CN111368339A - Electronic signature loading method and device - Google Patents
Electronic signature loading method and device Download PDFInfo
- Publication number
- CN111368339A CN111368339A CN201911074429.4A CN201911074429A CN111368339A CN 111368339 A CN111368339 A CN 111368339A CN 201911074429 A CN201911074429 A CN 201911074429A CN 111368339 A CN111368339 A CN 111368339A
- Authority
- CN
- China
- Prior art keywords
- certificate authority
- electronic signature
- file
- signed
- generating
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the application discloses an electronic signature loading method. One embodiment of the method comprises: responding to an operation of adding an electronic signature to a file to be signed, and sending signature information and a sealing request for generating the electronic signature to at least two preset certificate authority servers based on the file to be signed; receiving electronic signatures sent by at least two certificate authority servers; for each of at least two certificate authority servers, generating an identifier characterizing whether the certificate authority server is valid; merging the received electronic signatures into a total electronic signature; and loading the total electronic signature and identifiers respectively corresponding to the certificate authority servers into the file to be signed. According to the implementation mode, a plurality of certificate authority servers are used for signing a file at the same time, dependence on a single certificate authority server is avoided, and the safety of electronic signing is improved.
Description
Technical Field
The embodiment of the application relates to the technical field of computers, in particular to an electronic signature loading method and device.
Background
The existing electronic signature needs to call a digital Certificate from a Certificate Authority (CA), and if a server of the CA breaks down due to an attack or communication between the CA server and the outside is interrupted due to a network communication problem, the electronic signature calling the digital Certificate of the CA or a file with the electronic signature is completely invalid, or authenticity and validity of the digital Certificate of the CA cannot be effectively authenticated, thereby increasing security risk.
Disclosure of Invention
An object of the embodiments of the present application is to provide an improved electronic signature loading method to solve the technical problems mentioned in the background section above.
In a first aspect, an embodiment of the present application provides an electronic signature loading method, including: responding to an operation of adding an electronic signature to a file to be signed, and sending signature information and a sealing request for generating the electronic signature to at least two preset certificate authority servers based on the file to be signed; receiving electronic signatures sent by at least two certificate authority servers; for each of at least two certificate authority servers, generating an identifier characterizing whether the certificate authority server is valid; merging the received electronic signatures into a total electronic signature; and loading the total electronic signature and identifiers respectively corresponding to the certificate authority servers into the file to be signed.
In some embodiments, generating an identifier that characterizes whether the certificate authority server is valid comprises: generating an identifier for representing that the certificate authority server is valid in response to receiving the electronic signature sent by the certificate authority server; and generating an identifier for representing that the certificate authority server is invalid in response to not receiving the electronic signature sent by the certificate authority server.
In some embodiments, the method further comprises: and responding to the operation for viewing the total electronic signature, and displaying a digital certificate information list, wherein the digital certificate information in the digital certificate information list corresponds to at least two certificate authority servers one to one.
In some embodiments, loading the total electronic signature and the identifier corresponding to each certificate authority server into the file to be signed, includes: and for each certificate authority server in at least two certificate authority servers, loading an identifier corresponding to the certificate authority server at a position which is specified in advance and corresponds to the display position of the total electronic signature.
In some embodiments, based on a file to be signed, sending signature information and a sealing request for generating an electronic signature to at least two preset certificate authority servers includes: carrying out encryption operation on the file to be signed by using a preset encryption algorithm to generate abstract information of the file to be signed; and sending the signature information including the summary information and the stamping request to at least two certificate authority servers.
In some embodiments, based on a file to be signed, sending signature information and a sealing request for generating an electronic signature to at least two preset certificate authority servers includes: and sending the signing information and the stamping request comprising the file to be signed to at least two certificate authority servers.
In a second aspect, an embodiment of the present application provides an electronic signature loading apparatus, including: the system comprises a sending module, a receiving module and a processing module, wherein the sending module is used for responding to the operation of adding an electronic signature to a file to be signed and sending signature information and a sealing request for generating the electronic signature to at least two preset certificate authority servers based on the file to be signed; the receiving module is used for receiving the electronic signatures sent by the at least two certificate authority servers; a generation module, configured to generate, for each certificate authority server of the at least two certificate authority servers, an identifier used for characterizing whether the certificate authority server is valid; the merging module is used for merging the received electronic signatures into a total electronic signature; and the loading module is used for loading the total electronic signature and the identifiers respectively corresponding to the certificate authority servers into the file to be signed.
