CN101908963A - Method for realizing digest engine - Google Patents
Method for realizing digest engine Download PDFInfo
- Publication number
- CN101908963A CN101908963A CN 201010248457 CN201010248457A CN101908963A CN 101908963 A CN101908963 A CN 101908963A CN 201010248457 CN201010248457 CN 201010248457 CN 201010248457 A CN201010248457 A CN 201010248457A CN 101908963 A CN101908963 A CN 101908963A
- Authority
- CN
- China
- Prior art keywords
- interface
- digest
- engine
- algorithm
- data structure
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a method for realizing a digest engine and belongs to the field of message safety. The method comprises that: when an engine binding interface is called, the digest engine is connected with an intelligent key device to acquire an algorithm list from the intelligent key device and fills a first data structure to record the first data structure in an upper layer application; when an initiating interface is called, the digest engine sets a message digest algorithm for the intelligent key device to use currently according to the received first data structure, distributes storage space for received contexts and initiates the contexts; when a first digest interface is called, the digest engine, according to the currently set message digest algorithm, controls the intelligent key equipment to perform the digest operation of received message digest data; when a second digest interface is called, the digest engine controls the intelligent key device to finish digest operation and output an operation result; and when an engine releasing interface is called, the digest engine is disconnected from the intelligent key device.
Description
Technical field
The present invention relates to information security field, especially a kind of implementation method of digest engine.
Background technology
The OpenSSL project is the item security of the code of increasing income, and target is to realize the safe Socket layer and the fail safe of transport layer with powerful cryptographic algorithm.It has comprised complete cryptographic algorithm, and Digital Signature Algorithm etc. can well guarantee integrality, the confidentiality of data.
The purpose of engine (Engine) mechanism is to encrypt for the software cryptography storehouse or the intelligent cipher key equipment that make OpenSSL can use the third party to provide pellucidly.The engine mechanism of OpenSSL has successfully reached this purpose, and this makes that OpenSSL is not only an encryption library, but also is a general encipher interface, can with the encryption library or the intelligent cipher key equipment co-ordination of the overwhelming majority.
Summary of the invention
The invention provides a kind of implementation method of digest engine, realization utilizes the message digest algorithm in the intelligent cipher key equipment to finish the summary computing of data, and concrete technical scheme is as follows:
A kind of implementation method of digest engine, upper layer application realizes that by the engine binding interface, initialization interface, first digest interface, second digest interface, the engine realizing interface that call described digest engine described method comprises:
When engine binding interface was called by upper layer application, digest engine and intelligent cipher key equipment connected, and obtain the algorithm list of described intelligent cipher key equipment, and fill first data structure, and described first data structure is registered in the described upper layer application;
When initialization interface was called by upper layer application, described digest engine was provided with the presently used message digest algorithm of described intelligent cipher key equipment according to described first data structure of importing into, and the context memory allocated space for importing into, and the described context of initialization;
When first digest interface was called by upper layer application, described digest engine was according to the message digest algorithm of Set For Current, controlled described intelligent cipher key equipment to the informative abstract data of importing into the computing of making a summary;
When second digest interface was called by upper layer application, described digest engine was controlled described intelligent cipher key equipment and is finished the summary computing, and the output operation result;
When the engine realizing interface was called by upper level applications, described digest engine end was connected with described intelligent cipher key equipment.
Described engine binding interface, initialization interface, first digest interface, second digest interface, engine realizing interface are specially: bind_engine interface, init interface, updata interface, final interface, cleanup interface.
Described digest engine connects by hardware encipher interface and described intelligent cipher key equipment.
Described hardware encipher interface comprises cipher token interface and cryptographic service routine interface.
Described first data are specially the EVP_MD structure.
Described filling first data structure is specially: pointer and the described algorithm list of obtaining according to initialization interface, data summarization interface, summary output interface, engine realizing interface are filled first data structure.
