CN110826091B - File signature method and device, electronic equipment and readable storage medium - Google Patents

File signature method and device, electronic equipment and readable storage medium Download PDF

Info

Publication number
CN110826091B
CN110826091B CN201810922975.8A CN201810922975A CN110826091B CN 110826091 B CN110826091 B CN 110826091B CN 201810922975 A CN201810922975 A CN 201810922975A CN 110826091 B CN110826091 B CN 110826091B
Authority
CN
China
Prior art keywords
signers
signature
signer
file
public keys
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810922975.8A
Other languages
Chinese (zh)
Other versions
CN110826091A (en
Inventor
冷志峰
宁廷泽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Kingsoft Office Software Inc
Zhuhai Kingsoft Office Software Co Ltd
Guangzhou Kingsoft Mobile Technology Co Ltd
Original Assignee
Beijing Kingsoft Office Software Inc
Zhuhai Kingsoft Office Software Co Ltd
Guangzhou Kingsoft Mobile Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Kingsoft Office Software Inc, Zhuhai Kingsoft Office Software Co Ltd, Guangzhou Kingsoft Mobile Technology Co Ltd filed Critical Beijing Kingsoft Office Software Inc
Priority to CN201810922975.8A priority Critical patent/CN110826091B/en
Publication of CN110826091A publication Critical patent/CN110826091A/en
Application granted granted Critical
Publication of CN110826091B publication Critical patent/CN110826091B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention provides a file signature method and device, electronic equipment and a readable storage medium. The method comprises the following steps: calculating an information abstract value of the target file according to a preset information abstract algorithm; acquiring private keys and public keys of a plurality of signers; according to a preset signature rule, carrying out encryption calculation on the information digest value by using a plurality of private keys corresponding to a plurality of signers to obtain combined digital signatures of the plurality of signers; correspondingly storing the combined digital signature and the information abstract value of a plurality of signers and a plurality of public keys corresponding to the plurality of signers into a block chain distributed account book; and writing a signature mark carrying a plurality of public keys in the target file, wherein the public keys in the signature mark are arranged according to the sequence of the decryption combined digital signature. In this way, joint digital signatures of multiple signers on a target document can be achieved. In addition, the digital signature is stored in the block chain distributed account book, so that the validity of the combined digital signature can be ensured, and the data security is improved.

Description

File signature method and device, electronic equipment and readable storage medium
Technical Field
The present invention relates to the field of computer technologies, and in particular, to a file signature method and apparatus, an electronic device, and a readable storage medium.
Background
Document signing refers to digitally signing a document. Where a digital signature is some of the data attached to a file, and often a digital signature is attached to the end of the file. In this way, the recipient of the file can verify from the appended data: whether the file was indeed sent by the signer and whether the file content of the file was tampered with.
For example, Zhang III digitally signs file A with a private key. The digital signature is written in the tail of the signed file A. Then, Zhang three sends the signed file A to lie four. Lie four after receiving the signed file a, can utilize the public key of zhang san to decrypt the digital signature. If lie four can decrypt with the public key of zhang three to obtain the hash value of the file a, the file a is proved to be really sent by zhang three. And, the hash calculation can be performed on the received file a, and the calculated hash value can be compared with the decrypted hash value. If the comparison result is consistent, the file A is not tampered, and if the comparison result is inconsistent, the file A is tampered.
However, the method of attaching the digital signature to the file makes the digital signature easily tampered by a malicious user, and the validity of the digital signature cannot be guaranteed, so that the security of the user data is threatened.
Disclosure of Invention
Embodiments of the present invention provide a file signing method, an apparatus, an electronic device, and a readable storage medium, so as to implement joint digital signing on a target file by multiple signers, ensure validity of the digital signature, and improve security of data. The specific technical scheme is as follows:
in a first aspect, an embodiment of the present invention provides a file signing method, where the method may include:
determining a target file to be digitally signed, and calculating an information abstract value of the target file according to a preset information abstract algorithm;
acquiring private keys and public keys of a plurality of signers who need to digitally sign a target file;
according to a preset signature rule, carrying out encryption calculation on the information digest value by using a plurality of private keys corresponding to a plurality of signers to obtain combined digital signatures of the plurality of signers; wherein, presetting the signature rule comprises: respectively utilizing the private key of each signer to carry out encryption calculation on the information digest value; or, the private key of each signer is used for carrying out encryption calculation on the target content in sequence; when the first encryption calculation is carried out, the target content is an information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: an encryption result calculated by one encryption calculation before the current encryption calculation;
correspondingly storing the combined digital signature of the plurality of signers, the information abstract value and a plurality of public keys corresponding to the plurality of signers into a block chain distributed account book;
and writing a signature mark carrying a plurality of public keys in the target file, wherein the public keys in the signature mark are arranged according to the sequence of the decryption combined digital signature.
Optionally, in an implementation manner, the step of obtaining private keys and public keys of a plurality of signers that are to digitally sign the target file may include:
loading private key encrypted files and public keys of a plurality of signers needing to digitally sign a target file from the block chain private key and public key pair storage software;
and for each signer, decrypting the private key encrypted file corresponding to the signer by using the private key decryption key input by the signer to obtain a private key corresponding to the public key of the signer.
Optionally, in another implementation manner, the step of obtaining private keys and public keys of a plurality of signers that are to digitally sign the target file may include:
and calling the block chain private key and public key pair generation software to generate private keys and public keys of a plurality of signers needing to digitally sign the target file.
Optionally, after the step of invoking the blockchain private key and public key pair generating software to generate private keys and public keys of a plurality of signers to digitally sign the target file, the method may further comprise:
obtaining the identity of a plurality of signers;
and correspondingly storing the identity of the signer and the public key of the signer into the block chain distributed account book aiming at each signer.
Optionally, the signature tag may also carry an information digest value.
Optionally, the signature tag may further carry:
the signature time of the digital signature performed by the plurality of signers and/or the identity corresponding to each signer.
In a second aspect, an embodiment of the present invention further provides a file signing apparatus, where the apparatus may include:
the determining module is used for determining a target file to be digitally signed and calculating an information abstract value of the target file according to a preset information abstract algorithm;
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring private keys and public keys of a plurality of signers needing to digitally sign a target file;
the calculation module is used for carrying out encryption calculation on the information digest value by utilizing a plurality of private keys corresponding to a plurality of signers according to a preset signature rule to obtain a combined digital signature of the plurality of signers; wherein, presetting the signature rule comprises: respectively utilizing the private key of each signer to carry out encryption calculation on the information digest value; or, the private key of each signer is used for carrying out encryption calculation on the target content in sequence; when the first encryption calculation is carried out, the target content is an information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: an encryption result calculated by one encryption calculation before the current encryption calculation;
the first storage module is used for correspondingly storing the joint digital signature, the information abstract value and the public keys corresponding to the plurality of signers into the block chain distributed account book;
and the marking module is used for writing a signature mark carrying a plurality of public keys into the target file, and the public keys in the signature mark are arranged according to the sequence of the decryption combined digital signature.
Optionally, in an implementation manner, the obtaining module may include:
the loading submodule is used for loading private key encrypted files and public keys of a plurality of signers needing to digitally sign a target file from the block chain private key and public key pair storage software;
and the decryption submodule is used for decrypting the private key encrypted file corresponding to the signer by using the private key decryption key input by the signer aiming at each signer to obtain the private key corresponding to the public key of the signer.
Optionally, in another implementation manner, the obtaining module may include:
and the calling submodule is used for calling the block chain private key and public key pair generation software to generate private keys and public keys of a plurality of signers which need to digitally sign the target file.
Optionally, in an embodiment of the present invention, the apparatus may further include:
the identity identification obtaining module is used for obtaining the identity identifications of a plurality of signers after calling the public key pair of the block chain private key to generate software and generating the private keys and the public keys of the plurality of signers which need to digitally sign the target file;
and the second storage module is used for correspondingly storing the identity of the signer and the public key of the signer into the block chain distributed account book aiming at each signer.
Optionally, the signature tag may also carry an information digest value.
Optionally, the signature tag may further carry:
the signature time of the digital signature performed by the plurality of signers and/or the identity corresponding to each signer.
In a third aspect, an embodiment of the present invention further provides an electronic device, including a processor, a communication interface, a memory, and a communication bus, where the processor, the communication interface, and the memory complete mutual communication through the communication bus;
a memory for storing a computer program;
and the processor is used for realizing the method steps of any file signature method provided by the embodiment of the invention when executing the program stored on the memory.
In a fourth aspect, an embodiment of the present invention further provides a readable storage medium, in which a computer program is stored, and when executed by a processor, the computer program implements: the method steps of any file signature method provided by the embodiment of the invention.
In a fifth aspect, an embodiment of the present invention further provides a computer program product including instructions, which when run on an electronic device, cause the electronic device to perform: the method steps of any file signature method provided by the embodiment of the invention.
In the embodiment of the invention, the target file to be digitally signed can be determined, and the information digest value of the target file can be calculated according to the preset information digest algorithm. The private and public keys of the multiple signers that are to digitally sign the target document may then be obtained. And then, according to a preset signature rule, carrying out encryption calculation on the information digest value by using a plurality of private keys corresponding to a plurality of signers to obtain a combined digital signature of the plurality of signers. Specifically, the information digest value may be encrypted and calculated by using the private key of each signer, so as to obtain the joint digital signature. Or, the target content may be encrypted and calculated by using the private key of each signer in turn, so as to obtain the joint digital signature. When the first encryption calculation is carried out, the target content is an information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: and the encryption result is obtained by calculating the encryption calculation before the encryption calculation.
And after the joint digital signature is obtained, correspondingly storing the joint digital signature, the information digest value and a plurality of public keys corresponding to a plurality of signers into the block chain distributed account book. In this way, federated digital signatures can be stored into a blockchain distributed ledger. The block chain distributed account book is a distributed database maintained collectively and has the characteristics of decentralization, information non-tamper property and the like. Therefore, the condition that the digital signature is easily tampered due to the fact that the digital signature is written at the tail of the target file in the prior art can be avoided, the validity of the combined digital signature is guaranteed, and therefore the safety of user data can be guaranteed. In addition, after the combined digital signature, the information digest value and the plurality of public keys are correspondingly stored in the block chain distributed account book, a signature mark carrying the plurality of public keys can be written in the target file, and the plurality of public keys in the signature mark are arranged according to the sequence of decrypting the combined digital signature. Therefore, the target file can be conveniently recorded as a file which is subjected to digital signature, and the joint digital signature of the target file can be conveniently verified in the subsequent process.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a flowchart of a file signing method according to an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a file signing apparatus according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In order to solve technical problems in the prior art, embodiments of the present invention provide a file signature method, an apparatus, an electronic device, and a readable storage medium.
The following first describes a file signing method provided by an embodiment of the present invention.
The file signature method provided by the embodiment of the invention can be applied to a document reading client. The document reading client includes but is not limited to: a WPS (WPS software) client, a PPT (PowerPoint) client, and a PDF (Portable Document Format) client.
Accordingly, the target files in the embodiments of the present invention include, but are not limited to: WPS files, PPT files, and PDF files, though not limited thereto.
Referring to fig. 1, the file signing method may include the steps of:
s101: determining a target file to be digitally signed, and calculating an information abstract value of the target file according to a preset information abstract algorithm;
the preset message summarization algorithm includes, but is not limited to: CRC (Cyclic Redundancy Check) Algorithm, SHA (Secure Hash Algorithm) Algorithm, RIPEMD (RACE Integrity Primitives Evaluation Message Digest) Algorithm, MD4(Message-Digest Algorithm 4, information Digest Algorithm version 4) Algorithm, and MD5(Message-Digest Algorithm version 5) Algorithm.
The calculating of the information digest value of the target file may specifically refer to: and calculating the information abstract value of the file content of the target file.
S102: acquiring private keys and public keys of a plurality of signers who need to digitally sign a target file;
for example, when three persons each need to digitally sign a target document (e.g., a contract document), the private key and the public key of the three persons need to be acquired.
When a plurality of signers who need to digitally sign a target file already have private key and public key pairs, the private key encryption file and the public key of the signer can be directly loaded from the block chain private key and public key pair storage software corresponding to each signer.
Then, for each signer, receiving a private key decryption key input by the signer, and decrypting the private key encrypted file of the signer by using the private key decryption key to obtain a private key corresponding to the public key of the signer. The method for loading the private key encryption file can avoid directly loading the private key of the signer, thereby avoiding the leakage of the private key and improving the security of the private key.
The blockchain private key public key pair stores software including, but not limited to, a digital wallet. Among them, the digital wallet is an existing concept, and the digital wallet will not be described in detail herein.
In addition, when a plurality of signers who want to digitally sign the target file do not have the private key and the public key pair, the block chain private key and the public key pair generating software can be called to generate the private keys and the public keys of the plurality of signers.
The software for generating the public key pair of the blockchain private key may include: any software that can generate a blockchain private-public key pair.
S103: according to a preset signature rule, carrying out encryption calculation on the information digest value by using a plurality of private keys corresponding to a plurality of signers to obtain combined digital signatures of the plurality of signers; wherein, presetting the signature rule comprises: respectively utilizing the private key of each signer to carry out encryption calculation on the information digest value; or, the private key of each signer is used for carrying out encryption calculation on the target content in sequence; when the first encryption calculation is carried out, the target content is an information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: an encryption result calculated by one encryption calculation before the current encryption calculation;
assume that the signers are U1, U2, and U3, respectively, and that the private key of the signer U1 is key1, the private key of the signer U2 is key2, and the private key of the signer U3 is key 3. In addition, the message digest value is an MD5 value.
Then, in one implementation, the message digest value may be cryptographically computed using each signer's private key separately. That is, the key1 may be used to perform encryption calculation on the message digest MD5 value, resulting in an encrypted result Sign 1; carrying out encryption calculation on the message digest MD5 value by using key2 to obtain an encryption result Sign 2; and (5) carrying out encryption calculation on the message digest MD5 value by using the key3 to obtain an encrypted result Sign 3. Thus, the resultant joint digital signature of signers U1, U2, and U3 to the target file is: encryption result Sign1, encryption result Sign2, and encryption result Sign 3.
In another implementation, the target content may be encrypted using the private key of each signer in turn. That is, one private key may be selected from key1, key2, and key3, assuming key2 is selected. Then, when the first encryption calculation is performed, the key2 may be used to perform encryption calculation on the message digest MD5 value, resulting in the encrypted result Sign 2. Then, a private key is selected from the unused keys 1 and 3, assuming key1 was selected. Then, in the case of non-first encryption calculation, the key1 may be used to perform encryption calculation on the encryption result Sign2 (i.e., the encryption result calculated in the previous encryption calculation before the current encryption calculation), so as to obtain the encryption result Sign 4. Finally, the key3 is used to perform encryption calculation on the encryption result Sign4, and the encryption result Sign5 is obtained. Thus, the resultant joint digital signature of signers U1, U2, and U3 to the target file is: the result Sign5 is encrypted.
S104: correspondingly storing the combined digital signature and the information abstract value of a plurality of signers and a plurality of public keys corresponding to the plurality of signers into a block chain distributed account book;
specifically, a blockchain distribution block may be constructed by using the joint digital signature of a plurality of signers, the digest information value of the target file, and a plurality of public keys corresponding to the plurality of signers. Accordingly, the corresponding storage of the joint digital signature, the message digest value and the plurality of public keys is realized. Then, a blockchain SDK (Software Development Kit) may be called to store the published block into the blockchain distributed ledger, thereby implementing the network-wide publication of the published block. The blockchain SDK is any software that can store the release block in the blockchain distributed ledger, and is not described in detail herein.
The block chain distributed account book is a distributed database maintained collectively, and has the characteristics of decentralization, information non-tamper property and the like. Thus, the federated digital signature stored into the blockchain distributed ledger is made tamperproof, i.e., the validity of the federated digital signature is guaranteed. Furthermore, the information can be prevented from being leaked to a malicious user by the user, and the safety of user data is guaranteed.
For the example given in the background art, in the prior art, in the process of using the digital signature, it is often necessary to rely on a digital certificate to prove that the public key obtained by lie four is indeed the public key of zhang san, so as to ensure the validity of the digital signature of zhang san to some extent. The digital certificate is a file which is digitally signed by a certificate authority and contains public key owner information and a public key, and can be used for proving that: the public key owner legitimately owns the public key listed in the certificate.
However, the certificate authority is a centralized authority, which is likely to be subject to hacking. When the organization is attacked, the digital certificate issued by the organization is likely to be a certificate tampered with by a hacker. Moreover, when the digital certificate of the third edition issued by the organization is tampered by a hacker, the validity of the digital signature of the third edition cannot be ensured at this time, and the security of the data is threatened.
In the embodiment of the present invention, since the combined digital signature stored in the blockchain distributed ledger and the plurality of corresponding stored public keys are not falsifiable, it can be ensured that the combined digital signature stored in the blockchain distributed ledger is the digital signature of the signer corresponding to the plurality of public keys, and thus, the validity of the combined digital signature can be ensured.
In addition, the association digital signature, the message digest value and the public keys are correspondingly stored in the block chain distributed account book, so that the subsequent verification of the association digital signature by using the message digest value and the public keys can be facilitated.
S105: and writing a signature mark carrying a plurality of public keys into the target file, wherein the public keys in the signature mark are arranged according to the sequence of the decryption combined digital signature.
In order to facilitate the subsequent determination that the target file is the file subjected to the combined digital signature, thereby avoiding repeated digital signature on the target file, facilitating verification of the combined digital signature of the target file, and writing a signature mark in the target file.
Assuming that the information digest value is cryptographically calculated by the private key of each signer, respectively, the joint digital signature of the target file by the signers U1, U2, and U3 in the above example is obtained: the encryption result Sign1, the encryption result Sign2, and the encryption result Sign3, and are stored in the block chain distributed book in the order of the encryption result Sign1, the encryption result Sign2, and the encryption result Sign 3.
At this time, the public keys corresponding to the signers U1, U2 and U3 carried in the signature mark may be arranged in the following order: c1, C2 and C3. Where C1 is the public key of signer U1, C2 is the public key of signer U2, and C3 is the public key of signer U3. Further, when the joint digital signature is subsequently verified, the encryption result Sign1, the encryption result Sign2, and the encryption result Sign3 can be decrypted based on the arrangement order of the public keys carried in the signature flag.
Assuming that the target content is encrypted and computed sequentially using the private key of each signer, the joint digital signature of the target file by the signers U1, U2 and U3 in the above example is obtained: the result Sign5 is encrypted. At this time, the public keys corresponding to the signers U1, U2 and U3 carried in the signature mark may be arranged in the following order: c3, C1 and C2. Further, when the joint digital signature is subsequently verified, the encrypted result Sign5 may be decrypted based on the arrangement order of the public keys carried in the signature token.
In the embodiment of the invention, the target file to be digitally signed can be determined, and the information digest value of the target file can be calculated according to the preset information digest algorithm. The private and public keys of the multiple signers that are to digitally sign the target document may then be obtained. And then, according to a preset signature rule, carrying out encryption calculation on the information digest value by using a plurality of private keys corresponding to a plurality of signers to obtain a combined digital signature of the plurality of signers. Specifically, the information digest value may be encrypted and calculated by using the private key of each signer, so as to obtain the joint digital signature. Or, the target content may be encrypted and calculated by using the private key of each signer in turn, so as to obtain the joint digital signature. When the first encryption calculation is carried out, the target content is an information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: and the encryption result obtained by calculation of one encryption calculation before the encryption calculation is carried out.
And after the joint digital signature is obtained, correspondingly storing the joint digital signature, the information digest value and a plurality of public keys corresponding to a plurality of signers into the block chain distributed account book. In this way, federated digital signatures can be stored into a blockchain distributed ledger. The block chain distributed account book is a distributed database maintained collectively and has the characteristics of decentralization, information non-tamper property and the like. Therefore, the condition that the digital signature is easily tampered due to the fact that the digital signature is written at the tail of the target file in the prior art can be avoided, the validity of the combined digital signature is ensured, and therefore the safety of user data can be guaranteed. In addition, after the combined digital signature, the information digest value and the plurality of public keys are correspondingly stored in the block chain distributed account book, a signature mark carrying the plurality of public keys can be written in the target file, and the plurality of public keys in the signature mark are arranged according to the sequence of decrypting the combined digital signature. Therefore, the target file can be conveniently recorded as a file which is subjected to digital signature, and the joint digital signature of the target file can be conveniently verified in the subsequent process.
The following describes a file signature method provided by an embodiment of the present invention in detail by taking a PDF file as an example.
Assume that a PDF client is installed in an electronic device and a target PDF file is opened by the PDF client. When user a wants to digitally sign the target PDF file, the PDF client may calculate an MD5 value of the target PDF file according to the MD5 algorithm.
The PDF client may also obtain the private and public keys of signer a and the private and public keys of signer B. Specifically, the PDF client may ask signer a and signer B if there are blockchain public and private keys. Assuming that the public key and the private key of the blockchain exist in the signer A, the private key and the public key of the signer A are loaded from the public key pair of the blockchain private key used by the signer A for storing the public key and the private key in the storage software. In order to ensure the security of the private key, the private key encryption file can be loaded, and then the private key is obtained by decrypting the private key decryption key input by the signer A. Additionally, assuming that the blockchain public key and the private key do not exist for signer B, the blockchain private key public key pair generation software may be invoked to generate the private key and the public key of signer B.
The PDF client may then jointly sign the MD5 value with the private key of signer a and the private key of signer B, resulting in a joint digital signature. Specifically, the MD5 value may be encrypted by the private key of signer a to obtain an encrypted result SignA, and the MD5 value may be encrypted by the private key of signer B to obtain an encrypted result SignB. Thus, a joint digital signature is obtained: SignA and SignB.
Alternatively, the value MD5 may be first encrypted by the private key of the signer a to obtain an encryption result SignA. Then, the encrypted result SignA is continuously signed by using the private key of the signer B, and an encrypted result SignC is obtained. Thus, a joint digital signature is obtained: SignC.
After obtaining the private key and the public key of the signer a (assumed to be C10) and the private key and the public key of the signer B (assumed to be C20), the identity of the signer a (e.g., zhang san) and the identity of the signer B (e.g., wang wu) may also be obtained. And then correspondingly storing the identity of the signer A and the public key of the signer A into the block chain distributed account book, and correspondingly storing the identity of the signer B and the public key of the signer B into the block chain distributed account book.
Thus, the blockchain distributed account book can record: the corresponding relation between the identity of the signer A and the public key of the signer A, and the corresponding relation between the identity of the signer B and the public key of the signer B. That is, at this point the full network can prove that: the signer A legally owns the public key C10, and the signer B legally owns the public key C20, so that the public keys of the signer A and the signer B are prevented from being faked.
The joint digital signature mode does not need to write the joint digital signature at the tail part of the target PDF file. Moreover, the combined digital signature is written in the distributed account book of the block chain, so that the combined digital signature can be prevented from being tampered, and the effectiveness of the combined digital signature is ensured.
The combined digital signature, the information digest value and the public keys are correspondingly stored in the block chain distributed account book, so that the information digest value and the public keys can be conveniently used for verifying the combined digital signature subsequently. In addition, in order to facilitate the subsequent verification of the joint digital signature of the target PDF file, a signature mark may be marked on the target PDF file. The signature mark carries the public key C10 of the signer a and the public key C20 of the signer B. The plurality of public keys in the signature are arranged in the order of decrypting the combined digital signature. For example, the ordering may be C20, C10.
In this way, after the joint digital signature of the target PDF file is completed, the PDF client can further identify that the target PDF file is a file subjected to the joint digital signature through the signature flag recorded in the target PDF file.
Moreover, in order to verify whether the file content of the target PDF file is tampered, the PDF client may also calculate the current MD5 value of the target PDF file. The blockchain SDK is then invoked to find the MD5 value in the blockchain distributed ledger that matches the current MD5 value. When the MD5 value which is matched with the current MD5 value is not found in the blockchain distributed ledger, the file content of the target PDF file is tampered.
When the MD5 value matching the current MD5 value can be found in the blockchain distributed ledger, the PDF client may also obtain a plurality of public keys and joint digital signatures (assumed to be SignC) stored in the blockchain distributed ledger corresponding to the MD5 value. Then, the public key C20, the public key C10 carried in the signature tag can be utilized and compared with the acquired multiple public keys. And when the comparison is successful, decrypting the combined digital signature SignC by using the obtained public key C20, and assuming that SignA is obtained by decryption. And then decrypts SignA using public key C10. Then, the MD5 value obtained by decryption is matched with the current MD5 value. If the matching is unsuccessful, the joint digital signature is shown to be a joint digital signature which is probably forged by a malicious user. At this time, in order to ensure the validity of the joint digital signature, the joint digital signature may be performed on the target PDF file again.
If the matching is successful, the file content of the target PDF file is not tampered, and the target PDF file is indeed commonly signed by the signer a and the signer B.
In order to verify the joint digital signature more effectively, the signature mark may also carry a message digest MD5 value. Thus, in the joint digital signature verification process, the current MD5 value calculated may be used to match the message digest value first. If the matching is not successful, the file content of the target PDF file is falsified. If the matching is successful, whether the MD5 value in the signature mark exists in the block chain distributed account book is searched, and corresponding operation is executed according to the search result.
In addition, the signature mark may also carry: the signature time of the signer A and the signer B (for example, 20: 00 in 07, 23 and 2018), and/or the corresponding identities of the signer A and the signer B. In this way, whether the file content of the target PDF file is tampered or not can be verified according to the information carried in the signature tag.
When the signature mark carries the identifiers of the signer a and the signer B, the identifiers of the signer a and the signer B may be firstly displayed to the user in the process of the joint digital signature verification. After the user confirms the two identifiers, that is, after the user confirms that the two identifiers are combined digital signatures of the signer a and the signer B, the PDF client may use the calculated current MD5 value to match the message digest value carried in the signature tag. Otherwise, when the user denies the identity, the target PDF file is determined to be tampered.
When the signature mark also carries the signature time of the signer a and the signer B, and an MD5 value matching the current MD5 value can be found in the blockchain distributed ledger, the storage timestamp corresponding to the found MD5 value can also be determined. And judging whether the time interval between the storage time stamp and the signature time of the signer A/the signer B is smaller than a preset threshold value. And if the target PDF file is larger than or equal to the preset threshold, determining that the target PDF file is tampered. Otherwise, if the target PDF file is smaller than the preset threshold, it may be determined that the target PDF file is not tampered. The preset threshold may be set by a person skilled in the art according to actual conditions, and is not limited herein.
In order to prevent the content carried in the signature mark from being tampered by a malicious user, it is reasonable that the content carried in the signature mark can be digitally signed by using the private key of the signer a and/or the signer B.
In conclusion, the block chain distributed book is a distributed database maintained collectively and has the characteristics of decentralization, information non-tampering property and the like. Therefore, the file signature method provided by the embodiment of the invention can realize the combined digital signature of a plurality of signers on the target file, ensure the effectiveness of the combined digital signature and improve the data security.
Corresponding to the above method embodiment, an embodiment of the present invention further provides a file signing apparatus, and referring to fig. 2, the apparatus may include:
a determining module 201, configured to determine a target file to be digitally signed, and calculate an information digest value of the target file according to a preset information digest algorithm;
an obtaining module 202, configured to obtain private keys and public keys of multiple signers that are to digitally sign a target file;
the calculation module 203 is configured to perform encryption calculation on the information digest values by using multiple private keys corresponding to multiple signers according to a preset signature rule, so as to obtain a combined digital signature of the multiple signers; wherein, presetting the signature rule comprises: respectively utilizing the private key of each signer to carry out encryption calculation on the information digest value; or, the private key of each signer is used for carrying out encryption calculation on the target content in sequence; when the first encryption calculation is carried out, the target content is an information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: an encryption result calculated by one encryption calculation before the current encryption calculation;
the first storage module 204 is configured to correspondingly store the joint digital signature and the information digest value of the multiple signers and the multiple public keys corresponding to the multiple signers into the block chain distributed ledger;
the marking module 205 is configured to write a signature mark carrying multiple public keys into the target file, where the multiple public keys in the signature mark are arranged according to the sequence of the decryption combined digital signature.
By applying the device provided by the embodiment of the invention, the target file to be digitally signed can be determined, and the information abstract value of the target file can be calculated according to the preset information abstract algorithm. The private and public keys of the multiple signers that are to digitally sign the target document may then be obtained. And then, according to a preset signature rule, carrying out encryption calculation on the information digest value by using a plurality of private keys corresponding to a plurality of signers to obtain a combined digital signature of the plurality of signers. Specifically, the information digest value may be encrypted and calculated by using the private key of each signer, so as to obtain the joint digital signature. Or, the target content may be encrypted and calculated by using the private key of each signer in turn, so as to obtain the joint digital signature. When the first encryption calculation is carried out, the target content is an information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: and the encryption result is obtained by calculating the encryption calculation before the encryption calculation.
And after the joint digital signature is obtained, correspondingly storing the joint digital signature, the information digest value and a plurality of public keys corresponding to a plurality of signers into the block chain distributed account book. In this way, federated digital signatures can be stored into a blockchain distributed ledger. The block chain distributed account book is a distributed database maintained collectively and has the characteristics of decentralization, information non-tamper property and the like. Therefore, the condition that the digital signature is easily tampered due to the fact that the digital signature is written at the tail of the target file in the prior art can be avoided, the validity of the combined digital signature is guaranteed, and therefore the safety of user data can be guaranteed. In addition, after the joint digital signature, the information digest value and the plurality of public keys are correspondingly stored in the block chain distributed account book, a signature mark carrying the plurality of public keys may also be written in the target file, and the plurality of public keys in the signature mark are arranged according to the order of decrypting the joint digital signature. Therefore, the target file can be conveniently recorded as a file which is subjected to digital signature, and the joint digital signature of the target file can be conveniently verified in the subsequent process.
Optionally, in an embodiment of the present invention, the obtaining module 202 may include:
the loading submodule is used for loading private key encrypted files and public keys of a plurality of signers needing to digitally sign a target file from the block chain private key and public key pair storage software;
and the decryption submodule is used for decrypting the private key encrypted file corresponding to the signer by using the private key decryption key input by the signer aiming at each signer to obtain the private key corresponding to the public key of the signer.
Optionally, in another embodiment of the present invention, the obtaining module 202 may include:
and the calling submodule is used for calling the block chain private key and public key pair generation software to generate private keys and public keys of a plurality of signers which need to digitally sign the target file.
Optionally, in an embodiment of the present invention, the apparatus may further include:
the identity identification obtaining module is used for obtaining the identity identifications of a plurality of signers after calling the public key pair of the block chain private key to generate software and generating the private keys and the public keys of the plurality of signers which need to digitally sign the target file;
and the second storage module is used for correspondingly storing the identity of the signer and the public key of the signer into the block chain distributed account book aiming at each signer.
Optionally, in the embodiment of the present invention, the signature mark may also carry an information digest value.
Optionally, in this embodiment of the present invention, the signature mark may further carry:
the signature time of the digital signature performed by the plurality of signers and/or the identity corresponding to each signer.
Corresponding to the above method embodiment, the embodiment of the present invention further provides an electronic device, referring to fig. 3, including a processor 301, a communication interface 302, a memory 303, and a communication bus 304, where the processor 301, the communication interface 302, and the memory 303 complete mutual communication via the communication bus 304,
a memory 303 for storing a computer program;
the processor 301 is configured to implement the method steps of any of the above-described file signing methods when executing the program stored in the memory 303.
In the embodiment of the invention, the electronic device can determine the target file to be digitally signed, and can calculate the information abstract value of the target file according to a preset information abstract algorithm. The private and public keys of the multiple signers that are to digitally sign the target document may then be obtained. And then, according to a preset signature rule, carrying out encryption calculation on the information digest value by using a plurality of private keys corresponding to a plurality of signers to obtain a combined digital signature of the plurality of signers. Specifically, the information digest value may be encrypted and calculated by using the private key of each signer, so as to obtain the joint digital signature. Or, the target content may be encrypted and calculated by using the private key of each signer in turn, so as to obtain the joint digital signature. When the first encryption calculation is carried out, the target content is an information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: and the encryption result is obtained by calculating the encryption calculation before the encryption calculation.
And after the joint digital signature is obtained, correspondingly storing the joint digital signature, the information digest value and a plurality of public keys corresponding to a plurality of signers into the block chain distributed account book. In this way, federated digital signatures can be stored into a blockchain distributed ledger. The block chain distributed account book is a distributed database maintained collectively and has the characteristics of decentralization, information non-tamper property and the like. Therefore, the condition that the digital signature is easily tampered due to the fact that the digital signature is written at the tail of the target file in the prior art can be avoided, the validity of the combined digital signature is guaranteed, and therefore the safety of user data can be guaranteed. In addition, after the combined digital signature, the information digest value and the plurality of public keys are correspondingly stored in the block chain distributed account book, a signature mark carrying the plurality of public keys can be written in the target file, and the plurality of public keys in the signature mark are arranged according to the sequence of decrypting the combined digital signature. Therefore, the target file can be conveniently recorded as a file which is subjected to digital signature, and the joint digital signature of the target file can be conveniently verified in the subsequent process.
Corresponding to the above method embodiment, an embodiment of the present invention further provides a readable storage medium, in which a computer program is stored, and the computer program, when executed by a processor, implements the method steps of any of the above file signing methods.
After the computer program stored in the readable storage medium provided by the embodiment of the present invention is executed by the processor of the electronic device, the electronic device may determine a target file to be digitally signed, and may calculate an information digest value of the target file according to a preset information digest algorithm. The private and public keys of the multiple signers that are to digitally sign the target document may then be obtained. And then, according to a preset signature rule, carrying out encryption calculation on the information digest value by using a plurality of private keys corresponding to a plurality of signers to obtain a combined digital signature of the plurality of signers. Specifically, the information digest value may be encrypted and calculated by using the private key of each signer, so as to obtain the joint digital signature. Or, the target content may be encrypted and calculated by using the private key of each signer in turn, so as to obtain the joint digital signature. When the first encryption calculation is carried out, the target content is an information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: and the encryption result is obtained by calculating the encryption calculation before the encryption calculation.
And after the joint digital signature is obtained, correspondingly storing the joint digital signature, the information digest value and a plurality of public keys corresponding to a plurality of signers into the block chain distributed account book. In this way, federated digital signatures can be stored into a blockchain distributed ledger. The block chain distributed account book is a distributed database maintained collectively and has the characteristics of decentralization, information non-tamper property and the like. Therefore, the condition that the digital signature is easily tampered due to the fact that the digital signature is written at the tail of the target file in the prior art can be avoided, the validity of the combined digital signature is guaranteed, and therefore the safety of user data can be guaranteed. In addition, after the combined digital signature, the information digest value and the plurality of public keys are correspondingly stored in the block chain distributed account book, a signature mark carrying the plurality of public keys can be written in the target file, and the plurality of public keys in the signature mark are arranged according to the sequence of decrypting the combined digital signature. Therefore, the target file can be conveniently recorded as a file which is subjected to digital signature, and the joint digital signature of the target file can be conveniently verified in the subsequent process.
Corresponding to the above method embodiment, an embodiment of the present invention further provides a computer program product including instructions, which, when run on an electronic device, cause the electronic device to perform: method steps of any of the above document signing methods.
When the computer program product containing the instructions provided by the embodiment of the invention runs on the electronic equipment, the electronic equipment can determine the target file to be digitally signed, and can calculate the information digest value of the target file according to the preset information digest algorithm. The private and public keys of the multiple signers that are to digitally sign the target document may then be obtained. And then, according to a preset signature rule, carrying out encryption calculation on the information digest value by using a plurality of private keys corresponding to a plurality of signers to obtain a combined digital signature of the plurality of signers. Specifically, the information digest value may be encrypted and calculated by using the private key of each signer, so as to obtain the joint digital signature. Or, the target content may be encrypted and calculated by using the private key of each signer in turn, so as to obtain the joint digital signature. When the first encryption calculation is carried out, the target content is an information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: and the encryption result is obtained by calculating the encryption calculation before the encryption calculation.
And after the joint digital signature is obtained, correspondingly storing the joint digital signature, the information digest value and a plurality of public keys corresponding to a plurality of signers into the block chain distributed account book. In this way, federated digital signatures can be stored into a blockchain distributed ledger. The block chain distributed account book is a distributed database maintained collectively and has the characteristics of decentralization, information non-tamper property and the like. Therefore, the condition that the digital signature is easily tampered due to the fact that the digital signature is written at the tail of the target file in the prior art can be avoided, the validity of the combined digital signature is guaranteed, and therefore the safety of user data can be guaranteed. In addition, after the combined digital signature, the information digest value and the plurality of public keys are correspondingly stored in the block chain distributed account book, a signature mark carrying the plurality of public keys can be written in the target file, and the plurality of public keys in the signature mark are arranged according to the sequence of decrypting the combined digital signature. Therefore, the target file can be conveniently recorded as a file which is subjected to digital signature, and the joint digital signature of the target file can be conveniently verified in the subsequent process.
The communication bus mentioned in the electronic device may be a Peripheral Component Interconnect (PCI) bus, an Extended Industry Standard Architecture (EISA) bus, or the like. The communication bus may be divided into an address bus, a data bus, a control bus, etc. For ease of illustration, only one thick line is shown, but this does not mean that there is only one bus or one type of bus.
The communication interface is used for communication between the electronic equipment and other equipment.
The Memory may include a Random Access Memory (RAM) or a Non-Volatile Memory (NVM), such as at least one disk Memory. Optionally, the memory may also be at least one memory device located remotely from the processor.
The Processor may be a general-purpose Processor, including a Central Processing Unit (CPU), a Network Processor (NP), and the like; but also Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
All the embodiments in the present specification are described in a related manner, and the same and similar parts among the embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for apparatus, electronic devices, readable storage media, and computer program product embodiments containing instructions, the description is relatively simple as it is substantially similar to the method embodiments, and reference may be made to some descriptions of the method embodiments for relevant points.
The above description is only for the preferred embodiment of the present invention, and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention shall fall within the protection scope of the present invention.

Claims (14)

1. A method of signing a document, the method comprising:
determining a target file to be digitally signed, and calculating an information abstract value of the target file according to a preset information abstract algorithm;
acquiring private keys and public keys of a plurality of signers who need to digitally sign the target file;
according to a preset signature rule, carrying out encryption calculation on the information digest value by using a plurality of private keys corresponding to the plurality of signers to obtain a combined digital signature of the plurality of signers; wherein the preset signature rule comprises: respectively utilizing the private key of each signer to carry out encryption calculation on the information digest value; or, the private key of each signer is used for carrying out encryption calculation on the target content in sequence; when the first encryption calculation is carried out, the target content is the information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: an encryption result calculated by one encryption calculation before the current encryption calculation;
correspondingly storing the joint digital signatures of the plurality of signers, the information digest values and a plurality of public keys corresponding to the plurality of signers into a block chain distributed account book;
writing a signature mark carrying the plurality of public keys into the target file, wherein the plurality of public keys in the signature mark are arranged according to the sequence of decrypting the combined digital signature; when the combined digital signature is verified, decrypting the encrypted result based on the arrangement sequence of the public keys carried in the signature mark; the signature mark also carries the signature time of the digital signatures of the plurality of signers; when verifying whether the file content of the target file is tampered, calculating the current information abstract value of the target file, searching the information abstract value matched with the current information abstract value in the block chain distributed book, determining the storage time stamp of the searched information abstract value, calculating the time interval between the storage time stamp and the signature time, and determining whether the file content of the target file is tampered according to the size relationship between the time interval and a preset threshold value.
2. The method of claim 1, wherein the step of obtaining private and public keys of a plurality of signers that are to digitally sign the target document comprises:
loading private key encrypted files and public keys of a plurality of signers needing to digitally sign the target file from the block chain private key and public key pair storage software;
and for each signer, decrypting the private key encrypted file corresponding to the signer by using the private key decryption key input by the signer to obtain a private key corresponding to the public key of the signer.
3. The method of claim 1, wherein the step of obtaining private and public keys of a plurality of signers that are to digitally sign the target document comprises:
and calling the block chain private key and public key pair generation software to generate private keys and public keys of a plurality of signers needing to digitally sign the target file.
4. The method of claim 3, wherein after the step of invoking the blockchain private-key public-key pair generation software to generate private and public keys of a plurality of signers that are to digitally sign the target file, the method further comprises:
obtaining identities of the plurality of signers;
and correspondingly storing the identity of the signer and the public key of the signer into the block chain distributed account book aiming at each signer.
5. The method of claim 1, wherein the signature tag further carries the information digest value.
6. The method of claim 5, wherein the signature tag further carries an identifier corresponding to each signer.
7. An apparatus for signing a document, the apparatus comprising:
the determining module is used for determining a target file to be subjected to digital signature and calculating an information abstract value of the target file according to a preset information abstract algorithm;
an acquisition module for acquiring private keys and public keys of a plurality of signers who need to digitally sign the target file;
the calculation module is used for carrying out encryption calculation on the information digest values by using a plurality of private keys corresponding to the plurality of signers according to a preset signature rule to obtain combined digital signatures of the plurality of signers; wherein the preset signature rule comprises: respectively utilizing the private key of each signer to carry out encryption calculation on the information digest value; or, the private key of each signer is used for carrying out encryption calculation on the target content in sequence; when the first encryption calculation is carried out, the target content is the information abstract value, and when the first encryption calculation is not carried out, the target content is as follows: an encryption result calculated by one encryption calculation before the current encryption calculation;
the first storage module is used for correspondingly storing the joint digital signatures of the plurality of signers, the information digest values and a plurality of public keys corresponding to the plurality of signers into a block chain distributed account book;
a marking module, configured to write a signature mark carrying the plurality of public keys in the target file, where the plurality of public keys in the signature mark are arranged according to a sequence for decrypting the combined digital signature; when the combined digital signature is verified, decrypting the encrypted result based on the arrangement sequence of the public keys carried in the signature mark; the signature mark also carries the signature time of the digital signatures of the plurality of signers; when verifying whether the file content of the target file is tampered, calculating the current information abstract value of the target file, searching the information abstract value matched with the current information abstract value in the block chain distributed book, determining the storage time stamp of the searched information abstract value, calculating the time interval between the storage time stamp and the signature time, and determining whether the file content of the target file is tampered according to the size relationship between the time interval and a preset threshold value.
8. The apparatus of claim 7, wherein the obtaining module comprises:
the loading submodule is used for loading private key encrypted files and public keys of a plurality of signers which need to digitally sign the target file from the block chain private key and public key pair storage software;
and the decryption submodule is used for decrypting the private key encrypted file corresponding to the signer by using the private key decryption key input by the signer aiming at each signer to obtain a private key corresponding to the public key of the signer.
9. The apparatus of claim 7, wherein the obtaining module comprises:
and the calling submodule is used for calling the block chain private key and public key pair generation software to generate private keys and public keys of a plurality of signers which need to digitally sign the target file.
10. The apparatus of claim 9, further comprising:
the identity identification obtaining module is used for obtaining the identity identifications of a plurality of signers after calling the public key pair of the block chain private key to generate software and generating the private keys and the public keys of the plurality of signers which need to digitally sign the target file;
and the second storage module is used for correspondingly storing the identity of the signer and the public key of the signer into the block chain distributed account book aiming at each signer.
11. The apparatus of claim 7, wherein the signature tag further carries the information digest value.
12. The apparatus according to claim 11, wherein the signature tag further carries an identifier corresponding to each signer.
13. An electronic device is characterized by comprising a processor, a communication interface, a memory and a communication bus, wherein the processor and the communication interface are used for realizing mutual communication by the memory through the communication bus;
a memory for storing a computer program;
a processor for implementing the method steps of any one of claims 1 to 6 when executing a program stored in the memory.
14. A readable storage medium, characterized in that a computer program is stored in the readable storage medium, which computer program, when being executed by a processor, carries out the method steps of any one of claims 1-6.
CN201810922975.8A 2018-08-14 2018-08-14 File signature method and device, electronic equipment and readable storage medium Active CN110826091B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810922975.8A CN110826091B (en) 2018-08-14 2018-08-14 File signature method and device, electronic equipment and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810922975.8A CN110826091B (en) 2018-08-14 2018-08-14 File signature method and device, electronic equipment and readable storage medium

Publications (2)

Publication Number Publication Date
CN110826091A CN110826091A (en) 2020-02-21
CN110826091B true CN110826091B (en) 2022-05-06

Family

ID=69547229

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810922975.8A Active CN110826091B (en) 2018-08-14 2018-08-14 File signature method and device, electronic equipment and readable storage medium

Country Status (1)

Country Link
CN (1) CN110826091B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111475856B (en) * 2020-04-03 2023-12-22 数据通信科学技术研究所 Digital signature method and method for verifying digital signature
CN111523889B (en) * 2020-04-17 2023-09-01 昆明大棒客科技有限公司 Multiple signature implementation method, device, equipment and storage medium
CN112507391B (en) * 2020-12-01 2024-01-30 杭州企达信息技术有限公司 Block chain-based electronic signature method, system, device and readable storage medium
CN115277008B (en) * 2022-07-01 2024-04-12 浪潮软件股份有限公司 Method and system for managing document signature based on blockchain

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012156254A1 (en) * 2011-05-13 2012-11-22 Telefónica, S.A. A method for performing a group digital signature
WO2012156255A1 (en) * 2011-05-13 2012-11-22 Telefonica, S.A. Procedure for a multiple digital signature
CN104022877A (en) * 2009-10-27 2014-09-03 谷歌公司 Systems and methods for authenticating an electronic transaction
WO2018076377A1 (en) * 2016-10-31 2018-05-03 华为技术有限公司 Data transmission method, terminal, node device and system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1226691C (en) * 2003-09-02 2005-11-09 四川大学 Method for multiple encryption of file and simultaneous sealing/unsealing
CN106022775A (en) * 2016-05-13 2016-10-12 邓迪 File signature method and system based on block chains
CN106485168A (en) * 2016-10-17 2017-03-08 成都知道创宇信息技术有限公司 A kind of method whether being modified using MD5 value checking contract documents
CN106503589A (en) * 2016-10-26 2017-03-15 北京瑞卓喜投科技发展有限公司 The method of calibration of block chain Transaction Information correctness, apparatus and system
WO2018119587A1 (en) * 2016-12-26 2018-07-05 深圳前海达闼云端智能科技有限公司 Data processing method, device, and system, and information acquisition apparatus
CN107968708B (en) * 2017-11-10 2020-01-17 财付通支付科技有限公司 Method, device, terminal and server for generating signature

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104022877A (en) * 2009-10-27 2014-09-03 谷歌公司 Systems and methods for authenticating an electronic transaction
WO2012156254A1 (en) * 2011-05-13 2012-11-22 Telefónica, S.A. A method for performing a group digital signature
WO2012156255A1 (en) * 2011-05-13 2012-11-22 Telefonica, S.A. Procedure for a multiple digital signature
WO2018076377A1 (en) * 2016-10-31 2018-05-03 华为技术有限公司 Data transmission method, terminal, node device and system

Also Published As

Publication number Publication date
CN110826091A (en) 2020-02-21

Similar Documents

Publication Publication Date Title
CN107342867B (en) Signature verification method and device
CN109067801B (en) Identity authentication method, identity authentication device and computer readable medium
US20210081551A1 (en) Method, apparatus, and electronic device for blockchain-based recordkeeping
CN109074462B (en) Method and system for verifying ownership of digital assets using distributed hash tables and peer-to-peer distributed ledgers
CN110826091B (en) File signature method and device, electronic equipment and readable storage medium
CN107770159B (en) Vehicle accident data recording method and related device and readable storage medium
CN108933667B (en) Management method and management system of public key certificate based on block chain
US20160292396A1 (en) System and method for authenticating digital content
WO2020233373A1 (en) Application configuration file management method and device
CN108985364B (en) Verification method and device for stamped file, computer equipment and storage medium
CN110830256A (en) File signature method and device, electronic equipment and readable storage medium
CN110826092A (en) File signature processing system
CN110830257B (en) File signature method and device, electronic equipment and readable storage medium
US11917071B2 (en) Data protection using universal tagging
US11943339B2 (en) Information processing apparatus, information processing method, and program
CN110826107B (en) File signature method and device, electronic equipment and readable storage medium
CN110598433A (en) Anti-counterfeiting information processing method and device based on block chain
CN112651031A (en) Digital signature method, digital signature verification method, electronic device and storage medium
CN110826034B (en) File signature method and device, electronic equipment and readable storage medium
EP3742367A1 (en) Method for determining information integrity and computer system using the same
CN110493011B (en) Block chain-based certificate issuing management method and device
CN117155549A (en) Key distribution method, key distribution device, computer equipment and storage medium
CN111062030A (en) Method and device for identifying tampering of application program
US10999077B2 (en) Data protection using sporadically generated universal tags
WO2016172986A1 (en) Data authentication method, device and system, and computer storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant