Summary of the invention
In view of this, fundamental purpose of the present invention is to provide a kind of method realizing E-seal, Document processing software and seal process software independent of one another, for it increases E-seal function under the prerequisite that need not make any change to Document processing software, thus reduce the workload of developer, economize on resources.
In order to achieve the above object, the technical scheme that the present invention proposes is:
Realize a method for E-seal, independently arranging mutual interface between Document processing software and seal process software, described Document processing software is the plug-in unit of E-seal process software, and the method also comprises:
When needs are affixed one's seal to document, by described seal process software, the data comprising document are signed electronically, obtain electronic signature result; Seal data and the document data of described electronic signature result, document are preserved in the lump, realize E-seal and affix one's seal;
When the document needing to print or show through affixing one's seal, printed by Document processing software or show document data, by seal process software printing or display seal after checking electronic signature.
In such scheme, when described checking electronic signature is effective, the seal of described printing or display is seal images corresponding to described seal data.
In such scheme, when described checking electronic signature is invalid, described seal process software prints or the method for display seal is:
Seal process software represents document with what arrange in advance invalid mode prints or shows.
In such scheme, the method for described electronic signature is:
Calculate the hashed value of data to be signed, recycling private key is encrypted hashed value; Or,
First split data to be signed, hashed value is calculated to each partitioning portion, then utilizes private key to be encrypted in the lump each hashed value; Or,
First split data to be signed, hashed value is calculated to each partitioning portion, again hashed value is calculated to each hashed value calculated, then utilizes private key to be encrypted the hashed value again calculated.
In such scheme, the method for described electronic signature is:
Calculate the hashed value of the regularization result of data to be signed, recycling private key is encrypted hashed value.
In such scheme, the method for described regularization is: the principal character extracting data to be signed.
In such scheme, the interactive interface between described Document processing software and seal process software is:
Object connects or Adobe PDF SDK grand with nested OLE, the Component Object Model COM, OCX control, UOML UOML, Microsoft Office.
In such scheme, when need to print or display through the document of affixing one's seal, describedly printed by Document processing software or show document data, to be printed after checking electronic signature by seal process software or the method for display seal is specially:
Described seal process software opens the document through affixing one's seal, and obtain described seal data, electronic signature result and document data, described Document processing software obtains described document data by described interactive interface; Described seal process software is verified electronic signature according to seal data, electronic signature result and document data, prints or shows described seal, and is printed by described interactive interface notification of document process software or show described document data.
In sum, a kind of method realizing E-seal that the present invention proposes, independently between Document processing software and seal process software, mutual interface is being set, is being responsible for affixing one's seal, show or print seal part by seal process software, be responsible for display or printed document part by document software.Due to Document processing software and seal process software independent of one another, for it increases E-seal function under the prerequisite that need not make any change to Document processing software, thus reduce the workload of software developer, economize on resources, be conducive to popularization and the use of E-seal technology.
Embodiment
For making the object, technical solutions and advantages of the present invention clearly, the present invention is described in further detail below in conjunction with the accompanying drawings and the specific embodiments.
Basic thought of the present invention is: independently arranging mutual interface between Document processing software and seal process software, when needs are affixed one's seal to document, by described seal process software, the data comprising document are signed electronically, obtain electronic signature result, seal data and the document data of described electronic signature result, document are preserved in the lump, realize E-seal and affix one's seal; When the document needing to print or show through affixing one's seal, printed by Document processing software or show document data, by seal process software printing or display seal after checking electronic signature.
In the present invention, because Document processing software and seal process software are independent of each other, do not bind together as prior art, in actual applications, can using the plug-in unit of seal process software as Document processing software, also can using the plug-in unit of Document processing software as seal process software.
Interactive interface between Document processing software and seal process software can be: object connects or Adobe PDF SDK grand with nested (OLE), the Component Object Model (COM), OCX control, UOML (UOML), Microsoft Office etc.The mode of the interactive interface no matter between Document processing software and seal process software how, should as restriction condition of the present invention, all within protection scope of the present invention.
