CN107947939A - Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms - Google Patents
Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms Download PDFInfo
- Publication number
- CN107947939A CN107947939A CN201711164440.0A CN201711164440A CN107947939A CN 107947939 A CN107947939 A CN 107947939A CN 201711164440 A CN201711164440 A CN 201711164440A CN 107947939 A CN107947939 A CN 107947939A
- Authority
- CN
- China
- Prior art keywords
- digital signature
- digital
- pdf document
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
- G06F21/645—Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3252—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Abstract
The invention discloses a kind of PDF endorsement methods and system for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, including:Transmitting terminal sends PDF document to be signed;For receiving terminal there are the digital certificate of signer, receiving terminal acquisition PDF document, checks the validity of the digital certificate of signer;Made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, produce summary information to be signed;Signed with SM2 Digital Signature Algorithms and private cipher key pair summary information to be signed, produce digital signature value;Digital signature value is verified;The signature body of CAdES forms is generated with the digital signature value of generation and the digital certificate of signer, synthesizes the PDF document containing this digital signature, completes PDF signatures.SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms are applied in PDF signatures by the present invention so that digital signature is safer, quick and reliable.
Description
Technical field
The present invention relates to PDF endorsement method technical fields, and in particular to one kind supports SM3 cryptographic Hash algorithm and SM2 numbers
The PDF endorsement methods and system of word signature algorithm.
Background technology
PDF English full name is Portable Document Format, is translated into Portable Document format, is a kind of electronics text
Part form.This file format is unrelated with operating system platform, i.e., pdf document is either in Windows, and Unix is still in Mac
All it is general in OS operating systems.The preferable file that this feature makes it electronic document distribution and digital information is propagated
Form.PDF format file becomes the actual industrial standard of digital information at present.
Huge numbers of families are come into internet and smart mobile phone, people are more and more using the scene of internet, accordingly
E-commerce and E-Government all can carry out on the internet.It thus form a huge electronic signature city
, to solve the challenge that internet is brought, the i.e. requirement to confidentiality, integrality, authentication and authorization and non repudiation.
Digital signature (digital signature), it is similar to handwritten signature, exchanged between government department, enterprise and client
During file, recipient will carry out received document the discriminating of validity, and document is just can determine that after the identity of verification sender
It is whether effective.Digital signature is that the certificate of digital form is signed on document, signer identity and text in document signature domain
State after shelves signature, which all would indicate that, to be come, to facilitate verification.Such as on June 30th, 2000, US President Clinton signature《Numeral
Signature bill》, make digital signature that there is legal effect as traditional signatures in the U.S..Chinese Government also has passed through digital label
The relevant laws and regulations of name.
At present, the PDF softwares of in the market, Adobe Reader and the Adobe Acrobat under Adobe, generally all
It is built-in to support the signature plug-in unit of RSA Algorithm, while support a variety of digest algorithms, such as SHA1, SHA256, SHA384, SHA512
Deng, but do not support the digest algorithm SM3 cryptographic Hash used in SM2 Digital Signature Algorithms and SM2 Digital Signature Algorithms
Algorithm.
SM2 Digital Signature Algorithms belong to one in elliptic curve encryption algorithm (ECC), in the identical situation of key length
Under, compared to RSA Algorithm, its security higher, take up space smaller, and signature speed is faster.The PDF such as Adobe software suppliers
Only support to sign using RSA certificates at present, None- identified SM2 algorithms.For the consideration of information security, Chinese in 2010
Password Management office of people republic just discloses the professional standard of SM2 algorithms, and exists always in implementation national secret algorithm SM2 algorithms energetically
Use in all trades and professions.Instantly under internet environment, the scene signed to pdf document is very universal, so to PDF
The demand for carrying out SM2 signatures is urgently to be resolved hurrily.
The content of the invention
To solve the above problems, it is an object of the invention to provide one kind to support SM3 cryptographic Hash algorithm and SM2 numeral label
The PDF endorsement methods and system of name algorithm so that digital signature is safer, quick and reliable.
The purpose of the present invention can be reached by adopting the following technical scheme that:
A kind of PDF endorsement methods for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, comprise the following steps:
1) transmitting terminal sends PDF document to be signed;
2) receiving terminal is there are the digital certificate of signer, and receiving terminal obtains PDF document, to having for the digital certificate of signer
Effect property is checked;
3) made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, produce summary information to be signed;
4) the private cipher key pair step 3) in SM2 Digital Signature Algorithms and signer digital certificate is used to produce to be signed
Summary information is signed, and produces digital signature value;
5) digital signature value of step 4) generation is verified, judges whether digital signature is effective according to check results,
Step 6) is carried out if effectively, if invalid re-execute step 3);
6) with produce digital signature value and signer digital certificate generation CAdES forms signature body, and by its with
PDF document synthesizes the PDF document containing this digital signature, completes PDF signatures.
Further preferably, a kind of PDF endorsement methods for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, including
Following steps:
1) transmitting terminal sends PDF document to be signed;
2) for receiving terminal there are the digital certificate of signer, receiving terminal acquisition PDF document, calls SSQ-GM, to signer
The validity of digital certificate is checked;
3) SSQ-GM is called, is made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, produces to be signed pluck
Want message;
4) SSQ-GM is called, is produced with the private cipher key pair step 3) in SM2 Digital Signature Algorithms and signer digital certificate
Raw summary information to be signed is signed, and produces digital signature value;
5) SSQ-GM is called, the digital signature value of step 4) generation is verified, judges numeral label according to check results
Whether name is effective, step 6) is carried out if effectively, if invalid re-execute step 3);
6) SSQ-GM is called, the signature of CAdES forms is generated with the digital signature value of generation and the digital certificate of signer
Body, and it is synthesized to the PDF document containing this digital signature with PDF document, complete PDF signatures.
In the present invention, SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms are applied in PDF so that digital signature
It is safer, quick and reliable.SSQ-GM is the development library that Hangzhou Shang Shangqian network technology Co., Ltd provides, towards masses
It is open, it is that believable third-party vendor (Hangzhou Shang Shangqian network technology Co., Ltd) provides.It is a JAVA language storehouse,
Main offer national secret algorithm correlation function, including the signature sign test of SM2 Digital Signature Algorithms (abbreviation SM2 algorithms), SM3 passwords are miscellaneous
Gather algorithm (abbreviation SM3 algorithms) calculating and PDF synthesis etc. function.
In step 1), transmitting terminal sends the PDF document with signature.
In step 2), the digital certificate includes private cipher key and public key certificate.The public key certificate includes identity
Public keys, title, Notified Body's title, the digital ID card number of owner, and the information such as digital signature of Notified Body.
What digital identity can be provided by believable digital certificate authentication center.
The validity of the digital certificate of signer is checked, including:
Whether before the deadline digital certificate, using the authenticity of digital certificate, checks whether digital certificate has been revoked.
In step 5), digital signature value, which carries out verification, to be included:
Digital signature value is carried out using the public keys that the verification algorithm and public key certificate of SM2 Digital Signature Algorithms include
Verification.
In step 6), when generating the signature body of CAdES forms, while timestamp is added.CAdES is CMS Advanced
Electronic Signatures, are CMS advanced electronic signatures.Under normal circumstances, after algorithm is broken, easily forge, meeting
There is weak verifiability:Signing, it is trustless correctly still to sign, and when the signature time may be forged and actually sign, certificate is
Failure, or revoked.The signature body of CAdES forms is used in the present invention, could be realized based on SM2 Digital Signature Algorithms, should
The signature body of CAdES forms allows subsidiary CRL (certificate revocation list) and OCSP (online certificate status protocol), even in algorithm
On the premise of being broken, CAdES can also keep the strong verifiability of signature in a long time in the present invention, you can to realize length
Time interior correct and trusted of signing.
The signature body is pkcs7 signature bodies.
A kind of PDF signature systems for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, including transmitting terminal and connect
Receiving end:
The transmitting terminal further comprises:
Sending module, for sending PDF document to be signed;
Receiving module, the new PDF document synthesized after the signature sent for obtaining receiving terminal;
The receiving terminal further comprises:
Acquisition module, for obtaining PDF document to be signed;
Certificate validity checking module, checks the validity of digital certificate;
Summarization module, digest calculations are carried out with SM3 cryptographic Hash algorithm to the PDF document of acquisition;
Signature blocks, with the PDF texts after the private cipher key pair summary in SM2 Digital Signature Algorithms and signer digital certificate
Shelves are signed, and produce digital signature value;
Correction verification module, the public keys included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms is to numeral
Signature value is verified, if verification failure, re-calls summarization module and signature blocks, if verifying successfully, calls synthesis
Module;
Synthesis module, generates the signature body of CAdES forms, and embedded PDF document, synthesizes new PDF document;
Sending module, for the PDF document after synthesis to be sent to transmitting terminal.
Further preferably, a kind of PDF signature systems for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, including
Transmitting terminal and receiving terminal:
The transmitting terminal further comprises:
Sending module, for sending PDF document to be signed;
Receiving module, the new PDF document synthesized after the signature sent for obtaining receiving terminal;
The receiving terminal further comprises:
Acquisition module, for obtaining PDF document to be signed;
Certificate validity checking module, for calling SSQ-GM, checks the validity of digital certificate;
Summarization module, for calling SSQ-GM, digest calculations are carried out with SM3 cryptographic Hash algorithm to the PDF document of acquisition;
Signature blocks, for calling SSQ-GM, with the private cipher key in SM2 Digital Signature Algorithms and signer digital certificate
Sign to the PDF document after summary, produce digital signature value;
Correction verification module, for calling SSQ-GM, is included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms
Public keys verifies digital signature value, if verification failure, re-call summarization module and signature blocks, if verification into
Work(, then call synthesis module;
Synthesis module, for calling SSQ-GM, generates the signature body of CAdES forms, and embedded PDF document, synthesizes new
PDF document;
Sending module, for the PDF document after synthesis to be sent to transmitting terminal.
The system further includes:Timestamp module, timestamp is added when synthesizing new PDF document for synthesis module.
The present invention has following beneficial effect for the prior art:
1. the present invention specially supports SM2 Digital Signature Algorithms and SM3 cryptographic Hash algorithms, solves existing PDF document
Reader does not support national secret algorithm, including SM2 Digital Signature Algorithms and SM3 cryptographic Hash algorithms, and can not use SM2 numeral label
The problem of name algorithm signs PDF document.
2. the SM2 Digital Signature Algorithms that the present invention supports are safer compared to more existing RSA Algorithm, quick and reliable, branch
Hold the significant of SM2 algorithms, the demand of electronic signature is increasingly enhanced under current internet environment, RSA Algorithm is meets
Its security and cause key long so that its sign efficiency be extremely restricted, and SM2 Digital Signature Algorithms provide it is powerful
Security performance and speed ability cause it to become the first choice on future market, therefore there is an urgent need to can support SM2 in market
The electronic signature product of Digital Signature Algorithm.
Brief description of the drawings
Fig. 1 is the flow diagram of the PDF endorsement methods of the embodiment of the present invention 1;
Fig. 2 is the structure diagram of the PDF signature systems of the embodiment of the present invention 2;
Fig. 3 is the overview flow chart that the PDF signature systems of the embodiment of the present invention 2 are run.
Embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to the accompanying drawings and embodiments, it is right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
On the contrary, the present invention covers any replacement done in the spirit and scope of the present invention being defined by the claims, repaiies
Change, equivalent method and scheme.Further, in order to make the public have a better understanding the present invention, below to the thin of the present invention
It is detailed to describe some specific detail sections in section description.Part without these details for a person skilled in the art
Description can also understand the present invention completely.
Embodiment 1:
This example supports the PDF endorsement methods of SM2 as shown in Figure 1, transmission receive process and receiving terminal including transmitting terminal
Signature process.
The transmission receive process of the transmitting terminal comprise the following steps:
S1, transmitting terminal send PDF document to be signed.
S2, receive the PDF document after signature;
The signature process of the receiving terminal comprises the following steps:
S1, receiving terminal are there are the digital certificate of signer, and receiving terminal obtains PDF document, and digital certificate to include private cipher key
And public key certificate.Public key certificate includes public keys, title, Notified Body's title, the digital ID card number of identity owner, with
And the information such as digital signature of Notified Body.What digital identity can be provided by believable digital certificate authentication center.Call SSQ-
GM, checks the validity of the digital certificate of signer, and the validity of the digital certificate of signer is checked, bag
Include:Whether before the deadline digital certificate, using the authenticity of digital certificate, checks whether digital certificate has been revoked;
S2, call SSQ-GM, is made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, produces to be signed pluck
Want message;
SSQ-GM, is a development library of Hangzhou Shang Shangqian network technology Co., Ltd, it is a JAVA language storehouse, main
National secret algorithm correlation function is provided, includes the work(such as the signature sign test of SM2 algorithms, digest calculations and the PDF synthesis of SM3 algorithms
Can, the digest calculations ability of SSQ-GM is used here, fixed digit can be calculated by hashing algorithm in message
Message digest value;Wherein, the SM3 algorithms are the digest algorithms in the national secret algorithm of national Password Management office issue;
S3, call SSQ-GM, is produced with the private cipher key pair step 3) in SM2 Digital Signature Algorithms and signer digital certificate
Raw summary information to be signed is signed, and produces digital signature value;
The SM2 Digital Signature Algorithms are to be used for encrypting and decrypting in the national secret algorithm of national Password Management office issue, are signed
The algorithm that sign test and key exchange.
S4, the public keys included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms are to digital signature value
Verified, to ensure that signature is correct;
S5, pkcs7 signature bodies and insertion quilt by the synthesis CAdES forms such as digital certificate of digital signature value and signer
In signing pdfs document, new PDF is generated.
When generating the signature body of CMS advanced electronic signatures (CAdES) form, while add timestamp.
Embodiment 2:
As shown in Fig. 2, present embodiments provide a kind of PDF for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms
Signature system, the system include transmitting terminal and receiving terminal.Overall procedure is as shown in figure 3, transmitting terminal sends PDF document, signature card
Insertion PDF passes transmitting terminal back again after book and signing certificate chain are signed by receiving terminal.
The transmitting terminal includes sending module and receiving module, and each module concrete function is as follows:
The sending module, for sending PDF document to be signed.
The receiving module, the PDF document signed for obtaining receiving terminal.
The receiving terminal includes acquisition module, summarization module, signature blocks, correction verification module, synthesis module, timestamp mould
Block, sending module, the concrete function of modules are as follows:
Acquisition module, for obtaining PDF document to be signed, there are digital certificate, the digital certificate bag for receiving terminal
Include private cipher key (PrivateKey) and public key certificate.The public key certificate includes the public keys of identity owner
(PublicKey), title, Notified Body's title, digital ID card number, and the information such as digital signature of Notified Body.Numeral
What identity can be provided by believable digital certificate authentication center.
Certificate validity checking module, for calling SSQ-GM, checks the validity of digital certificate;
Summarization module, for calling SSQ-GM, for PDF document to be carried out digest calculations using SM3 cryptographic Hash algorithm
Obtain the digest value of a fixed digit.
Signature blocks, for calling SSQ-GM, for using the private in SM2 Digital Signature Algorithms and signer digital certificate
There is key that the digest value of PDF document is signed, produce digital signature value.
Correction verification module, for calling SSQ-GM, is included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms
Public keys verifies digital signature value, if verification failure, re-call summarization module and signature blocks, if verification into
Work(, then call synthesis module;
Timestamp module, timestamp is added when synthesizing new PDF document for synthesis module;
Synthesis module, for calling SSQ-GM, for using digital signature value, timestamp, digital certificates generation CAdES lattice
The PKCS7 signature bodies of formula, embedded PDF document, synthesizes new PDF document.
Sending module, for the new PDF document of synthesis to be sent to transmitting terminal.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all essences in the present invention
All any modification, equivalent and improvement made within refreshing and principle etc., should all be included in the protection scope of the present invention.
Claims (10)
- A kind of 1. PDF endorsement methods for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, it is characterised in that including with Lower step:1) transmitting terminal sends PDF document to be signed;2) receiving terminal is there are the digital certificate of signer, and receiving terminal obtains PDF document, to the validity of the digital certificate of signer Checked;3) made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, produce summary information to be signed;4) summary to be signed for using the private cipher key pair step 3) in SM2 Digital Signature Algorithms and signer digital certificate to produce Message is signed, and produces digital signature value;5) digital signature value of step 4) generation is verified, judges whether digital signature is effective according to check results, if having Effect then carries out step 6), if invalid re-execute step 3);6) the signature body of CAdES forms is generated with the digital signature value and the digital certificate of signer that produce, and itself and PDF is literary PDF document of the shelves synthesis containing this digital signature, completes PDF signatures.
- A kind of 2. PDF endorsement methods for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, it is characterised in that including with Lower step:1) transmitting terminal sends PDF document to be signed;2) for receiving terminal there are the digital certificate of signer, receiving terminal acquisition PDF document, calls SSQ-GM, to the numeral of signer The validity of certificate is checked;3) SSQ-GM is called, is made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, is produced summary to be signed and disappear Breath;4) SSQ-GM is called, is produced with the private cipher key pair step 3) in SM2 Digital Signature Algorithms and signer digital certificate Summary information to be signed is signed, and produces digital signature value;5) SSQ-GM is called, the digital signature value of step 4) generation is verified, judges that digital signature is according to check results It is no effective, step 6) is carried out if effectively, if invalid re-execute step 3);6) SSQ-GM is called, the signature body of CAdES forms is generated with the digital signature value of generation and the digital certificate of signer, and It is synthesized to the PDF document containing this digital signature with PDF document, completes PDF signatures.
- 3. PDF endorsement methods according to claim 1 or 2, it is characterised in that in step 2), the digital certificate bag Include private cipher key and public key certificate.
- 4. PDF endorsement methods according to claim 3, it is characterised in that the public key certificate includes identity owner Public keys, title, Notified Body's title, digital ID card number, and the digital signature of Notified Body.
- 5. PDF endorsement methods according to claim 1 or 2, it is characterised in that in step 2), demonstrate,prove the numeral of signer The validity of book checked, including:Whether before the deadline digital certificate, using the authenticity of digital certificate, checks whether digital certificate has been revoked.
- 6. PDF endorsement methods according to claim 1 or 2, it is characterised in that in step 5), digital signature value carries out school Test including:The public keys included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms carries out school to digital signature value Test.
- 7. PDF endorsement methods according to claim 1 or 2, it is characterised in that in step 6), in generation CAdES forms During signature body, while add timestamp.
- 8. a kind of PDF signature systems for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, it is characterised in that including hair Sending end and receiving terminal:The transmitting terminal further comprises:Sending module, for sending PDF document to be signed;Receiving module, the new PDF document synthesized after the signature sent for obtaining receiving terminal;The receiving terminal further comprises:Acquisition module, for obtaining PDF document to be signed;Certificate validity checking module, checks the validity of digital certificate;Summarization module, digest calculations are carried out with SM3 cryptographic Hash algorithm to the PDF document of acquisition;Signature blocks, with SM2 Digital Signature Algorithms and signer digital certificate private cipher key pair summary after PDF document into Row signature, produces digital signature value;Correction verification module, the public keys included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms is to digital signature Value is verified, if verification failure, re-calls summarization module and signature blocks, if verifying successfully, call synthesis module;Synthesis module, generates the signature body of CAdES forms, and embedded PDF document, synthesizes new PDF document;Sending module, for the PDF document after synthesis to be sent to transmitting terminal.
- 9. a kind of PDF signature systems for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, it is characterised in that including hair Sending end and receiving terminal:The transmitting terminal further comprises:Sending module, for sending PDF document to be signed;Receiving module, the new PDF document synthesized after the signature sent for obtaining receiving terminal;The receiving terminal further comprises:Acquisition module, for obtaining PDF document to be signed;Certificate validity checking module, for calling SSQ-GM, checks the validity of digital certificate;Summarization module, for calling SSQ-GM, digest calculations are carried out with SM3 cryptographic Hash algorithm to the PDF document of acquisition;Signature blocks, for calling SSQ-GM, are plucked with the private cipher key pair in SM2 Digital Signature Algorithms and signer digital certificate PDF document after wanting is signed, and produces digital signature value;Correction verification module, for calling SSQ-GM, is included public using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms Key verifies digital signature value, if verification failure, re-calls summarization module and signature blocks, if verifying successfully, Then call synthesis module;Synthesis module, for calling SSQ-GM, generates the signature body of CAdES forms, and embedded PDF document, synthesizes new PDF texts Shelves;Sending module, for the PDF document after synthesis to be sent to transmitting terminal.
- 10. PDF signature systems according to claim 8 or claim 9, it is characterised in that the system further includes:Timestamp mould Block, timestamp is added when synthesizing new PDF document for synthesis module.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711164440.0A CN107947939A (en) | 2017-11-21 | 2017-11-21 | Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711164440.0A CN107947939A (en) | 2017-11-21 | 2017-11-21 | Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107947939A true CN107947939A (en) | 2018-04-20 |
Family
ID=61929463
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711164440.0A Pending CN107947939A (en) | 2017-11-21 | 2017-11-21 | Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107947939A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109981287A (en) * | 2019-03-14 | 2019-07-05 | 亚数信息科技(上海)有限公司 | A kind of code signature method and its storage medium |
CN110830257A (en) * | 2018-08-14 | 2020-02-21 | 珠海金山办公软件有限公司 | File signature method and device, electronic equipment and readable storage medium |
CN111523135A (en) * | 2020-07-06 | 2020-08-11 | 飞天诚信科技股份有限公司 | PDF file electronic signature method and device |
CN111552946A (en) * | 2020-04-24 | 2020-08-18 | 上海亘岩网络科技有限公司 | PDF file digital signature method, system and storage medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003008822A (en) * | 2001-06-25 | 2003-01-10 | Nec Corp | Facsimile equipment, system and method for image data transfer, and program |
CN101127107A (en) * | 2006-08-16 | 2008-02-20 | 鸿富锦精密工业(深圳)有限公司 | Electronic document automatic signing system and method |
CN101311950A (en) * | 2007-05-25 | 2008-11-26 | 北京书生国际信息技术有限公司 | Electronic stamp realization method and device |
CN104301119A (en) * | 2014-11-05 | 2015-01-21 | 中国建设银行股份有限公司 | Data signature method, signature verification method, data signature equipment and verification server |
CN104766029A (en) * | 2014-01-03 | 2015-07-08 | 航天信息股份有限公司 | Method and device for performing national cryptologic electronic signature processing on PDF (Portable Document Format) document |
CN106330459A (en) * | 2016-08-25 | 2017-01-11 | 杭州天谷信息科技有限公司 | Electronic keyword signature method |
CN106330462A (en) * | 2016-09-05 | 2017-01-11 | 广东省电子商务认证有限公司 | PDF signature method and system capable of supporting multiple algorithms |
CN107103255A (en) * | 2017-04-27 | 2017-08-29 | 百望电子发票数据服务有限公司 | A kind of electronic invoice layout files verification method and system |
-
2017
- 2017-11-21 CN CN201711164440.0A patent/CN107947939A/en active Pending
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2003008822A (en) * | 2001-06-25 | 2003-01-10 | Nec Corp | Facsimile equipment, system and method for image data transfer, and program |
CN101127107A (en) * | 2006-08-16 | 2008-02-20 | 鸿富锦精密工业(深圳)有限公司 | Electronic document automatic signing system and method |
CN101311950A (en) * | 2007-05-25 | 2008-11-26 | 北京书生国际信息技术有限公司 | Electronic stamp realization method and device |
CN104766029A (en) * | 2014-01-03 | 2015-07-08 | 航天信息股份有限公司 | Method and device for performing national cryptologic electronic signature processing on PDF (Portable Document Format) document |
CN104301119A (en) * | 2014-11-05 | 2015-01-21 | 中国建设银行股份有限公司 | Data signature method, signature verification method, data signature equipment and verification server |
CN106330459A (en) * | 2016-08-25 | 2017-01-11 | 杭州天谷信息科技有限公司 | Electronic keyword signature method |
CN106330462A (en) * | 2016-09-05 | 2017-01-11 | 广东省电子商务认证有限公司 | PDF signature method and system capable of supporting multiple algorithms |
CN107103255A (en) * | 2017-04-27 | 2017-08-29 | 百望电子发票数据服务有限公司 | A kind of electronic invoice layout files verification method and system |
Non-Patent Citations (2)
Title |
---|
ADOBE: "《Document management--portable document format--part1:PDF1.7》", 1 July 2008, HTTPS://WWW.ADOBE.COM/CONTENT/DAM/ACOM/EN/DEVNET/ACROBAT/PDFS/PDF32000_2008.PDF * |
张焕国,唐明编: "《密码学引论》", 30 November 2015, 武汉大学出版社 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110830257A (en) * | 2018-08-14 | 2020-02-21 | 珠海金山办公软件有限公司 | File signature method and device, electronic equipment and readable storage medium |
CN109981287A (en) * | 2019-03-14 | 2019-07-05 | 亚数信息科技(上海)有限公司 | A kind of code signature method and its storage medium |
CN111552946A (en) * | 2020-04-24 | 2020-08-18 | 上海亘岩网络科技有限公司 | PDF file digital signature method, system and storage medium |
CN111523135A (en) * | 2020-07-06 | 2020-08-11 | 飞天诚信科技股份有限公司 | PDF file electronic signature method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10944575B2 (en) | Implicitly certified digital signatures | |
CN107483212B (en) | Method for generating digital signature by cooperation of two parties | |
EP3318043B1 (en) | Mutual authentication of confidential communication | |
CN101212293B (en) | Identity authentication method and system | |
US11880831B2 (en) | Encryption system, encryption key wallet and method | |
CA2838322C (en) | Secure implicit certificate chaining | |
CN103095456B (en) | The processing method of transaction message and system | |
CA2772136C (en) | System and method for providing credentials | |
JP2001051596A (en) | Device and method for generating/verifying data | |
CN107360002B (en) | Application method of digital certificate | |
CN114900304B (en) | Digital signature method and apparatus, electronic device, and computer-readable storage medium | |
GB2487503A (en) | Authentication of digital files and associated identities using biometric information | |
CN107947939A (en) | Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms | |
CN110955918A (en) | Contract text protection method based on RSA encrypted sha-256 digital signature | |
CN107222501A (en) | A kind of information interaction security transmission method and system based on the non-electromagnetic signal of message identification code | |
CN109214146A (en) | The endorsement method of application software, sign test method and apparatus | |
CN114692218A (en) | Electronic signature method, equipment and system for individual user | |
CN114448641A (en) | Privacy encryption method, electronic equipment, storage medium and chip | |
WO2015109958A1 (en) | Data processing method based on negotiation key, and mobile phone | |
Kasodhan et al. | A new approach of digital signature verification based on BioGamal algorithm | |
CN111984959B (en) | Anonymous information publishing and verifying method and device | |
CN107947938A (en) | SM3 algorithms and the verification method and system of SM2 algorithm digital signature are used for PDF | |
EP4231583A1 (en) | Methods and arrangements for establishing digital identity | |
KR101210411B1 (en) | Transaction Protection System and Method using Connection of Certificate and OTP Generated by Keystream | |
JP5354656B2 (en) | Cryptographic communication system, cryptographic communication method, transmitting apparatus and receiving apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180420 |