CN112446677A

CN112446677A - Electronic signature method, device, equipment and storage medium

Info

Publication number: CN112446677A
Application number: CN201910839236.7A
Authority: CN
Inventors: 谈超
Original assignee: China Mobile Communications Group Co Ltd; China Mobile Suzhou Software Technology Co Ltd
Current assignee: China Mobile Communications Group Co Ltd; China Mobile Suzhou Software Technology Co Ltd
Priority date: 2019-09-05
Filing date: 2019-09-05
Publication date: 2021-03-05
Anticipated expiration: 2039-09-05
Also published as: CN112446677B

Abstract

The embodiment of the application discloses an electronic signature method, an electronic signature device, electronic signature equipment and a storage medium, wherein the method comprises the following steps: the server receives a signature request sent by a first client and analyzes the signature request to acquire attribute information of a file to be signed; acquiring the current working state of the device; the working state is used for indicating whether the current file to be signed comprises the file which is not finished with signature processing; determining a called target interface according to the attribute information of the file to be signed and the working state; and responding to the signature request by calling the target interface so as to perform signature processing on the file to be signed. Therefore, different target interfaces can be called to perform signature processing aiming at different signature scenes, and efficient signature processing is achieved.

Description

Electronic signature method, device, equipment and storage medium

Technical Field

The embodiment of the application relates to the field of computers, in particular to but not limited to an electronic signature method, device, equipment and storage medium.

Background

The seal is an honest certificate and legal basis for an organization or an individual to carry out social and economic activities; is evidence of exercising legal rights, assuming legal liability, and fulfilling legal obligations; is an important tool for confirming and showing the legal and effective operation management activities and is also an important means for implementing management in the interior. The traditional seal mainly depends on manual on-site seal stamping, the cost of file transmission of the seal is high, the transmission efficiency is low, and the safety of file transmission cannot be guaranteed.

At present, an electronic signature method is usually adopted to reduce the transmission cost of the seal document and improve the transmission efficiency of the seal document. However, the electronic signature method in the related art generally performs signature processing on a file to be signed, and when multiple persons need to sign the file or a signature request for multiple files is received, no specific implementation scheme is provided in the related art.

Disclosure of Invention

In view of the above, embodiments of the present application provide an electronic signature method, apparatus, device and storage medium.

The technical scheme of the embodiment of the application is realized as follows:

the embodiment of the application provides an electronic signature method, which comprises the following steps:

the server receives a signature request sent by a first client and analyzes the signature request to acquire attribute information of a file to be signed;

acquiring the current working state of the device; the working state is used for indicating whether the current file to be signed comprises the file which is not finished with signature processing;

determining a called target interface according to the attribute information of the file to be signed and the working state;

and responding to the signature request by calling the target interface so as to perform signature processing on the file to be signed.

The embodiment of the application provides an electronic signature device, the device includes:

the first receiving unit is used for receiving a signature request sent by a first client;

the analysis unit is used for analyzing the signature request to acquire the attribute information of the file to be signed;

the first acquisition unit is used for acquiring the current working state; the working state is used for indicating whether the current file to be signed comprises the file which is not finished with signature processing;

the determining unit is used for determining a called target interface according to the attribute information of the file to be signed and the working state;

and the processing unit is used for responding to the signature request by calling the target interface so as to carry out signature processing on the file to be signed.

The embodiment of the application provides an electronic signature equipment, equipment includes at least: a processor and a storage medium configured to store executable instructions, wherein: the processor is configured to execute stored executable instructions;

the executable instructions are configured to perform the electronic signature method described above.

The embodiment of the application provides a storage medium, wherein computer-executable instructions are stored in the storage medium and configured to execute the electronic signature method.

According to the electronic signature method, the electronic signature device, the electronic signature equipment and the electronic signature storage medium, the called target interface is determined according to the attribute information of the file to be signed and the working state; and responding to the signature request by calling the target interface so as to perform signature processing on the file to be signed. Therefore, the target interface which is consistent with the current situation can be determined according to the current working state and the attribute information of the file to be signed, the signature request is responded through the target interface, different target interfaces can be called to carry out signature processing aiming at different signature scenes, and efficient signature processing is realized.

Drawings

In the drawings, which are not necessarily drawn to scale, like reference numerals may describe similar components in different views. Like reference numerals having different letter suffixes may represent different examples of similar components. The drawings illustrate generally, by way of example, but not by way of limitation, various embodiments discussed herein.

Fig. 1 is a schematic flow chart illustrating an implementation of an electronic signature method according to an embodiment of the present application;

fig. 2 is a schematic flow chart illustrating an implementation of an electronic signature method according to an embodiment of the present application;

fig. 3 is a schematic flow chart illustrating an implementation of an electronic signature method according to an embodiment of the present application;

fig. 4 is a schematic flow chart illustrating an implementation of an electronic signature method according to an embodiment of the present application;

fig. 5 is a schematic flow chart illustrating an implementation of an electronic signature method according to an embodiment of the present application;

FIG. 6 is a schematic flow chart illustrating an implementation of an electronic signature method based on a synchronous interface according to an embodiment of the present application;

FIG. 7 is a schematic flow chart illustrating an implementation of an electronic signature method based on an asynchronous interface according to an embodiment of the present application;

fig. 8 is a schematic view of an application scenario of an electronic signature method according to an embodiment of the present application;

FIG. 9 is a schematic flow chart illustrating an implementation of an electronic signature method according to an embodiment of the present application;

FIG. 10 is a schematic diagram illustrating an exemplary configuration of an electronic signature device according to an embodiment of the present disclosure;

fig. 11 is a schematic structural diagram of an electronic signature apparatus according to an embodiment of the present application.

Detailed Description

In order to make the objects, technical solutions and advantages of the embodiments of the present application clearer, specific technical solutions of the present application will be described in further detail below with reference to the accompanying drawings in the embodiments of the present application. The following examples are intended to illustrate the present application but are not intended to limit the scope of the present application.

In the following description, suffixes such as "module", "component", or "unit" used to denote elements are used only for the convenience of description of the present application, and have no specific meaning by themselves. Thus, "module", "component" or "unit" may be used mixedly.

In order to better understand the electronic signature method provided in the embodiments of the present application, first, a signature method and existing disadvantages in the related art will be described.

At present, when a document is signed, a traditional signature mode or an electronic signature mode can be adopted. The traditional signature mode is to seal the file manually by using a physical seal.

The conventional signature method has the following disadvantages:

storage problem: because the traditional signature mode adopts the traditional physical seal, the storage is required to be carried out in a specific place. The seal is easy to lose in the storage process, and if the physical seal is lost, the subsequent processing work is more complicated.

Management problems: although the traditional physical seal has a strict management system, the traditional physical seal is greatly influenced by human factors, so that a plurality of loopholes exist in the execution.

The work efficiency is low: the traditional physical seal needs the authorization of a legal person or the contract of the legal person in person, which is time-consuming and labor-consuming, and the travelling charge generated by the contract is far higher than the use charge of the electronic seal.

The use cost is high: the traditional physical seal cannot remove the seal once covered, unless the document is destroyed, which obviously invisibly increases the use cost.

Logout deactivation operation inconvenience: for the traditional physical seal which is cancelled and stopped, the conventional physical seal loses the prior effect due to the fact that the country does not issue the normative document about the management aspect of the invalid seal at present, but the invalid seal still can cause more serious effects if the invalid seal is not disposed.

Due to the above problems of the conventional signature mode, and with the continuous improvement of the requirements on the security and authenticity of the document in office automation, especially the requirements on handwritten signatures and electronic seals are more strict, and the document with versions of Word/Excel/Html/PDF and the like is required to be signed or sealed, so that the functions of multi-person signing, signature verification, authentication, repudiation prevention and the like need to be realized. Therefore, the traditional signature mode can not meet the requirement of office automation, and the electronic seal is effectively developed.

At present, an electronic signature method is usually adopted to perform signature processing on a file to be signed so as to solve at least one problem existing in the traditional physical seal signature processing. The electronic signature method can reduce the transmission cost of the seal document and improve the transmission efficiency of the seal document. However, the electronic signature method in the related art generally performs signature processing on a file to be signed, and when multiple persons need to sign the file or when signature requests for multiple files are received, no specific implementation scheme is provided in the related art.

Based on the above problems in the related art, embodiments of the present application provide an electronic signature method, which can implement an efficient signature processing procedure for different signature processing scenarios.

Fig. 1 is a schematic flow chart illustrating an implementation process of an electronic signature method provided in an embodiment of the present application, where the electronic signature method provided in the embodiment of the present application is applied to an electronic signature system, the electronic signature system at least includes a server and a first client, and in some embodiments, the system may further include the server, the first client, and at least one second client, as shown in fig. 1, where the method includes the following steps:

step S101, a server receives a signature request sent by a first client and analyzes the signature request to acquire attribute information of a file to be signed.

The signature request comprises at least one file to be signed, the server is a server in the electronic signature system, and when the server receives the signature request, the server analyzes the signature request to acquire attribute information of the file to be signed. The attribute information at least comprises the type of the files to be signed and the number of the files to be signed.

In this embodiment of the application, the type of the file to be signed may be any one of a certification class file, a situation description class file, or a report class file that only needs an organization or a company corresponding to the first client to perform signature confirmation, or the file to be signed may also be a contract class file that needs both an organization or a company corresponding to the first client and at least one second client to perform signature confirmation on the file.

And step S102, acquiring the current working state of the user.

Here, the working state is used to indicate whether a to-be-signed file which does not complete the signature processing is currently included, that is, the working state is used to indicate whether a signature request which has been received by the server is currently included, but the signature processing has not been performed on the to-be-signed file corresponding to the signature request, or the signature processing is being performed on the to-be-signed file but the signature processing is not completed.

And step S103, determining a called target interface according to the attribute information of the file to be signed and the working state.

Here, the target interface includes at least a synchronous interface and an asynchronous interface. When the synchronous interface is called, synchronous signature processing can be realized; when the asynchronous interface is called, asynchronous signature processing can be realized.

In the embodiment of the application, determining the called target interface according to the attribute information of the file to be signed and the working state may include the following scheme: when the attribute information and the working state meet a first preset condition, determining to call a synchronous interface; and when the attribute information and the working state meet a second preset condition, determining to call an asynchronous interface.

And step S104, responding to the signature request by calling the target interface so as to perform signature processing on the file to be signed.

And responding to the signature request by calling the determined target interface, and performing synchronous signature processing or asynchronous signature processing on one or more files to be signed corresponding to the signature request to obtain the final signature file after the signature processing is finished.

The scheme of the embodiment of the application can correspond to the following scenes: the employee a of a company needs to sign at least one document (document to be signed) with the company's official seal, and then the employee a can log in the electronic signature system to request the document to be signed, so as to obtain the signature document signed with the company's official seal. Note that, in this electronic signature system, signature information of the company is already retained in advance. Then, after receiving the signature request of the employee a, the server of the electronic signature system may analyze the signature request by using the electronic signature method provided in the embodiment of the present application, so as to obtain the attribute information of the file to be signed; then determining a called target interface according to the attribute information and the working state of the file to be signed; and responding to the signature request by calling the target interface so as to perform signature processing on the file to be signed.

According to the electronic signature method provided by the embodiment of the application, the called target interface is determined according to the attribute information of the file to be signed and the working state; and responding to the signature request by calling the target interface so as to perform signature processing on the file to be signed. Therefore, the target interface which is consistent with the current situation can be determined according to the current working state and the attribute information of the file to be signed, the signature request is responded through the target interface, different target interfaces can be called to carry out signature processing aiming at different signature scenes, and efficient signature processing is realized.

Fig. 2 is a schematic flow chart illustrating an implementation process of an electronic signature method according to an embodiment of the present application, where as shown in fig. 2, the method includes the following steps:

step S201, a server receives a signature request sent by a first client and analyzes the signature request to acquire attribute information of a file to be signed.

Step S202, acquiring the current working state of the user.

The working state is used for indicating whether the file to be signed which does not finish the signature processing currently exists.

Step S203, determining the number of the files to be signed according to the attribute information of the files to be signed.

Here, since the attribute information at least includes the type of the file to be signed and the number of the files to be signed, in the embodiment of the present application, the number of the files to be signed can be determined by analyzing the attribute information obtained by the signature request. Wherein, the number of the files to be signed is at least one.

It should be noted that, when there is one file to be signed, the file to be signed may be any type of file; when the number of the files to be signed is multiple, the types of the multiple files to be signed can be the same or different.

Each file to be signed corresponds to a determined identifier, and the corresponding file to be signed can be inquired or determined through the identifier.

Step S204, when the number of the files to be signed is at least two, or when the working state indicates that the files to be signed currently include the files to be signed which are not finished with signature processing, determining that the called target interface is an asynchronous interface.

Here, when the number of the files to be signed is at least two, or when the operating state indicates that the files to be signed currently include files to be signed for which the signature processing is not completed, it indicates that a plurality of files to be signed need to be signed at the current time, and therefore, in order to improve the efficiency of the signature processing, the signature processing can be performed by calling an asynchronous interface.

And step S205, when the number of the files to be signed is at least two, simultaneously or sequentially signing the at least two files to be signed by calling the asynchronous interface.

Here, when the asynchronous interface is called to respond to the signature request, the signature processing time of each file to be signed is irrelevant to the signature processing time of other files to be signed, that is, when there are a plurality of files to be signed, it is not necessary to wait for the completion of the signature processing of the file to be signed currently being signed, and then perform the signature processing on the other files to be signed.

In the embodiment of the application, when the at least two files to be signed are simultaneously signed, the starting time of the signing processing of each file to be signed is the same, so that the total time of the signing processing can be greatly shortened for the files needing batch signing processing, and the signing processing efficiency is improved.

When the at least two files to be signed are subjected to signature processing in sequence, the end time of the signature processing of each file to be signed is irrelevant to the start time of the signature processing of other files to be signed.

The sequential signature processing is explained by way of example: the method includes the steps that signature processing needs to be conducted on a plurality of files to be signed, if the starting time of the signature processing of the Kth file to be signed is t0, the starting time of the signature processing of the Kth +1 file to be signed is t1, the starting time of the signature processing of the Kth +2 file to be signed is t2, the starting time of the signature processing of the Kth +3 file to be signed is t3, signature processing does not start on other files to be signed between t0 and t1, signature processing does not start on other files to be signed between t1 and t2, and signature processing does not start on other files to be signed between t2 and t 3. the time interval between T0 and T1 is T1, the time interval between T1 and T2 is T2, and the time interval between T2 and T3 is T3. Then, the sequential signature processing in the embodiment of the present application includes the following three cases:

the first condition is as follows: t1, T2 and T3 are all equal. That is, the time interval between t0 and t1, the time interval between t1 and t2, and the time interval between t2 and t3 are all equal.

Case two: t1, T2 and T3 are all unequal. That is, the time interval between t0 and t1, the time interval between t1 and t2, and the time interval between t2 and t3 are all unequal.

Case three: t1 is equal to T2, but T1 is not equal to T3, and T2 is not equal to T3. That is, the time interval between the start times of the signature processes of every two files to be signed has no relation with the start times of the signature processes of any other files to be signed.

And step S206, when the working state indicates that the file to be signed currently comprises the file to be signed which does not finish the signature processing, the asynchronous interface is called to carry out the signature processing on the file to be signed.

In the embodiment of the application, when the working state indicates that the current to-be-signed files including the files to be signed which do not complete signature processing are in the current, the working state indicates that the files to be signed which need signature processing at the current moment are multiple, and the files to be signed which do not complete signature processing already start signature processing, so that the files to be signed corresponding to the signature request are signed while the files which already start signature processing are signed, and thus, the total time of signature processing can be greatly shortened and the signature processing efficiency is improved.

According to the electronic signature method provided by the embodiment of the application, when the number of the files to be signed is at least two, or when the working state indicates that the files to be signed currently comprise the files to be signed which are not finished in signature processing, signature processing is carried out on the at least two files to be signed by calling the asynchronous interface. Therefore, the files needing to be subjected to batch signature processing can be subjected to signature processing simultaneously, or the signature processing can be started without waiting for the completion of the signature processing of other files to be subjected to signature processing, so that the total time of the signature processing can be greatly shortened, and the signature processing efficiency is improved.

Fig. 3 is a schematic flow chart illustrating an implementation process of an electronic signature method according to an embodiment of the present application, where as shown in fig. 3, the method includes the following steps:

step S301, a server receives a signature request sent by a first client and analyzes the signature request to acquire attribute information of a file to be signed.

Step S302, acquiring the current working state of the user.

Step S303, determining the number of the files to be signed according to the attribute information of the files to be signed.

Here, the number of the files to be signed is at least one.

Step S304, when the number of the files to be signed is one and the working state indicates that the files to be signed which do not complete signature processing currently do not exist, determining the called target interface as a synchronous interface.

Here, when the number of the files to be signed is one and the operating state indicates that the files to be signed which do not complete the signature processing are not included currently, only one file to be signed which indicates that the signature processing is required at the current time is included, and therefore, the signature processing can be directly started for the files to be signed.

Step S305, responding to the signature request by calling the synchronous interface so as to perform signature processing on the file to be signed.

In the embodiment of the application, the signature request is responded by calling the synchronous interface, the signature processing of the files to be signed can be directly started, the signature processing of the files to be signed is synchronously carried out while the signature request is received, and the signature processing time of each file to be signed is not required to be determined.

In other embodiments, the method further comprises:

step S310, receiving the query request sent by the first client.

Here, the query request is used for querying the progress of the signature processing of the file to be signed, and the query request includes at least one identifier of the file to be signed.

Step S311, based on the mark of the file to be signed, obtaining the signing progress corresponding to the file to be signed.

Here, the signing progress includes a to-be-signed state and a signed state. When the query request includes the identifiers of the multiple files to be signed, the signing schedules of the files to be signed corresponding to the identifiers of the multiple files to be signed may be the same or different.

Step S312, returning the signing progress to the first client.

And after the signature progress of the file to be signed is obtained, returning the signature progress to the first client. In the implementation process, a reminding message can be sent to the first client in a message reminding mode, and the reminding message comprises the signature progress.

According to the electronic signature method provided by the embodiment of the application, when the number of the files to be signed is one and the working state indicates that the files to be signed which are not finished with signature processing currently do not exist, the synchronous interface is called to respond to the signature request so as to carry out signature processing on the files to be signed. Therefore, when the signature request is received, the signature processing of the files to be signed is synchronously carried out, the signature processing time of each file to be signed is not required to be determined, and the signature processing flow is simpler.

Fig. 4 is a schematic flow chart illustrating an implementation process of an electronic signature method according to an embodiment of the present application, where as shown in fig. 4, the method includes the following steps:

step S401, the server receives a signature request sent by the first client and analyzes the signature request to obtain the attribute information of the file to be signed.

Step S402, acquiring the current working state of the user.

Step S403, determining a called target interface according to the attribute information of the file to be signed and the working state.

Step S404, acquiring first signature information of the first client by calling the target interface.

Here, the first signature information is seal information of an organization or a company corresponding to the first client, for example, seal information such as a name and a seal pattern of the organization or the company corresponding to the first client.

Step S405, encrypting the first signature information based on a preset encryption algorithm to obtain the encrypted first signature information.

Here, the preset Encryption Algorithm may be any one of a Secure Hash Algorithm (SHA-1), a Data Encryption Standard (DES) Encryption Algorithm, and a Public Key Infrastructure (PKI) framework.

Step S406, according to the encrypted first signature information, performing signature processing on the file to be signed to obtain a first signature file.

After the encrypted first signature information is obtained, adding the encrypted first signature information to the file to be signed to realize signature processing on the file to be signed, so as to obtain the first signature file.

It should be noted that, after the signature processing is performed on the file to be signed, the content of the first signature file cannot be changed any more. And the first signature file comprises a seal pattern of an organization or a company corresponding to the first client when being displayed.

Step S407, after the first signature file is obtained, changing the signature progress of the file to be signed from the state to be signed to the state that has been signed.

Here, after the first signature file is obtained, it is indicated that a response has been completed to the signature request, that is, the signature processing has been completed, and therefore, the signature progress of the file to be signed is changed from the window to be signed to the signed state.

Step S408, sending the first signature file to the first client.

It should be noted that, in the electronic signature method according to the embodiment of the present application, the type of the file to be signed is any one of a certification class file, a situation description class file, or a report class file that only requires an organization or a company corresponding to the first client to perform signature confirmation, so that after the server receives the signature request, only the target interface is called to obtain the first signature information of the first client, and the signature processing is further completed through the first signature information.

According to the electronic signature method provided by the embodiment of the application, the acquired first signature information of the first client is encrypted, and the signature processing is performed on the file to be signed according to the encrypted first signature information. Therefore, the security of the first signature file can be guaranteed, the first signature information of the first client side is prevented from being leaked, the first signature file cannot be changed, the file after signature processing can be prevented from being tampered, and the security of the file is guaranteed.

Fig. 5 is a schematic flow chart illustrating an implementation process of an electronic signature method according to an embodiment of the present application, where as shown in fig. 5, the method includes the following steps:

step S501, a server receives a signature request sent by a first client and analyzes the signature request to acquire attribute information of a file to be signed.

Here, the signature request further includes an identifier of at least one second client, and an individual or a company corresponding to the second client is different from an individual or a company corresponding to the first client.

In the embodiment of the application, the file to be signed is a contract-type file, and the contract-type file requires that an organization or a company corresponding to the first client and the at least one second client perform signature confirmation on the file.

Step S502, the current working state of the user is obtained.

Step S503, determining the called target interface according to the attribute information of the file to be signed and the working state.

Step S504, the target interface is called to obtain the first signature information of the first client.

And step S505, encrypting the first signature information based on a preset encryption algorithm to obtain the encrypted first signature information.

Step S506, according to the encrypted first signature information, signature processing is carried out on the file to be signed, and a first signature file is obtained.

Step S507, sending the first signature file to the second client based on the identifier of the second client.

Here, after the first signature file is obtained, the first signature file needs to be sent to the at least one second client, so that the at least one second client initiates signature processing on the first signature file, and two-party signature processing on the file to be signed is realized.

Step S508, the second client initiates a signature process on the first signature file to obtain a second signature file.

In this embodiment of the present application, the initiating, by the second client, the signature processing on the first signature file includes:

in step S5081, the server receives a first operation of the second client on the first signature file.

Here, the first operation includes a confirmation signature operation and a pause signature operation. And after the second client receives the first signature file, displaying prompt information on a display interface of the second client, wherein the prompt information is used for prompting a user of the second client to select whether to perform signature processing. When the user selects yes, the corresponding first operation is a signature confirmation operation; when the user selects no, the corresponding first operation is a signature pause operation.

Step S5082, when the first operation is a signature confirmation operation, obtain second signature information of the second client.

Here, the second signature information is seal information of an organization or a company corresponding to the second client, for example, seal information such as a name and a seal pattern of the organization or the company corresponding to the second client.

Step S5083 is to encrypt the second signature information based on a preset encryption algorithm to obtain encrypted second signature information.

Here, the preset encryption algorithm may be any one of SHA-1, DES encryption algorithm, PKI framework, and the like.

Step S5084, according to the encrypted second signature information, perform signature processing on the file to be first signed to obtain a second signed file.

After the encrypted second signature information is obtained, adding the encrypted second signature information to the first signature file to implement signature processing on the first signature file, so as to obtain the second signature file.

It should be noted that, after the first signature file is signed, the content of the second signature file cannot be changed any more. And when the second signature file is displayed, the second signature file comprises a seal pattern of an organization or a company corresponding to the first client and a seal pattern of an organization or a company corresponding to the second client.

In the embodiment of the application, when multiple companies need to sign the file to be signed, the first signature file can be sent to multiple second clients, after the multiple second clients all initiate signature processing on the first signature file, the whole signature processing can be finished, and the second signature file comprises the seal patterns of the organizations or companies corresponding to the first clients and the seal patterns of the organizations or companies corresponding to each second client. If the first operation of the second client of any party aiming at the first signature file is the signature pause operation, the whole signature processing process is terminated, and the signature fails.

In step S509, after the second signature file is obtained, the signature progress of the file to be signed is changed from the state to be signed to the state that has been signed.

Here, after the second signature file is obtained, it is indicated that a response has been completed to the signature request, that is, the signature processing has been completed, and therefore, the signature progress of the file to be signed is changed from the window to be signed to the signed state.

Step S510, sending the second signature file to the first client and the second client, respectively.

It should be noted that, in the electronic signature method according to the embodiment of the present application, the type of the file to be signed is a contract file, and the contract file is a file that requires both an organization or a company corresponding to the first client and an organization or a company corresponding to the second client to perform signature confirmation, so that after the server receives the signature request, a target interface needs to be called to obtain first signature information of the first client and second signature information of the second client, and signature processing is further completed through the first signature information and the second signature information.

In other embodiments, before obtaining the first signature information of the first client, the method further comprises:

step S520, obtaining the verification information corresponding to the first client based on the identifier of the first client.

Here, the check information is pre-stored information for performing identity check on the first client.

Step S521, acquiring the identity information input by the first client.

Here, the identity information is the login name, password, and other identity information input by the user through the first client.

In step S522, the identity information is verified through the verification information and a preset signature key.

Here, the predetermined signature key may be a USB Encryption Key (EKEY) integrating a smart card and a reader/writer or a soft certificate used for authentication.

Step S523, when the identity information passes the verification, obtain the first signature information from a preset signature information library.

Here, the signature information base includes signature information of at least one client. In the embodiment of the application, only when the identity information passes the verification, the server acquires the first signature information of the first client from a preset signature information base, so that the security of signature processing is ensured.

In other embodiments, the method further comprises:

step S530, receiving a file booking request sent by the first client or the second client.

Here, the file reservation request is used to request for reserving the file to be signed, and the file reservation request includes a file type of the file to be signed.

And step S531, determining a file booking template according to the file booking request.

Here, after receiving the document-making request, a document-making template corresponding to the document type is selected in a document-making template library. The file booking template library comprises file booking templates corresponding to multiple types of files.

For example, when the file type of the file to be signed is a trade contract, the server selects a file contract template corresponding to the trade contract from the file contract template library.

Of course, the first client and the second client may also negotiate the file subscription template of the file to be signed, which is not limited in this embodiment.

Step S532, a first file term sent by the first client and a second file term sent by the second client are obtained.

Step S533, adding the first file clause and the second file clause to the file booking template to form the file to be signed.

According to the electronic signature method provided by the embodiment of the application, after the server receives the signature request, the target interface is called to obtain the first signature information of the first client and the second signature information of the second client, and the signature processing is further completed through the first signature information and the second signature information. Therefore, signature processing on similar files can be realized, more functions are provided for users, and user experience is further improved.

Based on the above embodiments, the embodiments of the present application further provide an electronic signature method, where the method uses SHA-1, DES encryption algorithm and PKI framework to bind an electronic signature and an electronic seal, and stores a personal private key in a USB Encryption Key (EKEY) of a USB interface, which integrates a smart card and a reader/writer, or in a soft certificate, as a signature key, where the signature key has been authenticated by the national crypto-administration committee, the ministry of public security of china and the national security bureau. The method also comprises document verification, wherein when the signed document name, the signature user, the signature unit, the signature time and the signature name are browsed, whether the content of the document is falsified or not is verified at the same time, and if the content of the document is falsified, the seal of the falsified document is automatically displayed to be invalid. The electronic signature system provided by the embodiment of the application can be completely compatible with the international standard certificate format, so that the electronic signature system can be directly merged into a PKI system of national and international organizations. In addition, once the electronic document (corresponding to the file to be signed) is signed or sealed, the signature data information and the document are bound together and can be safely transmitted.

In the embodiment of the Application, the electronic seal exposes a service in an Application Programming Interface (API) design mode (restful style) facing a resource service to the outside in a component mode, and a platform calls the service of the component to realize the function of the electronic seal.

The service provides two forms of synchronization and asynchronization, if a single file is stamped with a seal, a synchronous interface is recommended to be used, as shown in fig. 6, which is a schematic flow chart for implementing the electronic signature method based on the synchronous interface provided by the embodiment of the application, wherein the electronic signature system comprises a client, an electronic seal assembly and an electronic seal server, and the method comprises the following steps:

step S601, the client sends a signature request to the electronic seal assembly to request to seal the file to be signed.

Step S602, the electronic seal assembly interacts with the electronic seal server to send the signing request to the electronic seal server, and receives a response message aiming at the signing request returned by the electronic seal server.

Step S603, the electronic seal component reads and writes the accessory data from the accessory database.

Here, the attachment data corresponds to the first signature information and the second signature information, and the attachment database stores attachment data of at least one client.

And step S604, performing signature processing on the file to be signed through the accessory data, and returning the signature result after the signature processing to the client.

In other embodiments, if the electronic signature is a batch stamp, it is recommended to use an asynchronous interface, as shown in fig. 7, which is a schematic flow chart for implementing the electronic signature method based on the asynchronous interface provided in the embodiments of the present application, and the method includes the following steps:

step S701, the client sends an asynchronous signature request to the electronic seal assembly to request to seal a plurality of files to be sealed.

Here, the asynchronous signing requests mean that the transmission time of each signing request is irrelevant to the transmission time of other signing requests, and after one signing request is transmitted, the server does not need to wait for a response message returned by the server for the signing request, and can transmit the next signing request at any time.

Step S702, the client sends a timing polling message to the electronic seal assembly to inquire the signing progress of the file to be signed and receives the signing progress returned by the electronic seal assembly.

Here, the timed polling message corresponds to the above query message.

And step S703, the electronic seal component interacts with the electronic seal server to realize sending the signing request to the electronic seal server and receiving a response message aiming at the signing request returned by the electronic seal server.

Step S704, the electronic seal component reads and writes the accessory data from the accessory database.

Step S705, performing signature processing on the file to be signed through the accessory data, and returning a signature result after the signature processing to the client.

In this embodiment, the electronic signature system may further include a contract management system and a unified electronic signature platform, where the contract management system corresponds to the first client and the second client in the above embodiment, and the unified electronic signature platform corresponds to the above server. As shown in fig. 8, which is a schematic view of an application scenario of the electronic signature method provided in the embodiment of the present application, the electronic signature method may be implemented by a contract management system 801 and a unified electronic signing platform 802, and the electronic signature method is implemented by interaction between the contract management system and the electronic signing platform.

Fig. 9 is a schematic flow chart illustrating an implementation process of an electronic signature method according to an embodiment of the present application, where as shown in fig. 9, the method includes:

in step S901, the contract management system requests to sign the contract text (corresponding to the document to be signed).

In the embodiment of the application, a signature request can be submitted to the electronic signing platform for a first client in the contract management system, a second client in the contract management system is requested to sign on the electronic signing platform, and meanwhile, the first client also signs on a contract text of a contract approval process.

Step S902, the contract management system synchronizes the contract text and the signature status to the electronic signing platform.

Here, when the first client submits the contract text to the electronic signing platform for signing after performing electronic signing in the "contract administrator number, signature, and watermarking" link, the contract management system needs to synchronize the signed contract text information and signature state of the first client to the electronic signing platform.

Step S903, the electronic signing platform automatically receives the contract text and the corresponding signature state, and the second client user logs in the electronic signing platform to carry out electronic signature.

Step S904, after the second client submits the signed signature on the electronic signing platform, the system automatically returns the signed contract text and the signed status of the second client to the contract management system.

Step S905, the contract management system receives the contract text and the signature status synchronized by the electronic signing platform, and updates the contract text and the signature status of the contract management system, at this time, the first client submits the process to end.

It should be noted that before the electronic subscription platform does not return the second client to complete the signature, the first client may not submit the signature and the process is ended.

The electronic signature method provided by the embodiment of the application can realize the following functions:

signature function: and determining to stamp the current electronic document, wherein the function needs the support of a stamp key disc, and simultaneously, a first client user and a second client user need to input passwords respectively to confirm the user identity.

Signature verification function: the function can verify whether the contents of the electronic document are modified or whether the signature information is valid.

The digital signature function: the identity of the signer is authenticated by using the certificate of the certificate authority of the signer (comprising the first client and the second client), respectively. On one hand, the authenticity of the identity of the signer can be distinguished, and on the other hand, the non-repudiation of the identity of the signer can be ensured, namely, once the signature is signed and the identity authentication is passed, the signer cannot repudiate the signature.

A certificate viewing function: anyone can refer to information about the signer's certificate, including certificate version, certificate serial number, signature algorithm, issuer details, valid start date, valid end date, user details, Discriminable Encoding Rules (DER) public key value, certificate custom level.

The signature canceling function comprises the following steps: the function can be used for canceling the signature, and the identity and the password of the originally stamped seal or signer need to be confirmed when the signature is cancelled.

Document protection function: the stamped electronic document may use document protection functions to lock the electronic document, which will not be permanently modified.

The file viewing function: and online checking before and after the signature of the file to be signed is supported.

Downloading the signature file: and file downloading with both signed parties of the signers is supported.

And providing a corresponding secondary development data interface: and providing a secondary development data interface to realize the combined application of the electronic signature software and a client system, wherein the secondary development can comprise the secondary development integration of various development language applications and various databases.

The electronic signature method provided by the embodiment of the application can improve the security of signature processing, and the document after signature processing has verifiability; in addition, once the electronic document is signed or sealed, the signature data information and the document are bound together, so that the portability of the electronic document is improved; the electronic signature system is compatible with the international standard certificate format, can be directly integrated into a PKI system of national and international organizations, and has openness; the system can realize intelligent detection of electronic document data, forcibly retain modification traces and automatically detect modification trace information, and has intelligence; the product realizes that all operations use uniform passwords, ensures convenient operation for users, and simultaneously can ensure the safety, stability and reliability of the product; an Extensible Markup Language (XML) data format is provided, and data sharing and use with a third-party system are facilitated.

Based on the foregoing embodiments, an electronic signature apparatus provided in an embodiment of the present application includes modules and components included in the modules, and may be implemented by a processor in an electronic signature device; of course, it may also be implemented by logic circuitry; in the implementation process, the Processor may be a Central Processing Unit (CPU), a microprocessor Unit (MPU), a Digital Signal Processor (DSP), a Field Programmable Gate Array (FPGA), or the like.

Fig. 10 is a schematic structural diagram of an electronic signature device according to an embodiment of the present application, and as shown in fig. 10, the electronic signature device 1000 includes:

a first receiving unit 1001, configured to receive a signature request sent by a first client;

the analyzing unit 1002 is configured to analyze the signing request to obtain attribute information of a file to be signed;

a first obtaining unit 1003, configured to obtain a current operating state; the working state is used for indicating whether the current file to be signed comprises the file which is not finished with signature processing;

a determining unit 1004, configured to determine a called target interface according to the attribute information of the file to be signed and the working state;

the processing unit 1005 is configured to respond to the signature request by calling the target interface, so as to perform signature processing on the file to be signed.

In other embodiments, the determining unit includes: the first determining module is used for determining the number of the files to be signed according to the attribute information of the files to be signed; and the second determining module is used for determining that the called target interface is an asynchronous interface when the number of the files to be signed is at least two or the working state indicates that the files to be signed currently include the files to be signed which are not finished with signature processing.

In other embodiments, the processing unit comprises: the first processing module is used for simultaneously or sequentially signing the at least two files to be signed by calling the asynchronous interface when the number of the files to be signed is at least two; the second processing module is used for carrying out signature processing on the file to be signed by calling the asynchronous interface when the working state indicates that the file to be signed currently comprises the file to be signed which does not finish signature processing; when the signature processing is performed in sequence, the ending time of the signature processing of each file to be signed is irrelevant to the starting time of the signature processing of other files to be signed.

In other embodiments, the determining unit includes: the third determining module is used for determining the number of the files to be signed according to the attribute information of the files to be signed; and the fourth determining module is used for determining the called target interface as a synchronous interface when the number of the files to be signed is one and the working state indicates that the files to be signed which do not finish signature processing are not included currently.

In other embodiments, the apparatus further comprises: a second receiving unit, configured to receive an inquiry request sent by the first client; wherein, the query request comprises the identification of the file to be signed; the second acquisition unit is used for acquiring the signature progress of the file to be signed based on the identifier of the file to be signed; and the returning unit is used for returning the signing progress to the first client.

In other embodiments, the processing unit comprises: the acquisition module is used for acquiring first signature information of the first client by calling the target interface; the encryption module is used for encrypting the first signature information based on a preset encryption algorithm to obtain encrypted first signature information; and the signature processing module is used for carrying out signature processing on the file to be signed according to the encrypted first signature information to obtain a first signature file.

In other embodiments, the signature request further includes an identifier of the second client; correspondingly, the device further comprises: and the first sending unit is used for sending the first signature file to the second client based on the identifier of the second client so that the second client initiates signature processing on the first signature file to obtain a second signature file.

In other embodiments, the apparatus further comprises: the first changing unit is used for changing the signing progress of the file to be signed from a state to be signed into a signed state after the first signing file is obtained; the second sending unit is used for sending the first signature file to the first client; or, the second changing unit is configured to change the signing progress of the file to be signed from the state to be signed to the signed state after the second signing file is obtained; and the third sending unit is used for sending the second signature file to the first client and the second client.

In other embodiments, the apparatus further comprises: the third obtaining unit is used for obtaining the check information corresponding to the first client based on the identifier of the first client; the fourth acquisition unit is used for acquiring the identity information input by the first client; the verification unit is used for verifying the identity information through the verification information and a preset signature secret key; and the fifth acquisition unit is used for acquiring the first signature information from a preset signature information base when the identity information passes the verification.

It should be noted that, in the embodiment of the present application, if the electronic signature method is implemented in the form of a software functional module and is sold or used as a standalone product, it may also be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the embodiments of the present application may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a terminal to execute all or part of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: various media capable of storing program codes, such as a usb disk, a removable hard disk, a Read Only Memory (ROM), a magnetic disk, or an optical disk. Thus, embodiments of the present application are not limited to any specific combination of hardware and software.

Correspondingly, an embodiment of the present application provides an electronic signature apparatus, and fig. 11 is a schematic structural diagram of the electronic signature apparatus provided in the embodiment of the present application, and as shown in fig. 11, the electronic signature apparatus 1100 at least includes: a processor 1101, a communication interface 1102, and a storage medium 1103 configured to store executable instructions, wherein the processor 1101 generally controls the overall operation of the electronic signature device.

The communication interface 1102 may enable the electronic signature device to communicate with other terminals or servers over a network.

The storage medium 1103 is configured to store instructions and applications executable by the processor 1101, and may also cache data to be processed or processed by each module in the processor 1101 and the electronic signature device 1100, and may be implemented by a FLASH Memory (FLASH) or a Random Access Memory (RAM).

It should be appreciated that reference throughout this specification to "one embodiment" or "an embodiment" means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present application. Thus, the appearances of the phrases "in one embodiment" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. It should be understood that, in the various embodiments of the present application, the sequence numbers of the above-mentioned processes do not mean the execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application. The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.

It should be noted that, in this document, the terms "comprises", "comprising" or any other variation thereof are intended to cover a non-exclusive inclusion, so that a process, a method or an apparatus including a series of elements includes not only those elements but also other elements not explicitly listed or inherent to such process, method or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element. In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described device embodiments are merely illustrative, for example, the division of the unit is only a logical functional division, and there may be other division ways in actual implementation, such as: multiple units or components may be combined, or may be integrated into another system, or some features may be omitted, or not implemented.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units; can be located in one place or distributed on a plurality of network units; some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiments of the present application. Those of ordinary skill in the art will understand that: all or part of the steps for realizing the method embodiments can be completed by hardware related to program instructions, the program can be stored in a computer readable storage medium, and the program executes the steps comprising the method embodiments when executed; and the aforementioned storage medium includes: various media that can store program code, such as removable storage devices, read-only memories, magnetic or optical disks, etc. Alternatively, the integrated units described above in the present application may be stored in a computer-readable storage medium if they are implemented in the form of software functional modules and sold or used as independent products. Based on such understanding, the technical solutions of the embodiments of the present application may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a terminal to execute all or part of the methods described in the embodiments of the present application. And the aforementioned storage medium includes: a removable storage device, a ROM, a magnetic or optical disk, or other various media that can store program code.

The above description is only for the embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.

Claims

1. A method of electronic signature, the method comprising:

2. The method according to claim 1, wherein the determining the called target interface according to the attribute information of the file to be signed and the working state comprises:

determining the number of the files to be signed according to the attribute information of the files to be signed;

and when the number of the files to be signed is at least two, or when the working state indicates that the files to be signed currently comprise the files to be signed which are not finished with signature processing, determining that the called target interface is an asynchronous interface.

3. The method according to claim 2, wherein the responding to the signature request by calling the target interface to perform signature processing on the file to be signed comprises:

when the number of the files to be signed is at least two, simultaneously or sequentially signing the at least two files to be signed by calling the asynchronous interface;

when the working state indicates that the current file to be signed comprises the file which is not finished with signature processing, signature processing is carried out on the file to be signed by calling the asynchronous interface;

when the signature processing is performed in sequence, the ending time of the signature processing of each file to be signed is irrelevant to the starting time of the signature processing of other files to be signed.

4. The method according to claim 1, wherein the determining the called target interface according to the attribute information of the file to be signed and the working state comprises:

and when the number of the files to be signed is one and the working state indicates that the files to be signed which do not finish signature processing currently do not exist, determining the called target interface as a synchronous interface.

5. The method of claim 1, further comprising:

receiving a query request sent by the first client; wherein, the query request comprises the identification of the file to be signed;

acquiring a signature progress corresponding to the file to be signed based on the identifier of the file to be signed;

and returning the signing progress to the first client.

6. The method according to claim 1, wherein the responding to the signature request by calling the target interface to perform signature processing on the file to be signed comprises:

acquiring first signature information of the first client by calling the target interface;

encrypting the first signature information based on a preset encryption algorithm to obtain encrypted first signature information;

and according to the encrypted first signature information, performing signature processing on the file to be signed to obtain a first signature file.

7. The method of claim 6, wherein the signature request further includes an identification of the second client;

correspondingly, the method further comprises:

and sending the first signature file to the second client based on the identifier of the second client, so that the second client initiates signature processing on the first signature file to obtain a second signature file.

8. The method of claim 7, further comprising:

after the first signature file is obtained, changing the signature progress of the file to be signed from a state to be signed into a signed state;

sending the first signature file to the first client; alternatively, the first and second electrodes may be,

after a second signature file is obtained, changing the signature progress of the file to be signed from a state to be signed into a signed state;

and sending the second signature file to the first client and the second client.

9. The method of claim 6, wherein prior to obtaining the first signature information of the first client, the method further comprises:

acquiring verification information corresponding to the first client based on the identifier of the first client;

acquiring identity information input by a first client;

verifying the identity information through the verification information and a preset signature secret key;

and when the identity information passes the verification, acquiring the first signature information in a preset signature information base.

10. An electronic signature apparatus, the apparatus comprising:

11. An electronic signature device, characterized in that it comprises at least: a processor and a storage medium configured to store executable instructions, wherein: the processor is configured to execute stored executable instructions;

the executable instructions are configured to perform the electronic signature method provided by any of the above claims 1 to 9.

12. A storage medium having stored thereon computer-executable instructions configured to perform the method of electronic signature as provided in any of the preceding claims 1 to 9.