CN107947939A - Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms - Google Patents

Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms Download PDF

Info

Publication number
CN107947939A
CN107947939A CN201711164440.0A CN201711164440A CN107947939A CN 107947939 A CN107947939 A CN 107947939A CN 201711164440 A CN201711164440 A CN 201711164440A CN 107947939 A CN107947939 A CN 107947939A
Authority
CN
China
Prior art keywords
pdf
digital signature
digital
pdf document
signature
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711164440.0A
Other languages
Chinese (zh)
Inventor
钱之光
吕涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Bestsign Network Technology Co Ltd
Original Assignee
Hangzhou Bestsign Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Bestsign Network Technology Co Ltd filed Critical Hangzhou Bestsign Network Technology Co Ltd
Priority to CN201711164440.0A priority Critical patent/CN107947939A/en
Publication of CN107947939A publication Critical patent/CN107947939A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • G06F21/645Protecting data integrity, e.g. using checksums, certificates or signatures using a third party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3252Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Abstract

The invention discloses a kind of PDF endorsement methods and system for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, including:Transmitting terminal sends PDF document to be signed;For receiving terminal there are the digital certificate of signer, receiving terminal acquisition PDF document, checks the validity of the digital certificate of signer;Made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, produce summary information to be signed;Signed with SM2 Digital Signature Algorithms and private cipher key pair summary information to be signed, produce digital signature value;Digital signature value is verified;The signature body of CAdES forms is generated with the digital signature value of generation and the digital certificate of signer, synthesizes the PDF document containing this digital signature, completes PDF signatures.SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms are applied in PDF signatures by the present invention so that digital signature is safer, quick and reliable.

Description

Support SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms PDF endorsement methods and System
Technical field
The present invention relates to PDF endorsement method technical fields, and in particular to one kind supports SM3 cryptographic Hash algorithm and SM2 numbers The PDF endorsement methods and system of word signature algorithm.
Background technology
PDF English full name is Portable Document Format, is translated into Portable Document format, is a kind of electronics text Part form.This file format is unrelated with operating system platform, i.e., pdf document is either in Windows, and Unix is still in Mac All it is general in OS operating systems.The preferable file that this feature makes it electronic document distribution and digital information is propagated Form.PDF format file becomes the actual industrial standard of digital information at present.
Huge numbers of families are come into internet and smart mobile phone, people are more and more using the scene of internet, accordingly E-commerce and E-Government all can carry out on the internet.It thus form a huge electronic signature city , to solve the challenge that internet is brought, the i.e. requirement to confidentiality, integrality, authentication and authorization and non repudiation.
Digital signature (digital signature), it is similar to handwritten signature, exchanged between government department, enterprise and client During file, recipient will carry out received document the discriminating of validity, and document is just can determine that after the identity of verification sender It is whether effective.Digital signature is that the certificate of digital form is signed on document, signer identity and text in document signature domain State after shelves signature, which all would indicate that, to be come, to facilitate verification.Such as on June 30th, 2000, US President Clinton signature《Numeral Signature bill》, make digital signature that there is legal effect as traditional signatures in the U.S..Chinese Government also has passed through digital label The relevant laws and regulations of name.
At present, the PDF softwares of in the market, Adobe Reader and the Adobe Acrobat under Adobe, generally all It is built-in to support the signature plug-in unit of RSA Algorithm, while support a variety of digest algorithms, such as SHA1, SHA256, SHA384, SHA512 Deng, but do not support the digest algorithm SM3 cryptographic Hash used in SM2 Digital Signature Algorithms and SM2 Digital Signature Algorithms Algorithm.
SM2 Digital Signature Algorithms belong to one in elliptic curve encryption algorithm (ECC), in the identical situation of key length Under, compared to RSA Algorithm, its security higher, take up space smaller, and signature speed is faster.The PDF such as Adobe software suppliers Only support to sign using RSA certificates at present, None- identified SM2 algorithms.For the consideration of information security, Chinese in 2010 Password Management office of people republic just discloses the professional standard of SM2 algorithms, and exists always in implementation national secret algorithm SM2 algorithms energetically Use in all trades and professions.Instantly under internet environment, the scene signed to pdf document is very universal, so to PDF The demand for carrying out SM2 signatures is urgently to be resolved hurrily.
The content of the invention
To solve the above problems, it is an object of the invention to provide one kind to support SM3 cryptographic Hash algorithm and SM2 numeral label The PDF endorsement methods and system of name algorithm so that digital signature is safer, quick and reliable.
The purpose of the present invention can be reached by adopting the following technical scheme that:
A kind of PDF endorsement methods for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, comprise the following steps:
1) transmitting terminal sends PDF document to be signed;
2) receiving terminal is there are the digital certificate of signer, and receiving terminal obtains PDF document, to having for the digital certificate of signer Effect property is checked;
3) made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, produce summary information to be signed;
4) the private cipher key pair step 3) in SM2 Digital Signature Algorithms and signer digital certificate is used to produce to be signed Summary information is signed, and produces digital signature value;
5) digital signature value of step 4) generation is verified, judges whether digital signature is effective according to check results, Step 6) is carried out if effectively, if invalid re-execute step 3);
6) with produce digital signature value and signer digital certificate generation CAdES forms signature body, and by its with PDF document synthesizes the PDF document containing this digital signature, completes PDF signatures.
Further preferably, a kind of PDF endorsement methods for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, including Following steps:
1) transmitting terminal sends PDF document to be signed;
2) for receiving terminal there are the digital certificate of signer, receiving terminal acquisition PDF document, calls SSQ-GM, to signer The validity of digital certificate is checked;
3) SSQ-GM is called, is made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, produces to be signed pluck Want message;
4) SSQ-GM is called, is produced with the private cipher key pair step 3) in SM2 Digital Signature Algorithms and signer digital certificate Raw summary information to be signed is signed, and produces digital signature value;
5) SSQ-GM is called, the digital signature value of step 4) generation is verified, judges numeral label according to check results Whether name is effective, step 6) is carried out if effectively, if invalid re-execute step 3);
6) SSQ-GM is called, the signature of CAdES forms is generated with the digital signature value of generation and the digital certificate of signer Body, and it is synthesized to the PDF document containing this digital signature with PDF document, complete PDF signatures.
In the present invention, SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms are applied in PDF so that digital signature It is safer, quick and reliable.SSQ-GM is the development library that Hangzhou Shang Shangqian network technology Co., Ltd provides, towards masses It is open, it is that believable third-party vendor (Hangzhou Shang Shangqian network technology Co., Ltd) provides.It is a JAVA language storehouse, Main offer national secret algorithm correlation function, including the signature sign test of SM2 Digital Signature Algorithms (abbreviation SM2 algorithms), SM3 passwords are miscellaneous Gather algorithm (abbreviation SM3 algorithms) calculating and PDF synthesis etc. function.
In step 1), transmitting terminal sends the PDF document with signature.
In step 2), the digital certificate includes private cipher key and public key certificate.The public key certificate includes identity Public keys, title, Notified Body's title, the digital ID card number of owner, and the information such as digital signature of Notified Body. What digital identity can be provided by believable digital certificate authentication center.
The validity of the digital certificate of signer is checked, including:
Whether before the deadline digital certificate, using the authenticity of digital certificate, checks whether digital certificate has been revoked.
In step 5), digital signature value, which carries out verification, to be included:
Digital signature value is carried out using the public keys that the verification algorithm and public key certificate of SM2 Digital Signature Algorithms include Verification.
In step 6), when generating the signature body of CAdES forms, while timestamp is added.CAdES is CMS Advanced Electronic Signatures, are CMS advanced electronic signatures.Under normal circumstances, after algorithm is broken, easily forge, meeting There is weak verifiability:Signing, it is trustless correctly still to sign, and when the signature time may be forged and actually sign, certificate is Failure, or revoked.The signature body of CAdES forms is used in the present invention, could be realized based on SM2 Digital Signature Algorithms, should The signature body of CAdES forms allows subsidiary CRL (certificate revocation list) and OCSP (online certificate status protocol), even in algorithm On the premise of being broken, CAdES can also keep the strong verifiability of signature in a long time in the present invention, you can to realize length Time interior correct and trusted of signing.
The signature body is pkcs7 signature bodies.
A kind of PDF signature systems for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, including transmitting terminal and connect Receiving end:
The transmitting terminal further comprises:
Sending module, for sending PDF document to be signed;
Receiving module, the new PDF document synthesized after the signature sent for obtaining receiving terminal;
The receiving terminal further comprises:
Acquisition module, for obtaining PDF document to be signed;
Certificate validity checking module, checks the validity of digital certificate;
Summarization module, digest calculations are carried out with SM3 cryptographic Hash algorithm to the PDF document of acquisition;
Signature blocks, with the PDF texts after the private cipher key pair summary in SM2 Digital Signature Algorithms and signer digital certificate Shelves are signed, and produce digital signature value;
Correction verification module, the public keys included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms is to numeral Signature value is verified, if verification failure, re-calls summarization module and signature blocks, if verifying successfully, calls synthesis Module;
Synthesis module, generates the signature body of CAdES forms, and embedded PDF document, synthesizes new PDF document;
Sending module, for the PDF document after synthesis to be sent to transmitting terminal.
Further preferably, a kind of PDF signature systems for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, including Transmitting terminal and receiving terminal:
The transmitting terminal further comprises:
Sending module, for sending PDF document to be signed;
Receiving module, the new PDF document synthesized after the signature sent for obtaining receiving terminal;
The receiving terminal further comprises:
Acquisition module, for obtaining PDF document to be signed;
Certificate validity checking module, for calling SSQ-GM, checks the validity of digital certificate;
Summarization module, for calling SSQ-GM, digest calculations are carried out with SM3 cryptographic Hash algorithm to the PDF document of acquisition;
Signature blocks, for calling SSQ-GM, with the private cipher key in SM2 Digital Signature Algorithms and signer digital certificate Sign to the PDF document after summary, produce digital signature value;
Correction verification module, for calling SSQ-GM, is included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms Public keys verifies digital signature value, if verification failure, re-call summarization module and signature blocks, if verification into Work(, then call synthesis module;
Synthesis module, for calling SSQ-GM, generates the signature body of CAdES forms, and embedded PDF document, synthesizes new PDF document;
Sending module, for the PDF document after synthesis to be sent to transmitting terminal.
The system further includes:Timestamp module, timestamp is added when synthesizing new PDF document for synthesis module.
The present invention has following beneficial effect for the prior art:
1. the present invention specially supports SM2 Digital Signature Algorithms and SM3 cryptographic Hash algorithms, solves existing PDF document Reader does not support national secret algorithm, including SM2 Digital Signature Algorithms and SM3 cryptographic Hash algorithms, and can not use SM2 numeral label The problem of name algorithm signs PDF document.
2. the SM2 Digital Signature Algorithms that the present invention supports are safer compared to more existing RSA Algorithm, quick and reliable, branch Hold the significant of SM2 algorithms, the demand of electronic signature is increasingly enhanced under current internet environment, RSA Algorithm is meets Its security and cause key long so that its sign efficiency be extremely restricted, and SM2 Digital Signature Algorithms provide it is powerful Security performance and speed ability cause it to become the first choice on future market, therefore there is an urgent need to can support SM2 in market The electronic signature product of Digital Signature Algorithm.
Brief description of the drawings
Fig. 1 is the flow diagram of the PDF endorsement methods of the embodiment of the present invention 1;
Fig. 2 is the structure diagram of the PDF signature systems of the embodiment of the present invention 2;
Fig. 3 is the overview flow chart that the PDF signature systems of the embodiment of the present invention 2 are run.
Embodiment
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to the accompanying drawings and embodiments, it is right The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and It is not used in the restriction present invention.
On the contrary, the present invention covers any replacement done in the spirit and scope of the present invention being defined by the claims, repaiies Change, equivalent method and scheme.Further, in order to make the public have a better understanding the present invention, below to the thin of the present invention It is detailed to describe some specific detail sections in section description.Part without these details for a person skilled in the art Description can also understand the present invention completely.
Embodiment 1:
This example supports the PDF endorsement methods of SM2 as shown in Figure 1, transmission receive process and receiving terminal including transmitting terminal Signature process.
The transmission receive process of the transmitting terminal comprise the following steps:
S1, transmitting terminal send PDF document to be signed.
S2, receive the PDF document after signature;
The signature process of the receiving terminal comprises the following steps:
S1, receiving terminal are there are the digital certificate of signer, and receiving terminal obtains PDF document, and digital certificate to include private cipher key And public key certificate.Public key certificate includes public keys, title, Notified Body's title, the digital ID card number of identity owner, with And the information such as digital signature of Notified Body.What digital identity can be provided by believable digital certificate authentication center.Call SSQ- GM, checks the validity of the digital certificate of signer, and the validity of the digital certificate of signer is checked, bag Include:Whether before the deadline digital certificate, using the authenticity of digital certificate, checks whether digital certificate has been revoked;
S2, call SSQ-GM, is made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, produces to be signed pluck Want message;
SSQ-GM, is a development library of Hangzhou Shang Shangqian network technology Co., Ltd, it is a JAVA language storehouse, main National secret algorithm correlation function is provided, includes the work(such as the signature sign test of SM2 algorithms, digest calculations and the PDF synthesis of SM3 algorithms Can, the digest calculations ability of SSQ-GM is used here, fixed digit can be calculated by hashing algorithm in message Message digest value;Wherein, the SM3 algorithms are the digest algorithms in the national secret algorithm of national Password Management office issue;
S3, call SSQ-GM, is produced with the private cipher key pair step 3) in SM2 Digital Signature Algorithms and signer digital certificate Raw summary information to be signed is signed, and produces digital signature value;
The SM2 Digital Signature Algorithms are to be used for encrypting and decrypting in the national secret algorithm of national Password Management office issue, are signed The algorithm that sign test and key exchange.
S4, the public keys included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms are to digital signature value Verified, to ensure that signature is correct;
S5, pkcs7 signature bodies and insertion quilt by the synthesis CAdES forms such as digital certificate of digital signature value and signer In signing pdfs document, new PDF is generated.
When generating the signature body of CMS advanced electronic signatures (CAdES) form, while add timestamp.
Embodiment 2:
As shown in Fig. 2, present embodiments provide a kind of PDF for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms Signature system, the system include transmitting terminal and receiving terminal.Overall procedure is as shown in figure 3, transmitting terminal sends PDF document, signature card Insertion PDF passes transmitting terminal back again after book and signing certificate chain are signed by receiving terminal.
The transmitting terminal includes sending module and receiving module, and each module concrete function is as follows:
The sending module, for sending PDF document to be signed.
The receiving module, the PDF document signed for obtaining receiving terminal.
The receiving terminal includes acquisition module, summarization module, signature blocks, correction verification module, synthesis module, timestamp mould Block, sending module, the concrete function of modules are as follows:
Acquisition module, for obtaining PDF document to be signed, there are digital certificate, the digital certificate bag for receiving terminal Include private cipher key (PrivateKey) and public key certificate.The public key certificate includes the public keys of identity owner (PublicKey), title, Notified Body's title, digital ID card number, and the information such as digital signature of Notified Body.Numeral What identity can be provided by believable digital certificate authentication center.
Certificate validity checking module, for calling SSQ-GM, checks the validity of digital certificate;
Summarization module, for calling SSQ-GM, for PDF document to be carried out digest calculations using SM3 cryptographic Hash algorithm Obtain the digest value of a fixed digit.
Signature blocks, for calling SSQ-GM, for using the private in SM2 Digital Signature Algorithms and signer digital certificate There is key that the digest value of PDF document is signed, produce digital signature value.
Correction verification module, for calling SSQ-GM, is included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms Public keys verifies digital signature value, if verification failure, re-call summarization module and signature blocks, if verification into Work(, then call synthesis module;
Timestamp module, timestamp is added when synthesizing new PDF document for synthesis module;
Synthesis module, for calling SSQ-GM, for using digital signature value, timestamp, digital certificates generation CAdES lattice The PKCS7 signature bodies of formula, embedded PDF document, synthesizes new PDF document.
Sending module, for the new PDF document of synthesis to be sent to transmitting terminal.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all essences in the present invention All any modification, equivalent and improvement made within refreshing and principle etc., should all be included in the protection scope of the present invention.

Claims (10)

  1. A kind of 1. PDF endorsement methods for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, it is characterised in that including with Lower step:
    1) transmitting terminal sends PDF document to be signed;
    2) receiving terminal is there are the digital certificate of signer, and receiving terminal obtains PDF document, to the validity of the digital certificate of signer Checked;
    3) made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, produce summary information to be signed;
    4) summary to be signed for using the private cipher key pair step 3) in SM2 Digital Signature Algorithms and signer digital certificate to produce Message is signed, and produces digital signature value;
    5) digital signature value of step 4) generation is verified, judges whether digital signature is effective according to check results, if having Effect then carries out step 6), if invalid re-execute step 3);
    6) the signature body of CAdES forms is generated with the digital signature value and the digital certificate of signer that produce, and itself and PDF is literary PDF document of the shelves synthesis containing this digital signature, completes PDF signatures.
  2. A kind of 2. PDF endorsement methods for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, it is characterised in that including with Lower step:
    1) transmitting terminal sends PDF document to be signed;
    2) for receiving terminal there are the digital certificate of signer, receiving terminal acquisition PDF document, calls SSQ-GM, to the numeral of signer The validity of certificate is checked;
    3) SSQ-GM is called, is made a summary with SM3 cryptographic Hash algorithm to the PDF document of acquisition, is produced summary to be signed and disappear Breath;
    4) SSQ-GM is called, is produced with the private cipher key pair step 3) in SM2 Digital Signature Algorithms and signer digital certificate Summary information to be signed is signed, and produces digital signature value;
    5) SSQ-GM is called, the digital signature value of step 4) generation is verified, judges that digital signature is according to check results It is no effective, step 6) is carried out if effectively, if invalid re-execute step 3);
    6) SSQ-GM is called, the signature body of CAdES forms is generated with the digital signature value of generation and the digital certificate of signer, and It is synthesized to the PDF document containing this digital signature with PDF document, completes PDF signatures.
  3. 3. PDF endorsement methods according to claim 1 or 2, it is characterised in that in step 2), the digital certificate bag Include private cipher key and public key certificate.
  4. 4. PDF endorsement methods according to claim 3, it is characterised in that the public key certificate includes identity owner Public keys, title, Notified Body's title, digital ID card number, and the digital signature of Notified Body.
  5. 5. PDF endorsement methods according to claim 1 or 2, it is characterised in that in step 2), demonstrate,prove the numeral of signer The validity of book checked, including:
    Whether before the deadline digital certificate, using the authenticity of digital certificate, checks whether digital certificate has been revoked.
  6. 6. PDF endorsement methods according to claim 1 or 2, it is characterised in that in step 5), digital signature value carries out school Test including:
    The public keys included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms carries out school to digital signature value Test.
  7. 7. PDF endorsement methods according to claim 1 or 2, it is characterised in that in step 6), in generation CAdES forms During signature body, while add timestamp.
  8. 8. a kind of PDF signature systems for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, it is characterised in that including hair Sending end and receiving terminal:
    The transmitting terminal further comprises:
    Sending module, for sending PDF document to be signed;
    Receiving module, the new PDF document synthesized after the signature sent for obtaining receiving terminal;
    The receiving terminal further comprises:
    Acquisition module, for obtaining PDF document to be signed;
    Certificate validity checking module, checks the validity of digital certificate;
    Summarization module, digest calculations are carried out with SM3 cryptographic Hash algorithm to the PDF document of acquisition;
    Signature blocks, with SM2 Digital Signature Algorithms and signer digital certificate private cipher key pair summary after PDF document into Row signature, produces digital signature value;
    Correction verification module, the public keys included using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms is to digital signature Value is verified, if verification failure, re-calls summarization module and signature blocks, if verifying successfully, call synthesis module;
    Synthesis module, generates the signature body of CAdES forms, and embedded PDF document, synthesizes new PDF document;
    Sending module, for the PDF document after synthesis to be sent to transmitting terminal.
  9. 9. a kind of PDF signature systems for supporting SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms, it is characterised in that including hair Sending end and receiving terminal:
    The transmitting terminal further comprises:
    Sending module, for sending PDF document to be signed;
    Receiving module, the new PDF document synthesized after the signature sent for obtaining receiving terminal;
    The receiving terminal further comprises:
    Acquisition module, for obtaining PDF document to be signed;
    Certificate validity checking module, for calling SSQ-GM, checks the validity of digital certificate;
    Summarization module, for calling SSQ-GM, digest calculations are carried out with SM3 cryptographic Hash algorithm to the PDF document of acquisition;
    Signature blocks, for calling SSQ-GM, are plucked with the private cipher key pair in SM2 Digital Signature Algorithms and signer digital certificate PDF document after wanting is signed, and produces digital signature value;
    Correction verification module, for calling SSQ-GM, is included public using the verification algorithm and public key certificate of SM2 Digital Signature Algorithms Key verifies digital signature value, if verification failure, re-calls summarization module and signature blocks, if verifying successfully, Then call synthesis module;
    Synthesis module, for calling SSQ-GM, generates the signature body of CAdES forms, and embedded PDF document, synthesizes new PDF texts Shelves;
    Sending module, for the PDF document after synthesis to be sent to transmitting terminal.
  10. 10. PDF signature systems according to claim 8 or claim 9, it is characterised in that the system further includes:Timestamp mould Block, timestamp is added when synthesizing new PDF document for synthesis module.
CN201711164440.0A 2017-11-21 2017-11-21 Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms Pending CN107947939A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711164440.0A CN107947939A (en) 2017-11-21 2017-11-21 Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711164440.0A CN107947939A (en) 2017-11-21 2017-11-21 Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms

Publications (1)

Publication Number Publication Date
CN107947939A true CN107947939A (en) 2018-04-20

Family

ID=61929463

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711164440.0A Pending CN107947939A (en) 2017-11-21 2017-11-21 Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms

Country Status (1)

Country Link
CN (1) CN107947939A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109981287A (en) * 2019-03-14 2019-07-05 亚数信息科技(上海)有限公司 A kind of code signature method and its storage medium
CN110830257A (en) * 2018-08-14 2020-02-21 珠海金山办公软件有限公司 File signature method and device, electronic equipment and readable storage medium
CN111523135A (en) * 2020-07-06 2020-08-11 飞天诚信科技股份有限公司 PDF file electronic signature method and device

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003008822A (en) * 2001-06-25 2003-01-10 Nec Corp Facsimile equipment, system and method for image data transfer, and program
CN101127107A (en) * 2006-08-16 2008-02-20 鸿富锦精密工业(深圳)有限公司 Electronic document automatic signing system and method
CN101311950A (en) * 2007-05-25 2008-11-26 北京书生国际信息技术有限公司 Electronic stamp realization method and device
CN104301119A (en) * 2014-11-05 2015-01-21 中国建设银行股份有限公司 Data signature method, signature verification method, data signature equipment and verification server
CN104766029A (en) * 2014-01-03 2015-07-08 航天信息股份有限公司 Method and device for performing national cryptologic electronic signature processing on PDF (Portable Document Format) document
CN106330462A (en) * 2016-09-05 2017-01-11 广东省电子商务认证有限公司 PDF signature method and system capable of supporting multiple algorithms
CN106330459A (en) * 2016-08-25 2017-01-11 杭州天谷信息科技有限公司 Electronic keyword signature method
CN107103255A (en) * 2017-04-27 2017-08-29 百望电子发票数据服务有限公司 A kind of electronic invoice layout files verification method and system

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2003008822A (en) * 2001-06-25 2003-01-10 Nec Corp Facsimile equipment, system and method for image data transfer, and program
CN101127107A (en) * 2006-08-16 2008-02-20 鸿富锦精密工业(深圳)有限公司 Electronic document automatic signing system and method
CN101311950A (en) * 2007-05-25 2008-11-26 北京书生国际信息技术有限公司 Electronic stamp realization method and device
CN104766029A (en) * 2014-01-03 2015-07-08 航天信息股份有限公司 Method and device for performing national cryptologic electronic signature processing on PDF (Portable Document Format) document
CN104301119A (en) * 2014-11-05 2015-01-21 中国建设银行股份有限公司 Data signature method, signature verification method, data signature equipment and verification server
CN106330459A (en) * 2016-08-25 2017-01-11 杭州天谷信息科技有限公司 Electronic keyword signature method
CN106330462A (en) * 2016-09-05 2017-01-11 广东省电子商务认证有限公司 PDF signature method and system capable of supporting multiple algorithms
CN107103255A (en) * 2017-04-27 2017-08-29 百望电子发票数据服务有限公司 A kind of electronic invoice layout files verification method and system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
ADOBE: "《Document management--portable document format--part1:PDF1.7》", 1 July 2008, HTTPS://WWW.ADOBE.COM/CONTENT/DAM/ACOM/EN/DEVNET/ACROBAT/PDFS/PDF32000_2008.PDF *
张焕国,唐明编: "《密码学引论》", 30 November 2015, 武汉大学出版社 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110830257A (en) * 2018-08-14 2020-02-21 珠海金山办公软件有限公司 File signature method and device, electronic equipment and readable storage medium
CN109981287A (en) * 2019-03-14 2019-07-05 亚数信息科技(上海)有限公司 A kind of code signature method and its storage medium
CN111523135A (en) * 2020-07-06 2020-08-11 飞天诚信科技股份有限公司 PDF file electronic signature method and device

Similar Documents

Publication Publication Date Title
EP3318043B1 (en) Mutual authentication of confidential communication
CN107483212B (en) Method for generating digital signature by cooperation of two parties
US10944575B2 (en) Implicitly certified digital signatures
CA2838322C (en) Secure implicit certificate chaining
CA2772136C (en) System and method for providing credentials
CN101212293B (en) Identity authentication method and system
CN103095456B (en) The processing method of transaction message and system
JP2001051596A (en) Device and method for generating/verifying data
CN107947939A (en) Support the PDF endorsement methods and system of SM3 cryptographic Hash algorithm and SM2 Digital Signature Algorithms
CN107360002B (en) Application method of digital certificate
GB2487503A (en) Authentication of digital files and associated identities using biometric information
CN107222501A (en) A kind of information interaction security transmission method and system based on the non-electromagnetic signal of message identification code
WO2015109958A1 (en) Data processing method based on negotiation key, and mobile phone
CN109214146A (en) The endorsement method of application software, sign test method and apparatus
CN110597836A (en) Information query request response method and device based on block chain network
CN111984959B (en) Anonymous information publishing and verifying method and device
CN107947938A (en) SM3 algorithms and the verification method and system of SM2 algorithm digital signature are used for PDF
Kasodhan et al. A new approach of digital signature verification based on BioGamal algorithm
CN110955918A (en) Contract text protection method based on RSA encrypted sha-256 digital signature
KR101210411B1 (en) Transaction Protection System and Method using Connection of Certificate and OTP Generated by Keystream
CN114448641A (en) Privacy encryption method, electronic equipment, storage medium and chip
Chauhan et al. Digital Signature with Message Security Process
CN114844643A (en) Method for acquiring adapter signature based on bilinear mapping and electronic equipment
JPH08139717A (en) Digital signature system
CN113676329A (en) Electronic official document exchange encryption method based on ECDSA algorithm

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180420