CN101674301A - Method for storing certificate - Google Patents

Method for storing certificate Download PDF

Info

Publication number
CN101674301A
CN101674301A CN200910086342A CN200910086342A CN101674301A CN 101674301 A CN101674301 A CN 101674301A CN 200910086342 A CN200910086342 A CN 200910086342A CN 200910086342 A CN200910086342 A CN 200910086342A CN 101674301 A CN101674301 A CN 101674301A
Authority
CN
China
Prior art keywords
data
file
read
byte
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN200910086342A
Other languages
Chinese (zh)
Other versions
CN101674301B (en
Inventor
陆舟
于华章
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Feitian Technologies Co Ltd
Original Assignee
Beijing Feitian Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Feitian Technologies Co Ltd filed Critical Beijing Feitian Technologies Co Ltd
Priority to CN200910086342A priority Critical patent/CN101674301B/en
Publication of CN101674301A publication Critical patent/CN101674301A/en
Application granted granted Critical
Publication of CN101674301B publication Critical patent/CN101674301B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a method for storing certificate, belonging to the field of information safety. The method comprises the steps: a client computer sends command of selecting an application catalog file, an object catalog file, a storage catalog file and a storage file to safety equipment, and leads the certificate to be written into the storage file of the safety equipment. By the interactive operation between the client computer and the safety equipment, the certificate can be written into a specified file of the safety equipment, so that share storage of the certificate can be realized.

Description

A kind of method of Store Credentials
Technical field
The present invention relates to information security field, particularly a kind of method of Store Credentials.
Background technology
Fast development along with information industry, the development of information technology brings great convenience not only for people's life, also fundamentally changed people's life style, behavior and values, the extensive use of information technology in commerce simultaneously also produced huge and deep effect to economy and social development.The user can utilize various safety means to carry out transmission, storage or the authentication etc. of information.
Safety means (as smart card and USB KEY etc.) are a kind of devices that has processor and memory, be mainly used in the safety of message transmission, information stores, and, having anti-characteristic of attacking to the audit and the authentication of the Network Transmission information content, fail safe is high.Just because of these characteristics of safety means, they can be handled authentication information (as digital certificate and power, mandate and encryption key etc.), and can provide safe storage and computational tool for sensitive information in today of high speed information prosperity.Wherein, sensitive information may comprise: the value of private key and key segment, counting and preservation, password and shared secret, mandate and permission etc.
Yet in the prior art, these safety means that are used for authentication and authorization etc. lack the interoperability on different stage, and the form of depositing of the digital certificate on safety means also lacks industrial standard, feasible establishment can use the application from the certificate work of different technology manufacturers to become very difficult, and addresses this problem the cost that also will inevitably increase exploitation and safeguard in application; And certificate and under specific hardware configuration, use the specific application of specific API to bind together, brought very big problem also for the user of client; Simultaneously, allowing multiple application effectively to share the mechanism of digital certificate, that also is that all right is ripe, can not realize sharing of certificate in the prior art, and this is very restricted application developer and user.
Summary of the invention
In order to realize sharing of certificate, making can be general mutually between the safety means that different vendor produces, and the embodiment of the invention provides a kind of method of Store Credentials.Described technical scheme is as follows:
A kind of method of Store Credentials, described method comprises:
Safety means and client computer connect;
Described safety means receive the instruction of the selection application catalogue file of described client computer transmission, carry the file ID of described application catalogue file in the instruction of described selection application catalogue file;
Described safety means select to use catalogue file according to the file ID of described application file catalogue;
Described safety means receive the instruction of the alternative catalogue file of described client computer transmission, carry the file ID of described object directory file in the instruction of described alternative catalogue file;
Described safety means are according to the file ID alternative catalogue file of described object directory file;
Described safety means receive the instruction of the reading object catalogue file content of described client computer transmission, and the content of the described object directory file that will read sends to described client computer;
Described client computer is according to the type of the information of the certificate of desiring to write described safety means, from the content of described object directory file, obtain the data storage file of type correspondence of the information of described certificate, and the information of described certificate is write in the described data storage file.
The file ID of described application catalogue file is 0x5015.
The file ID of described object directory file is 0x5031.
The type of the information of described certificate comprises: certificate information also comprises private key information and/or public key information.
After described safety means and client computer connected, described method also comprised:
In described safety means, create respectively and be used to store the file of described private key information, the file that is used to store the file of described public key information and is used to store described certificate information;
Creating file ID in described safety means is the object directory file of 0x5031, and the content of the described content that is used for storing the file of described private key information, the described file that is used for storing described public key information and the described content that is used for storing the file of described certificate information are write in the described object directory file.
Described client computer is according to the type of the information of the certificate of desiring to write described safety means, obtains the data storage file of type correspondence of the information of described certificate from the content of described object directory file, specifically comprises:
Described client computer obtains the storage directory file ID of type correspondence of the information of described certificate according to the content of the described object directory file that receives;
Described safety means receive the instruction of the selection storage directory file of described client computer transmission, carry described storage directory file ID in the instruction of described selection storage directory file;
Described safety means are selected the storage directory file according to described storage directory file ID;
Described safety means receive the instruction of reading described storage directory file that described client computer sends, and the content of the described storage directory file that will read sends to described client computer;
Described client computer obtains the data storage file ID of described certificate according to the content of the described storage directory file that receives.
When the type of the information of described certificate was certificate information, described client computer obtained the storage directory file ID of type correspondence of the information of described certificate according to the content of the described object directory file that receives, specifically comprise:
Described client computer is searched the A4 data in the content of described object directory file, described A4 data are the sign of certificate information;
If there are described A4 data, read the value of the data of the 1st byte after the described A4 data, as first read value;
Read the data of described first read value byte;
Whether the data of judging the 1st byte in the data of described first read value byte are 30;
If read the value of the data of the 1st byte after described 30 data, as the second reading value; If not, finish described method;
Read the data of a described second reading value byte;
Whether the data of judging the 1st byte in the data of a described second reading value byte are 04;
If read the value of the data of the 1st byte after described 04 data, as the third reading value; If not, finish described method;
Read the data of a described third reading value byte, with the data of a described third reading value byte storage directory file ID as described certificate information;
If there is no described A4 data finish described method.
When the type of the information of described certificate was private key information, described client computer obtained the storage directory file ID of type correspondence of the information of described certificate according to the content of the described object directory file that receives, specifically comprise:
Described client computer is searched the A0 data in the content of described object directory file, described A0 data are the sign of private key information;
If there are described A0 data, read the value of the data of the 1st byte after the described A0 data, as first read value;
Read the data of described first read value byte;
Whether the data of judging the 1st byte in the data of described first read value byte are 30;
If read the value of the data of the 1st byte after described 30 data, as the second reading value; If not, finish described method;
Read the data of a described second reading value byte;
Whether the data of judging the 1st byte in the data of a described second reading value byte are 04;
If read the value of the data of the 1st byte after described 04 data, as the third reading value; If not, finish described method;
Read the data of a described third reading value byte, with the data of a described third reading value byte storage directory file ID as described private key information;
If there is no described A0 data finish described method.
When the information type of described certificate was public key information, described client computer obtained the storage directory file ID of type correspondence of the information of described certificate according to the content of the described object directory file that receives, specifically comprise:
Described client computer is searched the A1 data in the content of described object directory file, described A1 data are the sign of public key information;
If there are described A1 data, read the value of the data of the 1st byte after the described A1 data, as first read value;
Read the data of described first read value byte;
Whether the data of judging the 1st byte in the data of described first read value byte are 30;
If read the value of the data of the 1st byte after described 30 data, as the second reading value; If not, finish described method;
Read the data of a described second reading value byte;
Whether the data of judging the 1st byte in the data of a described second reading value byte are 04;
If read the value of the data of the 1st byte after described 04 data, as the third reading value; If not, finish described method;
Read the data of a described third reading value byte, with the data of a described third reading value byte storage directory file ID as described public key information;
If there is no described A1 data finish described method.
Described client computer obtains the data storage file ID of the information of described certificate according to the content of the described storage directory file that receives, and specifically comprises:
Described client computer is searched the A1 data in the content of described storage directory file;
If there are described A1 data:
Read the value of the data of first byte after the described A1 data, as first read value;
Read the data of described first read value byte;
Whether the data of judging the 1st byte in the data of described first read value byte are 30;
If read the value of the data of the 1st byte after described 30 data, as the second reading value; If not, finish described method;
Read the data of a described second reading value byte;
Whether the data of judging the 1st byte in the data of a described second reading value byte are 30;
If read the value of the data of the 1st byte after described 30 data, as the third reading value; If not, finish described method;
Read the data of a described third reading value byte;
Whether the data of judging the 1st byte in the data of a described third reading value byte are 04;
If read the value of the data of the 1st byte after described 04 data, as the 4th read value; If not, finish described method;
Read the data of described the 4th a read value byte, as the storage file ID of described certificate;
Read the data of the 1st byte after the data of described the 4th a read value byte, take a decision as to whether 02;
If read the value of the data of the 1st byte after described 02 data, as the 5th read value; If not, finish described method;
Read the data of described the 5th a read value byte, as the offset address of information in described data storage file of described certificate;
Read the data of the 1st byte after the data of described the 5th a read value byte, take a decision as to whether 08;
If read the value of the data of the 1st byte after described 08 data, as the 6th read value; If not, finish described method;
Read the data of described the 6th a read value byte, as the length of described certificate;
If there is no described A1 data finish described method.
Described information with described certificate writes in the described data storage file, specifically comprises:
Described safety means receive the instruction of the selection data storage file of described client computer transmission, carry described data storage file ID in the instruction of described selection data storage file;
Described safety means are selected data storage file according to described data storage file ID;
Described client computer sends the write data instruction to described safety means, the information of carrying described certificate in the write data instruction;
Described safety means write the information of described certificate in the described data storage file.
The beneficial effect that the technical scheme that the embodiment of the invention provides is brought is:
The interactive operation of computer and safety means by client is written to certificate in the specified file of safety means, has realized the shared storage of certificate.
Description of drawings
Fig. 1 is the method flow diagram of the Store Credentials that provides in the embodiment of the invention 1;
Fig. 2 is the method flow diagram of the Store Credentials that provides in the embodiment of the invention 2;
Fig. 3 is the method flow diagram of the Store Credentials that provides in the embodiment of the invention 3.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, embodiment of the present invention is described further in detail below in conjunction with accompanying drawing.
Embodiment 1
Present embodiment provides a kind of method of Store Credentials, in embodiments of the present invention, the information type of certificate comprises certificate information at least, further can also comprise in private key information, the public key information one or two, safety means are example with the smart card, and the various information that how to describe in detail certificate are written in the safety means respectively.
Before the method for explanation Store Credentials, the initialization procedure of smart card once at first is described, specific as follows:
Step 001: the file of on smart card, creating storage private key information, public key information, certificate information respectively;
Wherein, in the present embodiment, the file ID of the file of storage private key information can be that the file ID of the file of 0x4401, Store Credentials information can be 0x4404 for the file ID of the file of 0x4400, storage of public keys information.
Step 002: creating file ID on smart card is the file of 0x5031, and is the information of the file created in the write step 001 in the file of 0x5031 at this document ID.
Wherein, the information of file can but be not limited to comprise TLV (tag length value, label length value) coded format of file etc.
Wherein, in the present embodiment, write data can for:
A006300404024400 (file ID is the TLV coded format of 0x4400)
A106300404024401 (file ID is the TLV coded format of 0x4401)
A406300404024404 (file ID is the TLV coded format of 0x4404)
So far, finish initialization procedure to smart card.
After smart card is finished initialization, referring to Fig. 1, provide a kind of private key information in the certificate has been write the method for smart card, specifically comprise:
Step 101: smart card and client computer connect;
Step 102: client computer sends the select File instruction of selecting to use catalogue file (file ID is 0x5015) to smart card;
Wherein, the select File ID in this step is that the select File instruction of the application catalogue file of 0x5015 is specifically as follows: and APDU apdu (0x00,0xA4,0x00,0x00,0x02,0x5015).
Step 103: it is the select File instruction of the application catalogue file of 0x5015 that smart card receives the select File ID that client computer sends, and select File ID is the file of 0x5015, and execution result is returned to client computer;
When smart card select File when success, execution result is the pairing successfully sign of application catalogue file success that select File ID is 0x5015, need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When the smart card select File was failed, it was the application catalogue file of the 0x5015 pairing failure sign of failing that execution result is select File ID.
Step 104: whether the execution result that the smart card that the client computer judgement receives returns is for successfully identifying;
If then client computer is judged the success of smart card select File, execution in step 105;
If not, finish the storage operation of certificate.
Step 105: client computer sends the select File instruction of alternative catalogue file (file ID is 0x5031) to smart card;
Wherein, the instruction of the select File of the alternative catalogue file in this step is specifically as follows: and APDUapdu (0x00,0xA4,0x00,0x00,0x02,0x5031).
Step 106: it is the select File instruction of the object directory file of 0x5031 that smart card receives the select File ID that client computer sends, and select File ID is the file of 0x5031, execution result is returned to the computer of client;
When smart card select File when success, execution result is the pairing successfully sign of object directory file success that select File ID is 0x5031, need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When the smart card select File was failed, it was the object directory file of the 0x5031 pairing failure sign of failing that execution result is select File ID.
Step 107: whether the execution result that the smart card that the client computer judgement receives returns is for successfully identifying;
If then client computer is judged the success of smart card select File, execution in step 108;
If not, finish the storage operation of certificate.
Step 108: client computer sends the file instruction that reads of reading object catalogue file (file ID is 0x5031) to smart card;
Wherein, the file instruction that reads that reads file ID in this step and be the object directory file of 0x5031 is specifically as follows: and APDU apdu (0x80,0xB0,0x00,0x00,0x00,0x00).
Step 109: smart card receives that client computer sends read file ID be 0x5031 the object directory file read file instruction, and execution result is sent to client computer;
When smart card reads file when success, execution result is to read the pairing successfully sign of object directory file success that file ID is 0x5031, and file ID is the data content in the object directory file of 0x5031.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When smart card reads file when failure, execution result is and reads file ID is the object directory file of the 0x5031 pairing failure sign of failing.
Step 110: client computer judges whether comprise successfully sign in the execution result that smart card returns;
If comprise successfully sign, illustrate that then client computer has got access to the content of the object directory file in the smart card.Client computer can no longer repeat to obtain the content in this object directory file before smart card pulls away computer, therefore, the various information types in the certificate are being write under the situation of smart card one by one, and no longer repeating step 101 is to step 109.
Comprise also in the execution result that client computer receives that file ID is the data content of the object directory file of 0x5031, concrete data content can be as follows:
A0?06?30?04?04?02?44?00
A1?06?30?04?04?02?44?01
A4?06?30?04?04?02?44?04
Client computer is selected the pairing storage directory file ID of this information type according to the information type of desiring to write the certificate in the smart card from the data content that receives.
When the information type of the certificate of desiring to write smart card was private key information, concrete operation was as follows:
(1) search A0 data in the data, wherein, the A0 representative be the private key sign.
(2) if find the A0 data, the data (data of A0 back are 06 in the present embodiment) that then read 1 byte in A0 back are as first read value; If search, then finish the storage operation of certificate less than A0;
(3) read the data of 6 bytes of first read value, 06 back, search the 1st byte of data streams read, if finding the 1st byte is 30, the data (data of the 1st of 30 back the byte are 04 in the present embodiment) that then read 1 byte of 30 back are as the second reading value; If finding the 1st byte is not 30, then finish the storage operation of certificate;
(4) read 4 bytes of second reading value 04 back, the 1st byte of searching data streams read, if find 04, the data (data of 1 of 04 back byte are 02 in the present embodiment) that then read 1 byte of 04 back are as the third reading value; If finding the 1st byte is not 04, then finish the storage operation of certificate;
(5) read 2 bytes of third reading value 02 back, the data that obtain are the store path (be 4400 in the present embodiment, promptly the store path of private key data is that file ID is the file of 0x4400) of the data of A0 representative, and execution in step 111.
If do not comprise successfully sign, finish the storage operation of certificate.
Step 111: client computer sends the select File instruction of selecting storage directory file (file ID is 0x4400) to smart card;
Wherein, select File ID is that the select File instruction of the storage directory file of 0x4400 is specifically as follows in this step: and APDU apdu (0x00,0xA4,0x00,0x00,0x02,0x4400).
Step 112: smart card receives the select File instruction that select File ID is the storage directory file of 0x4400, and select File ID is the file of 0x4400, and execution result is returned to client computer;
When the success of smart card select File, execution result is the pairing successfully sign of storage directory file success of 0x4400 for select File ID.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When the smart card select File was failed, it was the 0x4400 pairing failure sign of failing that execution result is select File ID.
Step 113: whether the execution result that the smart card that the client computer judgement receives returns is for successfully identifying;
If then client computer is judged the success of smart card select File, then execution in step 114;
If not, then finish the storage operation of certificate.
Step 114: client computer sends the file instruction that reads that reads storage directory file (file ID is 0x4400) to smart card;
Wherein, the file instruction that reads that reads file ID in this step and be the storage directory file of 0x4400 is specifically as follows: and APDU apdu (0x80,0xB0,0x00,0x00,0x00,0x00).
Step 115: smart card receive and carry out read file ID be 0x4400 the storage directory file read file instruction, and execution result is returned to client computer;
When smart card reads file when success, execution result is to read the pairing successfully sign of storage directory file success that file ID is 0x4400, and file ID is the data content in the storage directory file of 0x4400.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When smart card reads file when failure, execution result is and reads file ID is the storage directory file of the 0x4400 pairing failure sign of failing.
Step 116: client computer judges whether comprise successfully sign in the execution result that smart card returns;
If comprise successfully sign, then comprise that also file ID is the data content of the storage directory file of 0x4400 in the received execution result of client computer, concrete data content is as follows:
A1?13?30?11?30?0B?04?02?43?01?02?01?00?80?02?00?8D?02?02?04?00
Client computer carries out following operation according to the data content that receives:
(1) searches A1 data in the data;
If find A1, the data (being 13 in the present embodiment) that then read the 1st byte of A1 back are as first read value;
If search, then finish the storage operation of certificate less than A1.
(2) read the data of 0x13 byte of first read value, 13 back, the 1st byte of searching data streams read, if 30, the data (being 11 in the present embodiment) that then read the 1st byte of 30 back are as the second reading value; If not 30, then finish the storage operation of certificate;
(3) read the data of 0x11 byte of second reading value 11 back, the 1st byte of searching data streams read, if 30, the data (being 0B in the present embodiment) that then read the 1st byte of 30 back are as the third reading value; If not 30, then finish the storage operation of certificate;
(4) read the data of 0x0B byte of third reading value 0B back, the 1st byte of searching data streams read, if 04, the data (present embodiment meta 02) of the 1st byte that then read 04 back are as the 4th read value; If not 04, then finish the storage operation of certificate;
(5) read the data of 0x02 byte of the 4th read value 02 back, resulting data are the store path (be 4301 in the present embodiment, promptly the store path of private key data is 0x4301) of private key data;
(6) read the data of 4301 back, the 1st byte of searching data streams read, if 02, the data (being 01 in the present embodiment) that read 1 byte of 02 back are as the 5th read value; If not 02, then finish the storage operation of certificate;
(7) read the data of 0x01 byte of the 5th read value 01 back, described data are the offset address (in present embodiment be 00, promptly private key data offset address in data storage file be 00) of private key data in data storage file;
(8) read the data of 00 back, the 1st byte of searching data streams read, if 80,1 byte data (being 02 in the present embodiment) that then reads after 80s is as the 6th read value; If not 80, then finish the storage operation of certificate;
(9) read the data of 0x02 byte of the 6th read value 02 back, the length of gained data bit private key data (be 008D in the present embodiment, promptly the length of private key data is 008D)
So far, client computer obtains following information: the file ID that will deposit the data storage file of private key data is 0x4301, the private key data that will deposit is 00 at the offset address of data storage file, and the space that the private key data that will deposit takies data storage file is 0x8D.
If do not comprise successfully sign, then finish the storage operation of certificate.
Step 117: client computer sends the select File instruction of selecting data storage file (file ID is 0x4301) to smart card;
Wherein, select File ID is that the select File instruction of the data storage file of 0x4301 is specifically as follows: and APDU apdu (0x00,0xA4,0x00,0x00,0x02,0x4301).
Step 118: smart card receives the select File instruction that select File ID is the data storage file of 0x4301, and select File ID is the file of 0x4301, again execution result is returned to client computer;
When the success of smart card select File, execution result is the pairing successfully sign of data storage file success of 0x4301 for select File ID.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When the smart card select File was failed, it was the 0x4301 pairing failure sign of failing that execution result is select File ID.
Step 119: client computer judges that whether execution result that smart card returns is for successfully identifying;
If then client computer is judged the success of smart card select File, execution in step 120;
If not, finish the storage operation of certificate.
Step 120: client computer sends the write data instruction to smart card, and wherein, the data of desiring to write smart card are private key information;
Wherein, the write data instruction is specifically as follows: and APDU apdu (0x80,0xD6,0x00,0x00,0x00,0x00).
Step 121: smart card receives and carries out the write data instruction, private key information is write in the data storage file that file ID is 0x4301, and execution result is returned to client computer;
When smart card write the data success, execution result was to write the pairing successfully sign of data storage file success that file ID is 0x4301.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When smart card writes file when failure, execution result is and writes file ID is the data storage file of the 0x4301 pairing failure sign of failing.
Step 122: client computer judges that whether execution result that smart card returns is for successfully identifying;
If then store the private key data success;
If not, then finish the storage operation of certificate.
Replaceable, in above-mentioned steps 110, when the information type of the certificate of desiring to write smart card was public key information, concrete operation was as follows:
(1) search A1 data in the data, wherein, the A1 representative be the PKI sign.
(2) if find the A1 data, the data (data of A1 back are 06 in the present embodiment) that then read 1 byte in A1 back are as first read value; If search data, then finish the storage operation of certificate less than A1;
(3) read the data of 6 bytes of first read value, 06 back, search the 1st byte of data streams read, if finding the 1st byte is 30, the data (data of the 1st of 30 back the byte are 04 in the present embodiment) that then read 1 byte of 30 back are as the second reading value; If finding the 1st byte is not 30, then finish the storage operation of certificate;
(4) read 4 bytes of second reading value 04 back, the 1st byte of searching data streams read, if find 04, the data (data of 1 of 04 back byte are 02 in the present embodiment) that then read 1 byte of 04 back are as the third reading value; If finding the 1st byte is not 04, then finish the storage operation of certificate;
(5) read 2 bytes of third reading value 02 back, the data that obtain are the store path (be 4401 in the present embodiment, promptly the store path of public key data is that file ID is the file of 0x4401) of the data of A1 representative, and execution in step 211.
If do not comprise successfully sign, finish the storage operation of certificate.
Step 211: client computer sends the select File instruction of selecting storage directory file (file ID is 0x4401) to smart card;
Wherein, select File ID is that the select File instruction of the storage directory file of 0x4401 is specifically as follows in this step: and APDU apdu (0x00,0xA4,0x00,0x00,0x02,0x4401).
Step 212: smart card receives the select File instruction that select File ID is the storage directory file of 0x4401, and select File ID is the file of 0x4401, and execution result is returned to client computer;
When the success of smart card select File, execution result is the pairing successfully sign of storage directory file success of 0x4401 for select File ID.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When the smart card select File was failed, it was the 0x4401 pairing failure sign of failing that execution result is select File ID.
Step 213: whether the execution result that the smart card that the client computer judgement receives returns is for successfully identifying;
If then client computer is judged the success of smart card select File, then execution in step 214;
If not, then finish the storage operation of certificate.
Step 214: client computer sends the file instruction that reads that reads storage directory file (file ID is 0x4401) to smart card;
Wherein, the file instruction that reads that reads file ID in this step and be the storage directory file of 0x4401 is specifically as follows: and APDU apdu (0x80,0xB0,0x00,0x00,0x00,0x00).
Step 215: smart card receive and carry out read file ID be 0x4401 the storage directory file read file instruction, and execution result is returned to client computer;
When smart card reads file when success, execution result is to read the pairing successfully sign of storage directory file success that file ID is 0x4401, and file ID is the data content in the storage directory file of 0x4401.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When smart card reads file when failure, execution result is and reads file ID is the storage directory file of the 0x4401 pairing failure sign of failing.
Step 216: client computer judges whether comprise successfully sign in the execution result that smart card returns;
If comprise successfully sign, then comprise that also file ID is the data content of the storage directory file of 0x4401 in the received execution result of client computer, concrete data content is as follows:
A1?13?30?11?30?0B?04?02?43?00?02?01?00?80?02?00?8D?02?02?04?00
Client computer carries out following operation according to the data content that receives:
(1) searches A1 data in the data;
If find A1, the data (being 13 in the present embodiment) that then read the 1st byte of A1 back are as first read value;
If search, then finish the storage operation of certificate less than A1.
(2) read the data of 0x13 byte of first read value, 13 back, the 1st byte of searching data streams read, if 30, the data (being 11 in the present embodiment) that then read the 1st byte of 30 back are as the second reading value; If not 30, then finish the storage operation of certificate;
(3) read the data of 0x11 byte of second reading value 11 back, the 1st byte of searching data streams read, if 30, the data (being 0B in the present embodiment) that then read the 1st byte of 30 back are as the third reading value; If not 30, then finish the storage operation of certificate;
(4) read the data of 0x0B byte of third reading value 0B back, the 1st byte of searching data streams read, if 04, the data (present embodiment meta 02) of the 1st byte that then read 04 back are as the 4th read value; If not 04, then finish the storage operation of certificate;
(5) read the data of 0x02 byte of the 4th read value 02 back, resulting data are the store path (be 4301 in the present embodiment, promptly the store path of public key data is 0x4300) of public key data;
(6) read the data of 4300 back, the 1st byte of searching data streams read, if 02, the data (being 01 in the present embodiment) that read 1 byte of 02 back are as the 5th read value; If not 02, then finish the storage operation of certificate;
(7) read the data of 0x01 byte of the 5th read value 01 back, described data are the offset address (in present embodiment be 00, promptly public key data offset address in data storage file be 00) of public key data in data storage file;
(8) read the data of 00 back, the 1st byte of searching data streams read, if 80,1 byte data (being 02 in the present embodiment) that then reads after 80s is as the 6th read value; If not 80, then finish the storage operation of certificate;
(9) read the data of 0x02 byte of the 6th read value 02 back, the length of gained data bit public key data (be 008D in the present embodiment, promptly the length of public key data is 008D)
So far, client computer obtains following information: the file ID that will deposit the data storage file of public key data is 0x4300, the public key data that will deposit is 00 at the offset address of data storage file, and the space that the public key data that will deposit takies data storage file is 0x8D.
If do not comprise successfully sign, then finish the storage operation of certificate.
Step 217: client computer sends the select File instruction of selecting data storage file (file ID is 0x4300) to smart card;
Wherein, select File ID is that the select File instruction of the data storage file of 0x4300 is specifically as follows: and APDU apdu (0x00,0xA4,0x00,0x00,0x02,0x4300).
Step 218: smart card receives the select File instruction that select File ID is the data storage file of 0x4300, and select File ID is the file of 0x4300, again execution result is returned to client computer;
When the success of smart card select File, execution result is to read the pairing successfully sign of data storage file success that file ID is 0x4300.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When the smart card select File was failed, it was the 0x4300 pairing failure sign of failing that execution result is select File ID.
Step 219: client computer judges that whether execution result that smart card returns is for successfully identifying;
If then client computer is judged the success of smart card select File, execution in step 220;
If not, finish the storage operation of certificate.
Step 220: client computer sends the write data instruction to smart card, and wherein, the data of desiring to write smart card are public key information;
Wherein, the write data instruction is specifically as follows: and APDU apdu (0x80,0xD6,0x00,0x00,0x00,0x00).
Step 221: smart card receives and carries out the write data instruction, public key information is write in the data storage file that file ID is 0x4300, and execution result is returned to client computer;
When smart card write the data success, execution result was to write the pairing successfully sign of data storage file success that file ID is 0x4300.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When smart card writes file when failure, execution result is and writes file ID is the data storage file of the 0x4300 pairing failure sign of failing.
Step 222: client computer judges that whether execution result that smart card returns is for successfully identifying;
If, then storage of public keys data success;
If not, then finish the storage operation of certificate.
Replaceable, in above-mentioned steps 110, when the information type of the certificate of desiring to write smart card was certificate information, concrete operation was as follows:
(1) search A4 data in the data, wherein, the A4 representative be the certificate sign.
(2) if find the A4 data, the data (data of A4 back are 06 in the present embodiment) that then read 1 byte in A4 back are as first read value; If search data, then finish the storage operation of certificate less than A4;
(3) read the data of 6 bytes of first read value, 06 back, search the 1st byte of data streams read, if finding the 1st byte is 30, the data (data of the 1st of 30 back the byte are 04 in the present embodiment) that then read 1 byte of 30 back are as the second reading value; If finding the 1st byte is not 30, then finish the storage operation of certificate;
(4) read 4 bytes of second reading value 04 back, the 1st byte of searching data streams read, if find 04, the data (data of 1 of 04 back byte are 02 in the present embodiment) that then read 1 byte of 04 back are as the third reading value; If finding the 1st byte is not 04, then finish the storage operation of certificate;
(5) read 2 bytes of third reading value 02 back, the data that obtain are the store path (be 4404 in the present embodiment, promptly the store path of certificate data is that file ID is the file of 0x4404) of the data of A1 representative, and execution in step 211.
If do not comprise successfully sign, finish the storage operation of certificate.
Step 311: client computer sends the select File instruction of selecting storage directory file (file ID is 0x4404) to smart card;
Wherein, select File ID is that the select File instruction of the storage directory file of 0x4404 is specifically as follows in this step: and APDU apdu (0x00,0xA4,0x00,0x00,0x02,0x4404).
Step 312: smart card receives the select File instruction that select File ID is the storage directory file of 0x4404, and select File ID is the file of 0x4404, and execution result is returned to client computer;
When the success of smart card select File, execution result is the pairing successfully sign of storage directory file success of 0x4404 for select File ID.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When the smart card select File was failed, it was the 0x4404 pairing failure sign of failing that execution result is select File ID.
Step 313: whether the execution result that the smart card that the client computer judgement receives returns is for successfully identifying;
If then client computer is judged the success of smart card select File, then execution in step 314;
If not, then finish the storage operation of certificate.
Step 314: client computer sends the file instruction that reads that reads storage directory file (file ID is 0x4404) to smart card;
Wherein, the file instruction that reads that reads file ID in this step and be the storage directory file of 0x4404 is specifically as follows: and APDU apdu (0x80,0xB0,0x00,0x00,0x00,0x00).
Step 315: smart card receive and carry out read file ID be 0x4404 the storage directory file read file instruction, and execution result is returned to client computer;
When smart card reads file when success, execution result is to read the pairing successfully sign of storage directory file success that file ID is 0x4404, and file ID is the data content in the storage directory file of 0x4404.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When smart card reads file when failure, execution result is and reads file ID is the storage directory file of the 0x4404 pairing failure sign of failing.
Step 316: client computer judges whether comprise successfully sign in the execution result that smart card returns;
If comprise successfully sign, then comprise that also file ID is the data content of the storage directory file of 0x4404 in the received execution result of client computer, concrete data content is as follows:
A1?10?30?0E?30?0C?04?02?43?00?02?02?00?8D?80?02?06?5E?00
Client computer carries out following operation according to the data content that receives:
(1) searches A4 data in the data;
If find A4, the data (being 10 in the present embodiment) that then read the 1st byte of A4 back are as first read value;
If search, then finish the storage operation of certificate less than A4.
(2) read the data of 10 bytes of first read value, 10 back, the 1st byte of searching data streams read, if 30, the data (being 0E in the present embodiment) that then read the 1st byte of 30 back are as the second reading value; If not 30, then finish the storage operation of certificate;
(3) read the data of 0E byte of second reading value 0E back, the 1st byte of searching data streams read, if 30, the data (being 0C in the present embodiment) that then read the 1st byte of 30 back are as the third reading value; If not 30, then finish the storage operation of certificate;
(4) read the data of 0C byte of third reading value 0C back, the 1st byte of searching data streams read, if 04, the data (present embodiment meta 02) of the 1st byte that then read 04 back are as the 4th read value; If not 04, then finish the storage operation of certificate;
(5) read the data of 2 bytes of the 4th read value 02 back, resulting data are the store path (be 4300 in the present embodiment, promptly the store path of certificate data is 0x4300) of certificate data;
(6) read the data of 4300 back, the 1st byte of searching data streams read, if 02, the data (being 02 in the present embodiment) that read 1 byte of 02 back are as the 5th read value; If not 02, then finish the storage operation of certificate;
(7) read the data of 2 bytes of the 5th read value 02 back, described data are the offset address (in present embodiment be 008D, promptly certificate data offset address in data storage file be 008D) of certificate data in data storage file;
(8) read the data of 008D back, the 1st byte of searching data streams read, if 80,1 byte data (being 02 in the present embodiment) that then reads after 80s is as the 6th read value; If not 80, then finish the storage operation of certificate;
(9) read the data of 2 bytes of the 6th read value 02 back, the length of gained data bit certificate data (be 065E in the present embodiment, promptly the length of certificate data is 065E)
So far, client computer obtains following information: the file ID that will deposit the data storage file of certificate data is 0x4300, the certificate data that will deposit is 0x8D at the offset address of data storage file, and the space that the certificate data that will deposit takies data storage file is 0x65E.
If do not comprise successfully sign, then finish the storage operation of certificate.
Step 317: client computer sends the select File instruction of selecting data storage file (file ID is 0x4300) to smart card;
Wherein, select File ID is that the select File instruction of the data storage file of 0x4300 is specifically as follows: and APDU apdu (0x00,0xA4,0x00,0x00,0x02,0x4300).
Step 318: smart card receives the select File instruction that select File ID is the data storage file of 0x4300, and select File ID is the file of 0x4300, again execution result is returned to client computer;
When the success of smart card select File, execution result is the pairing successfully sign of data storage file success of 0x4300 for select File ID.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When the smart card select File was failed, it was the 0x4300 pairing failure sign of failing that execution result is select File ID.
Step 319: client computer judges that whether execution result that smart card returns is for successfully identifying;
If then client computer is judged the success of smart card select File, execution in step 320;
If not, finish the storage operation of certificate.
Step 320: client computer sends the write data instruction to smart card, and wherein, the data of desiring to write smart card are certificate information;
Wherein, the write data instruction is specifically as follows: and APDU apdu (0x80,0xD6,0x00,0x00,0x00,0x00).
Step 321: smart card receives and carries out the write data instruction, certificate information is write in the data storage file that file ID is 0x4300, and execution result is returned to client computer;
When smart card write the data success, execution result was to write the pairing successfully sign of data storage file success that file ID is 0x4300.Need to prove, successfully sign can comprise a variety of, as 0x9000 etc.;
When smart card writes file when failure, execution result is and writes file ID is the data storage file of the 0x4300 pairing failure sign of failing.
Step 322: client computer judges that whether execution result that smart card returns is for successfully identifying;
If, then Store Credentials data success;
If not, then finish the storage operation of certificate.
To sum up, need to prove, certificate information is to have to be written in the smart card, private key information and public key information are optional writing, if have 2 kinds and above needs to write the certificate information type of smart card, then write one by one, but for the sequencing that writes, present embodiment is not done strict restriction.
The embodiment of the invention provides a kind of method of Store Credentials, by the interactive operation between client computer and the safety means, certificate is written in the specified file of safety means, finishes the process that writes certificate to safety means, realized the shared storage of certificate.
The above only is preferred embodiment of the present invention, and is in order to restriction the present invention, within the spirit and principles in the present invention not all, any modification of being done, is equal to replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (11)

1, a kind of method of Store Credentials is characterized in that, described method comprises:
Safety means and client computer connect;
Described safety means receive the instruction of the selection application catalogue file of described client computer transmission, carry the file ID of described application catalogue file in the instruction of described selection application catalogue file;
Described safety means select to use catalogue file according to the file ID of described application file catalogue;
Described safety means receive the instruction of the alternative catalogue file of described client computer transmission, carry the file ID of described object directory file in the instruction of described alternative catalogue file;
Described safety means are according to the file ID alternative catalogue file of described object directory file;
Described safety means receive the instruction of the reading object catalogue file content of described client computer transmission, and the content of the described object directory file that will read sends to described client computer;
Described client computer is according to the type of the information of the certificate of desiring to write described safety means, from the content of described object directory file, obtain the data storage file of type correspondence of the information of described certificate, and the information of described certificate is write in the described data storage file.
2, the method for Store Credentials as claimed in claim 1 is characterized in that, the file ID of described application catalogue file is 0x5015.
3, the method for Store Credentials as claimed in claim 1 is characterized in that, the file ID of described object directory file is 0x5031.
4, the method for the Store Credentials described in claim 1 is characterized in that, the type of the information of described certificate comprises: certificate information also comprises private key information and/or public key information.
5, the method for Store Credentials as claimed in claim 4 is characterized in that, after described safety means and client computer connected, described method also comprised:
In described safety means, create respectively and be used to store the file of described private key information, the file that is used to store the file of described public key information and is used to store described certificate information;
Creating file ID in described safety means is the object directory file of 0x5031, and the content of the described content that is used for storing the file of described private key information, the described file that is used for storing described public key information and the described content that is used for storing the file of described certificate information are write in the described object directory file.
6, the method for Store Credentials as claimed in claim 1, it is characterized in that, described client computer is according to the type of the information of the certificate of desiring to write described safety means, from the content of described object directory file, obtain the data storage file of type correspondence of the information of described certificate, specifically comprise:
Described client computer obtains the storage directory file ID of type correspondence of the information of described certificate according to the content of the described object directory file that receives;
Described safety means receive the instruction of the selection storage directory file of described client computer transmission, carry described storage directory file ID in the instruction of described selection storage directory file;
Described safety means are selected the storage directory file according to described storage directory file ID;
Described safety means receive the instruction of reading described storage directory file that described client computer sends, and the content of the described storage directory file that will read sends to described client computer;
Described client computer obtains the data storage file ID of the information of described certificate according to the content of the described storage directory file that receives.
7, the method for Store Credentials as claimed in claim 6, it is characterized in that, when the type of the information of described certificate was certificate information, described client computer obtained the storage directory file ID of described certificate information correspondence according to the content of the described object directory file that receives, and specifically comprises:
Described client computer is searched the A4 data in the content of described object directory file, described A4 data are the sign of certificate information;
If there are described A4 data, read the value of the data of the 1st byte after the described A4 data, as first read value;
Read the data of described first read value byte;
Whether the data of judging the 1st byte in the data of described first read value byte are 30;
If read the value of the data of the 1st byte after described 30 data, as the second reading value; If not, finish described method;
Read the data of a described second reading value byte;
Whether the data of judging the 1st byte in the data of a described second reading value byte are 04;
If read the value of the data of the 1st byte after described 04 data, as the third reading value; If not, finish described method;
Read the data of a described third reading value byte, with the data of a described third reading value byte storage directory file ID as described certificate information;
If there is no described A4 data finish described method.
8, the method for Store Credentials as claimed in claim 6, it is characterized in that, when the type of the information of described certificate was private key information, described client computer obtained the storage directory file ID of described private key information correspondence according to the content of the described object directory file that receives, and specifically comprises:
Described client computer is searched the A0 data in the content of described object directory file, described A0 data are the sign of private key information;
If there are described A0 data, read the value of the data of the 1st byte after the described A0 data, as first read value;
Read the data of described first read value byte;
Whether the data of judging the 1st byte in the data of described first read value byte are 30;
If read the value of the data of the 1st byte after described 30 data, as the second reading value; If not, finish described method;
Read the data of a described second reading value byte;
Whether the data of judging the 1st byte in the data of a described second reading value byte are 04;
If read the value of the data of the 1st byte after described 04 data, as the third reading value; If not, finish described method;
Read the data of a described third reading value byte, with the data of a described third reading value byte storage directory file ID as described private key information;
If there is no described A0 data finish described method.
9, the method for Store Credentials as claimed in claim 6, it is characterized in that, when the type of the information of described certificate was public key information, described client computer obtained the storage directory file ID of described public key information correspondence according to the content of the described object directory file that receives, and specifically comprises:
Described client computer is searched the A1 data in the content of described object directory file, described A1 data are for being total to the sign of key information;
If there are described A1 data, read the value of the data of the 1st byte after the described A1 data, as first read value;
Read the data of described first read value byte;
Whether the data of judging the 1st byte in the data of described first read value byte are 30;
If read the value of the data of the 1st byte after described 30 data, as the second reading value; If not, finish described method;
Read the data of a described second reading value byte;
Whether the data of judging the 1st byte in the data of a described second reading value byte are 04;
If read the value of the data of the 1st byte after described 04 data, as the third reading value; If not, finish described method;
Read the data of a described third reading value byte, with the data of a described third reading value byte storage directory file ID as described public key information;
If there is no described A1 data finish described method.
10, the method for Store Credentials as claimed in claim 6 is characterized in that, described client computer obtains the data storage file ID of the information of described certificate according to the content of the described storage directory file that receives, and specifically comprises:
Described client computer is searched the A1 data in the content of described storage directory file;
If there are described A1 data:
Read the value of the data of first byte after the described A1 data, as first read value;
Read the data of described first read value byte;
Whether the data of judging the 1st byte in the data of described first read value byte are 30;
If read the value of the data of the 1st byte after described 30 data, as the second reading value; If not, finish described method;
Read the data of a described second reading value byte;
Whether the data of judging the 1st byte in the data of a described second reading value byte are 30;
If read the value of the data of the 1st byte after described 30 data, as the third reading value; If not, finish described method;
Read the data of a described third reading value byte;
Whether the data of judging the 1st byte in the data of a described third reading value byte are 04;
If read the value of the data of the 1st byte after described 04 data, as the 4th read value; If not, finish described method;
Read the data of described the 4th a read value byte, as the data storage file ID of the information of described certificate;
Read the data of the 1st byte after the data of described the 4th a read value byte, take a decision as to whether 02;
If read the value of the data of the 1st byte after described 02 data, as the 5th read value; If not, finish described method;
Read the data of described the 5th a read value byte, as the offset address of information in described data storage file of described certificate;
Read the data of the 1st byte after the data of described the 5th a read value byte, take a decision as to whether 80;
If read the value of the data of the 1st byte after described 80 data, as the 6th read value; If not, finish described method;
Read the data of described the 6th a read value byte, as the length of the information of described certificate;
If there is no described A1 data finish described method.
11, the method for Store Credentials as claimed in claim 6 is characterized in that, described information with described certificate writes in the described data storage file, specifically comprises:
Described safety means receive the instruction of the selection data storage file of described client computer transmission, carry described data storage file ID in the instruction of described selection data storage file;
Described safety means are selected data storage file according to described data storage file ID;
Described client computer sends the write data instruction to described safety means, the information of carrying described certificate in the write data instruction;
Described safety means write the information of described certificate in the described data storage file.
CN200910086342A 2009-05-31 2009-05-31 Method for storing certificate Active CN101674301B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN200910086342A CN101674301B (en) 2009-05-31 2009-05-31 Method for storing certificate

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN200910086342A CN101674301B (en) 2009-05-31 2009-05-31 Method for storing certificate

Publications (2)

Publication Number Publication Date
CN101674301A true CN101674301A (en) 2010-03-17
CN101674301B CN101674301B (en) 2012-09-05

Family

ID=42021288

Family Applications (1)

Application Number Title Priority Date Filing Date
CN200910086342A Active CN101674301B (en) 2009-05-31 2009-05-31 Method for storing certificate

Country Status (1)

Country Link
CN (1) CN101674301B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9256446B2 (en) 2010-01-28 2016-02-09 Huawei Device Co., Ltd. Method and apparatus for component display processing
CN108183804A (en) * 2018-03-28 2018-06-19 湖南东方华龙信息科技有限公司 Certificate sharing method
CN113141353A (en) * 2021-04-08 2021-07-20 深圳云里物里科技股份有限公司 Storage method, reading method and device of digital certificate and gateway
CN117314476A (en) * 2023-11-28 2023-12-29 四川隧唐科技股份有限公司 Certificate data integration method and device

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007515092A (en) * 2003-12-18 2007-06-07 松下電器産業株式会社 Program data file storage method and authentication program execution method
JP2006246272A (en) * 2005-03-07 2006-09-14 Fuji Xerox Co Ltd Certificate acquisition system
CN100585608C (en) * 2007-09-25 2010-01-27 北大方正集团有限公司 Data file safe treatment method and system

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9256446B2 (en) 2010-01-28 2016-02-09 Huawei Device Co., Ltd. Method and apparatus for component display processing
US10698563B2 (en) 2010-01-28 2020-06-30 Huawei Device (Dongguan) Co., Ltd. Method and apparatus for component display processing
US10983668B2 (en) 2010-01-28 2021-04-20 Huawei Device Co., Ltd. Method and apparatus for component display processing
CN108183804A (en) * 2018-03-28 2018-06-19 湖南东方华龙信息科技有限公司 Certificate sharing method
CN108183804B (en) * 2018-03-28 2021-01-26 湖南东方华龙信息科技有限公司 Certificate sharing method
CN113141353A (en) * 2021-04-08 2021-07-20 深圳云里物里科技股份有限公司 Storage method, reading method and device of digital certificate and gateway
CN117314476A (en) * 2023-11-28 2023-12-29 四川隧唐科技股份有限公司 Certificate data integration method and device
CN117314476B (en) * 2023-11-28 2024-02-27 四川隧唐科技股份有限公司 Certificate data integration method and device

Also Published As

Publication number Publication date
CN101674301B (en) 2012-09-05

Similar Documents

Publication Publication Date Title
US7526625B2 (en) Semiconductor memory card, and program for controlling the same
CN101018127B (en) Remote access system, gateway, client device, program, and storage medium
JP4681314B2 (en) Wireless communication system, reader / writer device, key management method, and computer program
CN102982264A (en) Method for protecting embedded type device software
US9983827B1 (en) Key-based memory deduplication protection
JP2010517424A (en) Encryption key container on USB token
CN101674301B (en) Method for storing certificate
CN102422256A (en) Method for accessing a portable data storage medium with auxiliary module and portable data storage medium
CN110020544A (en) The Hash information processing method and system of record are stored in the block of block chain
CN109255262A (en) Data guard method and solid state hard disk
CN104050424A (en) Method for achieving file access security authority management through smart card and file access method
CN111191252A (en) Encryption and decryption method and device for smart card operating system and storage medium
CN104484628A (en) Multi-application intelligent card with encryption and decryption functions
US10331365B2 (en) Accessing a serial number of a removable non-volatile memory device
CN101282347B (en) Method for controlling intelligent storing card
CN103020551B (en) A kind of memory architecture
CN112887297B (en) Privacy-protecting differential data determining method, device, equipment and system
CN111597075B (en) Method for recovering data from data storage device encrypted by hardware
Yamamoto et al. A tamper detection method for RFID tag data
CN100361165C (en) Update management for encoded data in memory
CN104598651A (en) Method and apparatus for managing favorite on mobile terminal
CN106878252A (en) Foundation is exempted from the method for close login relation, removes the method and its device of account
JP6642060B2 (en) Information processing device
CN102122332A (en) Method and system for managing password of electronic signing tool
CN112926956A (en) Block chain financial payment management method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant