CN112862488A - Data signature method and device, electronic equipment and computer readable storage medium - Google Patents
Data signature method and device, electronic equipment and computer readable storage medium Download PDFInfo
- Publication number
- CN112862488A CN112862488A CN202110336644.8A CN202110336644A CN112862488A CN 112862488 A CN112862488 A CN 112862488A CN 202110336644 A CN202110336644 A CN 202110336644A CN 112862488 A CN112862488 A CN 112862488A
- Authority
- CN
- China
- Prior art keywords
- data
- signed
- dimensional code
- key
- terminal device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 57
- 238000012795 verification Methods 0.000 claims description 40
- 230000001343 mnemonic effect Effects 0.000 claims description 26
- 238000006243 chemical reaction Methods 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 3
- 230000003993 interaction Effects 0.000 claims description 3
- 238000004891 communication Methods 0.000 abstract description 8
- 230000006870 function Effects 0.000 description 9
- 238000010586 diagram Methods 0.000 description 6
- 238000012546 transfer Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 238000005034 decoration Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000011022 operating instruction Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 235000019800 disodium phosphate Nutrition 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/04—Payment circuits
- G06Q20/06—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme
- G06Q20/065—Private payment circuits, e.g. involving electronic currency used among participants of a common payment scheme using e-cash
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/327—Short range or proximity payments by means of M-devices
- G06Q20/3274—Short range or proximity payments by means of M-devices using a pictured code, e.g. barcode or QR-code, being displayed on the M-device
Abstract
The embodiment of the application provides a data signature method and device, electronic equipment and a computer readable storage medium. The method comprises the following steps: acquiring a first two-dimensional code displayed by second terminal equipment, and converting the first two-dimensional code into first data; decrypting the first data through the symmetric key to obtain data to be signed and a public key; signing the data to be signed through a private key corresponding to the public key to obtain signed data; and encrypting the signed data through the symmetric key to obtain second data, converting the second data into a second two-dimensional code, so that the second terminal equipment obtains the signed data through obtaining the second two-dimensional code, and sends the signed data to the block chain. In the scheme, the digital currency wallet and the client are interacted through the two-dimensional code, so that the digital currency wallet is in a state of being completely isolated from external communication, and the safety of the digital currency wallet can be greatly enhanced.
Description
Technical Field
The application relates to the technical field of digital currency purses, in particular to a data signature method, a data signature device, electronic equipment and a computer readable storage medium.
Background
Currently, users use digital currency soft purses to manage digital currency accounts. When the digital currency wallet is in a connection state with external equipment, security problems such as private key leakage and system cracking are easily caused due to security holes in the digital currency wallet.
Disclosure of Invention
The present application aims to solve at least one of the above technical drawbacks. The technical scheme adopted by the application is as follows:
in a first aspect, an embodiment of the present application provides a data signing method, where the method includes:
acquiring a first two-dimensional code displayed by second terminal equipment, and converting the first two-dimensional code into first data;
decrypting the first data through the symmetric key to obtain data to be signed and a public key;
signing the data to be signed through a private key corresponding to the public key to obtain signed data;
and encrypting the signed data through the symmetric key to obtain second data, converting the second data into a second two-dimensional code, so that the second terminal equipment obtains the signed data through obtaining the second two-dimensional code, and sends the signed data to the block chain.
Optionally, the method further includes:
generating a verification code based on the current time period and a shared key, the shared key being generated by the first terminal device;
a symmetric key is generated based on the verification code.
Optionally, the method further includes:
and converting the mnemonic word character string used for generating the shared key into a third two-dimensional code so that the second terminal can obtain the third two-dimensional code, and determining the shared key based on the third two-dimensional code.
Optionally, the shared secret key is associated with a public key.
In a second aspect, an embodiment of the present application provides a method for signing data, where the method includes:
encrypting the data to be signed and the public key through a symmetric key to obtain first data;
converting the first data into a first two-dimensional code so that the first terminal equipment obtains data to be signed by obtaining the first two-dimensional code, signs the data to be signed by a private key corresponding to the public key to obtain signed data, encrypts the signed data by a symmetric key to obtain second data, and converts the second data into a second two-dimensional code;
and acquiring signed data by acquiring the second two-dimensional code, and sending the signed data to the block chain.
Optionally, the obtaining of the signed data by obtaining the second two-dimensional code includes:
and decrypting the second data through the symmetric key to obtain the signed data.
Optionally, the method further includes:
generating a verification code based on the current time period and a shared key, the shared key being generated by the first terminal device;
a symmetric key is generated based on the verification code.
Optionally, the method further includes:
acquiring a third two-dimensional code displayed by the first terminal device;
and converting the third two-dimensional code into a mnemonic character string, and determining the shared secret key based on the mnemonic character string.
In a third aspect, an embodiment of the present application provides an apparatus for signing data, where the apparatus includes:
the code scanning module is used for acquiring a first two-dimensional code displayed by the second terminal equipment and converting the first two-dimensional code into first data;
the data decryption module is used for decrypting the first data through the symmetric key to obtain data to be signed and a public key;
the signature module is used for signing the data to be signed through a private key corresponding to the public key to obtain signed data;
and the data interaction module is used for encrypting the signed data through the symmetric key to obtain second data and converting the second data into a second two-dimensional code, so that the second terminal equipment obtains the signed data through obtaining the second two-dimensional code and sends the signed data to the block chain.
Optionally, the apparatus further includes a symmetric key generation module, where the symmetric key generation module is configured to:
generating a verification code based on the current time period and a shared key, the shared key being generated by the first terminal device;
a symmetric key is generated based on the verification code.
Optionally, the apparatus further includes a data conversion module, where the data conversion module is configured to:
and converting the mnemonic word character string used for generating the shared key into a third two-dimensional code so that the second terminal can obtain the third two-dimensional code, and determining the shared key based on the third two-dimensional code.
Optionally, the shared secret key is associated with a public key.
In a fourth aspect, an embodiment of the present application provides another data signing apparatus, including:
the data encryption module is used for encrypting the data to be signed and the public key through a symmetric key to obtain first data;
the data conversion module is used for converting the first data into a first two-dimensional code so that the first terminal equipment obtains data to be signed by obtaining the first two-dimensional code, signs the data to be signed by a private key corresponding to the public key to obtain signed data, encrypts the signed data by a symmetric key to obtain second data, and converts the second data into a second two-dimensional code;
and the data sending module is used for obtaining the signed data by obtaining the second two-dimensional code and sending the signed data to the block chain.
Optionally, when the data sending module obtains the signed data by obtaining the second two-dimensional code, the data sending module is specifically configured to:
and decrypting the second data through the symmetric key to obtain the signed data.
Optionally, the apparatus further includes a symmetric key generation module, where the symmetric key generation module is configured to:
generating a verification code based on the current time period and a shared key, the shared key being generated by the first terminal device;
a symmetric key is generated based on the verification code.
Optionally, the apparatus further includes a shared key determining module, where the shared key determining module is configured to:
acquiring a third two-dimensional code displayed by the first terminal device;
and converting the third two-dimensional code into a mnemonic character string, and determining the shared secret key based on the mnemonic character string.
In a fifth aspect, an embodiment of the present application provides an electronic device, including: a processor and a memory;
a memory for storing operating instructions;
a processor configured to execute a signature method of data as shown in any implementation of the first aspect of the present application or any implementation of the second aspect of the present application by calling an operation instruction.
In a sixth aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements a signature method for data shown in any implementation of the first aspect of the present application or any implementation of the second aspect of the present application.
The technical scheme provided by the embodiment of the application has the following beneficial effects:
according to the scheme provided by the embodiment of the application, the first two-dimensional code displayed by the second terminal device is obtained, the first two-dimensional code is converted into the first data, the first data is decrypted through the symmetric key, the data to be signed and the public key are obtained, the data to be signed is signed through the private key corresponding to the public key, the data after signature is obtained, the data after signature is encrypted through the symmetric key to obtain the second data, the second data is converted into the second two-dimensional code, the second terminal device obtains the data after signature through obtaining the second two-dimensional code, and the data after signature is sent to the block chain. In the scheme, the digital currency wallet and the client are interacted through the two-dimensional code, so that the digital currency wallet is in a state of being completely isolated from external communication, and the safety of the digital currency wallet can be greatly enhanced.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings used in the description of the embodiments of the present application will be briefly described below.
Fig. 1 is a schematic flowchart of a data signing method according to an embodiment of the present application;
fig. 2 is a schematic flowchart of another data signing method according to an embodiment of the present application;
fig. 3 is a schematic flowchart of a specific implementation of a data signing method according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a data signing apparatus according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of another data signing apparatus provided in this embodiment of the present application;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
Reference will now be made in detail to embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are exemplary only for the purpose of explaining the present application and are not to be construed as limiting the present invention.
As used herein, the singular forms "a", "an", "the" and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms "comprises" and/or "comprising," when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. It will be understood that when an element is referred to as being "connected" or "coupled" to another element, it can be directly connected or coupled to the other element or intervening elements may also be present. Further, "connected" or "coupled" as used herein may include wirelessly connected or wirelessly coupled. As used herein, the term "and/or" includes all or any element and all combinations of one or more of the associated listed items.
To make the objects, technical solutions and advantages of the present application more clear, embodiments of the present application will be described in further detail below with reference to the accompanying drawings.
In the using process of the digital currency soft wallet, the digital currency soft wallet needs to be connected with a client terminal established by a factory manufacturer, and a user cannot determine the security of the client terminal, so that the security problem of the digital currency wallet can be caused when the security problem exists in the client terminal.
The embodiment of the application provides a data signature method, a data signature device, an electronic device and a computer-readable storage medium, which aim to solve at least one of the above technical problems in the prior art.
The following describes the technical solutions of the present application and how to solve the above technical problems with specific embodiments. The following several specific embodiments may be combined with each other, and details of the same or similar concepts or processes may not be repeated in some embodiments. Embodiments of the present application will be described below with reference to the accompanying drawings.
Fig. 1 shows a schematic flowchart of a data signing method provided in an embodiment of the present application, and as shown in fig. 1, the method mainly includes:
step S110: acquiring a first two-dimensional code displayed by second terminal equipment, and converting the first two-dimensional code into first data;
step S120: decrypting the first data through the symmetric key to obtain data to be signed and a public key;
step S130: signing the data to be signed through a private key corresponding to the public key to obtain signed data;
step S140: and encrypting the signed data through the symmetric key to obtain second data, converting the second data into a second two-dimensional code, so that the second terminal equipment obtains the signed data through obtaining the second two-dimensional code, and sends the signed data to the block chain.
In this embodiment, the first terminal device may be a device used by a user and installed with an application program of a digital money wallet. The second terminal device may be provided with a client terminal specified by a factory manufacturer of the digital money wallet.
In this embodiment of the application, the data to be signed may include data such as transaction information or operation information that needs to be signed.
In the embodiment of the application, the digital currency wallet and the client can communicate through the two-dimensional code.
Specifically, the second terminal device may encrypt the data to be signed and the public key of the digital money wallet through the symmetric key to obtain the first data, and then convert the first data into the first two-dimensional code and display the first two-dimensional code, so that the first terminal device may obtain the first two-dimensional code displayed by the second terminal device through scanning.
After the first terminal device obtains the first two-dimensional code, the first two-dimensional code can be converted into first data, and then the first data is decrypted through the symmetric key, so that data to be signed and a public key are obtained.
The first terminal device can sign the signature data through a private key symmetrical to the public key to obtain signed data, and therefore signature operation of the data to be signed is achieved.
After the first terminal device completes the signature operation on the data to be signed, the signed data may be sent to the second terminal device, and the second terminal device uploads the signed data to the block chain.
Specifically, the first terminal device can encrypt the signed data through the symmetric key to obtain second data, then the second data are converted into a second two-dimensional code to be displayed, the second terminal device can obtain the second two-dimensional code through scanning, then the second two-dimensional code is converted into the second data, and the second data are decrypted through the symmetric key to obtain the signed data. The second terminal device can assemble the signed data transaction other information (such as transaction ID, transaction receiver address, signature information and the like) into a transaction and send the transaction to the blockchain network.
And after receiving the transaction sent by the second terminal device, the corresponding node in the block chain can check the validity of the transaction content, if the transaction is continued according to the rule, otherwise, the transaction is ended. And then checking whether the account balance of the sender is more than or equal to the transaction transfer amount, if so, continuing the transaction, otherwise, ending the transaction. And the block chain node acquires the accounting right of the new block, packages the transaction into the block, broadcasts the transaction to other nodes after the consensus is achieved, and all the nodes receiving the new block execute the transfer transaction.
According to the method provided by the embodiment of the application, the first two-dimensional code displayed by the second terminal device is obtained, the first two-dimensional code is converted into the first data, the first data is decrypted through the symmetric key, the data to be signed and the public key are obtained, the data to be signed is signed through the private key corresponding to the public key, the signed data is obtained, the signed data is encrypted through the symmetric key to obtain the second data, the second data is converted into the second two-dimensional code, the second terminal device obtains the signed data through obtaining the second two-dimensional code, and the signed data is sent to the block chain. In the scheme, the digital currency wallet and the client are interacted through the two-dimensional code, so that the digital currency wallet is in a state of being completely isolated from external communication, and the safety of the digital currency wallet can be greatly enhanced.
In an optional manner of the embodiment of the present application, the method further includes:
generating a verification code based on the current time period and a shared key, the shared key being generated by the first terminal device;
a symmetric key is generated based on the verification code.
In the embodiment of the application, the time period can be divided according to a preset time cycle, an integer is allocated to each field to serve as the identifier T, and the current time period can be the time period of the transaction.
The verification code can be generated according to a secondary identity verification algorithm and based on the current time period and the shared key, and the generated verification code is subjected to Hash operation to obtain the symmetric key.
The first terminal device may share the shared key with the second terminal device. In each transaction, the second terminal device and the first terminal device can respectively generate a symmetric key, and the second terminal device and the first terminal device respectively generate verification codes generated according to the current time interval and the shared key.
In the embodiment of the application, the symmetric key is generated through a secondary identity authentication algorithm, so that the digital currency wallet is bound with the client, and the asset safety is effectively ensured. Because the security is higher, the requirement on hardware equipment is reduced, so that general terminal equipment such as a mobile phone can be used for replacing digital currency customized hardware, and the use threshold of the hardware wallet is reduced.
In an optional manner of the embodiment of the present application, acquiring a shared key from a second terminal device includes:
and converting the mnemonic word character string used for generating the shared key into a third two-dimensional code so that the second terminal can obtain the third two-dimensional code, and determining the shared key based on the third two-dimensional code.
In this embodiment, the first terminal device may provide the shared key to the second terminal device through the third two-dimensional code.
Specifically, both the second terminal device and the first terminal device may maintain a mnemonic word list, and the first terminal device converts a mnemonic word character string used for generating the shared key into the third two-dimensional code. The second terminal device obtains the mnemonic character string by scanning the two-dimensional code, and then the shared secret key can be determined according to the mnemonic password and the mnemonic character string.
In an alternative form of the embodiment of the present application, the shared secret key is associated with a public key.
In an embodiment of the present application, a shared key may be bound to a public-private key pair, so that a private key for signature may be determined by public key designation. And when the digital currency wallet deletes the key corresponding to the client, releasing the binding with the client.
Fig. 2 is a schematic flowchart illustrating another data signing method according to an embodiment of the present application, and as shown in fig. 2, the method mainly includes:
step S210: encrypting the data to be signed and the public key through a symmetric key to obtain first data;
step S220: converting the first data into a first two-dimensional code so that the first terminal equipment obtains data to be signed by obtaining the first two-dimensional code, signs the data to be signed by a private key corresponding to the public key to obtain signed data, encrypts the signed data by a symmetric key to obtain second data, and converts the second data into a second two-dimensional code;
step S230: and acquiring signed data by acquiring the second two-dimensional code, and sending the signed data to the block chain.
In the embodiment of the application, the digital currency wallet and the client can communicate through the two-dimensional code.
Specifically, the second terminal device may encrypt the data to be signed and the public key of the digital money wallet through the symmetric key to obtain the first data, and then convert the first data into the first two-dimensional code and display the first two-dimensional code, so that the first terminal device may obtain the first two-dimensional code displayed by the second terminal device through scanning.
After the first terminal device obtains the first two-dimensional code, the first two-dimensional code can be converted into first data, and then the first data is decrypted through the symmetric key, so that data to be signed and a public key are obtained.
The first terminal device can sign the signature data through a private key symmetrical to the public key to obtain signed data, and therefore signature operation of the data to be signed is achieved.
After the first terminal device completes the signature operation on the data to be signed, the signed data may be sent to the second terminal device, and the second terminal device uploads the signed data to the block chain.
Specifically, the first terminal device can encrypt the signed data through the symmetric key to obtain second data, then the second data are converted into a second two-dimensional code to be displayed, the second terminal device can obtain the second two-dimensional code through scanning, then the second two-dimensional code is converted into the second data, and the second data are decrypted through the symmetric key to obtain the signed data. The second terminal device can assemble the signed data transaction other information (such as transaction ID, transaction receiver address, signature information and the like) into a transaction and send the transaction to the blockchain network.
And after receiving the transaction sent by the second terminal device, the corresponding node in the block chain can check the validity of the transaction content, if the transaction is continued according to the rule, otherwise, the transaction is ended. And then checking whether the account balance of the sender is more than or equal to the transaction transfer amount, if so, continuing the transaction, otherwise, ending the transaction. And the block chain node acquires the accounting right of the new block, packages the transaction into the block, broadcasts the transaction to other nodes after the consensus is achieved, and all the nodes receiving the new block execute the transfer transaction.
According to the method provided by the embodiment of the application, the data to be signed and the public key are encrypted through the symmetric key to obtain first data, the first data are converted into the first two-dimensional code, so that the first terminal device obtains the data to be signed through obtaining the first two-dimensional code, the data to be signed is signed through the private key corresponding to the public key to obtain signed data, the signed data are encrypted through the symmetric key to obtain second data, the second data are converted into the second two-dimensional code, the signed data are obtained through obtaining the second two-dimensional code, and the signed data are sent to the block chain. In the scheme, the digital currency wallet and the client are interacted through the two-dimensional code, so that the digital currency wallet is in a state of being completely isolated from external communication, and the safety of the digital currency wallet can be greatly enhanced.
In an optional mode of the embodiment of the application, acquiring the signed data by acquiring the second two-dimensional code includes:
and decrypting the second data through the symmetric key to obtain the signed data.
In an optional manner of the embodiment of the present application, the method further includes:
generating a verification code based on the current time period and a shared key, wherein the shared key is acquired from the second terminal equipment;
a symmetric key is generated based on the verification code.
In the embodiment of the application, the time period can be divided according to a preset time cycle, an integer is allocated to each field to serve as the identifier T, and the current time period can be the time period of the transaction.
The verification code can be generated according to a secondary identity verification algorithm and based on the current time period and the shared key, and the generated verification code is subjected to Hash operation to obtain the symmetric key.
The second terminal device can share the shared key with the first terminal device, and in the same transaction, the current time interval of the shared key and the current time interval of the shared key are the same, so that the same verification code can be generated based on the current time interval and the shared key, and the same symmetric key can be obtained.
In an optional manner of the embodiment of the present application, the method further includes:
acquiring a third two-dimensional code displayed by the first terminal device;
and converting the third two-dimensional code into a mnemonic character string, and determining the shared secret key based on the mnemonic character string.
In this embodiment, the first terminal device may provide the shared key to the second terminal device through the third two-dimensional code.
Specifically, the first terminal device may convert the mnemonic character string used for generating the shared key into the third two-dimensional code and present the third two-dimensional code. The second terminal device and the first terminal device can both maintain a mnemonic word list, and after the first terminal device obtains the mnemonic word character string by scanning the two-dimensional code, the first terminal device can determine a shared secret key according to the mnemonic word password and the mnemonic word character string.
Fig. 3 is a flowchart illustrating a specific implementation of a data signing method provided by an embodiment of the present application, as shown in fig. 3:
1. the client converts the two-dimension code content into a corresponding character string, namely the first terminal device displays the third two-dimension code, the second terminal device scans the third two-dimension code and converts the third two-dimension code into a mnemonic character string.
2. The client generates the verification code through a secondary verification algorithm and generates the symmetric key through Hash operation, namely the second terminal device generates the verification code through the secondary verification algorithm according to the current time interval and the shared key, and then performs Hash operation according to the verification code to generate the symmetric key.
3. The client encrypts the generated character string through the symmetric key, generates the encrypted character string into a corresponding two-dimensional code, namely, the second terminal device encrypts the data to be signed and the public key through the symmetric key to obtain first data, and then converts the first data into the first two-dimensional code.
4. The digital currency wallet scans the two-dimensional code generated by the client, namely the first terminal device scans the first two-dimensional code displayed on the second terminal device.
5. The digital currency wallet generates a verification code through a secondary verification algorithm and generates a symmetric key through Hash operation, namely, the first terminal device generates the verification code through the secondary verification algorithm according to the current time interval and the shared key, and then performs Hash operation according to the verification code to generate the symmetric key.
6. The digital currency wallet decrypts the scanned client-side two-dimensional code through the symmetric key, namely after the first terminal device obtains the first two-dimensional code, the first two-dimensional code is converted into first data.
7. The digital currency wallet decrypts the scanned client-side two-dimensional code through the symmetric key, namely, the first terminal device analyzes the first data through the symmetric key to obtain the data to be signed and the public key.
8. The content needing digital signature is obtained, the account number appointed by the public key is used for completing signature in the specified time, namely, the data to be signed is signed through the private key corresponding to the public key, and the generation of the symmetric key needs to be based on the current time period, so that the signature is guaranteed to be completed in the specified time.
9. And after the signature is finished, encrypting the signature information through a symmetric key to generate a corresponding two-dimensional code, namely encrypting the signed data through the symmetric key by the first terminal equipment to obtain second data, and converting the second data into the second two-dimensional code.
10. The client scans the two-dimension code of the digital currency wallet, namely the first terminal device displays the second two-dimension code, so that the second terminal device scans the second two-dimension code.
11. And decrypting the scanned two-dimensional code signed by the digital wallet through the symmetric key, namely converting the second two-dimensional code into second data by the second terminal equipment, and then decrypting the second data through the symmetric key to obtain the signed data.
12. And analyzing the decrypted two-dimensional code and acquiring signature information, namely acquiring the signature information from the signed data.
13. And sending the transaction completed by the signature to the blockchain network, namely assembling the signature message into the transaction and sending the transaction to the blockchain.
14. The node receives the transaction and checks the validity, the validity of the transaction is verified after the verification is sent to the common identification node, namely the block chain node receives the transaction sent by the second terminal device, and the transaction is sent to the common identification node when the verification is passed.
15. And the consensus node sorts and packs the received transactions to generate a new block, namely the consensus node packs the transactions into the block.
16. The common node broadcasts the new block to the nodes of the whole network, namely the common node broadcasts the packed blocks in the chain of the whole blocks.
17. All nodes receiving the new block execute the transaction, that is, after each block link point receives the block, the transaction is acquired from the block and executed.
Based on the same principle as the method shown in fig. 1, fig. 4 shows a schematic structural diagram of a data signing apparatus provided by an embodiment of the present application, and as shown in fig. 4, the data signing apparatus 30 may include:
the code scanning module 310 is configured to obtain a first two-dimensional code displayed by the second terminal device, and convert the first two-dimensional code into first data;
the data decryption module 320 is configured to decrypt the first data through the symmetric key to obtain the data to be signed and the public key;
the signature module 330 is configured to sign the data to be signed by using a private key corresponding to the public key to obtain signed data;
the data interaction module 340 is configured to encrypt the signed data by using the symmetric key to obtain second data, and convert the second data into a second two-dimensional code, so that the second terminal device obtains the signed data by obtaining the second two-dimensional code, and sends the signed data to the block chain.
The device provided by the embodiment of the application comprises a first two-dimensional code displayed by a second terminal device, the first two-dimensional code is converted into first data, the first data are decrypted through a symmetric key, data to be signed and a public key are obtained, the data to be signed are signed through a private key corresponding to the public key, data after signature are obtained, the data after signature are encrypted through the symmetric key to obtain second data, the second data are converted into a second two-dimensional code, the second terminal device obtains the data after signature through obtaining the second two-dimensional code, and the data after signature are sent to a block chain. In the scheme, the digital currency wallet and the client are interacted through the two-dimensional code, so that the digital currency wallet is in a state of being completely isolated from external communication, and the safety of the digital currency wallet can be greatly enhanced.
Optionally, the apparatus further includes a symmetric key generation module, where the symmetric key generation module is configured to:
generating a verification code based on the current time period and a shared key, the shared key being generated by the first terminal device;
a symmetric key is generated based on the verification code.
Optionally, the apparatus further includes a data conversion module, where the data conversion module is configured to:
and converting the mnemonic word character string used for generating the shared key into a third two-dimensional code so that the second terminal can obtain the third two-dimensional code, and determining the shared key based on the third two-dimensional code.
Optionally, the shared secret key is associated with a public key.
It is to be understood that the above modules of the data signing apparatus in the present embodiment have functions of implementing the corresponding steps of the data signing method in the embodiment shown in fig. 1. The function can be realized by hardware, and can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the functions described above. The modules can be software and/or hardware, and each module can be implemented independently or by integrating a plurality of modules. For the functional description of each module of the above data signing apparatus, reference may be specifically made to the corresponding description of the data signing method in the embodiment shown in fig. 1, and details are not repeated here.
Based on the same principle as the method shown in fig. 2, fig. 5 shows a schematic structural diagram of another data signing apparatus provided by the embodiment of the present application, and as shown in fig. 5, the data signing apparatus 40 may include:
the data encryption module 410 is configured to encrypt the data to be signed and the public key by using a symmetric key to obtain first data;
the data conversion module 420 is configured to convert the first data into a first two-dimensional code, so that the first terminal device obtains data to be signed by obtaining the first two-dimensional code, signs the data to be signed by using a private key corresponding to the public key to obtain signed data, encrypts the signed data by using a symmetric key to obtain second data, and converts the second data into a second two-dimensional code;
and the data sending module 430 is configured to obtain the signed data by obtaining the second two-dimensional code, and send the signed data to the block chain.
Optionally, when the data sending module obtains the signed data by obtaining the second two-dimensional code, the data sending module is specifically configured to:
and decrypting the second data through the symmetric key to obtain the signed data.
Optionally, the apparatus further includes a symmetric key generation module, where the symmetric key generation module is configured to:
generating a verification code based on the current time period and a shared key, the shared key being generated by the first terminal device;
a symmetric key is generated based on the verification code.
Optionally, the apparatus further includes a shared key determining module, where the shared key determining module is configured to:
acquiring a third two-dimensional code displayed by the first terminal device;
and converting the third two-dimensional code into a mnemonic character string, and determining the shared secret key based on the mnemonic character string.
The device provided by the embodiment of the application encrypts the data to be signed and the public key through the symmetric key to obtain first data, converts the first data into a first two-dimensional code, so that the first terminal equipment obtains the data to be signed through obtaining the first two-dimensional code, signs the data to be signed through a private key corresponding to the public key to obtain signed data, encrypts the signed data through the symmetric key to obtain second data, converts the second data into a second two-dimensional code, obtains the signed data through obtaining the second two-dimensional code, and sends the signed data to the block chain. In the scheme, the digital currency wallet and the client are interacted through the two-dimensional code, so that the digital currency wallet is in a state of being completely isolated from external communication, and the safety of the digital currency wallet can be greatly enhanced.
It is to be understood that the above modules of the data signing apparatus in the present embodiment have functions of implementing the corresponding steps of the data signing method in the embodiment shown in fig. 2. The function can be realized by hardware, and can also be realized by executing corresponding software by hardware. The hardware or software includes one or more modules corresponding to the functions described above. The modules can be software and/or hardware, and each module can be implemented independently or by integrating a plurality of modules. For the functional description of each module of the above data signing apparatus, reference may be specifically made to the corresponding description of the data signing method in the embodiment shown in fig. 2, and details are not repeated here.
The embodiment of the application provides an electronic device, which comprises a processor and a memory;
a memory for storing operating instructions;
and the processor is used for executing the signature method of the data provided by any embodiment of the application by calling the operation instruction.
As an example, fig. 6 shows a schematic structural diagram of an electronic device to which an embodiment of the present application is applicable, and as shown in fig. 6, the electronic device 2000 includes: a processor 2001 and a memory 2003. Wherein the processor 2001 is coupled to a memory 2003, such as via a bus 2002. Optionally, the electronic device 2000 may also include a transceiver 2004. It should be noted that the transceiver 2004 is not limited to one in practical applications, and the structure of the electronic device 2000 is not limited to the embodiment of the present application.
The processor 2001 is applied to the embodiment of the present application to implement the method shown in the above method embodiment. The transceiver 2004 may include a receiver and a transmitter, and the transceiver 2004 is applied to the embodiments of the present application to implement the functions of the electronic device of the embodiments of the present application to communicate with other devices when executed.
The Processor 2001 may be a CPU (Central Processing Unit), general Processor, DSP (Digital Signal Processor), ASIC (Application Specific Integrated Circuit), FPGA (Field Programmable Gate Array) or other Programmable logic device, transistor logic device, hardware component, or any combination thereof. Which may implement or perform the various illustrative logical blocks, modules, and circuits described in connection with the disclosure. The processor 2001 may also be a combination of computing functions, e.g., comprising one or more microprocessors, DSPs and microprocessors, and the like.
The Memory 2003 may be a ROM (Read Only Memory) or other type of static storage device that can store static information and instructions, a RAM (Random Access Memory) or other type of dynamic storage device that can store information and instructions, an EEPROM (Electrically Erasable Programmable Read Only Memory), a CD-ROM (Compact Disc Read Only Memory) or other optical Disc storage, optical Disc storage (including Compact Disc, laser Disc, optical Disc, digital versatile Disc, blu-ray Disc, etc.), a magnetic disk storage medium or other magnetic storage device, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to these.
Optionally, the memory 2003 is used for storing application program code for performing the disclosed aspects, and is controlled in execution by the processor 2001. The processor 2001 is used to execute the application program code stored in the memory 2003 to implement the signature method of the data provided in any of the embodiments of the present application.
The electronic device provided by the embodiment of the application is applicable to any embodiment of the method, and is not described herein again.
The embodiment of the application provides an electronic device, compared with the prior art, through obtaining the first two-dimensional code that second terminal equipment shows, and turn into first data with the first two-dimensional code, decrypt first data through the symmetric key, obtain data and the public key of waiting to sign, treat the data of signing through the private key that corresponds with the public key and sign, obtain data after signing, encrypt the data after signing through the symmetric key and obtain second data, and turn into the second two-dimensional code with the second data, second terminal equipment obtains data after signing through obtaining the second two-dimensional code, and send data after signing to the block chain. In the scheme, the digital currency wallet and the client are interacted through the two-dimensional code, so that the digital currency wallet is in a state of being completely isolated from external communication, and the safety of the digital currency wallet can be greatly enhanced.
The embodiment of the application provides a computer-readable storage medium, and a computer program is stored on the computer-readable storage medium, and when the program is executed by a processor, the program realizes the signature method of the data shown in the embodiment of the method.
The computer-readable storage medium provided in the embodiments of the present application is applicable to any of the embodiments of the foregoing method, and is not described herein again.
Compared with the prior art, the embodiment of the application provides a computer-readable storage medium, the first two-dimensional code displayed by second terminal equipment is obtained, the first two-dimensional code is converted into first data, the first data is decrypted through a symmetric key, data to be signed and a public key are obtained, the data to be signed are signed through a private key corresponding to the public key, signed data are obtained, the signed data are encrypted through the symmetric key, second data are obtained, the second data are converted into a second two-dimensional code, the second terminal equipment obtains the signed data through obtaining the second two-dimensional code, and the signed data are sent to a block chain. In the scheme, the digital currency wallet and the client are interacted through the two-dimensional code, so that the digital currency wallet is in a state of being completely isolated from external communication, and the safety of the digital currency wallet can be greatly enhanced.
It should be understood that, although the steps in the flowcharts of the figures are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and may be performed in other orders unless explicitly stated herein. Moreover, at least a portion of the steps in the flow chart of the figure may include multiple sub-steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed alternately or alternately with other steps or at least a portion of the sub-steps or stages of other steps.
The foregoing is only a partial embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.
Claims (12)
1. A method for signing data, which is applied to a first terminal device, the method comprising:
acquiring a first two-dimensional code displayed by second terminal equipment, and converting the first two-dimensional code into first data;
decrypting the first data through a symmetric key to obtain data to be signed and a public key;
signing the data to be signed through a private key corresponding to the public key to obtain signed data;
and encrypting the signed data through the symmetric key to obtain second data, and converting the second data into a second two-dimensional code, so that the second terminal equipment obtains the signed data through obtaining the second two-dimensional code, and sends the signed data to the block chain.
2. The method of claim 1, further comprising:
generating a verification code based on a current time period and a shared key, the shared key being generated by the first terminal device;
generating the symmetric key based on the verification code.
3. The method of claim 2, further comprising:
and converting the mnemonic word character string used for generating the shared secret key into a third two-dimensional code so that the second terminal can obtain the third two-dimensional code and determine the shared secret key based on the third two-dimensional code.
4. A method according to claim 2 or 3, wherein the shared secret key is associated with the public key.
5. A signature method of data is applied to a second terminal device, and the method comprises the following steps:
encrypting the data to be signed and the public key through a symmetric key to obtain first data;
converting the first data into a first two-dimensional code so that a first terminal device obtains the data to be signed by obtaining the first two-dimensional code, signs the data to be signed through a private key corresponding to the public key to obtain signed data, encrypts the signed data through the symmetric key to obtain second data, and converts the second data into a second two-dimensional code;
and acquiring the signed data by acquiring the second two-dimensional code, and sending the signed data to a block chain.
6. The method of claim 5, wherein the obtaining the signed data by obtaining the second two-dimensional code comprises:
and decrypting the second data through the symmetric key to obtain the signed data.
7. The method of claim 5, further comprising:
generating a verification code based on a current time period and a shared key, the shared key being generated by the first terminal device;
generating the symmetric key based on the verification code.
8. The method according to any one of claims 5-7, further comprising:
acquiring a third two-dimensional code displayed by the first terminal device;
and converting the third two-dimensional code into a mnemonic word character string, and determining a shared secret key based on the mnemonic word character string.
9. An apparatus for signing data, comprising:
the code scanning module is used for acquiring a first two-dimensional code displayed by second terminal equipment and converting the first two-dimensional code into first data;
the data decryption module is used for decrypting the first data through a symmetric key to obtain data to be signed and a public key;
the signature module is used for signing the data to be signed through a private key corresponding to the public key to obtain signed data;
and the data interaction module is used for encrypting the signed data through the symmetric key to obtain second data and converting the second data into a second two-dimensional code, so that the second terminal equipment obtains the signed data through obtaining the second two-dimensional code and sends the signed data to the block chain.
10. An apparatus for signing data, comprising:
the data encryption module is used for encrypting the data to be signed and the public key through a symmetric key to obtain first data;
the data conversion module is used for converting the first data into a first two-dimensional code so that the first terminal equipment obtains the data to be signed by obtaining the first two-dimensional code, signs the data to be signed by a private key corresponding to the public key to obtain signed data, encrypts the signed data by the symmetric key to obtain second data, and converts the second data into a second two-dimensional code;
and the data sending module is used for obtaining the signed data by obtaining the second two-dimensional code and sending the signed data to the block chain.
11. An electronic device comprising a processor and a memory;
the memory is used for storing operation instructions;
the processor is used for executing the method of any one of claims 1-8 by calling the operation instruction.
12. A computer-readable storage medium, characterized in that the storage medium has stored thereon a computer program which, when being executed by a processor, carries out the method of any one of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110336644.8A CN112862488A (en) | 2021-03-29 | 2021-03-29 | Data signature method and device, electronic equipment and computer readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110336644.8A CN112862488A (en) | 2021-03-29 | 2021-03-29 | Data signature method and device, electronic equipment and computer readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112862488A true CN112862488A (en) | 2021-05-28 |
Family
ID=75993154
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110336644.8A Pending CN112862488A (en) | 2021-03-29 | 2021-03-29 | Data signature method and device, electronic equipment and computer readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112862488A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115862192A (en) * | 2022-11-07 | 2023-03-28 | 北京深盾科技股份有限公司 | Control method, control system, electronic device, and storage medium |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105323062A (en) * | 2014-06-03 | 2016-02-10 | 北京收付宝科技有限公司 | Mobile terminal digital certificate electronic signature method |
| CN107659402A (en) * | 2017-10-18 | 2018-02-02 | 浪潮(北京)电子信息产业有限公司 | A kind of transaction data endorsement method, device and the medium of digital encryption currency |
| CN107832624A (en) * | 2017-10-25 | 2018-03-23 | 济南浪潮高新科技投资发展有限公司 | A kind of visualization signature system and method based on block chain |
| CN109615030A (en) * | 2018-10-12 | 2019-04-12 | 阿里巴巴集团控股有限公司 | Dimension code anti-counterfeit method, equipment and system based on security application |
| CN109767221A (en) * | 2019-01-16 | 2019-05-17 | 杭州趣链科技有限公司 | A kind of cross-platform endorsement method of movement towards block chain safety |
| CN110224810A (en) * | 2019-04-28 | 2019-09-10 | 新大陆(福建)公共服务有限公司 | A kind of method for anti-counterfeit of two dimensional code |
| CN111445243A (en) * | 2020-03-17 | 2020-07-24 | 北京达龙上东文化艺术传播有限责任公司 | Wallet terminal for digital currency, currency transaction system and transaction method |
| CN111667039A (en) * | 2020-06-01 | 2020-09-15 | 乐一 | Two-dimensional code anti-counterfeiting method |
| CN112352241A (en) * | 2018-06-12 | 2021-02-09 | 王健 | Digital currency interaction method, digital currency physical carrier, terminal device and storage medium |
-
2021
- 2021-03-29 CN CN202110336644.8A patent/CN112862488A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105323062A (en) * | 2014-06-03 | 2016-02-10 | 北京收付宝科技有限公司 | Mobile terminal digital certificate electronic signature method |
| CN107659402A (en) * | 2017-10-18 | 2018-02-02 | 浪潮(北京)电子信息产业有限公司 | A kind of transaction data endorsement method, device and the medium of digital encryption currency |
| CN107832624A (en) * | 2017-10-25 | 2018-03-23 | 济南浪潮高新科技投资发展有限公司 | A kind of visualization signature system and method based on block chain |
| CN112352241A (en) * | 2018-06-12 | 2021-02-09 | 王健 | Digital currency interaction method, digital currency physical carrier, terminal device and storage medium |
| CN109615030A (en) * | 2018-10-12 | 2019-04-12 | 阿里巴巴集团控股有限公司 | Dimension code anti-counterfeit method, equipment and system based on security application |
| WO2020073715A1 (en) * | 2018-10-12 | 2020-04-16 | 阿里巴巴集团控股有限公司 | Two-dimensional code anti-counterfeiting method, device and system based on security application |
| CN109767221A (en) * | 2019-01-16 | 2019-05-17 | 杭州趣链科技有限公司 | A kind of cross-platform endorsement method of movement towards block chain safety |
| CN110224810A (en) * | 2019-04-28 | 2019-09-10 | 新大陆(福建)公共服务有限公司 | A kind of method for anti-counterfeit of two dimensional code |
| CN111445243A (en) * | 2020-03-17 | 2020-07-24 | 北京达龙上东文化艺术传播有限责任公司 | Wallet terminal for digital currency, currency transaction system and transaction method |
| CN111667039A (en) * | 2020-06-01 | 2020-09-15 | 乐一 | Two-dimensional code anti-counterfeiting method |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115862192A (en) * | 2022-11-07 | 2023-03-28 | 北京深盾科技股份有限公司 | Control method, control system, electronic device, and storage medium |
| CN115862192B (en) * | 2022-11-07 | 2023-11-03 | 北京深盾科技股份有限公司 | Control method, control system, electronic device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111079128B (en) | Data processing method and device, electronic equipment and storage medium | |
| CN105099692B (en) | Security verification method and device, server and terminal | |
| CN113572715B (en) | Data transmission method and system based on block chain | |
| CN103546289A (en) | USB (universal serial bus) Key based secure data transmission method and system | |
| CN105553654A (en) | Key information query processing method and device and key information management system | |
| CN111131416A (en) | Business service providing method and device, storage medium and electronic device | |
| CN114553590B (en) | Data transmission method and related equipment | |
| CN111161056A (en) | Method, system and equipment for improving transaction security of digital assets | |
| CN104935435A (en) | Login methods, terminal and application server | |
| CN112671705A (en) | Message processing method and device, electronic equipment and computer readable storage medium | |
| CN113259133A (en) | Encryption communication method, equipment and storage medium based on HTTP protocol | |
| US20220261798A1 (en) | Computer-Implemented System and Method for Facilitating Transactions Associated with a Blockchain Using a Network Identifier for Participating Entities | |
| CN111444551A (en) | Account registration and login method and device, electronic equipment and readable storage medium | |
| US11128455B2 (en) | Data encryption method and system using device authentication key | |
| CN111262852B (en) | Business card signing and issuing method and system based on block chain | |
| CN110798322B (en) | Operation request method, device, storage medium and processor | |
| CN111241492A (en) | Product multi-tenant secure credit granting method, system and electronic equipment | |
| CN116455572B (en) | Data encryption method, device and equipment | |
| CN112862488A (en) | Data signature method and device, electronic equipment and computer readable storage medium | |
| CN111553686A (en) | Data processing method and device, computer equipment and storage medium | |
| CN114172923B (en) | Data transmission method, communication system and communication device | |
| CN115603907A (en) | Method, device, equipment and storage medium for encrypting storage data | |
| CN115102768A (en) | Data processing method and device and computer equipment | |
| US11005651B2 (en) | Method and terminal for establishing security infrastructure and device | |
| TWI576779B (en) | Method and Method of Payment Authentication System for Internet of Things |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220207 Address after: Floor 20, block a, Jintang center, No. 18, Fengtai North Road, Fengtai District, Beijing 100071 Applicant after: THE PEOPLES BANK OF CHINA, DIGITAL CASH Research Institute Applicant after: China CITIC Bank Co., Ltd Address before: 100020 floors 6-30, 32-42, building 1, yard 10, Guanghua Road, Chaoyang District, Beijing Applicant before: CHINA CITIC BANK Co.,Ltd. |
|
| TA01 | Transfer of patent application right |