In some embodiments, the generating module comprises: the first generating unit is used for responding to the received electronic signature sent by the certificate authority server and generating an identifier used for representing the validity of the certificate authority server; and the second generation unit is used for responding to the fact that the electronic signature sent by the certificate authority server is not received, and generating an identifier for representing that the certificate authority server is invalid.
According to the electronic signature loading method and device provided by the embodiment of the application, the stamping request is sent to the at least two certificate authority servers, the at least two certificate authority servers generate a plurality of electronic signatures for the same file to be signed, then the electronic signatures are combined into a total electronic signature, and the identifier corresponding to each certificate authority server is generated, so that the plurality of certificate authority servers are used for simultaneously signing a file, the dependence on a single certificate authority server is avoided, even if one or more certificate authority servers are in fault or communication interruption, the electronic signatures generated by the rest effective certificate authority can also ensure the validity of the electronic signatures, the validity of the signed file is improved, and the safety of the electronic signatures is fully improved. The validity of the certificate authority server and the condition that whether the certificate authority server keeps effective communication are displayed through the identifier, each validity of a plurality of certificate authority servers and the communication condition of the certificate authority server can be visually displayed, a user can find out the abnormal service condition of the certificate authority server in time, and then timely processing is carried out, the influence of the abnormal server on file signature is reduced, and the safety of electronic signature is fully improved.
Drawings
Other features, objects and advantages of the present application will become more apparent upon reading of the following detailed description of non-limiting embodiments thereof, made with reference to the accompanying drawings in which:
FIG. 1 is an exemplary system architecture diagram in which the present application may be applied;
FIG. 2 is a flow diagram of one embodiment of an electronic signature loading method according to the present application;
FIG. 3 is an exemplary diagram of a digital certificate information list according to an electronic signature loading method of the present application;
FIG. 4 is an exemplary diagram of a consolidated generation of a total electronic signature according to the electronic signature loading method of the present application;
FIG. 5 is an exemplary diagram of another consolidated generation of a total electronic signature according to the electronic signature loading method of the present application;
FIG. 6 is a schematic diagram of an embodiment of an electronic signature loading device according to the present application;
fig. 7 is a schematic structural diagram of a computer system suitable for implementing a terminal device according to an embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings.
It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
FIG. 1 illustrates an exemplary system architecture 100 to which the electronic signature loading method of embodiments of the present application may be applied.
As shown in fig. 1, the system architecture 100 may include a terminal device 101, a network 102, and at least two certificate authority servers 103. The network 102 serves as a medium for providing a communication link between the terminal device 101 and at least two certificate authority servers 103. Network 102 may include various connection types, such as wired, wireless communication links, or fiber optic cables, to name a few.
Each certificate authority server 103 may be a server for providing digital certificate services for the terminal device 101, and the certificate authority server 103 may authenticate by using the signing information uploaded by the terminal device 101 and used for generating an electronic signature of a file to be signed, generate an electronic signature, and feed back the electronic signature to the terminal device 101.
The terminal device 101 may be a variety of electronic devices for use by a user, including but not limited to a smartphone, a tablet, a laptop, a desktop computer, and the like.
It should be noted that the electronic signature loading method provided in the embodiment of the present application is generally executed by the terminal device 101, and accordingly, the electronic signature loading apparatus is generally disposed in the terminal device 101.
It should be understood that the number of terminal devices 101, networks 102 and certificate authority servers 103 in fig. 1 is merely illustrative. There may be any number of terminal devices 101, networks 102, and certificate authority servers 103, as desired for implementation.
With continued reference to FIG. 2, there is shown a flow chart 200 of an electronic signature loading method according to the present application, the method comprising the steps of:
In this embodiment, an executing subject of the electronic signature loading method (for example, the terminal device 101 shown in fig. 1) may send signature information and a sealing request for generating an electronic signature to at least two preset certificate authority servers (for example, the certificate authority server 103 shown in fig. 1) based on a file to be signed in response to an operation of sealing the electronic signature to the file to be signed.
The file to be signed may be various files, such as a text file, a picture file, a video file, an audio file, and the like. The operation of adding the electronic signature to the file to be signed can be manually executed by a user or automatically executed by the execution main body. For example, the user clicks a signature button. The signature information may be various information used by the certificate authority server to generate the electronic signature. Such as a digital certificate, a timestamp certificate and a file summary corresponding to the terminal, identity information of a file signer, time information, an electronic seal module of the signer, and the like.
The at least two certificate authority servers can generate an electronic signature by using the received signature information after receiving the seal request, and send the generated electronic signature back to the execution main body.
In some optional implementations of this embodiment, step 201 may be performed as follows:
firstly, a preset encryption algorithm is utilized to perform encryption operation on a file to be signed, and abstract information of the file to be signed is generated. The encryption algorithm may be various existing algorithms, such as a hash algorithm, an MD5 algorithm, and the like.
Then, the signature information including the summary information and the seal request are sent to at least two certificate authority servers. The signature information may include, in addition to the generated summary information, identity information, time information, etc. of the document signer. And the certificate authority server generates an electronic signature by using the received signature information, a prestored digital certificate corresponding to the terminal equipment, a prestored timestamp certificate and an electronic signature module of a signer. According to the implementation mode, the terminal equipment generates the summary information and sends the summary information to the certificate authority server, only one encryption operation can be performed, and each certificate authority server does not need to perform the encryption operation, so that the efficiency of generating the electronic signature is improved.
In some optional implementations of this embodiment, step 201 may be performed as follows:
and sending the signing information and the stamping request comprising the file to be signed to at least two certificate authority servers. The certificate authority center server can perform encryption operation on the received file to be signed to generate summary information, and then generates an electronic signature by using the summary information and other information included in the signature information. The implementation mode can reduce the operation burden of the terminal equipment and reduce the influence of the encryption operation on the performance of the terminal equipment.
In this embodiment, after the at least two certificate authority servers generate the electronic signature, the electronic signature may be sent back to the execution main body, and the execution main body receives each electronic signature.
In this embodiment, for each certificate authority server of the at least two certificate authority servers, the execution principal may generate an identifier for characterizing whether the certificate authority server is valid. The identifier may be in various forms, for example, by different colors, shapes, sizes, positions, static and dynamic states, etc. to characterize whether the corresponding certificate authority server is valid. Through the identifier, a user can intuitively observe which certificate authority servers are effective, so that the server with a fault is maintained in time, and the safety of the electronic signature is improved.
In some optional implementations of this embodiment, step 203 may be performed as follows:
in response to receiving the electronic signature sent by the certificate authority server, an identifier is generated that characterizes the certificate authority server as valid. As an example, the identifier characterizing the certificate authority server as valid may be a circular pattern of a first color.
And generating an identifier for representing that the certificate authority server is invalid in response to not receiving the electronic signature sent by the certificate authority server. As an example, the identifier characterizing the certificate authority server as invalid may be a circular pattern of a second color. Specifically, when the electronic signature is not received within a preset time period after the seal request is sent, it may be determined that the electronic signature sent by the certificate authority server is not received. At this time, the certificate authority server does not generate the electronic signature timely and correctly, and the certificate authority server is determined to be invalid. The implementation mode can generate identifiers distinctively, so that a user can know which servers are effective and which servers are ineffective.
In this embodiment, the execution entity may combine the received electronic signatures into a total electronic signature. Specifically, the execution main body may retain a graphic of an electronic signature, and combine other information (e.g., digital certificate information) included in each electronic signature, thereby displaying the graphic of the electronic signature to the user, and may provide information such as a digital certificate but not display the information, thereby displaying the electronic signature generated by different certificate authority servers to the user more flexibly.
In this embodiment, the execution subject may load the total electronic signature and the identifiers corresponding to the certificate authority servers into the file to be signed, so as to obtain the signed file. After the signed file is opened, the electronic signature and the identifiers corresponding to the certificate authority servers can be displayed.
In some optional implementations of this embodiment, after step 205, the executing main body may further perform the following steps:
in response to an operation for viewing the overall electronic signature, a list of digital certificate information is displayed. The digital certificate information in the digital certificate information list corresponds to at least two certificate authority servers one to one. As an example, the operation for viewing the overall electronic signature may be the user clicking on the overall electronic signature. As shown in fig. 3, of the five certificate authority servers, four certificate authority servers are valid and one certificate authority server is invalid, and thus, the list shown in fig. 3 is displayed.
In some optional implementations of this embodiment, for each certificate authority server of the at least two certificate authority servers, the executing entity may load an identifier corresponding to the certificate authority server at a position that is specified in advance and corresponds to the display position of the total electronic signature. After the signed file is opened, identifiers corresponding to the certificate authority servers can be displayed at different positions.
For example, as shown in fig. 4, when each certificate authority server is valid, each electronic signature before combination is shown as 4011 plus 4015, each identifier before combination is shown as 4021 plus 4025, the total electronic signature generated by combination is shown as 403, and each identifier is displayed at a corresponding position at the same time. As shown in fig. 5, when an invalid certificate authority server appears in each certificate authority server, each electronic signature before merging is shown in 5011 and 5014, and only four electronic signatures are received because one of the certificate authority servers is invalid. The identifiers before combination are as shown in 5021 and 5025, wherein 5025 is the identifier corresponding to the invalid certificate authority server. The resulting total electronic signature is combined as shown at 503 with the respective identifiers being displayed at the corresponding locations simultaneously.
The realization mode can more intuitively display which certificate authority servers are effective and which certificate authority servers are ineffective for the user by loading the identifiers at different positions, thereby being beneficial to maintaining the servers with faults more timely and improving the safety of electronic signatures.
In the method provided by the above embodiment of the application, the at least two certificate authority servers send the sealing request, the at least two certificate authority servers generate a plurality of electronic signatures for the same file to be sealed, and then combine the electronic signatures into a total electronic signature, and generate the identifier corresponding to each certificate authority server, so that the plurality of certificate authority servers are used to seal one file at the same time, dependence on a single certificate authority server is avoided, and the security of electronic signatures is improved.
With further reference to fig. 6, as an implementation of the methods shown in the above-mentioned figures, the present application provides an embodiment of an electronic signature loading apparatus, where the embodiment of the apparatus corresponds to the embodiment of the method shown in fig. 2, and the apparatus may be specifically applied to the terminal device shown in fig. 1.
As shown in fig. 6, the electronic signature loading apparatus 600 of the present embodiment includes: the sending module 601 is configured to send, in response to an operation of adding an electronic signature to a file to be signed, signature information and a seal request for generating the electronic signature to at least two preset certificate authority servers based on the file to be signed; a receiving module 602, configured to receive electronic signatures sent by at least two certificate authority servers; a generating module 603, configured to generate, for each certificate authority server of the at least two certificate authority servers, an identifier used for characterizing whether the certificate authority server is valid; a merging module 604, configured to merge the received electronic signatures into a total electronic signature; and a loading module 605, configured to load the total electronic signature and the identifiers corresponding to the certificate authority servers into the file to be signed.
In this embodiment, the sending module 601 may send signature information and a sealing request for generating an electronic signature to at least two preset certificate authority servers (for example, the certificate authority server 103 shown in fig. 1) based on a file to be signed in response to an operation of sealing the electronic signature to the file to be signed.
The file to be signed may be various files, such as a text file, a video file, an audio file, and the like. The operation of adding the electronic signature to the file to be signed can be manually executed by a user or automatically executed by the execution main body. For example, the user clicks a signature button. The signature information may be various information used by the certificate authority server to generate the electronic signature. Such as a digital certificate, a timestamp certificate and a file summary corresponding to the terminal, identity information of a file signer, time information, an electronic seal module of the signer, and the like.
The at least two certificate authority servers can generate an electronic signature by using the received signature information after receiving the seal request, and send the generated electronic signature back to the execution main body.
In this embodiment, after the at least two certificate authority servers generate the electronic signature, the electronic signature may be sent back to the apparatus 600, and the receiving module 602 receives each electronic signature.
In this embodiment, for each certificate authority server of at least two certificate authority servers, the generating module 603 may generate an identifier for characterizing whether the certificate authority server is valid. The identifier may be in various forms, for example, by being used in different colors, shapes, etc. to characterize whether the corresponding certificate authority server is valid. Through the identifier, a user can intuitively observe which certificate authority servers are effective, so that the server with a fault is maintained in time, and the safety of the electronic signature is improved.
In this embodiment, the merging module 604 may merge the received electronic signatures into a total electronic signature. Specifically, the execution main body may retain a graphic of an electronic signature, and combine other information (e.g., digital certificate information) included in each electronic signature, thereby displaying the graphic of the electronic signature to the user, and may provide information such as a digital certificate but not display the information, thereby displaying the electronic signature generated by different certificate authority servers to the user more flexibly.
In this embodiment, the loading module 605 may load the total electronic signature and the identifiers corresponding to the certificate authority servers into the file to be signed, so as to obtain the signed file. After the signed file is opened, the electronic signature and the identifiers corresponding to the certificate authority servers can be displayed.
In some optional implementations of this embodiment, the generating module includes: the first generating unit is used for responding to the received electronic signature sent by the certificate authority server and generating an identifier used for representing the validity of the certificate authority server; and the second generation unit is used for responding to the fact that the electronic signature sent by the certificate authority server is not received, and generating an identifier for representing that the certificate authority server is invalid.
In some optional implementations of this embodiment, the apparatus may further include: and the display module (not shown in the figure) is used for displaying the digital certificate information list in response to the operation of viewing the total electronic signature, wherein the digital certificate information in the digital certificate information list corresponds to at least two certificate authority servers one to one.
In some optional implementations of this embodiment, the loading module 605 may further be configured to: and for each certificate authority server in at least two certificate authority servers, loading an identifier corresponding to the certificate authority server at a position which is specified in advance and corresponds to the display position of the total electronic signature.
In some optional implementations of this embodiment, the sending module 601 may include: an operation unit (not shown in the figure) for performing an encryption operation on the file to be signed by using a preset encryption algorithm to generate summary information of the file to be signed; a sending unit (not shown in the figure) for sending the signature information including the summary information and the seal request to at least two certificate authority servers.
In some optional implementations of this embodiment, the sending module 601 may be further configured to: and sending the signing information and the stamping request comprising the file to be signed to at least two certificate authority servers.
The device provided by the above embodiment of the present application, by sending the sealing request to at least two certificate authority servers, generates a plurality of electronic signatures by the at least two certificate authority servers for the same file to be sealed, and then combines the plurality of electronic signatures into a total electronic signature, and generates an identifier corresponding to each certificate authority server, thereby simultaneously signing a file by using the plurality of certificate authority servers, avoiding the dependence on a single certificate authority server, and improving the security of electronic signatures.
Referring now to FIG. 7, shown is a block diagram of a computer system 700 suitable for use in implementing a terminal device of an embodiment of the present application. The terminal device shown in fig. 7 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 7, the computer system 700 includes a Central Processing Unit (CPU)701, which can perform various appropriate actions and processes in accordance with a program stored in a Read Only Memory (ROM)702 or a program loaded from a storage section 708 into a Random Access Memory (RAM) 703. In the RAM 703, various programs and data necessary for the operation of the system 700 are also stored. The CPU 701, the ROM 702, and the RAM 703 are connected to each other via a bus 704. An input/output (I/O) interface 705 is also connected to bus 704.
The following components are connected to the I/O interface 705: an input portion 706 including a keyboard, a mouse, and the like; an output section 707 including a display such as a Liquid Crystal Display (LCD) and a speaker; a storage section 708 including a hard disk and the like; and a communication section 709 including a network interface card such as a LAN card, a modem, or the like. The communication section 709 performs communication processing via a network such as the internet. A drive 710 is also connected to the I/O interface 705 as needed. A removable medium 711 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 710 as necessary, so that a computer program read out therefrom is mounted into the storage section 708 as necessary.
In particular, according to an embodiment of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program can be downloaded and installed from a network through the communication section 709, and/or installed from the removable medium 711. The computer program, when executed by a Central Processing Unit (CPU)701, performs the above-described functions defined in the method of the present application.
It should be noted that the computer readable storage medium described herein can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In this application, however, a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable storage medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable storage medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present application may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The modules described in the embodiments of the present application may be implemented by software or hardware. The described modules may also be provided in a processor, which may be described as: a processor comprises a sending module, a receiving module, a generating module, a merging module and a loading module. The names of these modules do not constitute a limitation on the unit itself in some cases, and for example, the transmission module may also be described as "a module for transmitting signature information for generating an electronic signature and a request for sealing to at least two certificate authority servers preset based on a file to be signed in response to an operation of sealing the electronic signature to the file to be signed".
As another aspect, the present application also provides a computer-readable storage medium, which may be contained in the terminal device described in the above embodiments; or may exist separately without being assembled into the terminal device. The computer-readable storage medium carries one or more programs which, when executed by the terminal device, cause the terminal device to: responding to an operation of adding an electronic signature to a file to be signed, and sending signature information and a sealing request for generating the electronic signature to at least two preset certificate authority servers based on the file to be signed; receiving electronic signatures sent by at least two certificate authority servers; for each of at least two certificate authority servers, generating an identifier characterizing whether the certificate authority server is valid; merging the received electronic signatures into a total electronic signature; and loading the total electronic signature and identifiers respectively corresponding to the certificate authority servers into the file to be signed.
The above description is only a preferred embodiment of the application and is illustrative of the principles of the technology employed. It will be appreciated by those skilled in the art that the scope of the invention herein disclosed is not limited to the particular combination of features described above, but also encompasses other arrangements formed by any combination of the above features or their equivalents without departing from the spirit of the invention. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.
Claims (10)
1. An electronic signature loading method, comprising:
responding to an operation of adding an electronic signature to a file to be signed, and sending signature information and a sealing request for generating the electronic signature to at least two preset certificate authority servers based on the file to be signed;
receiving electronic signatures sent by the at least two certificate authority servers;
for each certificate authority server of the at least two certificate authority servers, generating an identifier for characterizing whether the certificate authority server is valid;
merging the received electronic signatures into a total electronic signature;
and loading the total electronic signature and identifiers respectively corresponding to each certificate authority server into the file to be signed.
2. The method of claim 1, wherein generating an identifier that characterizes whether the certificate authority server is valid comprises:
generating an identifier for representing that the certificate authority server is valid in response to receiving the electronic signature sent by the certificate authority server;
and generating an identifier for representing that the certificate authority server is invalid in response to not receiving the electronic signature sent by the certificate authority server.
3. The method of claim 1, further comprising:
and responding to the operation for viewing the total electronic signature, and displaying a digital certificate information list, wherein the digital certificate information in the digital certificate information list corresponds to the at least two certificate authority servers one to one.
4. The method according to claim 1, wherein the loading the total electronic signature and the identifier corresponding to each certificate authority server into the file to be signed comprises:
and for each certificate authority server in the at least two certificate authority servers, loading an identifier corresponding to the certificate authority server at a position which is specified in advance and corresponds to the display position of the total electronic signature.
5. The method according to any one of claims 1 to 4, wherein the sending of the signing information and the sealing request for generating the electronic signature to at least two preset certificate authority servers based on the file to be signed comprises:
carrying out encryption operation on the file to be signed by using a preset encryption algorithm to generate abstract information of the file to be signed;
and sending the signature information and the sealing request comprising the summary information to the at least two certificate authority servers.
6. The method according to any one of claims 1 to 4, wherein the sending of the signing information and the sealing request for generating the electronic signature to at least two preset certificate authority servers based on the file to be signed comprises:
and sending the signing information and the sealing request comprising the file to be signed to the at least two certificate authority servers.
7. An electronic signature loading apparatus, comprising:
the system comprises a sending module, a receiving module and a processing module, wherein the sending module is used for responding to the operation of adding an electronic signature to a file to be signed and sending signature information and a sealing request for generating the electronic signature to at least two preset certificate authority servers based on the file to be signed;
the receiving module is used for receiving the electronic signatures sent by the at least two certificate authority servers;
a generating module, configured to generate, for each certificate authority server of the at least two certificate authority servers, an identifier used for characterizing whether the certificate authority server is valid;
the merging module is used for merging the received electronic signatures into a total electronic signature;
and the loading module is used for loading the total electronic signature and the identifiers respectively corresponding to the certificate authority servers into the file to be signed.
8. The apparatus of claim 7, wherein the generating module comprises:
the first generating unit is used for responding to the received electronic signature sent by the certificate authority server and generating an identifier used for representing the validity of the certificate authority server;
and the second generation unit is used for responding to the fact that the electronic signature sent by the certificate authority server is not received, and generating an identifier for representing that the certificate authority server is invalid.
9. A terminal device, comprising:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-6.
10. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the method according to any one of claims 1-6.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911074429.4A CN111368339B (en) | 2019-11-06 | 2019-11-06 | Electronic signature loading method and device |
| PCT/CN2020/123088 WO2021088659A1 (en) | 2019-11-06 | 2020-10-23 | Electronic signature loading method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911074429.4A CN111368339B (en) | 2019-11-06 | 2019-11-06 | Electronic signature loading method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111368339A true CN111368339A (en) | 2020-07-03 |
| CN111368339B CN111368339B (en) | 2020-12-01 |
Family
ID=71206293
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911074429.4A Active CN111368339B (en) | 2019-11-06 | 2019-11-06 | Electronic signature loading method and device |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN111368339B (en) |
| WO (1) | WO2021088659A1 (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112257110A (en) * | 2020-11-02 | 2021-01-22 | 胡金钱 | Electronic signature management method, management system and computer readable storage medium |
| CN112686648A (en) * | 2021-01-31 | 2021-04-20 | 重庆渝高科技产业(集团)股份有限公司 | Electronic signature management method and system for auditing signature files |
| WO2021088659A1 (en) * | 2019-11-06 | 2021-05-14 | 胡金钱 | Electronic signature loading method and device |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050228999A1 (en) * | 2004-04-09 | 2005-10-13 | Arcot Systems, Inc. | Audit records for digitally signed documents |
| CN101702150A (en) * | 2009-12-02 | 2010-05-05 | 江西金格网络科技有限责任公司 | Method for protecting, verifying and repealing content of PDF document page |
| US9692599B1 (en) * | 2014-09-16 | 2017-06-27 | Google Inc. | Security module endorsement |
| CN106972924A (en) * | 2017-03-23 | 2017-07-21 | 联想(北京)有限公司 | Encryption, decryption, Electronic Signature, the method and device for verifying stamped signature |
| CN107483190A (en) * | 2017-08-08 | 2017-12-15 | 上海市数字证书认证中心有限公司 | Electronics qualification card generation method, verification method, generating means and checking device |
| CN108776887A (en) * | 2018-05-15 | 2018-11-09 | 胡金钱 | A kind of method, apparatus, equipment and the readable medium of operation electronic signature |
| CN108964925A (en) * | 2018-08-27 | 2018-12-07 | 胡金钱 | A kind of document authentication device, method, device, equipment and readable medium |
| CN109409110A (en) * | 2018-10-18 | 2019-03-01 | 胡金钱 | A kind of electronic document signature method, device, equipment and readable medium |
| CN109472165A (en) * | 2018-09-17 | 2019-03-15 | 深圳市佰仟金融服务有限公司 | A kind of electronic signature method and relevant device |
| CN109472166A (en) * | 2018-11-01 | 2019-03-15 | 恒生电子股份有限公司 | A kind of electronic signature method, device, equipment and medium |
| CN110175474A (en) * | 2019-05-31 | 2019-08-27 | 苏州国泰新点软件有限公司 | Merging method, device, medium, server and the user terminal of Electronic Signature |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2002207426A (en) * | 2001-01-10 | 2002-07-26 | Sony Corp | System and method for issuing public key certificate, electronic certification device, and program storage medium |
| CN108334800B (en) * | 2017-01-20 | 2021-09-24 | 富士通株式会社 | Stamp image processing device and method and electronic equipment |
| CN109685472A (en) * | 2018-12-26 | 2019-04-26 | 深圳乐信软件技术有限公司 | A kind of electronic signature method, device, electronic equipment and medium |
| CN111368339B (en) * | 2019-11-06 | 2020-12-01 | 胡金钱 | Electronic signature loading method and device |
-
2019
- 2019-11-06 CN CN201911074429.4A patent/CN111368339B/en active Active
-
2020
- 2020-10-23 WO PCT/CN2020/123088 patent/WO2021088659A1/en active Application Filing
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050228999A1 (en) * | 2004-04-09 | 2005-10-13 | Arcot Systems, Inc. | Audit records for digitally signed documents |
| CN101702150A (en) * | 2009-12-02 | 2010-05-05 | 江西金格网络科技有限责任公司 | Method for protecting, verifying and repealing content of PDF document page |
| US9692599B1 (en) * | 2014-09-16 | 2017-06-27 | Google Inc. | Security module endorsement |
| CN106972924A (en) * | 2017-03-23 | 2017-07-21 | 联想(北京)有限公司 | Encryption, decryption, Electronic Signature, the method and device for verifying stamped signature |
| CN107483190A (en) * | 2017-08-08 | 2017-12-15 | 上海市数字证书认证中心有限公司 | Electronics qualification card generation method, verification method, generating means and checking device |
| CN108776887A (en) * | 2018-05-15 | 2018-11-09 | 胡金钱 | A kind of method, apparatus, equipment and the readable medium of operation electronic signature |
| CN108964925A (en) * | 2018-08-27 | 2018-12-07 | 胡金钱 | A kind of document authentication device, method, device, equipment and readable medium |
| CN109472165A (en) * | 2018-09-17 | 2019-03-15 | 深圳市佰仟金融服务有限公司 | A kind of electronic signature method and relevant device |
| CN109409110A (en) * | 2018-10-18 | 2019-03-01 | 胡金钱 | A kind of electronic document signature method, device, equipment and readable medium |
| CN109472166A (en) * | 2018-11-01 | 2019-03-15 | 恒生电子股份有限公司 | A kind of electronic signature method, device, equipment and medium |
| CN110175474A (en) * | 2019-05-31 | 2019-08-27 | 苏州国泰新点软件有限公司 | Merging method, device, medium, server and the user terminal of Electronic Signature |
Non-Patent Citations (2)
| Title |
|---|
| MILENA R.P. SOUZA: "Off-line Signature Verification: An Approach Based on Combining Distances and One-class Classifiers", 《2010 22ND IEEE INTERNATIONAL CONFERENCE ON TOOLS WITH ARTIFICIAL INTELLIGENCE》 * |
| 徐胜云: "电子签章制作系统设计与开发研究", 《山东工业技术》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2021088659A1 (en) * | 2019-11-06 | 2021-05-14 | 胡金钱 | Electronic signature loading method and device |
| CN112257110A (en) * | 2020-11-02 | 2021-01-22 | 胡金钱 | Electronic signature management method, management system and computer readable storage medium |
| CN112686648A (en) * | 2021-01-31 | 2021-04-20 | 重庆渝高科技产业(集团)股份有限公司 | Electronic signature management method and system for auditing signature files |
| CN112686648B (en) * | 2021-01-31 | 2024-01-30 | 重庆渝高科技产业(集团)股份有限公司 | Electronic signature management method and system for auditing signature file |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2021088659A1 (en) | 2021-05-14 |
| CN111368339B (en) | 2020-12-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111368339B (en) | Electronic signature loading method and device | |
| CN107888656B (en) | Calling method and calling device of server-side interface | |
| CN112150141A (en) | Block chain consensus method, device and system | |
| CN110414190B (en) | Signature method of application installation package, related device, storage medium and electronic equipment | |
| CN110535659B (en) | Method, apparatus, electronic device and computer readable medium for processing data request | |
| CN108923925B (en) | Data storage method and device applied to block chain | |
| CN111030827A (en) | Information interaction method and device, electronic equipment and storage medium | |
| CN113282951B (en) | Application program security verification method, device and equipment | |
| CN109635558B (en) | Access control method, device and system | |
| CN110825815A (en) | Cloud note system information processing method, equipment and medium based on block chain | |
| CN114499893B (en) | Bidding file encryption and evidence storage method and system based on block chain | |
| US20230342179A1 (en) | Compliance across multiple cloud environments | |
| CN116361121A (en) | Abnormal interface alarm method, device, electronic equipment and computer readable medium | |
| CN113242132A (en) | Digital certificate management method and device | |
| CN113206738A (en) | Digital certificate management method and device | |
| CN116738472B (en) | Task data encryption method, device and equipment applied to task data interaction | |
| CN110659476A (en) | Method and apparatus for resetting password | |
| CN113452771B (en) | Interface calling method, device and system | |
| CN113626873B (en) | Authentication method, device, electronic equipment and computer readable medium | |
| CN115883200B (en) | Log security management method, device, platform and medium | |
| CN113472785B (en) | Data processing method and device, electronic equipment and readable storage medium | |
| CN112862483B (en) | Identity verification method and device based on intelligent contract | |
| CN113987469B (en) | Process protection method and device applied to vehicle machine system and electronic equipment | |
| CN110262756B (en) | Method and device for caching data | |
| CN113297605B (en) | Copy data management method, apparatus, electronic device, and computer readable medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |