CN105049213A - File signature method and device - Google Patents

File signature method and device Download PDF

Info

Publication number
CN105049213A
CN105049213A CN 201510446709 CN201510446709A CN105049213A CN 105049213 A CN105049213 A CN 105049213A CN 201510446709 CN201510446709 CN 201510446709 CN 201510446709 A CN201510446709 A CN 201510446709A CN 105049213 A CN105049213 A CN 105049213A
Authority
CN
Grant status
Application
Patent type
Prior art keywords
value
digest
digest value
file
server
Prior art date
Application number
CN 201510446709
Other languages
Chinese (zh)
Inventor
程洋
王江少
杜慧
Original Assignee
小米科技有限责任公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Abstract

The disclosure relates to a file signature method. The method is applied to a client and the method comprises the steps as follows: performing abstract calculation on a target file to obtain an abstract value of the target file; transmitting the abstract value to a server, wherein the abstract value is used by the server to encrypt the abstract value; receiving an encrypted abstract value from the server; and combining the encrypted abstract value into the target file. Therefore, the problem that the client needs to upload the whole target file to the server for file signature is solved, and the effects of reducing the information transmission amount between the client and the server and improving signature efficiency are achieved.

Description

文件签名方法及装置 File signature method and apparatus

技术领域 FIELD

[0001] 本公开涉及计算机领域,尤其涉及文件签名方法及装置。 [0001] The present disclosure relates to the field of computers, and particularly to a method and apparatus for signing documents.

背景技术 Background technique

[0002] 文件签名技术能够增强文件传输的完整性及安全性,已被广泛应用于信息传输、信息安全、交易服务等领域。 [0002] file signature technology to enhance the integrity and security of file transfers, has been widely used in information transmission, information security, transaction services. 文件签名技术基于客户端/服务器(C/S)架构。 File signature technology architecture is based on client / server (C / S). 相关技术中,客户端需要向服务器上传整个待签名文件,以由服务器进行签名。 Related technology, the client needs to be signed to upload the entire file to the server to be signed by the server. 由于需要上传整个待签名文件,从而导致客户端与服务器之间的传输速度慢,签名效率低。 Due to the need to upload the entire file to be signed, resulting in transfer speed between the client and the server is slow, low efficiency signature.

发明内容 SUMMARY

[0003] 为克服相关技术中存在的问题,本公开提供一种文件签名方法及装置。 [0003] In order to overcome the problems in the related art, the present disclosure provides a method and apparatus for signing documents.

[0004] 根据本公开实施例的第一方面,提供一种文件签名方法,所述方法应用于客户端,并且所述方法包括:对目标文件进行摘要计算,得出针对所述目标文件的摘要值;向服务器发送所述摘要值,所述摘要值用于所述服务器对所述摘要值进行加密;从所述服务器接收加密后的摘要值;以及将所述加密后的摘要值合并到所述目标文件中。 [0004] According to a first aspect of the disclosed embodiment of the present embodiment, there is provided a method of signing documents, the method is applied to the client, and the method comprising: a target file digest calculation, the digest for the target file value; the server sends the digest value, the digest value for the server encrypts the digest value; the encrypted digest value received from the server; and a digest value of the merge after encryption to the said the target file.

[0005] 在第一方面的一些可能的实施方式中,所述目标文件包括待签名文件和与所述待签名文件有关的信息。 [0005] Some possible embodiments of the first aspect, the target file and the signature file comprising information to be associated with the document to be signed.

[0006] 在第一方面的一些可能的实施方式中,所述对目标文件进行摘要计算,得出针对所述目标文件的摘要值,包括:利用安全散列算法-256算法对所述目标文件进行摘要计算,生成256字节的哈希值;以及将所述256字节的哈希值确定为是针对所述目标文件的摘要值。 [0006] Some possible embodiments of the first aspect, the digest is calculated for the target file, a digest value obtained for the target file, comprising: using a secure hash algorithm on the target document algorithm -256 computing the digest, a hash value of 256 bytes is generated; and the hash value of 256 bytes is determined to be digest value for the target file.

[0007] 在第一方面的一些可能的实施方式中,所述将所述加密后的摘要值合并到所述目标文件中,包括:将所述加密后的摘要值添加到所述目标文件的尾部。 [0007] Some possible embodiments of the first aspect, the summary of the combined value of the encrypted file to the target, comprising: the encrypted digest value to the target file tail.

[0008] 在第一方面的一些可能的实施方式中,所述方法还包括:从所述服务器接收公钥信息,所述公钥信息用于对所述加密后的摘要值进行解密。 [0008] Some possible embodiments of the first aspect, the method further comprising: receiving information from the public key server, the public key information for decrypting the encrypted digest value.

[0009] 根据本公开实施例的第二方面,提供一种文件签名方法,所述方法应用于服务器,并且所述方法包括:从客户端接收针对目标文件的摘要值;对所述摘要值进行加密;以及向所述客户端发送加密后的摘要值,所述加密后的摘要值用于所述客户端将所述加密后的摘要值合并到所述目标文件中。 [0009] According to a second aspect of the disclosed embodiment of the present embodiment, there is provided a method of signing documents, the method is applied to a server, and the method comprising: receiving a digest value of the target file from the client; the digest value encryption; and transmitting the encrypted digest value to the client, the encrypted digest values ​​digest value for the client after encrypting the merged into the target file.

[0010] 在第二方面的一些可能的实施方式中,所述摘要值是针对所述目标文件的256字节的哈希值。 [0010] Some possible embodiments of the second aspect, the digest value is a hash value of 256 bytes for the target file.

[0011] 在第二方面的一些可能的实施方式中,所述对所述摘要值进行加密,包括:利用所述服务器的私钥对所述摘要值进行加密;以及所述方法还包括:向所述客户端发送公钥信息,所述公钥信息用于对所述加密后的摘要值进行解密。 [0011] Some possible embodiments of the second aspect, the encrypting the digest value, comprising: encrypting the digest value using a private key of the server; and said method further comprises: the the client sends the public key information, the public key information for decrypting the encrypted digest value.

[0012] 根据本公开实施例的第三方面,提供一种文件签名装置,所述装置配置于客户端,并且所述装置包括:摘要计算模块,被配置为对目标文件进行摘要计算,得出针对所述目标文件的摘要值;第一发送模块,被配置为向服务器发送所述摘要值,所述摘要值用于所述服务器对所述摘要值进行加密;第一接收模块,被配置为从所述服务器接收加密后的摘要值;以及摘要合并模块,被配置为将所述加密后的摘要值合并到所述目标文件中。 [0012] According to a third aspect of the disclosed embodiment of the present embodiment, there is provided a document signature device, the device is configured in the client, and the apparatus comprising: a digest calculation module configured to calculate the target file digest, obtained digest value for the target file; a first transmitting module configured to transmit the digest value to the server, the digest value for the server encrypts the digest value; a first receiving module, configured to encrypted digest value received from the server; summary and merge module, configured to digest the encrypted value integrated into the target file.

[0013] 在第三方面的一些可能的实施方式中,所述目标文件包括待签名文件和与所述待签名文件有关的信息。 [0013] Some possible embodiments of the third aspect, the target file to be signed, including information related to the file and the file to be signed.

[0014] 在第三方面的一些可能的实施方式中,所述摘要计算模块包括:摘要计算子模块,被配置为利用安全散列算法-256算法对所述目标文件进行摘要计算,生成256字节的哈希值;摘要确定子模块,被配置为将所述256字节的哈希值确定为是针对所述目标文件的摘要值。 [0014] Some possible embodiments of the third aspect, the digest calculation module comprises: a digest calculation sub-module, configured to calculate the target file digest using a secure hash algorithm algorithm -256, 256 generate word a hash value section; summary determination sub-module, configured to determine a hash value of 256 bytes is a summary value for the target file.

[0015] 在第三方面的一些可能的实施方式中,所述摘要合并模块包括:摘要合并子模块,被配置为将所述加密后的摘要值添加到所述目标文件的尾部。 [0015] Some possible embodiments of the third aspect, the digest merging module comprising: Summary merging sub-module, configured to add the encrypted digest value to the end of the target file.

[0016] 在第三方面的一些可能的实施方式中,所述装置还包括:第二接收模块,被配置为从所述服务器接收公钥信息,所述公钥信息用于对所述加密后的摘要值进行解密。 [0016] Some possible embodiments of the third aspect, the apparatus further comprising: a second receiving module, configured to receive information from the server public key, the public key for the encrypted information summary value decrypted.

[0017] 根据本公开实施例的第四方面,提供一种文件签名装置,所述装置配置于服务器,并且所述装置包括:第三接收模块,被配置为从客户端接收针对目标文件的摘要值;加密模块,被配置为对所述摘要值进行加密;以及第二发送模块,被配置为向所述客户端发送加密后的摘要值,所述加密后的摘要值用于所述客户端将所述加密后的摘要值合并到所述目标文件中。 [0017] According to a fourth aspect of the disclosed embodiment of the present embodiment, there is provided a document signature device, the device is configured in the server, and the apparatus comprising: a third receiving module, configured to receive a digest from the client for a target file value; encryption module configured to encrypt the digest value; and a second transmission module configured to transmit the encrypted digest value to the client, the encrypted digest value to the client the encrypted digest value of the merge into the target file.

[0018] 在第四方面的一些可能的实施方式中,所述摘要值是针对所述目标文件的256字节的哈希值。 [0018] Some possible embodiments of the fourth aspect, the digest value is a hash value of 256 bytes for the target file.

[0019] 在第四方面的一些可能的实施方式中,所述加密模块包括:加密子模块,被配置为利用所述服务器的私钥对所述摘要值进行加密;以及所述装置还包括:第三发送模块,被配置为发送公钥信息,所述公钥信息用于对所述加密后的摘要值进行解密。 [0019] Some possible embodiments of the fourth aspect, the encryption module comprises: an encryption sub-module, configured to use the private key of the server encrypts the digest value; and said apparatus further comprises: a third sending module, configured to transmit the public key information, the public key information for decrypting the encrypted digest value.

[0020] 根据本公开实施例的第五方面,提供一种文件签名装置,所述装置包括:处理器;用于存储处理器可执行指令的存储器;其中,所述处理器被配置为:对目标文件进行摘要计算,得出针对所述目标文件的摘要值;向服务器发送所述摘要值,所述摘要值用于所述服务器对所述摘要值进行加密;从所述服务器接收加密后的摘要值;以及将所述加密后的摘要值合并到所述目标文件中。 [0020] According to a fifth aspect of the disclosed embodiment of the present embodiment, there is provided a document signature device, the apparatus comprising: a processor; processor-executable instructions for storing a memory; wherein the processor is configured to: for target file digest calculation, the digest value for the target file; transmitting the digest value to the server, the server the digest value for encrypting the digest value; after receiving from the server the encrypted digest value; and the combined value of the encrypted digest to the destination file.

[0021] 根据本公开实施例的第六方面,提供一种文件签名装置,所述装置包括:处理器;用于存储处理器可执行指令的存储器;其中,所述处理器被配置为:从客户端接收针对目标文件的摘要值;对所述摘要值进行加密;以及向所述客户端发送加密后的摘要值,所述加密后的摘要值用于所述客户端将所述加密后的摘要值合并到所述目标文件中。 [0021] According to a sixth aspect of the disclosed embodiment of the present embodiment, there is provided a document signature device, the apparatus comprising: a processor; processor-executable instructions for storing a memory; wherein the processor is configured to: after transmitting the encrypted digest and the encrypted value to the client, the encrypted digest value to the client; client receives the digest value for the target file; encrypting the digest value digest value incorporated into the target document.

[0022] 本公开的实施例提供的技术方案可以包括以下有益效果: [0022] The present embodiment provides a technical solution of the disclosure may comprise the following advantageous effects:

[0023] 通过客户端对目标文件进行摘要计算,得出针对所述目标文件的摘要值,向服务器发送所述摘要值,以由所述服务器对所述摘要值进行加密,从所述服务器接收加密后的摘要值,以及将所述加密后的摘要值合并到所述目标文件中,可以解决客户端需要向服务器上传整个目标文件来进行文件签名的问题,达到了降低客户端与服务器之间的消息传输量、提高签名效率的效果。 [0023] By client target file digest calculation, the digest value for the target file, transmitting the digest value to the server to encrypt the digest value by the server, the server receives from the summary encrypted value, and the value of the encrypted digest merged into the target file, you can solve clients you need to upload the entire file to the target server for file signature issue, reduce reached between the client and server messaging volume, the effect of improving the efficiency of the signature.

[0024] 应当理解的是,以上的一般描述和后文的细节描述仅是示例性和解释性的,并不能限制本公开。 [0024] It should be understood that both the foregoing general description and the details described hereinafter are merely exemplary and explanatory and are not intended to limit the present disclosure.

附图说明 BRIEF DESCRIPTION

[0025] 此处的附图被并入说明书中并构成本说明书的一部分,示出了符合本公开的实施例,并与说明书一起用于解释本公开的原理。 [0025] The accompanying drawings, which are incorporated herein and constitute a part of this specification, illustrate embodiments consistent with the principles of the embodiments of the present disclosure, and together with the description serve to explain the present disclosure.

[0026] 图1是根据一示例性实施例示出的一种实施环境的结构示意图。 [0026] FIG. 1 is a schematic diagram illustrating an embodiment of a configuration environment according to an exemplary embodiment.

[0027] 图2是根据一示例性实施例示出的一种文件签名方法的流程图。 [0027] FIG 2 is a flowchart of a method of file signature embodiment shown according to an exemplary embodiment.

[0028] 图3是根据另一示例性实施例示出的一种文件签名方法的流程图。 [0028] FIG. 3 is a flowchart of a method of the signature file according to another exemplary embodiment illustrated embodiment.

[0029] 图4是根据另一示例性实施例示出的一种文件签名方法的流程图。 [0029] FIG. 4 is a flowchart of a method of the signature file according to another exemplary embodiment illustrated embodiment.

[0030] 图5是根据另一示例性实施例示出的一种文件签名方法的流程图。 [0030] FIG. 5 is a flowchart of a method of the signature file according to another exemplary embodiment illustrated embodiment.

[0031] 图6是根据一示例性实施例示出的一种文件签名方法的流程图。 [0031] FIG. 6 is a flowchart of a method of file signature embodiment shown according to an exemplary embodiment.

[0032] 图7是根据另一示例性实施例示出的一种文件签名方法的流程图。 [0032] FIG. 7 is a flowchart of a method of the signature file according to another exemplary embodiment illustrated embodiment.

[0033] 图8是根据一示例性实施例示出的客户端与服务器之间的信令交互图。 [0033] FIG 8 is a signaling interaction between the client and the server illustrated in accordance with an exemplary embodiment.

[0034] 图9是根据一示例性实施例示出的一种文件签名装置的框图。 [0034] FIG. 9 is a block diagram of one kind of a document is shown an exemplary embodiment of the signature apparatus.

[0035] 图10是根据另一示例性实施例示出的一种文件签名装置的框图。 [0035] FIG. 10 is a block diagram document signature device according to one illustrated another exemplary embodiment.

[0036] 图11是根据另一示例性实施例示出的一种文件签名装置的框图。 [0036] FIG. 11 is a block diagram of another exemplary embodiment of a signature file illustrated apparatus.

[0037] 图12是根据另一示例性实施例示出的一种文件签名装置的框图。 [0037] FIG. 12 is a block diagram of another exemplary embodiment of a signature file illustrated apparatus.

[0038] 图13是根据一示例性实施例示出的一种文件签名装置的框图。 [0038] FIG. 13 is a block diagram of one kind of a document is shown an exemplary embodiment of the signature apparatus.

[0039] 图14是根据另一示例性实施例示出的一种文件签名装置的框图。 [0039] FIG. 14 is a block diagram of another exemplary embodiment of a signature file illustrated apparatus.

[0040] 图15是根据一示例性实施例示出的一种文件签名装置的框图。 [0040] FIG. 15 is a block diagram of one kind of a document is shown an exemplary embodiment of the signature apparatus.

[0041] 图16是根据一示例性实施例示出的一种文件签名装置的框图。 [0041] FIG. 16 is a block diagram of one kind of a document is shown an exemplary embodiment of the signature apparatus.

具体实施方式 detailed description

[0042] 这里将详细地对示例性实施例进行说明,其示例表示在附图中。 [0042] The exemplary embodiments herein be described in detail embodiments of which are illustrated in the accompanying drawings. 下面的描述涉及附图时,除非另有表示,不同附图中的相同数字表示相同或相似的要素。 When the following description refers to the accompanying drawings, unless otherwise indicated, the same numbers in different drawings represent the same or similar elements. 以下示例性实施例中所描述的实施方式并不代表与本公开相一致的所有实施方式。 The following exemplary embodiments described in the exemplary embodiments do not represent the disclosed embodiment consistent with all the present embodiment. 相反,它们仅是与如所附权利要求书中所详述的、本公开的一些方面相一致的装置和方法的例子。 Instead, they are only in the book as detailed in the appended claims, some aspects of the present disclosure examples of apparatus and methods consistent phase.

[0043] 图1是根据一示例性实施例示出的一种实施环境的结构示意图。 [0043] FIG. 1 is a schematic diagram illustrating an embodiment of a configuration environment according to an exemplary embodiment. 该实施环境可以包括客户端110、服务器120和用户终端130。 The embodiment 110 may include a client environment, the server 120 and the user terminal 130.

[0044] 客户端110可以是能够向服务器120提供待签名信息、以及将签名后的信息提供给用户终端130的计算设备,图1中以客户端110是计算机来示意。 [0044] The client 110 may be able to provide information to a server 120 to be signed, and the signature information to the user terminal computing device 130, the client 110 in FIG. 1 is a schematic computer. 服务器120可以是能够对客户端Il0提供的待签名信息进行加密、并将加密后的信息返回给客户端110的计算设备。 Server 120 may be able to encrypt the client Il0 signature information and supplies the encrypted information back to the client computing device 110 ends. 用户终端130可以是能够从客户端110获取签名后的信息、并对签名后的信息进行签名识别的任意类型的电子设备。 User terminal 130 may be capable of obtaining information from the customer terminal 110 signature, the signature and the signature information to identify any type of electronic device. 在本公开中,用户终端130可以例如是智能手机、平板电脑、PC机、笔记本电脑等等。 In the present disclosure, for example, the user terminal 130 may be a smart phone, tablet, PC, laptop and so on. 图1中以用户终端130是智能手机来示意。 In the user terminal 130 in FIG. 1 is a schematic smartphones.

[0045] 客户端110与服务器120之间、以及客户端110与用户终端130之间可以通过任意有线或无线网络进行通信。 [0045] The client 110 and the server 120, and client 110 and the user terminal 130 may communicate via any wired or wireless network.

[0046] 虽然在图1中示出了实施环境包括一个客户端110,但是实施环境也可以包括多个客户端110,每个客户端110可以与服务器120进行通信,服务器120可以用于对来自多个客户端110的待签名信息进行加密,之后,将加密后的信息返回给相应的客户端110。 [0046] Although the embodiment shown in FIG. 1 environment comprises a client 110, but the embodiment may also include a plurality of environmental clients 110, each client 110 may communicate with server 120 may be used for the server 120 from a plurality of client information 110 to be signed is encrypted, then the encrypted information back to the respective clients 110.

[0047] 图2是根据一示例性实施例示出的一种文件签名方法的流程图,该方法可以应用于客户端中,例如,图1中示出的客户端110。 [0047] FIG 2 is a flowchart of a method of signing documents in accordance with an exemplary embodiment illustrated exemplary embodiment, the method may be applied to a client, for example, shown in FIG. 1 of the client terminal 110. 如图2所示,该方法可以包括以下步骤: 2, the method may comprise the steps of:

[0048] 在步骤S201中,对目标文件进行摘要计算,得出针对目标文件的摘要值。 [0048] In step S201, the target file digest calculation, the digest value for the target file.

[0049] 在本公开中,目标文件可以包括待签名文件,其中,待签名文件可以为任意格式的文件,例如,文档文件、多媒体文件、可执行文件等等。 [0049] In the present disclosure, the target file may include a file to be signed, which signature file may be any file format, for example, document files, multimedia files, executable files and the like. 通过摘要计算算法,可以计算出目标文件的摘要值。 By digest calculation algorithm can calculate the digest value of the target file. 文件的摘要值具有唯一性,也就是,不同文件的摘要值是不同的。 The value of the summary file is unique, that is, different file digest value is different.

[0050] 在步骤S202中,向服务器发送摘要值,该摘要值用于服务器对该摘要值进行加密。 [0050] In step S202, the server sends the digest value, the digest value for the server encrypts the digest value. 其中,该服务器例如为图1中所示的服务器120。 Wherein the server, such as the server 1120 illustrated in FIG. 该服务器在接收到摘要值后,可以对该摘要值进行加密,并将加密后的摘要值返回给客户端。 The server receives the digest values ​​digest value may be encrypted, and the encrypted digest value is returned to the client.

[0051] 在步骤S203中,从服务器接收加密后的摘要值。 [0051] In step S203, the encrypted digest value received from the server.

[0052] 在步骤S204中,将加密后的摘要值合并到目标文件中。 [0052] In step S204, the encrypted digest value into the target file. 可以将加密后的摘要值以多种方式合并到目标文件中,以形成签名文件。 Digest value can be encrypted in various ways into the target file, to form a signature file. 由此,就完成了对目标文件的签名过程。 As a result, we completed the signature process of the target file.

[0053] 综上所述,通过客户端对目标文件进行摘要计算,得出针对目标文件的摘要值,向服务器发送摘要值,以由服务器对摘要值进行加密,从服务器接收加密后的摘要值,以及将加密后的摘要值合并到目标文件中,可以解决客户端需要向服务器上传整个目标文件来进行文件签名的问题,达到了降低客户端与服务器之间的消息传输量、提高签名效率的效果。 [0053] In summary, by the client to the target file digest calculation, the digest value for the target file, to encrypt the digest value sent by the server to the digest value, the encrypted digest value received from server , as well as a summary encrypted value into the target file, you can solve clients need to upload the entire file to the target server for file signature issue, reached a volume of messages transmitted between client and server is reduced, improving the efficiency of signature effect.

[0054] 在完成对目标文件的签名过程后,客户端可以将得到的签名文件(由目标文件和加密后的摘要值组成)传送至用户终端(例如,图1所示的用户终端130),以由用户终端对签名文件进行签名识别。 [0054] After completion of the signature process of the target file, client signature file may be obtained (by the digest value of the target composition and encrypted) to the user terminal (e.g., user terminal 130 shown in FIG. 1), in recognition of the signature file for signature by the user terminal.

[0055] 如上所述,目标文件可以包括待签名文件,例如,待签名的文档文件、待签名的多媒体文件、待签名的可执行文件等。 [0055] As described above, the target file may include a file to be signed, for example, document to be signed document to be signed multimedia files, executable files and the like to be signed. 在另一实施方式中,目标文件可以包括待签名文件和与该待签名文件有关的信息。 In another embodiment, the target file can be signed include documents and information relating to the document to be signed. 其中,与待签名文件有关的信息可以例如包括关于待签名文件的运行平台的标识(ID)信息、关于待签名文件的运行芯片的ID信息、关于待签名文件的版本号、关于待签名文件的说明信息等等。 Wherein the information related to the pending signature file may for example include identification on operating platform to be signed file (ID) information, ID information on the operation of the chip to be signed file, about to be signed file version number, about to be signed file Description information, and so on. 客户端可以将这些与待签名文件有关的信息与待签名文件一起作为目标文件,然后计算该目标文件的摘要值。 These clients can be associated with the signature file information and documents to be signed together as the target file, and then calculates the digest value of the target file. 这样,所计算出的摘要值是针对包括了待签名文件和与该待签名文件有关的信息的目标文件的摘要值。 In this way, the calculated digest value are included for documents to be signed and to be associated with the signature file in the destination information of the digest value. 之后,客户端可以从服务器接收加密后的摘要值,并将该加密后的摘要值合并到目标文件中,形成签名文件,完成签名过程。 Thereafter, the client can receive the encrypted digest value from the server, and the summary of the encrypted value into the target file, the file signature is formed, to complete the signing process. 之后,客户端可以将签名文件提供给用户终端。 Then, the client can provide a signature file to the user terminal. 在用户终端正确完成对签名文件的签名识别之后,其可以获取到待签名文件和与待签名文件有关的信息,从而便于用户在使用待签名文件时,还能够查看与待签名文件有关的信息,这样,可以更好地辅助用户使用。 After the user terminal completes the signature identification signature file is correct, it can be acquired to be the signature file, and information related to be a signature file, thereby facilitating the user in use to be signed document, but also be able to view the information to be related to the signature file, In this way, they can better assist users.

[0056] 图3是根据另一示例性实施例示出的一种文件签名方法的流程图,该方法可以应用于客户端中,例如,图1中示出的客户端110。 [0056] FIG. 3 is a flowchart of a method of the signature file according to another exemplary embodiment illustrated embodiment, the method may be applied to a client, for example, shown in FIG. 1 of the client terminal 110. 如图3所示,所述对目标文件进行摘要计算,得出针对目标文件的摘要值(即,步骤S201)可以包括: As shown, the digest is calculated for the target file 3, a digest value obtained for the target file (i.e., step S201) may include:

[0057] 在步骤S301中,利用安全散列算法-256(SHA-256)算法对目标文件进行摘要计算,生成256字节的哈希值。 [0057] In step S301, using a secure hash algorithm -256 (SHA-256) algorithm to calculate the target file digest, generating a hash value of 256 bytes.

[0058] 在步骤S302中,将所生成的256字节的哈希值确定为是针对目标文件的摘要值。 [0058] In step S302, the generated hash value is determined to be 256 bytes for the digest values ​​of the target file.

[0059] 通过这一方式,无论目标文件的文件大小是多少,都可以通过SHA-256算法确定出针对该文件的256字节的哈希值,也就是,摘要值的大小为256字节。 [0059] By the way, regardless of the file size of the target file is the number, you can determine the hash value for the 256 bytes of the file by the SHA-256 algorithm, that is, the size of the digest value is 256 bytes. 通过向服务器传送256字节的摘要值,相比于传送整个目标文件,可以大幅度降低传输量。 By transmitting 256-byte digest value to the server, as compared to the entire target file transfer can greatly reduce the amount of transmission. 例如,目标文件通常是几MB、甚至是数十MB的文件,传送整个目标文件通常需要花费几分钟、甚至是几十分钟的时间。 For example, the target file is usually a few MB, or even dozens of MB file, transfer the entire target file usually takes a few minutes, or even tens of minutes. 然而,仅传送256字节的摘要值,传输时间可以被大幅度降低,整个签名过程花费几秒就可以完成,由此,签名效率被大幅度提高。 However, only 256-byte transfer digest value, the transmission time can be significantly reduced, the entire signature process takes a few seconds to complete, thus, the signature efficiency is greatly improved. 特别是在服务器对多个客户端的目标文件进行签名时,签名效率明显提升。 Especially when the target file server for multiple clients were signing, signature efficiency improved significantly.

[0060] 图4是根据另一示例性实施例示出的一种文件签名方法的流程图,该方法可以应用于客户端中,例如,图1中示出的客户端110。 [0060] FIG. 4 is a flowchart of a method of the signature file according to another exemplary embodiment illustrated embodiment, the method may be applied to a client, for example, shown in FIG. 1 of the client terminal 110. 如图4所示,所述将加密后的摘要值合并到目标文件中(即,步骤S204)可以包括:在步骤S401中,将加密后的摘要值添加到目标文件的尾部。 As shown, the value of the encrypted digest 4 were combined into the target file (i.e., step S204) may include: In step S401, the encrypted digest value is added to the end of the target file. 这样,不仅可以便于客户端将加密后的摘要值与目标文件进行组合以形成签名文件,降低签名过程的复杂性,而且还能够在后续用户终端对签名文件进行签名识别的过程中,便于用户终端对签名文件中的加密后的摘要值部分和目标文件部分进行拆分,从而可以简化用户终端的签名识别操作,降低签名识别过程的复杂性。 Process so that, not only can facilitate the digest value and the target file client encrypted combined to form a signature file, reducing the complexity of the signing process, but also be able to sign recognition of the signature file in a subsequent user terminal, user terminal digest value portion and a rear portion of the target file in the signature file encryption split, which can simplify the operation of the user terminal's signature recognition, signature recognition reduce the complexity of the process.

[0061] 图5是根据另一示例性实施例示出的一种文件签名方法的流程图,该方法可以应用于客户端中,例如,图1中示出的客户端110。 [0061] FIG. 5 is a flowchart of a method of the signature file according to another exemplary embodiment illustrated embodiment, the method may be applied to a client, for example, shown in FIG. 1 of the client terminal 110. 如图5所示,在图2示出的文件签名方法的基础上,该方法还可以包括: 5, on the basis of the file signature methods shown on FIG. 2, the method may further comprise:

[0062] 在步骤S205中,从服务器接收公钥信息,该公钥信息可以用于对加密后的摘要值进行解密。 [0062] In step S205, the received public key information from the server, the public key information may be used to digest decrypting the encrypted value.

[0063] 服务器在对摘要值进行加密时,可以采用非对称加密技术,S卩,服务器可以使用该服务器的私钥对摘要值进行加密,该私钥仅对服务器可知。 [0063] When the server digest value is encrypted using asymmetric cryptography may, S Jie, the server may use the server's private key to encrypt the digest value, the private key is known only to the server. 在这种情况下,可以采用服务器的公钥对摘要值进行解密。 In this case, the server's public key to decrypt the digest value may be employed. 客户端可以从服务器接收公钥信息,该公钥信息可以用于对加密后的摘要值进行解密。 The client may receive information from the public key server, the public key information may be used to digest decrypting the encrypted value. 之后,客户端可以将签名文件与该公钥信息一起发送至用户终端,以由用户终端使用该公钥信息对加密后的摘要值进行解密,从而完成签名识别过程。 Thereafter, the client can send the signature file to the user terminal together with the public key information, to the digest value is encrypted using the public key information decrypted by the user terminal, thereby completing the signature verification process.

[0064] 图6是根据一示例性实施例示出的一种文件签名方法的流程图,该方法可以应用于服务器中,例如,图1中示出的服务器120。 [0064] FIG. 6 is a flowchart of a method of the signature file according to an exemplary embodiment illustrated embodiment, the method may be applied to a server, e.g., server 1 shown in FIG. 120. 如图6所示,该方法可以包括以下步骤: 6, the method may comprise the steps of:

[0065] 在步骤S601中,从客户端(例如,图1所示的客户端110)接收针对目标文件的摘要值。 [0065] In step S601, (e.g., the client terminal 110 shown in FIG. 1) receives the digest value for the target file from the client.

[0066] 在步骤S602中,对摘要值进行加密。 [0066] In step S602, the digest value is encrypted. 在本公开中,可以采用多种加密算法对摘要值进行加密。 In the present disclosure, can digest value is encrypted using a variety of encryption algorithms.

[0067] 在步骤S603中,向客户端发送加密后的摘要值,该加密后的摘要值用于客户端将该加密后的摘要值合并到目标文件中。 [0067] In step S603, transmits the encrypted digest value to the client, after the encrypted digest values ​​digest value for the encrypted client merged into the target file. 这样,可以在客户端处形成完整的签名文件,完成签名过程。 In this way, we can form a complete signature file at the client, complete the signature process.

[0068] 综上所述,通过从客户端接收针对目标文件的摘要值,对摘要值进行加密,以及向客户端发送加密后的摘要值,该加密后的摘要值可以用于客户端将该加密后的摘要值合并到目标文件中,以形成完整的签名文件,可以解决服务器需要从客户端接收整个目标文件来进行文件签名的问题,达到了降低客户端与服务器之间的消息传输量、提高签名效率的效果。 [0068] As described above, by receiving the digest value for the target file from the client, encrypting the digest value, and transmitting the encrypted digest value to the client, the encrypted digest value may be used for the client summary encrypted value into the target file, so as to form a complete signature file, the server requires the client to resolve the entire target file received from the file signature to issue, to the transmission of messages between the reduced amount of client and server, the effect of improving the efficiency of the signature.

[0069] 如上所述,客户端可以利用SHA-256算法对目标文件进行摘要计算。 [0069] As described above, the client may calculate the target file digest using SHA-256 algorithm. 在这种情况下,服务器接收到的摘要值可以为针对目标文件的256字节的哈希值。 In this case, the server receives the digest value may be a hash value of 256 bytes for the target file is. 通过从客户端接收256字节的摘要值,相比于接收整个目标文件,可以大幅度降低客户端与服务器之间的消息传输量及传输时间,进而提升签名效率。 256 bytes received by the client from the digest value, compared to a target to receive the entire file, can significantly reduce the amount of message transmission and the transmission time between the client and the server, thereby improving the efficiency of a signature.

[0070] 图7是根据一示例性实施例示出的一种文件签名方法的流程图,该方法可以应用于服务器中,例如,图1中示出的服务器120。 [0070] FIG. 7 is a flowchart of a method of the signature file according to an exemplary embodiment illustrated embodiment, the method may be applied to a server, e.g., server 1 shown in FIG. 120. 如图7所示,所述对摘要值进行加密(即,步骤S602)可以包括:在步骤S701中,利用服务器的私钥对摘要值进行加密。 As shown in FIG 7, with a key (i.e., step S602) may include a digest value: In step S701, the server's private key to encrypt the digest value. 并且,该方法还可以包括:在步骤S604中,向客户端发送公钥信息,该公钥信息可以用于对加密后的摘要值进行解密。 Further, the method may further comprise: in step S604, transmits information to the client public key, the public key information may be used to digest decrypting the encrypted value.

[0071] 在该实施方式中,服务器可以采用非对称加密技术对摘要值进行加密。 [0071] In this embodiment, the server may encrypt the digest value using an asymmetric encryption technique. 服务器的私钥和公钥形成一密钥对。 Server private and public key form a key pair. 服务器可以利用私钥对摘要值进行加密(例如,通过使用RSA算法进行加密),之后,其可以将加密后的摘要值连同公钥信息一起发送给客户端,以由客户端在完成签名过程后能够将公钥信息与签名文件一起发送至用户终端,从而由用户终端利用公钥信息对加密后的摘要进行解密。 The server may use the private key to encrypt the digest value (e.g., encrypted by using the RSA algorithm), after which it may be encrypted digest value to the client along with the public key information, after completion of the signature process to the client It can be transmitted together with the public key information and signature file to the user terminal, so that the encrypted digest is decrypted using the public key information by a user terminal.

[0072] 图8是根据一示例性实施例示出的客户端与服务器之间的信令交互图。 [0072] FIG 8 is a signaling interaction between the client and the server illustrated in accordance with an exemplary embodiment. 其中,客户端例如为图1所示的客户端110,服务器例如为图1所示的服务器120。 Wherein the client, for example client terminal 110 of FIG. 1, a server such as the server 1120 illustrated in FIG. 图8涉及以上用于客户端和用于服务器的一个或多个方法中的部分或全部步骤,因而,其具体的信令交互过程此处不再详细描述。 Figure 8 relates to the above methods for one or more clients and a server for some or all of the steps, and thus, the specific signaling interaction process not described in detail herein.

[0073] 图9是根据一示例性实施例示出的一种文件签名装置的框图,该装置可以配置于客户端,例如,图1所示的客户端110。 [0073] FIG. 9 is a block diagram of apparatus according to one signature file is shown an exemplary embodiment, the apparatus may be configured in a client, e.g., client terminal 110 shown in FIG. 参照图9,该装置可以包括:摘要计算模块901,被配置为对目标文件进行摘要计算,得出针对目标文件的摘要值;第一发送模块902,被配置为向服务器发送摘要值,该摘要值用于服务器对该摘要值进行加密;第一接收模块903,被配置为从服务器接收加密后的摘要值;以及摘要合并模块904,被配置为将加密后的摘要值合并到目标文件中。 Referring to FIG. 9, the apparatus may include: a digest calculating module 901, configured to calculate the target file digest, a digest value obtained for the target file; a first sending module 902, configured to transmit the digest value to the server, the digest values ​​for the server the encrypted digest value; a first receiving module 903, configured to receive the encrypted digest value from the server; and a summary merge module 904, configured to merge the encrypted digest value to the object file.

[0074] 在一个实施方式中,目标文件例如可以包括待签名文件和与该待签名文件有关的 [0074] In one embodiment, the target file may include, for example, documents to be signed and the signature file to be related

ί目息O ί mesh information O

[0075] 图10是根据另一示例性实施例示出的一种文件签名装置的框图,该装置可以配置于客户端,例如,图1所示的客户端110。 [0075] FIG. 10 is a block diagram document signature device according to one illustrated another exemplary embodiment, the apparatus may be configured in a client, e.g., client terminal 110 shown in FIG. 参照图10,摘要计算模块901可以包括:摘要计算子模块1001,被配置为利用安全散列算法-256算法对目标文件进行摘要计算,生成256字节的哈希值;摘要确定子模块1002,被配置为将所生成的256字节的哈希值确定为是针对目标文件的摘要值。 Referring to Figure 10, module 901 may include a digest calculation: Summary calculating submodule 1001, configured to calculate the target file digest using a secure hash algorithm -256 algorithm to generate a hash value of 256 bytes; Summary determining submodule 1002, 256 bytes is configured to the generated hash value is determined as a summary value for the target file.

[0076] 图11是根据另一示例性实施例示出的一种文件签名装置的框图,该装置可以配置于客户端,例如,图1所示的客户端110。 [0076] FIG. 11 is a block diagram of an apparatus illustrating a signature file according to another exemplary embodiment, the apparatus may be configured in a client, e.g., client terminal 110 shown in FIG. 参照图11,摘要合并模块904可以包括:摘要合并子模块1101,被配置为将加密后的摘要值添加到目标文件的尾部。 Referring to FIG. 11, Abstract merging module 904 may include: Summary merging sub-module 1101 is configured to add the encrypted digest value to the end of the target file.

[0077] 图12是根据另一示例性实施例示出的一种文件签名装置的框图,该装置可以配置于客户端,例如,图1所示的客户端110。 [0077] FIG. 12 is a block diagram of an apparatus illustrating a signature file according to another exemplary embodiment, the apparatus may be configured in a client, e.g., client terminal 110 shown in FIG. 参照图12,该装置还可以包括:第二接收模块905,被配置为从服务器接收公钥信息,该公钥信息用于对加密后的摘要值进行解密。 Referring to FIG. 12, the apparatus may further comprise: a second receiving module 905, configured to receive information from the server public key, the public key information used to digest decrypting the encrypted value.

[0078] 图13是根据一示例性实施例示出的一种文件签名装置的框图,该装置可以配置于服务器,例如,图1所示的服务器120。 [0078] FIG. 13 is a block diagram of one kind of a document is shown an exemplary embodiment of the signature device, the device may be configured on a server, e.g., server 1120 shown in FIG. 参照图13,该装置可以包括:第三接收模块1301,被配置为从客户端接收针对目标文件的摘要值;加密模块1302,被配置为对摘要值进行加密;以及第二发送模块1303,被配置为向客户端发送加密后的摘要值,该加密后的摘要值用于客户端将该加密后的摘要值合并到目标文件中。 Referring to FIG. 13, the apparatus may comprise: a third receiving module 1301, configured to receive a digest value for the target file from the client; encryption module 1302, configured to encrypt the digest value; and a second transmitting module 1303, is configured to transmit the encrypted digest value to the client, after the encrypted digest values ​​digest value for the encrypted client merged into the target file.

[0079] 在一个实施方式中,该摘要值可以是针对目标文件的256字节的哈希值。 [0079] In one embodiment, the digest value may be 256 bytes for the target file hash.

[0080] 图14是根据另一示例性实施例示出的一种文件签名装置的框图,该装置可以配置于服务器,例如,图1所示的服务器120。 [0080] FIG. 14 is a block diagram of an apparatus illustrating a signature file according to another exemplary embodiment, the device may be configured on a server, e.g., server 1120 shown in FIG. 参照图14,加密模块1302可以包括:加密子模块1401,被配置为利用服务器的私钥对摘要值进行加密;以及该装置还可以包括:第三发送模块1304,被配置为向客户端发送公钥信息,该公钥信息用于对加密后的摘要值进行解 Referring to Figure 14, encryption module 1302 may include: an encryption sub-module 1401 is configured to use the server's private key to encrypt the digest value; and the apparatus may further comprise: a third sending module 1304, configured to transmit to the client well key information, the public key information used for encrypting the digest value de

LU O LU O

[0081 ] 关于上述实施例中的装置,其中各个模块执行操作的具体方式已经在有关该方法的实施例中进行了详细描述,此处将不做详细阐述说明。 [0081] For the above-described embodiment apparatus, wherein each module performs a specific operation of the embodiment has been described in detail in an embodiment relating to the method, and will not be here described in detail.

[0082] 图15是根据一示例性实施例示出的一种文件签名装置1500的框图。 [0082] FIG. 15 is a block diagram of a document 1500 according to one illustrated an exemplary embodiment of the signature apparatus. 例如,装置1500可以是移动电话,计算机,数字广播终端,消息收发设备,游戏控制台,平板设备,医疗设备,健身设备,个人数字助理等。 For example, device 1500 may be a mobile phone, a computer, a digital broadcast terminal, a messaging device, a game console, a tablet device, medical equipment, fitness equipment, personal digital assistant.

[0083] 参照图15,装置1500可以包括以下一个或多个组件:处理组件1502,存储器1504,电力组件1506,多媒体组件1508,音频组件1510,输入/输出(I/O)的接口1512,传感器组件1514,以及通信组件1516。 [0083] Referring to Figure 15, apparatus 1500 may comprise one or more of the following components: a processing component 1502, a memory 1504, a power assembly 1506, display component 1508, Audio component 1510, an input / output (I / O) interface 1512, the sensor components 1514, 1516 and a communication component.

[0084] 处理组件1502通常控制装置1500的整体操作,诸如与显示,电话呼叫,数据通信,相机操作和记录操作相关联的操作。 [0084] The processing component 1502 generally controls the overall operation of the device 1500, such as a display, a telephone call, data communication, camera operations and recording operations associated with the operation. 处理组件1502可以包括一个或多个处理器1520来执行指令,以完成上述用于客户端一侧的文件签名方法的全部或部分步骤。 Processing component 1502 may include one or more processor 1520 to execute instructions, to perform all or part of steps of the method of the signature file for the client side. 此外,处理组件1502可以包括一个或多个模块,便于处理组件1502和其他组件之间的交互。 Moreover, processing component 1502 may include one or more modules, facilitates the interaction between a component 1502, and other components. 例如,处理组件1502可以包括多媒体模块,以方便多媒体组件1508和处理组件1502之间的交互。 For example, processing component 1502 may include a multimedia module, multimedia components to facilitate interaction between a processing component 1508 and 1502.

[0085] 存储器1504被配置为存储各种类型的数据以支持在装置1500的操作。 [0085] The memory 1504 is configured to store various types of data to support the operation of the apparatus 1500. 这些数据的示例包括用于在装置1500上操作的任何应用程序或方法的指令,联系人数据,电话簿数据,消息,图片,视频等。 These examples of the data include instructions or any application method on a device 1500 for operation, contact data, phonebook data, messages, pictures, videos and the like. 存储器1504可以由任何类型的易失性或非易失性存储设备或者它们的组合实现,如静态随机存取存储器(SRAM),电可擦除可编程只读存储器(EEPROM),可擦除可编程只读存储器(EPROM),可编程只读存储器(PROM),只读存储器(R0M),磁存储器,快闪存储器,磁盘或光盘。 The memory 1504 may be implemented by any type of volatile or non-volatile storage devices, or combinations thereof, such as static random access memory (SRAM), electrically erasable programmable read only memory (EEPROM), erasable programmable Read Only memory (EPROM), programmable read-only memory (PROM), read-only memory (R0M), magnetic memory, flash memory, magnetic or optical disk.

[0086] 电力组件1506为装置1500的各种组件提供电力。 [0086] Power means various components of assembly 1500 to 1506 to provide power. 电力组件1506可以包括电源管理系统,一个或多个电源,及其他与为装置1500生成、管理和分配电力相关联的组件。 The power assembly 1506 may include a power management system, one or more power sources, and other means of generating and 1500, management and distribution of components associated with the power.

[0087] 多媒体组件1508包括在所述装置1500和用户之间的提供一个输出接口的屏幕。 [0087] Display assembly 1508 includes a device 1500 is provided between the screen and a user interface output. 在一些实施例中,屏幕可以包括液晶显示器(LCD)和触摸面板(TP)。 In some embodiments, the screen may include a liquid crystal display (LCD) and a touch panel (TP). 如果屏幕包括触摸面板,屏幕可以被实现为触摸屏,以接收来自用户的输入信号。 If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. 触摸面板包括一个或多个触摸传感器以感测触摸、滑动和触摸面板上的手势。 The touch panel includes one or more touch sensors to sense touch, a gesture on the touch panel and sliding. 所述触摸传感器可以不仅感测触摸或滑动动作的边界,而且还检测与所述触摸或滑动操作相关的持续时间和压力。 The touch sensor may sense not only a touch or sliding motion of the boundary, but also detecting the touch or sliding correlation operation duration and pressure. 在一些实施例中,多媒体组件1508包括一个前置摄像头和/或后置摄像头。 In some embodiments, a display assembly 1508 includes a front camera and / or the rear camera. 当装置1500处于操作模式,如拍摄模式或视频模式时,前置摄像头和/或后置摄像头可以接收外部的多媒体数据。 When the apparatus 1500 is in operation mode, such as a shooting mode or video mode, front camera and / or the rear camera may receive an external multimedia data. 每个前置摄像头和后置摄像头可以是一个固定的光学透镜系统或具有焦距和光学变焦能力。 Each of the front camera and the rear camera may be a fixed optical system or a lens having a focal length and optical zoom capability.

[0088] 音频组件1510被配置为输出和/或输入音频信号。 [0088] Audio component 1510 is configured to output and / or input audio signal. 例如,音频组件1510包括一个麦克风(MIC),当装置1500处于操作模式,如呼叫模式、记录模式和语音识别模式时,麦克风被配置为接收外部音频信号。 For example, an audio assembly 1510 includes a microphone (the MIC), when the apparatus 1500 is in operation mode, such as a call mode, recording mode and voice recognition mode, the microphone configured to receive an external audio signal. 所接收的音频信号可以被进一步存储在存储器1504或经由通信组件1515发送。 The received audio signal may be transmitted further or stored in the memory 1504 via the communications component 1515. 在一些实施例中,音频组件1510还包括一个扬声器,用于输出音频信号。 In some embodiments, an audio assembly 1510 further includes a speaker for outputting an audio signal.

[0089] I/0接口1512为处理组件1502和外围接口模块之间提供接口,上述外围接口模块可以是键盘,点击轮,按钮等。 [0089] I / 0 interfaces 1512 provide an interface between the processing module assembly 1502 and a peripheral interface, said peripheral interface module may be a keyboard, a click wheel, buttons and the like. 这些按钮可包括但不限于:主页按钮、音量按钮、启动按钮和锁定按钮。 These buttons may include, but are not limited to: home button, volume button, start button and the lock button.

[0090] 传感器组件1514包括一个或多个传感器,用于为装置1500提供各个方面的状态评估。 [0090] The sensor assembly 1514 includes one or more sensors, for providing the state evaluation of various aspects of the apparatus 1500. 例如,传感器组件1514可以检测到装置1500的打开/关闭状态,组件的相对定位,例如所述组件为装置1500的显示器和小键盘,传感器组件1514还可以检测装置1500或装置1500 —个组件的位置改变,用户与装置1500接触的存在或不存在,装置1500方位或加速/减速和装置1500的温度变化。 For example, the sensor assembly 1514 to the apparatus 1500 may detect an open / closed state, the relative positioning of the components, for example, the assembly is a device display and keypad 1500, the sensor assembly 1514 can further detecting means 1500 or 1500 - the position of the components the presence of the contact changes, or the user of the device 1500 does not exist, a temperature change 1500 orientation or acceleration / deceleration device 1500 and the device. 传感器组件1514可以包括接近传感器,被配置用来在没有任何的物理接触时检测附近物体的存在。 The sensor assembly 1514 may include a proximity sensor, is arranged to present in the absence of any physical contact near object detection. 传感器组件1514还可以包括光传感器,如CMOS或CXD图像传感器,用于在成像应用中使用。 The sensor assembly 1514 may further include a light sensor, such as a CMOS image sensor or CXD, for use in imaging applications. 在一些实施例中,该传感器组件1514还可以包括加速度传感器,陀螺仪传感器,磁传感器,压力传感器或温度传感器。 In some embodiments, the sensor assembly 1514 may further include an acceleration sensor, a gyro sensor, a magnetic sensor, a pressure sensor or a temperature sensor.

[0091] 通信组件1516被配置为便于装置1500和其他设备之间有线或无线方式的通信。 [0091] The communications module 1516 is configured to communicate between the device 1500 and other devices to facilitate wired or wireless. 装置1500可以接入基于通信标准的无线网络,如WiFi,2G或3G,或它们的组合。 Apparatus 1500 may access the wireless network-based communications standards, such as WiFi, 2G or 3G, or combinations thereof. 在一个示例性实施例中,通信组件1516经由广播信道接收来自外部广播管理系统的广播信号或广播相关信息。 In one exemplary embodiment, the communications module 1516 receives a broadcast signal or broadcast associated information from an external broadcast management system via a broadcast channel. 在一个示例性实施例中,所述通信组件1516还包括近场通信(NFC)模块,以促进短程通信。 In one exemplary embodiment, the communication component 1516 further includes a near field communication (NFC) module to facilitate short-range communications. 例如,在NFC模块可基于射频识别(RFID)技术,红外数据协会(IrDA)技术,超宽带(UWB)技术,蓝牙(BT)技术和其他技术来实现。 For example, the NFC module can be based on radio frequency identification (RFID) technology, infrared data association (IrDA), ultra wideband (UWB) technology, Bluetooth (BT) technology and other technologies.

[0092] 在示例性实施例中,装置1500可以被一个或多个应用专用集成电路(ASIC)、数字信号处理器(DSP)、数字信号处理设备(DSro)、可编程逻辑器件(PLD)、现场可编程门阵列(FPGA)、控制器、微控制器、微处理器或其他电子元件实现,用于执行上述用于客户端一侧的文件签名方法。 [0092] In an exemplary embodiment, the apparatus 1500 may be substituted with one or more application specific integrated circuits (ASIC), a digital signal processor (DSP), digital signal processing devices (DSro), programmable logic devices (PLD), a field programmable gate array (the FPGA), a controller, a microcontroller, a microprocessor, or other electronic components implemented method for performing the above document signature for the client side.

[0093] 在示例性实施例中,还提供了一种包括指令的非临时性计算机可读存储介质,例如包括指令的存储器1504,上述指令可由装置1500的处理器1520执行以完成上述用于客户端一侧的文件签名方法。 [0093] In an exemplary embodiment, further comprising instructions provided a non-transitory computer-readable storage medium such as a memory including instructions 1504, the command executed by the processor 1520 means 1500 to the client for completion of the the method signature file end side. 例如,所述非临时性计算机可读存储介质可以是R0M、随机存取存储器(RAM)、CD-ROM、磁带、软盘和光数据存储设备等。 For example, the non-transitory computer-readable storage medium may be a R0M, a random access memory (RAM), CD-ROM, magnetic tapes, floppy disks, and optical data storage devices.

[0094] 图16是根据一示例性实施例示出的一种用于文件签名装置1600的框图。 [0094] FIG. 16 is an exemplary embodiment illustrates a block diagram of a file signature 1600 for the device. 例如,装置1600可以被提供为一服务器。 For example, apparatus 1600 may be provided as a server. 参照图16,装置1600包括处理组件1622,其进一步包括一个或多个处理器,以及由存储器1632所代表的存储器资源,用于存储可由处理组件1622的执行的指令,例如应用程序。 16, apparatus 1600 includes a processing component 1622, which further includes one or more processors, memory resources, and 1632 represented by a memory for storing instructions for execution by a processing component 1622, such as an application. 存储器1632中存储的应用程序可以包括一个或一个以上的每一个对应于一组指令的模块。 Stored in application memory 1632 may include one or more modules each corresponding to a set of instructions. 此外,处理组件1622被配置为执行指令,以执行上述用于服务器一侧的文件签名方法 Moreover, processing component 1622 is configured to execute instructions, to perform the above process for a file signature server side

[0095] 装置1600还可以包括一个电源组件1626被配置为执行装置1600的电源管理,一个有线或无线网络接口1650被配置为将装置1600连接到网络,和一个输入输出(I/O)接口1658。 [0095] The apparatus 1600 may further include a power supply assembly 1626 is configured to power management execution unit 1600, a wired or wireless network interface 1650 is configured to connect the apparatus 1600 to a network, and an input-output (I / O) interfaces 1658 . 装置1600可以操作基于存储在存储器1632的操作系统,例如Windows ServerTM,Mac OS XTM,UnixTM,LinuxTM,FreeBSDTM 或类似。 Apparatus 1600 may operate based on an operating system stored in the memory 1632, for example, Windows ServerTM, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM or the like.

[0096] 本领域技术人员在考虑说明书及实践本公开后,将容易想到本公开的其它实施方案。 [0096] Those skilled in the art upon consideration of the specification and practice of the present disclosure, will readily appreciate other embodiments of the present disclosure. 本申请旨在涵盖本公开的任何变型、用途或者适应性变化,这些变型、用途或者适应性变化遵循本公开的一般性原理并包括本公开未公开的本技术领域中的公知常识或惯用技术手段。 This application is intended to cover any variations, uses, or adaptations of the present disclosure, these variations, uses, or adaptations following the general principles of the present disclosure and include the common general knowledge in the art of the present disclosure is not disclosed in the conventional techniques or . 说明书和实施例仅被视为示例性的,本公开的真正范围和精神由下面的权利要求指出。 The specification and examples be considered as exemplary only, the true scope and spirit of the present disclosure being indicated by the following claims.

[0097] 应当理解的是,本公开并不局限于上面已经描述并在附图中示出的精确结构,并且可以在不脱离其范围进行各种修改和改变。 [0097] It should be understood that the present disclosure is not limited to the above has been described and illustrated in the drawings precise structure, and may be departing from its scope various modifications and changes do not. 本公开的范围仅由所附的权利要求来限制。 The scope of the present disclosure is limited only by the appended claims.

Claims (18)

  1. 1.一种文件签名方法,其特征在于,所述方法应用于客户端,并且所述方法包括: 对目标文件进行摘要计算,得出针对所述目标文件的摘要值; 向服务器发送所述摘要值,所述摘要值用于所述服务器对所述摘要值进行加密; 从所述服务器接收加密后的摘要值;以及将所述加密后的摘要值合并到所述目标文件中。 A file signature method, characterized in that the method is applied to the client, and the method comprising: a target file digest calculation, the digest value for the target file; sending the summary to the server value, the digest value for the server encrypts the digest value; encrypted digest value received from the server; and the combined value of the encrypted digest to the destination file.
  2. 2.根据权利要求1所述的方法,其特征在于,所述目标文件包括待签名文件和与所述待签名文件有关的信息。 2. The method according to claim 1, wherein the object file comprises a file to be signed and information relating to the file to be signed.
  3. 3.根据权利要求1所述的方法,其特征在于,所述对目标文件进行摘要计算,得出针对所述目标文件的摘要值,包括: 利用安全散列算法-256算法对所述目标文件进行摘要计算,生成256字节的哈希值;以及将所述256字节的哈希值确定为是针对所述目标文件的摘要值。 3. The method according to claim 1, wherein the digest is calculated for the target file, a digest value obtained for the target file, comprising: using a secure hash algorithm on the target document algorithm -256 computing the digest, a hash value of 256 bytes is generated; and the hash value of 256 bytes is determined to be digest value for the target file.
  4. 4.根据权利要求1所述的方法,其特征在于,所述将所述加密后的摘要值合并到所述目标文件中,包括: 将所述加密后的摘要值添加到所述目标文件的尾部。 4. The method according to claim 1, characterized in that the said value of the encrypted digest incorporated into the target document, comprising: the encrypted digest value to the target file tail.
  5. 5.根据权利要求1-4中任一权利要求所述的方法,其特征在于,所述方法还包括: 从所述服务器接收公钥信息,所述公钥信息用于对所述加密后的摘要值进行解密。 5. The method according to any one of claims 1-4, wherein said method further comprises: receiving information from the public key server, the public key information for the encrypted after summary value decrypted.
  6. 6.一种文件签名方法,其特征在于,所述方法应用于服务器,并且所述方法包括: 从客户端接收针对目标文件的摘要值; 对所述摘要值进行加密;以及向所述客户端发送加密后的摘要值,所述加密后的摘要值用于所述客户端将所述加密后的摘要值合并到所述目标文件中。 A file signature method, wherein said method is applied to a server, and the method comprising: receiving a digest value of the target file from the client; encrypting the digest value; and to the client transmitting the encrypted digest value, the encrypted digest value to the client after the encrypted digest value incorporated into the target document.
  7. 7.根据权利要求6所述的方法,其特征在于,所述摘要值是针对所述目标文件的256字节的哈希值。 7. The method according to claim 6, wherein the digest value is a hash value of 256 bytes for the target file.
  8. 8.根据权利要求6或7所述的方法,其特征在于,所述对所述摘要值进行加密,包括: 利用所述服务器的私钥对所述摘要值进行加密;以及所述方法还包括: 向所述客户端发送公钥信息,所述公钥信息用于对所述加密后的摘要值进行解密。 The method according to claim 6 or claim 7, wherein said encrypting the digest value, comprising: using a private key of the server, encrypting the digest value; and said method further comprises : transmitting information to the client public key, the public key information for decrypting the encrypted digest value.
  9. 9.一种文件签名装置,其特征在于,所述装置配置于客户端,并且所述装置包括: 摘要计算模块,被配置为对目标文件进行摘要计算,得出针对所述目标文件的摘要值; 第一发送模块,被配置为向服务器发送所述摘要值,所述摘要值用于所述服务器对所述摘要值进行加密; 第一接收模块,被配置为从所述服务器接收加密后的摘要值;以及摘要合并模块,被配置为将所述加密后的摘要值合并到所述目标文件中。 A document signature device, characterized in that said means disposed at a client, and the apparatus comprising: a digest calculation module configured to calculate the target file digest, the digest value obtained for the target file ; a first transmitting module configured to transmit the digest value, the digest value for the server encrypts the digest value to a server; a first receiving module, configured to, after receiving from the server the encrypted digest value; summary and merge module, configured to digest the encrypted value integrated into the target file.
  10. 10.根据权利要求9所述的装置,其特征在于,所述目标文件包括待签名文件和与所述待签名文件有关的信息。 10. The apparatus according to claim 9, wherein the object file comprises a file to be signed and information relating to the file to be signed.
  11. 11.根据权利要求9所述的装置,其特征在于,所述摘要计算模块包括: 摘要计算子模块,被配置为利用安全散列算法-256算法对所述目标文件进行摘要计算,生成256字节的哈希值; 摘要确定子模块,被配置为将所述256字节的哈希值确定为是针对所述目标文件的摘要值。 11. The apparatus according to claim 9, wherein said module comprises digest calculation: Summary calculation sub-module, configured to calculate the target file digest using a secure hash algorithm algorithm -256, 256 generate word a hash value section; summary determination sub-module, configured to determine a hash value of 256 bytes is a summary value for the target file.
  12. 12.根据权利要求9所述的装置,其特征在于,所述摘要合并模块包括: 摘要合并子模块,被配置为将所述加密后的摘要值添加到所述目标文件的尾部。 12. The apparatus according to claim 9, wherein the merging module includes a summary: Summary merging sub-module, configured to add the encrypted digest value to the end of the target file.
  13. 13.根据权利要求9-12中任一权利要求所述的装置,其特征在于,所述装置还包括: 第二接收模块,被配置为从所述服务器接收公钥信息,所述公钥信息用于对所述加密后的摘要值进行解密。 13. The apparatus of any one of claims 9-12 according to claim, characterized in that said apparatus further comprises: a second receiving module, configured to receive information from the server public key, the public key information for decrypting the encrypted digest value.
  14. 14.一种文件签名装置,其特征在于,所述装置配置于服务器,并且所述装置包括: 第三接收模块,被配置为从客户端接收针对目标文件的摘要值; 加密模块,被配置为对所述摘要值进行加密;以及第二发送模块,被配置为向所述客户端发送加密后的摘要值,所述加密后的摘要值用于所述客户端将所述加密后的摘要值合并到所述目标文件中。 14. A document signature device, characterized in that said means arranged in the server, and the apparatus comprising: a third receiving module, configured to receive a digest value for the target file from the client; encryption module configured to encrypting the digest value; and a second transmission module configured to transmit the encrypted digest value to the client, the encrypted digest value for the digest values ​​of the encrypted client incorporated into the target document.
  15. 15.根据权利要求14所述的装置,其特征在于,所述摘要值是针对所述目标文件的256字节的哈希值。 15. The apparatus according to claim 14, wherein the digest value is a hash value of 256 bytes for the target file.
  16. 16.根据权利要求14或15所述的装置,其特征在于,所述加密模块包括: 加密子模块,被配置为利用所述服务器的私钥对所述摘要值进行加密;以及所述装置还包括: 第三发送模块,被配置为发送公钥信息,所述公钥信息用于对所述加密后的摘要值进行解密。 16. The apparatus of claim 14 or claim 15, wherein the encryption module comprises: an encryption sub-module, configured to use a private key of the server encrypting the digest value; and said apparatus further comprising: a third sending module, configured to transmit the public key information, the public key information for decrypting the encrypted digest value.
  17. 17.一种文件签名装置,其特征在于,所述装置包括: 处理器; 用于存储处理器可执行指令的存储器; 其中,所述处理器被配置为: 对目标文件进行摘要计算,得出针对所述目标文件的摘要值; 向服务器发送所述摘要值,所述摘要值用于所述服务器对所述摘要值进行加密; 从所述服务器接收加密后的摘要值;以及将所述加密后的摘要值合并到所述目标文件中。 17. A document signature device, characterized in that said apparatus comprising: a processor; processor-executable instructions for storing a memory; wherein the processor is configured to: calculate the target file digest, obtained the server sends the digest value, the digest value for the server encrypts the digest value;; for the target file digest value received encrypted digest value from the server; the encryption and the digest value incorporated into the target file.
  18. 18.一种文件签名装置,其特征在于,所述装置包括: 处理器; 用于存储处理器可执行指令的存储器; 其中,所述处理器被配置为: 从客户端接收针对目标文件的摘要值; 对所述摘要值进行加密;以及向所述客户端发送加密后的摘要值,所述加密后的摘要值用于所述客户端将所述加密后的摘要值合并到所述目标文件中。 18. A document signature device, characterized in that said apparatus comprising: a processor; processor-executable instructions for storing a memory; wherein the processor is configured to: receive a summary for the target file from the client value; encrypting the digest value; and sends the encrypted digest value to the client, a summary value for the encrypted digest value to the client after encrypting the merged into the target document in.
CN 201510446709 2015-07-27 2015-07-27 File signature method and device CN105049213A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 201510446709 CN105049213A (en) 2015-07-27 2015-07-27 File signature method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 201510446709 CN105049213A (en) 2015-07-27 2015-07-27 File signature method and device

Publications (1)

Publication Number Publication Date
CN105049213A true true CN105049213A (en) 2015-11-11

Family

ID=54455436

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 201510446709 CN105049213A (en) 2015-07-27 2015-07-27 File signature method and device

Country Status (1)

Country Link
CN (1) CN105049213A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105553651A (en) * 2015-12-03 2016-05-04 小米科技有限责任公司 Method and device for signature of disk mirror image files in Android system, and equipment
CN105868647A (en) * 2016-03-28 2016-08-17 乐视控股(北京)有限公司 File signing system and method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020026583A1 (en) * 2000-08-25 2002-02-28 Harrison Keith Alexander Document transmission techniques IV
CN1445693A (en) * 2002-03-19 2003-10-01 微软公司 Safety digital data form and code forced implement policy
US20040107348A1 (en) * 2002-11-15 2004-06-03 Canon Kabushiki Kaisha Information processing apparatus, method therefor, computer program, and computer-readable storage medium
CN1783781A (en) * 2004-11-29 2006-06-07 株式会社日立制作所 Digital-signed digital document exchange supporting method and information processor
CN101364869A (en) * 2007-08-09 2009-02-11 鸿富锦精密工业(深圳)有限公司;鸿海精密工业股份有限公司 Electronic document digital checking system and method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020026583A1 (en) * 2000-08-25 2002-02-28 Harrison Keith Alexander Document transmission techniques IV
CN1445693A (en) * 2002-03-19 2003-10-01 微软公司 Safety digital data form and code forced implement policy
US20040107348A1 (en) * 2002-11-15 2004-06-03 Canon Kabushiki Kaisha Information processing apparatus, method therefor, computer program, and computer-readable storage medium
CN1783781A (en) * 2004-11-29 2006-06-07 株式会社日立制作所 Digital-signed digital document exchange supporting method and information processor
CN101364869A (en) * 2007-08-09 2009-02-11 鸿富锦精密工业(深圳)有限公司;鸿海精密工业股份有限公司 Electronic document digital checking system and method

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105553651A (en) * 2015-12-03 2016-05-04 小米科技有限责任公司 Method and device for signature of disk mirror image files in Android system, and equipment
CN105868647A (en) * 2016-03-28 2016-08-17 乐视控股(北京)有限公司 File signing system and method
WO2017166527A1 (en) * 2016-03-28 2017-10-05 乐视控股(北京)有限公司 File signature system and method

Similar Documents

Publication Publication Date Title
US20110072263A1 (en) Device Pairing Based on Graphically Encoded Data
US20150312260A1 (en) Methods of providing social network service and server performing the same
CN104503688A (en) Intelligent hardware device control achieving method and device
CN103914634A (en) Image encryption method, image encryption device and electronic device
CN104573550A (en) Method and device for protecting data
US20150205993A1 (en) Method for providing control function using fingerprint sensor and electronic device thereof
CN104580401A (en) Connecting method and device
CN104104514A (en) Method and device for identifying by using verification code
US20140146204A1 (en) Method and apparatus for tagging media with identity of creator or scene
US20160050067A1 (en) System and method for shared key agreement over untrusted communication channels
CN104219058A (en) Identity authentication and authorization method and device
US20140331043A1 (en) Electro device for protecting user's privacy and method for controlling thereof
CN103916233A (en) Information encryption method and device
US20160036811A1 (en) Device and method of setting or removing security on content
US9537872B2 (en) Secure neighbor discovery (SEND) using pre-shared key
CN104318177A (en) Protection method and protection device for data of terminal equipment
CN104079962A (en) Method and device for pushing recommendation information
US20090268056A1 (en) Digital camera with portrait image protecting function and portrait image protecting method thereof
CN104993981A (en) Method and apparatus for controlling access of device
CN104703295A (en) Network access method and network access device
CN105071473A (en) USB charging method and device
CN104602112A (en) Configuration method and device
US20160156467A1 (en) Electronic device and method of transmitting and receiving information by electronic device
CN104468329A (en) Member adding method and device based on instant messaging
US20160092668A1 (en) Methods and devices for authorizing operation

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination