CN110889146A - A kind of electronic signature method, device and storage medium - Google Patents

A kind of electronic signature method, device and storage medium Download PDF

Info

Publication number
CN110889146A
CN110889146A CN201911159162.9A CN201911159162A CN110889146A CN 110889146 A CN110889146 A CN 110889146A CN 201911159162 A CN201911159162 A CN 201911159162A CN 110889146 A CN110889146 A CN 110889146A
Authority
CN
China
Prior art keywords
electronic signature
signed
certificate
signature
client
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201911159162.9A
Other languages
Chinese (zh)
Other versions
CN110889146B (en
Inventor
翟季青
孙宏志
张晓东
刘延华
王刚
赵红卫
窦蘅
邵常媛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Shandong Electric Power Co Ltd
Shandong Luneng Software Technology Co Ltd
Original Assignee
State Grid Shandong Electric Power Co Ltd
Shandong Luneng Software Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Shandong Electric Power Co Ltd, Shandong Luneng Software Technology Co Ltd filed Critical State Grid Shandong Electric Power Co Ltd
Priority to CN201911159162.9A priority Critical patent/CN110889146B/en
Publication of CN110889146A publication Critical patent/CN110889146A/en
Application granted granted Critical
Publication of CN110889146B publication Critical patent/CN110889146B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/33User authentication using certificates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本公开公开了一种电子签章的方法、装置及存储介质,包括:第一获取步骤:获取电子签章申请请求和待签名数据;第一证书下载步骤:向应用服务器发起电子签章下载请求并将待签名数据发送给应用服务器;从应用服务器获取的电子签章和待签章文件摘要;对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到加密数据流;将加密数据流发送给应用服务器,接收由应用服务器加密处理后的签名文件。

Figure 201911159162

The present disclosure discloses a method, a device and a storage medium for an electronic signature, including: a first acquisition step: acquiring an electronic signature application request and data to be signed; a first certificate downloading step: initiating an electronic signature download request to an application server Send the data to be signed to the application server; obtain the electronic signature and the summary of the document to be signed from the application server; merge the documents to be signed corresponding to the electronic signature and the summary of the document to be signed, and perform the merged data. Encrypt to obtain an encrypted data stream; send the encrypted data stream to the application server, and receive the signature file encrypted and processed by the application server.

Figure 201911159162

Description

一种电子签章的方法、装置及存储介质A kind of electronic signature method, device and storage medium

技术领域technical field

本公开涉及电子签章技术领域,特别是涉及一种电子签章的方法、装置及存储介质。The present disclosure relates to the technical field of electronic signatures, and in particular, to a method, a device and a storage medium for electronic signatures.

背景技术Background technique

本部分的陈述仅仅是提到了与本公开相关的背景技术,并不必然构成现有技术。The statements in this section merely mention background related to the present disclosure and do not necessarily constitute prior art.

电子签章系统可以辨识电子文件签署者的身份,确保文件的真实性、完整性和不可抵赖性,广泛应用于,电子政务、企业电子商务、金融机构信息安全、物流行业、医疗卫生行业信息化、军队战地指挥化等领域。The electronic signature system can identify the identity of the signer of the electronic document and ensure the authenticity, integrity and non-repudiation of the document. , military field command and other fields.

在实现本公开的过程中,发明人发现现有技术中存在以下技术问题:In the process of realizing the present disclosure, the inventor found that the following technical problems exist in the prior art:

由于移动信息化的迅速发展,越来越多的电子签章流程基于移动端进行。现有的电子签章流程,是基于终端绑定电子签章,如果系统删除应用或者更换终端,就需要重新申请证书,并为重新申请的证书缴费,在使用期限内,用户可能会登录多台设备,和一台设备被多个用户登录过,众多用户,频繁更换移动终端就会重新申请证书,该模式会造成很大的资金浪费;影响用户的体验。Due to the rapid development of mobile informatization, more and more electronic signature processes are carried out based on mobile terminals. The existing electronic signature process is based on the terminal binding electronic signature. If the system deletes the application or replaces the terminal, it needs to re-apply for the certificate and pay for the re-applied certificate. During the period of use, the user may log in to multiple devices. The device and one device have been logged in by multiple users. Many users will re-apply for certificates if they frequently replace their mobile terminals. This mode will cause a great waste of money and affect the user experience.

发明内容SUMMARY OF THE INVENTION

为了解决现有技术的不足,本公开提供了一种电子签章的方法、装置及存储介质;In order to solve the deficiencies of the prior art, the present disclosure provides an electronic signature method, device and storage medium;

第一方面,本公开提供了一种电子签章的方法;In a first aspect, the present disclosure provides a method for electronic signature;

一种电子签章的方法,包括:A method of electronic signature, comprising:

第一获取步骤:获取电子签章申请请求和待签名数据;The first obtaining step: obtain the electronic signature application request and the data to be signed;

第一证书下载步骤:向应用服务器发起电子签章下载请求并将待签名数据发送给应用服务器;从应用服务器获取的电子签章和待签章文件摘要;The first certificate download step: initiating an electronic signature download request to the application server and sending the data to be signed to the application server; the electronic signature and the abstract of the file to be signed obtained from the application server;

对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到加密数据流;Merge the documents to be signed corresponding to the electronic signature and the summary of the document to be signed, and encrypt the merged data to obtain an encrypted data stream;

将加密数据流发送给应用服务器,接收由应用服务器加密处理后的签名文件。Send the encrypted data stream to the application server, and receive the signature file encrypted and processed by the application server.

第二方面,本公开还提供了一种电子签章的方法;In a second aspect, the present disclosure also provides a method for electronic signature;

一种电子签章的方法,包括:A method of electronic signature, comprising:

第二获取步骤:获取客户端发送过来的电子签章申请请求和待签名数据;The second obtaining step: obtain the electronic signature application request and the data to be signed sent by the client;

第二证书下载步骤:接收客户端发送过来的电子签章下载请求和待签名数据;基于待签名数据生成的电子签章和待签章文件摘要;The second certificate download step: receiving the electronic signature download request and the data to be signed sent by the client; the electronic signature and the summary of the file to be signed generated based on the data to be signed;

将生成的电子签章和待签章文件摘要发送给客户端;Send the generated electronic signature and the summary of the document to be signed to the client;

接收客户端发送过来的加密数据流,对加密数据流进行加密处理后的得到签名文件,将签名文件反馈给客户端;所述加密数据流是由客户端对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到的。Receive the encrypted data stream sent by the client, encrypt the encrypted data stream to obtain a signature file, and feed back the signature file to the client; the encrypted data stream is a summary of the electronic signature and the file to be signed by the client The corresponding files to be signed are merged, and the merged data is encrypted.

第三方面,本公开还提供了一种电子签章的客户端;In a third aspect, the present disclosure also provides an electronic signature client;

一种电子签章的客户端,包括:An electronic signature client, including:

第一获取模块,其被配置为:获取电子签章申请请求和待签名数据;a first obtaining module, which is configured to: obtain an electronic signature application request and data to be signed;

第一证书下载模块,其被配置为:向应用服务器发起电子签章下载请求并将待签名数据发送给应用服务器;从应用服务器获取的电子签章和待签章文件摘要;a first certificate download module, which is configured to: initiate an electronic signature download request to the application server and send the data to be signed to the application server; obtain the electronic signature and the abstract of the file to be signed from the application server;

第一加密处理模块,其被配置为:对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到加密数据流;a first encryption processing module, which is configured to: combine the electronic signature and the documents to be signed corresponding to the abstract of the document to be signed, and encrypt the combined data to obtain an encrypted data stream;

接收模块,其被配置为:将加密数据流发送给应用服务器,接收由应用服务器加密处理后的签名文件。The receiving module is configured to: send the encrypted data stream to the application server, and receive the signature file encrypted and processed by the application server.

第四方面,本公开还提供了一种电子签章的服务器;In a fourth aspect, the present disclosure also provides an electronic signature server;

一种电子签章的服务器,包括:An electronic signature server, including:

第二获取模块,其被配置为:获取客户端发送过来的电子签章申请请求和待签名数据;The second obtaining module is configured to: obtain the electronic signature application request and the data to be signed sent by the client;

第二证书下载模块,其被配置为:接收客户端发送过来的电子签章下载请求和待签名数据;基于待签名数据生成的电子签章和待签章文件摘要;The second certificate download module is configured to: receive the electronic signature download request and the data to be signed sent by the client; the electronic signature and the file abstract to be signed are generated based on the data to be signed;

发送模块,其被配置为:将生成的电子签章和待签章文件摘要发送给客户端;a sending module, which is configured to: send the generated electronic signature and the summary of the document to be signed to the client;

第二加密处理模块,其被配置为:接收客户端发送过来的加密数据流,对加密数据流进行加密处理后的得到签名文件,将签名文件反馈给客户端;所述加密数据流是由客户端对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到的。The second encryption processing module is configured to: receive the encrypted data stream sent by the client, obtain a signature file after encrypting the encrypted data stream, and feed back the signature file to the client; the encrypted data stream is generated by the client It is obtained by merging the electronic signature and the document to be signed corresponding to the summary of the document to be signed, and encrypting the merged data.

第五方面,本公开还提供了一种电子签章的系统;In a fifth aspect, the present disclosure also provides a system for electronic signatures;

一种电子签章的系统,包括:第三方面中的电子签章的客户端和第四方面中的电子签章的服务器。An electronic signature system includes: the electronic signature client in the third aspect and the electronic signature server in the fourth aspect.

第六方面,本公开还提供了一种电子设备,包括存储器和处理器以及存储在存储器上并在处理器上运行的计算机指令,所述计算机指令被处理器运行时,完成第一方面或第二方面所述方法的步骤。In a sixth aspect, the present disclosure also provides an electronic device, including a memory and a processor, and computer instructions stored in the memory and executed on the processor, the computer instructions being executed by the processor to complete the first aspect or the first aspect. The steps of the method described in the second aspect.

第七方面,本公开还提供了一种计算机可读存储介质,用于存储计算机指令,所述计算机指令被处理器执行时,完成第一方面或第二方面所述方法的步骤。In a seventh aspect, the present disclosure further provides a computer-readable storage medium for storing computer instructions that, when executed by a processor, complete the steps of the method of the first aspect or the second aspect.

与现有技术相比,本公开的有益效果是:Compared with the prior art, the beneficial effects of the present disclosure are:

为了防止用户的隐私泄露,采用三方证书认证系统,其中一部分,是以一份不可拷贝,不可被读取的文件存在于用户自己的客户端中,用户在更换新的客户端时,可以根据用户之前是否申请过证书,是否能够免费重新申请一份新的证书。通过签章优化流程,保证签章的安全性,并减少不必要的资金消耗,节省用户成本,提升用户体验。自动化高、节省时间成本、安全、简单易用、功能全面。为了解决用户更换手机或在其他手机登录时,造成的重复交费,并且通过手机、签章服务器、云签服务器三方共同存储签章,确保签章安全性。In order to prevent the privacy of users from being leaked, a three-party certificate authentication system is adopted, part of which exists in the user's own client as a non-copyable and unreadable file. Whether you have applied for a certificate before, and whether you can re-apply for a new certificate for free. Through the signature optimization process, the security of signatures is guaranteed, unnecessary capital consumption is reduced, user costs are saved, and user experience is improved. High automation, time and cost saving, safety, ease of use, and comprehensive functions. In order to solve the double payment caused by the user changing the mobile phone or logging in with other mobile phones, the mobile phone, the signature server and the cloud signature server jointly store the signature to ensure the security of the signature.

附图说明Description of drawings

构成本申请的一部分的说明书附图用来提供对本申请的进一步理解,本申请的示意性实施例及其说明用于解释本申请,并不构成对本申请的不当限定。The accompanying drawings that form a part of the present application are used to provide further understanding of the present application, and the schematic embodiments and descriptions of the present application are used to explain the present application and do not constitute improper limitations on the present application.

图1为第一个实施例的第一种实施方式的方法流程图;Fig. 1 is the method flow chart of the first implementation manner of the first embodiment;

图2为第一个实施例的第二种实施方式的方法流程图。FIG. 2 is a flow chart of the method of the second implementation of the first embodiment.

具体实施方式Detailed ways

应该指出,以下详细说明都是示例性的,旨在对本申请提供进一步的说明。除非另有指明,本文使用的所有技术和科学术语具有与本申请所属技术领域的普通技术人员通常理解的相同含义。It should be noted that the following detailed description is exemplary and intended to provide further explanation of the application. Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs.

需要注意的是,这里所使用的术语仅是为了描述具体实施方式,而非意图限制根据本申请的示例性实施方式。如在这里所使用的,除非上下文另外明确指出,否则单数形式也意图包括复数形式,此外,还应当理解的是,当在本说明书中使用术语“包含”和/或“包括”时,其指明存在特征、步骤、操作、器件、组件和/或它们的组合。It should be noted that the terminology used herein is for the purpose of describing specific embodiments only, and is not intended to limit the exemplary embodiments according to the present application. As used herein, unless the context clearly dictates otherwise, the singular is intended to include the plural as well, furthermore, it is to be understood that when the terms "comprising" and/or "including" are used in this specification, it indicates that There are features, steps, operations, devices, components and/or combinations thereof.

实施例一,本实施例提供了一种电子签章的方法;Embodiment 1, this embodiment provides a method for electronic signature;

如图1所示,一种电子签章的方法,包括:As shown in Figure 1, a method for electronic signature includes:

S101:第一获取步骤:获取电子签章申请请求和待签名数据;S101: The first obtaining step: obtaining the electronic signature application request and the data to be signed;

S102:第一证书下载步骤:向应用服务器发起电子签章下载请求并将待签名数据发送给应用服务器;从应用服务器获取的电子签章和待签章文件摘要;S102: the first certificate download step: initiating an electronic signature download request to the application server and sending the data to be signed to the application server; the electronic signature and the abstract of the file to be signed obtained from the application server;

S103:对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到加密数据流;S103: Merge the files to be signed corresponding to the electronic signature and the summary of the file to be signed, and encrypt the merged data to obtain an encrypted data stream;

S104:将加密数据流发送给应用服务器,接收由应用服务器加密处理后的签名文件。S104: Send the encrypted data stream to the application server, and receive the signature file encrypted and processed by the application server.

作为一个或多个实施例,所述第一获取步骤与第一证书下载步骤之间,还包括:As one or more embodiments, between the first obtaining step and the first certificate downloading step, further includes:

电子签章存在与否的判断步骤:验证电子签章是否已经存在于本地数据库中,如果存在,就进入证书有效期判断步骤;如果不存在,则进入证书下载步骤。The step of judging whether the electronic signature exists or not: verifying whether the electronic signature already exists in the local database, if so, enter the step of judging the validity period of the certificate; if not, enter the step of downloading the certificate.

作为一个或多个实施例,如图2所示,所述第一获取步骤与第一证书下载步骤之间,还包括:证书有效期判断步骤,证书有效期判断步骤在电子签章存在与否的判断步骤之后,在证书下载步骤之前;As one or more embodiments, as shown in FIG. 2 , between the first obtaining step and the first certificate downloading step, the step further includes: a certificate validity period judging step, and the certificate validity period judging step is judging whether the electronic signature exists or not. After the step, before the certificate download step;

证书有效期判断步骤:判断证书是否在有效期内,如果在有效期内,则将数字证书中本地数据库中调取并显示,结束;如果不在有效期内,则进入证书下载步骤。The step of judging the validity period of the certificate: judging whether the certificate is within the validity period, if it is within the validity period, the digital certificate will be retrieved from the local database and displayed, and finished; if it is not within the validity period, the certificate download step will be entered.

进一步地,所述由应用服务器加密处理后的签名文件,是应用服务器调用云签服务器接口和签章服务器接口,实现三方合并校验后生成的。Further, the signature file encrypted and processed by the application server is generated after the application server invokes the cloud signature server interface and the signature server interface to realize three-party combined verification.

三方合并校验,是指:是指客户端、签章服务器和云签服务器,三者管理的各自的三分之一的用户证书信息,根据唯一识别码是否能合成用户的完整证书。The three-party combined verification refers to: refers to the client, the signature server and the cloud signature server, one third of the user certificate information managed by the three, and whether the user's complete certificate can be synthesized according to the unique identification code.

所述云签服务器,是指专门管理用户的证书信息和验证用户证书的使用权限的服务器。The cloud signing server refers to a server that specially manages the user's certificate information and verifies the use authority of the user's certificate.

所述签章服务器,是指进行签章动作的服务器。The signature server refers to a server that performs a signature action.

所述待签章文件摘要,是指:即将要签署印章或者签字的pdf文件,根据算法生成的唯一哈希码。The summary of the document to be signed refers to the unique hash code generated according to the algorithm of the pdf file to be signed or signed.

所述云签服务器用于申请电子签章,绑定用户。The cloud signature server is used to apply for electronic signatures and bind users.

所述签章服务器用于校验客户端本地的证书,通过应用服务器调用,合并客户端、云签服务器的数据,生成电子签章后,并返回给应用服务器。The signature server is used to verify the local certificate of the client, and is invoked by the application server to combine the data of the client and the cloud signature server, generate an electronic signature, and return it to the application server.

应理解的,所述数字证书,是一份不可拷贝,不可被读取的文件。用户首次申请后,数字证书与用户名存储到数据库中,当用户更换客户端或者在其他客户端登录操作业务时,需要再次申请。It should be understood that the digital certificate is a file that cannot be copied or read. After the user applies for the first time, the digital certificate and user name are stored in the database. When the user changes the client or logs in to operate the business on another client, the user needs to apply again.

应理解的,所述客户端,包括:手机、笔记本或平板电脑。It should be understood that the client includes: a mobile phone, a notebook or a tablet computer.

应理解的,所述待签名数据,包括:用户的单位名称或手写签名。It should be understood that the data to be signed includes: the user's unit name or handwritten signature.

实施例二,本实施例还提供了一种电子签章的方法;Embodiment 2, this embodiment also provides a method for electronic signature;

一种电子签章的方法,包括:A method of electronic signature, comprising:

S201:第二获取步骤:获取客户端发送过来的电子签章申请请求和待签名数据;S201: the second obtaining step: obtaining the electronic signature application request and the data to be signed sent by the client;

S202:第二证书下载步骤:接收客户端发送过来的电子签章下载请求和待签名数据;基于待签名数据生成的电子签章和待签章文件摘要;S202: the second certificate downloading step: receiving the electronic signature download request and the data to be signed sent by the client; the electronic signature and the file abstract to be signed generated based on the data to be signed;

S203:将生成的电子签章和待签章文件摘要发送给客户端;S203: Send the generated electronic signature and the summary of the document to be signed to the client;

S204:接收客户端发送过来的加密数据流,对加密数据流进行加密处理后的得到签名文件,将签名文件反馈给客户端;所述加密数据流是由客户端对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到的。S204: Receive the encrypted data stream sent by the client, obtain a signature file after encrypting the encrypted data stream, and feed back the signature file to the client; the encrypted data stream is the electronic signature and the signature to be signed by the client The files to be signed corresponding to the file abstracts are merged, and the merged data is encrypted.

进一步地,所述对加密数据流进行加密处理后的得到签名文件,是应用服务器调用云签服务器接口和签章服务器接口,实现三方合并校验后生成的。Further, the signature file obtained after encrypting the encrypted data stream is generated after the application server invokes the cloud signature server interface and the signature server interface to realize three-party combined verification.

实施例三,本实施例还提供了一种电子签章的客户端;Embodiment 3, this embodiment also provides an electronic signature client;

一种电子签章的客户端,包括:An electronic signature client, including:

第一获取模块,其被配置为:获取电子签章申请请求和待签名数据;a first obtaining module, which is configured to: obtain an electronic signature application request and data to be signed;

第一证书下载模块,其被配置为:向应用服务器发起电子签章下载请求并将待签名数据发送给应用服务器;从应用服务器获取的电子签章和待签章文件摘要;a first certificate download module, which is configured to: initiate an electronic signature download request to the application server and send the data to be signed to the application server; obtain the electronic signature and the abstract of the file to be signed from the application server;

第一加密处理模块,其被配置为:对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到加密数据流;a first encryption processing module, which is configured to: combine the electronic signature and the documents to be signed corresponding to the abstract of the document to be signed, and encrypt the combined data to obtain an encrypted data stream;

接收模块,其被配置为:将加密数据流发送给应用服务器,接收由应用服务器加密处理后的签名文件。The receiving module is configured to: send the encrypted data stream to the application server, and receive the signature file encrypted and processed by the application server.

作为一个或多个实施例,所述获取模块与证书下载模块之间,还包括:As one or more embodiments, between the obtaining module and the certificate downloading module, further includes:

电子签章存在与否的判断模块,其被配置为:验证电子签章是否已经存在于本地数据库中,如果存在,就进入证书有效期判断步骤;如果不存在,则进入证书下载步骤。The judging module for the existence or not of the electronic signature is configured to: verify whether the electronic signature already exists in the local database, if so, enter the certificate validity judging step; if not, enter the certificate downloading step.

作为一个或多个实施例,所述获取模块与证书下载模块之间,还包括:证书有效期判断模块,证书有效期判断模块在电子签章存在与否的判断模块之后,在证书下载模块之前;As one or more embodiments, the acquisition module and the certificate download module further include: a certificate validity period judgment module, and the certificate validity period judgment module is after the electronic signature judgment module and before the certificate download module;

证书有效期判断模块,其被配置为:判断证书是否在有效期内,如果在有效期内,则将数字证书中本地数据库中调取并显示,结束;如果不在有效期内,则进入证书下载步骤。The certificate validity judging module is configured to: judge whether the certificate is within the validity period, if within the validity period, call and display the local database in the digital certificate, and end; if not within the validity period, enter the certificate downloading step.

实施例四,本实施例还提供了一种电子签章的服务器;Embodiment 4, this embodiment also provides an electronic signature server;

一种电子签章的服务器,包括:An electronic signature server, including:

第二获取模块,其被配置为:获取客户端发送过来的电子签章申请请求和待签名数据;The second obtaining module is configured to: obtain the electronic signature application request and the data to be signed sent by the client;

第二证书下载模块,其被配置为:接收客户端发送过来的电子签章下载请求和待签名数据;基于待签名数据生成的电子签章和待签章文件摘要;The second certificate download module is configured to: receive the electronic signature download request and the data to be signed sent by the client; the electronic signature and the file abstract to be signed are generated based on the data to be signed;

发送模块,其被配置为:将生成的电子签章和待签章文件摘要发送给客户端;a sending module, which is configured to: send the generated electronic signature and the summary of the document to be signed to the client;

第二加密处理模块,其被配置为:接收客户端发送过来的加密数据流,对加密数据流进行加密处理后的得到签名文件,将签名文件反馈给客户端;所述加密数据流是由客户端对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到的。The second encryption processing module is configured to: receive the encrypted data stream sent by the client, obtain a signature file after encrypting the encrypted data stream, and feed back the signature file to the client; the encrypted data stream is generated by the client It is obtained by merging the electronic signature and the document to be signed corresponding to the summary of the document to be signed, and encrypting the merged data.

实施例五,本实施例还提供了一种电子签章的系统;Embodiment 5, this embodiment also provides an electronic signature system;

一种电子签章的系统,包括:实施例三中的电子签章的客户端和实施例四中的电子签章的服务器。An electronic signature system includes: the electronic signature client in the third embodiment and the electronic signature server in the fourth embodiment.

实施例六,本实施例还提供了一种电子设备,包括存储器和处理器以及存储在存储器上并在处理器上运行的计算机指令,所述计算机指令被处理器运行时,完成实施例一或实施例二所述方法的步骤。Embodiment 6, this embodiment also provides an electronic device, including a memory, a processor, and computer instructions stored on the memory and run on the processor, and when the computer instructions are run by the processor, the first or The steps of the method described in the second embodiment.

实施例七,本实施例还提供了一种计算机可读存储介质,用于存储计算机指令,所述计算机指令被处理器执行时,完成实施例一或实施例二所述方法的步骤。In Embodiment 7, this embodiment further provides a computer-readable storage medium for storing computer instructions. When the computer instructions are executed by a processor, the steps of the method described in Embodiment 1 or Embodiment 2 are completed.

以上所述仅为本申请的优选实施例而已,并不用于限制本申请,对于本领域的技术人员来说,本申请可以有各种更改和变化。凡在本申请的精神和原则之内,所作的任何修改、等同替换、改进等,均应包含在本申请的保护范围之内。The above descriptions are only preferred embodiments of the present application, and are not intended to limit the present application. For those skilled in the art, the present application may have various modifications and changes. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of this application shall be included within the protection scope of this application.

Claims (10)

1.一种电子签章的方法,其特征是,包括:1. a method for electronic signature, is characterized in that, comprises: 第一获取步骤:获取电子签章申请请求和待签名数据;The first obtaining step: obtain the electronic signature application request and the data to be signed; 第一证书下载步骤:向应用服务器发起电子签章下载请求并将待签名数据发送给应用服务器;从应用服务器获取的电子签章和待签章文件摘要;The first certificate download step: initiating an electronic signature download request to the application server and sending the data to be signed to the application server; the electronic signature and the abstract of the file to be signed obtained from the application server; 对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到加密数据流;Merge the documents to be signed corresponding to the electronic signature and the summary of the document to be signed, and encrypt the merged data to obtain an encrypted data stream; 将加密数据流发送给应用服务器,接收由应用服务器加密处理后的签名文件。Send the encrypted data stream to the application server, and receive the signature file encrypted and processed by the application server. 2.如权利要求1所述的方法,其特征是,所述第一获取步骤与第一证书下载步骤之间,还包括:2. The method according to claim 1, wherein, between the first obtaining step and the first certificate downloading step, further comprising: 电子签章存在与否的判断步骤:验证电子签章是否已经存在于本地数据库中,如果存在,就进入证书有效期判断步骤;如果不存在,则进入证书下载步骤。The step of judging whether the electronic signature exists or not: verifying whether the electronic signature already exists in the local database, if so, enter the step of judging the validity period of the certificate; if not, enter the step of downloading the certificate. 3.如权利要求2所述的方法,其特征是,所述第一获取步骤与第一证书下载步骤之间,还包括:证书有效期判断步骤,证书有效期判断步骤在电子签章存在与否的判断步骤之后,在证书下载步骤之前;3. The method according to claim 2, wherein, between the first obtaining step and the first certificate downloading step, further comprising: a certificate validity period judging step, wherein the certificate validity period judging step depends on whether the electronic signature exists or not. After the judgment step, before the certificate download step; 证书有效期判断步骤:判断证书是否在有效期内,如果在有效期内,则将数字证书中本地数据库中调取并显示,结束;如果不在有效期内,则进入证书下载步骤。The step of judging the validity period of the certificate: judging whether the certificate is within the validity period, if it is within the validity period, the digital certificate will be retrieved from the local database and displayed, and finished; if it is not within the validity period, the certificate download step will be entered. 4.如权利要求1所述的方法,其特征是,所述由应用服务器加密处理后的签名文件,是应用服务器调用云签服务器接口和签章服务器接口,实现三方合并校验后生成的。4. The method according to claim 1, wherein the signature file encrypted and processed by the application server is generated after the application server invokes the cloud signature server interface and the signature server interface to implement three-party merge verification. 5.一种电子签章的方法,其特征是,包括:5. A method for electronic signature, comprising: 第二获取步骤:获取客户端发送过来的电子签章申请请求和待签名数据;The second obtaining step: obtain the electronic signature application request and the data to be signed sent by the client; 第二证书下载步骤:接收客户端发送过来的电子签章下载请求和待签名数据;基于待签名数据生成的电子签章和待签章文件摘要;The second certificate download step: receiving the electronic signature download request and the data to be signed sent by the client; the electronic signature and the summary of the document to be signed generated based on the data to be signed; 将生成的电子签章和待签章文件摘要发送给客户端;Send the generated electronic signature and the summary of the document to be signed to the client; 接收客户端发送过来的加密数据流,对加密数据流进行加密处理后的得到签名文件,将签名文件反馈给客户端;所述加密数据流是由客户端对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到的。Receive the encrypted data stream sent by the client, encrypt the encrypted data stream to obtain a signature file, and feed back the signature file to the client; the encrypted data stream is a summary of the electronic signature and the file to be signed by the client The corresponding files to be signed are merged, and the merged data is encrypted. 6.一种电子签章的客户端,其特征是,包括:6. An electronic signature client, characterized in that it comprises: 第一获取模块,其被配置为:获取电子签章申请请求和待签名数据;a first obtaining module, which is configured to: obtain an electronic signature application request and data to be signed; 第一证书下载模块,其被配置为:向应用服务器发起电子签章下载请求并将待签名数据发送给应用服务器;从应用服务器获取的电子签章和待签章文件摘要;a first certificate download module, which is configured to: initiate an electronic signature download request to the application server and send the data to be signed to the application server; obtain the electronic signature and the abstract of the file to be signed from the application server; 第一加密处理模块,其被配置为:对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到加密数据流;a first encryption processing module, which is configured to: combine the electronic signature and the documents to be signed corresponding to the abstract of the document to be signed, and encrypt the combined data to obtain an encrypted data stream; 接收模块,其被配置为:将加密数据流发送给应用服务器,接收由应用服务器加密处理后的签名文件。The receiving module is configured to: send the encrypted data stream to the application server, and receive the signature file encrypted and processed by the application server. 7.一种电子签章的服务器,其特征是,包括:7. An electronic signature server, characterized in that it comprises: 第二获取模块,其被配置为:获取客户端发送过来的电子签章申请请求和待签名数据;The second obtaining module is configured to: obtain the electronic signature application request and the data to be signed sent by the client; 第二证书下载模块,其被配置为:接收客户端发送过来的电子签章下载请求和待签名数据;基于待签名数据生成的电子签章和待签章文件摘要;The second certificate downloading module is configured to: receive the electronic signature download request and the data to be signed sent by the client; the electronic signature and the document abstract to be signed are generated based on the data to be signed; 发送模块,其被配置为:将生成的电子签章和待签章文件摘要发送给客户端;a sending module, which is configured to: send the generated electronic signature and the summary of the document to be signed to the client; 第二加密处理模块,其被配置为:接收客户端发送过来的加密数据流,对加密数据流进行加密处理后的得到签名文件,将签名文件反馈给客户端;所述加密数据流是由客户端对电子签章和待签章文件摘要对应的待签章文件进行合并,对合并后的数据进行加密得到的。The second encryption processing module is configured to: receive the encrypted data stream sent by the client, obtain a signature file after encrypting the encrypted data stream, and feed back the signature file to the client; the encrypted data stream is generated by the client It is obtained by merging the electronic signature and the document to be signed corresponding to the summary of the document to be signed, and encrypting the merged data. 8.一种电子签章的系统,其特征是,包括:权利要求6所述的电子签章的客户端和权利要求7所述的电子签章的服务器。8 . An electronic signature system, comprising: the electronic signature client according to claim 6 and the electronic signature server according to claim 7 . 9.一种电子设备,其特征是,包括存储器和处理器以及存储在存储器上并在处理器上运行的计算机指令,所述计算机指令被处理器运行时,完成权利要求1-5任一一项方法所述的步骤。9. An electronic device, characterized in that it comprises a memory and a processor and a computer instruction stored in the memory and run on the processor, when the computer instruction is run by the processor, completes any one of claims 1-5 the steps described in the method. 10.一种计算机可读存储介质,其特征是,用于存储计算机指令,所述计算机指令被处理器执行时,完成权利要求1-5任一一项方法所述的步骤。10. A computer-readable storage medium, characterized in that it is used for storing computer instructions, and when the computer instructions are executed by a processor, the steps described in any one of the methods of claims 1-5 are completed.
CN201911159162.9A 2019-11-22 2019-11-22 Electronic signature method, device and storage medium Active CN110889146B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911159162.9A CN110889146B (en) 2019-11-22 2019-11-22 Electronic signature method, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911159162.9A CN110889146B (en) 2019-11-22 2019-11-22 Electronic signature method, device and storage medium

Publications (2)

Publication Number Publication Date
CN110889146A true CN110889146A (en) 2020-03-17
CN110889146B CN110889146B (en) 2022-03-29

Family

ID=69748484

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911159162.9A Active CN110889146B (en) 2019-11-22 2019-11-22 Electronic signature method, device and storage medium

Country Status (1)

Country Link
CN (1) CN110889146B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112787989A (en) * 2020-06-08 2021-05-11 北京金山办公软件股份有限公司 Signature method and device
WO2023072276A1 (en) * 2021-10-28 2023-05-04 Kdan Mobile Software Ltd. Online signing system and method, computing apparatus, and computer-readable recording medium
CN116436618A (en) * 2023-06-07 2023-07-14 江苏意源科技有限公司 Intelligent code scanning signature system and intelligent code scanning signature method

Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1350258A (en) * 2001-12-03 2002-05-22 上海电子商务安全证书管理中心有限公司 Electronic signature verifying method and device
CN101800646A (en) * 2010-03-03 2010-08-11 南京优泰科技发展有限公司 Implementation method and system of electronic signature
CN103186846A (en) * 2011-12-30 2013-07-03 张殿礼 Intelligent electronic seal system and authorization control method thereof
CN104537525A (en) * 2014-12-30 2015-04-22 北京中科江南软件有限公司 Electronic seal authorization using system
CN105208024A (en) * 2015-09-22 2015-12-30 深圳市金溢科技股份有限公司 Safe data transmission method and system adopting no HTTPS, client and server
US20160043867A1 (en) * 2013-04-08 2016-02-11 Antonio Salvatore Piero Vittorio Bonsignore A qualified electronic signature system, method and mobile processing terminal for qualified electronic signature
CN105809450A (en) * 2014-12-31 2016-07-27 航天信息股份有限公司 Electronic invoice generation and verification method and system
CN106203551A (en) * 2016-07-07 2016-12-07 国网山东省电力公司物资公司 A kind of Electronic Signature processing method of goods and materials contract services document
CN107979470A (en) * 2016-10-25 2018-05-01 航天信息股份有限公司 For signature server, the method for terminal and signature server, terminal
CN109861823A (en) * 2018-12-20 2019-06-07 航天信息股份有限公司 Application method, device, storage medium and the electronic equipment of E-seal
CN109933310A (en) * 2019-03-11 2019-06-25 山东鲁能软件技术有限公司 A kind of configurable JAVA development platform based on data template

Patent Citations (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1350258A (en) * 2001-12-03 2002-05-22 上海电子商务安全证书管理中心有限公司 Electronic signature verifying method and device
CN101800646A (en) * 2010-03-03 2010-08-11 南京优泰科技发展有限公司 Implementation method and system of electronic signature
CN103186846A (en) * 2011-12-30 2013-07-03 张殿礼 Intelligent electronic seal system and authorization control method thereof
US20160043867A1 (en) * 2013-04-08 2016-02-11 Antonio Salvatore Piero Vittorio Bonsignore A qualified electronic signature system, method and mobile processing terminal for qualified electronic signature
CN104537525A (en) * 2014-12-30 2015-04-22 北京中科江南软件有限公司 Electronic seal authorization using system
CN105809450A (en) * 2014-12-31 2016-07-27 航天信息股份有限公司 Electronic invoice generation and verification method and system
CN105208024A (en) * 2015-09-22 2015-12-30 深圳市金溢科技股份有限公司 Safe data transmission method and system adopting no HTTPS, client and server
CN106203551A (en) * 2016-07-07 2016-12-07 国网山东省电力公司物资公司 A kind of Electronic Signature processing method of goods and materials contract services document
CN107979470A (en) * 2016-10-25 2018-05-01 航天信息股份有限公司 For signature server, the method for terminal and signature server, terminal
CN109861823A (en) * 2018-12-20 2019-06-07 航天信息股份有限公司 Application method, device, storage medium and the electronic equipment of E-seal
CN109933310A (en) * 2019-03-11 2019-06-25 山东鲁能软件技术有限公司 A kind of configurable JAVA development platform based on data template

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Y. LIAO等: "《Security Analysis of a Certificateless Provable Data Possession Scheme in Cloud》", 《EEE ACCESS》 *
上海艾瑞市场咨询有限公司: "《中国第三方电子签名行业研究报告》", 《艾瑞咨询系列研究报告》 *
邵常媛等: "《电力企业的物资计划管理》", 《2018智能电网信息化建设研讨会论文集》 *

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112787989A (en) * 2020-06-08 2021-05-11 北京金山办公软件股份有限公司 Signature method and device
CN112787989B (en) * 2020-06-08 2023-05-26 北京金山办公软件股份有限公司 Signature method and device
WO2023072276A1 (en) * 2021-10-28 2023-05-04 Kdan Mobile Software Ltd. Online signing system and method, computing apparatus, and computer-readable recording medium
CN116436618A (en) * 2023-06-07 2023-07-14 江苏意源科技有限公司 Intelligent code scanning signature system and intelligent code scanning signature method
CN116436618B (en) * 2023-06-07 2023-08-22 江苏意源科技有限公司 Intelligent code scanning signature system and intelligent code scanning signature method

Also Published As

Publication number Publication date
CN110889146B (en) 2022-03-29

Similar Documents

Publication Publication Date Title
JP7442552B2 (en) Dynamic off-chain digital currency transaction processing
CN111080295B (en) Electronic contract processing method and device based on blockchain
CN111932426B (en) A method, device and device for identity management based on trusted hardware
US10602202B1 (en) System and techniques for digital data lineage verification
CN111881483B (en) Resource account binding method, device, equipment and medium based on blockchain
WO2019127893A1 (en) Electronic signature method, electronic device, and computer readable storage medium
CN111210287A (en) Tax UKey-based invoicing method and system
CN111343170B (en) Electronic signing method and system
TWI724684B (en) Method, system and device for performing cryptographic operations subject to identity verification
CN110889146A (en) A kind of electronic signature method, device and storage medium
CN111931209B (en) Contract information verification method and device based on zero knowledge proof
WO2023207086A1 (en) Blockchain-based user data transfer method, apparatus and device
CN109428722A (en) A kind of content delivery method and device
TW202134903A (en) Information read-write method and device based on block chain
CN114422258A (en) A single sign-on method, medium and electronic device based on multi-authentication protocol
US20230117628A1 (en) Secure signing method, device and system
CN111314066A (en) Block chain-based data transfer method, terminal and computer-readable storage medium
CN109388923B (en) Program execution method and device
US11777745B2 (en) Cloud-side collaborative multi-mode private data circulation method based on smart contract
WO2016150034A1 (en) Virtual sim card management method, device and system
US20200382284A1 (en) Tracking, storage and authentication of documented intellectual property
CN115796871A (en) Resource data processing method and device based on block chain and server
WO2017016039A1 (en) Method and device for transferring business data between accounts
CN103559430B (en) application account management method and device based on Android system
CN113807832A (en) Transaction method, device and equipment based on block chain and readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant