JP6234014B2 - Information processing apparatus, information processing apparatus control method, and computer program - Google Patents

Description

  The present invention relates to an image forming apparatus, an information processing system, a control method, and a computer program.

  In general, office devices such as multifunction peripherals are used as shared devices in an office environment, unlike PCs (Personal Computers). In an office where a plurality of multifunction peripherals are set, a plurality of multifunction peripherals may be operated with the same settings. In such a case, it is possible to make the settings of a plurality of multi-function peripherals the same by exporting the setting values of the base multi-function peripheral and importing them to other multi-function peripherals.

  In recent years, with the increase in the number of functions of information devices such as image forming apparatuses typified by multifunction peripherals, the convenience of users has been improved by providing services and functions using a network. However, there are always security threats such as information leakage and tampering in the exchange of information via the network.

  In response to the above threats, information on the network is often secured by encrypted communication, and many information devices have a plurality of digital certificates such as public key certificates and certificate revocation lists (CRLs) in the device. ) Is stored. CRL is an abbreviation for Certificate Revocation List. In an office environment, in order to perform common settings for a plurality of multifunction peripherals, data to be exported from a base multifunction peripheral may include not only various setting values but also an electronic certificate and CRL.

  An electronic certificate used for encrypted communication has validity (time validity such as an expiration date, validity concerning an invalid state, etc.). Encrypted communication using invalid certificates may lead to information leakage. Therefore, it is conceivable that an information device having a function of importing and using an electronic certificate verifies the validity of the electronic certificate. Japanese Patent Application Laid-Open No. 2004-133867 constructs a certification path up to the root CA certificate of the electronic certificate when the electronic certificate is imported, and a corresponding certification path is already constructed when requesting verification of the validity of the electronic certificate. Discloses an information processing apparatus that performs path verification on an authentication path only.

JP 2006-229735 A

  Here, it is assumed that the electronic certificate includes a public key, for example. For example, when the image forming apparatus into which the electronic certificate is imported does not support the public key encryption method (algorithm), the electronic certificate is invalid. However, the information processing apparatus disclosed in Patent Document 1 is invalid as a result of validity verification after import because the validity of the electronic certificate cannot be confirmed unless the electronic certificate is once imported into the multifunction peripheral. Even if it is a certificate, it must be imported to the multifunction device. That is, depending on the information processing apparatus disclosed in Patent Document 1, even when importing export data of a plurality of electronic certificates, not only necessary import data but also all electronic certificates must be imported. .

  However, since embedded devices such as multifunction peripherals have only a minimum amount of resources such as storage areas, storing invalid electronic certificates has the problem of squeezing limited resources. .

  The present invention is necessary by importing after checking the validity of the electronic certificate, including whether the device supports the encryption method corresponding to the electronic certificate when importing the electronic certificate. An object of the present invention is to provide an image forming apparatus that imports only valid certificates.

The information processing apparatus according to an embodiment of the present invention supports a receiving unit that receives an electronic certificate from an external device and an encryption method corresponding to the electronic certificate received by the receiving unit. The determination means determines that the information processing apparatus supports an encryption method corresponding to the electronic certificate received by the reception means , and a predetermined value of the electronic certificate is determined. If the IP address is not included in the predetermined field of the electronic certificate, the electronic certificate and the private key corresponding to the electronic certificate are not imported, and the predetermined field of the electronic certificate is checked. The IP address included in the predetermined field of the electronic certificate matches at least the IP address of the information processing device. And, by using the import means for importing the private key corresponding to the electronic certificate and the electronic certificate, the electronic certificate is imported by the import unit, and, the secret key that is imported by the import unit Execution means for performing encrypted communication.

According to the image forming apparatus of the present invention, when the electronic certificate is imported , the IP address included in the predetermined field of the electronic certificate matches the IP address of the information processing apparatus. The electronic certificate and private key required for the forming apparatus can be selected and imported.

1 is a diagram illustrating a system configuration example of Embodiment 1. FIG. 2 is an example of a functional block diagram of an image forming apparatus. FIG. 2 is a diagram illustrating an example of a hardware configuration of an image forming apparatus. FIG. 10 is a flowchart illustrating an example of an electronic certificate export process in the image forming apparatus. It is an example of the management table of an electronic certificate. 10 is a flowchart illustrating an example of electronic certificate import processing in the image forming apparatus. It is a management table which shows the result of the selection process of an electronic certificate. It is a flowchart explaining the example of the selection process of the electronic certificate to import. It is a flowchart explaining a revocation confirmation process. It is a flowchart explaining an effective period confirmation process. It is a flowchart explaining a consistency confirmation process with apparatus specific information. It is a flowchart explaining a support public key algorithm confirmation process. 6 is a diagram illustrating an example of a system configuration of Embodiment 2. FIG. 10 is a flowchart illustrating an example of electronic certificate import processing according to the second exemplary embodiment. It is a figure explaining setting operation on a certificate automatic setting screen. It is an example of a warning screen. It is an example of a certificate generation screen. FIG. 10 is a diagram illustrating a setting operation on a certificate automatic setting screen according to a third embodiment. 10 is a flowchart illustrating an example of electronic certificate import processing according to the third exemplary embodiment. 10 is a flowchart illustrating an example of an electronic certificate issuance request process. It is an example of a warning screen.

Example 1
FIG. 1 is a diagram illustrating a system configuration example according to the first embodiment. The information processing system shown in FIG. 1 includes an image forming apparatus 14, a PC 12, and a certificate authority (CA) 13 connected via a network 11.

  The image forming apparatus 14 is a multifunction machine, for example, and has a printer function, a facsimile function, and the like. The image forming apparatus 14 performs encrypted communication using the electronic certificate imported to the self apparatus. Examples of encrypted communication include SSL (Secure Socket Layer) / TLS (Transport Layer Security).

  Further, the image forming apparatus 14 receives an import request from the PC 12 and imports the electronic certificate into the apparatus. The import request includes import request data. The import request data is data for requesting import to the image forming apparatus 14 and includes an electronic certificate. The electronic certificate import process in the image forming apparatus 14 assumes the following process. That is, after the image forming apparatus 14 once clears the area storing the predetermined electronic certificate, the electronic certificate is imported together with the corresponding private key and usage information by overwriting the import data. . The import data is data that is actually imported into the image forming apparatus 14 among the import request data. In the first exemplary embodiment, the image forming apparatus 14 determines the validity of the electronic certificate when the electronic certificate is imported, and selects and imports the electronic certificate that is determined to be valid. Further, the image forming apparatus 14 receives an export request from the PC 12, and exports an electronic certificate held by the image forming apparatus 14 as export data.

  The certificate authority 13 is a server of a predetermined certificate authority that issues electronic certificates and CRLs. The PC 12 is an information processing apparatus that exports / imports an electronic certificate to the image forming apparatus 14. The PC 12 can also import a certificate issued from the certificate authority 13 or a certificate created by the PC 12 itself into the image forming apparatus 14 via the network 11. The control method of the present embodiment is realized by the function of each device shown in FIG. Further, the computer program of the present embodiment causes the computer to execute this control method.

  In the present embodiment, an example is shown in which one PC is connected to the network 11, one certificate authority is provided, and two image forming apparatuses are provided. However, the present invention is not limited to this.

FIG. 2 is an example of a functional block diagram of the image forming apparatus. FIG. 3 is a diagram illustrating an example of a hardware configuration of the image forming apparatus. As illustrated in FIG. 2, the image forming apparatus 14 includes a control unit 21, a processing unit 22, a communication unit 23, a date / time management unit 24, a display unit 25, and a storage unit 26. As shown in FIG. 3, the image forming apparatus 14 includes a CPU (Central Processing Unit) 201, a ROM (Read Only).
Memory) 202 and LAN (Local Area Network) adapter 203 are provided. The image forming apparatus 14 includes a random access memory (RAM) 204, a user interface (UI) 205, and a hard disk drive (HDD) 206.

  Specifically, the control unit 21 includes a CPU 201, a ROM 202, and a RAM 204. The ROM 202 stores a program for the control unit 21 to control the operation of each unit. The CPU 201 controls the operation of each unit by reading the control program stored in the ROM 202 into the RAM 204, analyzing it, and executing it.

  The processing unit 22 is controlled by the control unit 21 and analyzes and generates various information such as a certificate. The communication unit 23 includes a LAN adapter 203, and performs communication via a network under the control of the control unit 21. Specifically, the communication unit 23 receives an electronic certificate import request from the PC 12. The communication unit 23 also receives an electronic certificate included in the import request data. Further, the communication unit 23 outputs a processing completion notification and export data to the PC 12.

  The date management unit 24 manages the date and time set in the image forming apparatus 14 under the control of the control unit 21. The display unit 25 has a UI 205, and accepts operations from the user and performs screen display under the control of the control unit 21. The storage unit 26 includes an HDD 206, and stores various setting information such as a certificate, CRL, IP address, and mail address of the image forming apparatus 14 under the control of the control unit 21.

  FIG. 4 is a flowchart illustrating an example of electronic certificate export processing in the image forming apparatus. In this example, the image forming apparatus 14 executes an electronic certificate export process in accordance with an electronic certificate export request transmitted from the PC 12. The electronic certificate export process is realized by the control unit 21 executing the program stored in the ROM 202.

  First, the control unit 21 confirms whether there is an export request from the PC 12 by referring to the communication unit 23 (step S301). If there is no export request from the PC 12, the process returns to step S301. When there is an export request from the PC 12, the control unit 21 creates export data in a predetermined format including the certificate and CRL stored in the HDD 206 (step S302). In step S302, if there is private key data corresponding to the public key included in the electronic certificate, the control unit 21 also includes the private key in the export data while maintaining the correspondence. The control unit 21 exports the electronic certificate in association with the use set at the time of export. Specifically, the control unit 21 manages the electronic certificate management table 40 shown in FIG. 5, and each electronic certificate is associated with the corresponding private key and usage in the management table 40. Included in the export data in the state. The management table 40 includes communication method information that is correspondence information between an electronic certificate imported into the image forming apparatus 14 and an encrypted communication method using the electronic certificate. The HDD 206 is a storage unit that holds the management table 40. That is, the control unit 21 functions as an export unit that exports an imported electronic certificate together with information indicating an encrypted communication method corresponding to the electronic certificate.

  In this embodiment, in response to an export request from the PC 12, all certificates and CRLs stored in the HDD 206 are to be exported, but depending on the system, the user may select them.

  After the completion of the export process, the control unit 21 transmits the export data from the LAN adapter 203 to the PC 12 and notifies the export process result (success or failure) (step S303). For example, the control unit 21 transmits a predetermined completion notification message to the PC 12 or notifies the PC 12 by mail.

  FIG. 6 is a flowchart illustrating an example of electronic certificate import processing in the image forming apparatus. In this example, the image forming apparatus 14 executes an electronic certificate import process in accordance with an electronic certificate import request transmitted from the PC 12. The electronic certificate import process is realized by the control unit 21 executing the program stored in the ROM 202.

  First, the control unit 21 confirms whether or not there is an import request from the PC 12 using the LAN adapter 203 (step S401). If there is no import request from the PC 12, the process returns to step S401.

  When there is an import request from the PC 12, the control unit 21 receives import request data via the LAN adapter 203. The control unit 21 determines whether reception of import request data has been completed (step S402). If reception of import request data has not been completed, the process returns to step S402. If reception of import request data is completed, the process proceeds to step S403.

  Next, the control unit 21 executes a process of selecting an electronic certificate to be actually imported from among the electronic certificates included in the import request data (step S403). In the electronic certificate selection process, the control unit 21 determines whether or not the electronic certificate is valid by determining whether or not the image forming apparatus 14 supports at least an encryption method corresponding to the electronic certificate. It functions as a determination means for determining whether or not.

  Next, the control unit 21 determines whether there is an electronic certificate (import target certificate) to be imported based on the result of the electronic certificate selection process in step S403 (step S404).

  FIG. 7 is a management table showing the result of the electronic certificate sorting process. The control unit 21 manages the result of the electronic certificate sorting process in the management table 60 shown in FIG. An electronic certificate whose sorting result is set to OK is an import target certificate. An electronic certificate whose sorting result is set to NG is an electronic certificate that is not an import target certificate. Accordingly, in step S404 in FIG. 6, the control unit 21 refers to the management table 60 shown in FIG. 7 and determines whether there is an electronic certificate for which “OK” is set in the selection result. If there is an electronic certificate for which “OK” is set in the sorting result, the control unit 21 determines that the electronic certificate is valid and sets the electronic certificate as an import target certificate.

  If there is no import target certificate, the process proceeds to step S406, and the PC 12 is notified of the result of the import process (that the import has failed). If there is an import target certificate, the control unit 21 functions as an import unit, and imports the import target certificate into the image forming apparatus 14 (step S405). Specifically, the control unit 21 stores the import target certificate in the HDD 206. The HDD 206 also stores certificate management information described with reference to FIG. Next, the control unit 21 notifies the PC 12 of the result of the import process (success in import) (step S406), and the process ends.

  FIG. 8 is a flowchart for explaining an example of processing for selecting an electronic certificate to be imported in step S403 in FIG. In this embodiment, a process for excluding an electronic certificate that matches a predetermined condition from an import target will be described, but the present invention is not limited to this. For example, whether to exclude from the import target may be finally selected by the user.

  First, the control unit 21 analyzes the received import request data and determines whether the import request data includes an electronic certificate (step S501). The control unit 21 determines whether CRL is included in the import request data regardless of the determination processing result in step S501 (steps S502 and S505).

  If it is determined in steps S501 and S502 that neither the electronic certificate nor the CRL is included in the import request data, the control unit 21 determines that there is no import target (step S504). Even when the electronic certificate cannot be confirmed in the determination process in step S501, the control unit 21 imports only the CRL if the CRL can be confirmed in the determination process in step S502 (step S503). .

  If the CRL can be confirmed in the determination process in step S505, the control unit 21 executes the following process for all certificates included in the import request data. That is, the control unit 21 executes revocation confirmation processing (step S506), validity period confirmation processing (step S507), consistency confirmation processing with device specific information (step S508), and support public key algorithm confirmation processing (step S509). To do.

  If the CRL cannot be confirmed in the determination process of step S505, the control unit 21 executes the following process for all the electronic certificates confirmed in step S501. That is, the control unit 21 executes the validity period confirmation process (step S507), the consistency confirmation process with the device specific information (step S508), and the support public key algorithm confirmation process (step S509).

  The control unit 21 executes the confirmation process of steps S506 to S509 or steps S507 to S509 for all the electronic certificates (step S510), and then imports the data that is the import target in these confirmation processes. Implement the process. In this example, the import process is a process of storing an electronic certificate and CRL in a predetermined area of the HDD 206 and making it available. The import process also includes a process of storing a private key corresponding to the electronic certificate in a predetermined area of the HDD 206.

  The details of revocation confirmation processing (step S506), validity period confirmation processing (step S507), consistency confirmation processing with device specific information (step S508), and support public key algorithm confirmation processing (step S509) will be described in detail below. Will be described sequentially. In this embodiment, it is assumed that the electronic certificate and the CRL conform to a format defined in RFC 5280 by IETF (Internet Engineering Task Force).

  FIG. 9 is a flowchart for explaining the revocation checking process in step S506 of FIG. The control unit 21 determines whether there is a CRL issued by the same issuer as the issuer of the electronic certificate that is the subject of the revocation confirmation process, from all the CRLs that have been confirmed by the determination process in step S505 of FIG. Is confirmed (step S601). The control unit 21 confirms whether there is a CRL issued by the same issuer, for example, by comparing the issuer fields of the electronic certificate and the CRL. If there is no CRL issued by the same issuer as the issuer of the electronic certificate subject to the revocation confirmation process, the process ends.

  If there is a CRL issued by the same issuer as the issuer of the electronic certificate to be revoked, the process advances to step S602. Then, the control unit 21 confirms whether the serial number of the electronic certificate that is the subject of the revocation confirmation process matches the serial number described in the CRL (step S602). Specifically, the control unit 21 confirms the serial number of the electronic certificate that is the subject of the revocation confirmation process by referring to, for example, the serialNumber field. Also, the control unit 21 confirms the serial number described in the CRL by referring to the revoked Certificates field. Then, it is confirmed whether or not the serial number of the electronic certificate to be subjected to the revocation confirmation process confirmed above matches the serial number written in the CRL.

  If the serial number of the electronic certificate to be revoked is not the same as the serial number written in the CRL, the process is terminated. When the serial number of the electronic certificate that is the subject of the revocation checking process matches the serial number described in the CRL, the control unit 21 excludes the electronic certificate from the import target (step S603). The digital certificate excluded from the import target in step S603 is not the target of the validity period confirmation process (S507 in FIG. 8).

  FIG. 10 is a flowchart for explaining the validity period confirmation processing in step S507 of FIG. First, the control unit 21 confirms whether the electronic certificate to be confirmed is within the valid period (step S701). Specifically, the control unit 21 compares, for example, the date and time set in the validity field of the electronic certificate with the “current date and time” managed by the date and time management unit 24.

  The date and time set in the validity field indicates the validity period of the electronic certificate. Therefore, when the current date and time has passed the date and time set in the validity field, the control unit 21 determines that the electronic certificate is not within the valid period. Further, when the current date / time has not passed the date / time set in the validity field, the control unit 21 determines that the electronic certificate is within the valid period. In this embodiment, the control unit 21 compares the date and time set in the validity field of the electronic certificate with the current date and time managed by the date and time management unit 24, but the present invention is not limited to this. For example, the control unit 21 may compare the date and time set in the validity field of the electronic certificate with the date and time information acquired from an external reliable date and time distribution server.

  If the electronic certificate is within the validity period, the process ends. If the electronic certificate is not within the valid period, the control unit 21 excludes the electronic certificate from the import target (step S702). The electronic certificate excluded from the import target in step S702 is not the target of the consistency confirmation process with the device specific information (S508 in FIG. 8).

  FIG. 11 is a flowchart for explaining the consistency confirmation process with the device specific information in step S508 of FIG. The consistency confirmation process with the device unique information is a process for confirming whether the information included in the electronic certificate is consistent with the information unique to the image forming apparatus 14.

  First, the control unit 21 confirms whether the electronic certificate to be confirmed is not a CA certificate, that is, an end entity certificate (step S801). Specifically, the control unit 21 confirms whether the electronic certificate is an end entity certificate, for example, by referring to the basic Constraints field of the electronic certificate. If the electronic certificate is not an end entity certificate, that is, if it is a CA certificate, the consistency check process is terminated. When the electronic certificate is an end entity certificate, the control unit 21 checks whether the electronic certificate includes a mail address (step S802). For example, the control unit 21 confirms whether the electronic certificate includes a mail address by referring to the subject field and the subjectAltName field of the electronic certificate.

  If the electronic certificate does not include a mail address, the process proceeds to step S804. If the electronic certificate includes a mail address, the control unit 21 checks whether the mail address is correct (step S803). Specifically, the control unit 21 acquires a mail address set in the image forming apparatus 14 from the HDD 206 and confirms whether the acquired mail address matches the mail address included in the electronic certificate.

  If the acquired mail address matches the mail address included in the electronic certificate, the control unit 21 determines that the mail address included in the electronic certificate is correct, and proceeds to step S804. If the acquired mail address does not match the mail address included in the electronic certificate, the control unit 21 determines that the mail address included in the electronic certificate is not correct, and proceeds to step S806. Then, the control unit 21 excludes the electronic certificate to be confirmed from the import target (step S806). The electronic certificate excluded from the import target in step S806 is not the target of the support public key algorithm confirmation process (S509 in FIG. 8).

  In step S804, the control unit 21 confirms whether the electronic certificate to be confirmed includes an IP address. For example, the control unit 21 refers to the subjectAltName field of the electronic certificate to confirm whether the electronic certificate to be confirmed includes an IP address. If the electronic certificate to be confirmed does not include an IP address, the process ends.

  When the electronic certificate to be confirmed includes an IP address, the control unit 21 confirms whether the IP address included in the electronic certificate is correct (step S805). Specifically, the control unit 21 acquires the address information (IP address) of the image forming apparatus 14 set in the image forming apparatus 14 from the HDD 206. Then, the control unit 21 checks whether the acquired IP address matches the IP address included in the electronic certificate. If the acquired IP address matches the IP address included in the electronic certificate, the control unit 21 confirms that the IP address included in the electronic certificate is correct, and ends the process. If the acquired IP address does not match the IP address included in the electronic certificate, the control unit 21 confirms that the IP address included in the electronic certificate is not correct, and the process proceeds to step S806.

  FIG. 12 is a flowchart for explaining the supported public key algorithm confirmation processing in step S509 of FIG. The supported public key algorithm confirmation processing is processing for confirming whether the image forming apparatus 14 is compatible with an encryption algorithm corresponding to an electronic certificate, that is, an information encryption key algorithm included in the electronic certificate. Specifically, the control unit 21 determines whether the image forming apparatus 14 supports the encryption method corresponding to the electronic certificate by determining whether the image forming apparatus 14 supports the public key algorithm and the key length.

  First, the control unit 21 checks whether the image forming apparatus 14 supports the public key algorithm included in the electronic certificate (step S901). For example, even if an electronic certificate including an ECDSA public key is imported to a certificate processing apparatus (an image forming apparatus in this example) that supports only an RSA signature, the electronic certificate is disclosed. This is necessary because keys cannot be handled properly. RSA is an abbreviation for Rivest Shamir Adleman. ECDSA is an abbreviation for Elliptic Curve Digital Signature Algorithm.

  It is assumed that public key algorithm information supported by the image forming apparatus 14 is stored in the HDD 206 in advance. For example, the control unit 21 refers to the subject PublicKeyInfo field of the electronic certificate, and identifies the public key algorithm included in the electronic certificate. Then, the control unit 21 determines whether the specified algorithm matches the public key algorithm stored in the HDD 206. If the identified algorithm matches the public key algorithm stored in the HDD 206, the control unit 21 confirms that the image forming apparatus 14 supports the public key algorithm included in the electronic certificate. .

  If the image forming apparatus 14 does not support the public key algorithm included in the electronic certificate, the control unit 21 excludes the electronic certificate from the import target (step S903). If the image forming apparatus 14 supports the public key algorithm included in the electronic certificate, the process advances to step S902.

  Next, the control unit 21 confirms whether the key length of the public key included in the electronic certificate is supported (step S902). Specifically, the control unit 21 confirms whether the image forming apparatus 14 supports the key length of the public key confirmed to be supported in step S901. For example, even if a certificate including a 4096-bit RSA public key is imported to a certificate processing apparatus that supports only 1024-bit RSA public keys, the public key of the certificate is appropriate. Necessary because it cannot be handled.

  It is assumed that the key length of the public key supported by the image forming apparatus 14 is stored in the HDD 206 in advance. The control unit 21 specifies the key length of the public key included in the electronic certificate by referring to the subject PublicKeyInfo field of the electronic certificate, for example. Then, the control unit 21 determines whether the identified key length matches the key length of the public key stored in the HDD 206. When the identified key length matches the key length of the public key stored in the HDD 206, the control unit 21 supports the key length of the public key included in the electronic certificate by the image forming apparatus 14. Confirm.

  As described with reference to FIGS. 8 to 12, the control unit 21 determines that the validity period of the electronic certificate has not elapsed, the electronic certificate has not expired, and the information included in the electronic certificate. Is matched with information unique to the image forming apparatus, a support public key algorithm confirmation process is executed. If the image forming apparatus 14 supports the encryption method corresponding to the electronic certificate as a result of the support public key algorithm confirmation processing, it is determined that the electronic certificate is valid and is set as an import processing target.

  Specifically, the image forming apparatus according to the first exemplary embodiment verifies the validity of the electronic certificate itself by performing revocation confirmation processing (S506) and validity period confirmation processing (S507) on the electronic certificate. Yes. In addition, the image forming apparatus performs a consistency confirmation process with device-specific information (S508) and a supported public key algorithm confirmation process (S509), thereby importing a certificate that is meaningful in the import destination image forming apparatus 14. It is verified whether it is. The image forming apparatus sorts out the certificates to be imported by these verifications, so that only the necessary certificates can be imported in the import destination image forming apparatus 14.

  In this embodiment, the order of the revocation confirmation process, the validity period confirmation process, the consistency confirmation process with the device specific information, and the support public key algorithm confirmation process in the import target selection process (S403) is the same as in this embodiment. It is not limited to things.

  With the above control, when importing an electronic certificate, only an electronic certificate that is valid for the image forming apparatus 14 can be imported, and unnecessary resource pressure can be avoided.

(Example 2)
Assuming that the certificate to be imported is selected in the image forming apparatus 14, it is assumed that the electronic certificate (and the corresponding private key) used for encrypted communication is not imported. Such a situation occurs, for example, when an electronic certificate is imported between different models that have different public key algorithms that are supported. For example, it is assumed that an electronic certificate is exported from an image forming apparatus that uses a secret key corresponding to an ECDSA certificate for SSL. In this case, even if the export data is to be imported to an image forming apparatus that does not support ECDSA, the secret key corresponding to the ECDSA certificate is not imported by the sorting process.

  As a result, the image forming apparatus that has received the import request has no private key corresponding to the electronic certificate used for SSL. In other words, since the image forming apparatus cannot use encrypted communication, an external apparatus attempting to access the image forming apparatus through encrypted communication fails to connect.

  In the second embodiment, when the electronic certificate corresponding to the encrypted communication method performed by the image forming apparatus as described above is not imported, the image forming apparatus 14 temporarily supports the encrypted communication method. An electronic certificate (and a corresponding private key) is generated.

  FIG. 13 is a diagram illustrating a system configuration example of the second embodiment. The information processing system shown in FIG. 13 includes image forming apparatuses 14 and 15, a PC 12, and a certificate authority (CA) 13 connected via a network 11. The difference from FIG. 1 is whether or not the image forming apparatus 15 is connected to the network 11. The image forming apparatus 15 has the same configuration as the image forming apparatus 14.

  FIG. 14 is a flowchart illustrating an example of an electronic certificate import process according to the second embodiment. Steps S1301 to S1306 are the same as steps S401 to S406 in FIG. In this example, it is assumed that the encryption communication method applied by the image forming apparatus 14 is SSL.

  In step S1307 in FIG. 14, the control unit 21 checks whether there is an electronic certificate set for SSL in the HDD 206 as a result of importing the selected electronic certificate (step S1307). Specifically, the control unit 21 refers to the management table 40 shown in FIG. 5 stored in the HDD 206 and confirms the “use” for each electronic certificate. In this example, it can be seen that the electronic certificate is used only for SSL. Therefore, if the HDD 206 has an electronic certificate set for SSL, the image forming apparatus 14 can perform encrypted communication using the electronic certificate, and the process ends. If the HDD 206 does not have an electronic certificate set for SSL, the process advances to step S1308.

  Next, the control unit 21 determines whether the certificate automatic generation setting is ON (step S1308). In the automatic certificate generation setting, whether or not the image forming apparatus 14 itself generates a temporary electronic certificate (hereinafter referred to as “self-certificate certificate”) when there is no electronic certificate set for SSL. Is a setting for instructing. The automatic certificate generation setting being set to ON means that the image forming apparatus 14 itself generates a temporary electronic certificate. If the automatic certificate generation setting is set to OFF, it means that the image forming apparatus 14 itself does not generate a temporary electronic certificate. ON / OFF of the automatic certificate generation setting is set in advance on the automatic certificate setting screen.

  FIG. 15 is a diagram illustrating a setting operation on the certificate automatic setting screen. FIG. 15A shows a certificate automatic setting screen. When the administrator selects the ON button on the certificate automatic setting screen, the certificate automatic generation setting is set to ON. When the administrator selects the OFF button on the certificate automatic setting screen, the certificate automatic generation setting is set to OFF.

  FIG. 15B shows an example of a key generation / certificate setting screen. The key generation / certificate setting screen is a screen for performing detailed setting of the electronic certificate. When the automatic certificate generation setting is set to ON, a key generation / certificate setting screen is displayed. The image forming apparatus 14 sets a signature algorithm and a key length on the key generation / certificate setting screen according to the operation of the administrator. Setting information set on the certificate automatic setting screen and the key generation / certificate setting screen (hereinafter, certificate automatic generation setting information) is stored in the HDD 206. Accordingly, in step S1308 of FIG. 14, the control unit 21 determines whether the automatic certificate generation setting is ON based on the automatic certificate generation setting information in the HDD 206.

  If the certificate automatic generation setting is OFF, the process ends. When the automatic certificate generation setting is ON, the control unit 21 generates a self-signed certificate with a signature algorithm and a key length corresponding to the setting indicated by the automatic certificate generation setting information (step S1309). Then, the control unit 21 sets the usage of the generated self-signed certificate to SSL (step S1310). Specifically, the control unit 21 changes the setting of “use” in the management table 40 (FIG. 5) to SSL. In this embodiment, the validity period of the generated self-signed certificate is assumed to be, for example, one week after the generated time. In this embodiment, the effective period is set to one week as an example, but the present invention is not limited to this. Also, the administrator may be able to set the valid period.

  Next, the control unit 21 determines whether the administrator has logged in (step S1311). If the administrator is not logged in, the process returns to step S1311. When the administrator logs in, the control unit 21 displays a warning screen via the UI 205 to notify the administrator of a warning (step S1312). As for the warning notification method for the administrator of the control unit 21, not only the warning screen at the time of administrator login is displayed, but also the PC that performs the mail notification to the predetermined mail address from the LAN adapter 203 and the certificate import operation. You can also send email notifications to

  FIG. 16 is an example of a warning screen. The warning screen is a screen prompting that there is a self-signed certificate (provisional certificate in FIG. 15) and obtaining a regular electronic certificate. That is, the control unit 21 functions as a display unit that notifies the image forming apparatus 14 that there is a temporary electronic certificate and displays a screen that prompts the user to obtain a regular electronic certificate.

  When the administrator presses a “certificate generation” button on the warning screen, the display of the UI 205 changes to a predetermined certificate generation screen. The certificate generation screen is a screen for instructing acquisition of a regular electronic certificate. When the administrator depresses the “skip” button, the screen transitions to a predetermined top screen.

  FIG. 17 is an example of a certificate generation screen. When the administrator sets the key name, signature algorithm, and key length on the screen shown in FIG. 17A, the screen transitions to the screen shown in FIG. When the administrator makes detailed settings on the screen shown in FIG. 17B, a regular electronic certificate acquisition process is executed. The regular electronic certificate acquisition process is performed, for example, by requesting the PC 12 to transmit import request data to the image forming apparatus 14. Note that the export processing, import target selection processing, and the like of the image forming apparatuses 14 and 15 in the present embodiment are the same as those in the first embodiment, and thus description thereof is omitted.

  As described with reference to FIG. 14, the control unit 21 determines whether or not an electronic certificate corresponding to the encrypted communication method performed by the image forming apparatus 14 has been imported after importing the electronic certificate (S <b> 1307). . If the electronic certificate corresponding to the encrypted communication method performed by the image forming apparatus 14 is not imported, a temporary electronic certificate corresponding to the encrypted communication method is created (S1309).

  According to the operation processing of the image forming apparatus 14 according to the second embodiment described above, as a result of the selection of the certificate to be imported, the certificate (and the corresponding private key) used for encrypted communication was not imported. Even in this case, the following processing is possible. That is, a certificate for encrypted communication (and a corresponding private key) can be provisionally generated. As a result, even if the certificate for encrypted communication is not imported, the image forming apparatus 14 enables the administrator to create an intended electronic certificate while enabling connection by encrypted communication. And can prompt for import.

(Example 3)
In the second embodiment, when the certificate used for the encrypted communication is not imported as a result of the selection process by the control unit 21, the image forming apparatus 14 tentatively corresponds to the electronic certificate ( Secret key).

  However, depending on the operating environment of the image forming apparatus 14, the administrator may use a certificate issued by the intended certificate authority, such as when the certificate authority is built in the company or contracted with a predetermined certificate authority. You may want to do that.

  Therefore, in the third embodiment, when the electronic certificate that can be applied to the encrypted communication by the image forming apparatus is not imported by the selection process of the control unit 21, the control unit 21 enters the setting state of the certificate authority in the image forming apparatus. The corresponding electronic certificate acquisition process is executed.

  FIG. 18 is a diagram illustrating a setting operation on the certificate automatic setting screen according to the third embodiment. The difference between the present embodiment and the second embodiment is whether or not the administrator can set a predetermined certificate authority in advance in the automatic certificate generation setting.

  When the administrator sets ON on the certificate automatic generation setting screen shown in FIG. 18A, the certificate automatic generation setting is turned ON, and the screen changes to the certificate generation method setting screen shown in FIG. The certificate generation method setting screen is a screen for setting the certificate generation method. In this example, the certificate generation method setting screen displays whether the image forming apparatus 14 generates a self-signed certificate when the automatic certificate generation setting is ON, or generates a temporary electronic certificate in the certificate authority. This is a screen for instructing whether or not

  When the administrator selects “Generate by Certificate Authority” on the certificate generation method setting screen, a setting is made to instruct the certificate authority to generate a temporary electronic certificate. When the administrator selects “Generate on device (self-signed certificate)”, settings are made to instruct the image forming apparatus 14 to generate a self-signed certificate. When the certificate generation method is selected, the screen transitions to a key generation / certificate setting screen shown in FIG. Detailed settings are made by the administrator. The setting contents (certificate automatic generation setting information) on the screens of FIGS. 18A to 18C are stored in the HDD 206.

  FIG. 19 is a flowchart illustrating an example of an electronic certificate import process according to the third embodiment. Steps S1801 to S1808 are the same as steps S1301 to S1308 in FIG.

  If it is determined in step S1808 that the automatic certificate generation setting is OFF, the process ends. If it is determined that the certificate automatic generation setting is ON, the process advances to step S1809.

  Next, the control unit 21 refers to the certificate automatic generation setting information in the HDD 206 and determines whether or not an instruction to have the certificate authority generate a temporary electronic certificate is set (step S1809). If the instruction to have the certificate authority generate a temporary electronic certificate is not set and the instruction to generate a self-signed certificate is set, the process advances to step S1810. Then, the control unit 21 generates a self-signed certificate (step S1810), and the process proceeds to step S1811.

  If the instruction to have the certificate authority generate a temporary electronic certificate is set, the process advances to step S1814. Then, the control unit 21 issues an electronic certificate issuance request to the certificate authority (step S1814). Thereby, the control part 21 acquires an electronic certificate from a certificate authority. Then, the process proceeds to step S1811.

  FIG. 20 is a flowchart illustrating an example of an electronic certificate issuance request process in step S1814 of FIG. The control unit 21 generates a public key and a secret key according to the signature algorithm and key length included in the certificate automatic generation setting information in the HDD 206, and generates a CSR including the public key (step S1901). CSR is an abbreviation for Certificate signing request, and is a message transmitted to a certificate authority to apply for a public key certificate. In this example, the control unit 21 generates a CSR in a format according to PKCS # 10 (Public-Key Cryptography Standard # 10).

  Next, the control unit 21 transmits the generated CSR to a preset certificate authority (step S1902). Subsequently, the control unit 21 determines whether an electronic certificate issued by the certificate authority according to the CSR is received (step S1903). If the control unit 21 determines that the digital certificate issued by the certificate authority according to the CSR has not been received, the process returns to step S1903. When the control unit 21 determines that the electronic certificate issued by the certificate authority according to the CSR has been received, the electronic certificate issuance request process is terminated.

  Referring back to FIG. 19, the control unit 21 sets the usage of the self-signed certificate generated in step S1810 or the electronic certificate received from the certificate authority through the digital certificate issuance request processing in step S1814 for SSL ( Step S1811). Then, the process proceeds to step S1812. 20 and FIG. 19, from the description of the processing in step S1814, the control unit 21 acquires a temporary electronic certificate from a management apparatus (certificate authority) that issues the electronic certificate via the network, and temporarily It functions as an acquisition means for setting the usage of an electronic certificate for SSL.

  Next, the control unit 21 determines whether the administrator has logged in (step S1812). If the administrator has not logged in, the process returns to step S1812. When the administrator logs in, the control unit 21 displays a warning screen via the UI 205 to notify the administrator of a warning (step S1813). When the self-signed certificate has been generated in step S1810, the control unit 21 displays the warning screen shown in FIG. 16 described above, for example. When the electronic certificate is received from the certificate authority through the electronic certificate issuance request process in step S1814, the control unit 21 displays, for example, a warning screen illustrated in FIG.

  The warning screen shown in FIG. 21 displays that there is a provisional certificate and a process for obtaining a regular electronic certificate, that is, a request for issuing a regular electronic certificate to a certificate authority. When the administrator presses a “issue request to certificate authority” button on the warning screen shown in FIG. 21, the control unit 21 issues a regular electronic certificate issuance request to the certificate authority.

  Note that the export processing, import target selection processing, and the like of the image forming apparatuses 14 and 15 in the present embodiment are the same as those in the first and second embodiments, and thus description thereof is omitted. According to the third embodiment, it is possible to generate a temporary certificate according to the operating environment of the image forming apparatus 14.

(Other examples)
The present invention can also be realized by executing the following processing. That is, software (program) that realizes the functions of the above-described embodiments is supplied to a system or apparatus via a network or various storage media, and a computer (or CPU, MPU, or the like) of the system or apparatus reads the program. It is a process to be executed. In this case, the program and the storage medium storing the program constitute the present invention.

12 PC
13 Certificate Authority 14 Image Forming Device

Claims (15)

An information processing apparatus,
Receiving means for receiving an electronic certificate from an external device;
Determining means for determining whether the information processing apparatus supports an encryption method corresponding to the electronic certificate received by the receiving means;
The determining means determines that the information processing apparatus supports an encryption method corresponding to the electronic certificate received by the receiving means, and confirms a predetermined field of the electronic certificate, and When an IP address is not included in a predetermined field of the certificate, the electronic certificate and a private key corresponding to the electronic certificate are not imported, and an IP address is included in the predetermined field of the electronic certificate. Importing the electronic certificate and the private key corresponding to the electronic certificate , at least on the condition that the IP address included in the predetermined field of the electronic certificate matches the IP address of the information processing apparatus Means,
An information processing apparatus comprising: an electronic certificate imported by the importing unit; and an executing unit that performs encrypted communication using the secret key imported by the importing unit. 2. The information processing apparatus according to claim 1, wherein the execution unit executes Secure Socket Layer / Transport Layer Security communication using the electronic certificate imported by the import unit. The determining means determines whether the information processing apparatus supports an algorithm of an information encryption key included in the electronic certificate received by the receiving means;
The information processing apparatus according to claim 1, wherein the import unit imports an electronic certificate corresponding to the algorithm determined by the determination unit to be supported by the information processing apparatus. The determination unit determines whether the information processing apparatus supports a key length of an encryption key for information encryption included in the electronic certificate received by the reception unit;
The import unit imports an electronic certificate including an encryption key having the key length determined to be supported by the information processing apparatus by the determination unit. The information processing apparatus according to item. The information processing apparatus supports the encryption method corresponding to the electronic certificate when the information included in the electronic certificate received by the receiving means matches information unique to the information processing apparatus. To determine whether
The information processing apparatus according to any one of claims 1 to 4, wherein the electronic certificate imported by the importing unit includes information unique to the information processing apparatus. The information processing apparatus according to claim 1, wherein the information unique to the information processing apparatus includes address information of the information processing apparatus. The determining unit determines whether the information processing apparatus supports an encryption method corresponding to the electronic certificate when the validity period of the electronic certificate received by the receiving unit has not elapsed; the information processing apparatus according to any one of claims 1 to 6, wherein. The determination unit determines whether the information processing apparatus supports an encryption method corresponding to the electronic certificate when the electronic certificate received by the reception unit has not expired. The information processing apparatus according to any one of claims 1 to 7 . A temporary electronic device for performing encrypted communication when there is no electronic certificate corresponding to the encryption method supported by the information processing device among the one or more electronic certificates received by the receiving unit. the information processing apparatus according to any one of claims 1 to 8, further comprising a generation means for generating a certificate. Based on the fact that the temporary electronic certificate for performing the encrypted communication is generated by the generating means, a request for causing the certificate authority to generate an electronic certificate for performing the encrypted communication is issued by the certificate authority. The information processing apparatus according to claim 9 , further comprising issuing means for issuing the information to the information processing apparatus. A temporary electronic device for performing encrypted communication when there is no electronic certificate corresponding to the encryption method supported by the information processing device among the one or more electronic certificates received by the receiving unit. requesting information processing apparatus according to any one of claims 1 to 10, further comprising a first issuing means for issuing to the certification authority for generating a certificate to a certificate authority. After issuing a request for causing the certificate authority to generate a temporary electronic certificate for performing encrypted communication by the first issuing means, the temporary electronic certificate for performing the encrypted communication is based on obtained from the authentication station, further that having a second issuing means for issuing to the certification authority a request for generating a digital certificate for encrypted communication to the certificate authority
The information processing apparatus according to claim 11, wherein the this. A temporary electronic device for performing encrypted communication when there is no electronic certificate corresponding to the encryption method supported by the information processing device among the one or more electronic certificates received by the receiving unit. The information processing apparatus further comprises notification means for prompting the user to generate a certificate by the information processing apparatus or to cause a certificate authority to generate a temporary electronic certificate for performing encrypted communication. The information processing apparatus according to any one of 1 to 12 . A method for controlling an information processing apparatus,
A receiving process for receiving an electronic certificate from an external device;
A determination step of determining whether the information processing apparatus supports an encryption method corresponding to the electronic certificate received in the reception step;
In the determination step, it is determined that the information processing apparatus supports an encryption method corresponding to the electronic certificate received in the reception step, and a predetermined field of the electronic certificate is confirmed, and the electronic certificate When an IP address is not included in a predetermined field of the certificate, the electronic certificate and a private key corresponding to the electronic certificate are not imported, and an IP address is included in the predetermined field of the electronic certificate. Importing the electronic certificate and the private key corresponding to the electronic certificate , at least on the condition that the IP address included in the predetermined field of the electronic certificate matches the IP address of the information processing apparatus Process,
An information processing apparatus control method comprising: an electronic certificate imported in the import step; and an execution step of performing encrypted communication using the secret key imported in the import step. A computer program causing a computer to execute the control method according to claim 14 .

Images