Below respectively using seal process software as the plug-in unit of Document processing software, and Document processing software is that example is to describe the present invention program in detail as the plug-in unit of seal process software.
Fig. 1 is the process flow diagram that in embodiment one, realization E-seal is affixed one's seal.In the present embodiment, seal process software is the plug-in unit of Document processing software, and is undertaken alternately by interface.
As shown in Figure 1, when needs are affixed one's seal to document, the method comprises the following steps:
Step 101: the data comprising document are passed to seal process software by interface by Document processing software;
Step 102: seal process software signs electronically to the data comprising document, obtains electronic signature result, and electronic signature result is returned to Document processing software by interface;
The data comprising document are signed electronically described in this step, not only can sign to document data itself, can also sign in the lump to data such as timestamps, then can be determined voluntarily by the user of application the present invention program as the concrete object of signing in practical application, repeat no more herein.
In practical application, the method for electronic signature can be:
First calculate the hashed value of data to be signed, recycling private key is encrypted hashed value; Or,
First split data to be signed, hashed value is calculated to each partitioning portion, then utilizes private key to be encrypted in the lump each hashed value; Or,
First split data to be signed, hashed value is calculated to each partitioning portion, again hashed value is calculated to each hashed value calculated, then utilizes private key to be encrypted the hashed value again calculated.
The method of electronic signature can also be: the hashed value calculating the regularization result of data to be signed, and recycling private key is encrypted hashed value.It is described here that to carry out regularization to data to be signed can be extract the principal character of data to be signed.Such as: Doctype is word document, just can extract Word messages all in word document, described Word message is here exactly principal character, and other information does not then deal with.Certainly, in practical application, also can use other regularization method of prior art, repeat no more herein.
In addition, this step can specifically adopt private key to sign.Seal data can be corresponding with a smart card, preserves a pair PKI and private key in described smart card.Wherein, described private key is formed by the chip computing in smart card, and ensure that private key data is not reproducible and can not read by the ardware feature of smart card, and described in this step, signature can be the computing utilizing the private key of smart card to carry out in smartcard internal.
PKI described here is used for certifying signature when being follow-up opening document, can be random copying and reading.That is, after affixing one's seal, in protected document, comprise the signature result ensureing its security, if the document is through distorting, PKI just cannot be utilized to obtain correct sign test result, namely not by signature verification, also correctly can not show seal.
Certainly, in practical application, other mode also can be adopted to carry out signing electronically and certifying signature, as long as can document be protected.
Step 103: the electronic signature result returned, seal data and document data are preserved in a document by Document processing software in the lump, realize E-seal and affix one's seal.
This step is preserved seal data in a document and is only had PKI, and is not used for the private key of signing in advance.
Fig. 2 prints in embodiment one or shows the process flow diagram through the document of affixing one's seal.As shown in Figure 2, the present embodiment can comprise the following steps:
Step 201: Document processing software opens the document through affixing one's seal;
Step 202: the electronic signature result of preserving in document, seal data and document data are passed to seal process software by interface by Document processing software;
Step 203: seal process software is verified electronic signature according to described electronic signature result, seal data and document data;
In this step, the method for electronic signature when affixing one's seal is realized checking by seal process software.If the method for electronic signature is: the hashed value calculating data to be signed, recycling private key is encrypted hashed value.So, corresponding verification method is: the hashed value calculating signed data, and recycling PKI is verified hashed value.
If the method for electronic signature is: first split data to be signed, hashed value is calculated to each partitioning portion, then utilizes private key to be encrypted in the lump each hashed value.So, corresponding verification method is: first split signed data, calculates hashed value, then utilize PKI to verify each hashed value to each partitioning portion.
If the method for electronic signature is: first split data to be signed, hashed value is calculated to each partitioning portion, again hashed value is calculated to each hashed value calculated, then utilizes private key to be encrypted the hashed value again calculated.So, corresponding verification method is: first split signed data, calculates hashed value, again calculate hashed value, then utilize PKI to verify the hashed value again calculated to each hashed value calculated each partitioning portion.
If the method for electronic signature is: the hashed value calculating the regularization result of data to be signed, recycling private key is encrypted hashed value.So, corresponding verification method is: the hashed value calculating the regularization result of signed data, and recycling PKI is verified hashed value.
Step 204: Document processing software prints or shows described document data, and printed by interface notification seal process software or display seal.
In this step, seal process software prints or the situation of display seal is divided into two kinds of situations usually: the first situation is that checking electronic signature is effective, seal process software prints or the seal of display is seal images corresponding to seal data, than the image if any " XX company " printed words, identical with seal in kind; The second situation is that checking electronic signature is invalid, namely verifies and does not pass through, and seal process software can represent document with what arrange in advance invalid mode prints or shows.Such as: seal process software can print or show certain and represent the image that document is invalid; Can print or be presented at the image original seal image superposing " fork "; Also can print or be presented at the image original seal image superposing the printed words such as engineering noise.
In practical application, also can print by other method or show seal, as long as accurately can represent that document is effective or invalid.Certainly, if verify invalid, can not also print or show any image.Specifically how to implement, can be determined by the user of application the present invention program, will not enumerate herein.
In the present embodiment, Document processing software is main body software, and seal process software is plug-in unit.If adopt OLE mechanism, then Document processing software is OLE client, and seal process software is OLE server, and interactive interface is OLE interface.When needs are affixed one's seal, seal part can be embedded in document as OLE data; When needs print or show, Document processing software can start OLE server, processes seal part by OLE server.
If adopt COM mechanism, then seal process software is com component, can provide assembly ID, attribute and method for Document processing software.When needs are affixed one's seal, seal part comprises the ID of the com component that can process self, and is embedded in document; When needs print or show, create the example of com component according to the ID of com component, and process seal part by the attribute, method etc. of accessing this assembly.
If adopt OCX mechanism, then seal process software is OCX control, the machine-processed basic simlarity of its principle and COM, just can also affixing one's seal and the function such as checking on webpage.
If adopt UOML mechanism, the storage of seal data and parsing etc. can be completed by UOML bottom, and Document processing software then directly calls UOML plug-in unit and realizes affixing one's seal; When needs print or show, Document processing software utilizes UOML to complete the parsing of seal data and to present.
Fig. 3 is the process flow diagram that in embodiment two, realization E-seal is affixed one's seal.In the present embodiment, Document processing software is the plug-in unit of seal process software, and is undertaken alternately by interface.
As shown in Figure 3, when needs are affixed one's seal to document, the method comprises the following steps:
Step 301: seal process software directly signs electronically to the data comprising document, obtains electronic signature result;
In the present embodiment, seal process software is main body, when opening document, directly can obtain the data comprising document from document, does not need to be obtained by interface.
When seal process software signs electronically, Document processing software also can show document data, so that user understands the document data needing signature intuitively.
Identical with embodiment one, the electronic signature described in this step, not only can sign to document data itself, can also sign in the lump, repeat no more herein data such as timestamps.
Identical with embodiment one, the method signed electronically described in this step can be: the hashed value first calculating data to be signed, and recycling private key is encrypted hashed value; Or, first split data to be signed, hashed value calculated to each partitioning portion, then utilizes private key to be encrypted in the lump each hashed value; Or, first split data to be signed, hashed value calculated to each partitioning portion, again hashed value is calculated to each hashed value calculated, then utilizes private key to be encrypted the hashed value again calculated; Or calculate the hashed value of the regularization result of data to be signed, recycling private key is encrypted hashed value.Order extracts as principal character.
Can private key be specifically adopted to sign.Seal data can be corresponding with a smart card, preserves a pair PKI and private key in described smart card.Wherein, described private key is formed by the chip computing in smart card, and ensure that private key data is not reproducible and can not read by the ardware feature of smart card, and described in this step, signature can be the computing utilizing the private key of smart card to carry out in smartcard internal.
PKI described here is used for certifying signature when being follow-up opening document, can copy and read.That is, after affixing one's seal, in protected document, comprise the signature result ensureing its security, if the document is through distorting, PKI just cannot be utilized to obtain correct sign test result, namely not by signature verification, also correctly can not show seal.
Certainly, in practical application, other mode also can be adopted to carry out signing electronically and certifying signature, as long as can document be protected.
Step 302: electronic signature result, seal data and document data are preserved by seal process software in the lump, realize E-seal and affix one's seal.
Identical with embodiment one, this step is preserved seal data in a document and is also only had PKI, and is not used for the private key of signing in advance.
Fig. 4 prints in embodiment two or shows the process flow diagram through the document of affixing one's seal.As shown in Figure 4, the present embodiment can comprise the following steps:
Step 401: seal process software opens the document through affixing one's seal, obtains electronic signature result, seal data and document data;
Step 402: document data is passed to Document processing software by interactive interface by seal process software;
Step 403: seal process software is verified electronic signature according to seal data, electronic signature result and document data;
The method verified signing electronically described in this step is identical with the step 203 of embodiment one, repeats no more herein.
Step 404: seal process software prints or shows described seal, and printed by interactive interface notification of document process software or show described document data.
Similar to embodiment one, in this step, seal process software prints or the situation of display seal is also divided into two kinds of situations: the first situation be checking electronic signature effectively, seal process software prints or the seal of display is seal images corresponding to seal data; The second situation is that checking electronic signature is invalid, namely verifies and does not pass through, and seal process software can represent document with what arrange in advance invalid mode prints or shows.
No matter be embodiment one or embodiment two, because Document processing software and seal process software are independently, respectively documentation section and seal part are processed, in procedure for displaying, document data is first presented to user by possible Document processing software, after seal process software, seal image is presented to user; Also first seal image may be presented to user by seal process software, after Document processing software, document data be presented to user; May be also that documentation section data are first presented to user by Document processing software, seal image be presented to user by seal process software again, and then residue document data is presented to user by Document processing software.In a word, Document processing software and seal process software are when processing documentation section and seal part respectively, and not strict order, is specifically determined by actual conditions, repeat no more herein.
In the present embodiment, seal process software is main body software, and Document processing software is plug-in unit.If adopt OLE mechanism, then seal process software is OLE client, and Document processing software is OLE server, and interactive interface is OLE interface.When needs are affixed one's seal, document data can be embedded in seal data as OLE data; When needs print or show, seal process software can start OLE server, processes documentation section by OLE server.
If adopt COM mechanism, then Document processing software is as com component, can provide assembly ID, attribute and method for seal process software.When needs are affixed one's seal, documentation section comprises the ID of the com component that can process self, and is embedded in seal data; When needs print or show, create the example of com component according to the ID of com component, and process documentation section by the attribute, method etc. of accessing this assembly.
If adopt OCX mechanism, then Document processing software is OCX control, the machine-processed basic simlarity of its principle and COM, just can also the function such as display on webpage and Edit Document.
If adopt UOML mechanism, the storage of document data and parsing etc. can be completed by UOML bottom, and seal process software then directly calls UOML plug-in unit and realizes affixing one's seal; When needs print or show, seal process software utilizes UOML to complete the parsing of document data and to present.
Application the present invention program, Document processing software and seal process software independently of one another, can be that it increases E-seal function under the prerequisite that need not make any change to Document processing software.In addition, independently seal process software can be transplanted in other Document processing software easily, without the need to redesigning soft and hardware interface and interaction mechanism, thus greatly reduces the workload of developer, economize on resources, be conducive to popularization and the use of E-seal technology.
In sum, these are only preferred embodiment of the present invention, be not intended to limit protection scope of the present invention.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.