JP2023165230A - Signature system, signature method, and program - Google Patents

Abstract

To perform a party-type electronic signature on an electronic document without downloading the electronic document on a client terminal.SOLUTION: A signature system in which a user signs an electronic document stored in a server 10, from a client terminal 20 includes: an acquisition unit 12 that obtains a hash value of the electronic document in response to an instruction to sign the electronic document; a signature generation unit 22 that generates signature data based on a signature value generated based on both the obtained hash value and a secret key of the user and based on a certificate of the user; and a signature unit 13 that embeds the generated signature data in the electronic document to sign the electronic document.SELECTED DRAWING: Figure 2

Description

The present invention relates to a signature system, a signature method, and a program.

Currently, there are two methods of electronic signatures that are mainly used. One is called "party-based electronic signature," which uses the signing party's own electronic certificate, such as the public personal authentication service "electronic certificate for signature" stored in the My Number Card, to send a message to the client terminal. This is a method of signing downloaded electronic documents.

The other type is what is called a "business operator (witness type) electronic signature," which has been increasingly used in recent years. Business (witness type) signature is a method in which a business uses the business's electronic certificate to sign an electronic document in response to an instruction from a user. A business signature type (witness type) system is disclosed that includes an electronic signature server and a certification authority.

In Patent Document 1, a certification authority generates a key pair of a private key and a public key. The digital signature server then requests the certificate authority to issue a digital certificate based on the public key. The certification authority supplies the issued electronic certificate and private key to the electronic signature server as a file called PKCS#12, and the electronic signature server uses the electronic certificate and private key in response to a request from the client terminal. to digitally sign electronic documents.

Japanese Patent Application Publication No. 2010-200142

By the way, in the business type electronic signature, since the business operator signs the electronic document on behalf of the client, there is no need to download the electronic document to the client terminal. Therefore, business-type electronic signatures can be used in secure systems that do not permit downloading of electronic documents. On the other hand, with party-type electronic signatures, the electronic signature is signed on the client terminal, so the electronic document must be downloaded to the client terminal. Therefore, in a secure system that does not allow downloading of electronic documents, it has not been possible to apply a party-type electronic signature to the electronic document.

SUMMARY OF THE INVENTION In view of these problems, it is an object of the present invention to provide a signature system, a signature method, and a program for applying a party-type electronic signature to an electronic document without downloading the electronic document to a client terminal.

The present invention provides a signature system in which a user signs an electronic document stored in a server from a client terminal, comprising: an acquisition unit that acquires a hash value of the electronic document in response to an instruction to sign the electronic document; a signature generation unit that generates signature data based on a signature value generated based on the obtained hash value and the user's private key, and the user's certificate; embedding the generated signature data in the electronic document; A signature system is provided that includes a signature section for signing the electronic document.

Further, the present invention provides that when the signature value of the signature data and the hash value acquired from the certificate match the hash value of the electronic document in which the signature data is embedded, the signature unit adds the signature data to the electronic document. A signature system for embedding the signature data and signing the signature data is provided.

Further, the present invention provides a signature system including a preparation unit that prepares a place where the signature data is embedded in the electronic document.

Further, the present invention provides a signature system in which the signature generation unit generates the signature data based on the signature value, the certificate, and the time stamp.

Further, the present invention provides a signature system in which the electronic document is a PDF.

The present invention also provides a method executed by a signature system in which a user signs an electronic document stored in a server from a client terminal, the method comprising: signing a hash value of the electronic document in response to an instruction to sign the electronic document; a step of generating signature data based on a signature value generated based on the acquired hash value and the user's private key, and the user's certificate; and a step of generating signature data on the electronic document. embedding the electronic document in the electronic document and signing the electronic document.

The present invention also provides a signature system in which a user signs an electronic document stored in a server from a client terminal, including an acquisition unit that acquires a hash value of the electronic document in response to an instruction to sign the electronic document; a signature generation unit that generates signature data based on a hash value generated based on the user's private key and the user's certificate, and a signature generation unit that generates signature data based on the user's certificate; Provides a program that functions as a signature section for signing documents.

According to the present invention, it is possible to apply a party-type electronic signature to an electronic document without downloading the electronic document to a client terminal.

1 is a diagram illustrating an overview of a signature system according to an embodiment of the present invention. FIG. 1 is a diagram showing a functional configuration of a signature system according to a first embodiment of the present invention. FIG. 3(a) shows an example of the data structure of a PDF with a signature target area added according to the first embodiment of the present invention, and FIG. 3(b) shows a PDF after signing according to the first embodiment of the present invention. FIG. 2 is a diagram showing an example of a data structure. FIG. 2 is a diagram showing a signature processing flow executed by the signature system according to the first embodiment of the present invention. FIG. 3 is a diagram showing a functional configuration of a signature system according to a second embodiment of the present invention. FIG. 7 is a diagram showing a signature processing flow executed by a signature system according to a second embodiment of the present invention.

DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, modes for carrying out the present invention (hereinafter referred to as embodiments) will be described in detail with reference to the accompanying drawings. In the following figures, the same numbers or symbols are given to the same elements throughout the description of the embodiments.

[Basic concept/basic configuration]
FIG. 1 is a diagram for explaining an overview of a signature system 1 according to an embodiment of the present invention. The signature system 1 is a system that performs party-type signatures on electronic documents stored on a server. In other words, the signature system 1 is a system that signs an electronic document with the electronic certificate of the user of the client terminal without downloading the electronic document from a server.

The signature system 1 includes a server 10 and a client terminal 20, and the server 10 and the client terminal 20 are connected via a network. The server 10 stores electronic documents and signs the electronic documents in response to an instruction to sign the electronic documents. The server 10 may be an on-premises server or a cloud server, but in this embodiment, it is a cloud server.

The client terminal 20 is a terminal of a user who signs an electronic document of the server 10, and acquires and manages the user's electronic certificate information necessary for signing. The client terminal 20 includes, for example, a smartphone, a tablet terminal, a personal computer, or the like. Although only one device is displayed in this embodiment, a plurality of devices may be displayed.

The server 10 first receives an instruction to sign an electronic document (hereinafter also referred to as a target electronic document) displayed on the client terminal 20 (S1). The client terminal 20 may issue the signature instruction to the server 10, or the client terminal 20 may issue the signature instruction to the server 10 in response to a request from the server 10. Upon receiving the signature instruction, the server 10 acquires a hash value of the target electronic document (S2), and transmits the acquired hash value to the client terminal 20 (S3).

The client terminal 20 encrypts the hash value received from the server 10 with the private key included in the user's digital certificate information, and based on the signature value and the digital certificate included in the digital certificate information, the client terminal 20 generates the signature data. Generate (S4). The client terminal 20 transmits the signature data generated in S4 to the server 10 (S5). Note that the client terminal 20 may transmit the signature value and the electronic certificate to the server 10, and the server 10 may generate signature data based on the signature value and the electronic certificate.

The server 10 determines whether the hash value obtained using the signature value of the signature data received from the client terminal 20 and the electronic certificate matches the hash value of the target electronic document in which the signature data is to be embedded. is determined (S6). If the hash values match, the process proceeds to S7, whereas if they do not match, the process ends. Although falsification of signature data can be detected by determining whether the hash values match, S6 does not need to be performed.

The server 10 embeds the signature data in the target electronic document and signs the target electronic document (S7). The server 10 sends a notification to the client terminal 20 that the signature has been completed (S8).

According to such a signature system, for an electronic document displayed on a client terminal, the hash value of the electronic document is based on the signature value encrypted with the private key of the user of the client terminal and the electronic certificate of the user. The server can sign the electronic document using the signature data generated by the server. Thereby, it is possible to apply a party-type electronic signature to an electronic document stored on the server without downloading the electronic document to the client terminal.

[Functional configuration of signature system]
FIG. 2 is a diagram showing the functional configuration of the signature system 1 according to the first embodiment of the present invention. The signature system 1 includes a server 10 and a client terminal 20 connected to the server 10 via a network.

[Server functional configuration]
The server 10 includes a transmitting/receiving section 11 that transmits and receives data to and from the client terminal 10, an acquiring section 12, a signature section 13, and a storage section 14 that stores electronic documents.

Upon receiving the signature instruction for the target electronic document, the acquisition unit 12 acquires the hash value of the target electronic document, and transmits the acquired hash value of the target electronic document to the client terminal 20 via the transmitting/receiving unit 11 . Specifically, the acquisition unit 12 includes a preparation unit 121 and a calculation unit 122.

The preparation unit 121 receives an instruction to sign the target electronic document from the client terminal 20. In this embodiment, the client terminal 20 instructs to sign the target electronic document. For example, when an electronic document is being displayed on the client terminal 20, a Web API prepared in advance on the server 10 is activated in response to a user's operation on the client terminal 20, thereby causing the client terminal 20 to connect to the server 10. A signature instruction is given, and the preparation unit 121 receives the signature instruction.

The preparation unit 121 then prepares the signature of the target electronic document. Specifically, the preparation unit 121 adds a signature target area in which signature data is embedded to the target electronic document. Taking as an example the case where the electronic document is a PDF (Portable Document Format), the signature target area prepared in the target electronic document by the preparation unit 121 will be described using FIG. 3(a). FIG. 3A shows an example of the data structure of a PDF with a signature target area added. As shown in the figure, the preparation unit 121 adds a signature dictionary 320, which is a signature target area, to the end (%%EOF) of the PDF 310. The signature dictionary 320 includes a portion 321 in which signature data is embedded.

The calculation unit 122 calculates a hash value from the target electronic document. Specifically, the calculation unit 122 calculates the hash value of the signature target data of the target electronic document to which the signature target area has been added, that is, the part of the target electronic document to which the signature target area has been added, excluding the part where the signature data is embedded. , is calculated as a hash value of the target electronic document. The calculation unit 122 then transmits the calculated hash value of the target electronic document to the client terminal 20 via the transmission/reception unit 11.

Using FIG. 3A, signature target data for which the calculation unit 122 calculates a hash value is shown. As shown in FIG. 3A, the signature target data 331 is the data of the PDF 310 and the data of the signature dictionary 320 excluding the portion 321 in which signature data is embedded.

When the signature unit 13 receives the signature data from the client terminal 20, the signature unit 13 generates a hash value obtained using the signature value of the signature data and the electronic certificate, and a hash value of the target electronic document in which the signature unit 13 intends to embed the signature. Determine whether the values match. Specifically, the hash value obtained using the signature value of the signature data and the electronic certificate is obtained by decrypting the signature value of the signature data with the electronic certificate, and is calculated from the target electronic document for which a signature instruction has been given. , is a hash value sent from the server 10 to the client terminal 20. On the other hand, the hash value of the target electronic document in which the signature is to be embedded is a hash value calculated from the target electronic document in which the signature is to be embedded in response to receiving the signature data from the client terminal 20.

If the hash values match, the signature unit 13 embeds the acquired signature data into the target electronic document in which the signature is to be embedded. On the other hand, if the hash values do not match, the signature unit 13 does not embed the acquired signature data in the target electronic document in which the signature is to be embedded, and ends the process. When the hash values match, it is confirmed that the target electronic document for which the signature instruction was given and the target electronic document in which the signature section 13 is attempting to embed the signature are the same, and that the signature data has not been tampered with. Can be signed. On the other hand, if the hash values do not match, the signature data has been tampered with, so no signature is executed.

A target electronic document in which signature data is embedded by the signature unit 13 will be described using FIG. 3(b). FIG. 3(b) shows an example of the data structure of the PDF after signing. As shown in the figure, the signature unit 13 embeds the signature data received from the client terminal 20 in the signature data embedding portion 321 of the target electronic document shown in FIG. 3(a), and embeds the signature data as shown in FIG. 3(b). This will be a signed PDF.

The signature unit 13 embeds signature data in the target electronic document to which the signature target area has been added, and when the signature is completed, sends a notification to the client terminal 20 that the signature has been completed. Further, the signature unit 13 stores the electronic document with the completed signature in the storage unit 14.

[Functional configuration of client terminal]
The client terminal 20 includes a transmitter/receiver 21 that transmits and receives data to and from the server 10, and a signature generator 22.

The signature generation unit 22 generates signature data based on the signature value generated based on the hash value received from the server 10 via the transmission/reception unit 21 and the user's private key, and the user's electronic certificate. Specifically, the signature generation section 22 includes a certificate information acquisition section 221, a signature value generation section 222, and a signature data generation section 223.

The certificate information acquisition unit 221 acquires the electronic certificate information of the user of the client terminal 20, that is, the electronic certificate of the user and the private key that is a set with the electronic certificate. Here, the electronic certificate is a public personal certificate, and is, for example, an electronic certificate stored in a My Number Card, or a SECOM Passport for G-ID. If the electronic certificate and private key are stored in a storage medium, they are acquired from the storage medium via a card reader or USB, and if they are stored in advance in the storage unit (not shown) of the client terminal 20, they are acquired from the storage medium via a card reader or USB. is obtained from the storage section.

The signature value generation unit 222 encrypts the hash value received from the server 10 using the private key acquired by the certificate information acquisition unit 221, and generates a signature value.

The signature data generation unit 223 generates signature data based on the electronic certificate acquired by the certificate information acquisition unit 221 and the signature value generated by the signature value generation unit 222. The signature data is, for example, in PKCS#7 format. The signature data generating section 223 transmits the generated signature data to the server 10 via the transmitting/receiving section 21.

Note that the signature data generation unit 223 may generate the signature data using a time stamp together with the signature value and the electronic certificate. By using a time stamp to generate signature data, the validity period of a signature on an electronic document can be extended. For example, in the case of PDF, the signature data can be created in PAdES format by using a time stamp to generate the signature data. Specifically, while the validity period of electronic documents signed with signature data generated based on the signature value and electronic certificate is usually 1 to 3 years, The validity period of an electronic document signed with signature data generated based on this is as long as 10 years.

The functional configuration of the present system described above is just an example, and one functional block (database and functional processing unit) may be divided, or multiple functional blocks may be combined into one functional block. Each functional processing unit is stored in a storage device (storage unit) such as a ROM (Read Only Memory), flash memory, SSD (Solid State Drive), or hard disk by a CPU (Central Processing Unit) built into the device or terminal. This is realized by reading out a computer program (for example, core software or an application that causes the CPU to execute the various processes described above), and executing the computer program by the CPU. In other words, each functional processing unit reads and writes necessary data such as tables from a database (DB) stored in a storage device or a storage area in memory, and in some cases, This is realized by controlling hardware (for example, input/output devices, display devices, communication interface devices).

[Processing flow]
FIG. 4 is a diagram showing a signature processing flow executed by the signature system according to the first embodiment of the present invention. The signature processing flow will be explained as processing of the server 10.

First, the acquisition unit 12 receives an instruction to sign a target electronic document from the client terminal 20. (S11). Next, the preparation unit 121 of the acquisition unit 12 prepares the target electronic document for signature (S12). Next, the calculation unit 122 of the acquisition unit 12 calculates a hash value of the target electronic document for which the signature was prepared in S12, and transmits it to the client terminal 20 (S13).

Next, the signature unit 13 receives the signature data generated by the client terminal 20, and attempts to embed the signature data with a hash value obtained using the signature value of the received signature data and the electronic certificate. It is determined whether the hash value of the target electronic document matches (S15). If the hash values match, the process proceeds to S16, whereas if they do not match, the process ends.

Next, the signature unit 13 embeds the acquired signature data into the target electronic document prepared for signature in S12 (S16). Then, the signature unit 13 transmits a notification that the signature on the target electronic document has been completed to the client terminal 20 via the transmitting/receiving unit 11 (S17).

According to such a signature system, the server can generate user signature data at the client terminal by sending the hash value of the electronic document displayed on the client terminal to the client terminal. The server can then sign the electronic document with the signature data generated at the client terminal. Thereby, it is possible to apply a party-type electronic signature to an electronic document stored on the server without downloading the electronic document to the client terminal.

Furthermore, by using a time stamp to generate signature data, the validity period of the electronic signature can be extended.

[Second embodiment]
A second embodiment of the present invention will be described using FIGS. 5 to 6. The signature system 2 of the second embodiment has the same configuration as the first embodiment, except that the signature instruction is performed upon request from the server, and the signature data generation unit is provided from the client terminal to the server. There is. Therefore, parts that perform the same functions as those in the first embodiment described above are given the same reference numerals, and redundant explanations will be omitted as appropriate.

FIG. 5 is a diagram showing the functional configuration of the signature system 2 according to the second embodiment of the present invention. The signature system 2 includes a server 100 and a client terminal 200 connected to the server 100 via a network.

[Server functional configuration]
The server 100 includes a transmitting/receiving section 11 that transmits and receives data to and from the client terminal 200, a signature instruction section 115, an acquisition section 12, a signature data generation section 116, a signature section 13, and a storage section 14.

The signature instruction unit 115 issues a request to the client terminal 200 to instruct the client terminal 100 to sign the target electronic document. The signature instruction unit 115 may request a signature instruction from the client terminal 100 in response to an electronic document being displayed on the client terminal 200, or may request a signature instruction from the client terminal 100 in response to an electronic document being displayed on the client terminal 200. A signature instruction may be requested from the client terminal 100 in response to the request.

Specifically, the signature instruction unit 115 starts a program installed in advance on the client terminal 200 and causes the program to send a signature instruction to the target electronic document to the server 100. Here, the program preinstalled on the client terminal 200 is a program that transmits an instruction to sign a target electronic document from the client terminal 100 to the server 200 in response to a request from the signature instruction section 115.

Specifically, communication with the client terminal 200 or a URL scheme is set in advance in the signature instruction section 115. Then, the signature instruction unit 115 starts a program installed in advance on the client terminal 200 using the set communication or URL scheme. Further, when the client terminal 200 is a Windows terminal, the signature instruction unit 115 uses JavaScript embedded in the target electronic document to write a program installed in advance on the client terminal 200, for example. Start the NET/COM module.

The signature data generation unit 116 receives the signature value and the electronic certificate from the client terminal 200. The signature data generation unit 116 then generates signature data based on the signature value and electronic certificate received from the client terminal 200. The signature data is, for example, in PKCS#7 format.

The signature data generation unit 116 may generate the signature data using a time stamp acquired from the client terminal 200 together with the signature value and the electronic certificate. Further, the signature data generation unit 116 may obtain a time stamp and generate signature data based on the signature value and electronic certificate obtained from the client terminal 200 and the obtained time stamp. The effect of using a time stamp to generate signature data is as described in the first embodiment.

[Functional configuration of client terminal]
The client terminal 20 includes a transmitting/receiving section 21, a certificate information acquiring section 221, and a signature value generating section 224.

The signature value generation unit 224 encrypts the hash value received from the server 100 using the private key acquired by the certificate information acquisition unit 221, and generates a signature value. Then, the signature value generation unit 224 transmits the generated signature value and the electronic certificate acquired by the certificate information acquisition unit 221 to the server 100. Further, the signature value generation unit 224 may acquire a time stamp and transmit it to the server 100 together with the generated signature value and the electronic certificate information acquired by the certificate information acquisition unit 221.

[Processing flow]
FIG. 6 is a diagram showing a signature processing flow executed by the signature system according to the second embodiment of the present invention. The signature processing flow will be explained as processing of the server 10. Note that the same reference numerals are given to steps of the same processing as in the first embodiment described above, and redundant explanations will be omitted as appropriate.

The signature instruction unit 115 requests the client terminal 100 to instruct the client terminal 100 to sign the target electronic document (S21). The signature data generation unit 116 receives the signature value and the electronic certificate from the client terminal 200 (S22). The signature data generation unit 116 then generates signature data based on the signature value and electronic certificate received in S22 (S23). The signature unit 13 embeds the signature data generated in S23 into the target electronic document prepared for signature in S12 (S24).

Note that in the signature processing flow shown in FIG. 6, S15, which determines whether the hash value of the signature data matches the hash value of the target electronic document, is performed after the process of S23, which generates the signature data. It may be performed after S22 of receiving the value and the digital certificate.

According to such a signature system, the server can generate the signature data of the user of the client terminal. Further, it is possible to request a signature instruction for the target electronic document from the server.

Although the present invention has been described above using the embodiments, it goes without saying that the technical scope of the present invention is not limited to the scope described in the above embodiments. It will be apparent to those skilled in the art that various changes or improvements can be made to the embodiments described above. Furthermore, it is clear from the claims that forms with such changes or improvements may also be included within the technical scope of the present invention. In the above embodiments, the present invention has been described as an invention of a signature system, but the present invention can also be regarded as an invention of a method executed by a signature system or a program that causes the signature system to function as various means. .

1, 2 Signature system 10, 100 Server 20, 200 Client terminal 11, 21 Transmission/reception section 115 Signature instruction section 116, 223 Signature data generation section 12 Acquisition section 121 Preparation section 122 Calculation section 13 Signature section 14 Storage section 22 Signature generation section 221 Certificate information acquisition unit 222 Signature value generation unit

The present invention is a signature system that includes a server that stores an electronic document and a client terminal for a user to sign a signature . a signature unit that signs the electronic document by embedding signature data in the electronic document; and a preparation unit that prepares a place to embed the signature data in the electronic document. a signature generation section that is provided in the server and generates the signature data based on the signature value generated based on the obtained hash value and the user's private key, and the user's certificate; In preparation for the terminal , the preparation unit provides a signature system that analyzes the acquired certificate chain and reduces the signature data size according to the analysis result .

Further, the present invention provides a signature system in which the signature generation unit generates the signature data based on the signature value, the certificate, and a time stamp compatible with the PAdES format .

The present invention also provides a method executed by a signature system comprising a server for storing electronic documents and a client terminal for a user to sign , wherein obtaining a hash value of the electronic document and a certificate chain ; signing the electronic document by embedding signature data in the electronic document; and preparing a location for embedding the signature data in the electronic document. and a step of generating the signature data based on the signature value generated based on the obtained hash value and the user's private key, and the user's certificate. Alternatively, the preparing step is performed by the terminal and provides a method for analyzing the acquired certificate chain and reducing the signature data size according to the analysis result.

In addition, the present invention provides a signature system that includes a server that stores electronic documents and a client terminal for a user to sign a signature . a signature unit that signs the electronic document by embedding signature data in the electronic document; and a preparation unit that prepares a place to embed the signature data in the electronic document. a signature generation section that is provided in the server and generates the signature data based on the signature value generated based on the obtained hash value and the user's private key, and the user's certificate; The preparation section analyzes the obtained certificate chain and provides a program for reducing the signature data size according to the analysis result .

Claims (7)

A signature system in which a user signs an electronic document stored on a server from a client terminal,
an acquisition unit that acquires a hash value of the electronic document in response to an instruction to sign the electronic document;
a signature generation unit that generates signature data based on a signature value generated based on the obtained hash value and the user's private key, and the user's certificate;
a signature unit that embeds the generated signature data in the electronic document and signs the electronic document;
A signature system with The signature unit embeds the signature data in the electronic document when the signature value of the signature data and the hash value obtained from the certificate match the hash value of the electronic document in which the signature data is embedded, The signature system according to claim 1, which performs a signature. The signature system according to claim 1, further comprising a preparation unit that prepares a place where the signature data is embedded in the electronic document. The signature system according to claim 1, wherein the signature generation unit generates the signature data based on the signature value, the certificate, and a time stamp. The signature system according to claim 1, wherein the electronic document is a PDF. A method performed by a signature system in which a user signs an electronic document stored on a server from a client terminal, the method comprising:
obtaining a hash value of the electronic document in response to an instruction to sign the electronic document;
generating signature data based on a signature value generated based on the obtained hash value and the user's private key, and the user's certificate;
embedding the generated signature data in the electronic document and signing the electronic document;
method including. A signature system that allows users to sign electronic documents stored on a server from a client terminal.
an acquisition unit that acquires a hash value of the electronic document in response to an instruction to sign the electronic document;
a signature generation unit that generates signature data based on a signature value generated based on the obtained hash value and the user's private key, and the user's certificate;
a signature unit that embeds the generated signature data in the electronic document and signs the electronic document;
A program that functions as

Images