Background technology
Because developing rapidly of ecommerce and information security technology, smart card also arises at the historic moment and is developed rapidly gradually.Smart card can be connected to desktop computer (PC), portable computer, Apple computer (MAC) or other network equipment by its interface, and the user can realize multiple functions such as digital signature, authentication, data encryption, certificate storage by smart card.Present smart card generally comprises central processing unit (CPU) and memory, and its work mainly is based on card internal operating system (COS).
The major function of COS is mutual, the file system of diode-capacitor storage of Controlled CPU and external information and the processing of finishing various command in CPU.In order to prevent disabled user's access card internal information, COS also has security management mechanism, is used for various operations are controlled with the information in the protection card can not revealing away.COS and external information follow asynchronous character transmission agreement in the ISO/IEC 7816-3 standard alternately, management that COS finished and basic function are then followed ISO/IEC 7816-4 standard.The information that needed information and smart card were preserved when the memory in the smart card was used for storing the CPU operation, memory generally comprises random-access memory (ram) and EEPROM (Electrically Erasable Programmable Read Only Memo) (EEPROM).
If will utilize smart card to carry out digital signature present user, at first smart card is inserted into the card reader that is connected with computer interface, the user sends to smart card in the card reader with data to be signed by computer then, the COS operating system of CPU prompting user imports PIN (PIN) in the smart card, and after the PIN that verifies user's input is correct, call data to be signed are signed, if and the PIN of user's input is incorrect, then returns miscue information and abandon this data to the user.
In above-mentioned flow process, checking user's PIN is unique security mechanism that user identity is authenticated, and exists like this and pretends to be the problem of signature, thereby reduced the fail safe of digital signature.Specifically, when carrying out signature operation after the user has finished the checking of PIN, the user can not control and use key to sign, if the rogue program invasion is arranged this moment, rogue program can pretend to be the user to carry out one or many signature, and user and do not know to carry out signature several times; Perhaps, under the situation that user's PIN is obtained by rogue program, rogue program can pretend to be the user to carry out one or many signature and the user has no to discover.And it is well-known, digital signature may relate in actual applications such as a series of economy and legal issues such as contract signature, payment funding, identification of law, therefore its fail safe is at e-commerce and e-government, even all occupies important status in the whole country social economic order.Therefore,, will greatly reduce the fail safe of digital signature so, continue to bring harmful effect for the social economy of user and whole country if digital signature is repeatedly pretended to be and the user has no to discover.
Summary of the invention
In view of this, main purpose of the present invention provides a kind of digital signature method, repeatedly pretended to be under the situation that the user has no to discover to prevent digital signature, thus the fail safe that improves digital signature.
Above-mentioned purpose of the present invention is solved by the following technical solutions:
A kind of digital signature method comprises at least:
A. set in advance a signature indexed variable that is used to represent whether to allow to carry out digital signature, and this signature indexed variable of initialization is the value that expression allows to carry out digital signature before beginning to carry out digital signature;
B. the value according to this signature indexed variable determines whether to allow to carry out digital signature when carrying out digital signature, if the value of signature indexed variable is revised as expression and does not allow to carry out the value of digital signature and carry out signature operation; Otherwise process ends.
Preferably, further comprised before step b: whether the PIN PIN of checking user input is correct, if, execution in step b; Otherwise process ends.
Preferably, comprise further that after the PIN of checking user input the PIN according to user's input improves the level of security of smart card, and before execution in step b, further comprise: search user's private key file and verify user's private key rights of using according to the current safety rank of desired level of security of this private key file and smart card, if the user has the rights of using to private key in the file, execution in step b then; Otherwise process ends.Here verify that according to the current safety rank of desired level of security of private key file and smart card user's private key rights of using are: whether the current safety rank of intelligent card is more than or equal to the desired level of security of this private key file, if, determine that the user has the rights of using to private key in the file, otherwise determine that the user does not have the rights of using to private key in the file.
In the present invention, the signature indexed variable is stored on the memory of smart card, and step b is that the CPU by smart card carries out.
In this case, the initialization signature indexed variable carries out when smart card powers among the step a.Whether the order that further comprised judgement received before step b is the signature order, if, execution in step b; Otherwise undertaken corresponding to this process of commands by CPU.
Preferably, do not carry out digital signature and further comprise the step of returning miscue information before the process ends above-mentioned.
From technical scheme of the present invention as can be seen, the present invention at first is provided with the indexed variable whether an expression allows to carry out digital signature, and after smart card powers on, this value initialization is allowed to carry out the value of digital signature for expression, and after carrying out once signed, this value is revised as the value that does not allow to carry out digital signature.Like this, after smart card powers on, unless with smart card outage and re-power,, thereby prevented that rogue program pretends to be the user to carry out the situation that one or many is signed again after the validated user signature as long as carry out just not allowing to carry out again digital signature after a digital signature.In addition, thereby, rogue program pretend to be the user to sign even having obtained user's PIN, perhaps rogue program carries out digital signature prior to the user after the user imports PIN, also can only pretend to be once signed, and before signing, validated user can find oneself can not sign, thereby validated user can be known that the disabled user pretends to be and oneself carry out once signed, cooperates other measure to drop to minimum for the loss of validated user this personation.
Therefore, by the present invention, as long as validated user has carried out after the signature, rogue program just can not pretend to be the user to sign again.Even rogue program can pretend to be validated user to sign before the validated user signature, at most also can only pretend to be once signed and current signature to be discovered by validated user.Therefore, the present invention can prevent that digital signature from repeatedly being pretended to be under the situation that the user has no to discover, thus the fail safe that has improved digital signature.
Embodiment
The present invention is described in detail below in conjunction with the drawings and specific embodiments.
A signature indexed variable at first is set in the present invention, this signature indexed variable has two values: allow to carry out digital signature and do not allow to carry out digital signature, and the initialization signature indexed variable is the value that expression allows to carry out digital signature before carrying out digital signature, after the user carries out digital signature, revise the signature indexed variable and do not allow to carry out the value of digital signature, thereby prevent that rogue program from pretending to be user's signature once more for expression.
Fig. 1 shows overall procedure of the present invention.As shown in Figure 1, digital signature method according to the present invention comprises the steps.
In step 101, set in advance a signature indexed variable that is used to represent whether to allow to carry out digital signature.
In step 102, this signature indexed variable of initialization allows to carry out the value of digital signature for expression before carrying out digital signature.
In step 103, when needs carry out digital signature, at first read this signature indexed variable.
In step 104, determine whether to allow to sign according to the value of the signature indexed variable that reads.If allow to sign, execution in step 105 and subsequent step thereof, otherwise process ends.
In step 105, the value of this signature indexed variable is revised as the value that expression does not allow to carry out digital signature.
In step 106, data to be signed are carried out digital signature.Finish then.
Above-mentioned is overview flow chart of the present invention.Further specify the present invention below by a specific embodiment.
As mentioned above, generally carry out digital signature and undertaken, and smart card comprises CPU and memory by smart card.Using smart card to carry out in the specific embodiment of the invention of digital signature, its operating process as shown in Figure 2.
In step 201, a signature indexed variable that is used to represent whether to allow to carry out digital signature is set in the memory of smart card in advance.The signature indexed variable here can be stored in the register among the RAM, initialization after smart card powers on like this, and its information is no longer preserved after the smart card power down.Perhaps, also can be stored among the EEPROM, the value of this signature indexed variable can continue to preserve like this.
In step 202, when needs carry out digital signature, in the card reader that smart card is inserted into computer is connected.
In step 203, smart card powers on, and carries out the initialization of smart card, in the initialization procedure of this smart card, the signature indexed variable in the memory is initialized as the value that an expression allows to carry out digital signature.
In step 204, when the user used the application program of smart card to operate, application prompts user imported PIN, and the PIN of user's input is sent to smart card.
In step 205, smart card judges behind the PIN that receives user's input whether user's input is correct, if correct, the expression user is a validated user, execution in step 206 and subsequent step thereof; Otherwise return miscue information, process ends in step 216.
In step 206, smart card promotes level of security.After smart card determined that the PIN of input is the PIN that imports of user, the lifting level of security was a user class; After smart card determined that the PIN of input is not the PIN of the PIN that imports of user but card issuer's input, promoting level of security was card issuer's rank.
In step 207, receiving from now on from the life of computer, smart card judges whether this order is a digital signature order.If the digital signature order, execution in step 208 and subsequent step thereof; If not the digital signature order, for example be authentication order, data encryption order etc., then carry out operation by CPU, then to computer return result to ordering in step 214.After the return result, smart card enters the preceding wait command state of order that receives once more.Just can repeated execution of steps 207.
In step 208, if the order that smart card receives is the digital signature order, at first search the private key for user file, determine desired level of security in the private key for user file.
In step 209, smart card judges according to the current safety rank of privately owned file of user and smart card whether the user has the rights of using to private key in the file, if, execution in step 210 and subsequent step thereof; Otherwise return miscue information in step 215, and then enter the wait command state that receives before ordering, just repeated execution of steps 207.Here judge that the rights of using whether user has private key in the file can be to judge that whether the current safety rank of smart card is more than or equal to desired level of security in the private key for user file, if, show that then the user has the rights of using to private key in the file, otherwise show that the user does not have the rights of using to private key in the file.
In step 210, the CPU of smart card reads the value of signature indexed variable.
In step 211, smart card judgement currency is represented to allow to carry out digital signature and is not still allowed to carry out digital signature; If allow to carry out digital signature, execution in step 212 and subsequent step thereof; Otherwise return miscue information in step 215, and then enter the wait command state that receives before ordering, just repeated execution of steps 207.
In step 212, smart card is revised the value of signature indexed variable, makes its expression not allow to carry out digital signature.
In step 213, smart card carries out digital signature to the data to be signed that send simultaneously from computer and digital signature order, and returns digital signature result to computer.And then enter the wait command state that receives before ordering, just repeated execution of steps 207.
In above-mentioned steps 202, in the card reader that smart card is inserted into computer is connected, carry out information interaction by card reader and computer.Be appreciated that, smart card also can be included in the digital signature device that designs separately, this digital signature device is connected with computer by for example general purpose interface bus (USB), smart card passes through the order of the interface receiving computer of digital signature device, and after fill order execution result is returned to computer.
In above-mentioned steps 207, smart card judges that whether an order is that the digital signature order is according to the byte of the data transmission format between computer and the smart card and definite.Fig. 3 shows an example of this data transmission format.In this transformat, if CLA is 0 then the order of expression read-write CPU, if INS is F2 then represents the digital signature order.Therefore judge whether an order is that the digital signature order is exactly to judge whether the INS field is F2 in the data that receive order.
Above-mentioned digital signature indexed variable is provided with two values, and the value that allows the value of signing and do not allow to sign, these two values can represent that for example 0 expression allows to sign by numeral, and 1 expression does not allow to sign.Perhaps, also can represent by other numeral or character.In addition, be appreciated that above-mentioned signature sign scalar also can be provided with three values or more value, just can reduce the fail safe of digital signature like this.
In addition, even the operation that the user uses smart card to carry out is not the digital signature operation, for example be the data encryption operation, the user preferably also carries out a digital signature operation again after finishing this operation, if rogue program pretends to be the user to carry out once signed like this, the user also can perceive.Here carrying out the operation of digital signature again can be that the data without any meaning are signed, and its purpose only is in order to determine whether that rogue program pretends to be the signature of oneself.If rogue program has been pretended to be user's signature, when insignificant data were encrypted, the user will find that smart card does not allow oneself to sign, and pretended to be and oneself had carried out once signed thereby can define rogue program.Same other measures of cooperation can be retrieved and pretend to be signature to give self-inflicted loss.By such operation, can further improve the fail safe of number signature.
Therefore be appreciated that the above only is preferred embodiment of the present invention,, all any modifications of being done within the spirit and principles in the present invention, be equal to replacement, improvement etc., all should be included within protection scope of the present invention not in order to restriction the present invention.