Disclosure of Invention
In order to solve the problem of low efficiency of the existing electronic file certification method, the embodiment of the specification provides an electronic file certification method and device, and the technical scheme is as follows:
according to an aspect 1 of embodiments of the present specification, there is provided an electronic document certification method applied to certification service equipment, the certification service equipment interfacing with a blockchain network, the method including:
acquiring at least two electronic files to be stored;
performing hash calculation according to the at least two electronic files to obtain a stored hash value;
constructing a forensic transaction comprising the forensic hash value, and submitting the forensic transaction to the blockchain network so that the blockchain network writes the forensic transaction into a blockchain;
and recording the corresponding relation between each electronic file and the certification hash value for each electronic file.
According to the 2 nd aspect of the embodiments of the present specification, there is provided a certification verification method for an electronic file, which is applied to a certification service device, the certification service device being docked to a blockchain network, the method including:
receiving a certificate storing verification request sent by a user; the certification verification request comprises a target electronic file;
judging whether a certificate hash value corresponding to the target electronic file exists or not according to the corresponding relation recorded in the method in the 1 st aspect;
if so, checking whether the proving transaction containing the proving hash value is written into the blockchain through the blockchain network, and feeding back a checking result to the user.
According to a 3 rd aspect of embodiments of the present specification, there is provided an electronic document authentication device, the device interfacing with a blockchain network, the device comprising:
the acquisition module is used for acquiring at least two electronic files to be stored;
the calculation module is used for performing hash calculation according to the at least two electronic files to obtain a stored certificate hash value;
a submitting module is constructed, a forensic transaction containing the forensic hash value is constructed, and the forensic transaction is submitted to the blockchain network, so that the blockchain network writes the forensic transaction into a blockchain;
and the corresponding relation recording module is used for recording the corresponding relation between each electronic file and the evidence-storing hash value according to each electronic file.
According to a 4 th aspect of embodiments of the present specification, there is provided a certification verification apparatus for an electronic document, the apparatus interfacing with a blockchain network, the apparatus comprising:
the receiving module is used for receiving a certificate storing and checking request sent by a user; the certification verification request comprises a target electronic file;
a judgment processing module for judging whether a stored hash value corresponding to the target electronic file exists or not according to the corresponding relation recorded in the method of any one of claims 1 to 4; if so, checking whether the proving transaction containing the proving hash value is written into the blockchain through the blockchain network, and feeding back a checking result to the user.
According to the technical scheme provided by the embodiment of the specification, on one hand, the certificate storing service equipment packages a certificate storing hash value obtained based on at least two electronic files to be stored into one certificate storing transaction, and submits the certificate storing transaction to a blockchain network once, so that more than one electronic file can be anchored in the blockchain through one transaction submitting operation; on the other hand, the certification service equipment records the corresponding relation between each electronic file in the at least two electronic files and the certification hash value, so that the record of which certification transaction in the blockchain each electronic file is specifically anchored in is equivalent to that, and the certification verification of a single electronic file is not influenced. According to the embodiment of the specification, the efficiency of verifying the electronic file can be improved on the premise that verification of the electronic file is not affected.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the embodiments of the disclosure.
Further, not all of the effects described above need be achieved in any of the embodiments of the present specification.
Detailed Description
In the existing electronic document certification method, as shown in fig. 1, a single certification and a single verification are performed on an electronic document. Specifically, assuming that the user wants to document more than one electronic file, the electronic file needs to be uploaded to the document service device separately for each electronic file, the document service device encapsulates the hash value of the electronic file into a document transaction and submits the document transaction to the blockchain network, and the document transaction is finally written into the blockchain by the blockchain network, which means that the electronic file is anchored in the blockchain, so that the document is document stored. And if the verification is required to be carried out on a certain electronic file, positioning an anchor point of the electronic file in the blockchain according to the hash value of the electronic file (namely, the verification transaction containing the hash value of the electronic file), and if the anchor point exists, confirming that the verification is passed.
In the embodiment of the present disclosure, as shown in fig. 2, batch verification and single verification are performed on the electronic files, so that the efficiency of verifying the electronic files can be improved on the premise that verification of the single electronic file is not affected.
In order for those skilled in the art to better understand the technical solutions in the embodiments of the present specification, the technical solutions in the embodiments of the present specification will be described in detail below with reference to the drawings in the embodiments of the present specification, and it is apparent that the described embodiments are only some embodiments of the present specification, not all embodiments. All other embodiments obtained by a person skilled in the art based on the embodiments in the present specification shall fall within the scope of protection.
The following describes in detail the technical solutions provided by the embodiments of the present specification with reference to the accompanying drawings.
Fig. 3 is a flow chart of a method for storing and verifying an electronic file according to an embodiment of the present disclosure, including the following steps:
s300: and acquiring at least two electronic files to be authenticated.
The execution subject of the method is a certification service device of a data certification service provider, which can be a server of the data certification service provider. And the evidence storage service equipment is provided with a blockchain program for carrying out data interaction with the blockchain network so as to realize the butt joint of the evidence storage service equipment and the blockchain network.
The electronic files described herein are files that are generated in digital devices and environments, stored in carriers such as magnetic tapes, magnetic discs, optical discs, etc., and read, processed, and transferred over a communication network by devices such as computers. For example, in the context of web page evidence, the electronic file to be stored may be a web page screenshot file or a video file recording the process of evidence web page.
S302: and executing hash calculation according to the at least two electronic files to obtain a certification hash value.
As an optional implementation manner, in step S302, the at least two electronic files may be packaged into a file package, and a hash algorithm is performed with the file package as an object, to obtain a verification hash value.
As another optional implementation manner, in step S300, the certificate service device may specifically obtain a file compression packet (for example, may be in a zip format or may be in an rar format), where the file compression packet is obtained after compressing at least two electronic files to be authenticated. In step S302, a hash calculation is performed with the file compression packet as an object, to obtain a verified hash value.
Further, in step S300, at least two electronic files to be authenticated uploaded by the user may be received, and compression processing is performed on the at least two electronic files to obtain a file compression package. The file compression package uploaded by the user can also be received.
Further, as another alternative embodiment, in step S302, a merck tree may be constructed based on the hash value of each of the at least two electronic files to be authenticated; and determining the root hash value of the merck tree as a evidence hash value.
S304: and constructing a forensic transaction containing the forensic hash value, and submitting the forensic transaction to the blockchain network.
In the embodiment of the specification, the certificate hash value obtained based on at least two electronic files to be authenticated is written into the certificate transaction, and the certificate transaction is submitted to the blockchain network, so that the blockchain network writes the certificate transaction into the blockchain. Therefore, more than one electronic file can be anchored into the blockchain in batches through one transaction submitting operation, and the verification efficiency of the electronic file is improved.
S306: and recording the corresponding relation between each electronic file and the certification hash value.
In the present embodiment, the anchors of the at least two electronic files in the blockchain are identical (i.e., anchored to the same certification transaction), however, the certification transaction encapsulates not the hash value of the single electronic file, but one certification hash value derived from the at least two electronic files.
In practical applications, a user often needs to check the certificate of a single electronic file, and typically submits the single electronic file to a certificate authority to request checking. For the certification service set, the anchor point of the electronic file cannot be located in the blockchain only according to the electronic file.
Therefore, the forensic service apparatus needs to record which electronic files corresponding to each forensic hash value written in the blockchain are. In this way, the certification service device can map a certain electronic file to be verified to a corresponding certification hash value, so as to determine the certification transaction containing the certification hash value as an anchor point of the electronic file in the blockchain.
In addition, in the embodiment of the present specification, the execution timing of step S306 is not particularly limited. For example, step S306 may be performed before step S302 is performed, step S302 is performed simultaneously, or step S302 is performed thereafter.
Further, in step S306, for each electronic file, a hash calculation may be performed with the electronic file as an object, to obtain a hash value of the electronic file; then, the corresponding relation between the hash value of each electronic file and the stored hash value is recorded.
Fig. 4 is a flowchart of a method for verifying a certificate of an electronic file according to an embodiment of the present disclosure, including the following steps:
s400: and receiving a certification verification request sent by the user.
The method shown in fig. 4 is performed by a certification service set.
The certification verification request is issued when a user needs to perform certification verification (i.e., verify whether a certification has been already stored) on an electronic file to be certified (referred to herein as a target electronic file) that has been uploaded to a certification service device before the user. And the certification verification request carries the target electronic file.
S402: and judging whether a stored hash value corresponding to the hash value of the target electronic file exists or not according to the corresponding relation recorded in the method shown in fig. 3.
S404: if so, checking whether the proving transaction containing the proving hash value is written into the blockchain through the blockchain network, and feeding back a checking result to the user.
As described above, the certification service apparatus records, for each certification transaction written in the blockchain, each electronic file (or a hash value of an electronic file) corresponding to a certification hash value included in the certification transaction. Therefore, if the stored-certificate hash value corresponding to the target electronic file exists, the stored-certificate service equipment judges whether the stored-certificate hash value is written into the blockchain through the blockchain network, if so, the stored-certificate of the target electronic file is indicated, and if not, the stored-certificate of the target electronic file is indicated.
Further, if the forensic hash value corresponding to the target electronic file does not exist, the forensic service device may reject the forensic verification request.
By the method shown in fig. 3 and fig. 4, on one hand, the certificate service device encapsulates the certificate hash value obtained based on at least two electronic files to be authenticated into one certificate transaction, and submits the certificate transaction to the blockchain network once, so that more than one electronic file can be anchored in the blockchain through one transaction submitting operation; on the other hand, the certification service equipment records the corresponding relation between each electronic file in the at least two electronic files and the certification hash value, so that the record of which certification transaction in the blockchain each electronic file is specifically anchored in is equivalent to that, and the certification verification of a single electronic file is not influenced. According to the embodiment of the specification, the efficiency of verifying the electronic file can be improved on the premise that verification of the electronic file is not affected.
Fig. 5 is a schematic structural diagram of an electronic document authentication device according to an embodiment of the present disclosure, where the device interfaces with a blockchain network, and the device includes:
the obtaining module 501 obtains at least two electronic files to be authenticated;
the calculating module 502 performs hash calculation according to the at least two electronic files to obtain a stored certificate hash value;
a build commit module 503 builds a forensic transaction comprising the forensic hash value and commits the forensic transaction to the blockchain network so that the blockchain network writes the forensic transaction to a blockchain;
the correspondence recording module 504 records, for each electronic file, a correspondence between the electronic file and the prover hash value.
The acquiring module 501 acquires a file compression package; the file compression package is obtained after at least two electronic files to be stored are compressed;
the calculating module 502 performs hash calculation with the file compression packet as an object to obtain a stored hash value.
The obtaining module 501 receives at least two electronic files to be authenticated uploaded by a user, and compresses the at least two electronic files to obtain a file compression package; or receiving a file compression packet uploaded by a user.
The computing module 502 constructs a merck tree based on the hash value of each electronic file; and determining the root hash value of the merck tree as a evidence hash value.
The correspondence record module 504 performs hash computation with respect to each electronic file by taking the electronic file as an object to obtain a hash value of the electronic file; and recording the corresponding relation between the hash value of each electronic file and the certification hash value.
Fig. 6 is a schematic structural diagram of a certification verification device for electronic files according to an embodiment of the present disclosure, where the device interfaces with a blockchain network, and the device includes:
the receiving module 601 receives a certificate storing and checking request sent by a user; the certification verification request comprises a target electronic file;
the judging and processing module 602 judges whether a stored certificate hash value corresponding to the target electronic file exists according to the corresponding relation recorded in the method shown in fig. 3; if so, checking whether the proving transaction containing the proving hash value is written into the blockchain through the blockchain network, and feeding back a checking result to the user.
The judging and processing module 602 rejects the certificate-storing verification request if the certificate-storing verification request does not exist.
The embodiments of the present disclosure also provide a computer device at least including a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the processor implements the functions of the methods shown in fig. 3 or 4 when executing the program.
FIG. 7 illustrates a more specific hardware architecture diagram of a computing device provided by embodiments of the present description, which may include: a processor 1410, a memory 1420, an input/output interface 1430, a communication interface 1440, and a bus 1450. Wherein processor 1410, memory 1420, input/output interface 1430, and communication interface 1440 enable communication connections among each other within the device via a bus 1450.
The processor 1410 may be implemented by a general-purpose CPU (Central Processing Unit ), a microprocessor, an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits, etc. for executing relevant programs to implement the technical solutions provided in the embodiments of the present disclosure.
The Memory 1420 may be implemented in the form of ROM (Read Only Memory), RAM (Random Access Memory ), static storage device, dynamic storage device, or the like. The memory 1420 can store an operating system and other application programs, and when the technical solutions provided in the embodiments of the present specification are implemented in software or firmware, relevant program codes are stored in the memory 1420 and invoked by the processor 1410 to be executed.
The input/output interface 1430 is used to connect with an input/output module to achieve information input and output. The input/output module may be configured as a component in a device (not shown) or may be external to the device to provide corresponding functionality. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various types of sensors, etc., and the output devices may include a display, speaker, vibrator, indicator lights, etc.
The communication interface 1440 is used to connect a communication module (not shown in the figure) to enable the present device to interact with other devices for communication. The communication module may implement communication through a wired manner (such as USB, network cable, etc.), or may implement communication through a wireless manner (such as mobile network, WIFI, bluetooth, etc.).
Bus 1450 includes a path to transfer information between elements of the device (e.g., processor 1410, memory 1420, input/output interface 1430, and communication interface 1440).
It should be noted that although the above-described device only shows processor 1410, memory 1420, input/output interface 1430, communication interface 1440, and bus 1450, in particular implementations, the device may include other components necessary to achieve proper operation. Furthermore, it will be understood by those skilled in the art that the above-described apparatus may include only the components necessary to implement the embodiments of the present description, and not all the components shown in the drawings.
The present description also provides a computer-readable storage medium having stored thereon a computer program which, when executed by a processor, performs the functions of the method shown in fig. 3 or 4.
Computer readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. Computer-readable media, as defined herein, does not include transitory computer-readable media (transmission media), such as modulated data signals and carrier waves.
From the foregoing description of embodiments, it will be apparent to those skilled in the art that the present embodiments may be implemented in software plus a necessary general purpose hardware platform. Based on such understanding, the technical solutions of the embodiments of the present specification may be embodied in essence or what contributes to the prior art in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the embodiments or some parts of the embodiments of the present specification.
The system, method, module or unit set forth in the above embodiments may be implemented in particular by a computer chip or entity, or by a product having a certain function. A typical implementation device is a computer, which may be in the form of a personal computer, laptop computer, cellular telephone, camera phone, smart phone, personal digital assistant, media player, navigation device, email device, game console, tablet computer, wearable device, or a combination of any of these devices.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for the method and apparatus embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, with reference to the description of the method embodiments in part. The above-described method embodiments are merely illustrative, in that the modules illustrated as separate components may or may not be physically separate, and the functions of the modules may be implemented in the same piece or pieces of software and/or hardware when implementing the embodiments of the present disclosure. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
The foregoing is merely a specific implementation of the embodiments of this disclosure, and it should be noted that, for a person skilled in the art, several improvements and modifications may be made without departing from the principles of the embodiments of this disclosure, and these improvements and modifications should also be considered as protective scope of the embodiments of this disclosure.