Nothing Special   »   [go: up one dir, main page]

CN112685795B - Digital certificate creation method, digital certificate verification method and digital certificate system - Google Patents

Digital certificate creation method, digital certificate verification method and digital certificate system Download PDF

Info

Publication number
CN112685795B
CN112685795B CN202011624457.1A CN202011624457A CN112685795B CN 112685795 B CN112685795 B CN 112685795B CN 202011624457 A CN202011624457 A CN 202011624457A CN 112685795 B CN112685795 B CN 112685795B
Authority
CN
China
Prior art keywords
digital
data
certificate
stored
digital certificate
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011624457.1A
Other languages
Chinese (zh)
Other versions
CN112685795A (en
Inventor
陈垚亮
陈识
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Rootcloud Technology Co Ltd
Original Assignee
Rootcloud Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Rootcloud Technology Co Ltd filed Critical Rootcloud Technology Co Ltd
Priority to CN202011624457.1A priority Critical patent/CN112685795B/en
Publication of CN112685795A publication Critical patent/CN112685795A/en
Application granted granted Critical
Publication of CN112685795B publication Critical patent/CN112685795B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the application provides a digital certificate creation method, a digital certificate verification method and a digital certificate system, wherein the digital certificate creation method comprises the following steps: carrying out data preprocessing on an object to be stored so as to obtain corresponding storage source data and extracting file meta-information of the object to be stored; calculating a digital evidence storage fingerprint of the to-be-authenticated object, and signing the digital evidence storage fingerprint to obtain a digital signature of the to-be-authenticated object; generating a digital certificate with a unique certificate ID of the object to be stored based on the file meta information, the digital certificate fingerprint and the digital signature; the certification source data and the digital certification certificate are stored as transaction blocks in a blockchain. The technical scheme of the application carries out trusted digital certification based on the electronic signature technology, the blockchain technology and the like, and ensures the authenticity, the integrity, the timeliness, the traceability and the like of digital assets and the like.

Description

Digital certificate creation method, digital certificate verification method and digital certificate system
Technical Field
The application relates to the technical field of blockchains, in particular to a digital certificate creation method, a digital certificate verification method and a digital certificate verification system.
Background
More and more digital assets (such as contracts, tickets, copyrighted crops, etc.) need to be stored in an online digital evidence storage system to conduct digital asset publicity, supervision, ownership statement. However, conventional digital evidence storage systems are often unilaterally provided with storage services by the storage system owner, often facing the following risks: for example, the data is at risk of being tampered, attacked, lost and the like, so that the data security is difficult to ensure; moreover, it is difficult to prove the attribution of the digital asset and the verification process is cumbersome. Furthermore, since data is provided by a single party, the data is not legally valid, resulting in an acknowledgment not being accepted by authorities. Accordingly, there is an urgent need for a trusted digital certification system to provide a secure, trusted, legal-enabled digital certification service that protects the rights and interests of the digital asset owners.
Disclosure of Invention
In view of the above, the present application aims to overcome the defects in the prior art, and provide a digital certificate creation method, a digital certificate verification method and a digital certificate verification system.
The embodiment of the application provides a digital certificate creation method, which comprises the following steps:
carrying out data preprocessing on an object to be stored so as to obtain corresponding storage source data and extracting file meta-information of the object to be stored;
calculating a digital evidence storage fingerprint of the to-be-stored evidence object, and signing the digital evidence storage fingerprint to obtain a digital signature of the to-be-stored evidence object;
generating a digital certification certificate with a unique certificate ID of the object to be certified based on the file meta information, the digital certification fingerprint and the digital signature;
storing the certification source data and the digital certification certificate as transaction blocks in a blockchain.
In one embodiment, the performing data preprocessing on the object to be authenticated to obtain corresponding authentication source data and extracting file meta information of the object to be authenticated includes:
verifying the data integrity and legitimacy of the object to be authenticated;
if the complete and legal object to be authenticated is text data, the text data is directly used as corresponding authentication source data; if the object to be stored is non-text data, serializing the non-text data to obtain serialized data, wherein the serialized data is used as corresponding storage source data;
and extracting file meta-information from the complete and legal object to be authenticated, wherein the file meta-information comprises the file type, the name, the file data size, the modification date and the user information of the object to be authenticated.
In one embodiment, the object to be authenticated is text class data, audio class data, video class data, picture class data, or mixed class file data.
In one embodiment, if the object to be authenticated contains both text class data and non-text class data, the method further includes:
respectively taking the text class data and the non-text class data in the object to be stored as sub-objects to be stored and carrying out data preprocessing to obtain sub-storage evidence source data and sub-file meta-information corresponding to each sub-object to be stored; wherein the serializing operation is performed on the non-text data;
respectively calculating digital evidence storage fingerprints of the text data and the non-text data, and signing all the calculated digital evidence storage fingerprints to obtain unique digital signatures of the objects to be authenticated;
generating a unique digital certification of the object to be certified based on the unique digital signature, the sub-file meta information of each of the text-like data and the non-text-like data, and the digital certification fingerprint;
and storing all sub-certification source data of the object to be certified and the unique digital certification as a transaction block in a blockchain.
In one embodiment, the digital certificate creation method further includes:
generating a shared link of the digital certificate stored in the blockchain, the shared link being capable of being used to preview or download the digital certificate online and to verify the prover's ownership of the digital certificate.
The embodiment of the application also provides a digital verification method, which comprises the following steps:
receiving a unique certificate storing identifier of a digital certificate to be verified, and inquiring whether a block with the same certificate storing identifier exists in a block chain according to the unique certificate storing identifier, wherein the digital certificate is obtained by adopting the digital certificate creating method, and the unique certificate storing identifier is a certificate ID or a digital certificate storing fingerprint of the digital certificate;
if the block exists, judging that the digital certificate exists; otherwise, judging that the verification fails.
In one embodiment, the digital authentication method further comprises:
and after judging that the digital certificate exists, acquiring the certificate storage detailed information of the digital certificate according to the digital certificate storage fingerprint and the appointed private key.
In one embodiment, the digital authentication method further comprises:
and storing the verification inquiry record, wherein the verification inquiry record comprises a unique certificate identification, inquiry time and verification result of the digital certificate to be verified.
The embodiment of the application also provides a digital certificate creation device, which comprises:
the preprocessing module is used for preprocessing data of an object to be stored so as to obtain corresponding storage source data and extracting file meta-information of the object to be stored;
the signature module is used for calculating the digital evidence storage fingerprint of the to-be-authenticated object and signing the digital evidence storage fingerprint to obtain the digital signature of the to-be-authenticated object;
the certificate generation module is used for generating a digital certificate with a unique certificate ID of the object to be stored based on the file meta information, the digital certificate fingerprint and the digital signature;
and the block storage module is used for storing the certification source data and the digital certification source data as transaction blocks in a block chain.
The embodiment of the application also provides a digital verification device, which comprises:
the inquiry module is used for acquiring a unique certificate storage identifier of the digital certificate to be verified, and inquiring whether a block with the same certificate storage identifier exists in a block chain according to the unique certificate storage identifier, wherein the digital certificate storage is obtained by executing the functions of each module in the digital certificate storage creation device, and the unique certificate storage identifier is a certificate ID or a digital certificate storage fingerprint of the digital certificate storage;
the judging module is used for judging that the digital certificate exists if the block exists; otherwise, judging that the verification fails.
The embodiment of the application also provides a digital evidence storage system, which comprises:
the digital certificate creation module is used for carrying out data preprocessing on the object to be stored so as to obtain corresponding certificate source data and extracting file meta-information of the object to be stored; calculating a digital evidence storage fingerprint of the to-be-authenticated object through a hash algorithm, and signing the digital evidence storage fingerprint to obtain a digital signature of the to-be-authenticated object; generating a digital certificate of the object to be authenticated based on the file meta information, the digital certificate fingerprint and the digital signature; storing the certification source data and the digital certification certificate as a transaction block in a blockchain;
the digital certificate verification module is used for receiving a unique certificate storage identifier of a digital certificate to be verified, and inquiring whether a block with the same certificate storage identifier exists in a block chain according to the unique certificate storage identifier, wherein the unique certificate storage identifier is a certificate ID (identity) of the digital certificate or a digital certificate storage fingerprint; if the block exists, judging that the digital certificate exists; otherwise, judging that the verification fails.
Embodiments of the present application also provide a computer apparatus including a processor and a memory storing a computer program, the processor being configured to execute the computer program to implement the above-described digital certificate creation method or digital certificate verification method.
Embodiments of the present application also provide a readable storage medium storing a computer program which, when executed, implements the above-described digital certificate creation method or digital certificate verification method.
Embodiments of the present application have the following advantages:
the digital certificate creation method of the embodiment of the application obtains corresponding certificate source data and file meta information by carrying out data preprocessing on the object to be stored, obtains a unique digital signature by utilizing an electronic signature technology on the obtained digital certificate fingerprint of the object to be stored, further generates a unique digital certificate containing the file meta information, the digital certificate and the digital signature, and finally stores the digital certificate and the certificate source data in a blockchain together. The method is based on the electronic signature technology, the blockchain technology and the like to carry out trusted digital certification, can be applied to important digital assets such as contracts, notes, media information with copyright attributes and the like, ensures the authenticity, the integrity, the timeliness, the traceability and the like of the digital assets, and further maintains the rights and interests of owners of the digital assets and the like.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments will be briefly described below, it being understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a first flow chart of a digital certificate creation method according to an embodiment of the present application;
FIG. 2 is a schematic diagram showing an application of a digital certificate creation method according to an embodiment of the present application;
FIG. 3 is a schematic diagram of a digital certificate creation method according to an embodiment of the present application;
FIG. 4 is a second flow chart of a digital certificate creation method according to an embodiment of the present application;
FIG. 5 shows a schematic flow diagram of a digital certificate creation method including text data and non-text data according to an embodiment of the present application;
FIG. 6 shows a flow diagram of a digital authentication method according to an embodiment of the present application;
fig. 7 is a schematic diagram of a digital certificate storing system according to an embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments.
The components of the embodiments of the present application generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations. Thus, the following detailed description of the embodiments of the application, as presented in the figures, is not intended to limit the scope of the application, as claimed, but is merely representative of selected embodiments of the application. All other embodiments, which can be made by a person skilled in the art without making any inventive effort, are intended to be within the scope of the present application.
Example 1
Referring to fig. 1 and 2, the present embodiment provides a digital certificate creation method, which can be applied to online digital certificates of important digital assets such as contracts, tickets, media information with copyright attributes, and the like, and can effectively ensure the authenticity, integrity, timeliness, traceability, and the like of the digital assets.
The digital certificate creation method will be described in detail below.
S110, data preprocessing is carried out on the object to be stored so as to obtain corresponding storage source data and extract file meta-information of the object to be stored.
In this embodiment, the data preprocessing mainly includes two steps, namely, verifying the data integrity and validity of the object to be authenticated; and secondly, obtaining the certification source data corresponding to the object to be certified, wherein the certification source data is used for storing the unique digital certification certificate generated subsequently into the blockchain.
For example, taking data validity as an example, when a depositor uploads an object to be deposited, the depositor can check the validity of the object, for example, whether the file type of the object to be deposited belongs to a legal file type preset in a system or not can be checked, and if the file type does not belong to the legal file type, the file type can be prompted to be inconsistent or to be in error or the like. Illustratively, the preset file types may include, but are not limited to, common file types such as pdf, jpg, txt, doc, mp4 shown in table 1, which may be set according to specific applications. In addition, considering that the object to be stored in the blockchain is required to be stored, the data validity may include checking the data size of the object to be stored, and if the data size of the object to be stored exceeds a preset data size threshold, such as 500MB, 1G, etc., the file may be prompted to be oversized, etc. At this time, the depositor can consider compressing or splitting the depositor into a plurality of objects to deposit the certificate respectively, and can be determined according to actual conditions.
For data integrity, for example, after uploading the to-be-stored object, the depositor may first perform integrity verification operations such as whether the to-be-stored object is damaged, for example, if the to-be-stored object is not damaged, the depositor may safely open, then perform subsequent digital depositor creation operations, or else may prompt that the file is damaged and cannot perform depositions. It can be understood that by performing integrity check operations before verification, invalid verification can be effectively avoided, and particularly unnecessary troubles in the subsequent verification process can be avoided to cause adverse effects to a depositor; in addition, invalid occupation of blockchain resources can be reduced.
For the above-mentioned acquisition of the certification source data, exemplarily, if the object to be certified is text data, the text data is directly used as the corresponding certification source data; if the object to be authenticated is non-text data, such as a picture, audio or video file, the non-text data can be serialized to obtain serialized data. In this embodiment, the serialized data will be used as the provenance data for storage into the blockchain. Optionally, the certification source data may be stored in the blockchain after being encrypted.
The serialization operation is to convert the to-be-stored object into binary bytes based on a fixed data format and store the binary bytes in a database, and the binary bytes can be searched out through the data fingerprint of the to-be-stored object. It can be understood that the object to be stored can be converted into a form suitable for network transmission and storage through serialization processing of the object to be stored, so that the operations of sharing, online previewing, downloading and the like of the data storage card are facilitated.
In the process of data preprocessing, file meta-information of the object to be authenticated is extracted, where the file meta-information is mainly used to describe related file attributes of the object to be authenticated, and may include, but not limited to, file type, file name, file data size, modification date, user information, and the like. The user information mainly refers to information of a prover.
It will be appreciated that in conventional systems, the document data is often provided unilaterally, and therefore, there may be a risk of modification of the document data, or the document data may be modified to fail to trace back and follow up. For example, taking infringement of copyright assets such as articles and music on a webpage as an example, most webpage contents can be updated and changed continuously according to requirements of webpage users, for some infringement behaviors, infringement evidences at the time cannot be found easily in a later-period right maintaining process, even webpage screenshot evidences provided by infringers cannot have credibility and the like, and finally interests of version owners cannot be protected and the like. In this embodiment, by means of the characteristics that the data on the blockchain is undeletable and not tamperable, by storing the certificate source data in the blockchain together, not only can the ownership of the certificate to be stored by the certificate depositor be verified, but also the follow-up traceability, inquireability and the like of the evidence at that time can be realized in other occasions such as infringement and the like, so that the right-keeping strength, the efficiency and the like are improved.
S120, calculating the digital evidence storage fingerprint of the evidence to be stored, and signing the digital evidence storage fingerprint to obtain the digital signature of the evidence to be stored.
Illustratively, the digital authentication fingerprint of the authenticated object may be calculated using a hash algorithm, which may include, but is not limited to, employing the SHA256 algorithm, the MD5 algorithm, and the like, for example. And then, after the digital evidence storage fingerprint of the evidence storage object is obtained, the digital evidence storage fingerprint is signed by utilizing an electronic signature technology, so that the unique digital signature of the evidence storage object is obtained through calculation. It will be appreciated that the digital signature will include a digital forensic fingerprint of the subject to be forensic and associated user identity information that can be used to uniquely authenticate the depositor, etc.
In one embodiment, the unique digital signature may be generated by corresponding calculation rules using a private key owned by the depositor and the data fingerprint. Typically, the depositor is required to register identity information in the system prior to the creation of the depositor, at which time the system will assign a unique private key to the depositor to uniquely identify the depositor's operation with the private key.
And S130, generating a digital certificate of the object to be authenticated based on the file meta information, the digital certificate fingerprint and the digital signature.
A unique digital certificate may be generated by the primary information of the certification object, such as file meta information, digital certification fingerprint, and digital signature, for example. The digital certificate has a unique certificate ID, and a user can inquire the digital certificate through the certificate ID. For example, as shown in fig. 3, a digital certificate shows information such as a unique certificate number (i.e., certificate ID), a certificate type (i.e., file type) of a text certificate of a stored certificate object, a certificate name (i.e., file name), and a user ID (i.e., depositor information). Wherein the user ID can uniquely identify the prover. Of course, the digital certificate of certification may also include specific time of certification, certificate issuing authorities, and the like. It can be appreciated that for some occasions where specific information of the data certificate is not required to be verified, the verification purpose can be achieved by only inquiring the existence of the digital certificate and the content on the digital certificate in the blockchain, so that the verification efficiency and the like are improved.
S140, storing the certification source data and the digital certification as a transaction block in a blockchain.
Wherein the blockchain is composed of blocks that are not variable and recorded sequentially. In a blockchain, all blocks are linked together by hash tables, each block containing an index, a timestamp, a transaction list, and the hash value of the previous block, etc. Wherein the time stamping service may be provided by a third party authority time service. Illustratively, a list may be created for storing transaction information such as the certification source data and the digital certification certificate of the certification target, and a chunk is generated by adding a time stamp based on the hash value of the previous chunk, etc., and finally broadcast into the blockchain.
Thus, the creation process of a digital certificate is completed. The depositor can inquire the digital certificate in the blockchain through the certificate ID or the digital certificate fingerprint of the digital certificate, and further can be used for verifying digital assets and the like. For example, the digital certificate may be applicable to important digital assets having copyright properties such as contracts, notes, pictures, articles, and the like.
In this embodiment, the object to be authenticated may include, but is not limited to, text class data, picture class data, audio class data, video class data, and the like, and may also be data such as a mixed class file. The mixed file data refers to that at least two different types are simultaneously included in one file, and the mixed file data includes text, pictures, audio and the like.
Typically, one type of certification document corresponds to the generation of a digital certification certificate, and considering that the objects to be certified may include multiple different types of data at the same time, for convenience of subsequent viewing of the certification objects together, etc., the different types of data belonging to the same certification object may be used to generate a unique digital certification certificate.
Further, as shown in fig. 4, the digital certificate creation method further includes:
s210, respectively taking the text class data and the non-text class data in the objects to be stored as sub-objects to be stored and carrying out data preprocessing to obtain sub-storage source data and sub-file meta-information corresponding to each sub-object to be stored.
The data contained in the object to be stored can be distinguished as different sub-objects to be stored by text class and non-text class, so as to obtain sub-storage source data and sub-file meta-information of each sub-object to be stored. When data preprocessing is performed, serialization operation is required to be performed on non-text data in the object to be authenticated so as to obtain corresponding sub-authentication source data. For example, taking the above mixed file as an example, in addition to text, a picture, audio, etc., at this time, the text, the picture, and the audio may be respectively used as a sub-object to be authenticated and the above data preprocessing may be respectively performed.
S220, respectively calculating digital evidence storage fingerprints of the text data and the non-text data, and signing all the calculated digital evidence storage fingerprints to obtain a unique digital signature of the object to be authenticated.
S230, generating a unique digital certification of the object to be certified based on the unique digital signature, the sub-file meta information of the text data and the non-text data and the digital certification fingerprint.
S240, storing all sub-certification source data and unique digital certification certificates of the object to be certified as a transaction block in a blockchain.
Steps S220 and S230 will collectively generate a unique digital signature using the digital authentication fingerprint of each sub-authenticated object, and the authenticated object will generate a unique digital authentication ticket, unlike steps S120 and S130 described above. Rather than generating a digital signature for each sub-authenticated object separately to generate a plurality of digital authentication certificates. All files belonging to the same certificate-storing object can be checked through the unique digital certificate, so that the retrieval time can be saved, the management of digital certificates can be facilitated, and the like.
Further, in consideration of the fact that it is sometimes necessary to verify the ownership of the depositor with the digital certificate, or to refer to or view the digital certificate, for the purpose of facilitating the depositor's use, viewing by others, and the like, as shown in fig. 5, the digital certificate creation method further optionally includes:
s150, generating a sharing link of the digital certification stored in the blockchain.
It can be appreciated that the user can directly query the unique digital certificate through the sharing link, and further can be used for realizing online previewing or downloading of the digital certificate by the user. Of course, the sharing link may also be used directly to verify the ownership of the digital certificate by the depositor, etc. The shared link may illustratively exist in the form of a two-dimensional code, a web link URL, or the like. Accordingly, the system can provide an API interface to facilitate digital certificate verification operations and the like for other platforms.
The digital certificate creation method of the embodiment obtains the certificate source data by carrying out data preprocessing on the to-be-stored certificate object, further generates a unique certificate by utilizing the obtained digital signature, and finally safely and effectively stores the certificate source data and the digital certificate in the blockchain system, namely, the digital certificate is stored by utilizing the electronic signature technology and the blockchain technology, thereby realizing the purposes of non-forging, non-deleting, non-falsifying, traceability and the like of the digital certificate and achieving the purpose of trusted digital certificate. In addition, the rights and interests of digital asset owners such as contracts, notes and media information with copyright attributes can be comprehensively protected through the digital evidence storage operation, for example, for content creators, the occurrence of infringement behaviors and the fact of verifying infringement can be effectively prevented; for a financial service provider, the data security hole and risk can be minimized, and the financial service provider can also have the capability of interfacing with judicial institutions, so that the business of the financial service provider is ensured to accord with relevant laws and regulations; and for the supervision organization, the new Internet service can be quickly accessed for real-time supervision, so that the safety and controllability of the system are ensured, the occurrence of systematic risks is avoided, and the like.
Example 2
Referring to fig. 6, the present embodiment provides a digital authentication method, which can be applied to authentication of a digital authentication certificate obtained by the method of the above embodiment 1. Illustratively, the digital authentication method includes:
s310, receiving a unique certification mark of the digital certification to be verified. The unique certification mark can be a certificate ID, a digital certification fingerprint and the like.
S320, inquiring whether the block with the same certificate identifier exists in the blockchain according to the unique certificate identifier. If there are blocks with the same certificate identifier, the step S330 is skipped, otherwise the step S340 is skipped.
S330, if the digital certificate exists, judging that the specific digital certificate exists.
S340, if the verification fails, judging that the verification fails.
It will be appreciated that when there are blocks of the same certification mark, it is indicated that there is indeed one block in the blockchain storing a digital certification certificate having the certificate ID or digital certification fingerprint, and further that the certification authority of the certification authority or the like of the certification authority can be verified according to the content in the digital certification certificate.
Optionally, if the digital certificate is determined to exist, the digital certificate verification method further includes: and acquiring the certificate storing detailed information of the digital certificate according to the digital certificate storing fingerprint and the appointed private key. The appointed private key is usually kept by a depositor for analyzing the digital signature when needed, so that the specific information in the digital depositor can be checked and verified.
Further, the digital authentication method further includes: the verification query record is saved. Illustratively, the verification query record may include, but is not limited to, a unique certification identification including the entered digital certification to be verified, a query time, verification results, and the like. It will be appreciated that for each verification operation, the system will maintain a corresponding query record.
Example 3
Referring to fig. 7, based on the methods of embodiments 1 and 2, the present embodiment provides a digital certificate storing system 100, where the digital certificate storing system 100 mainly includes two major parts, namely a part for creating a digital certificate and a part for verifying the created digital certificate.
Exemplarily, the digital evidence storage system 100 includes a digital evidence storage creation module 10 and a digital evidence storage verification module 20, where the digital evidence storage creation module 10 is mainly used for performing data preprocessing on an object to be stored to obtain corresponding evidence storage source data and extracting file meta information of the object to be stored; calculating a digital evidence storage fingerprint of the to-be-authenticated object through a hash algorithm, and signing the digital evidence storage fingerprint to obtain a digital signature of the to-be-authenticated object; generating a digital certificate of the object to be stored based on the file meta information, the digital certificate fingerprint and the digital signature; the certification source data and the digital certification certificate are stored as transaction blocks in a blockchain.
The digital certificate verification module 20 is mainly configured to receive a unique certificate identifier of a digital certificate to be verified, and query whether a block with the same certificate identifier exists in a blockchain according to the unique certificate identifier, where the unique certificate identifier is a certificate ID of the digital certificate or a digital certificate fingerprint; if so, judging that a digital certificate exists; otherwise, judging that the verification fails.
It will be appreciated that the functions of the digital certificate creation module 10 of this embodiment correspond to the steps of the digital certificate creation method of embodiment 1 described above, and that the options of embodiment 1 described above are equally applicable to this embodiment. Also, the functions of the digital authentication module 20 correspond to the steps of the digital authentication method of the above-described embodiment 2, and thus are not described in detail herein.
The present application also provides a computer device, which exemplarily includes a memory and a processor, where the memory stores a computer program, and the processor executes the computer program to cause the computer device to execute the above-mentioned digital certificate creation method or the above-mentioned digital certificate verification method.
The memory may include a program storage area and a data storage area, wherein the program storage area may store an operating system, at least one application program required for a function; the storage data area may store data created from the use of the computer device (such as a to-be-authenticated file, etc.), and the like. In addition, the memory may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid-state storage device.
The present application also provides a readable storage medium for storing a computer program for use in the above computer device.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other manners. The apparatus embodiments described above are merely illustrative, for example, of the flow diagrams and block diagrams in the figures, which illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In addition, functional modules or units in various embodiments of the application may be integrated together to form a single part, or the modules may exist alone, or two or more modules may be integrated to form a single part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored on a computer readable storage medium. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a smart phone, a personal computer, a server, a network device, or the like) to perform all or part of the steps of the method of the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The foregoing is merely illustrative embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily think about variations or substitutions within the technical scope of the present application, and the application should be covered.

Claims (8)

1. A digital certificate creation method, comprising:
carrying out data preprocessing on an object to be stored so as to obtain corresponding storage source data and extracting file meta-information of the object to be stored;
calculating a digital evidence storage fingerprint of the to-be-stored evidence object, and signing the digital evidence storage fingerprint to obtain a digital signature of the to-be-stored evidence object;
generating a digital certification certificate with a unique certificate ID of the object to be certified based on the file meta information, the digital certification fingerprint and the digital signature;
storing the certification source data and the digital certification certificate as a transaction block in a blockchain;
the data preprocessing of the object to be stored to obtain corresponding storage source data and extracting file meta-information of the object to be stored comprises the following steps:
verifying the data integrity and legitimacy of the object to be authenticated;
if the complete and legal object to be authenticated is text data, the text data is directly used as corresponding authentication source data; if the object to be stored is non-text data, serializing the non-text data to obtain serialized data, wherein the serialized data is used as corresponding storage source data;
extracting file meta information from the complete and legal object to be stored, wherein the file meta information comprises the file type, name, file data size, modification date and user information of the object to be stored;
if the object to be stored contains text data and non-text data at the same time, respectively taking the text data and the non-text data in the object to be stored as sub-objects to be stored and preprocessing the data to obtain sub-storage source data and sub-file meta-information corresponding to each sub-object to be stored, wherein the serialization operation is carried out on the non-text data;
respectively calculating digital certificate fingerprints of the text data and the non-text data, signing all the calculated digital certificate fingerprints to obtain unique digital signatures of the objects to be stored, generating a unique digital signature by utilizing the digital certificate fingerprints of each sub-object to be stored together, and generating a unique digital certificate by the objects to be stored instead of generating a digital signature by each sub-object to be stored separately so as to generate a plurality of digital certificate to be stored;
generating a unique digital certification of the object to be certified based on the unique digital signature, the sub-file meta information of each of the text-like data and the non-text-like data, and the digital certification fingerprint of each of the text-like data and the non-text-like data;
and storing all sub-certification source data of the object to be certified and the unique digital certification as a transaction block in a blockchain.
2. The digital certificate creation method according to claim 1, wherein the object to be stored is text class data, audio class data, video class data, picture class data or mixed class file data.
3. The digital certificate creation method according to any one of claims 1 to 2, characterized by further comprising:
generating a shared link of the digital certificate stored in the blockchain, the shared link being capable of being used to preview or download the digital certificate online and to verify the prover's ownership of the digital certificate.
4. A digital authentication method, comprising:
receiving a unique certification mark of a digital certification certificate to be verified, and inquiring whether a block with the same certification mark exists in a block chain according to the unique certification mark, wherein the digital certification certificate is created by adopting the method as set forth in any one of claims 1 to 3, and the unique certification mark is a certificate ID or a digital certification fingerprint of the digital certification certificate;
if the block exists, judging that the digital certificate exists; otherwise, judging that the verification fails.
5. The digital authentication method of claim 4, further comprising:
after judging that the digital certificate exists, acquiring the certificate storage detailed information of the digital certificate according to the digital certificate storage fingerprint and a designated private key; and/or the number of the groups of groups,
and storing the verification inquiry record, wherein the verification inquiry record comprises a unique certificate identification, inquiry time and verification result of the digital certificate to be verified.
6. A digital evidence-storing system, comprising:
the digital certificate creation module is used for carrying out data preprocessing on the object to be stored so as to obtain corresponding certificate source data and extracting file meta-information of the object to be stored; calculating a digital evidence storage fingerprint of the to-be-stored evidence object, and signing the digital evidence storage fingerprint to obtain a digital signature of the to-be-stored evidence object; generating a digital certification certificate with a unique certificate ID of the object to be certified based on the file meta information, the digital certification fingerprint and the digital signature; storing the certification source data and the digital certification certificate as a transaction block in a blockchain;
the data preprocessing of the object to be stored to obtain corresponding storage source data and extracting file meta-information of the object to be stored comprises the following steps:
verifying the data integrity and legitimacy of the object to be authenticated; if the complete and legal object to be authenticated is text data, the text data is directly used as corresponding authentication source data; if the object to be stored is non-text data, serializing the non-text data to obtain serialized data, wherein the serialized data is used as corresponding storage source data; extracting file meta information from the complete and legal object to be stored, wherein the file meta information comprises the file type, name, file data size, modification date and user information of the object to be stored;
if the object to be stored contains text data and non-text data at the same time, respectively taking the text data and the non-text data in the object to be stored as sub-objects to be stored and preprocessing the data to obtain sub-storage source data and sub-file meta-information corresponding to each sub-object to be stored, wherein the serialization operation is carried out on the non-text data; respectively calculating digital certificate fingerprints of the text data and the non-text data, signing all the calculated digital certificate fingerprints to obtain unique digital signatures of the objects to be stored, generating a unique digital signature by utilizing the digital certificate fingerprints of each sub-object to be stored together, and generating a unique digital certificate by the objects to be stored instead of generating a digital signature by each sub-object to be stored separately so as to generate a plurality of digital certificate to be stored; generating a unique digital certification of the object to be certified based on the unique digital signature, the sub-file meta information of each of the text-like data and the non-text-like data, and the digital certification fingerprint of each of the text-like data and the non-text-like data; storing all sub-certification source data of the object to be certified and the unique digital certification as transaction blocks in a blockchain;
the digital certificate verification module is used for acquiring a unique certificate storage identifier of a digital certificate to be verified, and inquiring whether a block with the same certificate storage identifier exists in a block chain according to the unique certificate storage identifier, wherein the unique certificate storage identifier is a certificate ID (identity) of the digital certificate or a digital certificate storage fingerprint; if the block exists, judging that the digital certificate exists; otherwise, judging that the verification fails.
7. A computer device, characterized in that it comprises a processor and a memory, the memory storing a computer program, the processor being adapted to execute the computer program to implement the digital certificate creation method of any of claims 1 to 3 or the digital certificate verification method of any of claims 4 to 5.
8. A readable storage medium, characterized in that it stores a computer program which, when executed, implements the digital certificate creation method of any one of claims 1 to 3 or the digital certificate verification method of any one of claims 4 to 5.
CN202011624457.1A 2020-12-31 2020-12-31 Digital certificate creation method, digital certificate verification method and digital certificate system Active CN112685795B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011624457.1A CN112685795B (en) 2020-12-31 2020-12-31 Digital certificate creation method, digital certificate verification method and digital certificate system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011624457.1A CN112685795B (en) 2020-12-31 2020-12-31 Digital certificate creation method, digital certificate verification method and digital certificate system

Publications (2)

Publication Number Publication Date
CN112685795A CN112685795A (en) 2021-04-20
CN112685795B true CN112685795B (en) 2023-09-05

Family

ID=75454040

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011624457.1A Active CN112685795B (en) 2020-12-31 2020-12-31 Digital certificate creation method, digital certificate verification method and digital certificate system

Country Status (1)

Country Link
CN (1) CN112685795B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113032735B (en) * 2021-05-21 2021-08-17 浙江数秦科技有限公司 Digital asset evidence and infringement monitoring system and method based on block chain technology
CN114548994A (en) * 2022-04-27 2022-05-27 深圳高灯计算机科技有限公司 Data authenticity judging method and device, computer equipment and storage medium
CN114936386A (en) * 2022-06-20 2022-08-23 中教云智数字科技有限公司 Digital teaching material evidence storage method based on block chain
CN117914892A (en) * 2024-01-19 2024-04-19 鲁臻文化传媒发展有限公司 Business service management system based on SAAS and digital file verification method thereof

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2017049732A (en) * 2015-08-31 2017-03-09 パナソニックIpマネジメント株式会社 Case Evidence Management System and Case Evidence Management Method
CN107819777A (en) * 2017-11-17 2018-03-20 北京亿生生网络科技有限公司 A kind of data based on block chain technology deposit card method and system
US10102526B1 (en) * 2017-03-31 2018-10-16 Vijay K. Madisetti Method and system for blockchain-based combined identity, ownership, integrity and custody management
CN108809932A (en) * 2018-04-09 2018-11-13 杭州拾贝知识产权服务有限公司 A kind of deposit system, method and readable medium based on block chain
CN108920965A (en) * 2018-06-25 2018-11-30 北京奇虎科技有限公司 A kind of block chain deposits card method and device
CN109257180A (en) * 2018-10-16 2019-01-22 深圳市乘法信息技术有限公司 A kind of method and device for depositing card based on the intellectual property file of block chain
CN109740317A (en) * 2018-12-29 2019-05-10 北京奇虎科技有限公司 A kind of digital finger-print based on block chain deposits card method and device
CN110535662A (en) * 2019-09-03 2019-12-03 山东浪潮质量链科技有限公司 The method and system that user operation records are realized in card service are deposited based on block chain data
WO2019233951A1 (en) * 2018-06-04 2019-12-12 Worldline A software application and a computer server for authenticating the identity of a digital content creator and the integrity of the creator's published content
CN110602214A (en) * 2019-09-16 2019-12-20 百度在线网络技术(北京)有限公司 Evidence storing and processing method, device, equipment and medium of judicial chain
CN110995446A (en) * 2019-12-05 2020-04-10 腾讯科技(深圳)有限公司 Evidence verification method, device, server and storage medium
CN111010367A (en) * 2019-11-07 2020-04-14 深圳市电子商务安全证书管理有限公司 Data storage method and device, computer equipment and storage medium
CN111200501A (en) * 2019-12-31 2020-05-26 杭州趣链科技有限公司 Electronic evidence storage service system based on block chain
CN111444479A (en) * 2018-12-29 2020-07-24 北京奇虎科技有限公司 Method and system for verifying ownership of digital fingerprint
CN111541545A (en) * 2020-04-03 2020-08-14 上海七印信息科技有限公司 Storage certificate package generation method and device, computer equipment and storage medium
CN111552676A (en) * 2020-04-26 2020-08-18 北京众享比特科技有限公司 Block chain based evidence storing method, device, equipment and medium

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050074124A1 (en) * 2003-08-15 2005-04-07 Imcentric, Inc. Management of SSL/TLS certificates
US11088828B2 (en) * 2019-07-18 2021-08-10 Advanced New Technologies Co., Ltd. Blockchain-based data evidence storage method and apparatus

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2017049732A (en) * 2015-08-31 2017-03-09 パナソニックIpマネジメント株式会社 Case Evidence Management System and Case Evidence Management Method
US10102526B1 (en) * 2017-03-31 2018-10-16 Vijay K. Madisetti Method and system for blockchain-based combined identity, ownership, integrity and custody management
CN107819777A (en) * 2017-11-17 2018-03-20 北京亿生生网络科技有限公司 A kind of data based on block chain technology deposit card method and system
CN108809932A (en) * 2018-04-09 2018-11-13 杭州拾贝知识产权服务有限公司 A kind of deposit system, method and readable medium based on block chain
WO2019233951A1 (en) * 2018-06-04 2019-12-12 Worldline A software application and a computer server for authenticating the identity of a digital content creator and the integrity of the creator's published content
CN108920965A (en) * 2018-06-25 2018-11-30 北京奇虎科技有限公司 A kind of block chain deposits card method and device
CN109257180A (en) * 2018-10-16 2019-01-22 深圳市乘法信息技术有限公司 A kind of method and device for depositing card based on the intellectual property file of block chain
CN109740317A (en) * 2018-12-29 2019-05-10 北京奇虎科技有限公司 A kind of digital finger-print based on block chain deposits card method and device
CN111444479A (en) * 2018-12-29 2020-07-24 北京奇虎科技有限公司 Method and system for verifying ownership of digital fingerprint
CN110535662A (en) * 2019-09-03 2019-12-03 山东浪潮质量链科技有限公司 The method and system that user operation records are realized in card service are deposited based on block chain data
CN110602214A (en) * 2019-09-16 2019-12-20 百度在线网络技术(北京)有限公司 Evidence storing and processing method, device, equipment and medium of judicial chain
CN111010367A (en) * 2019-11-07 2020-04-14 深圳市电子商务安全证书管理有限公司 Data storage method and device, computer equipment and storage medium
CN110995446A (en) * 2019-12-05 2020-04-10 腾讯科技(深圳)有限公司 Evidence verification method, device, server and storage medium
CN111200501A (en) * 2019-12-31 2020-05-26 杭州趣链科技有限公司 Electronic evidence storage service system based on block chain
CN111541545A (en) * 2020-04-03 2020-08-14 上海七印信息科技有限公司 Storage certificate package generation method and device, computer equipment and storage medium
CN111552676A (en) * 2020-04-26 2020-08-18 北京众享比特科技有限公司 Block chain based evidence storing method, device, equipment and medium

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
熊健.《数据链技术创新与系统运用》.电子科技大学出版社,2020,第840-841页. *

Also Published As

Publication number Publication date
CN112685795A (en) 2021-04-20

Similar Documents

Publication Publication Date Title
CN112685795B (en) Digital certificate creation method, digital certificate verification method and digital certificate system
JP6833302B2 (en) Information authentication method and system
US20160292396A1 (en) System and method for authenticating digital content
CN110795753B (en) File security protection system, file security sharing method and security reading method
CN110785760A (en) Method and system for registering digital documents
CN112507391A (en) Block chain-based electronic signature method, system, device and readable storage medium
Chen et al. Study and implementation on the application of blockchain in electronic evidence generation
US11917071B2 (en) Data protection using universal tagging
CN110958319B (en) Method and device for managing infringement and evidence-based block chain
US10810325B2 (en) Method for custody and provenance of digital documentation
US11621851B2 (en) Block chain proof for identification
CN112565393A (en) File uploading method, file downloading method, file uploading device, file downloading device, computer equipment and storage medium
US8335922B2 (en) Recording medium, digital information verification apparatus, and digital information verification method
CN113360458A (en) Distributed file storage sharing system based on alliance chain
US20230109369A1 (en) First copyright holder authentication system using blockchain, and method therefor
CN112685794A (en) Online evidence obtaining method, evidence obtaining and right maintaining method, system and computer equipment
CN112069465A (en) Manuscript intellectual property protection method and system based on block chain
Elgohary et al. Improving uncertainty in chain of custody for image forensics investigation applications
US20240127237A1 (en) Managing customer information and transaction records on a distributed ledger
CN110598374B (en) Block chain-based work registration method, apparatus and computer-readable storage medium
CN111191271A (en) Preventing fraud in digital content licensing and distribution using distributed ledgers
ur Rehman et al. Blockchain-based approach for proving the source of digital media
CN115665177A (en) Block chain-based private cloud file guarantee method, storage medium and terminal
KR20230017577A (en) Chat content authentication system for chat programs and the method using the same
US10999077B2 (en) Data protection using sporadically generated universal tags

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
CB02 Change of applicant information
CB02 Change of applicant information

Address after: Room 303-309, No.3, Pazhou Avenue East Road, Haizhu District, Guangzhou City, Guangdong Province 510000

Applicant after: Shugen Internet Co.,Ltd.

Address before: 510000 Unit 12-30, Floor 4, West Port, Guangzhou International Media Port Office Building, 218 and 220 Yuanjiangxi Road, Haizhu District, Guangzhou City, Guangdong Province (Office only)

Applicant before: IROOTECH TECHNOLOGY Co.,Ltd.

SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant