CN107094081A - The solution that a kind of use UsbKey for supporting many browsers is digitally signed - Google Patents
The solution that a kind of use UsbKey for supporting many browsers is digitally signed Download PDFInfo
- Publication number
- CN107094081A CN107094081A CN201710507141.6A CN201710507141A CN107094081A CN 107094081 A CN107094081 A CN 107094081A CN 201710507141 A CN201710507141 A CN 201710507141A CN 107094081 A CN107094081 A CN 107094081A
- Authority
- CN
- China
- Prior art keywords
- browser
- digitally signed
- solution
- webserver
- websocket
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3249—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The present invention provides the solution that a kind of use UsbKey for supporting many browsers is digitally signed, the solution is to directly invoke Usb Key bottoms storehouse by the way that WebServer services are locally created to be digitally signed operation, and signature value then is delivered into browser by WebSocket.The solution realizes that step includes:WebServer services are locally created in user, and the service can call UsbKey private keys to be digitally signed operation and form signature value;It when user makes requests on digital signing operations by browser, can be communicated by WebSocket with WebServer, notify WebServer to be digitally signed operation;After signature value is formed, browser is returned to by WebSocket.The present invention completes digital signature by setting up WebServer, has broken away from the dependence to ActiveX control, has broken away from the dependence to browser version.
Description
Technical field
The present invention relates to PKI technical fields, specifically a kind of use UsbKey for supporting many browsers carries out numeral
The solution of signature.
Background technology
With the continuous upgrading of browser version, the IE browser and Chrome browsers of latest edition have been abandoned
Support to ActiveX control, it is traditional by way of ActiveX calls Usb Key private keys to be digitally signed
Meet user's needs.How to call Usb Key private keys to be digitally signed by browser and have become digital certificate authentication machine
The structure technical barrier to be solved.
Based on this, the solution that a kind of use UsbKey for supporting many browsers is digitally signed is designed, with solution
The problem of can not being digitally signed caused by not supported ActiveX control due to browser.
The content of the invention
The technical assignment of the present invention is to solve the deficiencies in the prior art there is provided a kind of use UsbKey for supporting many browsers
The solution being digitally signed, solution can not carry out numeral caused by not supported ActiveX control due to browser
The problem of signature.
The technical solution adopted for the present invention to solve the technical problems is:
The solution that a kind of use UsbKey for supporting many browsers is digitally signed, the solution is by locally building
Vertical WebServer services are digitally signed operation to directly invoke Usb Key bottoms storehouse, then pass through signature value
WebSocket is delivered to browser.
The solution realizes that step includes:
WebServer services are locally created in user, and the service can call UsbKey private keys to be digitally signed operation and form label
Name value;
When user makes requests on digital signing operations by browser, it can be communicated by WebSocket with WebServer,
WebServer is notified to be digitally signed operation;
After signature value is formed, browser is returned to by WebSocket.
In above-mentioned narration, involved browser can from IE browser, Chrome browsers, Opera browsers, search
Dog browser, proud trip browser, baidu browser or cheetah browser.
Solution and prior art that a kind of use UsbKey for supporting many browsers of the present invention is digitally signed
It is compared to produced beneficial effect:
1)The present invention completes digital signature by setting up WebServer, has broken away from the dependence to ActiveX control, breaks away from pair
The dependence of browser version;
2)In the solution implementation process of the present invention, signature value is produced in the UsbKey of subscription client, and is locally being transmitted
To browser, it is ensured that security;
3)In addition, WebServer can be installed with one piece of packing of driving, Consumer's Experience is not influenceed;WebSocket is used simply,
Learning cost is relatively low.
Brief description of the drawings
Accompanying drawing 1 is the digital signature schematic flow sheet of the present invention;
Accompanying drawing 2 is the digital signature FB(flow block) of the present invention.
Embodiment
Below in conjunction with the accompanying drawings 1,2, a kind of use UsbKey for supporting many browsers of the present invention is digitally signed
Solution is described in detail below.
As shown in Figure 1, the solution party that a kind of use UsbKey for supporting many browsers of the invention is digitally signed
Method, the solution is to directly invoke Usb Key bottoms storehouse by the way that WebServer services are locally created to be digitally signed behaviour
Make, signature value is then delivered to browser by WebSocket.
With reference to accompanying drawing 2, the step that implements of the solution includes:
Step S10:WebServer services are locally created in user, and the service can call UsbKey private keys to be digitally signed behaviour
Form signature value;
Step S20:When user makes requests on digital signing operations by browser, it can be entered by WebSocket with WebServer
Row communication, notifies WebServer to be digitally signed operation;
Step S30:After signature value is formed, browser is returned to by WebSocket.
In above-mentioned narration, involved browser can from IE browser, Chrome browsers, Opera browsers, search
Dog browser, proud trip browser, baidu browser or cheetah browser.
The present invention completes digital signature by setting up WebServer, has broken away from the dependence to ActiveX control, has broken away from
Dependence to browser version;In the solution implementation process of the present invention, signature value is produced in the UsbKey of subscription client,
And locally passing to browser, it is ensured that security.
In addition, WebServer can be installed with one piece of packing of driving, Consumer's Experience is not influenceed;WebSocket uses letter
Single, learning cost is relatively low.
Although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with
A variety of changes, modification can be carried out to these embodiments, replace without departing from the principles and spirit of the present invention by understanding
And modification, the scope of the present invention is by appended claims and its equivalent limits.
Claims (3)
1. a kind of solution that use UsbKey for supporting many browsers is digitally signed, it is characterised in that the solution party
Method is to directly invoke Usb Key bottoms storehouse by the way that WebServer services are locally created to be digitally signed operation, then will label
Name value is delivered to browser by WebSocket.
2. the solution that a kind of use UsbKey for supporting many browsers according to claim 1 is digitally signed,
It is characterized in that, the solution realizes that step includes:
WebServer services are locally created in user, and the service can call UsbKey private keys to be digitally signed operation and form label
Name value;
When user makes requests on digital signing operations by browser, it can be communicated by WebSocket with WebServer,
WebServer is notified to be digitally signed operation;
After signature value is formed, browser is returned to by WebSocket.
3. the solution party that a kind of use UsbKey for supporting many browsers according to claim 1 or 2 is digitally signed
Method, it is characterised in that the browser can from IE browser, Chrome browsers, Opera browsers, sogou browser,
Proud trip browser, baidu browser or cheetah browser.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710507141.6A CN107094081A (en) | 2017-06-28 | 2017-06-28 | The solution that a kind of use UsbKey for supporting many browsers is digitally signed |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710507141.6A CN107094081A (en) | 2017-06-28 | 2017-06-28 | The solution that a kind of use UsbKey for supporting many browsers is digitally signed |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107094081A true CN107094081A (en) | 2017-08-25 |
Family
ID=59641300
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710507141.6A Pending CN107094081A (en) | 2017-06-28 | 2017-06-28 | The solution that a kind of use UsbKey for supporting many browsers is digitally signed |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107094081A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108270769A (en) * | 2017-12-11 | 2018-07-10 | 中国电子科技集团公司第三十二研究所 | Websocket-based dual-factor authentication system and method |
CN109815022A (en) * | 2017-11-21 | 2019-05-28 | 北京握奇智能科技有限公司 | A kind of internet banking system signature control solution and system |
CN110519256A (en) * | 2019-08-21 | 2019-11-29 | 上海唯链信息科技有限公司 | A kind of method and device of DApp access USB Private key management equipment |
CN110620665A (en) * | 2018-06-20 | 2019-12-27 | 上海铠射信息科技有限公司 | Novel method for using digital certificate without control |
CN112118105A (en) * | 2019-06-19 | 2020-12-22 | 深圳法大大网络科技有限公司 | Electronic file signature method and device and terminal equipment |
CN115086090A (en) * | 2022-08-23 | 2022-09-20 | 远江盛邦(北京)网络安全科技股份有限公司 | Network login authentication method and device based on UKey |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101150577A (en) * | 2007-11-02 | 2008-03-26 | 珠海金山软件股份有限公司 | A system and method for secure Internet local function call |
US20140068269A1 (en) * | 2012-04-21 | 2014-03-06 | Huawei Technologies Co., Ltd. | Method, apparatus, and system for interaction between web client and server |
CN106657271A (en) * | 2016-11-17 | 2017-05-10 | 中国农业银行股份有限公司 | Method and device for calling local control |
CN106878319A (en) * | 2017-03-06 | 2017-06-20 | 中国科学院数据与通信保护研究教育中心 | A kind of method and system that Digital signature service is provided |
-
2017
- 2017-06-28 CN CN201710507141.6A patent/CN107094081A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101150577A (en) * | 2007-11-02 | 2008-03-26 | 珠海金山软件股份有限公司 | A system and method for secure Internet local function call |
US20140068269A1 (en) * | 2012-04-21 | 2014-03-06 | Huawei Technologies Co., Ltd. | Method, apparatus, and system for interaction between web client and server |
CN106657271A (en) * | 2016-11-17 | 2017-05-10 | 中国农业银行股份有限公司 | Method and device for calling local control |
CN106878319A (en) * | 2017-03-06 | 2017-06-20 | 中国科学院数据与通信保护研究教育中心 | A kind of method and system that Digital signature service is provided |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109815022A (en) * | 2017-11-21 | 2019-05-28 | 北京握奇智能科技有限公司 | A kind of internet banking system signature control solution and system |
CN108270769A (en) * | 2017-12-11 | 2018-07-10 | 中国电子科技集团公司第三十二研究所 | Websocket-based dual-factor authentication system and method |
CN110620665A (en) * | 2018-06-20 | 2019-12-27 | 上海铠射信息科技有限公司 | Novel method for using digital certificate without control |
CN112118105A (en) * | 2019-06-19 | 2020-12-22 | 深圳法大大网络科技有限公司 | Electronic file signature method and device and terminal equipment |
CN112118105B (en) * | 2019-06-19 | 2024-03-01 | 深圳法大大网络科技有限公司 | Electronic file signing method and device and terminal equipment |
CN110519256A (en) * | 2019-08-21 | 2019-11-29 | 上海唯链信息科技有限公司 | A kind of method and device of DApp access USB Private key management equipment |
CN110519256B (en) * | 2019-08-21 | 2021-09-24 | 上海唯链信息科技有限公司 | Method and device for DApp to access USB private key management equipment |
CN115086090A (en) * | 2022-08-23 | 2022-09-20 | 远江盛邦(北京)网络安全科技股份有限公司 | Network login authentication method and device based on UKey |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107094081A (en) | The solution that a kind of use UsbKey for supporting many browsers is digitally signed | |
Zhang et al. | Enantioselective Construction of Pyrroloindolines Catalyzed by Chiral Phosphoric Acids: Total Synthesis of (−)‐Debromoflustramine B | |
EP2348447A3 (en) | A computer implemented method for generating a set of identifiers from a private key, computer implemented method and computing device | |
Liu et al. | Synthesis of chiral aliphatic amines through asymmetric hydrogenation | |
SG10201901701XA (en) | Method, device and system for invoking local service assembly by browser | |
CA2721559C (en) | Method for scalable access control decisions | |
MX2020003366A (en) | Method for qos capability negotiation between a user equipment and a session management function in a 5g system. | |
JP2010529538A5 (en) | ||
EP3567149A3 (en) | Sheet manufacturing apparatus and sheet manufacturing method | |
WO2011156819A3 (en) | Web-based electronically signed documents | |
WO2009102915A3 (en) | Systems and methods for secure handling of secure attention sequences | |
CN103532982A (en) | Wearable device based authorization method, device and system | |
GB2473172A (en) | Multi-level secure network | |
WO2010115913A3 (en) | Authenticating a node in a communication network | |
GB201115637D0 (en) | A service orientated framework for communicating with devices in a process control system | |
PH12019502756A1 (en) | Terminal information transfer method and relevant products | |
EP2747377A3 (en) | Trusted certificate authority to create certificates based on capabilities of processes | |
WO2011137871A3 (en) | Input method for communication terminals and communication terminals | |
SG11201804492RA (en) | Resource processing method and device | |
EP4231149A3 (en) | Distributing and processing streams over one or more networks for on-the-fly schema evolution | |
MX2021007902A (en) | Private blockchain ecosystems for enabling secure computing operations. | |
EP2824603A3 (en) | System and method for authenticating public keys | |
GB201303858D0 (en) | System Updates | |
PH12016502166A1 (en) | System and method for provisioning credit | |
CN204712652U (en) | Discharge mechanism is got in the upset of keyboard laser automatic marking machine |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170825 |
|
RJ01 | Rejection of invention patent application after publication |