CN112395590A - Multiplexing method, device and equipment of electronic signature and storage medium - Google Patents

Multiplexing method, device and equipment of electronic signature and storage medium Download PDF

Info

Publication number
CN112395590A
CN112395590A CN202011282971.1A CN202011282971A CN112395590A CN 112395590 A CN112395590 A CN 112395590A CN 202011282971 A CN202011282971 A CN 202011282971A CN 112395590 A CN112395590 A CN 112395590A
Authority
CN
China
Prior art keywords
signature
signed
basic
files
keywords
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011282971.1A
Other languages
Chinese (zh)
Inventor
黄学蒙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ping An Puhui Enterprise Management Co Ltd
Original Assignee
Ping An Puhui Enterprise Management Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ping An Puhui Enterprise Management Co Ltd filed Critical Ping An Puhui Enterprise Management Co Ltd
Priority to CN202011282971.1A priority Critical patent/CN112395590A/en
Publication of CN112395590A publication Critical patent/CN112395590A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the field of block chains, and discloses a multiplexing method, a multiplexing device, multiplexing equipment and a multiplexing storage medium for electronic signatures, which are used for improving the confirmation efficiency of a user for confirming a basic document to be signed. The multiplexing method of the electronic signature comprises the following steps: acquiring a plurality of initial signature keywords in a plurality of initial files to be signed, and hiding the initial signature keywords except the initial signature keywords at the positions of the plurality of initial signature keywords by using a hiding function; acquiring an electronic signature from a target basic document to be signed to obtain a target signed document; generating an encrypted data string by adopting an asymmetric encryption algorithm to obtain integrated signature data; the integrated signature data is transmitted to other basic files to be signed and verified, and the verified integrated signature data is mapped to other basic files to be signed by using a preset mapping function to obtain a plurality of other signed files; and combining the target signed file with a plurality of other signed files to obtain a complete signed file. Wherein the initial to-be-signed file may be stored in the blockchain.

Description

Multiplexing method, device and equipment of electronic signature and storage medium
Technical Field
The invention relates to the field of intelligent contract signing, in particular to a multiplexing method, a multiplexing device, multiplexing equipment and a storage medium of an electronic signature.
Background
With the rapid development of computer technology, various industries improve user experience for the convenience of user operation, and enable users to directly confirm character information in electronic files in many scenes in which the users need to confirm the character information.
After confirming the text information in the electronic file, the user needs to sign after the position of the corresponding signature keyword at the tail of the electronic file. By using the existing signature plug-in Software Development Kit (SDK), an electronic name can be signed after the position of a signature keyword in a file to be signed, but when the number of electronic files to be confirmed is increased, a user needs to sign on a plurality of files to be signed respectively, so that the situation that the user signs again due to abnormal signatures is easy to occur, and the user signs the name for a plurality of times, so that the efficiency of confirming the file by the user is low due to repeated operations.
Disclosure of Invention
The invention provides a method, a device, equipment and a storage medium for multiplexing an electronic signature, which are used for improving the confirmation efficiency of a user for confirming a basic file to be signed.
The first aspect of the present invention provides a method for multiplexing an electronic signature, including: acquiring a plurality of initial signature keywords and a plurality of corresponding initial signature keyword positions in a plurality of initial files to be signed, and hiding the initial signature keywords except the initial signature keyword positions by using a hiding function to obtain a plurality of basic files to be signed; acquiring an electronic signature uploaded by a signer at the position of a target basic signature keyword in a target basic document to be signed, and generating a corresponding signature picture based on the electronic signature to obtain a target signed document; generating an encrypted data string of the signature picture by adopting an asymmetric encryption algorithm, and assembling the signature picture and the encrypted data string to obtain integrated signature data; transmitting the integrated signature data to other basic files to be signed, verifying the transmitted integrated signature data, and mapping the verified integrated signature data to positions of other basic signature keywords in the other basic files to be signed by using a preset mapping function to obtain a plurality of other signed files, wherein the other basic files to be signed are signed files except for the target basic file to be signed in the plurality of basic files to be signed, and the other basic signature keywords are signature keywords at corresponding positions in the other basic files to be signed; and combining the target signing file with the other signing files to obtain a complete signing file.
Optionally, in a first implementation manner of the first aspect of the present invention, the obtaining multiple initial signature keywords and corresponding multiple initial signature keyword positions in multiple initial files to be signed, and hiding, by using a hiding function, the initial signature keywords except for the multiple initial signature keyword positions to obtain multiple basic files to be signed includes: acquiring a plurality of initial signature keywords and corresponding positions of the plurality of initial signature keywords in a plurality of initial files to be signed; inquiring initial signature keywords except the positions of the initial signature keywords in the plurality of initial files to be signed to obtain a plurality of signature keywords to be hidden; and adding preset hidden labels behind the positions of the plurality of keywords of the signatures to be hidden by using a hidden function to complete the hiding of the plurality of signatures to be hidden, thereby obtaining a plurality of basic documents to be signed.
Optionally, in a second implementation manner of the first aspect of the present invention, the generating an encrypted data string of the signature picture by using an asymmetric encryption algorithm, and assembling the signature picture and the encrypted data string to obtain integrated signature data includes: decoding the signature picture by using a decoder, and calculating the hash value of the decoded signature picture; calculating the hash value of the signature picture by using a first preset formula and a second preset formula in an asymmetric encryption algorithm to generate an encrypted data string of the signature picture, wherein the first preset formula is as follows: r ═ gkmod p) mod q, the second preset formula being: s ═ k (k)-1(h (m) + xr)) mod q, where r denotes a first encrypted data string and p denotes a randomly generated first prime number, in the range of 21023<p<21024Q represents a first derived prime number, where (p-1) mod q ═ 0, and 2159<q<2160And g represents a second derivative prime number, wherein g ═ h(p-1)÷q mod p,h represents a second randomly generated prime number, and 1<h<(p-1),g>1, k denotes a temporary key, s denotes a second encrypted data string, h (m) denotes a hash value of a signature picture, x denotes a private key, specifically a random number or a pseudo-random number, and 0<x<q; and assembling the signature picture, the first encrypted data string and the second encrypted data string to obtain integrated signature data.
Optionally, in a third implementation manner of the first aspect of the present invention, the transmitting the integrated signature data to another basic file to be signed, verifying the transmitted integrated signature data, and mapping the verified integrated signature data to positions of other basic signature keywords in the other basic file to be signed by using a preset mapping function to obtain a plurality of other signed files, where the other basic file to be signed is a signed file in the plurality of basic files to be signed except for the target basic file to be signed, and the other basic signature keywords are signature keywords at corresponding positions in the other basic file to be signed include: transmitting the integrated signature data to other basic files to be signed, and verifying the transmitted integrated signature data to obtain verified integrated signature data; searching mapping labels preset at positions of other basic signature keywords in the other basic files to be signed, wherein the other basic signature keywords are signature keywords at corresponding positions in the other basic files to be signed; and mapping the verified integrated signature data to the position of the mapping label through a preset mapping function to complete the signing of the other basic files to be signed so as to obtain a plurality of other signed files, wherein the other basic files to be signed are signed files in the plurality of basic files to be signed except the target basic file to be signed.
Optionally, in a fourth implementation manner of the first aspect of the present invention, the transmitting the integrated signature data to another basic document to be signed, and performing a proofreading verification on the transmitted integrated signature data to obtain verified integrated signature data includes: transmitting the integrated signature data to other basic files to be signedRespectively calculating a first decrypted data string and a second decrypted data string of the transmitted integrated signature data according to a first verification formula and a second verification formula, wherein the first verification formula is as follows: u. of1=[H(M)×((s')-1mod q)]mod q, the second verification formula is: u. of2=[r'×((s')-1mod q)]mod q, where u1Denotes a first decrypted data string, h (m) denotes a hash value of a signature picture in the integrated signature data after transmission, s' denotes a second encrypted data string in the integrated signature data after transmission, q denotes a first derived prime number, where (p-1) mod q ═ 0, and 2159<q<2160And p represents a randomly generated first prime number in the range of 21023<p<21024,u2Representing the second decrypted data string, r' representing the first encrypted data string in the transmitted integrated signature data; calculating verification signature data of the transmitted integrated signature data according to a third preset formula, the first decrypted data string and the second decrypted data string, wherein the third preset formula is as follows:
Figure BDA0002781407470000031
wherein v denotes verification signature data and g denotes a second derivative prime number, where g ═ h(p-1)Q mod p, h denotes the second element generated randomly, and 1<h<(p-1),g>1, p denotes a randomly generated first prime number in the range of 21023<p<21024Q represents a first derived prime number, where (p-1) mod q ═ 0, and 2159<q<2160,u1Representing a first decrypted data string, u2Y denotes a second decrypted data string, y denotes a public key, and y is gxmod p, x denotes that the private key is specifically a random or pseudo-random number, and 0<x<q; and judging whether the verification signature data is the same as the first encrypted data string in the transmitted integrated signature data, and if the verification signature data is the same as the first encrypted data string, finishing the proofreading and verification of the transmitted integrated signature data to obtain the verified integrated signature data.
Optionally, in a fifth implementation manner of the first aspect of the present invention, before acquiring an electronic signature uploaded by a signer at a position of a target basic signature keyword in a target basic document to be signed, and generating a corresponding signature picture based on the electronic signature to obtain the target signed document, generating an encrypted data string of the signature picture by using an asymmetric encryption algorithm, and assembling the signature picture and the encrypted data string to obtain integrated signature data, the method for multiplexing an electronic signature further includes: and marking the target basic signature keyword on the position of the other basic signature keywords through a mapping function on the other basic documents to be signed.
Optionally, in a sixth implementation manner of the first aspect of the present invention, the marking, by a mapping function, the target basic signature keyword at the position of the other basic signature keyword on the other basic document to be signed includes: searching the positions of the other basic signature keywords on the other basic documents to be signed; and adding a mapping label at the position of the other basic signature keywords, wherein the mapping label is the label name of the target basic signature keyword.
A second aspect of the present invention provides an apparatus for multiplexing an electronic signature, including: the hidden module is used for acquiring a plurality of initial signature keywords and a plurality of corresponding initial signature keyword positions in a plurality of initial files to be signed, and hiding the initial signature keywords except the initial signature keyword positions by using a hidden function to obtain a plurality of basic files to be signed; the acquisition module is used for acquiring the electronic signature uploaded by the signer at the position of the target basic signature keyword in the target basic document to be signed, and generating a corresponding signature picture based on the electronic signature to obtain the target signed document; the encryption module is used for generating an encrypted data string of the signature picture by adopting an asymmetric encryption algorithm and assembling the signature picture and the encrypted data string to obtain integrated signature data; the verification module is used for transmitting the integrated signature data to other basic files to be signed, verifying the transmitted integrated signature data, and mapping the verified integrated signature data to the positions of other basic signature keywords in the other basic files to be signed by using a preset mapping function to obtain a plurality of other signed files, wherein the other basic files to be signed are signed files in the plurality of basic files to be signed except for the target basic file to be signed, and the other basic signature keywords are signature keywords at corresponding positions in the other basic files to be signed; and the integration module is used for combining the target signing file with the other signing files to obtain a complete signing file.
Optionally, in a first implementation manner of the second aspect of the present invention, the hiding module is specifically configured to: acquiring a plurality of initial signature keywords and corresponding positions of the plurality of initial signature keywords in a plurality of initial files to be signed; inquiring initial signature keywords except the positions of the initial signature keywords in the plurality of initial files to be signed to obtain a plurality of signature keywords to be hidden; and adding preset hidden labels behind the positions of the plurality of keywords of the signatures to be hidden by using a hidden function to complete the hiding of the plurality of signatures to be hidden, thereby obtaining a plurality of basic documents to be signed.
Optionally, in a second implementation manner of the second aspect of the present invention, the encryption module is specifically configured to: decoding the signature picture by using a decoder, and calculating the hash value of the decoded signature picture; calculating the hash value of the signature picture by using a first preset formula and a second preset formula in an asymmetric encryption algorithm to generate an encrypted data string of the signature picture, wherein the first preset formula is as follows: r ═ gkmod p) mod q, the second preset formula being: s ═ k (k)-1(h (m) + xr)) mod q, where r denotes a first encrypted data string and p denotes a randomly generated first prime number, in the range of 21023<p<21024Q represents a first derived prime number, where (p-1) mod q ═ 0, and 2159<q<2160And g represents a second derivative prime number, wherein g ═ h(p-1)Q mod p, h denotes the second element generated randomly, and 1<h<(p-1),g>1, k denotes a temporary key, s denotes a second keyAn encrypted data string, H (m) represents a hash value of the signed picture, x represents a private key, in particular a random number or a pseudo-random number, and 0<x<q; and assembling the signature picture, the first encrypted data string and the second encrypted data string to obtain integrated signature data.
Optionally, in a third implementation manner of the second aspect of the present invention, the verification module includes: the verification unit is used for transmitting the integrated signature data to other basic files to be signed and verifying the transmitted integrated signature data to obtain verified integrated signature data; the query unit is used for searching mapping labels preset at the positions of other basic signature keywords in the other basic files to be signed, wherein the other basic signature keywords are signature keywords at corresponding positions in the other basic files to be signed; and the mapping unit is used for mapping the verified integrated signature data to the position of the mapping label through a preset mapping function, signing the other basic documents to be signed to obtain a plurality of other signed documents, wherein the other basic documents to be signed are signed documents in the plurality of basic documents to be signed except the target basic document to be signed.
Optionally, in a fourth implementation manner of the second aspect of the present invention, the verification unit is specifically configured to: transmitting the integrated signature data to other basic files to be signed, and respectively calculating a first decrypted data string and a second decrypted data string of the transmitted integrated signature data according to a first verification formula and a second verification formula, wherein the first verification formula is as follows: u. of1=[H(M)×((s')-1mod q)]mod q, the second verification formula is: u. of2=[r'×((s')-1mod q)]mod q, where u1Denotes a first decrypted data string, h (m) denotes a hash value of a signature picture in the integrated signature data after transmission, s' denotes a second encrypted data string in the integrated signature data after transmission, q denotes a first derived prime number, where (p-1) modq ═ 0, and 2159<q<2160And p represents a randomly generated first prime number in the range of 21023<p<21024,u2To representA second decrypted data string, r' representing the first encrypted data string in the transmitted integrated signature data; calculating verification signature data of the transmitted integrated signature data according to a third preset formula, the first decrypted data string and the second decrypted data string, wherein the third preset formula is as follows:
Figure BDA0002781407470000061
wherein v denotes verification signature data and g denotes a second derivative prime number, where g ═ h(p-1)Qmomp, h represents the second element number generated randomly, and 1<h<(p-1),g>1, p denotes a randomly generated first prime number in the range of 21023<p<21024Q represents a first derived prime number, where (p-1) mod q ═ 0, and 2159<q<2160,u1Representing a first decrypted data string, u2Y denotes a second decrypted data string, y denotes a public key, and y is gxmod p, x denotes that the private key is specifically a random or pseudo-random number, and 0<x<q; and judging whether the verification signature data is the same as the first encrypted data string in the transmitted integrated signature data, and if the verification signature data is the same as the first encrypted data string, finishing the proofreading and verification of the transmitted integrated signature data to obtain the verified integrated signature data.
Optionally, in a fifth implementation manner of the second aspect of the present invention, the apparatus for multiplexing an electronic signature further includes: and the marking module is used for marking the target basic signature keyword on the positions of the other basic signature keywords through a mapping function on the other basic files to be signed.
Optionally, in a sixth implementation manner of the second aspect of the present invention, the marking module is specifically configured to: searching the positions of the other basic signature keywords on the other basic documents to be signed; and adding a mapping label at the position of the other basic signature keywords, wherein the mapping label is the label name of the target basic signature keyword.
A third aspect of the present invention provides an electronic signature multiplexing apparatus, including: a memory and at least one processor, the memory having instructions stored therein; the at least one processor invokes the instructions in the memory to cause the electronic signature multiplexing device to execute the electronic signature multiplexing method described above.
A fourth aspect of the present invention provides a computer-readable storage medium having stored therein instructions, which when run on a computer, cause the computer to execute the above-described method of multiplexing electronic signatures.
According to the technical scheme provided by the invention, a plurality of initial signature keywords and a plurality of corresponding initial signature keyword positions in a plurality of initial files to be signed are obtained, and the initial signature keywords except the initial signature keyword positions are hidden by using a hiding function to obtain a plurality of basic files to be signed; acquiring an electronic signature uploaded by a signer at the position of a target basic signature keyword in a target basic document to be signed, and generating a corresponding signature picture based on the electronic signature to obtain a target signed document; generating an encrypted data string of the signature picture by adopting an asymmetric encryption algorithm, and assembling the signature picture and the encrypted data string to obtain integrated signature data; transmitting the integrated signature data to other basic files to be signed, verifying the transmitted integrated signature data, and mapping the verified integrated signature data to positions of other basic signature keywords in the other basic files to be signed by using a preset mapping function to obtain a plurality of other signed files, wherein the other basic files to be signed are signed files except for the target basic file to be signed in the plurality of basic files to be signed, and the other basic signature keywords are signature keywords at corresponding positions in the other basic files to be signed; and combining the target signing file with the other signing files to obtain a complete signing file. In the embodiment of the invention, the electronic signature uploaded by a signer at the target basic signature keyword position in the target basic document to be signed is obtained, the electronic signature is encrypted by using an asymmetric encryption algorithm to obtain the integrated signature data, and the verified integrated signature data is mapped to the positions of other basic signature keywords in other basic documents to be signed by using the preset mapping function, so that the signing of a plurality of basic documents to be signed is completed, the times of signing names by users are reduced, and the confirmation efficiency of confirming the basic documents to be signed by the users is improved.
Drawings
Fig. 1 is a schematic diagram of an embodiment of a multiplexing method of an electronic signature according to an embodiment of the present invention;
fig. 2 is a schematic diagram of another embodiment of a multiplexing method of an electronic signature according to an embodiment of the present invention;
fig. 3 is a schematic diagram of an embodiment of a multiplexing apparatus for electronic signatures in an embodiment of the present invention;
fig. 4 is a schematic diagram of another embodiment of the multiplexing apparatus for electronic signatures in the embodiment of the present invention;
fig. 5 is a schematic diagram of an embodiment of a multiplexing device for electronic signatures in an embodiment of the present invention.
Detailed Description
The embodiment of the invention provides a method, a device, equipment and a storage medium for multiplexing an electronic signature, which are used for improving the confirmation efficiency of a user for confirming a basic file to be signed.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims, as well as in the drawings, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that the embodiments described herein may be practiced otherwise than as specifically illustrated or described herein. Furthermore, the terms "comprises," "comprising," or "having," and any variations thereof, are intended to cover non-exclusive inclusions, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
For convenience of understanding, a detailed flow of an embodiment of the present invention is described below, and referring to fig. 1, an embodiment of a multiplexing method for electronic signatures in an embodiment of the present invention includes:
101. acquiring a plurality of initial signature keywords and a plurality of corresponding initial signature keyword positions in a plurality of initial files to be signed, and hiding the initial signature keywords except the initial signature keyword positions by using a hiding function to obtain a plurality of basic files to be signed;
it is to be understood that the execution subject of the present invention may be a multiplexing device of electronic signature, and may also be a terminal or a server, which is not limited herein. The embodiment of the present invention is described by taking a server as an execution subject.
Under the scene that a user needs to sign each file after confirming a plurality of files, the user needs to sign names for a plurality of times, so that repeated operation not only causes poor user experience, but also causes low efficiency of confirming the files by the user. For example: under the scene that the user loans and uses the house as the mortgage, the house administration of each city needs to sign the relevant mortgage documents or certificates, the user as the signer needs to sign the names on the relevant documents or certificates, because there are many contents of the initial signature key on the associated document or certificate, as the signer needs to sign after the "first party" (initial signature key) located at the very last position of the certificate, but there are multiple keys in the entire associated certificate that have "party a" the same content as the original signature key, the server needs to add a preset hidden tag after the location where the signer is not required to sign and the initial signature key content exists, therefore, the purpose of hiding is achieved, and the server hides the initial signature keywords except the initial signature keywords at the positions of the initial signature keywords to obtain a plurality of basic files to be signed.
It is emphasized that, in order to further ensure the privacy and security of the initial document to be signed, the initial document to be signed may also be stored in a node of a blockchain.
102. Acquiring an electronic signature uploaded by a signer at the position of a target basic signature keyword in a target basic document to be signed, and generating a corresponding signature picture based on the electronic signature to obtain a target signed document;
after the server signs the plurality of basic files to be signed, the server can wait for the user to sign names at the position of the initial signature keywords, any one of the plurality of basic files to be signed is used as a target basic file to be signed, a signer signs an electronic signature on the target basic file to be signed, and the server processes the electronic signature to finally generate a corresponding signature picture to obtain the target signed file.
103. Generating an encrypted data string of the signature picture by adopting an asymmetric encryption algorithm, and assembling the signature picture and the encrypted data string to obtain integrated signature data;
because the electronic signature of the user has legal validity, the server needs to encrypt the signed picture after obtaining the signed picture, the encryption technology adopted here is an asymmetric encryption algorithm, and the asymmetric encryption algorithm is a secret method of a secret key. Asymmetric encryption algorithms require two keys: public key (public key) and private key (private key), public key and private key are one-to-one correspondence, if the public key is used to encrypt data, only the corresponding private key can be used to decrypt. The basic process of realizing confidential information exchange by the asymmetric encryption algorithm is as follows: the first party generates a pair of secret keys and discloses the public keys, and other roles (the second party) needing to send information to the first party encrypt the confidential information by using the secret keys (the public keys of the first party) and then send the encrypted confidential information to the first party; the first party decrypts the encrypted information by using the private key of the first party. The method is characterized in that when the party A wants to reply to the party B, the opposite is true, the public key of the party B is used for encrypting data, and similarly, the party B uses the private key of the party B for decrypting. According to the method and the device, the encrypted data string of the signature picture is generated by using an asymmetric encryption algorithm, and then the security of the signature picture is confirmed by verifying the encrypted data string.
104. The method comprises the steps of transmitting integrated signature data to other basic files to be signed, verifying the transmitted integrated signature data, and mapping the verified integrated signature data to the positions of other basic signature keywords in the other basic files to be signed by using a preset mapping function to obtain a plurality of other signed files, wherein the other basic files to be signed are signed files except for a target basic file to be signed in the plurality of basic files to be signed, and the other basic signature keywords are signature keywords at corresponding positions in the other basic files to be signed;
after acquiring the integrated signature data in the target basic file to be signed, the server needs to transmit and add the integrated signature data to other basic files to be signed, and after transmitting the integrated signature data to other files to be signed, the server needs to further verify the integrated signature data, so as to determine whether the transmitted integrated signature data includes a signature picture in the target basic file to be signed. After the transmitted integrated signature data is verified, the server can map the transmitted integrated signature data to the positions of other basic signature keywords in other basic files to be signed, and then the signing of other files to be signed is completed.
It should be noted that there may be one or more other documents to be signed, and the specific number of the other documents to be signed may be set according to the actual situation, but does not affect the transmission of the integrated signature data.
105. And combining the target signed file with a plurality of other signed files to obtain a complete signed file.
The server finally combines the signed target signed file with a plurality of other signed files, so that a complete signed file signed by the signer can be obtained, and the file confirmation efficiency of the signer is greatly improved.
In the embodiment of the invention, the electronic signature uploaded by a signer at the target basic signature keyword position in the target basic document to be signed is obtained, the electronic signature is encrypted by using an asymmetric encryption algorithm to obtain the integrated signature data, and the verified integrated signature data is mapped to the positions of other basic signature keywords in other basic documents to be signed by using the preset mapping function, so that the signing of a plurality of basic documents to be signed is completed, the times of signing names by users are reduced, and the confirmation efficiency of confirming the basic documents to be signed by the users is improved.
Referring to fig. 2, another embodiment of the method for multiplexing electronic signatures according to the embodiment of the present invention includes:
201. acquiring a plurality of initial signature keywords and a plurality of corresponding initial signature keyword positions in a plurality of initial files to be signed, and hiding the initial signature keywords except the initial signature keyword positions by using a hiding function to obtain a plurality of basic files to be signed;
specifically, a server firstly obtains a plurality of initial signature keywords and corresponding positions of the plurality of initial signature keywords in a plurality of initial files to be signed; then the server inquires initial signature keywords except the positions of the initial signature keywords in a plurality of initial files to be signed to obtain a plurality of signature keywords to be hidden; and finally, the server adds preset hidden labels behind the positions of the keywords of the plurality of signatures to be hidden by using the hidden function to complete the hiding of the plurality of signatures to be hidden, so as to obtain a plurality of basic documents to be signed.
The server firstly needs to query the positions of initial signature keywords except the positions of the initial signature keywords in a plurality of initial files to be signed, and determines the initial signature keywords at the positions as signature keywords to be hidden, wherein the number of the signature keywords to be hidden can be zero or one or more, and the specific number is set according to the character content in the initial files to be signed. And then the server adds preset hidden labels behind the positions of the plurality of to-be-hidden signature keywords by using a hidden function, so that the initial signature keywords except the positions of the plurality of initial signature keywords can be hidden, and the plurality of initial to-be-signed files after hidden processing are determined to be a plurality of basic to-be-signed files.
It is emphasized that, in order to further ensure the privacy and security of the initial document to be signed, the initial document to be signed may also be stored in a node of a blockchain.
202. Acquiring an electronic signature uploaded by a signer at the position of a target basic signature keyword in a target basic document to be signed, and generating a corresponding signature picture based on the electronic signature to obtain a target signed document;
after the server signs the plurality of basic files to be signed, the server can wait for the user to sign names at the position of the initial signature keywords, any one of the plurality of basic files to be signed is used as a target basic file to be signed, a signer signs an electronic signature on the target basic file to be signed, and the server processes the electronic signature to finally generate a corresponding signature picture to obtain the target signed file.
203. Marking target basic signature keywords on the positions of other basic signature keywords on other basic documents to be signed through a mapping function;
specifically, the server firstly searches the positions of other basic signature keywords on other basic files to be signed; and then adding a mapping label on the positions of other basic signature keywords by the server, wherein the mapping label is the label name of the target basic signature keyword.
Before the server maps the signature picture on the target basic file to be signed to other basic files to be signed, corresponding mapping labels need to be added after the positions of other basic signature keywords on other basic files to be signed, and the addition position error of the signature picture is prevented.
It should be noted that the mapping tag here is a signature tag of the target basic signature key, and the signature tag of the target basic signature key may be: the server can map the signature picture after the target basic signature keyword to the positions of other basic signature keywords of other basic files to be signed through the mapping function and the mapping label.
204. Generating an encrypted data string of the signature picture by adopting an asymmetric encryption algorithm, and assembling the signature picture and the encrypted data string to obtain integrated signature data;
specifically, the server firstly decodes the signature picture by using a decoder and calculates the hash value of the decoded signature picture; then theThe server calculates the hash value of the signature picture by using a first preset formula and a second preset formula in the asymmetric encryption algorithm to generate an encrypted data string of the signature picture, wherein the first preset formula is as follows: r ═ gkmod p) mod q, the second preset formula is: s ═ k (k)-1(h (m) + xr)) mod q, where r denotes a first encrypted data string and p denotes a randomly generated first prime number, in the range of 21023<p<21024Q represents a first derived prime number, where (p-1) mod q ═ 0, and 2159<q<2160And g represents a second derivative prime number, wherein g ═ h(p-1)Q mod p, h denotes the second element generated randomly, and 1<h<(p-1),g>1, k denotes a temporary key, s denotes a second encrypted data string, h (m) denotes a hash value of a signature picture, x denotes a private key, specifically a random number or a pseudo-random number, and 0<x<q; and assembling the signature picture, the first encrypted data string and the second encrypted data string to obtain integrated signature data.
The signature of the signer has certain legal benefit, so the server needs to encrypt the signature picture, an asymmetric encryption algorithm is adopted, specifically, a DSA digital signature algorithm is used, an encrypted data string corresponding to the signature picture can be generated through the algorithm, and the server assembles and integrates the encrypted data string and the signature picture to obtain integrated signature data. Specifically, the following example illustrates the process of generating the encrypted data string of the signature picture by the asymmetric encryption algorithm:
it is known that: b, sending a message to A, wherein the DSA algorithm is used for carrying out digital signature encryption:
1. the following data are randomly generated by B respectively:
a first prime number p ═ 59, a first derived prime number q ═ 29, a second prime number h ═ 11, a private key x ═ 7, a temporary key k ═ 10, and a message digest h (m) ═ 26;
2. generating a second derivative prime number g:
g=h(p-1)÷q mod p=112mod 59=3;
3. calculating a public key y:
y=gxmod p=37mod 59=4;
4. performing calculation of the encrypted data string:
the first encrypted data string: r ═ gkmod p)mod q=(59049mod 59)mod 29=20,
Second encrypted data: s ═ k (k)-1(H(m)+xr))mod q=3×(26+140)mod 29=5;
5. And assembling the signature picture, the first encrypted data string and the second encrypted data string to obtain integrated signature data.
205. The method comprises the steps of transmitting integrated signature data to other basic files to be signed, verifying the transmitted integrated signature data, and mapping the verified integrated signature data to the positions of other basic signature keywords in the other basic files to be signed by using a preset mapping function to obtain a plurality of other signed files, wherein the other basic files to be signed are signed files except for a target basic file to be signed in the plurality of basic files to be signed, and the other basic signature keywords are signature keywords at corresponding positions in the other basic files to be signed;
specifically, the server firstly transmits the integrated signature data to other basic files to be signed, and proofreads and verifies the transmitted integrated signature data to obtain verified integrated signature data; then the server searches mapping labels preset at the positions of other basic signature keywords in other basic files to be signed, wherein the other basic signature keywords are signature keywords at corresponding positions in the other basic files to be signed; and finally, the server maps the verified integrated signature data to the position of the mapping label through a preset mapping function to complete the signing of other basic files to be signed to obtain a plurality of other signed files, wherein the other basic files to be signed are signed files in the plurality of basic files to be signed except the target basic file to be signed.
The steps of the server in verifying the transmitted integrated signature data are as follows: the integrated signature data is transmitted to other basic files to be signed, a first decrypted data string and a second decrypted data string of the transmitted integrated signature data are respectively calculated according to a first verification formula and a second verification formula,the first verification formula is: u. of1=[H(M)×((s')-1mod q)]mod q, the second verification formula: u. of2=[r'×((s')-1mod q)]mod q, where u1Denotes a first decrypted data string, h (m) denotes a hash value of a signature picture in the integrated signature data after transmission, s' denotes a second encrypted data string in the integrated signature data after transmission, q denotes a first derived prime number, where (p-1) mod q ═ 0, and 2159<q<2160And p represents a randomly generated first prime number in the range of 21023<p<21024,u2Representing the second decrypted data string, r' representing the first encrypted data string in the transmitted integrated signature data; calculating verification signature data of the transmitted integrated signature data according to a third preset formula, the first decrypted data string and the second decrypted data string, wherein the third preset formula is as follows:
Figure BDA0002781407470000131
wherein v denotes verification signature data and g denotes a second derivative prime number, where g ═ h(p-1)Q mod p, h denotes the second element generated randomly, and 1<h<(p-1),g>1, p denotes a randomly generated first prime number in the range of 21023<p<21024Q represents a first derived prime number, where (p-1) mod q ═ 0, and 2159<q<2160,u1Representing a first decrypted data string, u2Y denotes a second decrypted data string, y denotes a public key, and y is gxmod p, x denotes that the private key is specifically a random or pseudo-random number, and 0<x<q; and judging whether the verification signature data is the same as the first encrypted data string in the transmitted integrated signature data, and if the verification signature data is the same as the first encrypted data string, finishing the proofreading and verification of the transmitted integrated signature data to obtain the verified integrated signature data.
The server needs to transmit the integrated signature data to other basic files to be signed, so that the signing can be completed in the other basic files to be signed, but the server needs to verify the transmitted integrated signature data to ensure that the signature picture in the received integrated signature data is real and effective. Specifically, the following example is used to describe the verification process of the transmitted integrated signature data:
it is known that: b, sending a message to A, encrypting a digital signature by using a DSA algorithm to generate integrated signature data, and B sending the integrated signature data to A:
1. acquiring the following information from the integrated signature data received by A:
a first prime number p-59, a first derived prime number q-29, a second prime number h-11, a second derived prime number g-h(p-1)÷q mod p=112mod 59 ═ 3, private key x ═ 7, temporary key k ═ 10, first encrypted data string r '═ 20 in the integrated signature data after transmission, second encrypted data string s' ═ 1/6 in the integrated signature data after transmission, and message digest h (m) ═ 26;
2. calculating a public key:
y=gxmod p=37mod 59=4;
3. calculating a decrypted data string:
first decrypted data string: u. of1=[H(M)×((s')-1mod q)]mod q=[26×(6mod 29)]mod 29=11,
Second decrypted data string: u. of2=[r'×((s')-1mod q)]mod q=[20×(6mod 29)]mod 29=11;
4. Calculating verification signature data:
Figure BDA0002781407470000141
5. verify the relationship between v and r':
v ═ r ═ 20, verify succeed, A receives the message that B sends successfully;
in the present application, that is, the other basic document (a) to be signed successfully receives the integrated signature data (the authentic and valid signature picture) sent by the server (B), and the signature picture includes the corresponding text signed by the signer.
After verifying the received integrated signature data, the server inputs the verified integrated signature data into the corresponding mapping function, and the verified integrated signature data is mapped to the positions of other basic signature keywords in other basic files to be signed through the mapping function, so that the other basic files to be signed are signed, and other signed files are obtained.
206. And combining the target signed file with a plurality of other signed files to obtain a complete signed file.
The server finally combines the signed target signed file with a plurality of other signed files, so that a complete signed file signed by the signer can be obtained, and the file confirmation efficiency of the signer is greatly improved.
In the embodiment of the invention, the electronic signature uploaded by a signer at the target basic signature keyword position in the target basic document to be signed is obtained, the electronic signature is encrypted by using an asymmetric encryption algorithm to obtain the integrated signature data, and the verified integrated signature data is mapped to the positions of other basic signature keywords in other basic documents to be signed by using the preset mapping function, so that the signing of a plurality of basic documents to be signed is completed, the times of signing names by users are reduced, and the confirmation efficiency of confirming the basic documents to be signed by the users is improved.
With reference to fig. 3, the method for multiplexing electronic signatures according to the embodiment of the present invention is described above, and a multiplexing apparatus for electronic signatures according to the embodiment of the present invention is described below, where an embodiment of the multiplexing apparatus for electronic signatures according to the embodiment of the present invention includes:
the hiding module 301 is configured to obtain multiple initial signature keywords and corresponding multiple initial signature keyword positions in multiple initial files to be signed, and hide the initial signature keywords except for the initial signature keyword positions by using a hiding function to obtain multiple basic files to be signed;
the acquisition module 302 is configured to acquire an electronic signature uploaded by a signer at a position of a target basic signature keyword in a target basic document to be signed, and generate a corresponding signature picture based on the electronic signature to obtain a target signed document;
the encryption module 303 is configured to generate an encrypted data string of the signature picture by using an asymmetric encryption algorithm, and assemble the signature picture and the encrypted data string to obtain integrated signature data;
the verification module 304 is configured to transmit the integrated signature data to other basic documents to be signed, verify the transmitted integrated signature data, and map the verified integrated signature data to positions of other basic signature keywords in the other basic documents to be signed by using a preset mapping function to obtain a plurality of other signed documents, where the other basic documents to be signed are signed documents other than the target basic document to be signed in the plurality of basic documents to be signed, and the other basic signature keywords are signature keywords in corresponding positions in the other basic documents to be signed;
and the integrating module 305 is configured to combine the target signed document with a plurality of other signed documents to obtain a complete signed document.
In the embodiment of the invention, the electronic signature uploaded by a signer at the target basic signature keyword position in the target basic document to be signed is obtained, the electronic signature is encrypted by using an asymmetric encryption algorithm to obtain the integrated signature data, and the verified integrated signature data is mapped to the positions of other basic signature keywords in other basic documents to be signed by using the preset mapping function, so that the signing of a plurality of basic documents to be signed is completed, the times of signing names by users are reduced, and the confirmation efficiency of confirming the basic documents to be signed by the users is improved.
Referring to fig. 4, another embodiment of the multiplexing apparatus for electronic signatures according to the embodiment of the present invention includes:
the hiding module 301 is configured to obtain multiple initial signature keywords and corresponding multiple initial signature keyword positions in multiple initial files to be signed, and hide the initial signature keywords except for the initial signature keyword positions by using a hiding function to obtain multiple basic files to be signed;
the acquisition module 302 is configured to acquire an electronic signature uploaded by a signer at a position of a target basic signature keyword in a target basic document to be signed, and generate a corresponding signature picture based on the electronic signature to obtain a target signed document;
the encryption module 303 is configured to generate an encrypted data string of the signature picture by using an asymmetric encryption algorithm, and assemble the signature picture and the encrypted data string to obtain integrated signature data;
the verification module 304 is configured to transmit the integrated signature data to other basic documents to be signed, verify the transmitted integrated signature data, and map the verified integrated signature data to positions of other basic signature keywords in the other basic documents to be signed by using a preset mapping function to obtain a plurality of other signed documents, where the other basic documents to be signed are signed documents other than the target basic document to be signed in the plurality of basic documents to be signed, and the other basic signature keywords are signature keywords in corresponding positions in the other basic documents to be signed;
and the integrating module 305 is configured to combine the target signed document with a plurality of other signed documents to obtain a complete signed document.
Optionally, the hiding module 301 is specifically configured to:
acquiring a plurality of initial signature keywords and corresponding positions of the plurality of initial signature keywords in a plurality of initial files to be signed;
inquiring initial signature keywords except the positions of the initial signature keywords in a plurality of initial files to be signed to obtain a plurality of signature keywords to be hidden;
and adding preset hidden labels behind the positions of the keywords of the plurality of signatures to be hidden by using a hidden function to complete the hiding of the plurality of signatures to be hidden, thereby obtaining a plurality of basic documents to be signed.
Optionally, the encryption module 303 is specifically configured to:
decoding the signature picture by using a decoder, and calculating the hash value of the decoded signature picture;
calculating the hash value of the signature picture by using a first preset formula and a second preset formula in the asymmetric encryption algorithm to generate an encrypted data string of the signature picture, wherein the first preset formula is as follows: r ═ gkmod p) mod q, the second preset formula is: s ═ k (k)-1(H(m) + xr)) mod q, where r represents the first encrypted data string and p represents the first randomly generated prime number, ranging from 21023<p<21024Q represents a first derived prime number, where (p-1) mod q ═ 0, and 2159<q<2160And g represents a second derivative prime number, wherein g ═ h(p-1)Q mod p, h denotes the second element generated randomly, and 1<h<(p-1),g>1, k denotes a temporary key, s denotes a second encrypted data string, h (m) denotes a hash value of a signature picture, x denotes a private key, specifically a random number or a pseudo-random number, and 0<x<q;
And assembling the signature picture, the first encrypted data string and the second encrypted data string to obtain integrated signature data.
Optionally, the verification module 304 includes:
the verification unit 3041 is configured to transmit the integrated signature data to other basic documents to be signed, and perform verification and verification on the transmitted integrated signature data to obtain verified integrated signature data;
the query unit 3042 is configured to search for mapping tags preset in positions of other basic signature keywords in other basic files to be signed, where the other basic signature keywords are signature keywords in corresponding positions in the other basic files to be signed;
the mapping unit 3043 is configured to map the verified integrated signature data to a position of the mapping tag through a preset mapping function, so as to complete signing of other basic documents to be signed, and obtain a plurality of other signed documents, where the other basic documents to be signed are signed documents in the plurality of basic documents to be signed, except for the target basic document to be signed.
Optionally, the verification unit 3041 is specifically configured to:
the method comprises the steps of transmitting the integrated signature data to other basic files to be signed, and respectively calculating a first decrypted data string and a second decrypted data string of the transmitted integrated signature data according to a first verification formula and a second verification formula, wherein the first verification formula is as follows: u. of1=[H(M)×((s')-1mod q)]mod q, the second verification formula: u. of2=[r'×((s')-1mod q)]modq, wherein u1Denotes a first decrypted data string, h (m) denotes a hash value of a signature picture in the integrated signature data after transmission, s' denotes a second encrypted data string in the integrated signature data after transmission, q denotes a first derived prime number, where (p-1) mod q ═ 0, and 2159<q<2160And p represents a randomly generated first prime number in the range of 21023<p<21024,u2Representing the second decrypted data string, r' representing the first encrypted data string in the transmitted integrated signature data;
calculating verification signature data of the transmitted integrated signature data according to a third preset formula, the first decrypted data string and the second decrypted data string, wherein the third preset formula is as follows:
Figure BDA0002781407470000171
wherein v denotes verification signature data and g denotes a second derivative prime number, where g ═ h(p-1)Q mod p, h denotes the second element generated randomly, and 1<h<(p-1),g>1, p denotes a randomly generated first prime number in the range of 21023<p<21024Q represents a first derived prime number, where (p-1) mod q ═ 0, and 2159<q<2160,u1Representing a first decrypted data string, u2Y denotes a second decrypted data string, y denotes a public key, and y is gxmod p, x denotes that the private key is specifically a random or pseudo-random number, and 0<x<q;
And judging whether the verification signature data is the same as the first encrypted data string in the transmitted integrated signature data, and if the verification signature data is the same as the first encrypted data string, finishing the proofreading and verification of the transmitted integrated signature data to obtain the verified integrated signature data.
Optionally, the multiplexing apparatus for electronic signatures further includes:
and the marking module 306 is configured to mark the target basic signature keyword on the position of the other basic signature keywords through the mapping function on the other basic documents to be signed.
Optionally, the marking module 306 is specifically configured to:
searching the positions of other basic signature keywords on other basic files to be signed;
and adding mapping labels at the positions of other basic signature keywords, wherein the mapping labels are label names of the target basic signature keywords.
In the embodiment of the invention, the electronic signature uploaded by a signer at the target basic signature keyword position in the target basic document to be signed is obtained, the electronic signature is encrypted by using an asymmetric encryption algorithm to obtain the integrated signature data, and the verified integrated signature data is mapped to the positions of other basic signature keywords in other basic documents to be signed by using the preset mapping function, so that the signing of a plurality of basic documents to be signed is completed, the times of signing names by users are reduced, and the confirmation efficiency of confirming the basic documents to be signed by the users is improved.
Fig. 3 and fig. 4 describe the multiplexing apparatus for electronic signatures in the embodiment of the present invention in detail from the perspective of the modular functional entity, and the multiplexing apparatus for electronic signatures in the embodiment of the present invention is described in detail from the perspective of hardware processing.
Fig. 5 is a schematic structural diagram of an electronic signature multiplexing apparatus 500 according to an embodiment of the present invention, which may have a relatively large difference due to different configurations or performances, and may include one or more processors (CPUs) 510 (e.g., one or more processors) and a memory 520, and one or more storage media 530 (e.g., one or more mass storage devices) for storing applications 533 or data 532. Memory 520 and storage media 530 may be, among other things, transient or persistent storage. The program stored on the storage medium 530 may include one or more modules (not shown), each of which may include a series of instruction operations in the multiplexing device 500 for electronic signatures. Further, the processor 510 may be configured to communicate with the storage medium 530, and execute a series of instruction operations in the storage medium 530 on the electronic signature multiplexing device 500.
The electronically signed multiplexing device 500 may also include one or more power supplies 540, one or more wired or wireless network interfaces 550, one or more input-output interfaces 560, and/or one or more operating systems 531, such as Windows service, Mac OS X, Unix, Linux, FreeBSD, and the like. Those skilled in the art will appreciate that the electronic signature multiplexing device configuration shown in fig. 5 does not constitute a limitation of the electronic signature multiplexing device, and may include more or fewer components than those shown, or some components in combination, or a different arrangement of components.
The present invention also provides an electronic signature multiplexing device, where the computer device includes a memory and a processor, where the memory stores computer readable instructions, and the computer readable instructions, when executed by the processor, cause the processor to execute the steps of the electronic signature multiplexing method in the foregoing embodiments.
The present invention also provides a computer-readable storage medium, which may be a non-volatile computer-readable storage medium, and which may also be a volatile computer-readable storage medium, having stored therein instructions, which, when run on a computer, cause the computer to perform the steps of the method for multiplexing electronic signatures.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
The block chain is a novel application mode of computer technologies such as distributed data storage, point-to-point transmission, a consensus mechanism, an encryption algorithm and the like. A block chain (Blockchain), which is essentially a decentralized database, is a series of data blocks associated by using a cryptographic method, and each data block contains information of a batch of network transactions, so as to verify the validity (anti-counterfeiting) of the information and generate a next block. The blockchain may include a blockchain underlying platform, a platform product service layer, an application service layer, and the like.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk, or an optical disk.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present invention, and not for limiting the same; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims (10)

1. A multiplexing method of electronic signatures is characterized by comprising the following steps:
acquiring a plurality of initial signature keywords and a plurality of corresponding initial signature keyword positions in a plurality of initial files to be signed, and hiding the initial signature keywords except the initial signature keyword positions by using a hiding function to obtain a plurality of basic files to be signed;
acquiring an electronic signature uploaded by a signer at the position of a target basic signature keyword in a target basic document to be signed, and generating a corresponding signature picture based on the electronic signature to obtain a target signed document;
generating an encrypted data string of the signature picture by adopting an asymmetric encryption algorithm, and assembling the signature picture and the encrypted data string to obtain integrated signature data;
transmitting the integrated signature data to other basic files to be signed, verifying the transmitted integrated signature data, and mapping the verified integrated signature data to positions of other basic signature keywords in the other basic files to be signed by using a preset mapping function to obtain a plurality of other signed files, wherein the other basic files to be signed are signed files except for the target basic file to be signed in the plurality of basic files to be signed, and the other basic signature keywords are signature keywords at corresponding positions in the other basic files to be signed;
and combining the target signing file with the other signing files to obtain a complete signing file.
2. The method for multiplexing electronic signatures according to claim 1, wherein the obtaining of the plurality of initial signature keywords and the corresponding plurality of initial signature keyword positions in the plurality of initial files to be signed and the hiding of the initial signature keywords except for the initial signature keyword positions by using a hiding function to obtain the plurality of basic files to be signed comprises:
acquiring a plurality of initial signature keywords and corresponding positions of the plurality of initial signature keywords in a plurality of initial files to be signed;
inquiring initial signature keywords except the positions of the initial signature keywords in the plurality of initial files to be signed to obtain a plurality of signature keywords to be hidden;
and adding preset hidden labels behind the positions of the plurality of keywords of the signatures to be hidden by using a hidden function to complete the hiding of the plurality of signatures to be hidden, thereby obtaining a plurality of basic documents to be signed.
3. The method for multiplexing electronic signatures according to claim 1, wherein the generating an encrypted data string of the signature picture by using an asymmetric encryption algorithm, and assembling the signature picture and the encrypted data string to obtain integrated signature data comprises:
decoding the signature picture by using a decoder, and calculating the hash value of the decoded signature picture;
calculating the hash value of the signature picture by using a first preset formula and a second preset formula in an asymmetric encryption algorithm to generate an encrypted data string of the signature picture, wherein the first preset formula is as follows: r ═ gkmodp) modq, the second preset formula being: s ═ k (k)-1(h (m) + xr)) modq, where r represents the first encrypted data string and p represents a randomly generated first prime number in the range of 21023<p<21024Q represents a first derived prime number, wherein (p-1) modq ═ 0, and 2159<q<2160And g represents a second derivative prime number, wherein g ═ h(p-1)Qmomp, h represents the second element number generated randomly, and 1<h<(p-1),g>1, k denotes a temporary key, s denotes a second encrypted data string, h (m) denotes a hash value of a signature picture, x denotes a private key, specifically a random number or a pseudo-random number, and 0<x<q;
And assembling the signature picture, the first encrypted data string and the second encrypted data string to obtain integrated signature data.
4. The method for multiplexing electronic signatures according to claim 1, wherein the transmitting the integrated signature data to other basic documents to be signed, verifying the transmitted integrated signature data, and mapping the verified integrated signature data to positions of other basic signature keywords in the other basic documents to be signed by using a preset mapping function to obtain a plurality of other signed documents, where the other basic documents to be signed are signed documents other than the target basic document to be signed in the plurality of basic documents to be signed, and the other basic signature keywords are signature keywords at corresponding positions in the other basic documents to be signed include:
transmitting the integrated signature data to other basic files to be signed, and verifying the transmitted integrated signature data to obtain verified integrated signature data;
searching mapping labels preset at positions of other basic signature keywords in the other basic files to be signed, wherein the other basic signature keywords are signature keywords at corresponding positions in the other basic files to be signed;
and mapping the verified integrated signature data to the position of the mapping label through a preset mapping function to complete the signing of the other basic files to be signed so as to obtain a plurality of other signed files, wherein the other basic files to be signed are signed files in the plurality of basic files to be signed except the target basic file to be signed.
5. The method for multiplexing electronic signatures according to claim 3, wherein the transmitting the integrated signature data to other basic documents to be signed and verifying the transmitted integrated signature data to obtain verified integrated signature data comprises:
transmitting the integrated signature data to other basic files to be signed, and respectively calculating a first decrypted data string and a second decrypted data string of the transmitted integrated signature data according to a first verification formula and a second verification formula, wherein the first verification formula is as follows: u. of1=[H(M)×((s')-1modq)]modq, the second verification equation is: u. of2=[r'×((s')-1modq)]modq, where u1Denotes a first decrypted data string, h (m) denotes a hash value of a signature picture in the integrated signature data after transmission, s' denotes a second encrypted data string in the integrated signature data after transmission, q denotes a first derived prime number, where (p-1) modq ═ 0, and 2159<q<2160And p represents a randomly generated first prime number in the range of 21023<p<21024,u2Representing the second decrypted data string, r' representing the first encrypted data string in the transmitted integrated signature data;
according to a third preset formula,The first decrypted data string and the second decrypted data string calculate verification signature data of the transmitted integrated signature data, and the third preset formula is as follows:
Figure FDA0002781407460000031
wherein v denotes verification signature data and g denotes a second derivative prime number, where g ═ h(p-1)Qmomp, h represents the second element number generated randomly, and 1<h<(p-1),g>1, p denotes a randomly generated first prime number in the range of 21023<p<21024Q represents a first derived prime number, wherein (p-1) modq ═ 0, and 2159<q<2160,u1Representing a first decrypted data string, u2Y denotes a second decrypted data string, y denotes a public key, and y is gxmodp, x denotes that the private key is specifically a random or pseudo-random number, and 0<x<q;
And judging whether the verification signature data is the same as the first encrypted data string in the transmitted integrated signature data, and if the verification signature data is the same as the first encrypted data string, finishing the proofreading and verification of the transmitted integrated signature data to obtain the verified integrated signature data.
6. The method for multiplexing electronic signatures according to any one of claims 1 to 5, wherein after the electronic signature uploaded by a signer is obtained at the position of the target basic signature keyword in the target basic document to be signed, and a corresponding signature picture is generated based on the electronic signature, so as to obtain a target signed document, before the encrypted data string of the signature picture is generated by using an asymmetric encryption algorithm, and the signature picture and the encrypted data string are assembled, so as to obtain the integrated signature data, the method for multiplexing electronic signatures further comprises:
and marking the target basic signature keyword on the position of the other basic signature keywords through a mapping function on the other basic documents to be signed.
7. The method for multiplexing electronic signatures according to claim 6, wherein the marking the target basic signature keyword at the position of the other basic signature keyword by the mapping function on the other basic document to be signed comprises:
searching the positions of the other basic signature keywords on the other basic documents to be signed;
and adding a mapping label at the position of the other basic signature keywords, wherein the mapping label is the label name of the target basic signature keyword.
8. An apparatus for multiplexing electronic signatures, comprising:
the hidden module is used for acquiring a plurality of initial signature keywords and a plurality of corresponding initial signature keyword positions in a plurality of initial files to be signed, and hiding the initial signature keywords except the initial signature keyword positions by using a hidden function to obtain a plurality of basic files to be signed;
the acquisition module is used for acquiring the electronic signature uploaded by the signer at the position of the target basic signature keyword in the target basic document to be signed, and generating a corresponding signature picture based on the electronic signature to obtain the target signed document;
the encryption module is used for generating an encrypted data string of the signature picture by adopting an asymmetric encryption algorithm and assembling the signature picture and the encrypted data string to obtain integrated signature data;
the verification module is used for transmitting the integrated signature data to other basic files to be signed, verifying the transmitted integrated signature data, and mapping the verified integrated signature data to the positions of other basic signature keywords in the other basic files to be signed by using a preset mapping function to obtain a plurality of other signed files, wherein the other basic files to be signed are signed files in the plurality of basic files to be signed except for the target basic file to be signed, and the other basic signature keywords are signature keywords at corresponding positions in the other basic files to be signed;
and the integration module is used for combining the target signing file with the other signing files to obtain a complete signing file.
9. An electronic signature multiplexing device, characterized in that the electronic signature multiplexing device comprises: a memory and at least one processor, the memory having instructions stored therein;
the at least one processor invokes the instructions in the memory to cause the electronic signature multiplexing device to perform the electronic signature multiplexing method of any one of claims 1-7.
10. A computer-readable storage medium having instructions stored thereon, wherein the instructions, when executed by a processor, implement a method for multiplexing an electronic signature according to any one of claims 1 to 7.
CN202011282971.1A 2020-11-17 2020-11-17 Multiplexing method, device and equipment of electronic signature and storage medium Pending CN112395590A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011282971.1A CN112395590A (en) 2020-11-17 2020-11-17 Multiplexing method, device and equipment of electronic signature and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011282971.1A CN112395590A (en) 2020-11-17 2020-11-17 Multiplexing method, device and equipment of electronic signature and storage medium

Publications (1)

Publication Number Publication Date
CN112395590A true CN112395590A (en) 2021-02-23

Family

ID=74599974

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011282971.1A Pending CN112395590A (en) 2020-11-17 2020-11-17 Multiplexing method, device and equipment of electronic signature and storage medium

Country Status (1)

Country Link
CN (1) CN112395590A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114399395A (en) * 2022-01-18 2022-04-26 中国平安人寿保险股份有限公司 Policy batch generation method, device, equipment and storage medium for same applicant
CN114491462A (en) * 2022-02-10 2022-05-13 重庆傲雄在线信息技术有限公司 Method, system, equipment and storage medium for signing multiple electronic documents once

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101395599A (en) * 2006-03-02 2009-03-25 微软公司 Generation of electronic signatures
CN106301782A (en) * 2016-07-26 2017-01-04 杭州文签网络技术有限公司 A kind of signature method and system of electronic contract
CN108229188A (en) * 2017-12-29 2018-06-29 齐宇庆 It is a kind of to be signed documents with tagged keys and verification method
CN109756485A (en) * 2018-12-14 2019-05-14 平安科技(深圳)有限公司 Electronic contract signs method, apparatus, computer equipment and storage medium
CN110245220A (en) * 2019-05-05 2019-09-17 深圳法大大网络科技有限公司 Electronic document signs method, apparatus and server, storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101395599A (en) * 2006-03-02 2009-03-25 微软公司 Generation of electronic signatures
CN106301782A (en) * 2016-07-26 2017-01-04 杭州文签网络技术有限公司 A kind of signature method and system of electronic contract
CN108229188A (en) * 2017-12-29 2018-06-29 齐宇庆 It is a kind of to be signed documents with tagged keys and verification method
CN109756485A (en) * 2018-12-14 2019-05-14 平安科技(深圳)有限公司 Electronic contract signs method, apparatus, computer equipment and storage medium
CN110245220A (en) * 2019-05-05 2019-09-17 深圳法大大网络科技有限公司 Electronic document signs method, apparatus and server, storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114399395A (en) * 2022-01-18 2022-04-26 中国平安人寿保险股份有限公司 Policy batch generation method, device, equipment and storage medium for same applicant
CN114491462A (en) * 2022-02-10 2022-05-13 重庆傲雄在线信息技术有限公司 Method, system, equipment and storage medium for signing multiple electronic documents once

Similar Documents

Publication Publication Date Title
US10944575B2 (en) Implicitly certified digital signatures
CA3060101C (en) Anti-replay attack authentication protocol
EP3681093B1 (en) Secure implicit certificate chaining
Feng et al. An efficient privacy-preserving authentication model based on blockchain for VANETs
Yasin et al. Cryptography based e-commerce security: a review
EP0786178A1 (en) Secret-key certificates
CN112395590A (en) Multiplexing method, device and equipment of electronic signature and storage medium
CN106487786A (en) A kind of cloud data integrity verification method based on biological characteristic and system
WO2014030706A1 (en) Encrypted database system, client device and server, method and program for adding encrypted data
Wu et al. Secure public data auditing scheme for cloud storage in smart city
CN113849797B (en) Method, device, equipment and storage medium for repairing data security hole
CN116566626A (en) Ring signature method and apparatus
CN111552950B (en) Software authorization method and device and computer readable storage medium
CN113342802A (en) Method and device for storing block chain data
CN111314059A (en) Processing method, device and equipment of account authority proxy and readable storage medium
Wang et al. Perfect ambiguous optimistic fair exchange
CN111539031B (en) Data integrity detection method and system for privacy protection of cloud storage tag
GB2395304A (en) A digital locking system for physical and digital items using a location based indication for unlocking
CN115150184B (en) Method and system for applying metadata in fabric block chain certificate
JP2001203687A (en) Data transmission method
Zhang et al. Revocable certificateless Provable Data Possession with identity privacy in cloud storage
KR20240136803A (en) The Method to derive one-time key hiding server&#39;s static public key
CN117544312A (en) Cross-domain digital signature method based on attribute encryption and related equipment thereof
Lau Proxy signature schemes
JP2008245022A (en) History managing device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
AD01 Patent right deemed abandoned

Effective date of abandoning: 20240628

AD01 Patent right deemed abandoned