CN108122097A

CN108122097A - Support the electronic signature method and system of more application scenarios

Info

Publication number: CN108122097A
Application number: CN201711482945.1A
Authority: CN
Inventors: 王德全; 谭浩宇; 朱林峰
Original assignee: Beijing Yun Jing Science And Technology Co Ltd
Current assignee: Beijing Yun Jing Science And Technology Co Ltd
Priority date: 2017-12-29
Filing date: 2017-12-29
Publication date: 2018-06-05

Abstract

The present invention provides a kind of electronic signature method and system for supporting more application scenarios, including：Receive user tests chapter request, and the chapter of testing asks to include sealed files to be verified；According to the operating right tested chapter request, user to be verified is obtained from the data of affixing one's seal of the sealed files to be verified, the data of affixing one's seal include the operating right of each historical operation user；If the operating right of the user to be verified is stamped signature permission, judges that the identity of the user to be verified is legal, otherwise, then judge that the identity of the user to be verified is illegal.By means of the invention it is possible to it is whether legal effective according to affixing one's seal in the operating right for the user that affixes one's seal verification sealed files, so as to improve the use effect of sealed files and security.

Description

Support the electronic signature method and system of more application scenarios

Technical field

The present invention relates to Electronic Signature field more particularly to a kind of electronic signature method for supporting more application scenarios with being System.

Background technology

In today of internet rapid development, with the propulsion layer by layer of Chinese government's informationization, e-commerce, E-Government Not only become a kind of trend, and the practical life for changing us.But at the same time, e-commerce, the peace of E-Government Full problem is also increasingly paid close attention to be subject to each side.For wherein government bodies and enterprise, how to ensure Web realease and transfer public The security of text, Electronic Signature is a good solution, higher and higher to the cry of Electronic Signature application demand, because Stamped signature is come the important symbol that represents the credit of the authority of government, enterprise and legal personality and individual and official document comes into force.

Electronic Seal System is mainly used for guarantee under open network environment, and the true of the official document to circulate in system has Effect is not tampered.System is using cryptography as theoretical foundation, and the anti-fake patented technology of PKI technologies and physical seal is relies on, knot Digital watermark technology, database technology, component technology etc. are closed, realizes the effect of affixing one's seal of electronic document, confirmation of secretarial document, printing control The functions such as system, public security identification, back-stage management.

Due to existing Electronic Seal System be generally all merely able to stamped signature impress the time and number records, but It is that the permission of the people that impresses, recipient and the people that impresses can not further be recorded, accordingly, it is possible to which other can be caused illegal Molecule impressed carried out on file it is secondary impress, in turn result in the personal, loss of collective.

The content of the invention

The present invention provides a kind of electronic signature method and system for supporting more application scenarios, for solving existing electronics label Chapter causes the technical issues of personal, collective loss due to secondary affix one's seal of the non-user that affixes one's seal.

The first aspect of the invention is to provide a kind of electronic signature method for supporting more application scenarios, including：It receives and uses Chapter request is tested at family, and the chapter of testing asks to include sealed files to be verified；Chapter request is tested according to described, to be verified is affixed one's seal from described The operating right of user to be verified is obtained in the data of affixing one's seal of file, the data of affixing one's seal include the operation of each historical operation user Permission；If the operating right of the user to be verified is stamped signature permission, judge that the identity of the user to be verified is legal, it is no Then, then judge that the identity of the user to be verified is illegal.

Another aspect of the present invention is to provide a kind of Electronic Seal System for supporting more application scenarios, including：Testing chapter please Receiving module is sought, the chapter of testing for receiving user is asked, and the chapter of testing asks to include sealed files to be verified；First operating right For testing chapter request according to, user to be verified is obtained from the data of affixing one's seal of the sealed files to be verified for acquisition module Operating right, the data of affixing one's seal include the operating right of each historical operation user；First determination module, if being treated for described It verifies that the operating right of user for stamped signature permission, then judges that the identity of the user to be verified is legal, otherwise, is then treated described in judgement Verify that the identity of user is illegal.

The electronic signature method and system provided by the invention for supporting more application scenarios, please by the chapter of testing according to user It asks, tests to the data of affixing one's seal in affixing one's seal in sealed files, if detecting the operating right of user by data of affixing one's seal For permission of affixing one's seal, then it can be determined that the user's identity is legal, therefore corresponding affix one's seal of the user is affixed one's seal to be legal, so as to carry The use effect and security of high sealed files.

Description of the drawings

It in order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is the present invention Some embodiments, for those of ordinary skill in the art, can also be obtained according to these attached drawings other attached drawings.

Fig. 1 is the flow diagram of the electronic signature method for the more application scenarios of support that the embodiment of the present invention one provides；

Fig. 2 is the flow diagram of the electronic signature method provided by Embodiment 2 of the present invention for supporting more application scenarios；

Fig. 3 is the flow diagram of the electronic signature method for the more application scenarios of support that the embodiment of the present invention three provides；

Fig. 4 is the structure diagram of the Electronic Seal System for the more application scenarios of support that the embodiment of the present invention four provides；

Fig. 5 is the structure diagram of the Electronic Seal System for the more application scenarios of support that the embodiment of the present invention five provides；

Fig. 6 is the structure diagram of the Electronic Seal System for the more application scenarios of support that the embodiment of the present invention six provides.

Specific embodiment

To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention In attached drawing, the technical solution in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is Part of the embodiment of the present invention, instead of all the embodiments.The every other reality obtained based on the embodiments of the present invention Example is applied, belongs to the scope of protection of the invention.

Fig. 1 is the flow diagram of the electronic signature method for the more application scenarios of support that the embodiment of the present invention one provides, such as Shown in Fig. 1, the described method includes：

101st, receive user tests chapter request, and the chapter of testing asks to include sealed files to be verified.

In the present embodiment, since a state is normal, do not had by the secondary sealed files affixed one's seal of criminal It is with legal effect, therefore, when using a sealed files, need to understand first in the sealed files affix one's seal it is whether legal, Whether the corresponding sealed files are with legal effect, and therefore, for portion, sealed files, arbitrary user can be to the lids Chapter request is tested in initiation of affixing one's seal in chapter file, wherein, testing chapter request includes sealed files to be verified.

102nd, chapter request is tested according to, obtains user's to be verified from the data of affixing one's seal of the sealed files to be verified Operating right, the data of affixing one's seal include the operating right of each historical operation user.

In the present embodiment, receive and test after chapter request, can ask to carry in the sealed files included from chapter is tested Taking-up is affixed one's seal data, wherein, data of affixing one's seal include the operating right of user, and specifically, operating right includes stamped signature permission and label It retakes the power limit.In general, can affix one's seal with the user of stamped signature permission in sealed files, it, can also be after after affixing one's seal It is continuous to specify at least one addressee user, and be the addressee user setting operating right；With signing for the user of permission to affixing one's seal After file is signed for, without further being operated to sealed files.It is alternatively possible to it is numbered by Electronic Signature disk To specify next addressee user.

If the 103, the operating right of the user to be verified is stamped signature permission, judge that the identity of the user to be verified is closed Otherwise method, then judges that the identity of the user to be verified is illegal.

In the present embodiment, if detecting, the operating right of the user for stamped signature permission, proves that the user has at this The permission affixed one's seal in sealed files, therefore, affixing one's seal for the user are also affixed one's seal to be legal；If detecting, user weighs without stamped signature Limit, then it is not the validated user of this sealed files to prove the user, then corresponding affix one's seal of the user is also illegal file, accordingly Ground, this sealed files are all a ordinary file without any effect for any user.

The electronic signature method provided in this embodiment for supporting more application scenarios is asked by the chapter of testing according to user, right Data of affixing one's seal in affixing one's seal in sealed files are tested, if detecting the operating right of user by data of affixing one's seal to affix one's seal Permission then can be determined that the user's identity is legal, therefore corresponding affix one's seal of the user is affixed one's seal to be legal, is affixed one's seal so as to improve The use effect and security of file.

Further, on the basis of above-described embodiment, the method further includes：

The operation requests of outbox user are received, the operation requests include sealed files and operation information, the operation information bag The permission of addressee user and the addressee user are included, the permission includes signing for permission and/or stamped signature permission；

Affixing one's seal for the sealed files is extracted from the operation requests data and to record, send to the addressee user described in Sealed files, the data of affixing one's seal include the permission of the corresponding outbox user of this operation, addressee user and the addressee user.

In the present embodiment, user can also continue to refer to after affixing one's seal to sealed files completion according to the permission of itself Determine the operating right of addressee user and addressee user, specifically, operating right includes stamped signature permission and signs for permission.It is general next It says, the user with stamped signature permission can affix one's seal in sealed files, after affixing one's seal, can also continue to specify at least one Addressee user, and be the addressee user setting operating right；Sealed files are being carried out to sign for it with the user for signing for permission Afterwards, without further being operated to sealed files, still, it is follow-up remove chapter during, any sign for user at this if having Afterwards the user to affix one's seal in sealed files is wanted affixing one's seal in sealed files is carried out removing chapter, then need this sign for user into Row confirms.Correspondingly, the corresponding client of addressee user is received in sealed files, times for sealing can be extracted from sealed files According to follow-up its can continue to operate sealed files according to the permission of itself.It should be noted that in order to ensure whole use The process of affixing one's seal at family be aware that it is transparent, subsequently to inquire about record of affixing one's seal, label test platform can to addressee user to lid When chapter file carries out any operation, which is recorded.

The electronic signature method provided in this embodiment for supporting more application scenarios is connect by adding to specify in sealed files It receives user and receives the permission of user, and each records the operation of sealed files, so as to prevent On the basis of sealed files are caused personal, collective loss by secondary affix one's seal, test chapter operation to be subsequent and provide the foundation.

Further, the electronic signature of each historical operation user is further included in the data of affixing one's seal, in any of the above-described implementation On the basis of example, chapter request is tested described in the basis, use to be verified is obtained from the data of affixing one's seal of the sealed files to be verified Before the operating right at family, further include：

Whether the electronic signature for detecting the user to be verified is effective；

If effectively, testing chapter request according to, user to be verified is obtained from the data of affixing one's seal of the sealed files to be verified Operating right；

If the operating right of the user to be verified be stamped signature permission, judge the user to be verified identity it is legal it Afterwards, further include：

Chapter request is tested according to described, whether the record of affixing one's seal of the detection sealed files to be verified is complete, if completely, judging institute It is effective to state sealed files to be verified, to be verified file is invalid otherwise, it is determined that described.

In the present embodiment, in addition to operating right, the corresponding signature value of the user that affixes one's seal, label are further included in data of affixing one's seal Name timestamp and certificate information.When testing chapter, label are tested after platform receives sealed files, can be extracted from sealed files Go out data of affixing one's seal, and pass through the true and false of national secret algorithm signature value corresponding with CertPubKey verification user, and the timestamp that will sign Electronic Signature basic platform is sent to, whether is to have with the true and false and detection corresponding affix one's seal of the user of detection signature timestamp Imitate stamped signature.Specifically, due to using national secret algorithm in verification process, the security of Electronic Signature is higher.Further, If signature value is effective signature value, label test platform can continue to the permission of the addressee user in sealed files and addressee user into Row detection, if detecting, user to be detected has stamped signature permission, can be determined that the stamped signature of the user is legal.It is appreciated that It is the sealed files of a more people's signatures, if after wherein someone cancels affixing one's seal in sealed files, then this is affixed one's seal The legal effect of file will change according to regulation when signing documents, therefore, in order to whether judge a sealed files It is legal effectively, after have detected the permission of user's signature value and addressee user, can also be recorded according in label check system The whole of the sealed files is affixed one's seal record, whether complete detects its record of affixing one's seal, if having any user in sealed files Affix one's seal and cancelled, if record of affixing one's seal is complete, can be determined that the sealed files are effective, if affix one's seal record it is imperfect, at this time The validity of sealed files can be judged according to regulation when signing the sealed files.

The electronic signature method provided in this embodiment for supporting more application scenarios is signed by detecting the user in sealed files Name value and history affix one's seal to record whether completely judge whether current sealed files are effective, so as to have to sealed files Effect property is more accurately judged, and then the loss that can be avoided secondary affix one's seal of disabled user and be brought to personal, collective.

Further, due to treating there are many types of sealed files, treat that sealed files need to be taken not for different Same mode on the basis of any of the above-described embodiment, after the operation requests for receiving outbox user, further includes：

If the operation requests do not include specifying the type of the sealed files in operation information or the operation requests for not Operable type then records the type of the sealed files as inoperable type and records the times for sealing of the sealed files According to the data of affixing one's seal include the outbox user.

In the present embodiment, since some sealed files without any user carry out continuing to affix one's seal, such as government exists After affixing one's seal on bulletin document, these official documents are often not required any user to continue to affix one's seal, and any user is not allowed even to continue It affixes one's seal.Therefore, for this class file, it can set action type for inoperable type when affixing one's seal or not specify operation Type then represents this class file and is worked on without anyone.In order to which the information to this sealed files backs up, also The identity information of this outbox user need to be recorded.

The electronic signature method provided in this embodiment for supporting more application scenarios, by the way that the operation requests of sealed files are set It is set to inoperable type or does not include operation information, so as to which other people is avoided to continue to affix one's seal in sealed files, into And the security of sealed files is ensured.

Further, if the type of sealed files includes operation information for inoperable type or not, at above-mentioned On the basis of one embodiment, the reception user's tests after chapter request, and subsequently testing chapter process can specifically include：

If the type of the sealed files is inoperable type, detect whether the user is affixing one's seal for the sealed files The user recorded in data, if it is not, then testing chapter failure.

In the present embodiment, if the type of sealed files includes operation information for inoperable type or not, subsequently Test in chapter request, if detecting the user information that the information of affixing one's seal in sealed files includes and the information of the sender to prestore It is inconsistent, then it can be determined that the user's identity is illegal, accordingly, affixing one's seal for the user is also illegal, then judges to test chapter failure, The sealed files do not come into force to the user.

The electronic signature method provided in this embodiment for supporting more application scenarios, by detecting that user is not described affixes one's seal The user recorded in the data of affixing one's seal of file then judges to test chapter failure, so as to ensure the security of sealed files, and then It ensure that the personal, interests of collective are not suffered a loss.

Fig. 2 is the flow diagram of the electronic signature method provided by Embodiment 2 of the present invention for supporting more application scenarios, such as Shown in Fig. 2, on the basis of any of the above-described embodiment, the method further includes：

201st, receive Client-initiated and remove chapter request, it is described to remove chapter request for by the revocation of affixing one's seal in the sealed files.

In the present embodiment, after user affixes one's seal to a certain sealed files, can also in sealed files affix one's seal into Row revocation, specifically, the chapter of removing that client can receive user's transmission are asked, and are removed chapter request according to this and performed subsequent operation.

202nd, chapter request detection is removed according to and whether there is any addressee user after the user affixes one's seal to described File is signed for.

In the present embodiment, due to when affixing one's seal, there is multiple users to carry out stamped signature to sealed files and sign for, therefore, If a certain user is cancelled with respect to affixing one's seal in sealed files, also need to obtain the agreement of the user signed for after which.Therefore, After receive that a certain user sends removes chapter request, it can also detect after the user affixes one's seal, if also have any addressee to use Family is signed for by this document.

If the 203rd, in the presence of, chapter request is not removed according to remove described in Zhang Bingxiang addressee user and send and remove chapter request, If whole addressee users agree to remove chapter, chapter request is removed according to and carries out removing chapter.

In the present embodiment, since Electronic Signature file has the possibility of infinite copy, to Electronic Signature file To remove chapter process also relatively complicated.If detecting after this affixes one's seal user also has other addressees to sign sealed files It receives, then directly can not carry out removing chapter according to the chapter request of removing of the user that affixes one's seal.And first have to obtain affix one's seal after which it is complete After the agreement of user is signed in portion, chapter request can be removed according to this, affixing one's seal in sealed files is carried out removing chapter, it specifically, can Signing for sequentially, and according to label for addressee user is obtained to be tested according to the Electronic Signature disk of follow-up addressee user number from label in platform The addressee user that please sign for of receipts order, which is sequentially completed, removes chapter, until detect it is follow-up sign for user and all remove chapter finishing, can The chapter request of removing sent according to the user carries out removing chapter.

If the 204, being not present, chapter request is removed according to and carries out removing chapter.

In the present embodiment, sealed files are signed for after stamped signature user if there is no any users, because This, before stamped signature user sign for user without to the sealed files remove Zhang Jinhang license on the basis of, can direct root The chapter request of removing sent according to the user carries out removing chapter.

It should be noted that sealed files are carried out to remove chapter and then according to the text of affixing one's seal according to the chapter request of removing of user When part carries out testing chapter, show user that the user and the user sign for afterwards it is corresponding affix one's seal it is invalid.

Illustrated with practical application, if the first and second the third three people endorsed a contract involving three parties, signature order be respectively first at first It affixes one's seal, after affixing one's seal second is specified to carry out stamped signature with third, second continues to affix one's seal to sealed files, after affixing one's seal first is specified to be signed It receives and specifies the third progress stamped signature, third finally affixes one's seal to sealed files, and first is specified to be carried out with second to sealed files after affixing one's seal It signs for.It if second initiates one and removes chapter request, carries out removing chapter firstly the need of third pair of this document of request, if third agrees to remove chapter, second Sealed files can remove with chapter according to chapter request is removed, in subsequent process, when carrying out testing chapter to sealed files, test chapter result For second with third affix one's seal it is invalid.As a kind of enforceable mode, if second, which initiates one, removes chapter request, need to obtain first first With third agreement, if first and third all agrees to that second carries out sealed files to remove chapter, second can carry out removing chapter.Above two embodiment party Formula can individually be implemented, and can also combine and implement, the present invention is not limited herein.

The electronic signature method provided in this embodiment for supporting more application scenarios receives after removing chapter request, passes through prison Survey whether there is any addressee user subsequently to affix one's seal sealed files, if in the presence of, should prompt first follow-up addressee user according to It is secondary that sealed files are carried out after removing chapter, it removes chapter request in basis and sealed files is carried out to remove chapter.So as to ensure text of affixing one's seal The security of part and using effect, additionally it is possible to improve the efficiency for removing chapter.

Fig. 3 is the flow diagram of the electronic signature method for the more application scenarios of support that the embodiment of the present invention three provides, such as Shown in Fig. 3, on the basis of any of the above-described embodiment, the method further includes：

301st, to treat that sealed files setting is affixed one's seal data, wherein, the data of affixing one's seal include the corresponding outbox user of this operation, Addressee user, the permission of the addressee user and location information of affixing one's seal.

In the present embodiment, before affixing one's seal sealed files, can sealed files be set with data of affixing one's seal, tool Body, data of affixing one's seal include outbox user, addressee user, the permission of addressee user and location information of affixing one's seal.Due to affixing one's seal In the process, it is necessary to which multiple addressee users carry out multistage to sealed files affixes one's seal, therefore in order to subsequently remove chapter and test chapter when can There is mark that can follow, so need to record the process affixed one's seal, it specifically, can be by recording outbox user, addressee user, receiving The permission of part user realizes the record to the process of affixing one's seal.Optionally, since a sealed files have determined that in generation The user in need to affix one's seal it, therefore, when setting addressee user, addressee user can be appointed as in addition to itself Any user can be appointed as itself not telling on.

It should be noted that location information of affixing one's seal specifically includes position of affixing one's seal, number of affixing one's seal and type of affixing one's seal, wherein, Type of affixing one's seal includes seal on the perforation, single page chapter and multipage chapter.

302nd, treat that sealed files are sent to label and test platform by described so that it is described label test platform affix one's seal according to position believe Breath treats that sealed files are affixed one's seal to described, generates and returns to the intermediate file for treating user authentication.

In the present embodiment, the sealed files for having set data of affixing one's seal are sent to after label test platform, label test platform from Extract data of affixing one's seal in sealed files, and specified in sealed files of location information of affixing one's seal in data of affixing one's seal is affixed one's seal Position is according to affixing one's seal type and number of affixing one's seal is affixed one's seal.And by data of affixing one's seal sender information, addressee information with And the permission of addressee is recorded.Simultaneously as Electronic Signature needs can after carrying out user authentication to it by user It comes into force, therefore, the intermediate file for treating user authentication can be generated according to sealed files.

303rd, the intermediate file that the label test platform return is received, and user authentication letter is obtained according to the intermediate file Breath.

In the present embodiment, client receives label and tests after the intermediate file of platform feedback, can be according among this File acquisition user authentication information.It is performed separately due to will affix one's seal with the process of user authentication, it is any so as to support User authentication algorithm, obtains that the mode of user authentication information is more flexible, additionally it is possible to improve the security affixed one's seal.

304th, the user authentication information is sent to the label and tests platform, so that the label test platform and recognize the user It demonstrate,proves information and is added to the intermediate file, obtain sealed files.

In the present embodiment, the user authentication information got can be sent to label and test platform by client, so that label It tests platform to fill user authentication information into sealed files, so as to complete this stamping.It should be noted that text of affixing one's seal Part can be pdf document, since pdf document has the advantages that be not easy to be tampered, thereby it is ensured that data are passed in arbitrary approach It broadcasts, any way displaying or even during printing, file content will not all change, so as to exist for sealed files Multi-party circulation provides the foundation.

The electronic signature method provided in this embodiment for supporting more application scenarios, by setting times for sealing for sealed files According to so that label test platform and affixed one's seal according to data of affixing one's seal sealed files, and affixing one's seal and be used with the step of user authentication Different executive agents performs, and so as to improve the security affixed one's seal, passes through and outbox user is added in the data of affixing one's seal, is received Part user and the permission of addressee user, so as to for multistage is affixed one's seal, multistage removes chapter and subsequent article sequence of testing provides the foundation.

Further, user authentication information specifically includes user's signature and signature timestamp, in any of the above-described embodiment On the basis of, obtain user authentication information the step of can specifically include：

Electronic Signature packing is called to calculate user's signature value according to the intermediate file；

The user's signature value is sent to Electronic Signature platform, so that the Electronic Signature platform is according to the user's signature value It calculates and returns to signature timestamp.

In the present embodiment, user authentication information specifically includes user's signature and signature timestamp, correspondingly, obtains The step of user authentication information, can include, and call the Electronic Signature disk of user to calculate the signature value of user, in order to user This signature is recorded and backed up, and can also the signature value be sent to Electronic Signature platform, so that Electronic Signature platform root Corresponding signature timestamp is returned according to the signature value, and this signature is recorded.Wherein, Electronic Signature disk is authoritative to specify Department's distribution, correspondingly, Electronic Signature basic platform is also that authoritative department is specified to issue, therefore security is higher.In addition, Due to being with the addition of the information such as user's signature value during affixing one's seal, provide the foundation for subsequent chapter of testing.

The electronic signature method provided in this embodiment for supporting more application scenarios, by recognizing using user's signature value as user Information is demonstrate,proved, so as to the validity for increasing the security of sealed files and affixing one's seal.

Further, on the basis of any of the above-described embodiment, described is before treating that sealed files set data of affixing one's seal, also Including：

Electronic Signature disk number is sent to the Electronic Signature basic platform, so that the Electronic Signature basic platform is according to institute Whether normal state the current state of the Electronic Signature disk number detection Electronic Signature disk；

If normal, treat that sealed files set parameter of affixing one's seal to be described.

In the present embodiment, before affixing one's seal sealed files, the validity to the Electronic Signature disk of user is also needed It is checked.Specifically, the Electronic Signature disk of user can be numbered and is sent to Electronic Signature basic platform, so that Electronic Signature Whether the state that basic platform detects Electronic Signature disk according to the label of Electronic Signature disk is abnormal.It is lifted with practical application Example, if detecting, the state of Electronic Signature disk to report the loss, can be determined that Electronic Signature disk abnormal state, then at this point, the electricity Sub- stamped signature disk may have been lost, therefore may be illegal using the user identity of the Electronic Signature disk, correspondingly, its is corresponding Affix one's seal also illegal, then can not be affixed one's seal at this time using the Electronic Signature disk, alternatively, even if using the Electronic Signature disk into Row is affixed one's seal, then it is also illegal or invalid that this, which is affixed one's seal,.If the state for detecting Electronic Signature disk is normal, then It can be affixed one's seal using the Electronic Signature disk, when subsequently carrying out testing chapter to sealed files, it is also effective that this, which is affixed one's seal,.

The electronic signature method provided in this embodiment for supporting more application scenarios, by detecting Electronic Signature before affixing one's seal The state of disk, so as to improve the security of the validity affixed one's seal and sealed files.

Fig. 4 is the structure diagram of the Electronic Seal System for the more application scenarios of support that the embodiment of the present invention four provides, such as Shown in Fig. 4, the system comprises：

Chapter request receiving module 41 is tested, the chapter of testing for receiving user is asked, and the chapter of testing asks to include sealed files to be verified.

Operating right acquisition module 42, for testing chapter request according to, from the times for sealing of the sealed files to be verified According to the middle operating right for obtaining user to be verified, the data of affixing one's seal include the operating right of each historical operation user.

First determination module 43 if being stamped signature permission for the operating right of the user to be verified, is treated described in judgement It verifies that the identity of user is legal, otherwise, then judges that the identity of the user to be verified is illegal.

It receives and tests after chapter request, can ask to extract data of affixing one's seal in the sealed files included from chapter is tested, In, data of affixing one's seal include the operating right of user, and specifically, operating right includes stamped signature permission and signs for permission.In general, User with stamped signature permission can affix one's seal in sealed files, after affixing one's seal, can also continue to specify at least one receipts Part user, and be the addressee user setting operating right；With signing for the user of permission after being signed for sealed files, Without further being operated to sealed files.It is alternatively possible to it numbers that next addressee is specified to use by Electronic Signature disk Family.

If the first determination module 43 detects that the operating right of the user for stamped signature permission, proves that the user has in the lid The permission affixed one's seal on chapter file, therefore, affixing one's seal for the user are also affixed one's seal to be legal；If the first determination module 43 detects user Without stamped signature permission, then it is not the validated user of this sealed files to prove the user, then corresponding affix one's seal of the user is also Illegal file, correspondingly, this sealed files are all a ordinary file without any effect for any user.

The Electronic Seal System provided in this embodiment for supporting more application scenarios is asked by the chapter of testing according to user, right Data of affixing one's seal in affixing one's seal in sealed files are tested, if detecting the operating right of user by data of affixing one's seal to affix one's seal Permission then can be determined that the user's identity is legal, therefore corresponding affix one's seal of the user is affixed one's seal to be legal, is affixed one's seal so as to improve The use effect and security of file.

Further, on the basis of above-described embodiment, the system also includes：

Operation requests receiving module, for receiving the operation requests of outbox user, the operation requests include sealed files and behaviour Make information, the operation information includes the permission of addressee user and the addressee user, the permission include signing for permission and/or Stamped signature permission；

Logging modle data and records for extracting affixing one's seal for the sealed files from the operation requests, to the receipts Part user sends the sealed files, and the data of affixing one's seal include the corresponding outbox user of this operation, addressee user and described The permission of addressee user.

In the present embodiment, after being affixed one's seal according to the permission of itself sealed files completion, operation requests receive user Module can also continue to specify the operating right of addressee user and addressee user, and specifically, operating right includes stamped signature permission With signing for permission.In general, the user with stamped signature permission can affix one's seal in sealed files, after affixing one's seal, may be used also To continue to specify at least one addressee user, and it is the addressee user setting operating right；With signing for the user of permission right After sealed files are signed for, without further being operated to sealed files, still, during subsequently chapter is removed, if Have it is any the user to affix one's seal in sealed files is wanted affixing one's seal in sealed files is carried out removing chapter after this signs for user, This is then needed to sign for user to be confirmed.It, can be from affixing one's seal correspondingly, the corresponding client of addressee user is received in sealed files Data of affixing one's seal are extracted in file, follow-up its can continue to operate sealed files according to the permission of itself.Need what is illustrated Be, in order to the process of affixing one's seal for ensureing whole users be aware that it is transparent, subsequently to inquire about record of affixing one's seal, label test platform can During carrying out any operation to sealed files to addressee user, which is recorded.

The Electronic Seal System provided in this embodiment for supporting more application scenarios is connect by adding to specify in sealed files It receives user and receives the permission of user, and each records the operation of sealed files, so as to prevent On the basis of sealed files are caused personal, collective loss by secondary affix one's seal, test chapter operation to be subsequent and provide the foundation.

Further, the electronic signature of each historical operation user is further included in the data of affixing one's seal, in any of the above-described implementation On the basis of example, specifically, the system also includes：

Whether sign electronically detection module, effective for detecting the electronic signature of the user to be verified；

Second operating right acquisition module, if for effectively, testing chapter request according to, from the sealed files to be verified The operating right of user to be verified is obtained in data of affixing one's seal；

The system also includes：

Second determination module, for testing chapter request according to, whether the record of affixing one's seal for detecting the sealed files to be verified is complete Whole, if completely, judging that the sealed files to be verified are effective, otherwise, it is determined that described, to be verified file is invalid.

In the present embodiment, in addition to operating right, the corresponding signature value of the user that affixes one's seal, label are further included in data of affixing one's seal Name timestamp and certificate information.When testing chapter, label are tested after platform receives sealed files, and electronic signature detection module can be with Data of affixing one's seal are extracted from sealed files, and pass through the true of national secret algorithm signature value corresponding with CertPubKey verification user Puppet, and signature timestamp is sent to Electronic Signature basic platform, with the true and false of detection signature timestamp and detection the user Whether corresponding affix one's seal is effective stamped signature.Specifically, due to using national secret algorithm in verification process, the peace of Electronic Signature Full property is higher.Further, if signature value is effective signature value, the second operating right acquisition module can continue to sealed files In addressee user and the permission of addressee user be detected, if detect user to be detected have stamped signature permission, can sentence The stamped signature for determining the user is legal.It is understood that the sealed files of a more people's signatures, if wherein someone is in sealed files Affix one's seal and cancelled after, then the legal effect of the sealed files will change according to regulation when signing documents, Therefore, in order to judge a sealed files it is whether legal effectively, have detected user's signature value and addressee user permission it Afterwards, the second determination module can also affix one's seal record according to the whole of the sealed files recorded in label check system, detect it and affix one's seal Whether record is complete, if has any user to cancel affixing one's seal in sealed files, if record of affixing one's seal is complete, can sentence The fixed sealed files are effective, record imperfect if affixing one's seal, the validity of sealed files can be according to signing the text of affixing one's seal at this time Regulation during part is judged.

The Electronic Seal System provided in this embodiment for supporting more application scenarios is signed by detecting the user in sealed files Name value and history affix one's seal to record whether completely judge whether current sealed files are effective, so as to have to sealed files Effect property is more accurately judged, and then the loss that can be avoided secondary affix one's seal of disabled user and be brought to personal, collective.

Further, due to treating there are many types of sealed files, treat that sealed files need to be taken not for different Same mode, on the basis of any of the above-described embodiment, the system also includes：

Operation requests determination type module, if not including for the operation requests in operation information or the operation requests The type of the sealed files is specified as inoperable type, then records the type of the sealed files as inoperable type simultaneously The data of affixing one's seal of the sealed files are recorded, the data of affixing one's seal include the outbox user.

The Electronic Seal System provided in this embodiment for supporting more application scenarios, by the way that the operation requests of sealed files are set It is set to inoperable type or does not include operation information, so as to which other people is avoided to continue to affix one's seal in sealed files, into And the security of sealed files is ensured.

Further, if the type of sealed files includes operation information for inoperable type or not, at above-mentioned On the basis of one embodiment, the system can specifically include：

Sealed files determination type module if being inoperable type for the type of the sealed files, detects the use Family whether be the sealed files data of affixing one's seal in the user that records, if it is not, then testing chapter failure.

In the present embodiment, if the type of sealed files includes operation information for inoperable type or not, subsequently Test chapter request in, if sealed files determination type module detects the user information that the information of affixing one's seal in sealed files includes The information of sender with prestoring is inconsistent, then can be determined that the user's identity is illegal, and accordingly, the user's affixes one's seal also not It is legal, then judge to test chapter failure, which does not come into force to the user.

The Electronic Seal System provided in this embodiment for supporting more application scenarios, by detecting that user is not described affixes one's seal The user recorded in the data of affixing one's seal of file then judges to test chapter failure, so as to ensure the security of sealed files, and then It ensure that the personal, interests of collective are not suffered a loss.

Fig. 5 is the structure diagram of the Electronic Seal System for the more application scenarios of support that the embodiment of the present invention five provides, such as Shown in Fig. 5, on the basis of any of the above-described embodiment, the system also includes：

Chapter request receiving module 51 is removed, chapter request is removed for receiving Client-initiated, it is described to remove chapter request for affixing one's seal described Revocation of affixing one's seal on file.

Detection module 52, for removing chapter request detection according to after the user affixes one's seal with the presence or absence of any addressee User signs for the file.

First removes chapter module 53, if in the presence of not removing chapter request according to and remove described in Zhang Bingxiang addressee and use Family, which is sent, removes chapter request, if whole addressee users agree to remove chapter, chapter request is removed according to and carries out removing chapter.

Second removes chapter module 54, if for being not present, chapter request is removed according to and carries out removing chapter.

In the present embodiment, after user affixes one's seal to a certain sealed files, can also in sealed files affix one's seal into Row revocation, specifically, remove chapter request receiving module 51 can receive user transmission remove chapter request, and according to this remove chapter request hold Row subsequent operation.

Due to when affixing one's seal, there are multiple users to carry out stamped signature to sealed files and signing for, therefore, covered if a certain user is opposite Affixing one's seal on chapter file is cancelled, and also needs to obtain the agreement of the user signed for after which.Therefore, a certain user's hair is received After that send removes chapter request, detection module 52 can also be detected after the user affixes one's seal, if also have any addressee user to this File is signed for.

Since Electronic Signature file has the possibility of infinite copy, chapter process is removed also more to Electronic Signature file It is cumbersome.If first, which removes chapter module 53, detects after this affixes one's seal user also have other addressees to sign for sealed files, Then directly it can not carry out removing chapter according to the chapter request of removing of the user that affixes one's seal.And it first has to obtain the whole receipts affixed one's seal after which After the agreement of part user, chapter request can be removed according to this, affixing one's seal in sealed files is carried out removing chapter, specifically, Ke Yigen It is tested according to the Electronic Signature disk number of follow-up addressee user from label in platform and obtains signing for sequentially for addressee user, and it is suitable according to signing for The addressee user that sequence please affix one's seal, which is sequentially completed, removes chapter, until detect that subsequent user is all removed chapter and finished, it can be according to the use The chapter request of removing of family transmission carries out removing chapter.

In the present embodiment, if second remove chapter module 54 detect it is right after stamped signature user there is no any user Sealed files are signed for, and therefore, user are signed for without removing Zhang Jinhang licenses to the sealed files before stamped signature user On the basis of, the chapter request of removing that can be directly sent according to the user carries out removing chapter..

It should be noted that sealed files are carried out to remove chapter and then according to the text of affixing one's seal according to the chapter request of removing of user When part carries out testing chapter, display the user it is corresponding affix one's seal it is invalid.

The Electronic Seal System provided in this embodiment for supporting more application scenarios receives after removing chapter request, passes through prison Survey whether there is any addressee user subsequently to affix one's seal sealed files, if in the presence of, should prompt first follow-up addressee user according to It is secondary that sealed files are carried out after removing chapter, it removes chapter request in basis and sealed files is carried out to remove chapter.So as to ensure text of affixing one's seal The security of part and using effect, additionally it is possible to improve the efficiency for removing chapter.

Fig. 6 is the structure diagram of the Electronic Seal System for the more application scenarios of support that the embodiment of the present invention six provides, such as Shown in Fig. 6, on the basis of any of the above-described embodiment, the system also includes：

Setup module 61, for treat that sealed files setting is affixed one's seal data, wherein, the data of affixing one's seal include this operation and correspond to Outbox user, addressee user, the permission of the addressee user and location information of affixing one's seal.

Module of affixing one's seal 62, for treating that sealed files are sent to label and test platform by described, so that the label test platform according to institute It states location information of affixing one's seal and treats that sealed files are affixed one's seal to described, generate and return to the intermediate file for treating user authentication.

Intermediate file receiving module 63, for receiving the intermediate file that the label test platform return, and according to the centre File acquisition user authentication information.

Authentication information sending module 64 tests platform, so that described for the user authentication information to be sent to the label Label test platform and the user authentication information are added to the intermediate file, obtain sealed files.

In the present embodiment, before affixing one's seal sealed files, setup module 61 can be set sealed files It affixes one's seal data, specifically, data of affixing one's seal include outbox user, addressee user, the permission of addressee user and position letter of affixing one's seal Breath.Due to during affixing one's seal, it is necessary to multiple addressee users to sealed files carry out multistage affix one's seal, in order to subsequently remove chapter and Can have mark that can follow when testing chapter, so need to record the process affixed one's seal, specifically, can by record outbox user, Addressee user, the permission of addressee user realize the record to the process of affixing one's seal.Optionally, since a sealed files are in generation Have determined that the user in need to affix one's seal it, therefore, when setting addressee user, addressee user can be appointed as removing Any user beyond itself can be appointed as itself not telling on.

It should be noted that location information of affixing one's seal specifically includes position of affixing one's seal, number of affixing one's seal and type of affixing one's seal, wherein, Type of affixing one's seal includes seal on the perforation, single page chapter and multipage chapter.Since seal on the perforation is needed on a chapter lid to multipage paper, Can in the provisioning process, user inputs arrange parameter by client, and so as to avoid affixing one's seal, picture cutting is non-uniform Problem.

The sealed files for having set data of affixing one's seal are sent to after label test platform by module of affixing one's seal 62, and label test platform from text of affixing one's seal Data of affixing one's seal, and specified affix one's seal position root of the location information in sealed files of affixing one's seal in data of affixing one's seal are extracted in part According to affixing one's seal type and number of affixing one's seal is affixed one's seal.And by sender information, addressee information and the addressee in data of affixing one's seal The permission of people is recorded.Simultaneously as Electronic Signature needs carry out it by user to come into force after user authentication, because This, can generate the intermediate file for treating user authentication according to sealed files.

Intermediate file receiving module 63 receives label and tests after the intermediate file of platform feedback, can be according to the intermediate file Obtain user authentication information.It is performed separately due to will affix one's seal with the process of user authentication, so as to support any user Identifying algorithm, obtains that the mode of user authentication information is more flexible, additionally it is possible to improve the security affixed one's seal.

In the present embodiment, the user authentication information got can be sent to label and tested by authentication information sending module 64 Platform, so that label test platform and fill user authentication information into sealed files, so as to complete this stamping.It needs to illustrate , sealed files can be pdf document, since pdf document has the advantages that be not easy to be tampered, thereby it is ensured that data During arbitrary approach is propagated, any way shows or even prints, file content will not all change, so as to It provides the foundation for sealed files in multi-party circulation.

The Electronic Seal System provided in this embodiment for supporting more application scenarios, by setting times for sealing for sealed files According to so that label test platform and affixed one's seal according to data of affixing one's seal sealed files, and affixing one's seal and be used with the step of user authentication Different executive agents performs, and so as to improve the security affixed one's seal, passes through and outbox user is added in the data of affixing one's seal, is received Part user and the permission of addressee user, so as to for multistage is affixed one's seal, multistage removes chapter and subsequent article sequence of testing provides the foundation.

Further, user authentication information specifically includes user's signature and signature timestamp, in any of the above-described embodiment On the basis of, intermediate file receiving module can specifically include：

Signature value computing unit, for Electronic Signature packing to be called to calculate user's signature value according to the intermediate file；

Signature timestamp acquiring unit, for the user's signature value to be sent to Electronic Signature platform, so that the electronics label Zhang Pingtai is calculated according to the user's signature value and is returned to signature timestamp.

In the present embodiment, user authentication information specifically includes user's signature and signature timestamp, correspondingly, obtains The step of user authentication information, can include, and signature value computing unit calls the Electronic Signature disk of user to calculate the signature of user Value, in order to which to user, this signature is recorded and backed up, which can also be sent to by signature timestamp acquiring unit Electronic Signature platform so that Electronic Signature platform returns to corresponding signature timestamp according to the signature value, and to this sign into Row record.Wherein, Electronic Signature disk is to specify authoritative department distribution, and correspondingly, Electronic Signature basic platform is also to specify power The distribution of prestige department, therefore security is higher.Further, since the information such as user's signature value are with the addition of during affixing one's seal, therefore It provides the foundation for subsequent chapter of testing.

The Electronic Seal System provided in this embodiment for supporting more application scenarios, by recognizing using user's signature value as user Information is demonstrate,proved, so as to the validity for increasing the security of sealed files and affixing one's seal.

Further, on the basis of any of the above-described embodiment, the system also includes：

State detection module, for Electronic Signature disk number to be sent to the Electronic Signature basic platform, so that the electronics Whether stamped signature basic platform is normal according to the current state of the Electronic Signature disk number detection Electronic Signature disk；

It affixes one's seal parameter setting module, if for normal, treats that sealed files setting is affixed one's seal parameter to be described.

In the present embodiment, before affixing one's seal sealed files, state detection module also needs the electronics label to user The validity of chapter disk is checked.Specifically, the Electronic Signature disk of user can be numbered and is sent to Electronic Signature basic platform, So that whether the state that Electronic Signature basic platform detects Electronic Signature disk according to the label of Electronic Signature disk is abnormal.With reality Border applies to illustrate, if detecting, the state of Electronic Signature disk to report the loss, can be determined that Electronic Signature disk abnormal state, then At this point, the Electronic Signature disk may have been lost, therefore may be illegal using the user identity of the Electronic Signature disk, accordingly , it is corresponding to affix one's seal also illegal, then it can not be affixed one's seal at this time using the Electronic Signature disk, alternatively, even if using should Electronic Signature disk is affixed one's seal, then it is also illegal or invalid that this, which is affixed one's seal,.If parameter setting module of affixing one's seal detects State to Electronic Signature disk is normal, then can be affixed one's seal using the Electronic Signature disk, subsequently sealed files are carried out When testing chapter, it is also effective that this, which is affixed one's seal,.

The Electronic Seal System provided in this embodiment for supporting more application scenarios, by detecting Electronic Signature before affixing one's seal The state of disk, so as to improve the security of the validity affixed one's seal and sealed files.

It is apparent to those skilled in the art that for convenience and simplicity of description, the device of foregoing description Specific work process, may be referred to the corresponding process in preceding method embodiment, details are not described herein.

One of ordinary skill in the art will appreciate that：Realizing all or part of step of above-mentioned each method embodiment can lead to The relevant hardware of program instruction is crossed to complete.Foregoing program can be stored in a computer read/write memory medium.The journey Sequence upon execution, execution the step of including above-mentioned each method embodiment；And foregoing storage medium includes：ROM, RAM, magnetic disc or The various media that can store program code such as person's CD.

Finally it should be noted that：The above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations；To the greatest extent Pipe is described in detail the present invention with reference to foregoing embodiments, it will be understood by those of ordinary skill in the art that：Its according to Can so modify to the technical solution recorded in foregoing embodiments either to which part or all technical characteristic into Row equivalent substitution；And these modifications or replacement, the essence of appropriate technical solution is not made to depart from various embodiments of the present invention technology The scope of scheme.

Claims

1. a kind of electronic signature method for supporting more application scenarios, which is characterized in that including：

Receive user tests chapter request, and the chapter of testing asks to include sealed files to be verified；

According to the operating rights tested chapter request, user to be verified is obtained from the data of affixing one's seal of the sealed files to be verified Limit, the data of affixing one's seal include the operating right of each historical operation user；

If the operating right of the user to be verified is stamped signature permission, judge that the identity of the user to be verified is legal, otherwise, Then judge that the identity of the user to be verified is illegal.

2. according to the method described in claim 1, it is characterized in that, the method further includes：

3. according to the method described in claim 1, it is characterized in that, further include each historical operation user's in the data of affixing one's seal It signs electronically, chapter request is tested described in the basis, user to be verified is obtained from the data of affixing one's seal of the sealed files to be verified Operating right before, further include：

4. according to the method described in claim 2, it is characterized in that, after the operation requests for receiving outbox user, also wrap It includes：

5. according to the method described in claim 4, it is characterized in that, it is described receive user test chapter request after, further include：

6. according to the method described in claim 1, it is characterized in that, the method further includes：

It receives Client-initiated and removes chapter request, it is described to remove chapter request for by the revocation of affixing one's seal in the sealed files；

Any addressee user whether there is to file progress after the user affixes one's seal according to the chapter request detection of removing It signs for；

If in the presence of chapter request is not removed according to remove described in Zhang Bingxiang addressee user and send and remove chapter request, if all existing The user user signed for afterwards that affixes one's seal agrees to remove chapter, then chapter request is removed according to and carries out removing chapter；

If being not present, chapter request is removed according to and carries out removing chapter.

7. according to the method described in claim 1, it is characterized in that, the method further includes：

To treat that sealed files set data of affixing one's seal, wherein, the data of affixing one's seal include the corresponding outbox user of this operation, addressee User, the permission of the addressee user and location information of affixing one's seal；

Treat that sealed files are sent to label and test platform by described, so that the label test platform and location information is affixed one's seal according to described It treats that sealed files are affixed one's seal, generate and returns to the intermediate file for treating user authentication；

The intermediate file that the label test platform return is received, and user authentication information is obtained according to the intermediate file；

The user authentication information is sent to the label and tests platform, so that the label test platform and add the user authentication information The intermediate file is added to, obtains sealed files.

8. the method according to the description of claim 7 is characterized in that the user authentication information includes user's signature and signature Timestamp, the intermediate file for receiving the label and testing platform return, and user authentication information is obtained according to the intermediate file, Including：

9. according to the method described in claim 8, it is characterized in that, described is before treating that sealed files set data of affixing one's seal, also Including：

10. a kind of Electronic Seal System for supporting more application scenarios, which is characterized in that including：

Chapter request receiving module is tested, the chapter of testing for receiving user is asked, and the chapter of testing asks to include sealed files to be verified；

First operating right acquisition module, for testing chapter request according to, from the data of affixing one's seal of the sealed files to be verified The middle operating right for obtaining user to be verified, the data of affixing one's seal include the operating right of each historical operation user；

First determination module if being stamped signature permission for the operating right of the user to be verified, judges the use to be verified The identity at family is legal, otherwise, then judges that the identity of the user to be verified is illegal.

11. system according to claim 10, which is characterized in that the system also includes：

12. system according to claim 10, which is characterized in that each historical operation user is further included in the data of affixing one's seal Electronic signature, the system also includes：

The system also includes：

13. system according to claim 11, which is characterized in that the system also includes：

14. system according to claim 13, which is characterized in that the system also includes：

15. system according to claim 10, which is characterized in that the system also includes：

Chapter request receiving module is removed, chapter request is removed for receiving Client-initiated, it is described to remove chapter request for by the text of affixing one's seal Revocation of affixing one's seal on part；

Detection module, for removing chapter request detection according to after the user affixes one's seal with the presence or absence of any addressee user couple The file is signed for；

First removes chapter module, if in the presence of not removing chapter request according to and remove described in Zhang Bingxiang addressee user and send Chapter request is removed, if all agreeing to remove chapter in the affix one's seal user that signs for afterwards of the user, chapter request progress is removed according to Remove chapter；

Second removes chapter module, if for being not present, chapter request is removed according to and carries out removing chapter.

16. system according to claim 10, which is characterized in that the system also includes：

Setup module, for treat that sealed files setting is affixed one's seal data, wherein, it is corresponding that the data of affixing one's seal include this operation Outbox user, addressee user, the permission of the addressee user and location information of affixing one's seal；

It affixes one's seal module, for treating that sealed files are sent to label and test platform by described, so that the label test platform and affix one's seal according to Location information treats that sealed files are affixed one's seal to described, generates and returns to the intermediate file for treating user authentication；

Intermediate file receiving module is tested the intermediate file of platform return for receiving the label, and is obtained according to the intermediate file Take user authentication information；

Authentication information sending module, for by the user authentication information be sent to it is described label test platform so that it is described label test it is flat The user authentication information is added to the intermediate file by platform, obtains sealed files.

17. system according to claim 16, which is characterized in that the user authentication information includes user's signature and label Name timestamp, the intermediate file receiving module include：

18. system according to claim 16, which is characterized in that the system also includes：