CN111274615A - Long-acting digital signature method based on OFD format file - Google Patents
Long-acting digital signature method based on OFD format file Download PDFInfo
- Publication number
- CN111274615A CN111274615A CN202010039290.6A CN202010039290A CN111274615A CN 111274615 A CN111274615 A CN 111274615A CN 202010039290 A CN202010039290 A CN 202010039290A CN 111274615 A CN111274615 A CN 111274615A
- Authority
- CN
- China
- Prior art keywords
- signature
- information
- ofd
- file
- format file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/75—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
Abstract
The invention relates to a long-acting digital signature method based on OFD format files, which is characterized by comprising the following steps: when a digital signature method is adopted to carry out digital signature on an OFD format file, two kinds of information which are respectively used for signature aging verification and filing verification are generated, and the generation methods of the two kinds of verification information comprise the following steps: step 1, carrying out abstract calculation on an OFD format file; step 2, generating electronic signature information of the OFD format file; step 3, expanding the electronic signature information of the OFD format file; step 4, generating second information for filing verification; and finally, sending the first information for signature aging verification and the second information for filing verification to a receiving party together with the original OFD format file so that the receiving party verifies whether the content of the OFD format file is complete. Compared with the prior art, the invention has the advantages that: the OFD file transmission method can carry out long-term effective digital signature on the OFD file, and effectively verify that the OFD file is maliciously stolen or tampered in the transmission process and long-term storage.
Description
Technical Field
The invention relates to a long-acting digital signature method based on OFD format files.
Background
The OFD format file (GB/T33190-2016 electronic file storage and exchange format document) describes the format based on XML, is convenient for application expansion, supports technical advantages of domestic cryptographic algorithm and the like, and can meet the actual requirements of electronic file management such as manageability, controllability, long-term storage and the like of the format file. The OFD format is compatible with international technical standards of the same kind, and embeds corresponding electronic file characteristic support including encryption, signature and seal, authority control, official document semantics, metadata management and the like according to the processing requirements of electronic files. In order to efficiently realize electronic file exchange, annotation, strict control and quick reading, improve user experience, meet the processing requirements of users on efficient electronic files, realize authenticity, integrity, usability and safety of OFD format files, ensure long-term storage and voucher value of electronic files, and perform long-term digital signature on the OFD format files, the method is a feasible technical solution, so that the OFD format files are not tampered or stolen in the transmission process and long-term storage in the future. In the prior art, a feasible long-acting digital signature method based on OFD format files does not exist.
Disclosure of Invention
The technical problem to be solved by the present invention is to provide a long-acting digital signature method based on OFD format files in view of the above prior art.
The technical scheme adopted by the invention for solving the technical problems is as follows: a long-acting digital signature method based on OFD format files is characterized in that: when a digital signature method is adopted to carry out digital signature on an OFD format file, two kinds of information which are respectively used for signature aging verification and filing verification are generated, wherein the two kinds of information generation methods for verification comprise the following steps:
step 1, performing summary calculation on the OFD format file, and specifically comprising the following steps:
step 1-1, calculating a byte range corresponding to a digital signature according to the OFD file and signature attribute information thereof;
step 1-2, performing abstract calculation by adopting an abstract method according to the byte range, and coding a binary system result obtained by calculation to obtain an abstract value;
step 1-3, packaging the abstract method, the abstract value and the byte range to obtain the abstract information of the digital signature;
step 2, generating electronic signature information of the OFD format file, specifically including:
step 2-1, packaging the certificate related information, the signature method, the OFD file information and the summary information obtained in the step 1 into a signature list of the OFD file together, and generating electronic signature information of the OFD format file; wherein the related information of the certificate is separately stored in a file form, and the pointing information of the stored file of the related information of the certificate is packaged in a fixed field SignedValue;
and 3, expanding the electronic signature information of the OFD format file, wherein the expansion is realized by any one of the following three methods:
a, adding the latest modification date of the OFD file as signature timestamp information into the OFD file, namely packaging certificate related information, a signature method and the summary information obtained in the step 1 into a signature list of the OFD file, and then combining the signature list with the signature timestamp information and the OFD file information to serve as expanded electronic signature information;
b, extracting signature time for digitally signing the OFD format file, adding the signature time serving as signature timestamp information into the electronic signature information, namely packaging certificate related information, a signature method, the signature timestamp information and the summary information obtained in the step 1 into a signature list of the OFD file, and then combining the signature list with the OFD file information to serve as the expanded electronic signature information;
the method c, acquiring the signature time for carrying out subsequent signature on the OFD format file, adding the signature time serving as signature timestamp information into the electronic signature information, namely packaging the certificate related information, the signature method, the signature timestamp information and the summary information obtained in the step 1 into a signature list of the OFD file, and then combining the signature list with the OFD file information to serve as the expanded electronic signature information;
taking the expanded electronic signature information as first information for signature aging verification;
and 4, generating second information for filing verification:
carrying out digital signature on the expanded electronic signature information obtained in the step (3) together with a signature main body and valid data by adopting a digital signature method again to generate second information for archiving and verification;
and finally, the first information for signature aging verification and the second information for filing verification are sent to a receiver together with the original OFD format file, so that the receiver can verify whether the content of the OFD format file is complete.
The digital signature method adopts SM2 algorithm or RSA algorithm or HASH algorithm or DSA algorithm.
In the step 1-2, the MD5 abstract method or SHA1 abstract method is adopted for abstract calculation.
When the electronic signature information of the OFD format file is extended in step 3, the signature timestamp information is individually packaged as a list of information in the signature list of the OFD file, or the signature timestamp information may be directly packaged in the OFD file.
Compared with the prior art, the invention has the advantages that: the OFD format file can be subjected to long-term effective digital signature, and the OFD format file can be effectively verified to be maliciously stolen or tampered in the transmission process and long-term storage due to network security and other reasons.
Drawings
Fig. 1 is a flowchart of a long-acting digital signature method based on OFD format files in the embodiment of the present invention.
Detailed Description
The invention is described in further detail below with reference to the accompanying examples.
As shown in fig. 1, the long-acting digital signature method based on the OFD format file generates two kinds of information respectively used for signature aging verification and filing verification while performing digital signature on the OFD format file by using a digital signature method, where the digital signature method may use an industry-wide conventional security algorithm, such as SM2 algorithm, RSA algorithm, HASH algorithm, or DSA algorithm, and the two kinds of verification information generation methods include the following steps:
step 1, performing summary calculation on the OFD format file, and specifically comprising the following steps:
step 1-1, calculating a byte range corresponding to a digital signature according to the OFD file and signature attribute information thereof; the signature attribute information belongs to fixed parameters, and the signature attribute information corresponding to different digital signature methods is different;
step 1-2, according to the byte range, adopting a digest method to perform digest calculation, such as an MD5 digest method or an SHA1 digest method, to encode the binary system result obtained by calculation to obtain a digest value;
step 1-3, packaging the abstract method, the abstract value and the byte range to obtain the abstract information of the digital signature;
step 2, generating electronic signature information of the OFD format file, specifically including:
step 2-1, packaging the certificate related information, the signature method, the OFD file information and the summary information obtained in the step 1 into a signature list of the OFD file together, and generating electronic signature information of the OFD format file; wherein the related information of the certificate is separately stored in a file form, and the pointing information of the stored file of the related information of the certificate is packaged in a fixed field SignedValue;
and 3, expanding the electronic signature information of the OFD format file, wherein the expansion is realized by any one of the following three methods:
a, adding the latest modification date of the OFD file as signature timestamp information into electronic signature information, namely packaging certificate related information, a signature method and the summary information obtained in the step 1 into a signature list of the OFD file, and then combining the signature list with the signature timestamp information and the OFD file information to serve as the expanded electronic signature information;
b, extracting signature time for digitally signing the OFD format file, adding the signature time serving as signature timestamp information into the electronic signature information, namely packaging certificate related information, a signature method, the signature timestamp information and the summary information obtained in the step 1 into a signature list of the OFD file, and then combining the signature list with the OFD file information to serve as the expanded electronic signature information;
the method c, acquiring the signature time for carrying out subsequent signature on the OFD format file, adding the signature time serving as signature timestamp information into the electronic signature information, namely packaging the certificate related information, the signature method, the signature timestamp information and the summary information obtained in the step 1 into a signature list of the OFD file, and then combining the signature list with the OFD file information to serve as the expanded electronic signature information;
no matter the method a, the method b or the method c is adopted, when the electronic signature information of the OFD format file is extended, the signature timestamp information can be packaged into the signature list of the OFD file as a list of information alone, or the signature timestamp information can be directly packaged into the OFD file.
Taking the expanded electronic signature information as first information for signature aging verification;
and 4, generating second information for filing verification:
carrying out digital signature on the expanded electronic signature information obtained in the step (3) together with a signature main body and valid data by adopting a digital signature method again to generate second information for archiving and verification;
and finally, sending the first information for signature aging verification and the second information for filing verification to a receiving party together with the original OFD format file so that the receiving party verifies whether the content of the OFD format file is complete.
Claims (5)
1. A long-acting digital signature method based on OFD format files is characterized in that: when a digital signature method is adopted to carry out digital signature on an OFD format file, two kinds of information which are respectively used for signature aging verification and filing verification are generated, and the generation methods of the two kinds of verification information comprise the following steps:
step 1, performing summary calculation on the OFD format file, and specifically comprising the following steps:
step 1-1, calculating a byte range corresponding to a digital signature according to the OFD file and signature attribute information thereof;
step 1-2, performing abstract calculation by adopting an abstract method according to the byte range, and coding a binary system result obtained by calculation to obtain an abstract value;
step 1-3, packaging the abstract method, the abstract value and the byte range to obtain the abstract information of the digital signature;
step 2, generating electronic signature information of the OFD format file, specifically including:
step 2-1, packaging the certificate related information, the signature method, the OFD file information and the summary information obtained in the step 1 into a signature list of the OFD file together, and generating electronic signature information of the OFD format file; wherein the related information of the certificate is separately stored in a file form, and the pointing information of the stored file of the related information of the certificate is packaged in a fixed field SignedValue;
and 3, expanding the electronic signature information of the OFD format file, wherein the expansion is realized by any one of the following three methods:
a, adding the latest modification date of the OFD file as signature timestamp information into electronic signature information, namely packaging certificate related information, a signature method and the summary information obtained in the step 1 into a signature list of the OFD file, and then combining the signature list with the signature timestamp information and the OFD file information to serve as the expanded electronic signature information;
b, extracting signature time for digitally signing the OFD format file, adding the signature time serving as signature timestamp information into the electronic signature information, namely packaging certificate related information, a signature method, the signature timestamp information and the summary information obtained in the step 1 into a signature list of the OFD file, and then combining the signature list with the OFD file information to serve as the expanded electronic signature information;
the method c, acquiring the signature time for carrying out subsequent signature on the OFD format file, adding the signature time serving as signature timestamp information into the electronic signature information, namely packaging the certificate related information, the signature method, the signature timestamp information and the summary information obtained in the step 1 into a signature list of the OFD file, and then combining the signature list with the OFD file information to serve as the expanded electronic signature information;
taking the expanded electronic signature information as first information for signature aging verification;
and 4, generating second information for filing verification:
carrying out digital signature on the expanded electronic signature information obtained in the step (3) together with a signature main body and valid data by adopting a digital signature method again to generate second information for archiving and verification;
and finally, sending the first information for signature aging verification and the second information for filing verification to a receiving party together with the original OFD format file so that the receiving party verifies whether the content of the OFD format file is complete.
2. The long-acting digital signature method based on OFD-formatted files according to claim 1, wherein: the digital signature method adopts SM2 algorithm or RSA algorithm or HASH algorithm or DSA algorithm.
3. The long-acting digital signature method based on OFD-formatted files according to claim 1, wherein: in the step 1-2, the MD5 abstract method or SHA1 abstract method is adopted for abstract calculation.
4. The long-acting digital signature method based on OFD-formatted files according to claim 1, 2 or 3, wherein: when the electronic signature information of the OFD format file is extended in the step 3, the signature timestamp information is individually packaged into the signature list of the OFD file as a list of information.
5. The long-acting digital signature method based on OFD-formatted files according to claim 1, 2 or 3, wherein: when the electronic signature information of the OFD format file is extended in the step 3, the signature timestamp information is directly encapsulated in the OFD file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010039290.6A CN111274615A (en) | 2020-01-15 | 2020-01-15 | Long-acting digital signature method based on OFD format file |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010039290.6A CN111274615A (en) | 2020-01-15 | 2020-01-15 | Long-acting digital signature method based on OFD format file |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111274615A true CN111274615A (en) | 2020-06-12 |
Family
ID=70998724
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010039290.6A Pending CN111274615A (en) | 2020-01-15 | 2020-01-15 | Long-acting digital signature method based on OFD format file |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111274615A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112347493A (en) * | 2020-11-04 | 2021-02-09 | 杭州天谷信息科技有限公司 | Encryption, decryption and graying method for OFD (office file) |
| CN112364385A (en) * | 2020-10-19 | 2021-02-12 | 山东省国土空间数据和遥感技术中心 | OFD format real estate electronic certificate file signature method and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105320900A (en) * | 2014-07-24 | 2016-02-10 | 方正国际软件(北京)有限公司 | PDF digital signature method and system and PDF digital signature verification method and system |
| CN109523685A (en) * | 2018-09-04 | 2019-03-26 | 航天信息股份有限公司 | A kind of electronic invoice checking method and system based on OFD formatted file |
| CN109902505A (en) * | 2017-12-11 | 2019-06-18 | 方正国际软件(北京)有限公司 | A kind of storage of Electronic Signature, verification method and device |
-
2020
- 2020-01-15 CN CN202010039290.6A patent/CN111274615A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105320900A (en) * | 2014-07-24 | 2016-02-10 | 方正国际软件(北京)有限公司 | PDF digital signature method and system and PDF digital signature verification method and system |
| CN109902505A (en) * | 2017-12-11 | 2019-06-18 | 方正国际软件(北京)有限公司 | A kind of storage of Electronic Signature, verification method and device |
| CN109523685A (en) * | 2018-09-04 | 2019-03-26 | 航天信息股份有限公司 | A kind of electronic invoice checking method and system based on OFD formatted file |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112364385A (en) * | 2020-10-19 | 2021-02-12 | 山东省国土空间数据和遥感技术中心 | OFD format real estate electronic certificate file signature method and system |
| CN112347493A (en) * | 2020-11-04 | 2021-02-09 | 杭州天谷信息科技有限公司 | Encryption, decryption and graying method for OFD (office file) |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9009477B2 (en) | Archiving electronic content having digital signatures | |
| US11356268B2 (en) | Digital composition hashing | |
| CN108270874B (en) | Application program updating method and device | |
| US9276749B2 (en) | Distributed validation of digitally signed electronic documents | |
| JP4993674B2 (en) | Information processing apparatus, verification processing apparatus, control method thereof, computer program, and storage medium | |
| KR100714430B1 (en) | Apparatus and method for generating data for detecting false alteration of encrypted data during processing | |
| US8707047B2 (en) | Verifying signatures for multiple encodings | |
| CN101702150A (en) | Method for protecting, verifying and repealing content of PDF document page | |
| US8839446B2 (en) | Protecting archive structure with directory verifiers | |
| WO2007106567A2 (en) | Protecting the integrity of electronically derivative works | |
| US8819361B2 (en) | Retaining verifiability of extracted data from signed archives | |
| KR20120053398A (en) | Validation system and verification method including signature device and verification device to verify contents | |
| KR101989813B1 (en) | Generating and verifying the alternative data in a specified format | |
| CN111475574A (en) | Data acquisition device based on block chain | |
| US20130042103A1 (en) | Digital Data Content Authentication System, Data Authentication Device, User Terminal, Computer Program and Method | |
| CN111274615A (en) | Long-acting digital signature method based on OFD format file | |
| CN107306254B (en) | Digital copyright protection method and system based on double-layer encryption | |
| CN111970114A (en) | File encryption method, system, server and storage medium | |
| CN101951605A (en) | Digital signature method of movable Widget | |
| JP2003143139A (en) | Program and method for storing and verifying digital data | |
| CN112948882A (en) | Electronic contract encryption method and device and storage medium | |
| CN113204751A (en) | Method and system for generating lightweight SM2 cryptographic certificate | |
| CN103370900B (en) | A kind of information processor | |
| CN114338035A (en) | Mobile terminal PDF electronic signature method and system based on key collaborative signature | |
| US10931463B2 (en) | Cryptographic verification of a compressed archive |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |