CN107094081A - The solution that a kind of use UsbKey for supporting many browsers is digitally signed - Google Patents

The solution that a kind of use UsbKey for supporting many browsers is digitally signed Download PDF

Info

Publication number
CN107094081A
CN107094081A CN201710507141.6A CN201710507141A CN107094081A CN 107094081 A CN107094081 A CN 107094081A CN 201710507141 A CN201710507141 A CN 201710507141A CN 107094081 A CN107094081 A CN 107094081A
Authority
CN
China
Prior art keywords
browser
digitally signed
solution
webserver
websocket
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710507141.6A
Other languages
Chinese (zh)
Inventor
展召磊
李秀芳
郑彬
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jinan Inspur Hi Tech Investment and Development Co Ltd
Original Assignee
Jinan Inspur Hi Tech Investment and Development Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jinan Inspur Hi Tech Investment and Development Co Ltd filed Critical Jinan Inspur Hi Tech Investment and Development Co Ltd
Priority to CN201710507141.6A priority Critical patent/CN107094081A/en
Publication of CN107094081A publication Critical patent/CN107094081A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

The present invention provides the solution that a kind of use UsbKey for supporting many browsers is digitally signed, the solution is to directly invoke Usb Key bottoms storehouse by the way that WebServer services are locally created to be digitally signed operation, and signature value then is delivered into browser by WebSocket.The solution realizes that step includes:WebServer services are locally created in user, and the service can call UsbKey private keys to be digitally signed operation and form signature value;It when user makes requests on digital signing operations by browser, can be communicated by WebSocket with WebServer, notify WebServer to be digitally signed operation;After signature value is formed, browser is returned to by WebSocket.The present invention completes digital signature by setting up WebServer, has broken away from the dependence to ActiveX control, has broken away from the dependence to browser version.

Description

The solution that a kind of use UsbKey for supporting many browsers is digitally signed
Technical field
The present invention relates to PKI technical fields, specifically a kind of use UsbKey for supporting many browsers carries out numeral The solution of signature.
Background technology
With the continuous upgrading of browser version, the IE browser and Chrome browsers of latest edition have been abandoned Support to ActiveX control, it is traditional by way of ActiveX calls Usb Key private keys to be digitally signed Meet user's needs.How to call Usb Key private keys to be digitally signed by browser and have become digital certificate authentication machine The structure technical barrier to be solved.
Based on this, the solution that a kind of use UsbKey for supporting many browsers is digitally signed is designed, with solution The problem of can not being digitally signed caused by not supported ActiveX control due to browser.
The content of the invention
The technical assignment of the present invention is to solve the deficiencies in the prior art there is provided a kind of use UsbKey for supporting many browsers The solution being digitally signed, solution can not carry out numeral caused by not supported ActiveX control due to browser The problem of signature.
The technical solution adopted for the present invention to solve the technical problems is:
The solution that a kind of use UsbKey for supporting many browsers is digitally signed, the solution is by locally building Vertical WebServer services are digitally signed operation to directly invoke Usb Key bottoms storehouse, then pass through signature value WebSocket is delivered to browser.
The solution realizes that step includes:
WebServer services are locally created in user, and the service can call UsbKey private keys to be digitally signed operation and form label Name value;
When user makes requests on digital signing operations by browser, it can be communicated by WebSocket with WebServer, WebServer is notified to be digitally signed operation;
After signature value is formed, browser is returned to by WebSocket.
In above-mentioned narration, involved browser can from IE browser, Chrome browsers, Opera browsers, search Dog browser, proud trip browser, baidu browser or cheetah browser.
Solution and prior art that a kind of use UsbKey for supporting many browsers of the present invention is digitally signed It is compared to produced beneficial effect:
1)The present invention completes digital signature by setting up WebServer, has broken away from the dependence to ActiveX control, breaks away from pair The dependence of browser version;
2)In the solution implementation process of the present invention, signature value is produced in the UsbKey of subscription client, and is locally being transmitted To browser, it is ensured that security;
3)In addition, WebServer can be installed with one piece of packing of driving, Consumer's Experience is not influenceed;WebSocket is used simply, Learning cost is relatively low.
Brief description of the drawings
Accompanying drawing 1 is the digital signature schematic flow sheet of the present invention;
Accompanying drawing 2 is the digital signature FB(flow block) of the present invention.
Embodiment
Below in conjunction with the accompanying drawings 1,2, a kind of use UsbKey for supporting many browsers of the present invention is digitally signed Solution is described in detail below.
As shown in Figure 1, the solution party that a kind of use UsbKey for supporting many browsers of the invention is digitally signed Method, the solution is to directly invoke Usb Key bottoms storehouse by the way that WebServer services are locally created to be digitally signed behaviour Make, signature value is then delivered to browser by WebSocket.
With reference to accompanying drawing 2, the step that implements of the solution includes:
Step S10:WebServer services are locally created in user, and the service can call UsbKey private keys to be digitally signed behaviour Form signature value;
Step S20:When user makes requests on digital signing operations by browser, it can be entered by WebSocket with WebServer Row communication, notifies WebServer to be digitally signed operation;
Step S30:After signature value is formed, browser is returned to by WebSocket.
In above-mentioned narration, involved browser can from IE browser, Chrome browsers, Opera browsers, search Dog browser, proud trip browser, baidu browser or cheetah browser.
The present invention completes digital signature by setting up WebServer, has broken away from the dependence to ActiveX control, has broken away from Dependence to browser version;In the solution implementation process of the present invention, signature value is produced in the UsbKey of subscription client, And locally passing to browser, it is ensured that security.
In addition, WebServer can be installed with one piece of packing of driving, Consumer's Experience is not influenceed;WebSocket uses letter Single, learning cost is relatively low.
Although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with A variety of changes, modification can be carried out to these embodiments, replace without departing from the principles and spirit of the present invention by understanding And modification, the scope of the present invention is by appended claims and its equivalent limits.

Claims (3)

1. a kind of solution that use UsbKey for supporting many browsers is digitally signed, it is characterised in that the solution party Method is to directly invoke Usb Key bottoms storehouse by the way that WebServer services are locally created to be digitally signed operation, then will label Name value is delivered to browser by WebSocket.
2. the solution that a kind of use UsbKey for supporting many browsers according to claim 1 is digitally signed, It is characterized in that, the solution realizes that step includes:
WebServer services are locally created in user, and the service can call UsbKey private keys to be digitally signed operation and form label Name value;
When user makes requests on digital signing operations by browser, it can be communicated by WebSocket with WebServer, WebServer is notified to be digitally signed operation;
After signature value is formed, browser is returned to by WebSocket.
3. the solution party that a kind of use UsbKey for supporting many browsers according to claim 1 or 2 is digitally signed Method, it is characterised in that the browser can from IE browser, Chrome browsers, Opera browsers, sogou browser, Proud trip browser, baidu browser or cheetah browser.
CN201710507141.6A 2017-06-28 2017-06-28 The solution that a kind of use UsbKey for supporting many browsers is digitally signed Pending CN107094081A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710507141.6A CN107094081A (en) 2017-06-28 2017-06-28 The solution that a kind of use UsbKey for supporting many browsers is digitally signed

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710507141.6A CN107094081A (en) 2017-06-28 2017-06-28 The solution that a kind of use UsbKey for supporting many browsers is digitally signed

Publications (1)

Publication Number Publication Date
CN107094081A true CN107094081A (en) 2017-08-25

Family

ID=59641300

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710507141.6A Pending CN107094081A (en) 2017-06-28 2017-06-28 The solution that a kind of use UsbKey for supporting many browsers is digitally signed

Country Status (1)

Country Link
CN (1) CN107094081A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108270769A (en) * 2017-12-11 2018-07-10 中国电子科技集团公司第三十二研究所 Websocket-based dual-factor authentication system and method
CN109815022A (en) * 2017-11-21 2019-05-28 北京握奇智能科技有限公司 A kind of internet banking system signature control solution and system
CN110519256A (en) * 2019-08-21 2019-11-29 上海唯链信息科技有限公司 A kind of method and device of DApp access USB Private key management equipment
CN110620665A (en) * 2018-06-20 2019-12-27 上海铠射信息科技有限公司 Novel method for using digital certificate without control
CN112118105A (en) * 2019-06-19 2020-12-22 深圳法大大网络科技有限公司 Electronic file signature method and device and terminal equipment
CN115086090A (en) * 2022-08-23 2022-09-20 远江盛邦(北京)网络安全科技股份有限公司 Network login authentication method and device based on UKey

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101150577A (en) * 2007-11-02 2008-03-26 珠海金山软件股份有限公司 A system and method for secure Internet local function call
US20140068269A1 (en) * 2012-04-21 2014-03-06 Huawei Technologies Co., Ltd. Method, apparatus, and system for interaction between web client and server
CN106657271A (en) * 2016-11-17 2017-05-10 中国农业银行股份有限公司 Method and device for calling local control
CN106878319A (en) * 2017-03-06 2017-06-20 中国科学院数据与通信保护研究教育中心 A kind of method and system that Digital signature service is provided

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101150577A (en) * 2007-11-02 2008-03-26 珠海金山软件股份有限公司 A system and method for secure Internet local function call
US20140068269A1 (en) * 2012-04-21 2014-03-06 Huawei Technologies Co., Ltd. Method, apparatus, and system for interaction between web client and server
CN106657271A (en) * 2016-11-17 2017-05-10 中国农业银行股份有限公司 Method and device for calling local control
CN106878319A (en) * 2017-03-06 2017-06-20 中国科学院数据与通信保护研究教育中心 A kind of method and system that Digital signature service is provided

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109815022A (en) * 2017-11-21 2019-05-28 北京握奇智能科技有限公司 A kind of internet banking system signature control solution and system
CN108270769A (en) * 2017-12-11 2018-07-10 中国电子科技集团公司第三十二研究所 Websocket-based dual-factor authentication system and method
CN110620665A (en) * 2018-06-20 2019-12-27 上海铠射信息科技有限公司 Novel method for using digital certificate without control
CN112118105A (en) * 2019-06-19 2020-12-22 深圳法大大网络科技有限公司 Electronic file signature method and device and terminal equipment
CN112118105B (en) * 2019-06-19 2024-03-01 深圳法大大网络科技有限公司 Electronic file signing method and device and terminal equipment
CN110519256A (en) * 2019-08-21 2019-11-29 上海唯链信息科技有限公司 A kind of method and device of DApp access USB Private key management equipment
CN110519256B (en) * 2019-08-21 2021-09-24 上海唯链信息科技有限公司 Method and device for DApp to access USB private key management equipment
CN115086090A (en) * 2022-08-23 2022-09-20 远江盛邦(北京)网络安全科技股份有限公司 Network login authentication method and device based on UKey

Similar Documents

Publication Publication Date Title
CN107094081A (en) The solution that a kind of use UsbKey for supporting many browsers is digitally signed
Zhang et al. Enantioselective Construction of Pyrroloindolines Catalyzed by Chiral Phosphoric Acids: Total Synthesis of (−)‐Debromoflustramine B
EP2348447A3 (en) A computer implemented method for generating a set of identifiers from a private key, computer implemented method and computing device
Liu et al. Synthesis of chiral aliphatic amines through asymmetric hydrogenation
SG10201901701XA (en) Method, device and system for invoking local service assembly by browser
CA2721559C (en) Method for scalable access control decisions
MX2020003366A (en) Method for qos capability negotiation between a user equipment and a session management function in a 5g system.
JP2010529538A5 (en)
EP3567149A3 (en) Sheet manufacturing apparatus and sheet manufacturing method
WO2011156819A3 (en) Web-based electronically signed documents
WO2009102915A3 (en) Systems and methods for secure handling of secure attention sequences
CN103532982A (en) Wearable device based authorization method, device and system
GB2473172A (en) Multi-level secure network
WO2010115913A3 (en) Authenticating a node in a communication network
GB201115637D0 (en) A service orientated framework for communicating with devices in a process control system
PH12019502756A1 (en) Terminal information transfer method and relevant products
EP2747377A3 (en) Trusted certificate authority to create certificates based on capabilities of processes
WO2011137871A3 (en) Input method for communication terminals and communication terminals
SG11201804492RA (en) Resource processing method and device
EP4231149A3 (en) Distributing and processing streams over one or more networks for on-the-fly schema evolution
MX2021007902A (en) Private blockchain ecosystems for enabling secure computing operations.
EP2824603A3 (en) System and method for authenticating public keys
GB201303858D0 (en) System Updates
PH12016502166A1 (en) System and method for provisioning credit
CN204712652U (en) Discharge mechanism is got in the upset of keyboard laser automatic marking machine

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170825

RJ01 Rejection of invention patent application after publication