CN106952093A - A kind of blank electronic authority generation, open verification method, apparatus and system - Google Patents
A kind of blank electronic authority generation, open verification method, apparatus and system Download PDFInfo
- Publication number
- CN106952093A CN106952093A CN201710060108.3A CN201710060108A CN106952093A CN 106952093 A CN106952093 A CN 106952093A CN 201710060108 A CN201710060108 A CN 201710060108A CN 106952093 A CN106952093 A CN 106952093A
- Authority
- CN
- China
- Prior art keywords
- authority
- electronics authority
- electronics
- issuing
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of generation of blank electronic authority, open verification method, apparatus and system, blank electronic authority generation method includes:The first electronics authority information is generated according at least to the electronics authority ticket information in default electronics authority ticket information, the electronics authority side of issuing public key, the electronics authority side of issuing title three;The first electronics authority information is signed using the first signature algorithm, and with electronics authority issuing organization private key, issuing organization signature is obtained;According to the first electronics authority information, electronics authority issuing organization public key, issuing organization signature generation blank electronic authority.The embodiment of the present invention enhances the antifalsification of electronics authority, there is crosstalk-preventing, anti-do not conform to rule and use, it is to avoid what prior art was present pretend to be authority issuing organization issue electronics authority, the different electronics authority sides of issuing mutually string electronics authority, do not conform to rule and use the drawbacks such as electronics authority;The difficulty of electronics authority checking is reduced, the characteristics of with easy checking.
Description
Technical field
The present invention relates to areas of information technology, espespecially a kind of blank electronic authority generates, discloses verification method, device and be
System.
Background technology
With internet electronic business, financial auditing, IT application in enterprises development, pass through in business datum flows through journey
With no paper electronics authority is paid, settled accounts and adjusted etc. turns into a kind of trend, and electronics authority gradually substitutes traditional paper
Matter authority, using more and more extensive.Electronics authority is based on computer and modern communications technology, and storage in the form of data is believed
Cease among computer system, and realize that tradition has the function of paper authority by network delivery form.
At present, the authority of circulation has a many kinds, such as (national taxation bureau issues invoice or each bureau of local taxation issues
Common invoice, VAT invoice, quota invoice), the various authoritys of enterprises and institutions' treasury trade, train ticket, plane ticket, electronics
Bill, contract etc..The false proof and checking of various authoritys is the important step in using and circulating.
Existing tax administration system can not prevent paper invoice the playing tricks of links, falsely use, distort, go here and there with etc. peace
Full hidden danger.Such as true from false of bills examination is difficult, and this has just given some criminal's opportunities.Some illegal electronics authoritys
The side of issuing reaches the purpose of tax evasion in normal process of exchange by using means such as false invoice, negative and positive invoices, to state
Family's tax causes great loss.Also there is mutual string invoice between different enterprises simultaneously, issue not in oneself business scope
Interior invoice, the invoice for using more than the term of validity etc. do not conform to phenomenon of the rule using invoice.On the other hand, in invoice ping procedure,
Need it is manually operated, when invoice data is more, not only troublesome poeration, also error-prone.
It can be seen that, due to the above mentioned problem that papery authority exists in use, using and promoting for electronics authority just turn into anxious
The problem of need to solving.How to improve the antifalsification of electronics authority, crosstalk-preventing, prevent from not conforming to rule use, easily checking, really realize industry
Business circulation process be in the urgent need to address during Current electronic authority use with no paper at all the problem of.
Anti-counterfeiting technology for electronics authority is currently suggested certain methods, and electronic invoice is carried out by electronic signature method
It is false proof.Electronic Signature is that the electronics authority side of issuing signs to electronics authority content, by verifying the electronics authority side of issuing label
Name verifies electronics authority content authenticity.Current electronic invoice does not have electronics authority issuing organization signature, it is impossible to verify electronics
The true or false of invoice.In addition, in order to improve the antifalsification of electronic invoice, recorded in invoice invoice codes, invoice number,
The electronics authority side of issuing title, the electronics authority side of issuing Tax Registration Certificate number, purchaser's title, transaction details (transaction content,
Unit price, quantity, the amount of money), date of making out an invoice etc. carry out false proof, checked during checking by logging in tax authority's server.To enter
One step improves electronic invoice antifalsification, and increase blank ticket number, exchange hour etc. are proposed on the basis of above-mentioned electronic invoice
Mode carries out false proof, and logs in when the electronics authority side of issuing makes out an invoice tax office server, input blank ticket number, purchaser's title
With purchaser's unique code, transaction details (transaction content, unit price, quantity, the amount of money), by tax office server read automatically electronics with
A unique electronic invoice number is generated according to the side's of issuing identity and server precise time, and for the transaction.Lead to during checking
The server for logging in the tax authority is crossed, passes through the electronics authority side of issuing unique code+purchaser's unique code+time+amount of money
Method verifies invoice authenticity.Above-mentioned verification method can only carry out online verification, and can only for the electronics authority side of issuing
It is identified by unique code, so there is the illegal electronics authority side of issuing and usurp the suspicion that others' code is made out an invoice.Remove
Identity outside this not to the tax authority verifies exist and pretend to be the tax authority to issue the phenomenons such as invoice, exists certain
Leak.
The content of the invention
The technical problems to be solved by the invention are to provide a kind of blank electronic authority generation, open verification method, device
And system, the antifalsification of electronics authority can be strengthened.
To achieve these goals, the embodiments of the invention provide a kind of blank electronic authority generation method, including:
Blank electronic authority identification information generation step:According at least to default electronics authority ticket information, electronics authority
Electronics authority ticket information in the side's of issuing public key, the electronics authority side of issuing title three generates the first electronics authority information;Adopt
The first signature algorithm is used, and the first electronics authority information is signed with electronics authority issuing organization private key, obtains issuing machine
Structure is signed;
Blank electronic authority generation step:According to the first electronics authority information, electronics authority issuing organization public key, issue machine
Structure signature generation blank electronic authority.
Optionally, the electronics authority ticket information includes one or more kinds of any groups in following information
Close:
Electronics authority code, electronics authority number, electronics authority type, electronics authority issuing organization title, electronics authority
Amount, the electronics authority term of validity, type of service.
Optionally, the blank electronic authority generation step, also includes:When the first electronics authority information does not include electricity
The sub- authority side of issuing public key, the electronics authority side of issuing public key is added to the blank electronic authority of generation.
Optionally, the blank electronic authority identification information generation step, also includes:
Issued according to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, electronics authority
One or more kinds of any combination in square title, electronics authority ticket information, are generated empty using the second encryption algorithm
The sub- authority identification code of white appliances;
The blank electronic authority generation step, also includes:The blank electronic authority identification code is added to generation
Blank electronic authority.
Optionally, methods described also includes:
Show step:The blank electronic authority of generation is shown, or printing generation blank authority nominal value.
The embodiment of the present invention additionally provides a kind of blank electronic authority and discloses verification method, including:
Blank electronic authority information extracting step:The key message of blank electronic authority is extracted from electronics authority, it is described
Key message includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Electronics authority true or false verification step:Verify whether the electronics authority issuing organization public key extracted is effective;Call with
The corresponding first signature verification algorithm of first signature algorithm, is signed using electronics authority issuing organization public key verifications issuing organization;
When being verified, judge electronics authority for legal authority.
Optionally, the blank electronic authority information extracting step, also includes:When the first electronics authority information does not include electricity
The sub- authority side of issuing public key, extracts the electronics authority side of issuing public key;
The electronics authority true or false verification step, also includes:Verify the electronics authority side of issuing public key.
Optionally, the checking electronics authority side of issuing public key, including:Whether the checking electronics authority side of issuing public key has
Effect.
Optionally, the electronics authority true or false verification step uses electronics authority issuing organization public key verifications issuing organization
Signature, including:When the first electronics authority information includes the electronics authority side of issuing public key, by verifying issuing organization signature progress
The electronics authority side of issuing public key verifications.
The embodiment of the present invention additionally provides a kind of blank electronic authority generating means, including:
Blank electronic authority identification information generation module, for according at least to default electronics authority ticket information, electronics
Electronics authority ticket information in the authority side of issuing public key, the electronics authority side of issuing title three generates the first electronics authority letter
Breath;The first electronics authority information is signed using the first signature algorithm, and with electronics authority issuing organization private key, issued
Send out authority signature;
Blank electronic authority generation module, for according to the first electronics authority information, electronics authority issuing organization public key, issue
Send out authority signature generation blank electronic authority.
Optionally, the blank electronic authority identification information generation module is believed according at least to default electronics authority nominal value
Electronics authority ticket information in breath, the electronics authority side of issuing public key, the electronics authority side of issuing title three generates the first electronics
Authority information, including:According at least to the electronics authority ticket information of the one or two kinds of any of the above combination in following information
Generate the first electronics authority information:
Electronics authority code, electronics authority number, electronics authority type, electronics authority issuing organization title, electronics authority
Amount, the electronics authority term of validity, type of service.
Optionally, the blank electronic authority generation module, is additionally operable to when the first electronics authority information does not include electricity
The sub- authority side of issuing public key, the electronics authority side of issuing public key is added to the blank electronic authority of generation.
Optionally, the blank electronic authority identification information generation module, is additionally operable to:
Issued according to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, electronics authority
One or more kinds of any combination in square title, electronics authority ticket information, are generated empty using the second encryption algorithm
The sub- authority identification code of white appliances;
The blank electronic authority generation module, is additionally operable to the blank electronic authority identification code being added to the sky of generation
The sub- authority of white appliances.
Optionally, described device also includes:
Exposure module, for the blank electronic authority of generation to be shown, or printing generation blank authority nominal value.
The embodiment of the present invention additionally provides a kind of blank electronic authority and discloses checking device, including:
Blank electronic authority information extraction modules, the key message for extracting blank electronic authority from electronics authority,
The key message includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Whether electronics authority true or false authentication module, the electronics authority issuing organization public key extracted for verifying is effective;Adjust
With the first signature verification algorithm corresponding with the first signature algorithm, electronics authority issuing organization public key verifications issuing organization label are used
Name;When being verified, judge electronics authority for legal authority.
Optionally, the blank electronic authority information extraction modules, are additionally operable to when the first electronics authority information does not include electricity
The sub- authority side of issuing public key, extracts the electronics authority side of issuing public key;
Whether effective the electronics authority true or false authentication module, be additionally operable to the checking electronics authority side of issuing public key.
Optionally, the electronics authority true or false authentication module uses electronics authority issuing organization public key verifications issuing organization
Signature, including:When the first electronics authority information includes the electronics authority side of issuing public key, by verifying issuing organization signature progress
The electronics authority side of issuing public key verifications.
The embodiment of the present invention additionally provides a kind of blank electronic authority generation and open checking system, and the system includes:
Blank electronic authority identification information generation module, for according at least to default electronics authority ticket information, electronics
Electronics authority ticket information in the authority side of issuing public key, the electronics authority side of issuing title three generates the first electronics authority letter
Breath;The first electronics authority information is signed using the first signature algorithm, and with electronics authority issuing organization private key, issued
Send out authority signature;
Blank electronic authority generation module, for according to the first electronics authority information, electronics authority issuing organization public key, issue
Send out authority signature generation blank electronic authority;
Exposure module, for the blank electronic authority of generation to be shown, or printing generation blank authority nominal value;
Blank electronic authority information extraction modules, the key message for extracting blank electronic authority from electronics authority,
The key message includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Whether electronics authority true or false authentication module, the electronics authority issuing organization public key extracted for verifying is effective;Adjust
With the first signature verification algorithm corresponding with the first signature algorithm, electronics authority issuing organization public key verifications issuing organization label are used
Name;When being verified, judge electronics authority for legal authority.
The blank electronic authority generation module, is additionally operable to when the first electronics authority information is not opened including electronics authority
Tool side's public key, the electronics authority side of issuing public key is added to the blank electronic authority of generation;
The blank electronic authority information extraction modules, are additionally operable to extract the electronics authority side of issuing public key;
Whether effective the electronics authority true or false authentication module, be additionally operable to the checking electronics authority side of issuing public key.
Optionally, the blank electronic authority identification information generation module, is additionally operable to:
Issued according to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, electronics authority
One or more kinds of any combination in square title, electronics authority ticket information, are generated empty using the second encryption algorithm
The sub- authority identification code of white appliances;
The blank electronic authority generation module, is additionally operable to the blank electronic authority identification code being added to the sky of generation
The sub- authority of white appliances.
The embodiment of the present invention additionally provides a kind of blank electronic authority generation and open verification method, and methods described includes:
Blank electronic authority identification information generation step:According at least to default electronics authority ticket information, electronics authority
Electronics authority ticket information in the side's of issuing public key, the electronics authority side of issuing title three generates the first electronics authority information;Adopt
The first signature algorithm is used, and the first electronics authority information is signed with electronics authority issuing organization private key, obtains issuing machine
Structure is signed;
Blank electronic authority generation step:According to the first electronics authority information, electronics authority issuing organization public key, issue machine
Structure signature generation blank electronic authority;
Exposure module step:The blank electronic authority of generation is shown, or printing generation blank authority nominal value;
Blank electronic authority information extracting step:The key message of blank electronic authority is extracted from electronics authority, it is described
Key message includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Electronics authority true or false verification step:Verify whether the electronics authority issuing organization public key extracted is effective;Call with
The corresponding first signature verification algorithm of first signature algorithm, is signed using electronics authority issuing organization public key verifications issuing organization;
When being verified, judge electronics authority for legal authority.
Optionally, the blank electronic authority generation step, also includes:When the first electronics authority information does not include electricity
The sub- authority side of issuing public key, the electronics authority side of issuing public key is added to the blank electronic authority of generation;
The blank electronic authority information extracting step, also includes:Extract the electronics authority side of issuing public key;
The electronics authority true or false verification step, also includes:Verify whether the electronics authority side of issuing public key is effective.
Optionally, the blank electronic authority identification information generation step, also includes:
Issued according to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, electronics authority
One or more kinds of any combination in square title, electronics authority ticket information, are generated empty using the second encryption algorithm
The sub- authority identification code of white appliances;
The blank electronic authority generation step, the also sky including the blank electronic authority identification code to be added to generation
The sub- authority of white appliances.
The embodiment of the present invention additionally provides a kind of electronics authority generation and open checking system, and the system includes:
Blank electronic authority identification information generation module, for according at least to default electronics authority ticket information, electronics
Electronics authority ticket information in the authority side of issuing public key, the electronics authority side of issuing title three generates the first electronics authority letter
Breath;The first electronics authority information is signed using the first signature algorithm, and with electronics authority issuing organization private key, issued
Send out authority signature;
Blank electronic authority generation module, for according to the first electronics authority information, electronics authority issuing organization public key, issue
Send out authority signature generation blank electronic authority;
Effective electron authority identification information generation module, is generated for describing electronics authority tool for the electronics authority side of issuing
The the second electronics authority information held in vivo;By any information in blank electronic authority together with the second electronics authority information
Generate the 3rd electronics authority information;The second signature algorithm is called, the 3rd electronics authority is believed using the electronics authority side's of issuing private key
Breath is signed, the generation electronics authority side of issuing signature;
Effective electron authority generation module, for being opened according to blank electronic authority, the second electronics authority information, electronics authority
Tool side's signature generation effective electron authority;
Exposure module, for the effective electron authority of generation to be shown, or the true authority nominal value of printing generation;
Blank electronic authority information extraction modules, the key message for extracting blank electronic authority from electronics authority,
The key message includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Whether electronics authority true or false authentication module, the electronics authority issuing organization public key extracted for verifying is effective;Adjust
With the first signature verification algorithm corresponding with the first signature algorithm, electronics authority issuing organization public key verifications issuing organization label are used
Name;When being verified, judge electronics authority for legal authority;
Effective electron authority information extraction modules, it is described for extracting effective electron authority key message from electronics authority
Key message includes:The electronics authority side of issuing signature;
Electronics authority content authenticity authentication module, for calling the second signature verification algorithm, is issued using electronics authority
The square public key verifications electronics authority side of issuing signature;When being verified, judge that electronics authority content is real.
The embodiment of the present invention additionally provides a kind of electronics authority generation and open verification method, including:
Blank electronic authority identification information generation step:According at least to default electronics authority ticket information, electronics authority
Electronics authority ticket information in the side's of issuing public key, the electronics authority side of issuing title three generates the first electronics authority information;Adopt
The first signature algorithm is used, and the first electronics authority information is signed with electronics authority issuing organization private key, obtains issuing machine
Structure is signed;
Blank electronic authority generation step:According to the first electronics authority information, electronics authority issuing organization public key, issue machine
Structure signature generation blank electronic authority;
Effective electron authority identification information generation step:The electronics authority side of issuing generates specifically interior for describing electronics authority
The the second electronics authority information held;Any information in blank electronic authority is generated together with the second electronics authority information
3rd electronics authority information;The second signature algorithm is called, the 3rd electronics authority information is entered using the electronics authority side's of issuing private key
Row signature, the generation electronics authority side of issuing signature;
Effective electron authority generation step:According to blank electronic authority, the second electronics authority information, the electronics authority side of issuing
Signature generation effective electron authority.
Show step:The effective electron authority of generation is shown, or the true authority nominal value of printing generation;
Blank electronic authority information extracting step:The key message of blank electronic authority is extracted from electronics authority, it is described
Key message includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Electronics authority true or false verification step:Verify whether the electronics authority issuing organization public key extracted is effective;Call with
The corresponding first signature verification algorithm of first signature algorithm, is signed using electronics authority issuing organization public key verifications issuing organization;
When being verified, judge electronics authority for legal authority;
Effective electron authority information extracting step:Effective electron authority key message, the key are extracted from electronics authority
Information includes:The electronics authority side of issuing signature;
Electronics authority content authenticity verification step:The second signature verification algorithm is called, the electronics authority side of issuing public affairs are used
The key checking electronics authority side of issuing signature;When being verified, judge that electronics authority content is real.
The embodiment of the present invention also provides a kind of computer-readable recording medium, and be stored with computer executable instructions, described
The above method is realized when computer executable instructions are performed.
Compared with prior art, blank electronic authority provided in an embodiment of the present invention generation, open verification method, device and
System, signs by using electronics authority issuing organization private key to blank electronic authority key message, and by electronics authority
Issuing organization public key and electronics authority issuing organization are added to blank electronic authority to the signature of blank electronic authority key message,
Antifalse effect, the crosstalk-preventing of blank electronic authority are improved, it is ensured that the legal authority that electronics authority is issued for legal entity, while not
With can not go here and there use between enterprise mutually.Regulatory rule is checked and approved by being added in the first electronics authority, prevents that electronics authority from issuing
Issue authority not in business scope, using not conforming to the behavior that rule use in authority of the term of validity etc. in side.Issued by checking
Authority signature is sent out come the method for verifying the electronics authority side of issuing public key, the efficiency of the electronics authority side of issuing public key verifications is improved,
The maintenance and management cost of the electronics authority side of issuing public key is reduced, is that electronics authority off-line verification is provided convenience.By right
Electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, the electronics authority side of issuing signature and electricity
Any information generation identification code in sub- authority, improves the efficiency of electronics authority checking.The embodiment of the present invention enhance electronics with
According to antifalsification, crosstalk-preventing, anti-do not conform to the advantages of rule use, it is to avoid what prior art was present pretends to be authority issuing organization to issue
Generate electricity sub- authority, the different electronics authority side of issuing mutually string electronics authority, do not conform to the drawbacks such as rule use electronics authority.And this
Inventive embodiments are not used dedicated system and verified, the method and device of open checking can pass through offline and online two kinds of sides
Formula is carried out, and greatly reduces the difficulty of electronics authority checking, improves the reliability and efficiency of checking.With verification mode it is simple,
Efficiently the characteristics of.
Brief description of the drawings
Accompanying drawing is used for providing further understanding technical scheme, and constitutes a part for specification, with this
The embodiment of application is used for the technical scheme for explaining the application together, does not constitute the limitation to technical scheme.Attached
In figure:
The blank electronic authority generation method flow chart that Fig. 1 provides for first embodiment of the invention;
The effective electron authority generation method flow chart that Fig. 2 provides for second embodiment of the invention;
Fig. 3 is the blank electronic invoice schematic diagram used at present;
Fig. 4-1 is shown for the blank authority that the embodiment of the present invention is designed in the way of word, or printing master drawing;
Fig. 4-2 shows master drawing for the blank authority that the embodiment of the present invention is designed in the way of word and Quick Response Code combination;
Fig. 4-3 shows master drawing for the blank authority that the embodiment of the present invention is designed in the way of word and bar code combination;
Fig. 5 is the real electronic invoice schematic diagram used at present;
Fig. 5-1 is that the real authority that the embodiment of the present invention finally shows shows master drawing in the form of word;
Fig. 5-2 is that the real authority that the embodiment of the present invention finally shows shows master drawing in the form of a Quick Response Code;
Fig. 5-3 is that the real authority that the embodiment of the present invention finally shows is shown in the way of word and Quick Response Code combination
Existing master drawing;
Fig. 5-4 is that the real authority that the embodiment of the present invention finally shows is entered in the way of word and two Quick Response Code combinations
Row shows master drawing;
Fig. 5-5 is that the real authority that the embodiment of the present invention finally shows shows sample in the way of word and bar code combination
Figure;
Fig. 5-6 is the real authority that finally shows of the embodiment of the present invention in the way of word, Quick Response Code, bar code combination
Show master drawing;
Fig. 6 discloses verification method flow chart for the electronics authority that third embodiment of the invention is provided;
Fig. 7 discloses verification method flow chart for the electronics authority that fourth embodiment of the invention is provided;
The generation of electronics authority and open checking system schematic diagram that Fig. 8 provides for fifth embodiment of the invention;
Fig. 9 is that the purchaser of present application example one individual verifies that electronics authority true or false and content are true by offline mode
The flow chart of property method;
Figure 10 is the flow chart of the electronics authority true or false verification method of present application example one;
Figure 11 is the flow chart of the verification method of the blank electronic authority key message of present application example one;
Figure 12 is the flow chart of the electronics authority content authenticity verification method of present application example one;
Figure 13 is the flow chart of the authenticity verification methods of the effective electron authority key message of present application example one;
Figure 14 is the flow chart of the compliance verification method of the effective electron authority key message of present application example one;
The blank electronic authority generating means structural representation that Figure 15 provides for sixth embodiment of the invention;
Figure 16 discloses checking apparatus structure schematic diagram for the blank electronic authority that seventh embodiment of the invention is provided;
The effective electron authority generating means structural representation that Figure 17 provides for eighth embodiment of the invention;
Figure 18 discloses checking apparatus structure schematic diagram for the effective electron authority that ninth embodiment of the invention is provided;
The generation of electronics authority and open verification method flow chart that Figure 19 provides for tenth embodiment of the invention;
The generation of blank electronic authority and open checking system schematic diagram that Figure 20 provides for eleventh embodiment of the invention;
The generation of blank electronic authority and open verification method flow chart that Figure 21 provides for twelveth embodiment of the invention.
Realization, functional characteristics and the advantage of the application purpose will be described further referring to the drawings in conjunction with the embodiments.
Embodiment
It should be appreciated that specific embodiment described herein is not used to limit the application only to explain the application.
The embodiment of the present invention increases issuing organization public key, issuing organization to blank electronic authority information in electronics authority
Signature, by verifying issuing organization public key and signature, so as to verify the true or false of electronics authority.And increase in electronics authority
The electronics authority side of issuing public key, the electronics authority side of issuing are to the signature of electronics authority content, by verifying the electronics authority side of issuing
Public key verifies the authenticity of electronics authority content with signature.By using electronics authority issuing organization private key to blank electronic with
Signed according to key message, and electronics authority issuing organization public key and electronics authority issuing organization are closed to blank electronic authority
The signature of key information is added to blank electronic authority, improves antifalse effect, the crosstalk-preventing of blank electronic authority, it is ensured that electronics authority
The legal authority issued for legal entity, while can not go here and there use between different enterprise mutually.By verify issuing organization signature come
The method of the checking electronics authority side of issuing public key improves the efficiency of the electronics authority side of issuing public key verifications, reduces electronics authority
The maintenance and management cost of the side's of issuing public key, is that electronics authority off-line verification is provided convenience.Pass through the rule that will be checked and approved or supervise
Then it is added in the first electronics authority information, by verifying the first electronics authority relevant information, prevents that electronics authority from not conforming to rule and making
With.Also, the embodiment of the present invention is shown in authority nominal value, or printing electronics authority issuing organization public key, issuing organization signature,
The information such as the electronics authority side of issuing public key, the electronics authority side of issuing signature, can use text, Quick Response Code, bar code, identification
Any combination mode such as code, digital watermarking, image is shown, or printing, and the position put can combine concrete application scene
Arbitrarily put.So, by the way that the public key of issuing organization, issuing organization signature, the electronics authority side of issuing public key, electronics authority are opened
Tool side signature etc. information directly display, or printing generation authority nominal value method, facilitate authentication directly obtain above-mentioned public key and
Signature, and according to the true and false of above-mentioned public key and signature verification authority.And there is no issuing organization in existing electronics authority nominal value
Public key and signature, the electronics authority side's of issuing public key and signature, relevant information is required to specialized system be inquired about, it is seen then that
The embodiment of the present invention is by the way that relevant information is directly displayed, or printing generation authority nominal value, and the system special without using is carried out
Inquiry, with obtaining the characteristics of information is easy.
Open verification method provided in an embodiment of the present invention can be purchaser, electronics authority issuing organization, financial system
Etc. different departments, different business demands, it is different using offline, online two kinds by the way of verified.
Embodiment 1:
The flow chart for the blank electronic authority generation method that Fig. 1 provides for first embodiment of the invention, the present embodiment is provided
Blank electronic authority generation method, for generating blank electronic authority, as shown in figure 1, methods described includes:
Blank electronic authority identification information generation step (step 101 to step 103):
Step 101:Opened according at least to default electronics authority ticket information, the electronics authority side of issuing public key, electronics authority
Electronics authority ticket information in tool side title three generates the first electronics authority information;
The electronics authority ticket information includes one or more kinds of any combination in following information:
Electronics authority code, electronics authority number, electronics authority type, electronics authority issuing organization title, electronics authority
Amount, the electronics authority term of validity, type of service.
It can be seen that, the first described electronics authority information is the one or more any combination of the description below:Electronics authority generation
Code, electronics authority number, electronics authority type, electronics authority issuing organization title, electronics authority amount, electronics authority are effective
Phase, type of service, the electronics authority side of issuing public key, the electronics authority side of issuing title etc.;
Described electronics authority code is used to describing the relevant information of electronics authority, such as area code, plate-making year, batch
Secondary, version spoken and written languages, a little authoritys, electronics authority issuing organization code, industry code, connection time code, electronics authority amount
Etc. relevant information.
Described electronics authority number is used for the sequence number for representing electronics authority;
Described electronics authority type is used to describing electronics authority belonging to which kind of type, including but not limited to common invoice,
VAT invoice, the authority of the treasury trade of public institution, common e bill, train ticket, plane ticket, electronic contract, doctor
Institute's authority etc.;
Described electronics authority amount is used to describe the ceiling that electronics authority is issued;
The described electronics authority term of validity is used to describing to make out an invoice the date in electronics authority must (earliest and most before the deadline
The useful life in evening);
Described type of service is opened for describing electronics authority issuing organization for what realization supervision was set with electronics authority
The related class of business of tool side's business scope;
The electronics authority side of issuing public key is effective public key that any authoritative institution issues, the form of public key and the side of storage
Formula is not limited.
Step 102:The first electronics authority information is entered using the first signature algorithm, and with electronics authority issuing organization private key
Row signature, obtains issuing organization signature;
The electronics authority issuing organization private key is effective private key that any authoritative institution issues;The first described signature is calculated
Method is any safely and effectively algorithm, if applied to digest algorithm, then call the first digest algorithm to give birth in the first signature algorithm
Into digest value, the first described digest algorithm is any safe digest algorithm;If applied to coding in first signature algorithm
Algorithm, then call the first encryption algorithm to generate encoded radio, first encryption algorithm is any safe encryption algorithm;
Described the first signature algorithm, the first digest algorithm, the first encryption algorithm, way of realization, the mode and fortune of storage
Capable pattern is not limited;
Blank electronic authority generation step:
Step 103, according to the first electronics authority information, electronics authority issuing organization public key, issuing organization signature generation have
The blank electronic authority of effect.
In the present embodiment, by being signed to the first electronics authority information, electronics authority antifalsification is improved.
In the present embodiment, as a kind of embodiment, also include in step 103:
Issued according to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, electronics authority
One or more kinds of any combination in square title, electronics authority ticket information, are generated using the second encryption algorithm and known
Other code;
Specifically, the generation of described blank electronic authority identification code can be empty using following any method generation
The sub- authority identification code of white appliances:
The second encryption algorithm is called, electronics authority issuing organization public key, issuing organization signature are encoded, generation identification
Code;
The second encryption algorithm is called, to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public affairs
Key is encoded, and generates identification code;
The second encryption algorithm is called, to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing name
Title is encoded, and generates identification code;
The second encryption algorithm is called, to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public affairs
Key, the electronics authority side of issuing title are encoded, and generate identification code;
The second encryption algorithm is called, to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public affairs
Key, the electronics authority side of issuing title, any combination of any information in the first electronics authority information are encoded, generation identification
Code;
The second described encryption algorithm is any safely and effectively coding method, and second encryption algorithm can be with first
Encryption algorithm is identical can also be different;
The step 103, including:By the first electronics authority information, electronics authority issuing organization public key, issuing organization label
Name, blank electronic authority identification code generate effective blank electronic authority together;
It can be seen that, above-described embodiment is shown, blank electronic authority can have identification code, can also be without identification code, blank electricity
The generation of sub- authority identification code can perform according to concrete application scene or not perform protection domain all in the embodiment of the present invention
Within.
As a kind of embodiment,
The step 103, also includes:By the first electronics authority information, electronics authority issuing organization public key, issuing organization label
Name, the electronics authority side of issuing public key generate blank electronic authority together;The electronics authority issuing organization public key is any authority
Effective public key corresponding with private key that mechanism is issued.The public and private key of electronics authority issuing organization, the electronics authority side of issuing it is public and private
The generation of key and issue and can be completed by electronics authority issuing organization oneself, the believable third-party institution can also be entrusted to complete.
It can be seen that, in the present embodiment, described blank electronic authority is that the first electronics authority information, electronics authority issue machine
Structure public key, issuing organization signature, the electronics authority side of issuing public key, the combination of any mode of blank electronic authority identification code;
According to concrete application environment, blank electronic authority can not include the electronics authority side of issuing public key information, by electronics
The public key information of oneself is added to effective electronics authority information by the authority side of issuing when generating effective electron authority, both lifes
Mode into electronics authority is also within protection scope of the present invention.
In the present embodiment, as a kind of embodiment, methods described also includes:
Show step:
Step 104:Electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key are shown, or
Printing generation blank authority nominal value.
In the present embodiment, the issuing organization public key, issuing organization signature, the electronics authority side of issuing public key putting position
It can arbitrarily choose, can concentrate and be placed on an area, can also disperse to be placed on electronics authority nominal value optional position.
In the present embodiment, as a kind of embodiment,
The step 104 also includes:Blank electronic authority identification code is shown, or printing generation blank authority nominal value.
Identification code therein can be using the generation of the any-modes such as Quick Response Code, bar code, digital watermarking, image.
The blank electronic authority ultimately generated can not include any identification code, and only related text information can also be wrapped
Containing one or more identification codes, or it can be appointed with text information, Quick Response Code, bar code, identification code, digital watermarking, image etc.
Meaning combination.Related text information, Quick Response Code, bar code, identification code, digital watermarking, image etc. can be with any different
Mode is shown, or printing generation authority nominal value, shows the public.
In the present embodiment, by the way that relevant information is directly displayed, or printing generation authority nominal value, for purchaser, wealth
Business system, electronics authority issuing organization can carry out openly checking using the mode such as scan, being manually entered.Wherein, for issuing
The list of public keys information or certification authority that the checking of hair authority public key information can be carried directly by checking system are announced
List of public keys information verified.The public key information checking of the electronics authority side of issuing can be carried out using following several ways:It is logical
Checking issuing organization signature is crossed to be verified;List of public keys information or list of cert information that checking system is carried;Check certificate
List of public keys information or list of cert information that issuing organization is announced.The checking of signature can directly carry out disclosure by verification tool
Checking.This open verification method can be carried out by offline and online two ways, greatly reduce the checking of electronics authority
Difficulty, improves the reliability and efficiency of checking.
The related official seal of true electronics authority, such as electronics authority regulating agencies official seal, the electronics authority side of issuing official seal can
Can be retained according to concrete application environment or do not retained.
It should be noted that the methods described of the present embodiment can be applied in the system of electronics authority issuing organization, when
So, it can also be applied in the system that others can realize the present embodiment function.
Embodiment 2:
The flow chart for the effective electron authority generation method that Fig. 2 provides for second embodiment of the invention, the present embodiment is provided
Effective electron authority generation method, for generating effective electron authority, as shown in Fig. 2 methods described includes:
Effective electron authority identification information generation step (step 201 to step 203):
Step 201:The electronics authority side of issuing generates the second electronics authority information for describing electronics authority particular content;
The second described electronics authority information is used to describe electronics authority particular content, and including but not limited to electronics authority is opened
The ticket time, purchaser's title, purchaser's identifier, purchaser address, purchaser's phone, purchaser bank of deposit, purchaser's account,
Trade name, labor service title, service name, specifications and models, unit, quantity, unit price, the amount of money, the tax rate, the amount of tax to be paid, Amount in Total, conjunction
Taxing volume, the electronics authority side of issuing title, the electronics authority side of issuing identifier, the electronics authority side of issuing address, electronics authority are opened
Tool side's phone, bank of deposit of the electronics authority side of issuing, the electronics authority side of issuing account, payee, drawer, check people and for protect
Protect check code, the password of the above generation;Second electronics authority information is the one or more any combination of the above.
Step 202:Any information in blank electronic authority is generated into the 3rd electronics together with the second electronics authority information
Authority information;
Step 203:The second signature algorithm is called, the 3rd electronics authority information is carried out using the electronics authority side's of issuing private key
Signature, the generation electronics authority side of issuing signature;
The electronics authority side of the issuing private key be any authoritative institution issue it is corresponding with the electronics authority side of issuing public key
Effective private key;
The second described signature algorithm is any safely and effectively algorithm, algorithm way of realization, the mode of storage and operation
Pattern do not limit;
It is described if applied to digest algorithm, then call the second digest algorithm to generate digest value in second signature algorithm
Second digest algorithm is any safe digest algorithm;
It is described if applied to encryption algorithm, then call the 3rd encryption algorithm to generate encoded radio in second signature algorithm
3rd encryption algorithm is any safe encryption algorithm;
Described the second digest algorithm, the 3rd encryption algorithm, the pattern of way of realization, the mode of storage and operation are not limited;
The second described signature algorithm can be the same or different with the first signature algorithm;
The second described digest algorithm can be the same or different with the first digest algorithm;
The 3rd described encryption algorithm can be the same or different with the first encryption algorithm, the second encryption algorithm;
Effective electron authority generation step:
Step 204:Generated together according to blank electronic authority, the second electronics authority information, the electronics authority side of issuing signature
Effective electron authority.
In the present embodiment, as a kind of embodiment, step 204 also includes:When blank electronic authority does not include electronics
The authority side of issuing public key, the electronics authority side of issuing public key is added to the effective electron authority of generation.
In the present embodiment, as a kind of embodiment,
Also include in step 203:The 4th encryption algorithm is called, electronics authority issuing organization public key, issuing organization are signed,
The electronics authority side of issuing public key, the electronics authority side of issuing signature, any information in the first electronics authority information, the second electronics with
It is believed that any combination of any information in breath is encoded, the first effective electron authority identification code is generated;
The generation of the first described effective electron authority identification code can use following any method:
The 4th encryption algorithm is called in the generation of the first described effective electron authority identification code, to electronics authority issuing organization
Public key, issuing organization signature, the electronics authority side of issuing public key, the electronics authority side of issuing signature are encoded, and generate identification code;
The generation of the first effective electron authority identification code also includes calling the 4th encryption algorithm, and electronics authority is issued
In authority public key, issuing organization signature, the electronics authority side of issuing public key, the electronics authority side of issuing signature, effective electron authority
Any combination of any information is encoded, and generates identification code;
So, in the above-described embodiments, a first new effective electron authority identification code is individually created, with electronics authority
The identification code prestored coexists, or can also be in true electronics authority, the identification code not prestored including electronics authority, only
The the first effective electron authority identification code generated including the present embodiment.
Certainly, in other embodiment, also include in step 203:The electronics authority coding method prestored is called,
Increase electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public affairs in the information of the participation coding prestored
Key, the electronics authority side of issuing signature, any information in the first electronics authority information, any letter in the second electronics authority information
Any combination of breath is encoded, and generates a second new effective electron authority identification code.
So, when electronics authority has had the identification code prestored, it can increase new in the information of the participation coding prestored
Content, generate a second new effective electron authority identification code.
The 4th described encryption algorithm is any safely and effectively coding method;4th encryption algorithm can be with first
Encryption algorithm, the second encryption algorithm, the 3rd encryption algorithm are identical can also be different;
Accordingly,
In the step 204, electronics authority issue root according to blank electronic authority, the second electronics authority information, electronics with
Effective electricity is generated together according to the side's of issuing signature, the first effective electron authority identification code and/or the second effective electron authority identification code
Sub- authority.
In the step 204, when not including the electronics authority side of issuing public key in blank electronic authority, electronics authority is issued
Square public key is added to the effective electron authority of generation.
It can be seen that, in the present embodiment, effective electron authority be blank electronic authority, the second electronics authority information, electronics with
Combined according to the side's of issuing signature, the first effective electron authority identification code and/or second any mode of effective electron authority identification code.When
Blank electronic authority does not include the electronics authority side of issuing public key, and the electronics authority side of issuing public key is added to the effective electron of generation
Authority.In the present embodiment, the effective electron authority ultimately produced can have identification code, can also be without identification code, Ke Yiyou
One identification code, it is possibility to have two or more identification codes.
In the present embodiment, as a kind of embodiment, methods described also includes:
Electronics authority shows step:The effective electron authority of generation is shown, or the true authority nominal value of printing generation.
In the present embodiment, electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, electricity
The sub- authority side of issuing signature putting position can arbitrarily be chosen, and can concentrate and be placed on an area, can also disperse to be placed on electronics with
According to optional position.
In the present embodiment, as a kind of embodiment, the electronics authority shows step, also includes:
First effective electron authority identification code and/or the second effective electron authority identification code are shown, or printing generation is true
Real authority nominal value.
Identification code generating mode can be using any coded system generation such as Quick Response Code, bar code, digital watermarking, image.
The true electronics authority ultimately generated can not include any identification code, only related text information, related text
The position of word information discharge is not limited;One or more identification codes can also be included, or can be with text information, Quick Response Code, bar
Any combination mode such as shape code, identification code, digital watermarking, image is shown or printed generation.Related text information and knowledge
Other code can be revealed in nominal value with any different presentation mode, show the public.
In the present embodiment, by the way that relevant information is directly displayed, or printing generation authority nominal value, for purchaser, wealth
Business system, electronics authority issuing organization using scanning or the mode such as can be manually entered, and carry out open checking.Wherein, for
The list of public keys information or certification authority that the checking of issuing organization public key information can be carried directly by checking system are public
The list of public keys information of cloth is verified.The public key information checking of the electronics authority side of issuing can be carried out using following several ways:
By verifying that issuing organization signature is verified;List of public keys information or list of cert information that checking system is carried;Examination card
List of public keys information or list of cert information that book issuing organization is announced.The checking of signature can directly be tested by verification tool
Card.This open verification method can be carried out by offline and online two ways, greatly reduce difficulty of the electronics with play checking
Degree, improves the reliability and efficiency of checking.
The related official seal of true electronics authority, such as electronics authority regulating agencies official seal, the electronics authority side of issuing official seal can
Can be retained according to concrete application environment or do not retained.
The password area that current invoice is used can retain according to concrete application environment or not retain.
First embodiment of the invention and second embodiment illustrate electronics authority generation method.In a particular application, can be with
Electronics authority issuing organization public key, issuing organization signature, electronics are increased in electronics authority nominal value according to actual application demand
It is a kind of or any several in the authority side of issuing public key and the electronics authority side of issuing signature, belong to protection scope of the present invention.
Specifically, the blank electronic invoice sample ticket used at present is as shown in Figure 3.
To improve electronics authority antifalsification, the embodiment of the present invention increases electronics authority issuing organization in electronics authority nominal value
Public key, issuing organization signature, the electronics authority side's of issuing public key and the electronics authority side of issuing signature etc., for false proof, crosstalk-preventing
With open checking, above- mentioned information can concentrate a specific region for being placed in electronics authority nominal value to be shown, can also put
The optional position for being placed on electronics authority nominal value is shown., can be by order to improve the efficiency and convenience of the identification of electronics authority
Above- mentioned information and electronics authority other information generate identification code using coding method, such as Quick Response Code, bar code, digital watermarking,
Image etc., but it is not limited to above method generation identification code.
Illustrate blank electronic authority and true electronics authority, the blank of embodiment of the present invention design in the form of master drawing below
Authority master drawing as shown in Fig. 4-1,4-2,4-3, added in blank authority issuing organization public key, issuing organization signature, electronics with
According to the side's of issuing public key.Seller public key is a kind of special case of the electronics authority side of issuing public key.
The electronics authority side's of issuing public key is added in the first electronics authority information in blank electronic authority by issuing organization,
It can also be added to after issuing organization signature by issuing organization in blank electronic authority, can also be issued later by electronics authority
Fang Tianjia.Issuing organization public key, issuing organization signature, the electronics authority side of issuing public key can be shown in the form of word, also may be used
To be shown with modes such as Quick Response Code, bar code, identification code, digital watermarking, images, or with word and Quick Response Code, bar code, knowledge
Any combination modes such as other code, digital watermarking, image are shown.As increased checking area in Fig. 4-1 blank electronic authoritys, with text
The mode of word shows electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, electronics authority and issued
Side's signature.As Fig. 4-2 shows checking content in the way of word and Quick Response Code combination, it should be pointed out that the word and two
Dimension code shows position and can be revealed in any position of nominal value, and the embodiment of the present invention is not limited to this.If Fig. 4-3 is with text
The mode that word and bar code are combined shows, similarly, word and bar code show position and can be revealed in any position of nominal value
Put, the embodiment of the present invention is not limited to this.
The real electronic invoice sample ticket used at present is as shown in Figure 5.The embodiment of the present invention finally show it is real with
According to sample ticket as shown in Fig. 5-1,5-2,5-3,5-4,5-5,5-6, the present embodiment increases issuing organization public key in electronics authority, issued
Authority signature, the electronics authority side of issuing public key, the electronics authority side of issuing signature are sent out, electronics authority antifalsification is improved.Seller is public
It is a kind of special case of the electronics authority side of issuing signature that key, which is a kind of special case of the electronics authority side of issuing public key, seller is signed.Above-mentioned letter
Breath can be shown in the form of word, can also be shown with modes such as Quick Response Code, bar code, identification code, digital watermarking, images,
Or shown with any combination modes such as word and Quick Response Code, bar code, identification code, digital watermarking, images.Identification code
Generation can merge with original identification code, generate an identification code, can also be individually created identification code, original identification code can
It can not also be retained with retaining.Fig. 5-1 is shown above-mentioned key message in the way of word, in figure and shows password
Area, password area is that current invoice is existing, is that key message is encrypted and signed, tax system is set by special instrument
Standby scanning invoice, extracts key message, is decrypted with sign test to carry out the checking of electronic invoice.For password area, Ke Yigen
Retain according to concrete application environment or do not retain, belong among the present invention.Fig. 5-2 is by above-mentioned key message in the way of Quick Response Code
Show, merge with original Quick Response Code relevant information, generate a new Quick Response Code.Fig. 5-3 by above-mentioned key message with word and
The mode of Quick Response Code combination shows, and merges with original Quick Response Code relevant information, generates a new Quick Response Code.Fig. 5-4 is shown
Word and the situation figure of two Quick Response Code figure combinations, a Quick Response Code is that original Quick Response Code is constant, also newly-generated including one
Quick Response Code.Fig. 5-5 is shown in the way of word and bar code combination.Fig. 5-6 is combined with word, Quick Response Code and bar code
Mode show.
Above-mentioned electronics authority example master drawing is merely illustrative, during actual use electronics authority issuing organization public key,
Issuing organization signature, the electronics authority side of issuing public key, the electronics authority side of issuing signature can arbitrarily be put, and participate in generation identification code
Content, the putting position of identification code, coding method can arbitrarily choose.
Embodiment 3
Shown in reference picture 6, verification method flow chart, the side are disclosed for the electronics authority that third embodiment of the invention is provided
Method is used to carry out the checking of electronics authority true or false, the described method comprises the following steps:
Blank electronic authority key message extraction step:
Step 601:Blank electronic authority key message, the blank electronic authority key message are extracted from electronics authority
Including:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Electronics authority true or false verification step (step 602 to 604):
Step 602:Verify whether the electronics authority issuing organization public key extracted is effective;
Step 603:The first signature verification algorithm corresponding with the first signature algorithm is called, electronics authority issuing organization is used
Public key is verified to issuing organization signature;
Step 604:When being verified, judge electronics authority for legal authority.
As a kind of embodiment, blank electronic authority key message is extracted in the step 601 from electronics authority, also
Including:Extract the electronics authority side of issuing public key;
Also include in step 603:Verify whether the electronics authority side of issuing public key is effective;
If the first electronics authority packet contains the electronics authority side of issuing public key, issuing organization is opened electronics authority
Tool side's public key is signed, and the electronics authority side of issuing public key can be verified by verifying that issuing organization is signed, if first
Electronics authority information does not include the electronics authority side of issuing public key, and the checking of the electronics authority side of issuing public key needs to inquire about effective public key
Whether list information or list of cert information are effective to verify the electronics authority side of issuing public key;
Also include in step 603:Verify whether the first electronics authority information is true;
First electronics authority Information Authentication can retain according to concrete application environment or not retain;
Step 601 extracts the key message of blank electronic authority from effective electron authority, and any means can be used to adopt
Extract in any way, such as be manually entered, scan, the software by cell-phone customer terminal, PC software etc., the crucial letter of extraction
The mode of breath storage is not limited.
The checking of electronics authority issuing organization public key and the checking of the electronics authority side of issuing public key can using offline or
Online mode is carried out.
Embodiment 4
Shown in reference picture 7, verification method flow chart, the side are disclosed for the electronics authority that fourth embodiment of the invention is provided
Method is used to verify that methods described includes to electronics authority content authenticity:
Effective electron authority information extracting step:
Step 701:Effective electron authority key message is extracted from electronics authority, the key message includes:Second electronics
Authority information, any information of blank electronic authority, the electronics authority side of issuing signature;
The extraction of any information of blank electronic authority is extracted according to effective electron authority generation method in step 701;
Effective electron authority verification step (step 702 to step 704):
Step 702:3rd electronics is generated according to any information of the second electronics authority information and blank electronic authority of extraction
Authority information;
Step 703:The second signature verification algorithm is called, using the electronics authority side's of issuing public key to the electronics authority side of issuing label
Name is verified;
The checking of the described electronics authority side of issuing signature be used to verifying the electronics authority side of issuing sign whether be electronics with
According to signature of the side of issuing to the 3rd electronics authority information;
What the described electronics authority side of issuing signed is verified as calling the second signature verification algorithm, is issued using electronics authority
Square public key is verified to the electronics authority side of issuing signature;
Step 704:When being verified, judge that the second electronics authority information was not tampered with;
Step 705:Verify the compliance of effective electron authority key message;The effective electron authority key message closes rule
Property verify for whether closing rule according to first electronics authority Information Authentication the second electronics authority information, compliance, which is verified, to be included but not
It is limited to:Verify whether the titles such as commodity/labor service/service in the second electronics authority information meet defined type of service, checking
Before the deadline whether invoicing time, whether checking authority type correct, whether the checking amount of money is in amount etc..
Step 704 and 705 can retain according to concrete application scene or not retain, and the order of execution can arbitrarily be set,
Checking content can arbitrarily be set, in this patent protection domain;Step 706:When being verified, it is true to judge electronics authority
Real;
Also include extracting the electronics authority side of issuing public key as a kind of embodiment, in step 701;
Also include the checking electronics authority side of issuing public key in step 703.
If the first electronics authority packet authority containing the electronics side of issuing public key, the checking of the electronics authority side of issuing public key can
With by verifying that issuing organization signature is verified in electronics authority true or false verification step;If the first electronics authority information
Not comprising the electronics authority side of issuing public key, the checking of the electronics authority side of issuing public key needs to check effective list of public keys or certificate row
Whether table, the checking electronics authority side of issuing public key is effective;The checking of the electronics authority side of issuing public key can be using offline or online
Mode is carried out.
Optionally, step 703 also includes:
Verify whether effective electron authority key message is true, including tested by representing the information of electronics authority uniqueness
Demonstrate,prove title, specifications and models, unit, quantity, unit price, the amount of money, the tax rate, the amount of tax to be paid, Amount in Total, the He Jishui such as commodity/labor service/service
Volume, payee, drawer and whether check the information such as people true;
Embodiment 5
Shown in reference picture 8, the generation of electronics authority and open checking system structure provided for fifth embodiment of the invention is shown
It is intended to, the system includes:
Blank electronic authority identification information generation module, for according at least to default electronics authority ticket information, electronics
Electronics authority ticket information in the authority side of issuing public key, the electronics authority side of issuing title three generates the first electronics authority letter
Breath;The first electronics authority information is signed using the first signature algorithm, and with electronics authority issuing organization private key, issued
Send out authority signature;
Blank electronic authority generation module, for according to the first electronics authority information, electronics authority issuing organization public key, issue
Send out authority signature generation blank electronic authority;
Effective electron authority identification information generation module, is generated for describing electronics authority tool for the electronics authority side of issuing
The the second electronics authority information held in vivo;By any information in blank electronic authority together with the second electronics authority information
Generate the 3rd electronics authority information;The second signature algorithm is called, the 3rd electronics authority is believed using the electronics authority side's of issuing private key
Breath is signed, the generation electronics authority side of issuing signature;
Effective electron authority generation module, for being opened according to blank electronic authority, the second electronics authority information, electronics authority
Tool side's signature generation effective electron authority;
Exposure module, for the effective electron authority of generation to be shown, or the true authority nominal value of printing generation;
Blank electronic authority information extraction modules, the key message for extracting blank electronic authority from electronics authority,
The key message includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Whether electronics authority true or false authentication module, the electronics authority issuing organization public key extracted for verifying is effective;Adjust
With the first signature verification algorithm corresponding with the first signature algorithm, electronics authority issuing organization public key verifications issuing organization label are used
Name;When being verified, judge electronics authority for legal authority;
Effective electron authority information extraction modules, it is described for extracting effective electron authority key message from electronics authority
Key message includes:The electronics authority side of issuing signature;
Electronics authority content authenticity authentication module, for calling the second signature verification algorithm, is issued using electronics authority
The square public key verifications electronics authority side of issuing signature;When being verified, judge that electronics authority content is real.
Specifically,
The first described electronics authority information be including but not limited to electronics authority code, electronics authority number, electronics with
Issued according to type, type of service, electronics authority issuing organization title, electronics authority amount, the electronics authority term of validity, electronics authority
Square public key, the electronics authority side of issuing title etc.;
Described issuing organization signature calls the first signature algorithm for electronics authority issuing organization, and is issued with electronics authority
Mechanism private key is signed to the first electronics authority information, obtains issuing organization signature;
The electronics authority issuing organization public key is effective public key for issuing of any authoritative institution, the form of public key and is deposited
The mode put is not limited;
The electronics authority issuing organization private key is effective private key corresponding with public key that any authoritative institution issues;
The electronics authority side of the issuing public key is effective public key that any authoritative institution issues, the form of public key and storage
Mode do not limit;
Described blank electronic authority can include that the electronics authority side of issuing public key can not also be included;
The identification code of described blank electronic authority to call the second encryption algorithm, to electronics authority issuing organization public key,
Issuing organization signature, the electronics authority side of issuing public key, any combination generation of any information in the first electronics authority information
Identification code;
Described identification code can merge with existing identification code, can also be individually created new identification code;
Described blank electronic authority can include that blank electronic authority identification code can not also be included;
Effective electron authority generation module, effective electron authority is generated for the electronics authority side of issuing;Described effective electricity
Sub- authority is blank electronic authority, the second electronics authority information, the electronics authority side of issuing signature, effective electron authority identification code times
Where formula is combined.
The 3rd described electronics authority information is any information and the second electronics authority information in blank electronic authority
Any form combination;
The second described electronics authority information is used to describe authority particular content, when including but not limited to electronics authority is made out an invoice
Between, purchaser's title, purchaser's identifier, purchaser address, purchaser's phone, purchaser bank of deposit, purchaser's account, commodity
Title, labor service title, service name, specifications and models, unit, quantity, unit price, the amount of money, the tax rate, the amount of tax to be paid, Amount in Total, He Jishui
Volume, the electronics authority side of issuing title, the electronics authority side of issuing identifier, the electronics authority side of issuing address, the electronics authority side of issuing
Phone, bank of deposit of the electronics authority side of issuing, the electronics authority side of issuing account, payee, drawer, check people and for protection on
State check code, the password of content generation;Second electronics authority information is the one or more any combination of the above.
The described electronics authority side of issuing signature calls the second signature algorithm for the electronics authority side of issuing, and uses electronics authority
The side's of issuing private key is signed to the 3rd electronics authority information, generation signature;
The electronics authority side of the issuing private key is effective private key corresponding with public key that any authoritative institution issues;
The identification code of described effective electron authority information is public to electronics authority issuing organization to call the 4th encryption algorithm
Appointing in key, issuing organization signature, the electronics authority side of issuing public key, the electronics authority side of issuing signature, the first electronics authority information
Anticipate information, the identification code of any combination generation of any information in the second electronics authority information;
Described identification code can merge with existing identification code, can also be individually created new identification code;
Described effective electron authority can include that effective electron authority identification code can not also be included;
Electronics authority exposure module is used to show effective electron authority information;Electricity in effective electron authority information
Sub- authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, the electronics authority side of issuing signature, identification code
Can arbitrarily it be put etc. information.When implementing, electronics authority exposure module can be carried out to electronics authority on terminal interface
It has been shown that, can also be shown electronics authority dump via the printing equipment of interconnection on paper carrier.
Electronics authority true or false authentication module is used to verify whether electronics authority is legal authority that legal entity issues;
Described electronics authority true or false authentication module includes the extraction of blank electronic authority key message, blank electronic with
The checking signed according to the checking of key message, issuing organization;
Described blank electronic authority key message is extracted for extracting the first electronics authority information, electricity from electronics authority
Sub- authority issuing organization public key, issuing organization signature and/or the electronics authority side of issuing public key;
The extraction of the blank electronic authority key message can be carried out in any manner, including but not limited to including people
Work input, scanning, cell-phone customer terminal extraction, the extraction of PC software etc.;
The checking of described blank electronic authority key message is used to verify whether the first electronics authority key message is true,
It was not tampered with;The checking of described blank electronic authority key message also includes checking electronics authority issuing organization public key
It is no to be tampered, if effectively;
The checking of described blank electronic authority key message also includes whether the checking electronics authority side of issuing public key is usurped
Change, if effectively;The verification step can blank electronic authority key message checking in perform, can also effective electron with
Performed in being verified according to key message;
The checking of described issuing organization signature is used to verify whether issuing organization signature is electronics authority issuing organization pair
The signature of first electronics authority information;
What described issuing organization was signed is verified as calling the first signature verification algorithm, uses electronics authority issuing organization public
Key is verified to issuing organization signature;
Described electronics authority content authenticity authentication module is used to verify whether the content of electronics authority to be true, closes rule;
The extraction of described electronics authority content authenticity authentication module including effective electron authority key message, electronics with
According to the checking of the side's of issuing signature, the checking of effective electron authority key message compliance;
Described effective electron authority key message is extracted for extracting the second electronics authority letter from effective electron authority
Breath, the electronics authority side of issuing public key, the electronics authority side of issuing signature, blank electronic is extracted according to effective electron authority generation method
Any information of authority;
The checking of the electronics authority side of issuing signature is used to verify whether the second electronics authority information is tampered with;Effective electron
Authority key message content compliance is verified for verifying whether the second electronics authority information closes rule;
The described checking of effective electron authority key message content authenticity and compliance checking can be according to concrete application
Scene retains or not retained, and the order of execution can arbitrarily be set;
Whether the checking of described effective electron authority key message also includes the checking electronics authority side of issuing public key effective;
If the verification step is performed in the checking of blank electronic authority key message, it can be omitted in this step;
The checking of the described electronics authority side of issuing signature be used to verifying the electronics authority side of issuing sign whether be electronics with
According to signature of the side of issuing to the 3rd electronics authority information;
What the described electronics authority side of issuing signed is verified as calling the second signature verification algorithm, is issued using electronics authority
Square public key is verified to the electronics authority side of issuing signature.
The blank electronic authority generation module, effective electron authority generation module, electronics authority exposure module, electronics with
According to true or false authentication module, electronics authority content authenticity authentication module can it is implemented in software can also hardware realize;Before setting
Platform or backstage;For centralization or distributed.
Verification method is disclosed to electronics authority of the present invention below by the example in concrete application illustrative.
Example 1-5 combinations purchaser individual is using offline mode, online mode, and financial system passes through offline mode, online
Mode, electronics authority issuing organization 5 kinds of different application scenarios are verified to electronics authority come illustrate the electronics that provides of the present invention with
According to open verification method.
Example 1:
This example is used for illustrating that purchaser is personal and verifies the true of electronics authority true or false and content by offline mode
Property.The electronics authority that this example is provided discloses verification method, as shown in Figure 9.
It is true including electronics authority true or false checking 600 and electronics authority content that described electronics authority discloses verification process
Property verifies 700 two steps.
This example is mainly included the following steps that:
600th, electronics authority true or false is verified
Described electronics authority true or false verified for verifying whether electronics authority is legal authority that legal entity issues,
Verification process is as shown in Figure 10, including following 11 steps:
611st, the first electronics authority information is extracted from electronics authority;
612nd, electronics authority issuing organization public key is extracted from electronics authority;
613rd, issuing organization signature is extracted from electronics authority;
614th, the electronics authority side of issuing public key is extracted from electronics authority;
Step 611~614 to extract the key message of blank electronic authority from electronics authority, described blank electronic with
According to key message any means can be used to be extracted using any-mode, such as be manually entered, scan, by cell-phone customer terminal
Software, PC software etc., the mode of the key message storage of extraction are not limited;
The order that above-mentioned 611~613 3 steps are performed can arbitrarily be set;
The extraction of the step 614 electronics authority side of issuing public key can be crucial in blank electronic authority according to specific actual conditions
Perform or performed below in the extraction of effective electron authority key message in information extraction.
615th, the checking of blank electronic authority key message;The checking of described blank electronic authority key message is used to test
Whether the key message demonstrate,proved in the first electronics authority is real, is not tampered with;
The checking of described blank electronic authority key message is as shown in figure 11, mainly including following 3 steps:
631st, whether checking electronics authority issuing organization public key is effective, and then proves the true of electronics authority issuing organization public key
Reality;
Whether the title the 632nd, by electronics authority code verification electronics authority issuing organization is true;
633rd, by electronics authority code verification electronics authority use area it is whether true;
Above-mentioned verification step can arbitrarily be set with individual authentication or joint verification, execution sequence;
Step 631 has to carry out in above-mentioned verification step, and other verification steps can be any group according to concrete application environment
Close, or without checking;
Blank electronic authority key message is transferred to next verification step after being verified, not by then directly judging the electronics
Authority is the authority forged;
616th, judge that blank electronic authority key message verifies whether to pass through, verified, do not passed through by then entering next step
Then directly judge that electronics authority is the authority forged.
617th, checking issuing organization signature;Described checking issuing organization sign for verify issuing organization signature whether be
Signature of the electronics authority issuing organization to the first electronics authority information;
Described checking issuing organization signature uses electronics authority issuing organization public key to call the first signature verification algorithm
Verify issuing organization signature;
The first described signature verification algorithm is any safely and effectively algorithm corresponding with the first signature algorithm, and algorithm is real
Existing form, the mode of storage and the pattern of operation are not limited;
If applied to digest algorithm, then call and identical first in the first signature algorithm in first signature verification algorithm
Digest algorithm generates digest value;
If applied to encryption algorithm, calls and compiled with identical in the first signature algorithm first in first signature verification algorithm
Code algorithm generation encoded radio;
Described the first digest algorithm, the first encryption algorithm way of realization, the mode of storage and the pattern of operation is not limited.
618th, judge whether issuing organization signature verification passes through.By being directly transferred to next verification step, not by then straight
Connect and judge that the electronics authority is the authority forged;
619th, whether the checking electronics authority side of issuing public key is effective;First electronics authority packet authority containing the electronics side of issuing
Public key, verify extract the electronics authority side of issuing public key whether with the electronics authority side of the issuing public key in the first electronics authority information
Unanimously;First electronics authority information does not include the electronics authority side of issuing public key, and the electronics authority side of issuing public key verifications need to use
Examination the mode such as list of cert or effective list of public keys come verify the electronics authority side of issuing public key whether effectively, and then prove electronics
The authority side of issuing public key is effective;
The checking of the step 619 electronics authority side of issuing public key can be placed on electronics authority true or false according to concrete application environment
Performed in the effective electron authority key message that performs or put behind in checking checking, no matter being placed on which link belongs to this hair
Within bright.
620th, it is verified, it is legal authority to judge electronics authority.
621st, checking does not pass through, and electronics authority is the authority forged.
Blank electronic authority key message is verified and issuing organization signature verification can be any according to specific applied environment
Combination, can arbitrarily be set with individual authentication or joint verification, the order of execution.
700th, electronics authority content authenticity is verified
Described electronics authority content authenticity verifies whether the content for verifying electronics authority is tampered with or forges
Cross, if true to close rule, verification process is as shown in figure 12, including following steps:
711st, the second electronics authority information, any information of blank electronic authority are extracted from electronics authority;According to effective electricity
Sub- authority generation method extracts any information of blank electronic authority;
712nd, the 3rd electronics authority information is generated according to any information of blank electronic authority and the second electronics authority information;
713rd, the electronics authority side of issuing public key is extracted;
714th, the electronics authority side of issuing signature is extracted;
It is a kind of example shown in Figure 12, step 711,712,713,714 are to extract effective electron from electronics authority
Authority key message, described effective electron authority key message, which is extracted, can use any means to use any-mode, such as
Be manually entered, scan, the software by cell-phone customer terminal, PC software etc., the mode of the key message storage of extraction do not limit;
The order that 4 steps of above-mentioned steps 711,712,713,714 are performed can arbitrarily be set, need to only ensure 712
After 711;
If step 714 is extracted the electronics authority side's of issuing public key and performed in the extraction of blank electronic authority key message,
It can be omitted at this.
715th, the checking of effective electron authority key message;The checking of described effective electron authority key message is used to test
Whether true demonstrate,prove the electronics authority side of issuing public key whether effectively, in the second electronics authority key message;It is verified under entrance
One step is demonstrate,proved;
The checking of described effective electron authority key message is as shown in figure 13, mainly including following 2 steps:
721st, whether the checking electronics authority side's of issuing public key and the electronics authority side of issuing information are authentic and valid;
The checking of the described electronics authority side of issuing public key can use following several ways:If the first electronics authority is believed
Breath includes the electronics authority side of issuing public key, and the checking of the electronics authority side of issuing public key can be by verifying issuing organization signature progress
Checking, need to only verify whether the electronics authority side of the issuing public key of extraction is opened with the electronics authority in the first electronics authority information herein
Tool side's public key is consistent;First electronics authority information does not include the electronics authority side of issuing public key, the electronics authority side of issuing public key verifications
Whether effectively to need to verify the electronics authority side of issuing public key by using the examination mode such as list of cert or effective list of public keys,
And then prove that the electronics authority side of issuing public key is effective.
By the electronics authority side of issuing public key information verify the electronics authority side of issuing information whether with electronics authority information
The electronics authority side of issuing information it is consistent.
722nd, whether the second electronics authority information of checking is true;Whether described checking the second electronics authority information truly wraps
Include by representing the information of electronics authority uniqueness verify the titles such as commodity/labor service/service, specifications and models, unit, quantity,
Unit price, the amount of money, the tax rate, the amount of tax to be paid, Amount in Total, total amount of tax to be paid, payee, drawer and check whether the information such as people are true
's;
Verification step 722 can be verified according to concrete application environment, or without checking;
Above-mentioned verification step can arbitrarily be set with individual authentication or joint verification, execution sequence;
Above-mentioned verification step can be combined according to concrete application environment, or without checking;
If the step 721 electronics authority side's of issuing public key is performed in the checking of electronics authority true or false, the step herein may be used
To omit.
716th, the checking of the electronics authority side of issuing signature;The checking of the described electronics authority side of issuing signature is used to verify electricity
Whether the sub- authority side of issuing signature is signature of the electronics authority side of issuing to the 3rd electronics authority information;
What the described electronics authority side of issuing signed is verified as calling the second signature verification algorithm, is issued using electronics authority
Square public key is verified to the signature of the 3rd electronics authority information;
The second described signature verification algorithm is calculated for any safely and effectively signature verification corresponding with the second signature algorithm
Method, the pattern of algorithm way of realization, the mode of storage and operation is not limited;
If applied to digest algorithm, calls and plucked with identical in the second signature algorithm second in second signature verification algorithm
Algorithm is wanted to generate digest value;
If applied to encryption algorithm, is called and the volume of identical the 3rd in the second signature algorithm in second signature verification algorithm
Code algorithm generation encoded radio;
Described the second digest algorithm, the 3rd encryption algorithm, the pattern of way of realization, the mode of storage and operation are not limited;
The second described signature verification algorithm can it is identical from the first signature verification algorithm can also be different;
The second described digest algorithm can it is identical from the first digest algorithm can also be different;
The 3rd described encryption algorithm can from the first encryption algorithm, the second encryption algorithm is identical can also be different;
717th, the compliance checking of effective electron authority data critical information;
The compliance checking of described effective electron authority key message is as shown in figure 14, mainly including following 4 steps:
723rd, whether the title such as checking commodity/labor service/service meets defined type of service;
724th, whether before the deadline invoicing time is verified;
725th, whether checking authority type is correct;
726th, whether the checking electronics authority amount of money is in defined amount;
The checking of effective electron authority key message compliance can be combined according to specific applied environment, can be independent
Checking or joint verification, the order of execution can arbitrarily be set.
718th, it is verified, electronics authority data content is real.
The checking of effective electron authority key message, the checking of the electronics authority side of issuing signature, effective electron authority key letter
Breath compliance checking can be combined according to specific applied environment, can be with individual authentication or joint verification, the order of execution
Can arbitrarily it set.
Electronics authority is only verified by the checking of electronics authority true or false and electronics authority content authenticity, just can determine whether this
Electronics authority is legal electronics authority.
The described checking of electronics authority true or false and the checking of electronics authority content authenticity can be tested with individual authentication or combine
Card, execution sequence can arbitrarily be set.
If not including the electronics authority side of issuing public key information in the first electronics authority, electronics is verified by the way of offline
The authority side of issuing public key information needs the server networking periodically with certification authority to update public key information list.
The verification method of above-mentioned electronics authority can independently be verified with single authority, can be tested using batch methods
Card.
Example 2:
This example is used for illustrating that purchaser individual carries out electronics authority open checking by online mode.Described purchase
Buyer individual verifies that electronics authority is similar with off-line verification mode by online mode, and open verification process includes electronics authority
True or false is verified and electronics authority content authenticity verifies two steps.
Difference is three below link:
In the checking of blank electronic authority key message, electronics authority issuing organization public key verifications pass through networking or offline two
Whether effectively kind of mode verifies electronics authority issuing organization public key, and then proves the true of electronics authority issuing organization public key
Property;
The checking of the electronics authority side of issuing public key;If the first electronics authority packet authority containing the electronics side of issuing public key,
The checking of the electronics authority side of issuing public key can need to only verify the electricity of extraction herein by verifying that issuing organization signature is verified
Whether the sub- authority side of issuing public key is consistent with the electronics authority side of the issuing public key in the first electronics authority information;If the first electronics
Authority information does not include the electronics authority side of issuing public key, and the electronics authority side of issuing public key verifications need to open by pinging electronic authority
Effectively whether, whether the checking electronics authority side of issuing public key effectively can be by joining with certification authority server for tool side's public key
Whether effectively net or offline two ways verify the electronics authority side of issuing public key, and then proves the electronics authority side of issuing public key
Authenticity;Verify that electronics authority is issued in the electronics authority side of issuing public key certificate by being networked with certification authority server
Whether square information is consistent with the electronics authority side of the issuing information in electronics authority information;
In the checking of effective electron authority key message, the checking of electronics authority particular content can pass through electronics authority generation
Code and other any values for representing electronics authority uniqueness such as electronics authority number verify the titles such as commodity/labor service/service, rule
Lattice number, unit, quantity, unit price, the amount of money, the tax rate, the amount of tax to be paid, Amount in Total, total amount of tax to be paid, payee, drawer and check people
Whether it is real etc. information;The verification step can be by carrying out nuclear tests with the networking of electronics authority issuing organization server
Card.
The verification method of above-mentioned electronics authority can independently be verified with single authority, it would however also be possible to employ batch methods are carried out
Checking.
Example 3:
This example is used for illustrating that financial system carries out electronics authority open checking by offline mode.Described finance
System verifies that electronics authority is identical using off-line verification mode with individual by offline mode, and open verification process includes electronics
Authority true or false is verified and electronics authority content authenticity verifies two steps.
The verification method of above-mentioned electronics authority can independently be verified with single authority, it would however also be possible to employ batch methods are carried out
Checking.
Example 4:
This example is used for illustrating that financial system carries out electronics authority open checking by online mode.Described finance
Verify that electronics authority is similar with off-line verification mode by online mode, open verification process is tested including electronics authority true or false
Card and electronics authority content authenticity verify two steps.
Difference is three below link:
Blank electronic authority key message checking in, by electronics authority issuing organization public key by with certification authority
Server is networked or whether effectively offline two ways verifies electronics authority issuing organization public key, and then proves that electronics authority is issued
Send out the authenticity of authority public key;
The checking of the electronics authority side of issuing public key;If the first electronics authority packet authority containing the electronics side of issuing public key,
The checking of the electronics authority side of issuing public key can need to only verify the electricity of extraction herein by verifying that issuing organization signature is verified
Whether the sub- authority side of issuing public key is consistent with the electronics authority side of the issuing public key in the first electronics authority information;If the first electronics
Authority information does not include the electronics authority side of issuing public key, and the electronics authority side of issuing public key verifications need the pinging electronic authority side of issuing
Public key whether effectively, the checking electronics authority side of issuing public key whether effectively can by with the networking of certification authority server or
Whether effectively offline two ways verifies the electronics authority side of issuing public key, and then proves the true of the electronics authority side of issuing public key
Property;By being verified with the networking of certification authority server or offline two ways in the electronics authority side of issuing public key certificate
Whether the electronics authority side of issuing information is consistent with the electronics authority side of the issuing information in electronics authority information;
In the checking of effective electron authority key message, the checking of electronics authority particular content can pass through electronics authority generation
Code and other any values for representing electronics authority uniqueness such as electronics authority number verify the titles such as commodity/labor service/service, rule
Lattice number, unit, quantity, unit price, the amount of money, the tax rate, the amount of tax to be paid, Amount in Total, total amount of tax to be paid, payee, drawer and check people
Whether it is real etc. information;The verification step can be by being verified with the networking of electronics authority issuing organization server.
The verification method of above-mentioned electronics authority can independently be verified with single authority, it would however also be possible to employ batch methods are carried out
Checking.
Example 5:
This example is used for illustrating that electronics authority issuing organization carries out electronics authority open checking.Described electronics authority is issued
Open checking of the hair mechanism to electronics authority is disclosed electronics authority with purchaser individual or financial system verifies similar, open to test
Card process includes the checking of electronics authority true or false and electronics authority content authenticity verifies two steps.
Electronics authority issuing organization, which has, deposited in own public key information, list of public keys all electronics authority side of issuing public keys to believe
Breath, the specifying information that all electronics authoritys are deposited in database, the checking for electronics authority is offline or online two ways is equal
Can be with.
The verification method of above-mentioned electronics authority can independently be verified with single authority, it would however also be possible to employ batch methods are carried out
Checking.
Example 1-5 is personal by offline mode, online mode by purchaser, and financial system passes through offline mode, online
Mode, 5 kinds of different application scenarios of electronics authority issuing organization illustrate that a kind of electronics authority discloses verification method.Electronics authority
Checking under other application scene is similar with application scenarios in above-mentioned 5.Different electronics authority different application scene electronics authoritys
Checking demand is different, such as treasury trade authority, train ticket, plane ticket, e bill, electronic contract, hospital charge etc. are verified
Can be appropriate to the progress of above-mentioned verification method to delete and combine according to different application demands, belong to present invention protection model
Within enclosing.
Embodiment 6:
The blank electronic authority generating means structural representation that Figure 15 provides for sixth embodiment of the invention.Described device bag
Include:
Blank electronic authority identification information generation module, for according at least to default electronics authority ticket information, electronics
Electronics authority ticket information in the authority side of issuing public key, the electronics authority side of issuing title three generates the first electronics authority letter
Breath;The first electronics authority information is signed using the first signature algorithm, and with electronics authority issuing organization private key, issued
Send out authority signature;
Blank electronic authority generation module, for according to the first electronics authority information, electronics authority issuing organization public key, issue
Send out authority signature generation blank electronic authority.
Optionally, the blank electronic authority identification information generation module is believed according at least to default electronics authority nominal value
Electronics authority ticket information in breath, the electronics authority side of issuing public key, the electronics authority side of issuing title three generates the first electronics
Authority information, including:According at least to the electronics authority ticket information of the one or two kinds of any of the above combination in following information
Generate the first electronics authority information:
Electronics authority code, electronics authority number, electronics authority type, electronics authority issuing organization title, electronics authority
Amount, the electronics authority term of validity, type of service.
Optionally, the blank electronic authority identification information generation module uses the first signature algorithm, and uses electronics authority
Issuing organization private key is signed to the first electronics authority information, including:Using digest algorithm or encryption algorithm, and use electronics
Authority issuing organization private key is signed to the first electronics authority information.
Optionally, the blank electronic authority generation module, is additionally operable to when the first electronics authority information does not include electricity
The sub- authority side of issuing public key, the electronics authority side of issuing public key is added to the blank electronic authority of generation.
Optionally, the blank electronic authority identification information generation module, is additionally operable to:
According to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, electronics authority nominal value
One or more kinds of any combination in information, blank electronic authority identification code is generated using the second encryption algorithm;
The blank electronic authority generation module, is additionally operable to the blank electronic authority identification code being added to the sky of generation
The sub- authority of white appliances.
Optionally, described device also includes:
Exposure module, for the blank electronic authority of generation to be shown, or printing generation blank authority nominal value.
Embodiment 7:
Figure 16 discloses checking apparatus structure schematic diagram for the blank electronic authority that seventh embodiment of the invention is provided.The sky
The sub- authority of white appliances discloses checking device, including:
Blank electronic authority information extraction modules, the key message for extracting blank electronic authority from electronics authority,
The key message includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Whether electronics authority true or false authentication module, the electronics authority issuing organization public key extracted for verifying is effective;Adjust
With the first signature verification algorithm corresponding with the first signature algorithm, electronics authority issuing organization public key verifications issuing organization label are used
Name;When being verified, judge electronics authority for legal authority.
Optionally,
The electronics authority true or false authentication module calls the first signature verification algorithm corresponding with the first signature algorithm, bag
Include:Call corresponding with the first signature algorithm digest algorithm or encryption algorithm.
Optionally,
The blank electronic authority information extraction modules, are additionally operable to when the first electronics authority information is not opened including electronics authority
Tool side's public key, extracts the electronics authority side of issuing public key;
The electronics authority true or false authentication module, is additionally operable to the checking electronics authority side of issuing public key.
Optionally,
The electronics authority true or false authentication module checking electronics authority side of the issuing public key, including:Checking electronics authority is opened
Whether tool side's public key is effective.
Optionally, the electronics authority true or false authentication module uses electronics authority issuing organization public key verifications issuing organization
Signature, including:When the first electronics authority information includes the electronics authority side of issuing public key, by verifying issuing organization signature progress
The electronics authority side of issuing public key verifications.
Embodiment 8:
The effective electron authority generating means structural representation that Figure 17 provides for eighth embodiment of the invention.Described device bag
Include:
Effective electron authority identification information generation module, it is specifically interior for the electronics authority side of issuing generation description electronics authority
The the second electronics authority information held;Any information in blank electronic authority is generated the 3rd together with the second electronics authority information
Electronics authority information;The second signature algorithm is called, the 3rd electronics authority information is signed using the electronics authority side's of issuing private key
Name, the generation electronics authority side of issuing signature;
Effective electron authority generation module, for being opened according to blank electronic authority, the second electronics authority information, electronics authority
Tool side's signature generates effective electron authority together.
Optionally, the effective electron authority identification information generation module, is additionally operable to call the 4th encryption algorithm, to electronics
Authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, the electronics authority side of issuing signature, the first electronics
Authority information, any combination of the second electronics authority information are encoded, and generate effective electron authority identification code;
The effective electron authority generation module, is additionally operable to effective electron authority identification code being added to effective electricity of generation
Sub- authority.
Optionally, the effective electron authority identification information generation module, is additionally operable to according to the electronics authority coding prestored
Method, increase electronics authority issuing organization public key, issuing organization signature, electronics authority are opened in the information of the participation coding prestored
Tool side's public key, the electronics authority side of issuing signature, the first electronics authority information, any combination of the second electronics authority information are compiled
Code, generates the second effective electron authority identification code;
The effective electron authority generation module, is additionally operable to effective electron authority identification code and/or the second effective electron
Authority identification code is added to the effective electron authority of generation.
Optionally, described device also includes:
Exposure module, for the effective electron authority of generation to be shown, or the true authority nominal value of printing generation.
Embodiment 9:
Figure 18 discloses checking apparatus structure schematic diagram for the effective electron authority that ninth embodiment of the invention is provided.
Effective electron authority information extraction modules, it is described for extracting effective electron authority key message from electronics authority
Key message includes:The electronics authority side of issuing signature;
Electronics authority content authenticity authentication module, calls the second signature verification algorithm to use the electronics authority side of issuing public key
Verify the electronics authority side of issuing signature;When being verified, judge that electronics authority content is real.
Optionally,
The effective electron authority information extraction modules, are additionally operable to extract the electronics authority side of issuing public key;
The electronics authority content authenticity authentication module, is additionally operable to the checking electronics authority side of issuing public key.
Optionally, effective electron authority information extraction modules, are additionally operable to extract the second electronics authority information, according to effective electricity
Sub- authority generation method extracts any information of blank electronic authority;
The electronics authority content authenticity authentication module is additionally operable to be tested according to the effective electron authority key message of extraction
The key message authenticity of electronics authority is demonstrate,proved, is also included:The value for representing electronics authority uniqueness by checking verifies electronics authority
Key message authenticity.The electronics authority content authenticity authentication module is additionally operable to be closed according to the effective electron authority of extraction
Key information verifies the key message compliance of electronics authority, also includes but is not limited to include:Verify in the second electronics authority information
The title such as commodity/labor service/service whether meet defined type of service, checking invoicing time whether before the deadline, checking
Whether authority type is correct, whether the checking amount of money is in amount etc..
Embodiment 10:
The generation of electronics authority and open verification method flow chart that Figure 19 provides for tenth embodiment of the invention.Methods described
Including:
Blank electronic authority identification information generation step 1801:According at least to default electronics authority ticket information, electronics
Electronics authority ticket information in the authority side of issuing public key, the electronics authority side of issuing title three generates the first electronics authority letter
Breath;The first electronics authority information is signed using the first signature algorithm, and with electronics authority issuing organization private key, issued
Send out authority signature;
Blank electronic authority generation step 1802:According to the first electronics authority information, electronics authority issuing organization public key, issue
Send out authority signature generation blank electronic authority;
Effective electron authority identification information generation step 1803:The electronics authority side of issuing is generated for describing electronics authority tool
The the second electronics authority information held in vivo;Any information in blank electronic authority is generated together with the second electronics authority information
3rd electronics authority information;The second signature algorithm is called, the 3rd electronics authority information is entered using the electronics authority side's of issuing private key
Row signature, the generation electronics authority side of issuing signature;
Effective electron authority generation step 1804:Opened according to blank electronic authority, the second electronics authority information, electronics authority
Tool side's signature generates effective electron authority together;
Show step 1805:The effective electron authority of generation is shown, or the true authority nominal value of printing generation;
Blank electronic authority information extracting step 1806:The key message of blank electronic authority is extracted from electronics authority,
The key message includes:Electronics authority issuing organization public key, issuing organization signature;
Electronics authority true or false verification step 1807:Verify whether the electronics authority issuing organization public key extracted is effective;Adjust
With the first signature verification algorithm corresponding with the first signature algorithm, electronics authority issuing organization public key verifications issuing organization label are used
Name;When being verified, judge electronics authority for legal authority;
Effective electron authority information extracting step 1808:Effective electron authority key message is extracted from electronics authority, it is described
Key message includes:The electronics authority side of issuing signature;
Electronics authority content authenticity verification step 1809:The second signature verification algorithm is called, is issued using electronics authority
The square public key verifications electronics authority side of issuing signature;When being verified, judge that electronics authority content is real.
Embodiment 11:
The generation of blank electronic authority and open checking system schematic diagram that Figure 20 provides for eleventh embodiment of the invention, institute
The system of stating includes:
Blank electronic authority identification information generation module, for according at least to default electronics authority ticket information, electronics
Electronics authority ticket information in the authority side of issuing public key, the electronics authority side of issuing title three generates the first electronics authority letter
Breath;The first electronics authority information is signed using the first signature algorithm, and with electronics authority issuing organization private key, issued
Send out authority signature;
Blank electronic authority generation module, for according to the first electronics authority information, electronics authority issuing organization public key, issue
Send out authority signature generation blank electronic authority;
Exposure module, for the blank electronic authority of generation to be shown, or printing generation blank authority nominal value;
Blank electronic authority information extraction modules, the key message for extracting blank electronic authority from electronics authority,
The key message includes:Electronics authority issuing organization public key, issuing organization signature;
Whether electronics authority true or false authentication module, the electronics authority issuing organization public key extracted for verifying is effective;Adjust
With the first signature verification algorithm corresponding with the first signature algorithm, electronics authority issuing organization public key verifications issuing organization label are used
Name;When being verified, judge electronics authority for legal authority.
Optionally, the blank electronic authority identification information generation module is believed according at least to default electronics authority nominal value
Electronics authority ticket information in breath, the electronics authority side of issuing public key, the electronics authority side of issuing title three generates the first electronics
Authority information, including:According at least to the electronics authority ticket information of the one or two kinds of any of the above combination in following information
Generate the first electronics authority information:
Electronics authority code, electronics authority number, electronics authority type, electronics authority issuing organization title, electronics authority
Amount, the electronics authority term of validity, type of service.
Optionally,
The blank electronic authority identification information generation module uses the first signature algorithm, and with electronics authority issuing organization
Private key is signed to the first electronics authority information, including:Issued using digest algorithm or encryption algorithm, and with electronics authority
Mechanism private key is signed to the first electronics authority information.
Optionally,
The blank electronic authority generation module, is additionally operable to when the first electronics authority information is not opened including electronics authority
Tool side's public key, the electronics authority side of issuing public key is added to the blank electronic authority of generation.
Optionally, the blank electronic authority identification information generation module, is additionally operable to:
Issued according to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, electronics authority
One or more kinds of any combination in square title, electronics authority ticket information, are generated empty using the second encryption algorithm
The sub- authority identification code of white appliances;
The blank electronic authority generation module, is additionally operable to the blank electronic authority identification code being added to the sky of generation
The sub- authority of white appliances.
Optionally,
The blank electronic authority information extraction modules, are additionally operable to when the first electronics authority information is not opened including electronics authority
Tool side's public key, extracts the electronics authority side of issuing public key;
Whether effective the electronics authority true or false authentication module, be additionally operable to the checking electronics authority side of issuing public key.
Optionally,
The electronics authority true or false authentication module is signed using electronics authority issuing organization public key verifications issuing organization, bag
Include:When the first electronics authority information includes the electronics authority side of issuing public key, by verify issuing organization signature carry out electronics with
According to the side's of issuing public key verifications.
Embodiment 12:
The generation of blank electronic authority and open verification method flow chart that Figure 21 provides for twelveth embodiment of the invention, institute
The method of stating includes:
Blank electronic authority identification information generation step 2001:According at least to default electronics authority ticket information, electronics
Electronics authority ticket information in the authority side of issuing public key, the electronics authority side of issuing title three generates the first electronics authority letter
Breath;The first electronics authority information is signed using the first signature algorithm, and with electronics authority issuing organization private key, issued
Send out authority signature;
Blank electronic authority generation step 2002:According to the first electronics authority information, electronics authority issuing organization public key, issue
Send out authority signature generation blank electronic authority;
Exposure module step 2003:The blank electronic authority of generation is shown, or printing generation blank authority nominal value;
Blank electronic authority information extracting step 2004:The key message of blank electronic authority is extracted from electronics authority,
The key message includes:Electronics authority issuing organization public key, issuing organization signature;
Electronics authority true or false verification step 2005:Verify whether the electronics authority issuing organization public key extracted is effective;Adjust
With the first signature verification algorithm corresponding with the first signature algorithm, electronics authority issuing organization public key verifications issuing organization label are used
Name;When being verified, judge electronics authority for legal authority.
Optionally, the blank electronic authority identification information generation step 2001, also includes:
Issued according to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, electronics authority
One or more kinds of any combination in square title, electronics authority ticket information, are generated empty using the second encryption algorithm
The sub- authority identification code of white appliances;
The blank electronic authority generation step 2002, also including the blank electronic authority identification code is added into generation
Blank electronic authority.
Optionally,
The blank electronic authority information extracting step 2004, also includes:When the first electronics authority information does not include electronics
The authority side of issuing public key, extracts the electronics authority side of issuing public key;
The electronics authority true or false verification step 2005, also includes:Verify the electronics authority side of issuing public key.
Optionally, the checking electronics authority side of issuing public key, including:Whether the checking electronics authority side of issuing public key has
Effect.
Optionally, the electronics authority true or false verification step uses electronics authority issuing organization public key verifications issuing organization
Signature, including:When the first electronics authority information includes the electronics authority side of issuing public key, by verifying issuing organization signature progress
The electronics authority side of issuing public key verifications.
Optionally, electronics authority true or false verification step 2005, also includes:According to the first electronics authority Information Authentication electronics
Authority true or false;
Optionally, the electronics authority ticket information includes one or more kinds of any groups in following information
Close:
Electronics authority code, electronics authority number, electronics authority type, electronics authority issuing organization title, electronics authority
Amount, the electronics authority term of validity, type of service.
Optionally, the first signature verification algorithm is algorithm corresponding with the first signature algorithm, including:Digest algorithm or
Person's encryption algorithm.
Optionally, the blank electronic authority generation step 2002, also includes:When the first electronics authority information is not wrapped
The electronics authority side of issuing public key is included, the electronics authority side of issuing public key is added to the blank electronic authority of generation.
Other electronics authoritys such as treasury trade authority, train ticket, plane ticket, e bill etc., various authoritys can root
According to respective demand for security, the generation and verification method for using for reference the embodiment of the present invention carry out the generation of various electronics authoritys, shown
And checking, belong within the scope of the present invention.
In addition, the embodiment of the present invention also provides a kind of computer-readable recording medium, be stored with computer executable instructions,
The computer executable instructions realize above-mentioned method when being performed.
It should be noted that herein, term " comprising ", "comprising" or its any other variant are intended to non-row
His property is included, so that process, method, article or device including a series of key elements not only include those key elements, and
And also including other key elements being not expressly set out, or also include for this process, method, article or device institute inherently
Key element.In the absence of more restrictions, the key element limited by sentence "including a ...", it is not excluded that including this
Also there is other identical element in process, method, article or the device of key element.
The embodiments of the present invention are for illustration only, and the quality of embodiment is not represented.
Through the above description of the embodiments, those skilled in the art can be understood that above-described embodiment side
Method can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but in many cases
The former is more preferably embodiment.Understood based on such, technical scheme is substantially done to prior art in other words
Going out the part of contribution can be embodied in the form of software product, and the computer software product is stored in a storage medium
In (such as ROM/RAM, magnetic disc, CD), including some instructions are make it that a station terminal equipment (can be mobile phone, computer, clothes
It is engaged in device, air-conditioner, or network equipment etc.) perform method described in each embodiment of the invention.
The preferred embodiments of the present invention are these are only, are not intended to limit the scope of the invention, it is every to utilize this hair
Equivalent structure or equivalent flow conversion that bright specification and accompanying drawing content are made, or directly or indirectly it is used in other related skills
Art field, is included within the scope of the present invention.
Claims (24)
1. a kind of blank electronic authority generation method, it is characterised in that including:
Blank electronic authority identification information generation step:Issued according at least to default electronics authority ticket information, electronics authority
Electronics authority ticket information in square public key, the electronics authority side of issuing title three generates the first electronics authority information;Using
One signature algorithm, and the first electronics authority information is signed with electronics authority issuing organization private key, obtain issuing organization label
Name;
Blank electronic authority generation step:According to the first electronics authority information, electronics authority issuing organization public key, issuing organization label
Name generation blank electronic authority.
2. according to the method described in claim 1, it is characterised in that the electronics authority ticket information is included in following information
One or more kinds of any combination:
Electronics authority code, electronics authority number, electronics authority type, electronics authority issuing organization title, electronics authority amount,
The electronics authority term of validity, type of service.
3. according to the method described in claim 1, it is characterised in that
The blank electronic authority generation step, also includes:When the first electronics authority information is not issued including electronics authority
Square public key, the electronics authority side of issuing public key is added to the blank electronic authority of generation.
4. according to the method described in claim 1, it is characterised in that the blank electronic authority identification information generation step, also
Including:
According to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, the electronics authority side of issuing name
One or more kinds of any combination in title, electronics authority ticket information, blank electricity is generated using the second encryption algorithm
Sub- authority identification code;
The blank electronic authority generation step, also includes:The blank electronic authority identification code is added to the blank of generation
Electronics authority.
5. the method according to Claims 1-4 any one, it is characterised in that methods described also includes:
Show step:The blank electronic authority of generation is shown, or printing generation blank authority nominal value.
6. a kind of blank electronic authority discloses verification method, it is characterised in that including:
Blank electronic authority information extracting step:The key message of blank electronic authority, the key are extracted from electronics authority
Information includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Electronics authority true or false verification step:Verify whether the electronics authority issuing organization public key extracted is effective;Call and first
The corresponding first signature verification algorithm of signature algorithm, is signed using electronics authority issuing organization public key verifications issuing organization;When testing
Card passes through, and judges electronics authority for legal authority.
7. method according to claim 6, it is characterised in that
The blank electronic authority information extracting step, also includes:When the first electronics authority information is not issued including electronics authority
Square public key, extracts the electronics authority side of issuing public key;
The electronics authority true or false verification step, also includes:Verify whether the electronics authority side of issuing public key is effective.
8. method according to claim 6, it is characterised in that
The electronics authority true or false verification step is signed using electronics authority issuing organization public key verifications issuing organization, including:
When the first electronics authority information includes the electronics authority side of issuing public key, opened by verifying that issuing organization signature carries out electronics authority
Tool side's public key verifications.
9. a kind of blank electronic authority generating means, it is characterised in that including:
Blank electronic authority identification information generation module, for according at least to default electronics authority ticket information, electronics authority
Electronics authority ticket information in the side's of issuing public key, the electronics authority side of issuing title three generates the first electronics authority information;Adopt
The first signature algorithm is used, and the first electronics authority information is signed with electronics authority issuing organization private key, obtains issuing machine
Structure is signed;
Blank electronic authority generation module, for according to the first electronics authority information, electronics authority issuing organization public key, issue machine
Structure signature generation blank electronic authority.
10. device according to claim 9, it is characterised in that the blank electronic authority identification information generation module is extremely
Few electricity in default electronics authority ticket information, the electronics authority side of issuing public key, the electronics authority side of issuing title three
Sub- authority ticket information generates the first electronics authority information, including:More than the one or two kinds of in following information
The electronics authority ticket information of any combination generates the first electronics authority information:
Electronics authority code, electronics authority number, electronics authority type, electronics authority issuing organization title, electronics authority amount,
The electronics authority term of validity, type of service.
11. device according to claim 9, it is characterised in that
The blank electronic authority generation module, is additionally operable to when the first electronics authority information does not include the electronics authority side of issuing
Public key, the electronics authority side of issuing public key is added to the blank electronic authority of generation.
12. device according to claim 9, it is characterised in that the blank electronic authority identification information generation module, also
For:
According to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, the electronics authority side of issuing name
One or more kinds of any combination in title, electronics authority ticket information, blank electricity is generated using the second encryption algorithm
Sub- authority identification code;
The blank electronic authority generation module, is additionally operable to the blank electronic authority identification code being added to the blank electricity of generation
Sub- authority.
13. the device according to claim 9 to 12 any one, it is characterised in that described device also includes:
Exposure module, for the blank electronic authority of generation to be shown, or printing generation blank authority nominal value.
14. a kind of blank electronic authority discloses checking device, it is characterised in that including:
Blank electronic authority information extraction modules, the key message for extracting blank electronic authority from electronics authority is described
Key message includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Whether electronics authority true or false authentication module, the electronics authority issuing organization public key extracted for verifying is effective;Call with
The corresponding first signature verification algorithm of first signature algorithm, is signed using electronics authority issuing organization public key verifications issuing organization;
When being verified, judge electronics authority for legal authority.
15. device according to claim 14, it is characterised in that
The blank electronic authority information extraction modules, are additionally operable to when the first electronics authority information does not include the electronics authority side of issuing
Public key, extracts the electronics authority side of issuing public key;
Whether effective the electronics authority true or false authentication module, be additionally operable to the checking electronics authority side of issuing public key.
16. device according to claim 14, it is characterised in that the electronics authority true or false authentication module uses electronics
Authority issuing organization public key verifications issuing organization is signed, including:When the first electronics authority information includes the electronics authority side of issuing
Public key, by verifying that issuing organization signature carries out the electronics authority side of issuing public key verifications.
17. a kind of blank electronic authority generation and open checking system, it is characterised in that the system includes:
Blank electronic authority identification information generation module, for according at least to default electronics authority ticket information, electronics authority
Electronics authority ticket information in the side's of issuing public key, the electronics authority side of issuing title three generates the first electronics authority information;Adopt
The first signature algorithm is used, and the first electronics authority information is signed with electronics authority issuing organization private key, obtains issuing machine
Structure is signed;
Blank electronic authority generation module, for according to the first electronics authority information, electronics authority issuing organization public key, issue machine
Structure signature generation blank electronic authority;
Exposure module, for the blank electronic authority of generation to be shown, or printing generation blank authority nominal value;
Blank electronic authority information extraction modules, the key message for extracting blank electronic authority from electronics authority is described
Key message includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Whether electronics authority true or false authentication module, the electronics authority issuing organization public key extracted for verifying is effective;Call with
The corresponding first signature verification algorithm of first signature algorithm, is signed using electronics authority issuing organization public key verifications issuing organization;
When being verified, judge electronics authority for legal authority.
18. system according to claim 17, it is characterised in that
The blank electronic authority generation module, is additionally operable to when the first electronics authority information does not include the electronics authority side of issuing
Public key, the electronics authority side of issuing public key is added to the blank electronic authority of generation;
The blank electronic authority information extraction modules, are additionally operable to extract the electronics authority side of issuing public key;
Whether effective the electronics authority true or false authentication module, be additionally operable to the checking electronics authority side of issuing public key.
19. system according to claim 17, it is characterised in that the blank electronic authority identification information generation module,
It is additionally operable to:
According to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, the electronics authority side of issuing name
One or more kinds of any combination in title, electronics authority ticket information, blank electricity is generated using the second encryption algorithm
Sub- authority identification code;
The blank electronic authority generation module, is additionally operable to the blank electronic authority identification code being added to the blank electricity of generation
Sub- authority.
20. a kind of blank electronic authority generation and open verification method, it is characterised in that methods described includes:
Blank electronic authority identification information generation step:Issued according at least to default electronics authority ticket information, electronics authority
Electronics authority ticket information in square public key, the electronics authority side of issuing title three generates the first electronics authority information;Using
One signature algorithm, and the first electronics authority information is signed with electronics authority issuing organization private key, obtain issuing organization label
Name;
Blank electronic authority generation step:According to the first electronics authority information, electronics authority issuing organization public key, issuing organization label
Name generation blank electronic authority;
Show step:The blank electronic authority of generation is shown, or printing generation blank authority nominal value;
Blank electronic authority information extracting step:The key message of blank electronic authority, the key are extracted from electronics authority
Information includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Electronics authority true or false verification step:Verify whether the electronics authority issuing organization public key extracted is effective;Call and first
The corresponding first signature verification algorithm of signature algorithm, is signed using electronics authority issuing organization public key verifications issuing organization;When testing
Card passes through, and judges electronics authority for legal authority.
21. method according to claim 20, it is characterised in that
The blank electronic authority generation step, also includes:When the first electronics authority information is not issued including electronics authority
Square public key, the electronics authority side of issuing public key is added to the blank electronic authority of generation;
The blank electronic authority information extracting step, also includes:Extract the electronics authority side of issuing public key;
The electronics authority true or false verification step, also includes:Verify whether the electronics authority side of issuing public key is effective.
22. method according to claim 20, it is characterised in that the blank electronic authority identification information generation step,
Also include:
According to electronics authority issuing organization public key, issuing organization signature, the electronics authority side of issuing public key, the electronics authority side of issuing name
One or more kinds of any combination in title, electronics authority ticket information, blank electricity is generated using the second encryption algorithm
Sub- authority identification code;
The blank electronic authority generation step, also the blank electricity including the blank electronic authority identification code to be added to generation
Sub- authority.
23. a kind of electronics authority generation and open checking system, it is characterised in that the system includes:
Blank electronic authority identification information generation module, for according at least to default electronics authority ticket information, electronics authority
Electronics authority ticket information in the side's of issuing public key, the electronics authority side of issuing title three generates the first electronics authority information;Adopt
The first signature algorithm is used, and the first electronics authority information is signed with electronics authority issuing organization private key, obtains issuing machine
Structure is signed;
Blank electronic authority generation module, for according to the first electronics authority information, electronics authority issuing organization public key, issue machine
Structure signature generation blank electronic authority;
Effective electron authority identification information generation module, is generated specifically interior for describing electronics authority for the electronics authority side of issuing
The the second electronics authority information held;Any information in blank electronic authority is generated together with the second electronics authority information
3rd electronics authority information;The second signature algorithm is called, the 3rd electronics authority information is entered using the electronics authority side's of issuing private key
Row signature, the generation electronics authority side of issuing signature;
Effective electron authority generation module, for according to blank electronic authority, the second electronics authority information, the electronics authority side of issuing
Signature generation effective electron authority;
Exposure module, for the effective electron authority of generation to be shown, or the true authority nominal value of printing generation;
Blank electronic authority information extraction modules, the key message for extracting blank electronic authority from electronics authority is described
Key message includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Whether electronics authority true or false authentication module, the electronics authority issuing organization public key extracted for verifying is effective;Call with
The corresponding first signature verification algorithm of first signature algorithm, is signed using electronics authority issuing organization public key verifications issuing organization;
When being verified, judge electronics authority for legal authority;
Effective electron authority information extraction modules, for extracting effective electron authority key message, the key from electronics authority
Information includes:The electronics authority side of issuing signature;
Electronics authority content authenticity authentication module, for calling the second signature verification algorithm, uses the electronics authority side of issuing public affairs
The key checking electronics authority side of issuing signature;When being verified, judge that electronics authority content is real.
24. a kind of electronics authority generation and open verification method, it is characterised in that including:
Blank electronic authority identification information generation step:Issued according at least to default electronics authority ticket information, electronics authority
Electronics authority ticket information in square public key, the electronics authority side of issuing title three generates the first electronics authority information;Using
One signature algorithm, and the first electronics authority information is signed with electronics authority issuing organization private key, obtain issuing organization label
Name;
Blank electronic authority generation step:According to the first electronics authority information, electronics authority issuing organization public key, issuing organization label
Name generation blank electronic authority;
Effective electron authority identification information generation step:The electronics authority side of issuing is generated for describing electronics authority particular content
Second electronics authority information;Any information in blank electronic authority is generated the 3rd together with the second electronics authority information
Electronics authority information;The second signature algorithm is called, the 3rd electronics authority information is signed using the electronics authority side's of issuing private key
Name, the generation electronics authority side of issuing signature;
Effective electron authority generation step:According to blank electronic authority, the second electronics authority information, the electronics authority side of issuing signature
Generate effective electron authority;
Show step:The effective electron authority of generation is shown, or the true authority nominal value of printing generation;
Blank electronic authority information extracting step:The key message of blank electronic authority, the key are extracted from electronics authority
Information includes:First electronics authority information, electronics authority issuing organization public key, issuing organization signature;
Electronics authority true or false verification step:Verify whether the electronics authority issuing organization public key extracted is effective;Call and first
The corresponding first signature verification algorithm of signature algorithm, is signed using electronics authority issuing organization public key verifications issuing organization;When testing
Card passes through, and judges electronics authority for legal authority;
Effective electron authority information extracting step:Effective electron authority key message, the key message are extracted from electronics authority
Including:The electronics authority side of issuing signature;
Electronics authority content authenticity verification step:The second signature verification algorithm is called, is tested using the electronics authority side of issuing public key
Demonstrate,prove the electronics authority side of issuing signature;When being verified, judge that electronics authority content is real.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710060108.3A CN106952093B (en) | 2017-01-24 | 2017-01-24 | Blank electronic certificate generation and public verification method, device and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710060108.3A CN106952093B (en) | 2017-01-24 | 2017-01-24 | Blank electronic certificate generation and public verification method, device and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106952093A true CN106952093A (en) | 2017-07-14 |
CN106952093B CN106952093B (en) | 2020-01-14 |
Family
ID=59466335
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710060108.3A Active CN106952093B (en) | 2017-01-24 | 2017-01-24 | Blank electronic certificate generation and public verification method, device and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106952093B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107749085A (en) * | 2017-10-25 | 2018-03-02 | 北京匡恩网络科技有限责任公司 | Ticket card, method and machinable medium using ticket card |
CN107944837A (en) * | 2017-12-15 | 2018-04-20 | 广州天宁信息技术有限公司 | A kind of authority processing method, device and system |
CN110875922A (en) * | 2018-08-31 | 2020-03-10 | K11集团有限公司 | One-stop office management system |
CN110955917A (en) * | 2019-10-28 | 2020-04-03 | 航天信息股份有限公司 | Method and system for verifying electronic certificates related to multiple participants |
CN115660878A (en) * | 2022-11-03 | 2023-01-31 | 深圳标普云科技有限公司 | Electronic invoice realization method and system |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080147561A1 (en) * | 2006-12-18 | 2008-06-19 | Pitney Bowes Incorporated | Image based invoice payment with digital signature verification |
CN104680202A (en) * | 2013-12-03 | 2015-06-03 | 航天信息股份有限公司 | Methods for generating and verifying two-dimension code of invoice |
CN104778614A (en) * | 2014-04-30 | 2015-07-15 | 无锡工艺职业技术学院 | Electronic invoice generation steps and false discrimination method of electronic invoice |
CN105812424A (en) * | 2014-12-30 | 2016-07-27 | 航天信息股份有限公司 | Method and device used for checking electronic invoices |
CN105809494A (en) * | 2014-12-30 | 2016-07-27 | 航天信息股份有限公司 | method and system for invoice generation and invoice verification |
-
2017
- 2017-01-24 CN CN201710060108.3A patent/CN106952093B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080147561A1 (en) * | 2006-12-18 | 2008-06-19 | Pitney Bowes Incorporated | Image based invoice payment with digital signature verification |
CN104680202A (en) * | 2013-12-03 | 2015-06-03 | 航天信息股份有限公司 | Methods for generating and verifying two-dimension code of invoice |
CN104778614A (en) * | 2014-04-30 | 2015-07-15 | 无锡工艺职业技术学院 | Electronic invoice generation steps and false discrimination method of electronic invoice |
CN105812424A (en) * | 2014-12-30 | 2016-07-27 | 航天信息股份有限公司 | Method and device used for checking electronic invoices |
CN105809494A (en) * | 2014-12-30 | 2016-07-27 | 航天信息股份有限公司 | method and system for invoice generation and invoice verification |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107749085A (en) * | 2017-10-25 | 2018-03-02 | 北京匡恩网络科技有限责任公司 | Ticket card, method and machinable medium using ticket card |
CN107944837A (en) * | 2017-12-15 | 2018-04-20 | 广州天宁信息技术有限公司 | A kind of authority processing method, device and system |
CN110875922A (en) * | 2018-08-31 | 2020-03-10 | K11集团有限公司 | One-stop office management system |
CN110875922B (en) * | 2018-08-31 | 2021-09-14 | K11集团有限公司 | One-stop office management system |
CN110955917A (en) * | 2019-10-28 | 2020-04-03 | 航天信息股份有限公司 | Method and system for verifying electronic certificates related to multiple participants |
CN110955917B (en) * | 2019-10-28 | 2024-02-02 | 航天信息股份有限公司 | Method and system for verifying electronic certificates related to multiple participants |
CN115660878A (en) * | 2022-11-03 | 2023-01-31 | 深圳标普云科技有限公司 | Electronic invoice realization method and system |
CN115660878B (en) * | 2022-11-03 | 2023-05-05 | 深圳标普云科技有限公司 | Method and system for realizing electronic invoice |
Also Published As
Publication number | Publication date |
---|---|
CN106952093B (en) | 2020-01-14 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106952093A (en) | A kind of blank electronic authority generation, open verification method, apparatus and system | |
CN104268758B (en) | A kind of Comodity anti-fake system based on invoice and third-party E-commerce platform | |
CN110335149A (en) | A kind of assets based on block chain really weigh transaction realization method and system | |
CN107679045A (en) | Copyright authorization management method and system | |
JP2001508883A (en) | Method and system for processing electronic documents | |
CN109544152A (en) | Supply chain method of payment, cashing method, device, equipment and medium based on block chain | |
CN107025460A (en) | The system and method for improving contract management level and efficiency | |
CN106575400A (en) | Authentication system with message conversion | |
CN105162606B (en) | A kind of method based on electronic legislative identity certificate entity card generation network mapping certificate | |
CN110148048A (en) | A kind of bank confirmation request management method based on block chain technology | |
JPH11503541A (en) | Electronic Funds Transaction Certificate | |
CN102867253A (en) | Method for providing added value function for mobile phone payment | |
CN106685665B (en) | A kind of generation of effective electron authority, openly verification method, apparatus and system | |
CN109767228A (en) | A kind of energy transaction in assets system based on block chain | |
CN106934618B (en) | A kind of generation of electronics authority, openly verification method, apparatus and system | |
CN106779698A (en) | A kind of distribution for paying mark and its safe payment method, system and device | |
CN108133415A (en) | A kind of electronics authority method of charging out, device and system | |
CN100354898C (en) | Antifake method and apparatus for banker's bill based on digital video-frequency | |
Shope | The bill of lading on the blockchain: an analysis of its compatibility with international rules on commercial transactions | |
CN113723951A (en) | Rights and interests transfer system based on block chain | |
CN110750576A (en) | Block chain-based paper-electricity integrated certificate query method and system and storage medium | |
Lepiane et al. | Digital degree certificates for higher education in brazil: A technical policy specification | |
CN109889343A (en) | Electronic invoice circulation control method and device | |
Wijaya et al. | Smart Stamp Duty | |
JP5042606B2 (en) | Electronic receipt authentication device and electronic receipt system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20230403 Address after: 510535 Ruibao building, 79 Ruihe Road, Science City, Luogang District, Guangzhou City, Guangdong Province Patentee after: GUANGZHOU TIANNING INFORMATION TECHNOLOGY Co.,Ltd. Address before: 510535 Ruibao building, 79 Ruihe Road, Science City, Luogang District, Guangzhou City, Guangdong Province Patentee before: GUANGZHOU TIANNING INFORMATION TECHNOLOGY Co.,Ltd. Patentee before: GUANGZHOU KEYUAN INFORMATION TECHNOLOGY Co.,Ltd. |