Digital certificate application verification method, signature data verification method, device and equipment

By introducing collaborative data and multiple verifications into the certificate application process, the problem of certificate authority's inability to recognize private key management methods is solved, thus achieving flexible and reliable certificate application management.

CN122069113BActive Publication Date: 2026-07-07BEIJING CERTIFICATE AUTHORITY

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
BEIJING CERTIFICATE AUTHORITY
Filing Date
2026-04-20
Publication Date
2026-07-07

AI Technical Summary

Technical Problem

In the existing digital certificate application process, certificate authorities cannot effectively identify and verify the private key management methods of certificate applicants, resulting in the inability to achieve differentiated verification and management of different private key maintenance modes, and thus lacking flexibility.

Method used

The certificate application process includes adding collaborative data, such as digital signatures and collaboration proof data generated by the certificate applicant and cryptographic collaborators. The certificate authority performs multiple verifications to confirm the private key holding method and the identity of the cryptographic collaborators, and adds key collaboration information to the issued digital certificate.

Benefits of technology

It enables differentiated verification management for different certificate application methods, improves the flexibility and reliability of certificate application management, and ensures the accuracy of private key holding methods and cryptographic collaborator identity verification.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122069113B_ABST
    Figure CN122069113B_ABST
Patent Text Reader

Abstract

The embodiment of the application provides a kind of digital certificate application verification method, signature data verification method, device and equipment, it is related to digital signature technical field.The method comprises: in response to the digital certificate application of certificate applicant, and the corresponding certificate application request data and certificate application cooperation data are acquired;Digital certificate application is carried out multiple verification operations based on certificate application request data and certificate application cooperation data;In the case where all verification operations are verified, the digital certificate is issued to certificate applicant.This embodiment of the application can realize the function of the third party password cooperation service verifiable by increasing certificate application cooperation data and other information in digital certificate application, so as to meet the needs of different private key holding mode certificate application to implement differentiated verification management.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of digital signature technology, and more specifically, to a method for applying for and verifying digital certificates, a method for verifying signature data, an apparatus, and a device. Background Technology

[0002] In existing digital certificate application processes, certificate verification only requires the applicant to provide a valid digital signature generated from the private key corresponding to the public key used in the application. However, in practical applications, the management and use of the applicant's private key may vary, leading to differences in security.

[0003] Currently, certificate authorities typically only verify the validity of digital signatures during the certificate application review stage, lacking verification of information such as third-party cryptographic collaboration services. This results in the inability to implement differentiated verification management for certificate applications with different private key maintenance modes, leading to a lack of flexibility. Summary of the Invention

[0004] The purpose of this application is to provide a method, apparatus, and device for applying for and verifying digital certificates, as well as a method, apparatus, and device for verifying signature data, so as to improve the flexibility of certificate application and verification.

[0005] In a first aspect, embodiments of this application provide a method for applying for and verifying a digital certificate, applied to a certificate authentication authority, including:

[0006] In response to a digital certificate application from a certificate applicant, the system obtains certificate application request data and certificate application collaboration data corresponding to the digital certificate application; wherein, the certificate application request data includes certificate application information and a first digital signature generated by the certificate applicant and a cryptographic collaborator in collaboration with the certificate application information, and the certificate application collaboration data includes collaboration proof data generated by the cryptographic collaborator to prove its participation in the first digital signature generation process;

[0007] Multiple verification operations are performed on the digital certificate application based on the certificate application request data and the certificate application collaboration data; wherein, the verification operations include verifying the certificate application information, verifying the first digital signature, and verifying the collaboration proof data;

[0008] A digital certificate is issued to the certificate applicant if all verification operations pass.

[0009] In this embodiment of the application, by adding information such as certificate application collaboration data to the digital certificate application, the function of verifying third-party cryptographic collaboration services can be realized, thereby meeting the need for differentiated verification management for different certificate application methods and effectively improving the flexibility of certificate application management.

[0010] In some embodiments, the certificate application information includes a public key, and the first digital signature is generated based on a target private key corresponding to the public key;

[0011] The target private key can be held either independently by the cryptographic collaborator or jointly by the certificate applicant and the cryptographic collaborator.

[0012] In this embodiment of the application, by setting up two private key holding methods—one where the collaborating party maintains the private key independently and the other where the applicant and the collaborating party maintain the private key collaboratively—the application flexibility of the certificate application process is further improved.

[0013] In some embodiments, the certificate application information includes holding method information for declaring how the target private key is held;

[0014] The process of performing multiple verification operations on the digital certificate application based on the certificate application request data and the certificate application collaboration data includes:

[0015] Verify whether the private key holding method declared in the holding method information is consistent with the actual private key holding method determined based on the collaboration proof data.

[0016] In this embodiment of the application, the reliability of certificate application verification is further improved by verifying the consistency between the private key holding method declared in the certificate application information and the actual private key holding method determined based on the collaborative proof data.

[0017] In some embodiments, the generation method of the first digital signature includes:

[0018] In the private key escrow method, the cryptographic collaborator independently signs the certificate application information based on the target private key maintained by itself, and with the authorization of the certificate applicant, to obtain the first digital signature;

[0019] Alternatively, in the collaborative signature method, the certificate applicant and the cryptographic collaborator jointly sign the certificate application information using collaborative signature technology based on their respective private key fragments, thereby obtaining the first digital signature.

[0020] In this embodiment of the application, by providing two digital signature generation methods, including the digital signature of the application information generated independently by the cryptographic collaborator based on the private key escrow method, or the digital signature of the application information jointly generated by the cryptographic collaborator and the certificate applicant based on the collaborative signature method, the application flexibility of the certificate application process is further improved.

[0021] In some embodiments, the collaborative proof data includes a collaborative signature intermediate result generated by the cryptographic collaborator, and a second digital signature generated by the cryptographic collaborator using its identity private key on the collaborative signature intermediate result;

[0022] The process of performing multiple verification operations on the digital certificate application based on the certificate application request data and the certificate application collaboration data includes:

[0023] Obtain the identity information of the cryptographic collaborator, and verify the second digital signature based on the identity information to determine the validity of the cryptographic collaborator's identity.

[0024] In this embodiment of the application, by obtaining the identity information of the cryptographic collaborator and verifying the second digital signature generated by it based on the intermediate result of the collaborative signature, the reliability of certificate application verification is further improved.

[0025] In some embodiments, the step of performing multiple verification operations on the digital certificate application based on the certificate application request data and the certificate application collaboration data further includes:

[0026] The verification parameters are calculated based on the certificate application information and the first digital signature, and the verification parameters are compared with the intermediate results of the collaborative signature to confirm whether the cryptographic collaborator participated in the generation process of the first digital signature.

[0027] In this embodiment of the application, by calculating verification parameters to compare the intermediate results of collaborative signatures, it is possible to confirm whether the cryptographic collaborator participated in the generation process of the first digital signature, thereby further improving the reliability of certificate application verification.

[0028] In some embodiments, issuing a digital certificate to the certificate applicant includes:

[0029] A digital certificate is issued to the certificate applicant, and key collaboration information is added to the digital certificate;

[0030] The key collaboration information includes private key holding information and cryptographic collaborator information. The private key holding information is used to indicate that the target private key for generating the first digital signature is maintained independently by the cryptographic collaborator, or that the target private key for generating the first digital signature is jointly maintained by the certificate applicant and the cryptographic collaborator. The key collaboration information is added to the digital certificate in the form of a certificate extension.

[0031] In this embodiment of the application, by adding key collaboration information to the digital certificate, the application process of the subsequent signature data can be provided with the function of verifying the private key holding method and the cryptographic collaboration, thereby further improving the flexibility of digital certificate application.

[0032] In some embodiments, the algorithm flow for initiating the digital certificate application using a collaborative signature method includes:

[0033] The certificate applicant sends a certificate application information signature request generated by itself to the cryptographic collaborator; wherein, the certificate application information signature request includes the certificate application information and collaborative signature parameters generated based on the certificate application information;

[0034] After the cryptographic collaborator verifies the received certificate application information, it uses a portion of its private key to digitally sign the certificate application information, generating a third digital signature.

[0035] The cryptographic collaborator generates a collaborative signature intermediate result based on the collaborative signature parameters and the third digital signature, and uses its identity private key to generate a second digital signature on the collaborative signature intermediate result. The collaborative signature intermediate result and the second digital signature are used as collaborative proof data to form certificate application collaborative data.

[0036] The cryptographic collaborator will send the certificate application collaboration data and the third digital signature back to the certificate applicant;

[0037] The certificate applicant uses a portion of their private key in conjunction with the third digital signature to calculate and obtain a first digital signature corresponding to the certificate application information, thereby forming certificate application request data containing the certificate application information and the first digital signature, and initiates the digital certificate application based on the certificate application request data and the certificate application collaboration data.

[0038] Secondly, embodiments of this application provide a signature data verification method, applied to a dependent party, the method comprising:

[0039] Obtain the signature data to be verified; wherein the signature data includes original data, a digital signature value, and a digital certificate of the certificate holder; the digital certificate is issued according to any of the digital certificate application and verification methods described herein;

[0040] The digital signature value is verified based on the digital certificate.

[0041] If the signature verification is successful, the private key holding method information and cryptographic collaborator information are obtained based on the key collaboration information of the digital certificate;

[0042] The private key holding method is verified based on the private key holding method information, and the cryptographic collaborator is verified based on the cryptographic collaborator information.

[0043] If the private key holding method is verified and the cryptographic collaborator is verified, the signature data is confirmed to be valid.

[0044] In this embodiment of the application, by obtaining key collaboration information to verify the private key holding method and collaborator information, the differentiated verification management requirements of different data signature forms are met, thereby improving the flexibility of digital signature applications.

[0045] In some embodiments, verifying the private key holding method corresponding to the digital signature value based on the private key holding method information, and verifying the cryptographic collaborator based on the cryptographic collaborator information, includes:

[0046] If the private key holding method is determined to meet the preset security policy conditions, the verification of the private key holding method is confirmed to be successful.

[0047] If the identity of the cryptographic collaborator is determined to be valid and the cryptographic collaborator exists in a preset list of trusted collaborators, then the cryptographic collaborator is confirmed to have passed verification.

[0048] In this embodiment of the application, the flexibility of digital signature applications is further improved by verifying the private key holding method based on preset security policy conditions and verifying the cryptographic collaborators based on a preset list of trusted collaborators.

[0049] Thirdly, embodiments of this application provide a digital certificate application verification device, applied to a certificate authentication authority, comprising:

[0050] The application response module is used to respond to a digital certificate application from a certificate applicant and to obtain certificate application request data and certificate application collaboration data corresponding to the digital certificate application; wherein, the certificate application request data includes certificate application information and a first digital signature generated by the certificate applicant and a cryptographic collaborator in collaboration with the certificate application information, and the certificate application collaboration data includes collaboration proof data generated by the cryptographic collaborator to prove its participation in the first digital signature generation process;

[0051] The application verification module is used to perform multiple verification operations on the digital certificate application based on the certificate application request data and the certificate application collaboration data; wherein, the verification operations include verifying the certificate application information, verifying the first digital signature, and verifying the collaboration proof data;

[0052] The certificate issuance module is used to issue digital certificates to the certificate applicant after all verification operations have passed.

[0053] Fourthly, embodiments of this application provide a signature data verification device, applied to a dependent party, including:

[0054] A data acquisition module is used to acquire signature data to be verified; wherein, the signature data includes original data, digital signature value, and digital certificate of the certificate holder; the digital certificate is issued according to any of the digital certificate application and verification methods described above;

[0055] A signature verification module is used to verify the digital signature value based on the digital certificate.

[0056] The information acquisition module is used to acquire private key holding information and cryptographic collaborator information based on the key collaboration information of the digital certificate, provided that the signature verification is successful.

[0057] The condition verification module is used to verify the private key holding method corresponding to the digital signature value based on the private key holding method information, and to verify the cryptographic collaborator based on the cryptographic collaborator information;

[0058] The validity verification module is used to verify the validity of the signature data if the private key holding method is verified and the cryptographic collaborator is verified.

[0059] Fifthly, embodiments of this application provide an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor, when executing the program, can implement the method described in either the first or second aspect of the embodiments.

[0060] In a sixth aspect, embodiments of this application provide a computer-readable storage medium storing a computer program, which, when executed by a processor, can implement the methods described in either the first or second aspect.

[0061] In a seventh aspect, embodiments of this application provide a computer program product, the computer program product including a computer program, wherein the computer program, when executed by a processor, can implement the method described in either the first aspect or the second aspect. Attached Figure Description

[0062] To more clearly illustrate the technical solutions of the embodiments of this application, the accompanying drawings used in the embodiments of this application will be briefly introduced below. It should be understood that the following drawings only show some embodiments of this application and should not be regarded as a limitation of the scope. For those skilled in the art, other related drawings can be obtained based on these drawings without creative effort.

[0063] Figure 1 A flowchart illustrating a digital certificate application and verification method provided in this application embodiment;

[0064] Figure 2 A flowchart illustrating a signature data verification method provided in an embodiment of this application;

[0065] Figure 3 A schematic diagram of the structure of a digital certificate application verification device provided in an embodiment of this application;

[0066] Figure 4 This is a schematic diagram of the structure of a signature data verification device provided in an embodiment of this application;

[0067] Figure 5 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application. Detailed Implementation

[0068] The technical solutions in the embodiments of this application will now be described with reference to the accompanying drawings.

[0069] It should be noted that similar reference numerals and letters in the following figures indicate similar items; therefore, once an item is defined in one figure, it does not need to be further defined and explained in subsequent figures. Furthermore, in the description of this application, terms such as "first," "second," etc., are used only to distinguish descriptions and should not be construed as indicating or implying relative importance.

[0070] It should be noted that the PKI (Public Key Infrastructure) technology system is based on public key cryptography. It issues digital certificates to certificate applicants through CA (Certificate Authority), and the digital certificate binds the certificate applicant's identity information and the public key it holds.

[0071] In existing digital certificate application processes, verifying the private key possession of a certificate applicant only requires the applicant to provide a valid digital signature generated from the private key corresponding to the public key used in the certificate application. However, in practical applications, certificate applicants may manage and use their private keys in various ways, and their security may differ. Therefore, during the certificate application process, the ability to identify and verify the certificate applicant's private key possession method is crucial for determining the certificate holder's (i.e., the certificate applicant's) security capabilities in private key management.

[0072] Currently, the most common approach is to generate public-private key pairs using a separately held dedicated cryptographic module. This module can be a USBkey (a USB-based hardware device with a built-in smart card chip or microcontroller used to store user private keys, digital certificates, and authentication information), a TEE (Trusted Execution Environment), or a SE (Secure Element, a tamper-proof hardware security module). In this case, the private key corresponding to the public key is managed and used only by the certificate applicant (certificate holder) on their local device. Using a separately held dedicated cryptographic module requires the certificate applicant to use a terminal device with specific hardware capabilities (such as the ability to recognize and use a USBkey, or the presence of a TEE / SE) to apply for and use digital certificates, which presents certain application limitations.

[0073] For terminal devices or cloud applications that do not support the aforementioned hardware capabilities, the use of third-party cryptographic collaboration services (cryptographic collaborators) is becoming increasingly widespread. These services can manage and use private keys jointly with certificate applicants based on collaborative signature technology, or provide full private key escrow for certificate applicants. Different third-party cryptographic collaboration services may differ in their security levels. Therefore, identifying whether a third-party cryptographic collaboration service is involved in the management and use of a certificate applicant's private key during digital certificate application and application, and verifying the identity of the third-party cryptographic collaboration service participating in cryptographic collaboration operations, is one of the problems that needs to be addressed when using third-party cryptographic collaboration services in a digital certificate system. Furthermore, it should be noted that for parties that rely on digital certificates for user authentication or data communication, the way users hold their private keys is an important security factor that needs to be considered.

[0074] It should be noted that there are currently numerous and varied services and systems providing collaborative signatures and key escrow, with varying service capabilities and security levels. Under traditional certificate application schemes, when a user applies for a digital certificate, the CA cannot determine from the current certificate application data whether the private key is being collaboratively managed and used by a third-party service, nor can it determine whether the service providing private key collaborative management and use has sufficient security. Furthermore, during certificate usage, the relying party cannot directly determine from the digital certificate whether the user is using a private key collaborative management and use service provided by a third party that the relying party does not trust.

[0075] To address the problems existing in the prior art, this application proposes a method that allows certificate authorities to identify and verify that the private key of a certificate applicant is involved by a cryptographic collaborator during the certificate application process, and optionally, to explicitly indicate in the issued digital certificate information that the management and use of the private key corresponding to the digital certificate is involved by a cryptographic collaborator.

[0076] The following first introduces the various parties involved in the embodiments of this application:

[0077] 1. Certificate applicant: The ultimate holder and user of the digital certificate. The applicant obtains the digital certificate by submitting a digital certificate application request to a Certificate Authority (CA) and after the verification is passed. The identity of the subject indicated in the digital certificate belongs to the certificate applicant.

[0078] 2. Cryptographic Collaborator: Holds and manages part or all of the certificate applicant's private key. When the certificate applicant applies for a digital certificate, the collaborator uses part or all of the certificate applicant's private key to digitally sign the certificate application information according to the applicant's needs. After the certificate applicant has obtained the digital certificate, when digitally signing data using the private key corresponding to the digital certificate, the collaborator uses part or all of the certificate applicant's private key to digitally sign the data to be signed.

[0079] In this context, when the cryptographic collaborator holds part of the certificate applicant's private key, during the digital certificate application and digital certificate application signing process, the cryptographic collaborator and the certificate applicant jointly complete the cryptographic operation of digital signing using the private key corresponding to the digital certificate based on secret sharing technology (i.e. collaborative signing technology).

[0080] When the cryptographic collaborator holds the complete private key of the certificate applicant, the cryptographic collaborator provides the user with private key escrow services. During the digital certificate application and digital certificate application signing process, the cryptographic collaborator, with the authorization of the certificate applicant, independently and completely uses the private key corresponding to the digital certificate to perform cryptographic operations for digital signature.

[0081] 3. Certificate Authority: Verifies (certifies) the digital certificate application of the certificate applicant; when the private key of the certificate applicant is partially or completely held by the cryptographic collaborator, the verification operation of the certificate authority includes: verifying the identity of the cryptographic collaborator, verifying whether the information of the current certificate application was completed by the cryptographic collaborator, etc.; after all verifications are passed, the certificate authority issues a digital certificate to the certificate applicant; in addition to issuing digital certificates, it provides full lifecycle management services for existing digital certificates, including certificate revocation and certificate renewal, which can be consistent with the functions of traditional CA.

[0082] 4. Dependent party: Verifies the digital signature of the data based on the digital certificate.

[0083] To better illustrate the proposed solution, the following exemplifies the pre-application process prior to certificate application:

[0084] a) The cryptographic collaborator obtains an identity certificate. The identity certificate can be issued by another certification authority that can be verified and trusted by the certificate authority (the authority that verifies the certificate application) in this application embodiment. When the certificate applicant performs the certificate application operation, the private key corresponding to the identity certificate is used to digitally sign the collaborative signature data (such as the intermediate result of the collaborative signature) of the certificate application. The certificate authority can verify the identity of the cryptographic collaborator and verify the validity of the signed data based on the identity certificate.

[0085] b) The certificate applicant and the cryptographic collaborator complete the key creation for the certificate application;

[0086] 1. When the cryptographic collaborator holds a portion of the key, the certificate applicant holds a key fragment. ,in d 1 is for private key fragmentation, P 1 represents public key sharding, with each cryptographic collaborator holding a corresponding key shard. Both parties can use a collaborative signature algorithm to calculate the complete public key based on their respective private key fragments and shareable public key fragments. P A This is the public key used when applying for a certificate.

[0087] For example, a key fragmentation calculation method based on a collaborative signature algorithm is as follows (where the asymmetric cryptographic algorithm used is the SM2 algorithm and its corresponding elliptic curve parameter G):

[0088]

[0089]

[0090]

[0091] 2. When the cryptographic collaborating party possesses the complete private key, the cryptographic collaborating party shall safeguard and use the complete private key. d A ,and d A One-to-one public key P A This is the public key used when applying for a certificate. Taking the SM2 algorithm as an example... .

[0092] As an example, the following is a brief description of a possible digital certificate application process:

[0093] (1) The certificate applicant generates certificate application information and sends a certificate application information collaboration signature request to the cryptographic collaborator. The certificate application information may include at least one of the following: version number, certificate applicant subject, public key corresponding to the certificate, method of holding the private key corresponding to the certificate, and corresponding cryptographic collaborator information.

[0094] (2) Upon receiving the certificate application information collaboration signature request, the cryptographic collaborator checks whether the private key holding method (e.g., verification based on pre-negotiated information) and the cryptographic collaborator information in the certificate application information are correct. For the correctly described certificate application information, the cryptographic collaborator uses the private key held by the cryptographic collaborator that corresponds one-to-one with the public key described in the certificate application information to perform digital signature operation on the certificate application information to obtain the corresponding signature value (the complete first digital signature or a part of the signature information participating in the calculation of the first digital signature). In addition, the collaborator generates a collaborative signature intermediate result based on a preset algorithm, and then uses the private key (identity private key) corresponding to its own identity certificate to perform digital signature operation on the collaborative signature intermediate result. The collaborative signature intermediate result and the corresponding signature value (second digital signature) form the certificate application collaboration data, and the signature value of the certificate application information and the certificate application collaboration data are sent to the certificate applicant.

[0095] The private key held by the cryptographic collaborator for signing the certificate application information can be a partial private key. d 2 or complete private key d A .

[0096] (3) Based on the information returned by the cryptographic collaborator, the certificate applicant further forms certificate application request data; when applying for a digital certificate, the certificate application request data and certificate application collaboration data are sent together to the certificate authority. The certificate application request data includes certificate application information and a complete digital signature result (first digital signature) of the certificate application information; the digital signature result (first digital signature) of the certificate application information includes the following two generation methods:

[0097] a) When a cryptographic collaborator shares its private key with a certificate applicant using a collaborative signature method, the certificate applicant, after receiving the digital signature value returned by the cryptographic collaborator (a portion of the signature information used to calculate the first digital signature), further uses a portion of its own private key. d 2. Perform collaborative signature calculation to generate the final digital signature result of the certificate application information (the complete first digital signature);

[0098] b) The cryptographic collaborator manages and uses the certificate applicant's complete private key. d A In this case, the certificate applicant directly uses the digital signature result (first digital signature) returned by the cryptographic collaborator as the digital signature result of the certificate application information.

[0099] (4) After receiving the certificate application request data, the certificate authority parses the data and performs the following verification operations: verifies the digital signature result of the certificate application information using the public key data obtained from the certificate application information; confirms the private key holding method in the certificate application information; verifies the validity of the cryptographic collaborator based on the cryptographic collaborator information; verifies the correctness of the private key holding method; and verifies whether the certificate application collaboration data is related to the certificate application information. After all verifications are passed, a digital certificate is issued to the certificate applicant, and optionally, a description of the private key holding method and the corresponding cryptographic collaborator information can be added to the certificate extension.

[0100] The following provides a detailed explanation of the application and verification process for the digital certificate in step (4).

[0101] like Figure 1 As shown in the figure, this application embodiment provides a digital certificate application and verification method, applied to a certificate authentication authority, which may include the following steps:

[0102] S101. Responding to the digital certificate application of the certificate applicant, and obtaining certificate application request data and certificate application collaboration data corresponding to the digital certificate application; wherein, the certificate application request data includes certificate application information and a first digital signature generated by the certificate applicant and the cryptographic collaborator in collaboration with the certificate application information, and the certificate application collaboration data includes collaboration proof data generated by the cryptographic collaborator to prove its participation in the first digital signature generation process.

[0103] It should be noted that the implementation entity of this application scheme can be applied to certificate authentication authorities.

[0104] For example, when a certificate applicant initiates a digital certificate application, they need to send certificate application request data and certificate application collaboration data to the certificate authority.

[0105] The certificate application request data mainly includes certificate application information and a first digital signature generated from that information. The first digital signature is generated collaboratively by the certificate applicant and a cryptographic collaborator (the private key used to calculate the first digital signature value can be held entirely or partially by the cryptographic collaborator). The specific amount and type of information included in the certificate application information, as well as the collaborative generation process of the first digital signature, can be found in the examples above and will not be repeated here.

[0106] The certificate application collaboration data includes collaboration proof data generated by the cryptographic collaborators to demonstrate their participation in the first digital signature generation process. This data is generated when the cryptographic collaborators participate in the digital signature computation and sent to the certificate applicant. For example, the certificate application collaboration data may include the cryptographic collaborators' identity certificates, intermediate collaborative signature results (the complete first digital signature or intermediate signature value) generated based on the certificate application information, and a second digital signature generated based on the identity's private key from the intermediate collaborative signature results. The intermediate collaborative signature results and / or the second digital signature can serve as collaboration proof data to demonstrate that the cryptographic collaborators participated in the generation process of the first digital signature.

[0107] S102. Perform multiple verification operations on the digital certificate application based on the certificate application request data and certificate application collaboration data; wherein, the verification operations include verifying the certificate application information, verifying the first digital signature, and verifying the collaboration proof data;

[0108] For example, a certificate authority can perform multiple verification operations based on the parsed certificate application request data and certificate application collaboration data. These multiple verification operations include at least the following three: 1. Verifying the certificate application information, such as verifying the version number, the certificate applicant entity, and the declared cryptographic collaborator information; 2. Verifying the first digital signature; 3. Verifying the collaboration proof data, such as verifying the validity of the cryptographic collaborator's identity and whether the cryptographic collaborator participated in the signing process of the first digital signature.

[0109] For example, when the certificate request collaboration data includes the identity certificate of the cryptographic collaborator, the verification operation may also include verifying the identity certificate, such as verifying whether the identity certificate is valid and whether the CA that issued the identity certificate for the cryptographic collaborator is trusted by the current CA.

[0110] S103. If all verification operations pass, issue a digital certificate to the certificate applicant.

[0111] Understandably, a certificate authority will issue and return a digital certificate to the applicant if all the above verification operations pass. Conversely, if one or more verification operations fail, the certificate application request will be rejected.

[0112] For example, the above-mentioned multiple verification operations can be performed in any order, such as first verifying the certificate application information, then verifying the first digital signature, and finally verifying the collaboration proof data. The specific verification order can be set according to actual needs, and the embodiments of this application are not limited thereto.

[0113] This application embodiment enables the verification of third-party cryptographic collaboration services by adding information such as certificate application collaboration data to the digital certificate application, thereby meeting the need for differentiated verification management for different certificate application methods and effectively improving the flexibility of certificate application management.

[0114] In some embodiments, the certificate application information includes a public key, and the first digital signature is generated based on the target private key corresponding to the public key;

[0115] The target private key can be held either independently by the cryptographic collaborator or jointly by the certificate applicant and the cryptographic collaborator.

[0116] For example, the certificate application information includes a public key, which is publicly available to the certificate applicant, cryptographic collaborators, and other stakeholders. Accordingly, the first digital signature is generated by performing a digital signature operation on the certificate application information based on the target private key corresponding to the public key.

[0117] Understandably, in traditional schemes, the target private key is typically managed by the certificate applicant through a dedicated cryptographic module. In other schemes, the target private key is maintained independently by a cryptographic collaborator (i.e., a third-party cryptographic collaboration service) (the cryptographic collaborator independently holds the complete target private key), or it is jointly maintained by the certificate applicant and the cryptographic collaborator (i.e., each holds a portion of the target private key).

[0118] For example, when the target private key is jointly maintained by the certificate applicant and the cryptographic collaborator, when using the target private key to apply for a certificate or sign data, the certificate applicant and the cryptographic collaborator can jointly complete the cryptographic operation of the digital signature through collaborative signature technology.

[0119] Based on this, by setting up two private key holding methods—one where the collaborator maintains the private key independently and the other where the applicant and the collaborator maintain it collaboratively—the flexibility of certificate application is further improved.

[0120] In some embodiments, the certificate application information includes possession information used to declare how the target private key is held;

[0121] Multiple verification operations are performed on digital certificate applications based on certificate application request data and certificate application collaboration data, including:

[0122] Verify whether the private key holding method declared in the holding method information is consistent with the actual private key holding method determined based on the collaborative proof data.

[0123] For example, the certificate application information may include holding information, which is used to declare how the target private key is held, such as the following two methods: maintained independently by the cryptographic collaborator, or maintained jointly by the certificate applicant and the cryptographic collaborator.

[0124] Accordingly, during the process of generating certificate application collaboration data with the certificate applicant, the cryptographic collaborating party may include the private key holding method encrypted by the cryptographic collaborating party in the collaboration proof data; or, the collaboration proof data may include the intermediate result of the collaboration signature calculated by the cryptographic collaborating party during the calculation of the first digital signature; or, the collaboration proof data may include the hash value of the certificate application information calculated by the cryptographic collaborating party during the calculation of the first digital signature. Furthermore, the collaboration proof data may also include a second digital signature generated by the cryptographic collaborating party using its identity certificate to perform a digital signature operation on the aforementioned intermediate result of the collaboration signature (or the aforementioned hash value).

[0125] In this way, the certificate authority can determine the actual private key holding method based on the collaborative proof data. For example, it can obtain and parse the private key holding method identified in the collaborative proof data as the actual private key holding method; or, it can calculate the verification parameters based on the first digital signature and public key data, and determine whether the verification parameters are consistent with the intermediate result of the collaborative signature in the collaborative proof data. If they are consistent, it is determined that the cryptographic collaborator actually participated in the signing operation of this certificate application, and the actual private key holding method is that the cryptographic collaborator holds a portion of the private key; or, it can calculate the hash value of the certificate application information, and determine whether the hash value is consistent with the hash value carried in the collaborative proof data. If they are consistent, it is determined that the cryptographic collaborator actually participated in the signing operation of this certificate application, and the actual private key holding method is that the cryptographic collaborator holds the complete private key.

[0126] Based on this, during the execution of multiple verification operations, the certificate authority can compare the consistency between the private key holding method declared by the certificate applicant and the actual private key holding method determined based on the collaborative proof data. If they are consistent, the certificate authority can confirm that the private key holding method of this certificate application is correct; otherwise, it can consider that the private key holding method of this certificate application is incorrect and trigger the rejection of the certificate application request.

[0127] This application embodiment compares the private key holding method declared by the certificate applicant with the actual private key holding method determined based on collaborative proof data to confirm the accuracy of the private key holding method, thereby further improving the reliability of certificate application verification.

[0128] In some embodiments, the first digital signature is generated in the following ways:

[0129] In the private key escrow method, the cryptographic collaborator independently signs the certificate application information based on the target private key maintained by itself, and with the authorization of the certificate applicant, obtains the first digital signature;

[0130] Alternatively, in the collaborative signature method, the certificate applicant and the cryptographic collaborator jointly sign the certificate application information using their respective private key fragments, thereby obtaining the first digital signature.

[0131] For example, when the target private key is maintained independently by the cryptographic collaborator, a private key escrow method is used to generate the first digital signature. Specifically, the cryptographic collaborator provides a private key escrow service to the user. During the digital certificate application signing process, with the authorization of the certificate applicant, the cryptographic collaborator independently and completely uses the private key corresponding to the digital certificate to perform cryptographic operations on the certificate application information to obtain a digital signature.

[0132] When the target private key is jointly maintained by the certificate applicant and the cryptographic collaborator, a collaborative signature method is used to generate the first digital signature. Specifically, during the digital certificate application process, the cryptographic collaborator and the certificate applicant jointly perform cryptographic operations on the certificate application information using the private key corresponding to the digital certificate based on secret sharing technology (i.e., collaborative signature technology) to obtain a digital signature.

[0133] Based on this, by providing two digital signature generation methods, including the independent generation of the application information digital signature by the cryptographic collaborator based on private key escrow, or the joint generation of the application information digital signature by the cryptographic collaborator and the certificate applicant based on collaborative signature, the application flexibility of the certificate application process is further improved.

[0134] In some embodiments, the collaborative proof data includes a collaborative signature intermediate result generated by the cryptographic collaborators, and a second digital signature generated by the cryptographic collaborators using their identity private keys on the collaborative signature intermediate result;

[0135] Multiple verification operations are performed on digital certificate applications based on certificate application request data and certificate application collaboration data, including:

[0136] Obtain the identity information of the cryptographic collaborator, and verify the second digital signature based on the identity information to determine the validity of the cryptographic collaborator's identity.

[0137] For example, during the certificate application process, the cryptographic collaborating party can generate an intermediate collaborative signature result based on the certificate application information sent by the certificate applicant. Specifically, when the cryptographic collaborating party holds a portion of the certificate applicant's private key, the intermediate collaborative signature result can be a signature value generated by the cryptographic collaborating party based on its own partial private key of the certificate application information, or an intermediate result further generated from that signature value according to a preset algorithm. When the cryptographic collaborating party holds the complete private key of the certificate applicant, the intermediate collaborative signature result can be a signature value (i.e., a first digital signature) generated by the cryptographic collaborating party based on the complete private key of the certificate application information, or an intermediate result further generated from that signature value according to a preset algorithm.

[0138] In addition, the cryptographic collaborators can perform digital signature operations on the intermediate collaborative signature results based on the private key corresponding to their own identity certificates to obtain a second digital signature.

[0139] In this way, during the multiple verification operations of a digital certificate application, the certificate authority can obtain the identity information of the cryptographic collaborator and verify the second digital signature based on this information to determine the validity of the cryptographic collaborator's identity. For example, when a cryptographic collaborator generates certificate application collaboration data, it can optionally attach its own identity certificate. In this case, the certificate authority can directly obtain the identity certificate from the certificate application collaboration data and extract the cryptographic collaborator's identity information, including the subject name, issuer, public key, and certificate serial number, as identity information.

[0140] Understandably, certificate authorities verify the validity of the second digital signature using standard signature verification algorithms. If the identity certificate of the cryptographic collaborator is trustworthy and the signature value is correct, the certificate authority recognizes that the cryptographic collaborator is indeed the trusted entity it claims to be, and confirms that the cryptographic collaborator did indeed participate in the signature assistance work for this certificate application.

[0141] Based on this, by obtaining the identity information of the cryptographic collaborators and verifying their second digital signature generated based on the intermediate results of the collaborative signature, the reliability of certificate application verification is further improved.

[0142] In some embodiments, performing multiple verification operations on a digital certificate application based on certificate application request data and certificate application collaboration data further includes:

[0143] The verification parameters are calculated based on the certificate application information and the first digital signature. The verification parameters are then compared with the intermediate results of the collaborative signature to confirm whether the cryptographic collaborator participated in the generation process of the first digital signature.

[0144] For example, based on the public key in the certificate application information and the first digital signature, a verification parameter can be calculated. Then, the verification parameter is compared with the intermediate result of the collaborative signature generated by the cryptographic collaborator during the collaborative signature process. If the two are consistent, it proves that the cryptographic collaborator did participate in the generation process of the first digital signature; otherwise, it is determined that the cryptographic collaborator did not participate in the generation process of the first digital signature.

[0145] Based on this, by calculating verification parameters and comparing the intermediate results of collaborative signatures, it is possible to confirm whether the cryptographic collaborators participated in the generation process of the first digital signature, thereby further improving the reliability of certificate application verification.

[0146] In some embodiments, issuing digital certificates to certificate applicants includes:

[0147] Issue digital certificates to certificate applicants and add key collaboration information to the digital certificates;

[0148] The key collaboration information includes private key holding information and cryptographic collaborator information. The private key holding information is used to indicate that the target private key for generating the first digital signature is maintained independently by the cryptographic collaborator, or that the target private key for generating the first digital signature is maintained jointly by the certificate applicant and the cryptographic collaborator. The key collaboration information is added to the digital certificate in the form of a certificate extension.

[0149] It should be noted that after all verification operations have passed and a digital certificate has been issued to the certificate applicant, key collaboration information can be added to the digital certificate. This key collaboration information includes private key holding information and cryptographic collaborator information. The private key holding information indicates that the target private key for generating the first digital signature is maintained independently by the cryptographic collaborator (i.e., the cryptographic collaborator holds the complete private key), or the target private key for generating the first digital signature is jointly maintained by the certificate applicant and the cryptographic collaborator (i.e., the cryptographic collaborator holds a portion of the private key).

[0150] In this way, when the certificate holder (the certificate applicant becomes the certificate holder after obtaining the digital certificate) sends signature data to the dependent party, the dependent party can verify the private key holding method and the corresponding cryptographic collaborator based on the key collaboration information carried in the digital certificate. Thus, based on different private key holding methods and cryptographic collaborators, the dependent party can make security considerations and decide whether to accept and use the signature data.

[0151] Based on this, by adding key collaboration information to digital certificates, the application process of subsequent signed data can be provided with the function of verifying the private key holding method and the cryptographic collaboration, thereby further improving the flexibility of digital certificate application.

[0152] For example, the detailed process of digital certificate application and verification is described below:

[0153] I. Collaborative signing and verification process where one cryptographic collaborator holds a portion of the private key:

[0154] 1. The certificate applicant generates certificate application information, forms a certificate application information signature request, and sends it to the cryptographic collaborator;

[0155] 1.1 Generate certificate application information M. This information includes the private key holding method and the corresponding cryptographic collaborator information for this certificate application. This information can include the following three parts: private key holding method (the cryptographic collaborator and the certificate applicant each hold a portion of the private key OR the cryptographic collaborator holds the complete private key), and a portion of the public key held by the certificate applicant. P 1 (This is an optional part; another implementation is to omit it here.) P1. Change to include in the certificate request data sent by the certificate applicant to the CA P 1) Relevant cryptographic collaborator information (which can be the complete certificate content of the cryptographic collaborator, or information composed of a combination of certificate key identifier and certificate issuer).

[0156] 1.2 Calculate the collaborative signature parameters of the certificate application information M. Taking the SM2 algorithm as an example, the collaborative signature parameters include... ;

[0157] Specifically, Generate random numbers Then calculate .

[0158] in, For signature hash value, This indicates that the user identifier hash value will be used. It is bound to the certificate application information M and its hash value is calculated; For hash functions; The user identifier hash value is a hash value calculated based on the certificate applicant's identity, elliptic curve parameters, public key, etc.

[0159] For collaboration parameters, this indicates that the certificate applicant uses a random number generated by themselves. Sharding of public keys of cryptographic collaborators The result of performing a dot product operation, n It is the order of the base point G in the elliptic curve. n -1) is a boundary value in elliptic curve cryptography used to define the range of values ​​for random numbers.

[0160] 1.3 Sign the certificate application information request Send to the password collaborator.

[0161] 2. After checking the certificate application information, the cryptographic collaborator uses its corresponding private key to digitally sign the certificate application information M, and sends the signature result and certificate application collaboration data to the certificate applicant.

[0162] 2.1 Check whether the certificate application information M contains the private key holding method and the corresponding cryptographic collaborator information, and whether the private key holding method and the corresponding cryptographic collaborator information are consistent with the information of the cryptographic collaborator itself. Verify the collaboration parameters. Does it conform to the elliptic curve equation? Verify the signature hash value. e If any of the above checks fails, the signature request is rejected; if all checks pass, proceed to the next step.

[0163] 2.2. Based on the public key data in the certificate application information M, find the corresponding private key. d 2. Perform subsequent calculations;

[0164] 2.3 Generating random numbers: ,

[0165] And calculate , ,

[0166] in, The joint random point is the elliptic curve point calculated by the cryptographic collaborators, which is the result of the combined effect of the random numbers generated by the applicant and the collaborators; G is the public base point of the elliptic curve, which is shared by all participants. r It is the first part of the final signature value, by e x-coordinates of joint random points x 1. Added mold n get;

[0167] Then calculate ,Will As a signature return value (third digital signature) of the certificate application information M;

[0168] in, s 2 is the signature component of the cryptographic collaborator, which needs to be combined with another component subsequently calculated by the certificate applicant to obtain the complete signature; d 2 is a fragment of the private key of the cryptographic collaborator (a portion of the private key held by the cryptographic collaborator).

[0169] 2.4 Calculate intermediate results of collaborative signatures: ;

[0170] in, s 2 represents the signature component of the cryptographic collaborators; Fragmenting the public key held by the cryptographic collaborators; Collaboration parameters calculated for certificate applicants.

[0171] Then, the private key (identity private key) corresponding to the identity certificate of the cryptographic collaborator is used to perform digital signature operation on the intermediate result of the collaborative signature; the intermediate result of the collaborative signature, the corresponding digital signature value, and the identity certificate of the cryptographic collaborator (optional) are concatenated to form the certificate application collaborative data.

[0172] 2.5. Return the signature value of the certificate application information M. Data is sent to certificate applicants in collaboration with the certificate application process.

[0173] 3. The certificate applicant receives the data (signature return value) returned by the cryptographic collaborator. (and certificate request collaboration data), forming complete certificate request data including M, digital signature value of M, etc., and then sending the certificate request data together with the certificate request collaboration data to the CA.

[0174] 3.1 Verification If the verification fails, repeat step 1; if all verifications are successful, continue with the following steps.

[0175] 3.2 Verify the correctness of the certificate application collaboration data, including verifying the correctness of the intermediate collaboration signature results and the corresponding digital signature values:

[0176] 3.2.1 Verify the correctness of the intermediate results of the collaborative signature: based on the results generated in step 1. Q 1. Received s 2 and known P 2. Calculation results Verify the calculated results V' Intermediate results of collaboration signatures in the collaboration data of the received certificate application V Are they consistent?

[0177] 3.2.2 Based on the intermediate results of the collaborative signature and the identity certificates of the cryptographic collaborators, verify whether the digital signature value in the certificate application collaborative data is correct;

[0178] 3.2.3 If any of the above steps fail to verify, repeat step 1; if all steps succeed, continue with the following steps.

[0179] 3.3 Calculation (If s=0, return to step 1), where, Fragments of the private key held by the certificate applicant (part of the private key held by the certificate applicant). These are the random numbers generated earlier. It is the signature component returned by the cryptographic collaborator;

[0180] Then, using the public key P A verify After verifying the correctness of the signature value of the certificate application information M, certificate application request data is generated. For example, the certificate application request data consists of the certificate application information M, the signature algorithm, and the signature value of the certificate application information. constitute.

[0181] 3.4 Send the certificate request data and certificate request collaboration data to the CA together; it should be noted that if step 1.1 did not include part of the public key held by the certificate applicant in the certificate request information M, P 1. In this case, the public key held by the certificate applicant needs to be entered here. P1. Send them together to the CA.

[0182] 4. After receiving the data sent by the certificate applicant, the CA checks the correctness and validity of the certificate application request data, cryptographic collaborator information, and certificate application collaboration data. If any check fails, the certificate application is rejected. If the check passes, a digital certificate is issued to the certificate applicant, and the certificate extension indicates the certificate applicant's private key holding method and the corresponding cryptographic collaborator information.

[0183] 4.1 Verify the certificate request data, parse the certificate request data, obtain the certificate request information, and further obtain the public key information in the certificate request information. Use this public key to verify the signature value in the certificate request data. The correctness;

[0184] 4.2 Verify the identity of the cryptographic collaborator and the signature value in the certificate application collaboration data: Obtain the private key holding method and cryptographic collaborator information from the certificate application information, and check the validity of the cryptographic collaborator's certificate, whether the private key holding method is correct, and whether the CA that issued the identity certificate for the cryptographic collaborator is trusted by the current CA; if the verification passes, further use the cryptographic collaborator's public key information to verify whether the digital signature value in the certificate application collaboration data (the digital signature value corresponding to the intermediate result of the collaboration signature, i.e., the second digital signature) is correct; if any of the above verifications fail, reject the certificate application request; if all verifications pass, proceed to the following steps;

[0185] 4.3 Verify whether the cryptographic collaborator actually participated in the signing operation for this certificate application: Calculate ,verify V'' Intermediate results of collaborative signatures in certificate application collaboration data V If the results are inconsistent, reject the certificate application request; if the results are consistent, proceed with the following steps.

[0186] 4.4 Issue digital certificates to certificate applicants and add key collaboration information to the digital certificates to explain how the private key corresponding to the digital certificate is held and the corresponding cryptographic collaborator information.

[0187] II. The signing and verification process where the cryptographic collaborating party holds the complete private key:

[0188] 1. The certificate applicant generates certificate application information, forms a certificate application information signature request, and sends it to the cryptographic collaborator:

[0189] 1.1 Generate certificate application information M, which includes the private key holding method and the corresponding cryptographic collaborator information for this certificate application. The data format of M is the same as that of the above-mentioned collaborative signature method (I).

[0190] 1.2 Send the certificate application information M to the cryptographic collaborator for signature.

[0191] 2. After checking the certificate application information, the cryptographic collaborator uses its corresponding private key to digitally sign the certificate application information M, and sends the signature result (first digital signature) and certificate application collaboration data to the certificate applicant.

[0192] 2.1 Check whether the certificate application information M contains the private key holding method and the corresponding cryptographic collaborator information, and verify whether the private key holding method and the corresponding cryptographic collaborator information are consistent with the information of the cryptographic collaborator. If the check fails, reject the signature request; if all verifications pass, proceed to the following steps.

[0193] 2.2 Based on the public key data in the certificate application information M, find the corresponding private key data. d A Performing digital signature operations yields the corresponding signature value, for example, using the SM2 algorithm based on... d A Generate the signature value (first digital signature) of the certificate application information;

[0194] 2.3 Calculate the hash value of M using a hash function, calculate the digital signature (second digital signature) of the hash value using the private key corresponding to the cryptographic collaborator's identity certificate, and concatenate the hash value of M with the corresponding digital signature value to form the certificate application collaboration data;

[0195] 2.4 Send the signature value of M (first digital signature) along with the certificate application collaboration data to the certificate applicant.

[0196] 3. The certificate applicant receives the data returned by the cryptographic collaborator and forms complete certificate application request data including information such as M and the digital signature value of M. The certificate application request data is then sent to the CA along with the certificate application collaboration data.

[0197] 3.1 Using public keys P A Verify the correctness of the signature value of M (first digital signature), verify the correctness of the hash value of M in the certificate application collaboration data, and further verify the correctness of the signature value in the certificate application collaboration data (second digital signature) using the public key in the identity certificate of the cryptographic collaborator; if any of the above verifications fail, repeat step 1; if all verifications are successful, continue with the following steps.

[0198] 3.2 Generate certificate application request data, which consists of certificate application information M, signature algorithm, and the signature value (first digital signature) of the certificate application information;

[0199] 3.3 Send the certificate application request data and certificate application collaboration data to the CA together.

[0200] 4. After receiving the data sent by the certificate applicant, the CA checks the correctness and validity of the certificate application request data, cryptographic collaborator information, and certificate application collaboration data. If any check fails, the certificate application is rejected. If the check passes, a digital certificate is issued to the certificate applicant, and the certificate extension indicates the certificate applicant's private key holding method and the corresponding cryptographic collaborator information.

[0201] 4.1 Verify the certificate request data, parse the certificate request data, obtain the certificate request information, and further obtain the public key information in the certificate request information. Use the public key to verify the correctness of the signature value (first digital signature) in the certificate request data.

[0202] 4.2 Verify the identity of the cryptographic collaborator and the signature value (second digital signature) in the certificate application collaboration data: Obtain the private key holding method and cryptographic collaborator information from the certificate application information, and check the validity of the cryptographic collaborator's certificate, whether the private key holding method is correct, and whether the CA that issued the identity certificate for the cryptographic collaborator is trusted by the current CA; if the verification passes, further use the cryptographic collaborator's public key information to verify whether the digital signature value (second digital signature) in the certificate application collaboration data is correct; if any of the above verifications fails, reject the current certificate application request; if all verifications pass, proceed to the following steps;

[0203] 4.3 Verify whether the cryptographic collaborator actually participated in the signing operation of this certificate application: Calculate the hash value of the certificate application information M, and verify whether it is consistent with the hash value in the certificate application collaboration data. If the result is inconsistent, reject the certificate application request; if the result is consistent, perform the following steps.

[0204] 4.4 Issue digital certificates to certificate applicants and add key collaboration information to the digital certificates to explain how the private key corresponding to the digital certificate is held and the corresponding cryptographic collaborator information.

[0205] like Figure 2 As shown in the embodiment of this application, a signature data verification method is provided, applied to a dependent party, and the method includes:

[0206] S201. Obtain the signature data to be verified; wherein, the signature data includes the original data, the digital signature value, and the digital certificate of the certificate holder; the digital certificate is issued according to any digital certificate application and verification method;

[0207] S202. Verify the digital signature value based on the digital certificate;

[0208] S203. If the signature verification is successful, obtain the private key holding method information and cryptographic collaborator information based on the key collaboration information of the digital certificate;

[0209] S204. Verify the private key holding method corresponding to the digital signature value based on the private key holding method information, and verify the cryptographic collaborator based on the cryptographic collaborator information;

[0210] S205. If the private key holding method is verified and the cryptographic collaborator is verified, confirm that the signature data is valid.

[0211] It should be noted that the certificate holder (i.e., the certificate applicant mentioned above) and the cryptographic collaborator can sign the data that needs to be used by the dependent party, forming signed data to be verified. The signing process can be implemented based on existing collaborative signature and asymmetric signature methods.

[0212] Specifically, the certificate holder (the certificate applicant in the certificate application process) performs a signing operation on the data to be signed. The signing operation is completed with the participation of the cryptographic collaborator, and the data with the digital signature value (the signature data to be verified) is sent to the dependent party.

[0213] After obtaining the signed data (the signature data to be verified), the dependent party uses the certificate holder's digital certificate to verify whether the digital signature value is correct, whether the digital certificate is correct and meets the dependent party's security requirements, etc., whereby digital certificate verification may include:

[0214] 1. Verify each certificate in the certificate chain, from the certificate holder certificate to the root CA certificate, verifying that the certificate signature value is correct, the certificate is valid, the certificate has not been revoked, the key usage of the certificate holder certificate is consistent with the usage of the current digital signature, and the root CA certificate or intermediate CA certificate is a CA certificate trusted by the dependent party.

[0215] 2. Check if the certificate holder's certificate contains key collaboration information consisting of the private key holding method and cryptographic collaborator information, and verify whether the private key holding method and cryptographic collaborator meet the security requirements of the dependent party. If the private key holding method meets the dependent party's security requirements for the current data signature, further check the cryptographic collaborator information to verify the validity and trustworthiness of the cryptographic collaborator.

[0216] A digital signature that passes the above verification is considered valid (i.e., the signature data is confirmed to be valid), and the original data corresponding to the digital signature is accepted and used by the dependent party.

[0217] Based on this, by obtaining key collaboration information to verify the private key holding method and collaborator information, the differentiated verification management needs of different data signature forms can be met, thereby improving the flexibility of digital signature applications.

[0218] In some embodiments, the method of holding the private key corresponding to the digital signature value is verified based on the private key holding method information, and the cryptographic collaborator is verified based on the cryptographic collaborator information, including:

[0219] If the private key holding method meets the preset security policy conditions, the private key holding method verification is confirmed to be successful.

[0220] If the identity of the cryptographic collaborator is deemed valid and the cryptographic collaborator exists in the preset list of trusted collaborators, then the cryptographic collaborator verification is deemed successful.

[0221] For example, the relying party can set different security policy conditions according to its needs. For instance, only signature data whose private key is held independently by the cryptographic collaborator meets the security conditions, or only signature data whose private key is held jointly by the cryptographic collaborator and the certificate holder meets the security conditions. Furthermore, the relying party can also set a list of trusted collaborators as needed; only signature data whose cryptographic collaborator is on this list can be verified.

[0222] Based on this, by verifying the private key holding method based on preset security policy conditions and verifying the cryptographic collaborators based on a preset list of trusted collaborators, the flexibility of digital signature applications is further improved.

[0223] Please refer to Figure 3 , Figure 3 The diagram illustrates a block diagram of a digital certificate application and verification apparatus provided in some embodiments of this application. It should be understood that this digital certificate application and verification apparatus is similar to the one described above. Figure 1 Corresponding to the method embodiments, it is able to execute the various steps involved in the above method embodiments. The specific functions of the digital certificate application and verification device can be found in the description above. To avoid repetition, detailed descriptions are appropriately omitted here.

[0224] Figure 3 The digital certificate application and verification device includes at least one software function module that can be stored in memory or embedded in the digital certificate application and verification device in the form of software or firmware. This digital certificate application and verification device is used by certificate authentication authorities and includes:

[0225] The application response module 310 is used to respond to the digital certificate application of the certificate applicant and to obtain the certificate application request data and certificate application collaboration data corresponding to the digital certificate application; wherein, the certificate application request data includes certificate application information and a first digital signature generated by the certificate applicant and the cryptographic collaborator in collaboration with the certificate application information, and the certificate application collaboration data includes collaboration proof data generated by the cryptographic collaborator to prove its participation in the first digital signature generation process;

[0226] The application verification module 320 is used to perform multiple verification operations on the digital certificate application based on the certificate application request data and the certificate application collaboration data; among which, the verification operations include verifying the certificate application information, verifying the first digital signature, and verifying the collaboration proof data;

[0227] The certificate issuance module 330 is used to issue digital certificates to certificate applicants after all verification operations have passed.

[0228] It is understood that the above-described device embodiments correspond to the method embodiments of the present invention. The digital certificate application and verification device provided by the embodiments of the present invention can implement the digital certificate application and verification method provided by any one of the method embodiments of the present invention.

[0229] Please refer to Figure 4 , Figure 4 A block diagram illustrating the composition of a signature data verification apparatus provided in some embodiments of this application is shown. It should be understood that this signature data verification apparatus is similar to the one described above. Figure 2 Corresponding to the method embodiments, it is able to perform each step involved in the above method embodiments. The specific functions of the signature data verification device can be found in the description above. To avoid repetition, detailed descriptions are appropriately omitted here.

[0230] Figure 4 The signature data verification device includes at least one software functional module that can be stored in memory or embedded in the signature data verification device in the form of software or firmware. The signature data verification device is applied to a dependent party and includes:

[0231] The data acquisition module 410 is used to acquire the signature data to be verified; wherein, the signature data includes the original data, the digital signature value, and the digital certificate of the certificate holder; the digital certificate is issued according to any digital certificate application and verification method;

[0232] The signature verification module 420 is used to verify the digital signature value based on the digital certificate;

[0233] The information acquisition module 430 is used to acquire information on the private key holding method and the cryptographic collaborator information based on the key collaboration information of the digital certificate when the signature verification is successful.

[0234] The condition verification module 440 is used to verify the private key holding method corresponding to the digital signature value based on the private key holding method information, and to verify the cryptographic collaborator based on the cryptographic collaborator information.

[0235] The valid verification module 450 is used to verify the validity of the signature data if the private key holding method is verified and the cryptographic collaborator is verified.

[0236] It is understood that the above-described device embodiments correspond to the method embodiments of the present invention. The signature data verification device provided by the embodiments of the present invention can implement the signature data verification method provided by any one of the method embodiments of the present invention.

[0237] Those skilled in the art will understand that, for the sake of convenience and brevity, the specific working process of the device described above can be referred to the corresponding process in the aforementioned method, and will not be elaborated further here.

[0238] like Figure 5 As shown, some embodiments of this application provide an electronic device 500, which includes: a memory 510, a processor 520, and a computer program stored on the memory 510 and executable on the processor 520. When the processor 520 reads the program from the memory 510 via a bus 530 and executes the program, it can implement any of the methods included in the above-described digital certificate application verification method or signature data verification method.

[0239] Processor 520 can process digital signals and can include various computing architectures. For example, it can be a complex instruction set computer architecture, a reduced instruction set computer architecture, or an architecture that implements multiple instruction set combinations. In some examples, processor 520 can be a microprocessor.

[0240] The memory 510 can be used to store instructions executed by the processor 520 or data related to the execution of instructions. These instructions and / or data may include code for implementing some or all of the functions of one or more modules described in the embodiments of this application. The processor 520 of this disclosure embodiment can be used to execute the instructions in the memory 510 to implement the methods shown above. The memory 510 includes dynamic random access memory, static random access memory, flash memory, optical memory, or other memories well known to those skilled in the art.

[0241] Some embodiments of this application also provide a computer-readable storage medium storing a computer program that, when executed by a processor, describes the method described in the method embodiments.

[0242] Some embodiments of this application also provide a computer program product that, when run on a computer, causes the computer to perform the methods described in the method embodiments.

[0243] It should be noted that the various embodiments in this specification are described in a progressive manner, with each embodiment focusing on the differences from other embodiments. Similar or identical parts between embodiments can be referred to interchangeably. For apparatus embodiments, since they are basically similar to method embodiments, the description is relatively simple; relevant parts can be referred to the descriptions in the method embodiments.

[0244] It should be understood, in the several embodiments provided in this application, that the disclosed apparatus and methods can also be implemented in other ways. The apparatus embodiments described above are merely illustrative; for example, the flowcharts and block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods, and computer program products according to various embodiments of this application. In this regard, each block in a flowchart or block diagram may represent a module, segment, or portion of code containing one or more executable instructions for implementing a specified logical function. It should also be noted that in some alternative implementations, the functions marked in the blocks may occur in a different order than those marked in the drawings. For example, two consecutive blocks may actually be executed substantially in parallel, and they may sometimes be executed in reverse order, depending on the functions involved. It should also be noted that each block in a block diagram and / or flowchart, and combinations of blocks in block diagrams and / or flowcharts, can be implemented using a dedicated hardware-based system that performs the specified function or action, or using a combination of dedicated hardware and computer instructions.

[0245] In addition, the functional modules in the various embodiments of this application can be integrated together to form an independent part, or each module can exist independently, or two or more modules can be integrated to form an independent part.

[0246] If the aforementioned functions are implemented as software functional modules and sold or used as independent products, they can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, or a portion of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of this application. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.

[0247] The above description is merely an embodiment of this application and is not intended to limit the scope of protection of this application. Various modifications and variations can be made to this application by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of this application should be included within the scope of protection of this application. It should be noted that similar reference numerals and letters in the following figures indicate similar items; therefore, once an item is defined in one figure, it does not need to be further defined and explained in subsequent figures.

[0248] The above description is merely a specific embodiment of this application, but the scope of protection of this application is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the scope of the technology disclosed in this application should be included within the scope of protection of this application. Therefore, the scope of protection of this application should be determined by the scope of the claims.

[0249] It should be noted that, in this document, relational terms such as "first" and "second" are used only to distinguish one entity or operation from another, and do not necessarily require or imply any such actual relationship or order between these entities or operations. Furthermore, the terms "comprising," "including," or any other variations thereof are intended to cover non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements includes not only those elements but also other elements not expressly listed, or elements inherent to such a process, method, article, or apparatus. Without further limitations, an element defined by the phrase "comprising one..." does not exclude the presence of other identical elements in the process, method, article, or apparatus that includes said element.

Claims

1. A method for applying for and verifying a digital certificate, characterized in that, Applied to certificate authority, including: In response to a digital certificate application from a certificate applicant, the system acquires certificate application request data and certificate application collaboration data corresponding to the digital certificate application. The certificate application request data includes certificate application information and a first digital signature generated by the certificate applicant and a cryptographic collaborator in collaboration with the certificate application information. The certificate application collaboration data includes collaboration proof data generated by the cryptographic collaborator to prove its participation in the first digital signature generation process. The collaboration proof data carries a private key holding method encrypted by the cryptographic collaborator; or, the collaboration proof data includes an intermediate result of the collaboration signature calculated by the cryptographic collaborator during the calculation of the first digital signature; or, the collaboration proof data includes a hash value of the certificate application information calculated by the cryptographic collaborator during the calculation of the first digital signature. Multiple verification operations are performed on the digital certificate application based on the certificate application request data and the certificate application collaboration data; wherein, the verification operations include verifying the certificate application information, verifying the first digital signature, and verifying the collaboration proof data; A digital certificate is issued to the certificate applicant if all verification operations pass.

2. The method for applying for and verifying a digital certificate according to claim 1, characterized in that, The certificate application information includes a public key, and the first digital signature is generated based on the target private key corresponding to the public key; The target private key can be held either independently by the cryptographic collaborator or jointly by the certificate applicant and the cryptographic collaborator.

3. The method for applying for and verifying a digital certificate according to claim 2, characterized in that, The certificate application information includes information on how the target private key is held, which is used to declare the method of holding the target private key; The process of performing multiple verification operations on the digital certificate application based on the certificate application request data and the certificate application collaboration data includes: Verify whether the private key holding method declared in the holding method information is consistent with the actual private key holding method determined based on the collaboration proof data.

4. The method for applying for and verifying a digital certificate according to claim 2, characterized in that, The first digital signature is generated in the following ways: In the private key escrow method, the cryptographic collaborator independently signs the certificate application information based on the target private key maintained by itself, and with the authorization of the certificate applicant, to obtain the first digital signature; Alternatively, in the collaborative signature method, the certificate applicant and the cryptographic collaborator jointly sign the certificate application information using collaborative signature technology based on their respective private key fragments, thereby obtaining the first digital signature.

5. The method for applying for and verifying a digital certificate according to claim 1, characterized in that, The collaboration proof data includes an intermediate collaboration signature generated by the cryptographic collaborator, and a second digital signature generated by the cryptographic collaborator using its identity private key on the intermediate collaboration signature; The process of performing multiple verification operations on the digital certificate application based on the certificate application request data and the certificate application collaboration data includes: Obtain the identity information of the cryptographic collaborator, and verify the second digital signature based on the identity information to determine the validity of the cryptographic collaborator's identity.

6. The method for applying for and verifying a digital certificate according to claim 5, characterized in that, The process of performing multiple verification operations on the digital certificate application based on the certificate application request data and the certificate application collaboration data also includes: The verification parameters are calculated based on the certificate application information and the first digital signature, and the verification parameters are compared with the intermediate results of the collaborative signature to confirm whether the cryptographic collaborator participated in the generation process of the first digital signature.

7. The method for applying for and verifying a digital certificate according to any one of claims 1 to 6, characterized in that, The issuance of digital certificates to the certificate applicant includes: A digital certificate is issued to the certificate applicant, and key collaboration information is added to the digital certificate; The key collaboration information includes private key holding information and cryptographic collaborator information. The private key holding information is used to indicate that the target private key for generating the first digital signature is maintained independently by the cryptographic collaborator, or that the target private key for generating the first digital signature is jointly maintained by the certificate applicant and the cryptographic collaborator. The key collaboration information is added to the digital certificate in the form of a certificate extension.

8. The method for applying for and verifying a digital certificate according to claim 1, characterized in that, The algorithmic process for initiating the digital certificate application using the collaborative signature method includes: The certificate applicant sends a certificate application information signature request generated by itself to the cryptographic collaborator; wherein, the certificate application information signature request includes the certificate application information and collaborative signature parameters generated based on the certificate application information; After the cryptographic collaborator verifies the received certificate application information, it uses a portion of its private key to digitally sign the certificate application information, generating a third digital signature. The cryptographic collaborator generates a collaborative signature intermediate result based on the collaborative signature parameters and the third digital signature, and uses its identity private key to generate a second digital signature on the collaborative signature intermediate result. The collaborative signature intermediate result and the second digital signature are used as collaborative proof data to form certificate application collaborative data. The cryptographic collaborator will send the certificate application collaboration data and the third digital signature back to the certificate applicant; The certificate applicant uses a portion of their private key in conjunction with the third digital signature to calculate and obtain a first digital signature corresponding to the certificate application information, thereby forming certificate application request data containing the certificate application information and the first digital signature, and initiates the digital certificate application based on the certificate application request data and the certificate application collaboration data.

9. A signature data verification method, characterized in that, Applied to the dependent party, the method includes: Obtain the signature data to be verified; wherein the signature data includes original data, a digital signature value, and a digital certificate of the certificate holder; the digital certificate is issued by the digital certificate application and verification method according to any one of claims 1 to 8; The digital signature value is verified based on the digital certificate. If the signature verification is successful, the private key holding method information and cryptographic collaborator information are obtained based on the key collaboration information of the digital certificate; The private key holding method is verified based on the private key holding method information, and the cryptographic collaborator is verified based on the cryptographic collaborator information. If the private key holding method is verified and the cryptographic collaborator is verified, the signature data is confirmed to be valid.

10. The signature data verification method according to claim 9, characterized in that, The step of verifying the private key holding method corresponding to the digital signature value based on the private key holding method information, and verifying the cryptographic collaborator based on the cryptographic collaborator information, includes: If the private key holding method is determined to meet the preset security policy conditions, the verification of the private key holding method is confirmed to be successful. If the identity of the cryptographic collaborator is determined to be valid and the cryptographic collaborator exists in a preset list of trusted collaborators, then the cryptographic collaborator is confirmed to have passed verification.

11. A digital certificate application verification device, characterized in that, Applied to certificate authority, including: The application response module is used to respond to a digital certificate application from a certificate applicant and to obtain certificate application request data and certificate application collaboration data corresponding to the digital certificate application. The certificate application request data includes certificate application information and a first digital signature generated by the certificate applicant and a cryptographic collaborator in collaboration with the certificate application information. The certificate application collaboration data includes collaboration proof data generated by the cryptographic collaborator to prove its participation in the first digital signature generation process. The collaboration proof data carries a private key holding method encrypted by the cryptographic collaborator; or, the collaboration proof data includes an intermediate result of the collaboration signature calculated by the cryptographic collaborator during the calculation of the first digital signature; or, the collaboration proof data includes a hash value of the certificate application information calculated by the cryptographic collaborator during the calculation of the first digital signature. The application verification module is used to perform multiple verification operations on the digital certificate application based on the certificate application request data and the certificate application collaboration data; wherein, the verification operations include verifying the certificate application information, verifying the first digital signature, and verifying the collaboration proof data; The certificate issuance module is used to issue digital certificates to the certificate applicant after all verification operations have passed.

12. A signature data verification device, characterized in that, Applied to dependent parties, including: A data acquisition module is used to acquire signature data to be verified; wherein, the signature data includes original data, a digital signature value, and a digital certificate of the certificate holder; the digital certificate is issued by the digital certificate application and verification method according to any one of claims 1 to 8; A signature verification module is used to verify the digital signature value based on the digital certificate. The information acquisition module is used to acquire private key holding information and cryptographic collaborator information based on the key collaboration information of the digital certificate, provided that the signature verification is successful. The condition verification module is used to verify the private key holding method corresponding to the digital signature value based on the private key holding method information, and to verify the cryptographic collaborator based on the cryptographic collaborator information; The validity verification module is used to verify the validity of the signature data if the private key holding method is verified and the cryptographic collaborator is verified.

13. An electronic device, characterized in that, It includes a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor, when executing the program, can implement the method of any one of claims 1-10.