Described pointer and the described algorithm list of obtaining according to initialization interface, data summarization interface, summary output interface, engine realizing interface filled first data structure and is specially:
According to existing definition in the upper layer application, in described first data structure, be provided with corresponding algorithm ID number for the message digest algorithm in the described algorithm list;
According to the numerical value in the described algorithm list, in described first data structure, value corresponding is set for the block length of message digest algorithm, digest value length, and value corresponding is set for the needed context of message digest algorithm space size, for described initialization interface, first digest interface, second digest interface, engine realizing interface are provided with corresponding interface pointer.
Described digest engine is provided with the presently used message digest algorithm of described intelligent cipher key equipment according to described first data structure of importing into and is specially:
When described initialization interface was called by upper layer application, first data structure after the described filling was imported described digest engine into;
Described digest engine is searched corresponding message digest algorithm according to the message digest algorithm ID in described first data structure of importing into, if search less than, the current message digest algorithm message digest algorithm that is set to give tacit consent to just, if can find, then current message digest algorithm is set to and the described message digest algorithm ID information corresponding digest algorithm that imports into.
Described digest engine communicates by described hardware encipher interface and described intelligent cipher key equipment.
Beneficial effect: by digest engine, with some hardware digest algorithms, especially some are undocumented, can only add with hard-wired message digest algorithm to expand in the existing software algorithm storehouse, have improved the fail safe of informative abstract computing.
Description of drawings
Flow chart when the engine binding interface that Fig. 1 provides for the embodiment of the invention is called by upper level applications;
Flow chart when the initialization interface that Fig. 2 provides for the embodiment of the invention is called by upper level applications.
Embodiment
For making the purpose, technical solutions and advantages of the present invention clearer, embodiment of the present invention is further described below in conjunction with accompanying drawing.
Embodiment 1
Before being specifically described, need have gained some understanding to data structure EVP_MD, this EVP_MD structure is used to deposit the information of message digest algorithm, and digest engine is then just by realizing that this EVP_MD structure finishes corresponding summary computing, being described below of EVP_MD structure:
typedef?struct?env_md_st
{
int?type;
int?md_size;
int(*init)(EVP_MD_CTX*ctx);
int(*update)(EVP_MD_CTX*ctx,const?void*data,unsigned?longcount);
int(*final)(EVP_MD_CTX*ctx,unsigned?char*md);
int(*cleanup)(EVP_MD_CTX*ctx);
int?block_size;
int?ctx_size;
}EVP_MD;
Particularly, the parameter in this data structure is made an explanation, as follows:
The NID sign (ID of algorithm number) of type---message digest algorithm is used to indicate the message digest algorithm that is adopted;
Md_size---the digest value length (unit is a byte) that message digest algorithm generated, if this EVP_MD construction packages is the SHA1 algorithm, then this field is SHA1_DIGEST_LENGTH, value is 20;
The initialization function of init---directional information digest algorithm, if this EVP_MD construction packages is the SM3 algorithm, that then point to is SM3_init;
Update---point to the function that calculates digest value, if this EVP_MD construction packages is the MD5 algorithm, that then point to is MD5_update;
Final---point to the function that will call after digest value calculates, this function is finished the work of treatment of last data block, if this EVP_MD construction packages is the SHA256 algorithm, that then point to is SHA256_final;
Block_size---indicate the block length (unit is a byte) of the data block when making a summary computing, if this EVP_MD construction packages is the SHA1 algorithm, then this field is SHA1_CBLOCK, and value is 64;
Ctx_size---indicate the space size of the CTX (context) that realizes the required distribution of message digest algorithm, if this EVP_MD construction packages is the SHA algorithm, then this field refers to sizeof (EVP_MD*)+sizeof (SHA_CTX);
Cleanup---be used to do some cleaning works, remove the EVP_MD structure.
Particularly, digest engine provided by the invention is by realizing engine binding interface bind_engine () and being registered in the expansion that initialization interface init (), the first digest interface updata (), the second digest interface final (), engine realizing interface cleanup () in the EVP_MD structure realizes message digest algorithm in the existing software algorithm storehouse; Wherein, bind_engine () is used to bind engine, init () is used for the initialization digest algorithm, updata () is used for the informative abstract data of importing into the computing of making a summary, final () is used for finishing the summary computing, and the output digest value, cleanup () is used to remove the EVP_MD structure of message digest algorithm.
In the present embodiment, digest engine communicates by PKCS#11 (public key cryptography standards cipher token) interface dynamic base and the intelligent cipher key equipment that is connected on the main frame, realization is added the message digest algorithm in the intelligent cipher key equipment in the existing software algorithm storehouse to, and the message digest algorithm of calling in the intelligent cipher key equipment is carried out the summary computing of data.PKCS#11 interface dynamic base is provided by the developer of intelligent cipher key equipment, and the interior details of described PKCS#11 interface dynamic base is not within scope described in the invention.
Referring to Fig. 1, when engine binding interface bind_engine () was called by upper level applications, digest engine was carried out following operation:
Preferably, this step is finished by calling system for computer function loadlibrary ().
Wherein, the filename of PKCS#11 interface dynamic base is made an appointment.
Preferably, this step is finished by the C_GetFunctionList () function that calls in the PKCS#11 interface.
Further, this step can also be earlier attempts obtaining C_GetFunctionList () function in the PKCS#11 interface in the entrance of PKCS#11 interface by calling computer system function G etProcAddress (), after calling the success of C_GetFunctionList () function, just can obtain the entrance of other PKCS#11 interfaces, and can call the function list that these interfaces obtain PKCS#11 interface dynamic base; If attempt failure, then report an error and return.
Particularly, the function list of PKCS#11 interface dynamic base can be CK_FUNCTION_LIST_PTR.
Need to prove, the function list that obtains comprises the pointer of function pointer in the PKCS#11 interface dynamic base, like this, in the engine operation afterwards, just can realize the function calls in the PKCS#11 interface dynamic base by the pointer that calls the function pointer that obtains, for example, the C_Initialize () in the engine calling PKCS#11 interface dynamic base, just can realize by the pointer that calls the C_Initialize () pointer that obtains, or the like.
Need to prove,, carrying out at first to call this C_Initialize () interface before other operations according to the codes and standards of PKCS#11 interface.
Further, in this process, can also comprise following operation:
Engine is created and is started a monitoring thread, is used for the plug incident of monitoring intelligent key devices, so that in time react in follow-up processing;
Preferably, the plug incident of monitoring intelligent key devices (insertion of intelligent cipher key equipment or pull out) is to realize by calling the function C _ WaitForSlotEvent () that defines in the PKCS#11 interface dynamic base.
Need to prove: the plug state of monitoring intelligent key devices is in order in time to inform the current state of this intelligent cipher key equipment of engine, if intelligent cipher key equipment is pulled out, then engine in time cuts out the session with intelligent cipher key equipment, if, intelligent cipher key equipment is inserted into, the then session of engine unlatching in time and intelligent cipher key equipment, so that increase work efficiency, simultaneously, avoided engine interim opened session when using intelligent cipher key equipment, and intelligent cipher key equipment is to pull out state, thus the appearance of the situation that makes the mistake.
Particularly, engine obtains the tabulation of intelligent key key devices by calling the function C _ GetSlotList () that defines in the PKCS#11 interface dynamic base;
In the present embodiment,, then select first intelligent cipher key equipment in the described tabulation if currently exist a plurality of intelligent cipher key equipments to be connected to main frame.
Preferably, the foundation of engine and intelligent cipher key equipment is to realize by calling the function C _ OpenSession () that defines in the PKCS#11 interface dynamic base in succession.
Particularly, engine is realized by calling ENGINE_new ();
Need to prove, the engine of being created by ENGINE_new () to as if empty.
Particularly, by registration function ENGINE_set_id (e, engine_cipher_id), ENGINE_set_name (e, engine_cipher_name) realize the setting of engine id and title, for example ENGI NE_set_id (engine, " rt18651b "), ENGINE_set_name (engine, " BSD rt18651b engine ").(e, engine_cipher_id), (e in the time of engine_cipher_name), selectes corresponding engine to ENGINE_set_name when upper layer application is called ENGINE_set_id.
Particularly, come the acquisition algorithm tabulation by calling the C_GetMechanismList that defines in the PKCS#11 interface dynamic base.
Wherein, comprise the message digest algorithm attribute in the algorithm list, as block length, digest value length etc.
For example, the algorithm list of obtaining is:
{CKM_SHA_1, {0,0,CKF_DIGEST}}。
Concrete fill method is, to the arbitrary digest algorithm in the algorithm list of being obtained, is provided with corresponding algorithm ID number according to the definition of upper layer application; According to the numerical value in the algorithm list, digest value length m d_size is set, block length block_size, and indicate the size in the space of required context distributed when realizing digest algorithm, and init (), updata (), final (), cleanup () interface pointer are set.
Particularly, realize by calling ENGINE_set_digests;
Need to prove, call ENGI NE_set_digests the digest algorithm that current engine is supported is set, and obtain the EVP_MD structure of digest algorithm, thereby obtain the operation-interface and the digest algorithm attribute that encapsulate in the EVP_MD structure, comprise: init operation-interface, updata operation-interface, final operation-interface, cleanup operation-interface, attributes such as the block length of message digest algorithm, digest value length, contextual space size.
Need to prove that the digest algorithm that the engine acquiescence is supported comprises MD5 and shal
The binding of step 111, realization message digest algorithm and engine;
Particularly, realize by calling ENGINE_register_digests, the message digest algorithm that ENGINE_register_digests supports current engine is added in the algorithm list in the upper layer application, set up related with engine, like this, when upper layer application was used message digest algorithm, the EVP_MD structure that just can obtain this message digest algorithm had reached relevant attribute.
Need to prove, when init () interface, updata () interface, when final () interface is called by upper layer application, the parameter of importing into generally comprises: the information of the message digest algorithm of depositing in context and the EVP_MD structure, the block length that comprises message digest algorithm, digest value length, message digest algorithm ID etc.
Referring to Fig. 2, when init () interface is called by upper level applications, digest engine is carried out following operation:
Wherein, the parametric description of init () is as follows:
Int (* init) (EVP_MD_CTX*ctx//context);
Particularly, EVP_MD_CTX is carried out simple explanation, as follows:
typedef?struct?env_md_ctx_st
{
const?EVP_MD*digest;
ENGINE*engine;
unsigned?long?flags;
void*md_data;
}EVP_MD_CTX;
Particularly, being described below of parameter in the EVP_MD_CTX structure:
Digest---point to the pointer of EVP_MD structure;
Engine---if algorithm is provided by engine, this pointed engine;
Md_data---informative abstract data;
Particularly, engine is created by upper layer application, and related with algorithm list foundation when calling bind_engine (), and the informative abstract data are determined by the concrete operation process.
Particularly, search corresponding message digest algorithm according to the message digest algorithm ID that imports into, if search less than, the message digest algorithm of the current use message digest algorithm that is set to give tacit consent to then, if can find, then the message digest algorithm of current use is set to and the message digest algorithm type information corresponding digest algorithm that imports into;
Particularly, message digest algorithm ID follows EVP_MD_CTX and imports into, when the digest in the EVP_MD_CTX structure is performed, has just pointed to the EVP_MD structure, and the message digest algorithm ID in this structure has just been imported into init () interface.
Particularly, when being called according to bind_engine () interface, the context space size of setting is carried out the distribution of internal memory.
For example, set up a doubly linked list, this doubly linked list is used for the stored information summary data.
Particularly, for initial value composed in context, by concrete calculating process decision.
When updata () interface was called by upper level applications, the parameter of importing into comprised:
Int (* update) (EVP_MD_CTX*ctx, // context
Const void*data, // informative abstract data
Unsigned long count//interative computation number of times)
When updata () interface is called by upper level applications, the informative abstract data that the digest engine buffer memory imports into, and the control intelligent cipher key equipment according to the message digest algorithm of Set For Current to the informative abstract data of importing into make a summary computing and buffer memory operation result;
Need to prove that when updata () interface is called, carry out summary computing more than once in this interface, operation times is determined by concrete calculating process.
Particularly, can finish the summary computing by the C_DigestUpdate function that calls the PKCS#11 interface.
When final () interface was called by upper level applications, the parameter of importing into comprised:
Int (* final) (EVP_MD_CTX*ctx, // context
Unsigned char*md//summary dateout)
When final () interface was called by upper level applications, digest engine control intelligent cipher key equipment finished the summary computing, and with operation result output, particularly, by the md field result is exported;
Particularly, can finish the summary computing by the C_DigestFinal function that calls the PKCS#11 interface.
After final () interface interchange finishes, cleaup () interface will be called, and be used to clear up environment;
When cleaup () interface is called by upper level applications, close and the communicating by letter of intelligent cipher key equipment by PKCS#11 interface C_CloseSession;
Remove the shared application resource of digest engine, finish use digest engine.
Similarly, also can communicate in the digest engine by cryptographic services program CSP (CryptographicService Provider) interface and intelligent cipher key equipment.For example,
CryptAcquireContext and intelligent cipher key equipment by the CSP interface connect;
Obtain the algorithm list of intelligent cipher key equipment by the CryptGetProvParam of CSP interface;
CryptGreateHash by the CSP interface is provided with the presently used algorithm of intelligent cipher key equipment;
CrypthashData by the CSP interface is to the data of importing into the computing of making a summary;
Export the result of summary computing by the CryptGetHashParam of CSP interface;
CryptReleaseContext cleaning environment by the CSP interface;
The flow process of idiographic flow when communicating by the PKCS#11 interface is similar, just repeats no more herein.
Like this, behind digest engine realization aforesaid operations, just can be with some hardware digest algorithms, especially some are undocumented, can only expand to the software algorithm storehouse with hard-wired digest algorithm interpolation and suffer.
The above; only for the preferable embodiment of the present invention, but protection scope of the present invention is not limited thereto, and anyly is familiar with those skilled in the art in technical scope disclosed by the invention; the variation that can expect easily or replacement all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (9)
1. the implementation method of a digest engine, upper layer application realizes that by the engine binding interface, initialization interface, first digest interface, second digest interface, the engine realizing interface that call described digest engine it is characterized in that, described method comprises:
When engine binding interface was called by upper layer application, digest engine and intelligent cipher key equipment connected, and obtain the algorithm list of described intelligent cipher key equipment, and fill first data structure, and described first data structure is registered in the described upper layer application;
When initialization interface was called by upper layer application, described digest engine was provided with the presently used message digest algorithm of described intelligent cipher key equipment according to described first data structure of importing into, and the context memory allocated space for importing into, and the described context of initialization;
When first digest interface was called by upper layer application, described digest engine was according to the message digest algorithm of Set For Current, controlled described intelligent cipher key equipment to the informative abstract data of importing into the computing of making a summary;
When second digest interface was called by upper layer application, described digest engine was controlled described intelligent cipher key equipment and is finished the summary computing, and the output operation result;
When the engine realizing interface was called by upper level applications, described digest engine end was connected with described intelligent cipher key equipment.
2. method according to claim 1, it is characterized in that described engine binding interface, initialization interface, first digest interface, second digest interface, engine realizing interface are specially: bind_engine interface, init interface, updata interface, final interface, cleanup interface.
3. method according to claim 1 is characterized in that, described digest engine connects by hardware encipher interface and described intelligent cipher key equipment.
4. method according to claim 2 is characterized in that, described hardware encipher interface comprises cipher token interface and cryptographic service routine interface.
5. method according to claim 1 is characterized in that, described first data are specially the EVP_MD structure.
6. method according to claim 5, it is characterized in that described filling first data structure is specially: pointer and the described algorithm list of obtaining according to initialization interface, data summarization interface, summary output interface, engine realizing interface are filled first data structure.
7. method according to claim 6 is characterized in that, described pointer and the described algorithm list of obtaining according to initialization interface, data summarization interface, summary output interface, engine realizing interface filled first data structure and be specially:
According to existing definition in the upper layer application, in described first data structure, be provided with corresponding algorithm ID number for the message digest algorithm in the described algorithm list;
According to the numerical value in the described algorithm list, in described first data structure, value corresponding is set for the block length of message digest algorithm, digest value length, and value corresponding is set for the needed context of message digest algorithm space size, for described initialization interface, first digest interface, second digest interface, engine realizing interface are provided with corresponding interface pointer.
8. method according to claim 1 is characterized in that, described digest engine is provided with the presently used message digest algorithm of described intelligent cipher key equipment according to described first data structure of importing into and is specially:
When described initialization interface is called by upper layer application, import first data structure after the described filling into described digest engine;
Described digest engine is searched corresponding message digest algorithm according to the message digest algorithm ID in described first data structure of importing into, if search less than, the current message digest algorithm message digest algorithm that is set to give tacit consent to just, if can find, then current message digest algorithm is set to and the described message digest algorithm ID information corresponding digest algorithm that imports into.
9. according to the described method of claim 1 to 8, it is characterized in that described digest engine communicates by described hardware encipher interface and described intelligent cipher key equipment.
Priority Applications (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102484576A CN101908963B (en) | 2010-08-09 | 2010-08-09 | Method for realizing digest engine |
| PCT/CN2011/072250 WO2011120421A1 (en) | 2010-03-31 | 2011-03-29 | Method for implementing encryption engine |
| US13/635,918 US8995663B2 (en) | 2010-03-31 | 2011-03-29 | Method for implementing an encryption engine by smart key device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010102484576A CN101908963B (en) | 2010-08-09 | 2010-08-09 | Method for realizing digest engine |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101908963A true CN101908963A (en) | 2010-12-08 |
| CN101908963B CN101908963B (en) | 2012-02-22 |
Family
ID=43264290
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010102484576A Active CN101908963B (en) | 2010-03-31 | 2010-08-09 | Method for realizing digest engine |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101908963B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011120421A1 (en) * | 2010-03-31 | 2011-10-06 | 北京飞天诚信科技有限公司 | Method for implementing encryption engine |
| CN102970134A (en) * | 2012-12-11 | 2013-03-13 | 成都卫士通信息产业股份有限公司 | Method and system for encapsulating PKCS#7 (public-key cryptography standard #7) data by algorithm of hardware password equipment |
| CN103279715A (en) * | 2013-05-22 | 2013-09-04 | 李凤华 | Database data encryption and decryption method and device |
| TWI487358B (en) * | 2012-06-04 | 2015-06-01 | ||
| CN109189380A (en) * | 2018-09-12 | 2019-01-11 | 湖南创智艾泰克科技有限公司 | Algorithm integration frame and method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1592190A (en) * | 2003-08-29 | 2005-03-09 | 三星电子株式会社 | Hardware cryptographic engine and encryption method |
| US20060218190A1 (en) * | 2005-03-28 | 2006-09-28 | Datallegro, Inc. | Non-invasive encryption for relational database management systems |
| CN101197660A (en) * | 2006-12-07 | 2008-06-11 | 上海安创信息科技有限公司 | Encrypting method and chip for anti-attack standard encryption criterion |
-
2010
- 2010-08-09 CN CN2010102484576A patent/CN101908963B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1592190A (en) * | 2003-08-29 | 2005-03-09 | 三星电子株式会社 | Hardware cryptographic engine and encryption method |
| US20060218190A1 (en) * | 2005-03-28 | 2006-09-28 | Datallegro, Inc. | Non-invasive encryption for relational database management systems |
| CN101197660A (en) * | 2006-12-07 | 2008-06-11 | 上海安创信息科技有限公司 | Encrypting method and chip for anti-attack standard encryption criterion |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2011120421A1 (en) * | 2010-03-31 | 2011-10-06 | 北京飞天诚信科技有限公司 | Method for implementing encryption engine |
| TWI487358B (en) * | 2012-06-04 | 2015-06-01 | ||
| CN102970134A (en) * | 2012-12-11 | 2013-03-13 | 成都卫士通信息产业股份有限公司 | Method and system for encapsulating PKCS#7 (public-key cryptography standard #7) data by algorithm of hardware password equipment |
| CN102970134B (en) * | 2012-12-11 | 2015-06-03 | 成都卫士通信息产业股份有限公司 | Method and system for encapsulating PKCS#7 (public-key cryptography standard #7) data by algorithm of hardware password equipment |
| CN103279715A (en) * | 2013-05-22 | 2013-09-04 | 李凤华 | Database data encryption and decryption method and device |
| CN109189380A (en) * | 2018-09-12 | 2019-01-11 | 湖南创智艾泰克科技有限公司 | Algorithm integration frame and method |
| CN109189380B (en) * | 2018-09-12 | 2021-11-26 | 湖南创智艾泰克科技有限公司 | Algorithm integration framework system and method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101908963B (en) | 2012-02-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101820342B (en) | Method for implementing hardware encryption engine | |
| CN108513704B (en) | Remote distribution method and system of terminal master key | |
| CN105184931A (en) | Bluetooth-based unlocking method, system and hand-held terminal and Bluetooth-based electronic lock | |
| CN111177801B (en) | Signature method and device of electronic document, storage medium and electronic equipment | |
| CN113364760A (en) | Data encryption processing method and device, computer equipment and storage medium | |
| CN101908963B (en) | Method for realizing digest engine | |
| US20050221766A1 (en) | Method and apparatus to perform dynamic attestation | |
| CN108390759A (en) | Code encryption, decryption method, device, computer equipment and storage medium | |
| US8422673B2 (en) | Method and system for protecting against unity keys | |
| WO2011120421A1 (en) | Method for implementing encryption engine | |
| CN102055759A (en) | Hardware engine realization method | |
| CN111475824A (en) | Data access method, device, equipment and storage medium | |
| CN112398826A (en) | Data processing method and device based on state password, storage medium and electronic equipment | |
| CN101552792B (en) | A method and apparatus for transmitting information with dynamic secondary cipher key | |
| WO2001084766A2 (en) | System and method for encryption using transparent keys | |
| CN114697095A (en) | Hybrid encryption and decryption method, system, device and medium | |
| CN109978543B (en) | Contract signing method and device, electronic equipment and storage medium | |
| JPWO2006019152A1 (en) | Message authenticator generation device, message authenticator verification device, and message authenticator generation method | |
| CN103425939B (en) | A kind of SM3 algorithm realization method and system in JAVA environment | |
| CN110941857A (en) | Privacy management system and method of block chain intelligent contract platform | |
| CN110851112A (en) | Random bit generation method and device, electronic equipment and storage medium | |
| CN112383522B (en) | Function parameter data transmission encryption method, system, device and readable storage medium | |
| CN112948867A (en) | Method and device for generating and decrypting encrypted message and electronic equipment | |
| CN112398655B (en) | File transmission method, server and computer storage medium | |
| CN112561701A (en) | Transaction creating method, verification method and transaction equipment of blockchain system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |