CN113239379B - SCEP (secure certificate privacy protocol) -based national secret certificate issuing method and system - Google Patents

Abstract

The invention provides a method and a system for signing and issuing a national secret certificate based on an SCEP protocol, wherein the method comprises the following steps: the client side packages the data of the application form P10 through a SCEP protocol based on a new PKCSReq message structure body to obtain a double-digital-certificate request message body so as to initiate a digital certificate request to the server side; after receiving the double-digital-certificate request message body, the server acquires application form P10 data by analyzing the double-digital-certificate request message body, then signs a signature certificate and an encryption certificate according to the application form P10 data, and generates private key ciphertext data; and the server side encapsulates the signature certificate, the encryption certificate and the private key ciphertext data based on the new CertRep data structure through the SCEP protocol to obtain a double-digital-certificate response message body, and returns the double-digital-certificate response message body to the client side. The invention carries out the national cryptographic algorithm expansion on the requested PKCSReq message structure and the returned certRep data structure so as to support the equipment using the SCEP protocol to connect the digital certificate authentication system and sign and issue the double certificate of the national cryptographic algorithm.

Description

SCEP (secure certificate privacy protocol) -based national secret certificate issuing method and system

Technical Field

The invention relates to the technical field of digital certificates, in particular to a method and a system for signing and issuing a national secret certificate based on an SCEP (secure certificate authority).

Background

As shown in fig. 1, when a client initiates a certificate application, the SCEP protocol encapsulates a PKCSReq message structure as a request body, which includes application form P10 data required when applying for a certificate. When the server receives the request, the server obtains P10 data by analyzing the request body; according to the certificate application P10, the process of issuing the document certificate is carried out, and the plaintext data needs to be encrypted by using an Envelopdata structure in a PKCS # protocol in the process so as to achieve the purpose of protecting the data security. However, since the SCEP protocol is a communication protocol established by Cisco and Verisign together, it only supports the process of the RSA document application. For the device which needs to apply for the national secret double-certificate system certificate, the protocol is not supported temporarily.

Disclosure of Invention

In view of the foregoing, there is a need to provide a method and system for issuing a cryptographic certificate based on SCEP protocol.

The invention provides a national secret certificate issuing method based on an SCEP protocol, which comprises the following steps:

constructing a new PKCSReq message structure body used for applying for a double digital certificate, constructing a new certRep data structure body used for responding to a double certificate application request, and pre-configuring a server side and a client side based on the new PKCSReq message structure body and the new certRep data structure body;

when a client applies for a double-digital certificate to a server, the client generates application form P10 data for applying for the double-digital certificate, the client packages the application form P10 data to obtain a double-digital certificate request message body based on the new PKCSReq message structure body through a SCEP protocol, and sends the double-digital certificate request message body to the server so as to initiate a double-digital certificate request;

after receiving the double digital certificate request message body, the server analyzes the double digital certificate request message body based on the new PKCSReq message structure body to acquire the data of the application form P10; the server side also signs a signature certificate and an encryption certificate according to the application form P10 data, and encrypts a private key of the encryption certificate by using a public key of the signature certificate to generate private key ciphertext data;

the server side encapsulates the signature certificate, the encryption certificate and the private key ciphertext data based on the new CertRep data structure through an SCEP protocol to obtain a double-digital-certificate response message body, and returns the double-digital-certificate response message body to the client side;

and after receiving the double digital certificate response message body, the client analyzes the double digital certificate response message body based on the new CertRep data structure body to obtain a signature certificate, an encryption certificate and a private key of the encryption certificate of the receipt of the server.

The second aspect of the present invention further provides a system for issuing a cryptographic certificate based on SCEP protocol, where the system includes: the client is in communication connection with the server;

the client is used for generating application form P10 data of the double application digital certificate, packaging the application form P10 data based on a new PKCSReq message structure body through a SCEP protocol to obtain a double digital certificate request message body, and sending the double digital certificate request message body to the server so as to initiate a double digital certificate request; the server side receives a double-digital-certificate response message body, analyzes the double-digital-certificate response message body based on a new CertRep data structure body to obtain a signature certificate, an encryption certificate and a private key of the encryption certificate of the server side receipt;

the server is used for analyzing the double-digital-certificate request message body based on the new PKCSReq message structure body after receiving the double-digital-certificate request message body, acquiring the application form P10 data, issuing a signature certificate and an encrypted certificate according to the application form P10 data, and encrypting a private key of the encrypted certificate by using a public key of the signature certificate to generate private key ciphertext data; and the server is further configured to encapsulate the signature certificate, the encrypted certificate and the private key ciphertext data based on the new CertRep data structure through an SCEP protocol to obtain a double-digital-certificate response message body, and return the double-digital-certificate response message body to the client.

The invention supports equipment using the SCEP protocol to be connected with a digital certificate authentication system, signs and issues a double-certificate of a national cryptographic algorithm, and realizes simultaneous application and issuance of an encrypted certificate and a signed certificate while ensuring the safe transmission of double-certificate request data and double-certificate receipt data, thereby reducing the interaction times between a double-certificate request end and an issuing end, improving the certificate issuing efficiency, and being more suitable for the field of the Internet of things. Meanwhile, the invention reserves the most original standard use mode of the SCEP protocol and can still support the document certificate applying for the international algorithm RSA.

Additional aspects and advantages of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.

Drawings

The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:

FIG. 1 illustrates a flowchart of a prior art SCEP protocol based document application;

FIG. 2 is a flow chart of a cryptographic dual certificate issuing method based on the SCEP protocol;

FIG. 3 is a block diagram illustrating the structure of a CertRep data structure according to the present invention;

FIG. 4 is a block diagram of a SignedData (A) data structure according to the present invention;

FIG. 5 is a block diagram of an envelopdata data structure II according to the present invention.

Detailed Description

In order that the above objects, features and advantages of the present invention can be more clearly understood, a more particular description of the invention will be rendered by reference to the appended drawings. It should be noted that the embodiments and features of the embodiments of the present application may be combined with each other without conflict.

In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, however, the present invention may be practiced in other ways than those specifically described herein, and therefore the scope of the present invention is not limited by the specific embodiments disclosed below.

The SCEP Protocol (Simple Certificate environment Protocol) is a part of a PKI Protocol system, and can safely and reliably provide a digital Certificate for a network device online.

Fig. 2 shows a flowchart of a cryptographic dual certificate issuing method based on SCEP protocol.

As shown in fig. 2, a first aspect of the present invention provides a cryptographic certificate issuing method based on SCEP protocol, where the method includes:

constructing a new PKCSReq message structure body used for applying for a double digital certificate, constructing a new certRep data structure body used for responding to a double certificate application request, and pre-configuring a server side and a client side based on the new PKCSReq message structure body and the new certRep data structure body;

when the server is pre-configured: updating the analysis flow of the double digital certificate request message body of the server based on the new PKCSReq message structure, and updating the encapsulation flow of the double digital certificate response message body based on the new certRep data structure, so that the server has a country secret double digital certificate signing and issuing function; when the client is pre-configured: updating the packaging flow of a double-digital-certificate request message body of the client based on the new PKCSReq message structure body, and updating the analysis flow of a double-digital-certificate response message body based on the new PKCSReq message structure body, so that the client has the functions of initiating a double-digital-certificate request and reading a signature certificate, an encryption certificate and a private key of the encryption certificate of a receipt of the server;

when a client applies for a double-digital certificate to a server, the client generates application form P10 data for applying for the double-digital certificate, the client packages the application form P10 data to obtain a double-digital certificate request message body based on the new PKCSReq message structure body through a SCEP protocol, and sends the double-digital certificate request message body to the server so as to initiate a double-digital certificate request;

after receiving the double digital certificate request message body, the server analyzes the double digital certificate request message body based on the new PKCSReq message structure body to acquire the data of the application form P10; the server side also signs a signature certificate and an encryption certificate according to the application form P10 data, and encrypts a private key of the encryption certificate by using a public key of the signature certificate to generate private key ciphertext data; the public key of the signature certificate is a public key of a public and private key pair generated by a client;

the server side encapsulates the signature certificate, the encryption certificate and the private key ciphertext data based on the new CertRep data structure through an SCEP protocol to obtain a double-digital-certificate response message body, and returns the double-digital-certificate response message body to the client side;

and after receiving the double digital certificate response message body, the client analyzes the double digital certificate response message body based on the new CertRep data structure body to obtain a signature certificate, an encryption certificate and a private key of the encryption certificate of the receipt of the server.

It should be noted that the data in the application P10 is one of the PKCS series standards: PKCS # 10. PKCS, known collectively as Public-Key Cryptography Standards, is a set of Standards developed by RSA laboratories and other security system developers to facilitate the development of Public Key Cryptography, and PKCS #10 defines a certificate request format. However, the existing PKCSReq message structure only supports single certificate application, and if a signing certificate and an encryption certificate are to be applied, multiple interactions are required, and the requirement for simultaneously applying the signing certificate and the encryption certificate cannot be met, so the invention provides a new PKCSReq message structure and a new CertRep data structure, and pre-configures a server and a client, so that the server has a country-secret double-digital-certificate issuing function, and the client has a function of initiating a double-digital-certificate request and reading the signing certificate, the encryption certificate and a private key of the encryption certificate of the receipt of the server, and the simultaneous application and issuing of the encryption certificate and the signing certificate are realized, thereby reducing the interaction times between a double-certificate request end and an issuing end, and improving the certificate issuing efficiency.

After receiving the encrypted certificate and the signature certificate signed by the server, the subsequent client selects different digital certificates according to different services, signs by using the private key of the signature certificate, obtains the signature certificate of the client from the server after the opposite end receives the signature certificate, and verifies the signature based on the public key of the signature certificate, so that the identity of the client is verified.

Further, when the client generates application form P10 data for applying for the dual digital certificate, the following steps are executed:

the client selects a national-secret encryption card to generate a public and private key pair corresponding to a group of signature certificates, and locally stores a private key of the public and private key pair; the client generates signing certificate request content and encryption certificate request content, and signs the signing certificate request content and the encryption certificate request content by adopting a private key of the public and private key pair; and generating application P10 data for applying for the double digital certificate based on the public key of the public-private key pair, the request content of the signing certificate, the request content of the encryption certificate and the corresponding signing information.

It should be noted that, when the client applies for the dual digital certificate to the server, a set of asymmetric key pairs is generated, and a public key of the asymmetric key pair is sent to the server along with the data of the application form P10, and plays a role when the server generates a signature certificate.

In order to reduce the data of the application form P10 and accelerate the signing and issuing speed of the national password dual certificate, the signing certificate request content and the encryption certificate request content may be set to be ID numbers agreed with the server, for example, the first ID number is used for applying for a signing certificate, the second ID number is used for applying for an encryption certificate, when the server parses the first ID number, the signing certificate is signed, and when the server parses the second ID number, the encryption certificate is signed and the private key ciphertext data of the encryption certificate is generated.

Specifically, when the server side encrypts the private key of the encrypted certificate by using the public key of the signature certificate to generate private key ciphertext data, the server side executes: the server side randomly generates a random number as a key, and the key is adopted to carry out operation processing on the private key of the encrypted certificate through a SM4 algorithm to obtain private key ciphertext data; after the server side obtains the private key ciphertext data, the server side also calls a client side public key in the application form P10 data to encrypt the key to obtain a ciphertext of the key, and the ciphertext of the key is packaged together with the private key ciphertext data and returned to the client side; wherein, the client public key in the application form P10 data is the public key of the signature certificate.

Correspondingly, when the client analyzes the double-digital-certificate response message body based on the new CertRep data structure body to obtain the private key of the encrypted certificate, the following steps are executed:

the client analyzes the double-digital-certificate response message body to obtain a signature certificate, an encryption certificate and private key ciphertext data of the encryption certificate, wherein the private key ciphertext data of the encryption certificate comprises a private key ciphertext and a ciphertext of a key; the client calls the private key of the signature certificate to decrypt the ciphertext of the key to obtain the plaintext of the key, and decrypts the private key ciphertext of the encryption certificate based on the plaintext of the key and the SM4 algorithm of the national key to obtain the private key of the encryption certificate and stores the private key locally. The private key of the signature certificate and the public key of the signature certificate are a group of key pairs, and the group of key pairs are public and private key pairs pre-generated when the client applies the double digital certificates to the server.

It should be noted that, the new PKCSReq message structure uses an encrypted data envelopdata data structure i defined by the PKCS #7 specification, where the encrypted data envelopdata data structure i is: request structure Version number Version, server information recipientinfo and encrypted content information encryptedcontentlnfo. The SCEP protocol is an international general protocol which does not support the national cryptographic algorithm temporarily, and in order to support the transmission data protected by the national cryptographic algorithm by using the protocol, the key algorithm in the structural body is encapsulated and expanded to support the SM2 asymmetric key algorithm and the SM4 symmetric key algorithm, so that the purpose of protecting the transmission double-digital certificate request data is achieved through the encryption operation of the national cryptographic algorithm.

Further, when constructing a new PKCSReq message structure for applying for a dual digital certificate, the following steps are performed:

generating a request structure Version number Version for identifying a new PKCSReq message structure;

generating a server information RecipientInfo substructure body for signing and issuing a double-digital certificate, and using an appointed server certificate and an algorithm used for encrypting a symmetric key I by using a public key corresponding to the server certificate as a national secret SM2 algorithm and storing a symmetric key I ciphertext;

generating an encrypted content information EncrypteddContentInfo substructure I to store an application form P10 data ciphertext for applying for a double digital certificate and specifying a symmetric key algorithm for encrypting the data of the application form P10 as an SM4 algorithm;

and forming an encrypted data EnvelopedData data structure I defined by a PKCS #7 specification based on the request structure Version number Version, the server information RecipientInfo sub-structure and the content information EncrypttedContentInfo sub-structure so as to obtain a new PKCSReq message structure for applying for the double digital certificate.

According to the embodiment of the invention, an encrypted data envelopdata data structure I is defined as follows:

EnvelopedData::= SEQUENCE {

version Version,

recipientInfos RecipientInfos,

encryptedContentInfo EncryptedContentInfo

}

RecipientInfos::= SET OF RecipientInfo

EncryptedContentInfo::= SEQUENCE {

contentType ContentType,

contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,

encryptedContent [0] IMPLICIT EncryptedContentOPTIONAL

}

EncryptedContent::= OCTET STRING

RecipientInfo::= SEQUENCE {

version Version,

issuerAndSerialNumber IssuerAndSerialNumber,

keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,

encryptedKey EncryptedKey

}

EncryptedKey::= OCTET STRING

wherein:

the recipientinfo specifies receiver information, such as server information for signing and issuing double-digital certificates, a server certificate, a certificate authority name and the like, specifies an algorithm used for encrypting the symmetric key by using a public key corresponding to the server certificate as a national secret SM2 algorithm, and stores a symmetric key I ciphertext;

EncryptedContentInfo specifies encrypted content information, for example, data ciphertext of an application form P10 for applying for a dual digital certificate;

contentencryptionsuccessful identifier defines a symmetric key algorithm, for example, the symmetric key algorithm used for encrypting the data of the application form P10 is designated as SM4 algorithm;

issuerAndSerialNumber specifies a server certificate, a part of server information, determined by an issuer alias and an issuer serial number;

the keyencryptionsuccessful identifier specifies the encryption algorithm and corresponding parameters for encrypting the symmetric key i with the server public key, for example, the SM2 algorithm is specified as the algorithm used for encrypting the symmetric key i with the public key corresponding to the server certificate.

The encrypt key is the result of the symmetric key I encrypted by the server public key, namely the symmetric key I ciphertext.

Further, the construction process of the encrypted data envelopdata data structure I is as follows:

randomly generating a symmetric key I of a national secret SM4 algorithm;

acquiring a public key of a server, and encrypting the symmetric key I by using the public key of the server through a SM2 algorithm to obtain a symmetric key I ciphertext;

putting the symmetric key I ciphertext and the server information into a server information RecipientInfo substructure;

encrypting the data of the application form P10 by using the symmetric key I through a national secret SM4 algorithm to obtain a data ciphertext of the application form P10, and putting the data ciphertext of the application form P10 into an encrypted content information EncrypttedContentInfo substructure I;

and putting the server information recipientinfo substructure and the encrypted content information EncryptentInfo substructure I into an encrypted data EnvelopdData data structure I.

Correspondingly, when the server side analyzes the double-digital-certificate request message body, a symmetric key I ciphertext is analyzed from the server side information RecipientInfo substructure body, and an application form P10 data ciphertext is analyzed from the encrypted content information EncrypttedContentInfo substructure body I; and acquiring a private key of the server, encrypting the symmetric key I ciphertext by using the private key of the server through a national secret SM2 algorithm to obtain a symmetric key I plaintext, and decrypting the application form P10 data ciphertext by using the symmetric key I plaintext through a national secret SM4 algorithm to obtain the application form P10 data.

It should be noted that the SCEP protocol is an international general protocol, which does not support a national cryptographic algorithm temporarily, and in order to encapsulate transmission data protected by the national cryptographic algorithm using the SCEP protocol, the application encapsulates and expands the key algorithm in the encrypted data encrypteddata data structure i by constructing a new server information recipientinfo substructure and an encrypted content information encryptedcontentlnfo substructure i, so that the cryptographic algorithm in the encrypted data encrypteddata structure i supports the encryption transmission of the double-digital-certificate request data by using a national cryptographic SM2 asymmetric key algorithm and an SM4 symmetric key algorithm, and the purpose of protecting the transmission data is achieved by the cryptographic operation of the national cryptographic algorithm.

Further, when constructing a new CertRep data structure for responding to a dual certificate application request, performing:

generating a signature data SignedData (A) data structure;

generating an encrypted data EnvelopedData data structure II for storing the signature certificate, the encrypted certificate and the private key ciphertext data;

generating a new data type ContentType sub-structure based on the signature data SignedData (A) data structure, and generating a new data Content sub-structure based on the encrypted data EnvelopedData data structure II;

and constructing a new CertRep data structure through the new data type ContentType sub-structure and the new data Content sub-structure.

As shown in fig. 3, the new CertRep data structure includes a data type ContentType and a data Content, where the data type ContentType includes at least signature data signeddata (a), and the data Content includes at least encrypted data envelopdata.

It should be noted that, in order to simplify receipt data for certificate issuance to reduce network overhead, the new CertRep data structure of the present application self-defines the original CertRep data structure, so that the server can issue a signature certificate, an encryption certificate, and a private key of the encryption certificate at a time after receiving the data of application form P10.

As shown in fig. 4, the signature data signeddata (a) data structure includes: a first Version number Version, a first digest algorithm identification DigetAlgorithm identifiers, a signed content ContentInfo, a certificate set Certificates and a signer information set SignerInfo sub-data structure body; the certificate set certifies is a CA certificate in x.509 certificate format;

the signer information set signnerinfo sub-data structure comprises: the second Version number Version, the serial number SN and recognizable name DN of the CA certificate, the second digest algorithm identification digestalgorithmididentifier, the attribute set authentitydattribute used by the signer for signing, the asymmetric algorithm digestencryptionalgorithmidifier, and the result value EncryptedDigest signed by the private key of the signer, wherein the result value EncryptedDigest is obtained by signing the attribute set authentitydattribute by using the private key of the signer (the private key of the server).

It should be noted that, a first digest algorithm specified by a first digest algorithm identifier digestalgorithmids is selected to perform digest operation on a public key of a client and a terminal entity identifier to obtain a first digest, a private key corresponding to a CA certificate is used to encrypt the first digest to obtain first CA signature information, and a signature certificate in an x.509 certificate format is obtained based on the public key of the client, the terminal entity identifier and the first CA signature information; and performing digest operation on the public key and the terminal entity identifier of the encrypted certificate by using a first digest algorithm to obtain a second digest, encrypting the second digest by using a private key corresponding to the CA certificate to obtain second CA signature information, and signing and issuing according to the public key, the terminal entity identifier and the second CA signature information of the encrypted certificate to obtain the encrypted certificate in the X.509 certificate format.

Specifically, the second digest algorithm identifies digestalgorithmids as the MD5 digest algorithm, and the attribute set authentitedattributes used by the signer for signing includes five attributes, i.e., transactionID at the time of request, recipientNonce at the time of request as response, sendnonce, messageType (CertRep), and pkistatus.

It can be understood that the second digest algorithm specified by the second digest algorithm identifier digestalgorithmids is selected to perform digest operation on the attribute set authentitedattributes, the private key of the signer (server private key) is adopted, the digest operation result is encrypted by the algorithm specified by the asymmetric algorithm digestencryptionalgorithmidentifiers, a result value EncryptedDigest is obtained, and the result value is returned to the client along with the signature certificate and the encrypted certificate, so that the client can judge whether the returned double-digital-certificate response message body is legal or not according to the transactionID at the time of the request, the sennoderne at the time of the request and the like.

The digital certificate of the issuer CA can be determined according to the serial number SN and the recognizable name DN of the CA certificate.

As shown in fig. 5, the encrypted data envelopdata data structure ii includes: responding to the structure Version number Version, the client information recipientiness sub-data structure and the encrypted content information encrypted condContentInfo sub-structure II;

the client information recipientiness sub-data structure comprises: the client-side is pre-installed on the terminal entity, wherein the client-side comprises Version number Version, a recognizable name DN and a serial number SN of the terminal entity, a key encryption algorithm KeyEncryptionGmercmIdentifier for encrypting a symmetric key and an encrypted key EncrypttedKey;

the encrypted key EncryptedKey is obtained by randomly generating a symmetric key and encrypting the symmetric key by using public key information for a signature certificate in a client application form;

the encrypted content information encryptedcontentlnfo data structure includes: the data type ContentType, the encryption algorithm identification ContentEncryptionAlgorithmIdentifier and the encrypted content EncrypttedContentifier; the encryption algorithm identifier is a DES symmetric encryption algorithm identifier, and the encrypted content EncrypttedContentifier is obtained by encrypting signature data SignedData (B) by using the symmetric key;

the signature data signeddata (b) data structure includes: version number Version, digest algorithm identification digestalgorithmIdentifiers, signed content info, certificate set certifications; the digest algorithm identifies the digestalgorithmids as the MD5 digest algorithm; the content ContentInfo of the signature is obtained by encrypting the private key of the encryption certificate by using the public key information used for applying the signature certificate in the client application form; the certificate sets certifies are signed Certificates and encrypted Certificates in the x.509 certificate format.

Further, when the server generates an encrypted data envelopdata data structure ii, the following steps are performed: generating a response structure Version number Version for identifying a new CertRep data structure, generating a client information recipientinfo sub-data structure for storing a symmetric key II ciphertext and a terminal entity identifier, generating an encrypted content information EncryptedContentInfo sub-structure II for storing a signature data signedData (B) ciphertext, and constructing an encrypted data encryptedData data structure II based on the response structure Version number Version, the client information recipientinfo sub-data structure and the encrypted content information EncryptedContentInfo sub-structure II;

when the server generates a client information recipientiness sub-data structure body used for storing a symmetric key II ciphertext and a terminal entity identifier, the following steps are specifically executed: acquiring a recognizable name DN and a serial number SN of a terminal entity, and putting the recognizable name DN and the serial number SN into an IssuerAndSerialNumber terminal entity identification structure body; the server randomly generates a symmetric key II, encrypts a symmetric key II ciphertext obtained by the symmetric key II through a SM4 algorithm by using a public key corresponding to the signature certificate (public key information for the signature certificate in the client application form), and puts the symmetric key II ciphertext into an encrypted symmetric key EncryptedKey structure; the SM4 algorithm is specified by a key encryption algorithm keyencryptionalgorithmidifier for encrypting a symmetric key, for example, the SM4 algorithm is specified as an encryption algorithm used for encrypting the symmetric key ii by using public key information for a signature certificate in a client application;

when the server generates an encrypted content information encryptedcontentlnfo sub-structure II for storing signature data SignedData (B) ciphertext, the method specifically executes the following steps:

the server side puts the signed signature certificate and the encrypted certificate into a certificate set certifications structure, encrypts a private key of the encrypted certificate by using a public key of the signature certificate to generate private key ciphertext data, puts the private key ciphertext data into a signed content ContentInfo structure, and builds signed data SignedData (B) based on the certificate set certifications structure and the signed content ContentInfo structure;

the server side encrypts the signature data SignedData (B) by using a symmetric key II through a state secret SM2 algorithm to obtain a signature data SignedData (B) ciphertext, and the signature data SignedData (B) ciphertext is placed into an encrypted content EncrypttedContent structure;

based on the encrypted content EncryptedContent structure and the encryption algorithm identifier contentencryptionalgorithmididentifier, the encrypted content information encryptedcontentlnfo sub-structure ii is obtained.

It can be understood that in the SCEP protocol definition, the issue document certificate supported by the international algorithm is stored in the Certificates attribute of the SignedData structure, but for the double certificate request meeting the cryptographic algorithm, the protocol does not explicitly provide how to package the returned certificate data, and cannot meet the requirement of issuing a signature certificate and an encryption certificate at the same time; therefore, the application needs to extend the use mode of the server to achieve the purpose of supporting the issuance of the national secret double certificate.

After the server receives the SCEP protocol data request of the client, the invention improves the analysis flow of the server to the structure body packaged by the SCEP protocol, and increases the analysis flow of the request structure body of the cryptographic algorithm. When the server returns data to the client, the SM2 and SM4 key algorithms are expanded and encapsulated in the same manner, and the certificate data responded by the server is encapsulated in the new CertRep data structure.

As can be seen from fig. 5, the signature certificate, the encryption certificate, and the private key ciphertext data are placed in the signature data signeddata (b), and the signature data signeddata (b) is included in the encrypted content information encryptedcontentlnfo sub-structure ii, and the encrypted content information encryptedcontentlnfo sub-structure ii is a part of the encrypted data encrypteddata data structure ii, so that the signature certificate, the encryption certificate, and the private key ciphertext data are all stored in the encrypted data encrypteddata data structure ii.

Specifically, when the server returns the double-certificate, the server simultaneously returns the signature certificate, the encryption certificate and the encrypted encryption private key data. And (3) performing extended encapsulation on the current three returned data according to the figure, namely putting the double-certificate certificates into certificates, and putting the encrypted private key data into a conteneninfo structure body in a digital envelope mode, so that the purpose of enabling the SCEP protocol to support returning of the double-certificate certificates of the national password is achieved.

The second aspect of the present invention further provides a system for issuing a cryptographic certificate based on SCEP protocol, which is used to implement the method for issuing a cryptographic certificate based on SCEP protocol, where the system includes: the client is in communication connection with the server;

the client is used for generating application form P10 data of the double application digital certificate, packaging the application form P10 data based on a new PKCSReq message structure body through a SCEP protocol to obtain a double digital certificate request message body, and sending the double digital certificate request message body to the server so as to initiate a double digital certificate request; the server side receives a double-digital-certificate response message body, analyzes the double-digital-certificate response message body based on a new CertRep data structure body to obtain a signature certificate, an encryption certificate and a private key of the encryption certificate of the server side receipt;

the server is used for analyzing the double-digital-certificate request message body based on the new PKCSReq message structure body after receiving the double-digital-certificate request message body, acquiring the application form P10 data, issuing a signature certificate and an encrypted certificate according to the application form P10 data, and encrypting a private key of the encrypted certificate by using a public key of the signature certificate to generate private key ciphertext data; and the server is further configured to encapsulate the signature certificate, the encrypted certificate and the private key ciphertext data based on the new CertRep data structure through an SCEP protocol to obtain a double-digital-certificate response message body, and return the double-digital-certificate response message body to the client.

Based on the SCEP standard protocol, the invention carries out the national cryptographic algorithm expansion on the requested PKCSReq message structure and the returned CertRep data structure by adding the encapsulation and the analysis of the national cryptographic algorithms SM2, SM3 and SM4 at the client and the server, achieves the purpose of using the national cryptographic algorithm to encapsulate and analyze the request and response structure of the SCEP protocol, and can meet the encapsulation of the national cryptographic double certificate and the encrypted encryption private key by expanding the server response structure CertRep, thereby achieving the capability that the SCEP protocol can support the transmission of the national cryptographic double certificate.

Based on the above, the invention supports the equipment using the SCEP protocol to connect with the digital certificate authentication system and sign and issue the double certificate of the cryptographic algorithm. Meanwhile, the invention reserves the most original standard use mode of the SCEP protocol and can still support the document certificate applying for the international algorithm RSA.

The above description is only for the specific embodiments of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present invention, and all the changes or substitutions should be covered within the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the appended claims.

Claims (4)

1. A cryptographic certificate issuing method based on SCEP is characterized by comprising the following steps:

constructing a new PKCSReq message structure body used for applying for a double digital certificate, constructing a new certRep data structure body used for responding to a double certificate application request, and pre-configuring a server side and a client side based on the new PKCSReq message structure body and the new certRep data structure body;

generating application form P10 data for applying for a double-digital certificate by a client, packaging the application form P10 data by the client through a SCEP (secure certificate privacy protocol) based on the new PKCSReq message structure body to obtain a double-digital certificate request message body, and sending the double-digital certificate request message body to a server to initiate a double-digital certificate request;

after receiving the double digital certificate request message body, the server analyzes the double digital certificate request message body based on the new PKCSReq message structure body to acquire the data of the application form P10; the server side also signs a signature certificate and an encryption certificate according to the application form P10 data, and encrypts a private key of the encryption certificate by using a public key of the signature certificate to generate private key ciphertext data;

the server side encapsulates the signature certificate, the encryption certificate and the private key ciphertext data based on the new CertRep data structure through an SCEP protocol to obtain a double-digital-certificate response message body, and returns the double-digital-certificate response message body to the client side;

after receiving the double digital certificate response message body, the client analyzes the double digital certificate response message body based on the new CertRep data structure body to obtain a signature certificate, an encryption certificate and a private key of the encryption certificate of the receipt of the server;

when constructing a new PKCSReq message structure body for applying for a double digital certificate, executing the following steps:

generating a request structure Version number Version for identifying a new PKCSReq message structure;

generating a server information RecipientInfo substructure body for signing and issuing a double-digital certificate, and using an appointed server certificate and an algorithm used for encrypting a symmetric key I by using a public key corresponding to the server certificate as a national secret SM2 algorithm and storing a symmetric key I ciphertext;

generating an encrypted content information EncrypteddContentInfo substructure I to store an application form P10 data ciphertext for applying for a double digital certificate and specifying a symmetric key algorithm for encrypting the data of the application form P10 as an SM4 algorithm;

based on the request structure Version number Version, the server information recipientinfo substructure and the content information encryptedcontentlnfo substructure, an encrypted data envelopdata data structure I defined by a PKCS #7 specification is formed to obtain a new PKCSReq message structure for applying for a dual-digital certificate;

the construction process of the encrypted data Envelopdata data structure I is as follows:

randomly generating a symmetric key I of a national secret SM4 algorithm;

acquiring a public key of a server, and encrypting the symmetric key I by using the public key of the server through a SM2 algorithm to obtain a symmetric key I ciphertext;

putting the symmetric key I ciphertext into a server information RecipientInfo substructure;

encrypting the data of the application form P10 by using the symmetric key I through a national secret SM4 algorithm to obtain a data ciphertext of the application form P10, and putting the data ciphertext of the application form P10 into an encrypted content information EncrypttedContentInfo substructure I;

putting the server information recipientinfo substructure and the encrypted content information EncryptentInfo substructure I into an encrypted data EnvelopdData data structure I;

when constructing a new CertRep data structure for responding to a dual certificate application request, performing:

generating a signature data SignedData (A) data structure;

generating an encrypted data EnvelopedData data structure II for storing the signature certificate, the encrypted certificate and the private key ciphertext data;

generating a new data type ContentType sub-structure based on the signature data SignedData (A) data structure, and generating a new data Content sub-structure based on the encrypted data EnvelopedData data structure II;

constructing a new CertRep data structure through the new data type ContentType sub-structure and the new data Content Content sub-structure;

the signature data signeddata (a) data structure includes: the method comprises the following steps that a first Version number Version, a first digest algorithm identification DigetAlgorithm identifiers, signed content ContentInfo, a certificate set certifies and a signer information set signnerInfo sub-data structure body, wherein the certificate set certifies is a CA certificate in an X.509 certificate format;

the signer information set signnerinfo sub-data structure comprises: a second Version number Version, a serial number SN and a recognizable name DN of a CA certificate, a second digest algorithm identification DigestAlgorithmIdentifier, an attribute set authentiteddAttributes used by a signer for signature, an asymmetric algorithm DigestEncryptionnAlgorithmIdentifier, and a result value EncryptedDiget after the private key of the signer signs the digest, wherein the result value EncryptedDiget is obtained by signing the attribute set authentiteddAttributes by using the private key of the signer, and the second digest algorithm identification DigestAlgorithmIdentifier is MD5 digest algorithm;

when the server generates an encrypted data EnvelopedData data structure II for storing the signature certificate, the encrypted certificate and the private key ciphertext data, executing the following steps:

generating a response structure Version number Version for identifying a new CertRep data structure, generating a client information recipientinfo sub-data structure for storing a symmetric key II ciphertext and a terminal entity identifier, generating an encrypted content information EncryptedContentInfo sub-structure II for storing a signature data signedData (B) ciphertext, and constructing an encrypted data encryptedData data structure II based on the response structure Version number Version, the client information recipientinfo sub-data structure and the encrypted content information EncryptedContentInfo sub-structure II;

when the server generates a client information recipientiness sub-data structure body used for storing a symmetric key II ciphertext and a terminal entity identifier, the following steps are specifically executed:

acquiring a recognizable name DN and a serial number SN of a terminal entity, and putting the recognizable name DN and the serial number SN into an IssuerAndSerialNumber terminal entity identification structure body; the server side randomly generates a symmetric key II, encrypts a symmetric key II ciphertext obtained by the symmetric key II through a SM4 algorithm by using a public key corresponding to the signature certificate, and puts the symmetric key II ciphertext into an encrypted symmetric key encrypt Key structure; obtaining a client information recipientiness subdata structure based on an IssuerAndSerialNumber terminal entity identification structure and an encrypted symmetric key EncryptedKey structure;

when the server generates an encrypted content information encryptedcontentlnfo sub-structure II for storing signature data SignedData (B) ciphertext, the method specifically executes the following steps:

the server side puts the signed signature certificate and the encrypted certificate into a certificate set certifications structure, encrypts a private key of the encrypted certificate by using a public key of the signature certificate to generate private key ciphertext data, and puts the private key ciphertext data into a signed content ContentInfo structure, and the server side builds signature data signeddata (B) based on the certificate set certifications structure and the signed content ContentInfo structure;

the server side encrypts the signature data SignedData (B) by using a symmetric key II through a state secret SM2 algorithm to obtain a signature data SignedData (B) ciphertext, and the signature data SignedData (B) ciphertext is placed into an encrypted content EncrypttedContent structure; based on the encrypted content EncryptedContentInfo structure, an encrypted content information EncryptedContentInfo sub-structure ii is obtained.

2. The SCEP-protocol-based cryptographic certificate issuance method according to claim 1, wherein when the client generates application P10 data for applying for a dual digital certificate, the following steps are performed:

the client generates a group of public and private key pairs, and locally stores private keys of the public and private key pairs;

the client generates signing certificate request content and encryption certificate request content, and signs the signing certificate request content and the encryption certificate request content by adopting a private key of the public and private key pair;

and generating application P10 data for applying for the double digital certificate based on the public key of the public-private key pair, the request content of the signing certificate, the request content of the encryption certificate and the corresponding signing information.

3. The SCEP-protocol-based national secret certificate issuing method according to claim 2, wherein when the client parses the double-digital-certificate response message body based on the new CertRep data structure to obtain a private key of an encrypted certificate, the client performs:

the client analyzes the double-digital-certificate response message body to obtain a signature certificate, an encryption certificate and private key ciphertext data of the encryption certificate, wherein the private key ciphertext data of the encryption certificate comprises a private key ciphertext and a ciphertext of a key;

the client calls the private key of the signature certificate to decrypt the ciphertext of the key to obtain the plaintext of the key, and decrypts the ciphertext of the private key based on the plaintext of the key and the SM4 algorithm of the national key to obtain the private key of the encrypted certificate and stores the private key locally.

4. A cryptographic certificate issuing system based on SCEP protocol, the system comprising: the client is in communication connection with the server;

the client is used for generating application form P10 data of the double application digital certificate, packaging the application form P10 data based on a new PKCSReq message structure body through a SCEP protocol to obtain a double digital certificate request message body, and sending the double digital certificate request message body to the server so as to initiate a double digital certificate request; the server side receives a double-digital-certificate response message body, analyzes the double-digital-certificate response message body based on a new CertRep data structure body to obtain a signature certificate, an encryption certificate and a private key of the encryption certificate of the server side receipt;

the server is used for analyzing the double-digital-certificate request message body based on the new PKCSReq message structure body after receiving the double-digital-certificate request message body, acquiring the application form P10 data, issuing a signature certificate and an encrypted certificate according to the application form P10 data, and encrypting a private key of the encrypted certificate by using a public key of the signature certificate to generate private key ciphertext data; the server is further used for packaging the signature certificate, the encrypted certificate and the private key ciphertext data based on the new CertRep data structure through an SCEP protocol to obtain a double-digital-certificate response message body, and returning the double-digital-certificate response message body to the client;

when the client side constructs a new PKCSReq message structure body for applying for the double digital certificates, the client side executes the following steps:

generating a request structure Version number Version for identifying a new PKCSReq message structure;

generating a server information RecipientInfo substructure body for signing and issuing a double-digital certificate, and using an appointed server certificate and an algorithm used for encrypting a symmetric key I by using a public key corresponding to the server certificate as a national secret SM2 algorithm and storing a symmetric key I ciphertext;

generating an encrypted content information EncrypteddContentInfo substructure I to store an application form P10 data ciphertext for applying for a double digital certificate and specifying a symmetric key algorithm for encrypting the data of the application form P10 as an SM4 algorithm;

based on the request structure Version number Version, the server information recipientinfo substructure and the content information encryptedcontentlnfo substructure, an encrypted data envelopdata data structure I defined by a PKCS #7 specification is formed to obtain a new PKCSReq message structure for applying for a dual-digital certificate;

the construction process of the encrypted data Envelopdata data structure I is as follows:

randomly generating a symmetric key I of a national secret SM4 algorithm;

acquiring a public key of a server, and encrypting the symmetric key I by using the public key of the server through a SM2 algorithm to obtain a symmetric key I ciphertext;

putting the symmetric key I ciphertext into a server information RecipientInfo substructure;

encrypting the data of the application form P10 by using the symmetric key I through a national secret SM4 algorithm to obtain a data ciphertext of the application form P10, and putting the data ciphertext of the application form P10 into an encrypted content information EncrypttedContentInfo substructure I;

putting the server information recipientinfo substructure and the encrypted content information EncryptentInfo substructure I into an encrypted data EnvelopdData data structure I;

and when the server side constructs a new CertRep data structure body used for responding to the double certificate application request, the server side executes the following steps:

generating a signature data SignedData (A) data structure;

generating an encrypted data EnvelopedData data structure II for storing the signature certificate, the encrypted certificate and the private key ciphertext data;

generating a new data type ContentType sub-structure based on the signature data SignedData (A) data structure, and generating a new data Content sub-structure based on the encrypted data EnvelopedData data structure II;

constructing a new CertRep data structure through the new data type ContentType sub-structure and the new data Content Content sub-structure;

the signature data signeddata (a) data structure includes: the method comprises the following steps that a first Version number Version, a first digest algorithm identification DigetAlgorithm identifiers, signed content ContentInfo, a certificate set certifies and a signer information set signnerInfo sub-data structure body, wherein the certificate set certifies is a CA certificate in an X.509 certificate format;

the signer information set signnerinfo sub-data structure comprises: a second Version number Version, a serial number SN and a recognizable name DN of a CA certificate, a second digest algorithm identification DigestAlgorithmIdentifier, an attribute set authentiteddAttributes used by a signer for signature, an asymmetric algorithm DigestEncryptionnAlgorithmIdentifier, and a result value EncryptedDiget after the private key of the signer signs the digest, wherein the result value EncryptedDiget is obtained by signing the attribute set authentiteddAttributes by using the private key of the signer, and the second digest algorithm identification DigestAlgorithmIdentifier is MD5 digest algorithm;

when the server generates an encrypted data EnvelopedData data structure II for storing the signature certificate, the encrypted certificate and the private key ciphertext data, executing the following steps:

generating a response structure Version number Version for identifying a new CertRep data structure, generating a client information recipientinfo sub-data structure for storing a symmetric key II ciphertext and a terminal entity identifier, generating an encrypted content information EncryptedContentInfo sub-structure II for storing a signature data signedData (B) ciphertext, and constructing an encrypted data encryptedData data structure II based on the response structure Version number Version, the client information recipientinfo sub-data structure and the encrypted content information EncryptedContentInfo sub-structure II;

when the server generates a client information recipientiness sub-data structure body used for storing a symmetric key II ciphertext and a terminal entity identifier, the following steps are specifically executed:

acquiring a recognizable name DN and a serial number SN of a terminal entity, and putting the recognizable name DN and the serial number SN into an IssuerAndSerialNumber terminal entity identification structure body; the server side randomly generates a symmetric key II, encrypts a symmetric key II ciphertext obtained by the symmetric key II through a SM4 algorithm by using a public key corresponding to the signature certificate, and puts the symmetric key II ciphertext into an encrypted symmetric key encrypt Key structure; obtaining a client information recipientiness subdata structure based on an IssuerAndSerialNumber terminal entity identification structure and an encrypted symmetric key EncryptedKey structure;

when the server generates an encrypted content information encryptedcontentlnfo sub-structure II for storing signature data SignedData (B) ciphertext, the method specifically executes the following steps:

the server side puts the signed signature certificate and the encrypted certificate into a certificate set certifications structure, encrypts a private key of the encrypted certificate by using a public key of the signature certificate to generate private key ciphertext data, and puts the private key ciphertext data into a signed content ContentInfo structure, and the server side builds signature data signeddata (B) based on the certificate set certifications structure and the signed content ContentInfo structure;

the server side encrypts the signature data SignedData (B) by using a symmetric key II through a state secret SM2 algorithm to obtain a signature data SignedData (B) ciphertext, and the signature data SignedData (B) ciphertext is placed into an encrypted content EncrypttedContent structure; based on the encrypted content EncryptedContentInfo structure, an encrypted content information EncryptedContentInfo sub-structure ii is obtained.

Images