;
When the instruction that host computer issues is rapid authentication instruction, also comprise: described card judges that whether described rapid authentication instruction is legal, is perform step S4; Otherwise send rapid authentication instruction information unauthorized to described host computer, return step S2;
Describedly organize data to be signed according to the outer random number of described card, be specially: described card obtains the key message that self preserves, by the outer random number of described card and described key message sequential concatenation, result will be spliced as data to be signed.
10. method as claimed in claim 9, it is characterized in that, described card judges that whether described rapid authentication instruction is legal, is specially:
Step b1: described card judges whether the value of the first byte of described rapid authentication instruction is 0X80, is perform step b2; Otherwise send rapid authentication instruction information unauthorized to described host computer, return step S2;
Step b2: described card judges the 3rd of described rapid authentication instruction the, whether the value of nybble is 0X00,0X00, is perform step b3; Otherwise send rapid authentication instruction information unauthorized to described host computer, return step S2;
Step b3: described card obtains to the data in last byte from the 6th byte of described rapid authentication instruction, calculate the length of the data got, judging that whether the value of the 5th byte of described rapid authentication instruction is identical with the length of the described data got, is perform step b4; Otherwise send rapid authentication instruction information unauthorized to described host computer, return step S2;
Step b4: described card obtains the application interaction feature preserved in advance, judging whether to support rapid authentication operation according to described application interaction feature, is perform step S4; Otherwise send rapid authentication instruction information unauthorized to described host computer, return step S2.
11. the method for claim 1, is characterized in that, described data signature instruction is the instruction of compound Dynamic Data Authentication;
When the instruction that host computer issues is the instruction of compound Dynamic Data Authentication, also comprise: described card judges that whether the instruction of described compound Dynamic Data Authentication is legal, is perform step S4; Otherwise send compound Dynamic Data Authentication instruction information unauthorized to described host computer, return step S2.
12. methods as claimed in claim 11, is characterized in that, described card judges that whether the instruction of described compound Dynamic Data Authentication is legal, is specially:
Step c1: described card judges whether the value of the first byte of described compound Dynamic Data Authentication instruction is 0X80, is perform step c2; Otherwise send compound Dynamic Data Authentication instruction information unauthorized to described host computer, return step S2;
Step c2: described card judges the 3rd of the instruction of described compound Dynamic Data Authentication the, whether the value of nybble is 0X00,0X00, is perform step c3; Otherwise send compound Dynamic Data Authentication instruction information unauthorized to described host computer, return step S2;
Step c3: described card obtains to the data in last byte from the 6th byte of described compound Dynamic Data Authentication instruction, the length of the data got described in calculating, judging that whether the value of the 5th byte of described compound Dynamic Data Authentication instruction is identical with the length of the described data got, is perform step c4; Otherwise send compound Dynamic Data Authentication instruction information unauthorized to described host computer, return step S2;
Step c4: described card obtains the application interaction feature preserved in advance, judging whether to support the dynamic data authentication operations of compound according to described application interaction feature, is perform step S4; Otherwise send compound Dynamic Data Authentication instruction information unauthorized to described host computer, return step S2.
13. methods as claimed in claim 9, is characterized in that,
When the instruction that described host computer issues is rapid authentication instruction, also comprise: empty buffer area; When judging that described rapid authentication instruction is legal, also comprise:
Described rapid authentication instruction is saved in described buffer area, the first count value is set to initial value, perform step S4;
Described data signature instruction is the instruction of compound Dynamic Data Authentication, when the instruction that host computer issues is the instruction of compound Dynamic Data Authentication, described card obtains the outer random number of card from described data signature instruction, organizes data to be signed, specifically comprise according to the outer random number of described card:
Step K 1: described card judges whether there are data in buffer area, is, performs step K 2; Otherwise report an error, return step S2;
Step K 2: described card obtains the data in described buffer area, the data got and described compound Dynamic Data Authentication instruction sequences are spliced, using the splicing result that obtains as treating hash, obtain described first count value, judge whether described first count value is initial value, is, performs step K 4; Otherwise perform step K 3;
Step K 3: described card empties described buffer area, is set to initial value by described first count value, performs step K 5;
Step K 4: by described, described card treats that hash is stored in described buffer area, upgrades described first count value, performs step K 5;
Step K 5: to described, described card treats that hash carries out Hash calculation, obtain Hash result, obtains the outer random number of card from the instruction of described compound Dynamic Data Authentication, organizes data to be signed according to described Hash result and the outer random number of described card.
14. methods as claimed in claim 13, is characterized in that, describedly organize data to be signed according to the outer random number of described Hash result and described card, are specially:
Described card obtains the second data that self preserves, obtain the 3rd data of self preserving, obtain ciphertext in the 4th data of self preserving, the card obtaining self preservation, by outer to ciphertext, described Hash result and described card in described second data, described 3rd data, described 4th data, described card random number sequential concatenation, using the splicing result that obtains as data to be signed.
15. the method for claim 1, is characterized in that, also comprise: generate double secret key instruction;
That when generating double secret key instruction, described card generates private key, and preserves described private key, returns step S2 when card receives the instruction that host computer issues.
16. the method for claim 1, is characterized in that, described step S3, is specially:
Described card obtains ciphertext from the instruction of described importing private key, adopts default decipherment algorithm to be decrypted described ciphertext and obtains private key and private key mark, preserve described private key and described private key mark;
Described step S4, is specially: described card obtains private key mark from described data signature instruction, judges whether therein exists median corresponding to described private key mark, is perform step S9 '; Otherwise perform step S5 ';
Step S5 ': described card judges whether to there is private key corresponding to described private key mark, is obtain described private key, calculates PKI to described private key, preserve described PKI, perform step S6; Otherwise report an error, return step S2;
Step S9 ': described card obtains the outer random number of card from described data signature instruction, data to be signed are organized according to the outer random number of described card, preset algorithm is adopted to sign to the private key of described private key mark correspondence, the median of described private key mark correspondence and described data to be signed, obtain result of signing, send the signature response comprising described signature result to described host computer, return step S2.
17. methods as described in claim 1 or 15, is characterized in that, after the described private key of described preservation, also comprise:
PKI is calculated according to described private key, preserve described PKI, obtain the subscriber identity information self preserved, calculate the length of described subscriber identity information, obtain the data message self preserved, first result is calculated to the length of described subscriber identity information, described subscriber identity information, described data message, median is calculated to described first result and described PKI, preserves described median;
Described step S4, is specially: described card judges whether to there is median, is, performs step S9; Otherwise report an error, return step S2.
18. the method for claim 1, it is characterized in that, described step S3 specifically comprises: described card judges whether therein exists median, remove described median, ciphertext is obtained from the instruction of described importing private key, adopt default decipherment algorithm and preset-key to be decrypted described ciphertext and obtain private key, preserve described private key, return step S2; Otherwise from the instruction of described importing private key, obtain ciphertext, adopt default decipherment algorithm and preset-key to be decrypted described ciphertext and obtain private key, preserve described private key, return step S2.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410657600.5A CN104579677B (en) | 2014-11-18 | 2014-11-18 | A kind of data signature method safely and fast |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410657600.5A CN104579677B (en) | 2014-11-18 | 2014-11-18 | A kind of data signature method safely and fast |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104579677A true CN104579677A (en) | 2015-04-29 |
| CN104579677B CN104579677B (en) | 2017-12-19 |
Family
ID=53094957
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410657600.5A Active CN104579677B (en) | 2014-11-18 | 2014-11-18 | A kind of data signature method safely and fast |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104579677B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104852806A (en) * | 2015-05-15 | 2015-08-19 | 飞天诚信科技股份有限公司 | Method for realizing signature based on secret key type |
| CN105188018A (en) * | 2015-08-17 | 2015-12-23 | 飞天诚信科技股份有限公司 | Safety device and working method thereof |
| CN106603238A (en) * | 2015-10-20 | 2017-04-26 | 飞天诚信科技股份有限公司 | Multi-digital-certificate issuing system and equipment, and working methods thereof |
| CN108055133A (en) * | 2017-12-12 | 2018-05-18 | 江苏安凰领御科技有限公司 | A kind of key secure signing method based on block chain technology |
| CN109446786A (en) * | 2018-12-25 | 2019-03-08 | 飞天诚信科技股份有限公司 | A kind of working method and intelligent key apparatus of intelligent key apparatus |
| CN109981284A (en) * | 2019-03-11 | 2019-07-05 | 北京三未信安科技发展有限公司 | A kind of implementation method and device of digital signature of elliptic curve |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2000028493A1 (en) * | 1998-11-10 | 2000-05-18 | Kent Ridge Digital Labs | A method of encryption and apparatus therefor |
| EP1030282A1 (en) * | 1997-09-02 | 2000-08-23 | Cadix Inc. | Digital signature generating server and digital signature generating method |
| CN102651743A (en) * | 2012-05-02 | 2012-08-29 | 飞天诚信科技股份有限公司 | Method for generating token seeds |
| CN103095460A (en) * | 2013-01-22 | 2013-05-08 | 飞天诚信科技股份有限公司 | Intelligent card safety communication method |
-
2014
- 2014-11-18 CN CN201410657600.5A patent/CN104579677B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1030282A1 (en) * | 1997-09-02 | 2000-08-23 | Cadix Inc. | Digital signature generating server and digital signature generating method |
| WO2000028493A1 (en) * | 1998-11-10 | 2000-05-18 | Kent Ridge Digital Labs | A method of encryption and apparatus therefor |
| CN102651743A (en) * | 2012-05-02 | 2012-08-29 | 飞天诚信科技股份有限公司 | Method for generating token seeds |
| CN103095460A (en) * | 2013-01-22 | 2013-05-08 | 飞天诚信科技股份有限公司 | Intelligent card safety communication method |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104852806A (en) * | 2015-05-15 | 2015-08-19 | 飞天诚信科技股份有限公司 | Method for realizing signature based on secret key type |
| CN104852806B (en) * | 2015-05-15 | 2018-01-05 | 飞天诚信科技股份有限公司 | A kind of implementation method signed according to Key Tpe |
| CN105188018A (en) * | 2015-08-17 | 2015-12-23 | 飞天诚信科技股份有限公司 | Safety device and working method thereof |
| CN105188018B (en) * | 2015-08-17 | 2018-08-28 | 飞天诚信科技股份有限公司 | A kind of safety device and its working method |
| CN106603238A (en) * | 2015-10-20 | 2017-04-26 | 飞天诚信科技股份有限公司 | Multi-digital-certificate issuing system and equipment, and working methods thereof |
| CN106603238B (en) * | 2015-10-20 | 2019-06-18 | 飞天诚信科技股份有限公司 | A kind of multi-digital certificate signs and issues system, certificate management end, issue apparatus and its working method |
| CN108055133A (en) * | 2017-12-12 | 2018-05-18 | 江苏安凰领御科技有限公司 | A kind of key secure signing method based on block chain technology |
| CN108055133B (en) * | 2017-12-12 | 2020-02-14 | 江苏安凰领御科技有限公司 | Key security signature method based on block chain technology |
| CN109446786A (en) * | 2018-12-25 | 2019-03-08 | 飞天诚信科技股份有限公司 | A kind of working method and intelligent key apparatus of intelligent key apparatus |
| CN109446786B (en) * | 2018-12-25 | 2021-01-01 | 飞天诚信科技股份有限公司 | Working method of intelligent secret key device and intelligent secret key device |
| CN109981284A (en) * | 2019-03-11 | 2019-07-05 | 北京三未信安科技发展有限公司 | A kind of implementation method and device of digital signature of elliptic curve |
| CN109981284B (en) * | 2019-03-11 | 2022-04-29 | 三未信安科技股份有限公司 | Method and device for realizing elliptic curve digital signature |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104579677B (en) | 2017-12-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104579677A (en) | Secure and rapid data signature method | |
| CN106301774B (en) | Safety chip, its encryption key generation method and encryption method | |
| CN100487715C (en) | Date safety storing system, device and method | |
| CN103914913B (en) | A kind of application of IC cards scene recognition method and system | |
| US9515821B2 (en) | Apparatus and method for data encryption | |
| CN105450620A (en) | Information processing method and device | |
| CN107005577B (en) | Fingerprint data processing method and processing device | |
| CN109872155A (en) | Data processing method and device | |
| CN108075882A (en) | Cipher card and its encipher-decipher method | |
| CN106874743B (en) | Method and system for storing and extracting smart card password | |
| CN103955654A (en) | USB (Universal Serial Bus) flash disk secure storage method based on virtual file system | |
| CN103888938A (en) | PKI private key protection method of dynamically generated key based on parameters | |
| JP2011512726A (en) | Smart card protection | |
| CN106131080A (en) | The method and device of transmission medical image data | |
| CN111385084A (en) | Key management method and device for digital assets and computer readable storage medium | |
| WO2010057423A1 (en) | Encryption and decryption method and system for ic card and the reader device | |
| CN102456116A (en) | File encryption method, file decryption method and devices | |
| CN106778285A (en) | For method, the device upgraded to equipment | |
| CN109274644A (en) | A kind of data processing method, terminal and watermark server | |
| RU2012130527A (en) | METHOD OF EXECUTION AND SYSTEM OF UNIVERSAL ELECTRONIC CARD AND SMART CARD | |
| CN105468940A (en) | Software protection method and apparatus | |
| CN104579680A (en) | Method for safe distribution of seed | |
| CN102135944A (en) | Method for safe data storage in mobile communication equipment | |
| CN113722741A (en) | Data encryption method and device and data decryption method and device | |
| JP5992651B2 (en) | ENCRYPTION METHOD, PROGRAM, AND SYSTEM |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |