Data signature verification method and device, computer device, storage medium and program product

By receiving data verification requests and calling the verification pre-compilation contract to parse parameters and verify data types, the problem of single-type limitation in traditional verification methods is solved, and efficient verification of multiple signature algorithms is achieved.

CN122247624APending Publication Date: 2026-06-19TENCENT TECHNOLOGY (SHENZHEN) CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
TENCENT TECHNOLOGY (SHENZHEN) CO LTD
Filing Date
2024-12-17
Publication Date
2026-06-19

Smart Images

  • Figure CN122247624A_ABST
    Figure CN122247624A_ABST
Patent Text Reader

Abstract

This application relates to a data signature verification method, apparatus, computer device, storage medium, and program product. The method includes: receiving a data signature verification request; obtaining a target message byte stream corresponding to the data signature verification request, wherein the target message byte stream is obtained by encoding the data to be verified and verification parameters corresponding to the data signature verification request; invoking a signature verification pre-compilation contract; parsing the parameters of the target message byte stream according to the signature verification data transmission protocol to obtain target signature data; verifying the data type of the target signature data; if the data type verification is successful, determining the public key corresponding to the target signature data based on the public key encoding type and signature algorithm type in the target signature data; and verifying the target signature in the target signature data using the public key to obtain a data signature verification result. This method can improve the data type compatibility of signature data verification and the efficiency of verifying different types of digital signatures.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of blockchain technology, and in particular to a data verification method, apparatus, computer equipment, computer-readable storage medium, and computer program product. Background Technology

[0002] With the development of blockchain technology and the widespread application of various internet services, in order to ensure the security of information resources during the processing of various internet services, it is necessary to ensure the integrity, confidentiality, immutability, and authenticity of data during business execution. This has led to the emergence of digital signature and signature verification technologies. Digital signature refers to the signer using their private key to sign data, while signature verification refers to the verifier using the signer's public key to verify the validity of the signature. Through digital signatures and signature verification, data integrity can be ensured, identity authentication can be achieved, and data tampering can be prevented.

[0003] In traditional techniques, when verifying signature data, it is usually necessary to parse the signature data to obtain parsed data. Then, a public key recovery algorithm in cryptography is used on the parsed data to recover the signer's public key. The address is calculated based on the signer's public key and compared with the address of the transaction sender. If they are the same, the signature is valid; otherwise, the signature is invalid.

[0004] However, traditional signature verification methods typically only support a single type of signature data. For example, the ecRecover signature verification pre-compilation contract can only verify signature data of the elliptic curve digital signature algorithm type. When there is a need to verify data of multiple other signature algorithm types, the traditional ecRecover signature verification pre-compilation contract cannot meet the actual needs and still suffers from low efficiency in digital signature verification processing. Summary of the Invention

[0005] Therefore, it is necessary to provide a data verification method, apparatus, computer equipment, computer-readable storage medium, and computer program product that can verify data of various different signature algorithm types and improve the efficiency of digital signature verification processing, in order to address the above-mentioned technical problems.

[0006] In a first aspect, this application provides a data signature verification method, comprising: receiving a data signature verification request and obtaining a target message byte stream corresponding to the data signature verification request; the target message byte stream is obtained by encoding the data to be verified and the signature parameters corresponding to the data signature verification request; invoking a signature verification pre-compilation contract, and parsing the target message byte stream according to a signature verification data transmission protocol to obtain target signature data; performing data type verification on the target signature data, and if the data type verification is found to be successful, determining the public key corresponding to the target signature data based on the public key encoding type and signature algorithm type in the target signature data; and verifying the target signature in the target signature data based on the public key to obtain a data signature verification result.

[0007] Secondly, this application also provides a data verification device, comprising: a target message byte stream acquisition module, configured to receive a data verification request and acquire a target message byte stream corresponding to the data verification request; the target message byte stream is obtained by encoding the data to be verified and verification parameters corresponding to the data verification request; a parameter parsing module, configured to call a verification pre-compilation contract and parse the parameters of the target message byte stream according to a signature verification data transmission protocol to obtain target signature data; a data type verification module, configured to perform data type verification on the target signature data, and if the data type verification is successful, determine the public key corresponding to the target signature data based on the public key encoding type and signature algorithm type in the target signature data; and a data verification module, configured to verify the target signature in the target signature data based on the public key to obtain a data verification result.

[0008] Thirdly, this application also provides a computer device, including a memory and a processor. The memory stores a computer program, and the processor executes the computer program to perform the following steps: receiving a data verification request and obtaining a target message byte stream corresponding to the data verification request; the target message byte stream is obtained by encoding the data to be verified and verification parameters corresponding to the data verification request; invoking a verification pre-compilation contract, and parsing the target message byte stream according to a signature verification data transmission protocol to obtain target signature data; performing data type verification on the target signature data, and if the data type verification is successful, determining the public key corresponding to the target signature data based on the public key encoding type and signature algorithm type in the target signature data; and verifying the target signature in the target signature data based on the public key to obtain a data verification result.

[0009] Fourthly, this application also provides a computer-readable storage medium storing a computer program thereon, which, when executed by a processor, performs the following steps: receiving a data verification request and obtaining a target message byte stream corresponding to the data verification request; the target message byte stream is obtained by encoding the data to be verified and verification parameters corresponding to the data verification request; invoking a verification pre-compilation contract, and parsing the target message byte stream according to a signature verification data transmission protocol to obtain target signature data; performing data type verification on the target signature data, and if the data type verification is successful, determining the public key corresponding to the target signature data based on the public key encoding type and signature algorithm type in the target signature data; and verifying the target signature in the target signature data based on the public key to obtain a data verification result.

[0010] Fifthly, this application also provides a computer program product, including a computer program that, when executed by a processor, performs the following steps: receiving a data verification request and obtaining a target message byte stream corresponding to the data verification request; the target message byte stream is obtained by encoding the data to be verified and verification parameters corresponding to the data verification request; invoking a verification pre-compilation contract, and parsing the target message byte stream according to a signature verification data transmission protocol to obtain target signature data; performing data type verification on the target signature data, and if the data type verification is successful, determining a public key corresponding to the target signature data based on the public key encoding type and signature algorithm type in the target signature data; and verifying the target signature in the target signature data based on the public key to obtain a data verification result.

[0011] In the aforementioned data verification methods, apparatus, computer equipment, computer-readable storage media, and computer program products, a data verification request is received, a target message byte stream corresponding to the data verification request is obtained, and a verification pre-compilation contract is invoked. According to the signature verification data transmission protocol, the target message byte stream is parsed to obtain the target signature data. Further, by verifying the data type of the target signature data, and upon successful verification, a public key corresponding to the target signature data is determined based on the public key encoding type and signature algorithm type in the target signature data. The target signature in the target signature data is then verified using this public key to obtain the data verification result. Thus, by defining a signature verification data transmission protocol, compilation and parsing of various different data to be verified and verification parameters can be achieved, improving the data type compatibility of signature data verification, rather than being limited to a single type of signature data verification, thereby improving the efficiency of verifying different types of digital signatures. Attached Figure Description

[0012] To more clearly illustrate the technical solutions in the embodiments of this application or related technologies, the drawings used in the description of the embodiments of this application or related technologies will be briefly introduced below. Obviously, the drawings described below are only some embodiments of this application. For those skilled in the art, other related drawings can be obtained based on these drawings without creative effort.

[0013] Figure 1 This is a diagram illustrating the application environment of a data verification method in one embodiment.

[0014] Figure 2 This is a flowchart illustrating a data verification method in one embodiment;

[0015] Figure 3 This is a schematic diagram of the process for obtaining target signature data in one embodiment;

[0016] Figure 4 This is a schematic diagram illustrating the message structure defined by the signature verification data transmission protocol in one embodiment.

[0017] Figure 5 This is a flowchart illustrating the process of obtaining data verification results in one embodiment;

[0018] Figure 6 This is a flowchart illustrating the data verification method in another embodiment;

[0019] Figure 7 This is a schematic diagram of the architecture of a data verification system in one embodiment;

[0020] Figure 8 This is a schematic diagram illustrating the data verification process based on a data verification system in one embodiment.

[0021] Figure 9 This is a structural block diagram of a data verification device in one embodiment;

[0022] Figure 10 This is an internal structural diagram of a computer device in one embodiment. Detailed Implementation

[0023] To make the objectives, technical solutions, and advantages of this application clearer, the following detailed description is provided in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative and not intended to limit the scope of this application.

[0024] The data verification method provided in this application involves blockchain technology and can be applied to various scenarios such as online media, internet services, and online financial transactions. Specifically, it can be applied to, for example... Figure 1The application environment shown includes an object terminal 102, a virtual machine server 104, and a blockchain network 106. The object terminal 102 communicates with the virtual machine server 104 via the network. Smart contracts are deployed on the blockchain network 106, specifically basic signature verification contracts and pre-compiled signature verification contracts. These smart contracts can be registered in the smart contract module of the virtual machine server 104. A data storage system can store the data that the virtual machine server 104 needs to process. The data storage system can be integrated on the virtual machine server 104 or located on the cloud or other network servers. The object terminal 102 can be, but is not limited to, various personal computers, laptops, smartphones, tablets, IoT devices, portable wearable devices, and aircraft. IoT devices can include smart speakers, smart TVs, smart air conditioners, smart in-vehicle devices, and projection devices. Portable wearable devices can include smartwatches, smart bracelets, and head-mounted devices. Head-mounted devices can be virtual reality (VR) devices, augmented reality (AR) devices, smart glasses, etc. The virtual machine server 104 can be a standalone physical server, a server cluster consisting of multiple physical servers, or a cloud server providing basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDN, and big data and artificial intelligence platforms. The object terminal 102 and the server 104 can be directly or indirectly connected via wired or wireless communication; this embodiment does not impose any limitations on this.

[0025] Both the object terminal 102 and the virtual machine server 104 can be used independently to execute the data verification method provided in this embodiment, or they can work together to execute the data verification method. For example, taking the collaborative execution of the data verification method by the object terminal 102 and the virtual machine server 104, the virtual machine server 104 receives a data verification request triggered by the object terminal 102 and obtains the target message byte stream corresponding to the data verification request. The target message byte stream is obtained by encoding the data to be verified and the verification parameters corresponding to the data verification request. Further, the virtual machine server 104 calls the verification pre-compilation contract, performs parameter parsing on the target message byte stream according to the signature verification data transmission protocol, obtains the target signature data, and performs data type verification on the target signature data. If the virtual machine server 104 determines that the data type verification is successful, it determines the public key corresponding to the target signature data based on the public key encoding type and signature algorithm type in the target signature data. Based on the public key, it verifies the target signature in the target signature data to obtain the data verification result. The virtual machine server 104 can send the obtained data verification results back to the object terminal 102.

[0026] In one exemplary embodiment, such as Figure 2 As shown, a data verification method is provided, which can be applied to... Figure 1 Taking virtual machine server 104 as an example, the explanation includes the following steps S202 to S208. Wherein:

[0027] Step S202: Receive a data verification request, obtain the target message byte stream corresponding to the data verification request, and obtain the target message byte stream by encoding the data to be verified and the verification parameters corresponding to the data verification request.

[0028] Specifically, a user can trigger a data verification request based on its terminal. After detecting the data verification request triggered by the user, the terminal sends the request back to the virtual machine server. The virtual machine server receives and parses the data verification request to obtain the data to be verified and the verification parameters corresponding to the request. The virtual machine server can be a server deployed for the virtual machine used to execute smart contracts. This virtual machine can be the EVM (Ethereum Virtual Machine), a core component of the Ethereum blockchain responsible for executing smart contracts and processing transactions.

[0029] The data to be verified corresponding to the data verification request can specifically be a message to be signed and a target signature corresponding to the message to be signed. In digital signing, the signer uses their private key to sign the message to be signed to obtain the target signature. In signature verification, the verifier uses the signer's public key to verify the validity of the target signature. The verification parameters corresponding to the data verification request can specifically include parameters such as hash algorithm type, public key encoding type, and signature algorithm type.

[0030] For example, a hash algorithm refers to an algorithm that transforms an input of arbitrary length (such as a message) into a fixed-length output (i.e., a hash value) using a hash function. Specific types of hash algorithms include MD (Message Digest Algorithms), SHA (Secure Hash Algorithms), and RIPEMD (RACE Integrity Primitives Evaluation Message Digest). Public key encoding type refers to the format and encoding method of the public key during storage or transmission. Specific types include X.509 (used to define the format of a certificate, including public key information, certificate holder identity information, certificate authority information, and validity period), SPKI (Subject Public Key Info), PEM (Privacy Enhanced Mail), and DER (Distinguished Encoding Rules).

[0031] Signature algorithms are a series of algorithms in cryptography used to generate and verify digital signatures. Digital signatures are used to ensure data integrity, authentication, and non-repudiation. Specific types of signature algorithms include RSA (Rivest-Shamir-Adleman algorithm, an asymmetric encryption algorithm based on number theory), ECDSA (Elliptic Curve Digital Signature Algorithm), SM2 (Elliptic Curve Digital Key Cryptography, which includes encryption, signing, and key exchange algorithms), and EdDSA (Edwards-curve Digital Signature Algorithm, a digital signature algorithm based on Edwards curves), etc.

[0032] Furthermore, after obtaining the data to be verified and the verification parameters corresponding to the data verification request, the virtual machine server further feeds back the data verification request, the data to be verified, and the verification parameters to the smart contract. Upon receiving the data verification request, the smart contract calls the basic verification contract and calculates the byte length of the data to be verified and the verification parameters according to the verification function associated with the basic verification contract. Then, according to the signature verification data transmission protocol, it encodes the data to be verified, the verification parameters, and the byte length of each of the data to be verified and the verification parameters to obtain the target message byte stream corresponding to the data verification request. Thus, the smart contract can feed back the generated target message byte stream to the virtual machine server.

[0033] In an exemplary embodiment, after the virtual machine server sends the data verification request, the data to be verified, and the verification parameters back to the smart contract, the smart contract calls the basic verification contract and encodes the data to be verified and the verification parameters, as well as the byte lengths of the data to be verified and the verification parameters, according to the signature verification data transmission protocol. Specifically, according to the signature verification data transmission protocol, the message to be signed, the target signature data to be verified corresponding to the message to be signed, the byte lengths of the message to be signed and the target signature data to be verified, the verification parameters such as hash algorithm type, public key encoding type, and signature algorithm type, and the public key serialization value corresponding to the public key encoding type in the verification parameters are encoded to generate a target message byte stream, and the generated target message byte stream is sent back to the virtual machine server.

[0034] Step S204: Invoke the signature verification pre-compilation contract, and parse the target message byte stream according to the signature verification data transmission protocol to obtain the target signature data.

[0035] The blockchain network deploys a signature verification pre-compiled contract, which can be registered in the signature verification pre-compiled contract module of the virtual machine. The virtual machine server can call the signature verification pre-compiled contract by accessing the signature verification pre-compiled contract module of the virtual machine.

[0036] Specifically, the virtual machine server obtains the contract registration address of the signature verification pre-compiled contract in the virtual machine, accesses and calls the signature verification pre-compiled contract from the contract registration address, and parses the target message byte stream according to the signature verification data transmission protocol to obtain the target signature data.

[0037] Furthermore, the virtual machine server performs parameter parsing on the target message byte stream. The obtained target signature data may include specific verification parameters (including specific hash algorithm type, public key encoding type, and signature algorithm type, etc.) and specific data to be verified (such as specific information to be signed and the target signature corresponding to the information to be signed, etc.). Specifically, when parsing the target message byte stream, the target signature data is obtained by first parsing out the byte lengths corresponding to the verification parameters and the data to be verified, and then extracting the corresponding byte streams from the target message byte stream based on the lengths of each byte.

[0038] During parameter parsing, if a parsing error occurs, parsing will stop immediately and an error message will be returned. The error message should include the field that failed to be parsed and the reason for the failure, such as the byte length of the data to be verified being parsed as a negative value.

[0039] In an exemplary embodiment, the virtual machine server determines the contract registration address of the signature verification precompiled contract in the virtual machine and calls the signature verification precompiled contract registration interface deployed on the virtual machine to store the signature verification precompiled contract in the contract registration address. Thus, when the virtual machine server needs to call the signature verification precompiled contract for parameter parsing and signature verification, it can directly read and call it from the signature verification precompiled contract module deployed on the virtual machine server itself.

[0040] Step S206: Perform data type verification on the target signature data. If the data type verification is successful, determine the public key corresponding to the target signature data based on the public key encoding type and signature algorithm type in the target signature data.

[0041] Specifically, the virtual machine server performs data type verification on the target signature data by invoking the signature verification pre-compiled contract. Specifically, it verifies the data type of the verification parameters in the target signature data based on the pre-stored signature verification parameter types. The verification result includes either verification passed or verification failed.

[0042] The verification parameters specifically include hash algorithm type, public key encoding type, and signature algorithm type. The pre-stored verification parameter types specifically include the pre-stored algorithm types corresponding to each of the hash algorithm type, public key encoding type, and signature algorithm type. The pre-stored algorithm type can be understood as the algorithm type supported by the virtual machine that is pre-stored in the virtual machine for each verification parameter. For example, pre-stored hash algorithm types include MD (Message Digest), SHA (Secure Hash), and RIPEMD (Cryptographic Hash Message Digest). Pre-stored public key encoding types include SPKI (Personal Key Information), PEM (Enhanced Privacy Email), and DER (Distinguished Encoding Rule). Pre-stored signature algorithm types include RSA (Number Theory-based Asymmetric Encryption), ECDSA (Elliptic Curve Digital Signature Algorithm), SM2 (Elliptic Curve Public Key Cryptography), and EdDSA (Edwards Curve Digital Signature Algorithm).

[0043] Specifically, when the virtual machine server calls the signature verification pre-compiled contract and performs data type verification on each signature verification parameter, it includes: 1) verifying the data type of the hash algorithm type, determining whether the currently parsed hash algorithm type is a non-existent or unsupported algorithm based on the pre-stored hash algorithm type; 2) verifying the data type of the public key encoding type, determining whether the currently parsed public key encoding type is a non-existent or unsupported type based on the pre-stored public key encoding type; 3) verifying the data type of the signature algorithm type, determining whether the currently parsed signature algorithm type is a non-existent or unsupported signature algorithm based on the pre-stored signature algorithm type.

[0044] Furthermore, if the data type verification of each signature parameter is successful, the virtual machine server performs deserialization processing based on the public key encoding type and signature algorithm type in the target signature data to obtain the public key corresponding to the target signature data.

[0045] Specifically, when the virtual machine server performs deserialization processing based on the public key encoding type and the signature algorithm type, it determines the cryptographic library corresponding to the public key encoding type and the encryption key corresponding to the signature algorithm type. Thus, it can perform deserialization processing based on the cryptographic library corresponding to the public key encoding type and the encryption key to determine the public key corresponding to the target signature data.

[0046] Step S208: Verify the target signature in the target signature data based on the public key to obtain the data verification result.

[0047] Specifically, the virtual machine server obtains the hash algorithm type from the target signature data and then...

[0048] The hash algorithm type performs a hash calculation on the message to be signed to obtain the message hash value corresponding to the message to be signed. Thus, based on the public key and the message hash value, a standard signature for verification can be determined.

[0049] The specific types of hash algorithms include MD (Message Digest Algorithm), SHA (Secure Hash Algorithm), and RIPEMD (Cryptographic Hash Message Digest Algorithm). By performing a hash calculation on the message to be signed according to the determined hash algorithm type, such as MD (Message Digest Algorithm), the message hash value corresponding to the message to be signed can be obtained, such as the message digest value calculated by the MD algorithm. Thus, a standard signature for verification can be generated based on the public key and the message digest value.

[0050] Furthermore, after obtaining the standard signature used for verification, the virtual machine server uses the standard signature to verify the target signature in the target signature data, determining whether the two are consistent, and obtaining the corresponding data verification result. Specifically, the data verification result includes: a verification result where the data verification passes when the target signature and the standard signature match, and a verification result where the data verification fails when the target signature and the standard signature do not match.

[0051] In the aforementioned data verification method, the target message byte stream corresponding to the data verification request is obtained, and the verification pre-compilation contract is invoked. Following the signature verification data transmission protocol, the target message byte stream is parsed to obtain the target signature data. Further, the data type of the target signature data is verified. Upon successful verification, the public key corresponding to the target signature data is determined based on the public key encoding type and signature algorithm type. The target signature in the target signature data is then verified using this public key to obtain the verification result. This allows for the compilation and parsing of various types of data to be verified and verification parameters through a defined signature verification data transmission protocol, improving the data type compatibility of signature data verification and moving beyond a single type of signature data verification. This enhances the efficiency of verifying different types of digital signatures.

[0052] In one exemplary embodiment, such as Figure 3 As shown, the steps to obtain the target signature data, namely, calling the signature verification pre-compilation contract, parsing the target message byte stream according to the signature verification data transmission protocol, and obtaining the target signature data, specifically include the following steps S302 to S306. Wherein:

[0053] Step S302: Invoke the signature verification pre-compilation contract, and according to the signature verification data transmission protocol, parse the length of the first byte of the signature verification parameter and the length of the second byte of the data to be verified from the target message byte stream.

[0054] The blockchain network deploys a signature verification pre-compiled contract, which can be registered in the signature verification pre-compiled contract module of the virtual machine. The virtual machine server can call the signature verification pre-compiled contract by accessing the signature verification pre-compiled contract module of the virtual machine.

[0055] Specifically, the virtual machine server obtains the contract registration address of the signature verification pre-compiled contract in the virtual machine, accesses and calls the signature verification pre-compiled contract from the contract registration address, and parses the target message byte stream according to the signature verification data transmission protocol to parse out the first byte length of the signature verification parameters and the second byte length of the data to be verified from the target message byte stream.

[0056] The verification parameters specifically include hash algorithm type, public key encoding type, and signature algorithm type, while the data to be verified specifically includes the message to be signed and the target signature corresponding to the message to be signed. The length of the first byte of the verification parameters parsed from the target message byte stream by the virtual machine server specifically includes the byte length corresponding to each of the hash algorithm type, public key encoding type, and signature algorithm type. The length of the second byte of the data to be verified parsed from the target message byte stream specifically includes the byte length corresponding to each of the message to be signed and the target signature.

[0057] In an exemplary embodiment, before the virtual machine server parses the target message byte stream, a signature verification data transmission protocol needs to be predefined. That is, after the target terminal triggers a data verification request, the data to be verified and the verification parameters to be verified need to be encoded in accordance with the signature verification data transmission protocol to obtain the target message byte stream that can be sent to the virtual machine server for verification.

[0058] Specifically, after receiving a data verification request triggered by the target terminal, the virtual machine server obtains the data to be verified and the verification parameters corresponding to the data verification request, and feeds back the data verification request, the data to be verified and the verification parameters to the smart contract. The smart contract then calls the basic verification contract to encode the data to be verified and the verification parameters according to the signature verification data transmission protocol, thus obtaining the target message byte stream that can be sent to the virtual machine server for verification.

[0059] The signature verification data transmission protocol defines: 1) the storage locations of the hash algorithm type, public key encoding type, and signature algorithm type in the verification parameters, respectively, in the target message byte stream; 2) the public key length corresponding to the public key encoding type in the verification parameters, and the storage location of the public key length in the target message byte stream; 3) the storage location of the public key byte stream corresponding to the public key in the target message byte stream; 4) the message length corresponding to the message to be signed, and the storage location of the message length in the target message byte stream; 5) the storage location of the message byte stream corresponding to the message to be signed, and the storage location of the message byte stream in the target message byte stream; 6) the signature length corresponding to the target signature, and the storage location of the signature length in the target message byte stream; and 7) the storage location of the target signature byte stream corresponding to the target signature in the target message byte stream.

[0060] For example, by defining a signature verification data transmission protocol, the smart contract constructs and encodes the message to be verified according to the protocol to obtain the target message byte stream. The virtual machine server then parses the target message byte stream according to the signature verification data transmission protocol and verifies the legality of the message to be signed and the target signature within the target message byte stream. Wherein:

[0061] 1) The 0th byte of the message (byte stream index starts from 0) is the hash algorithm type used for signature, which is defined by an enumeration value, including but not limited to MD algorithm (i.e., message digest algorithm), SHA algorithm (i.e., secure hash algorithm), and RIPEMD algorithm (i.e., cryptographic hash message digest algorithm), etc.

[0062] 2) The first byte of the message is the public key encoding type, which is defined by an enumeration value, including but not limited to SPKI type (i.e., the main public key information type), PEM type (i.e., the added privacy email type), and DER type (i.e., the encoding rule type that can be identified).

[0063] 3) The second byte of the message is the signature algorithm type, which is defined by an enumeration value, including but not limited to RSA algorithm (i.e., number theory-based asymmetric encryption algorithm), ECDSA algorithm (i.e., elliptic curve digital signature algorithm), and SM2 algorithm (i.e., elliptic curve-based public key cryptosystem algorithm).

[0064] 4) The 3rd to 6th bytes of the message are the public key length, denoted as pubkey_len. When parsing the message, the serialized public key will be read from the target message byte stream based on the value of pubkey_len.

[0065] 5) Bytes 7 through 6 (the value of pubkey_len) of the message constitute the serialized public key byte stream, denoted as pubkey_bytes. The public key is obtained by deserializing from pubkey_bytes during message parsing. When defining the public key byte stream, a specific value of pubkey_len (i.e., the actual public key length, such as 10 bytes, rather than directly using bytes 3 through 6 of the message as pubkey_len) is required. The storage location of the public key byte stream within the target message byte stream varies depending on the actual public key length.

[0066] 6) The length of the message to be signed is from the value of pubkey_len + 7 to the value of pubkey_len + 10. When parsing the message, the message to be signed will be read from the target message byte stream according to the value of msg_len.

[0067] 7) Bytes from pubkey_len+11 to pubkey_len+msg_len+10 constitute the byte stream of the message to be signed, denoted as msg_bytes. Defining this byte stream requires specific values ​​for pubkey_len (the public key length) and msg_len (the message length). The storage location of the byte stream within the target message byte stream varies depending on the public key length and the message length.

[0068] 8) The length of the target signature is denoted as sign_len, from the value of pubkey_len + msg_len + 11 to the value of pubkey_len + msg_len + 14 of the message. When parsing the message, the signature byte stream will be read from the target message byte stream based on the value of sign_len.

[0069] 9) Bytes from pubkey_len + msg_len + 15 to pubkey_len + msg_len + sign_len + 14 constitute the target signature byte stream. When defining the target signature byte stream, specific values ​​of pubkey_len (i.e., the specific public key length), msg_len (i.e., the specific length of the message to be signed), and sign_len (i.e., the specific length of the target signature) are required. The storage location of the target signature byte stream within the target message byte stream varies depending on the public key length, the length of the message to be signed, and the length of the target signature.

[0070] Furthermore, such as Figure 4 As shown, a schematic diagram of the message structure defined by the signature verification data transmission protocol is provided. (Refer to...) Figure 4 It can be seen that the message defined by the signature verification data transmission protocol specifically includes: byte 0 - hash algorithm type, byte 1 - public key encoding type, byte 2 - signature algorithm type, bytes 3 to 6 - public key length (i.e., pubkey_len), bytes 7 to (public key length value + 6) - public key byte stream (i.e., pubkey_bytes), bytes (public key length value + 7) to (public key length value + 10) - message length (i.e., msg_len), bytes (public key length value + 11) to (public key length value + message length value + 10) - message byte stream to be signed (i.e., msg_bytes), bytes (public key length value + message length value + 11) to (public key length value + message length value + 14) - signature length (i.e., sign_len), and bytes (public key length value + message length value + 15) to (public key length value + message length value + signature length value + 14) - target signature byte stream.

[0071] Step S304: Based on the first byte length, read the first byte stream representing the signature verification parameters from the target message byte stream, and based on the second byte length, read the second byte stream representing the data to be verified from the target message byte stream.

[0072] Specifically, the length of the first byte of the signature verification parameter parsed by the virtual machine server from the target message byte stream includes the byte lengths corresponding to the hash algorithm type, public key encoding type, and signature algorithm type. The virtual machine server can then read the first byte stream representing the signature verification parameter from the target message byte stream based on the length of the first byte of the signature verification parameter. In other words, it can read the first byte stream representing the hash algorithm type, public key encoding type, and signature algorithm type from the target message byte stream.

[0073] Similarly, the second byte length of the data to be verified parsed from the target message byte stream by the virtual machine server specifically includes the byte lengths corresponding to the message to be signed and the target signature, respectively. Thus, the virtual machine server can read the second byte stream representing the data to be verified from the target message byte stream according to the second byte length of the data to be verified. That is, it can read the message to be signed byte stream used to represent the message to be signed and the target signature byte stream used to represent the target signature from the target message byte stream.

[0074] Step S306: Obtain the target signature data based on the first byte stream and the second byte stream.

[0075] Specifically, the virtual machine server obtains the corresponding hash algorithm type, public key encoding type, and signature algorithm type based on the first byte stream, which is used to represent the hash algorithm type, public key encoding type, and signature algorithm type. Based on the second byte stream, which represents the data to be verified, including the message to be signed byte stream representing the message to be signed and the target signature byte stream representing the target signature, the virtual machine server obtains the message to be signed and the target signature. Thus, the virtual machine server can determine the target signature data based on the obtained hash algorithm type, public key encoding type, signature algorithm type, message to be signed, and target signature.

[0076] In this embodiment, by invoking the signature verification pre-compilation contract, the first byte length of the signature verification parameters and the second byte length of the data to be verified are parsed from the target message byte stream according to the signature verification data transmission protocol. Based on the first byte length, the first byte stream representing the signature verification parameters is read from the target message byte stream, and based on the second byte length, the second byte stream representing the data to be verified is read from the target message byte stream. Thus, the target signature data can be obtained based on the first byte stream and the second byte stream. By defining the signature verification data transmission protocol and parsing the target message byte stream according to the protocol, it is possible to be compatible with various different data to be verified and signature verification parameters, enabling the compilation and parsing of different types of data to be verified and signature verification parameters, improving the data type compatibility of signature data verification, and the efficiency of signature verification processing for different types of digital signatures.

[0077] In one exemplary embodiment, such as Figure 5 As shown, the steps to obtain the data verification result, namely, verifying the target signature in the target signature data based on the public key and obtaining the data verification result, specifically include the following steps S502 to S506. Wherein:

[0078] Step S502: According to the hash algorithm type in the target signature data, perform hash calculation on the message to be signed to obtain the message hash value corresponding to the message to be signed.

[0079] Specifically, the virtual machine server parses the target signature data to obtain the hash algorithm type within it. Then, according to the obtained hash algorithm type, it performs a hash calculation on the message to be signed to obtain the message hash value corresponding to the message to be signed. For example, if the hash algorithm type is MD (Message Digest) algorithm, the message to be signed can be hashed according to the MD algorithm to obtain the message hash value corresponding to the message to be signed, such as a message digest value calculated based on the MD algorithm.

[0080] Step S504: Determine the standard signature used for signature verification based on the public key and the message hash value.

[0081] Specifically, the virtual machine server can deserialize the public key encoding type and signature algorithm type in the target signature data to obtain the public key, and then generate a standard signature for verification based on the public key and the message hash value.

[0082] Specifically, when generating a standard signature using the virtual machine server public key and message hash value, a standard signature carrying the expected signature address can be generated. The expected signature address refers to the address of the signature object to be signed in the message to be signed.

[0083] Step S506: Verify the target signature in the target signature data according to the standard signature to obtain the data verification result.

[0084] Specifically, the virtual machine server uses a standard signature to verify the target signature in the target signature data, determining whether the two are consistent and obtaining the corresponding data verification result. The data verification result includes: a successful verification result when the target signature and the standard signature match, and a failed verification result when the target signature and the standard signature do not match.

[0085] Furthermore, when the virtual machine server verifies the target signature based on the standard signature, it can do so by parsing the target signature to obtain the target signature address corresponding to the target signature, and comparing the expected signature address in the standard signature with the target signature address corresponding to the target signature to determine whether the expected signature address and the target signature address are consistent. Specifically, the data verification result includes: a successful verification result when the target signature address and the expected signature address are consistent, and a failed verification result when the target signature address and the expected signature address are inconsistent.

[0086] In this embodiment, the message to be signed is hashed according to the hash algorithm type in the target signature data to obtain the message hash value corresponding to the message to be signed. Based on the public key and the message hash value, a standard signature for verification is determined. The target signature in the target signature data is then verified based on the standard signature to obtain the data verification result. This realizes the verification of the target signature using the standard signature determined by the public key and the message hash value. This allows for the accurate verification of the validity of the target signature by combining different information, avoiding data tampering or unauthorized authorization, and ensuring the accuracy and integrity of the message to be signed.

[0087] In one exemplary embodiment, such as Figure 6 As shown, a data verification method is provided, which can be applied to... Figure 1 Taking virtual machine server 104 as an example, the explanation includes the following steps S601 to S611. Wherein:

[0088] Step S601: The virtual machine server receives the data verification request and obtains the data to be verified and the verification parameters corresponding to the data verification request.

[0089] Specifically, the user can trigger a data verification request based on the user terminal. After detecting the data verification request triggered by the user, the user terminal sends the data verification request back to the virtual machine server. The virtual machine server receives and parses the data verification request to obtain the data to be verified and the verification parameters corresponding to the data verification request.

[0090] Specifically, the data to be verified corresponding to the data verification request can be the message to be signed to be verified, and the target signature corresponding to the message to be signed.

[0091] In step S602, the virtual machine server sends the data verification request, the data to be verified, and the verification parameters back to the smart contract. The data verification request instructs the smart contract to call the basic verification contract. Based on the verification function associated with the basic verification contract, the server calculates the byte length of the data to be verified and the verification parameters, and encodes the data to be verified, the verification parameters, and their respective byte lengths according to the signature verification data transmission protocol to obtain the target message byte stream corresponding to the data verification request.

[0092] Specifically, after obtaining the data to be verified and the verification parameters corresponding to the data verification request, the virtual machine server further feeds back the data verification request, the data to be verified, and the verification parameters to the smart contract. Upon receiving the data verification request, the smart contract calls the basic verification contract and calculates the byte length of the data to be verified and the verification parameters according to the verification function associated with the basic verification contract. Then, according to the signature verification data transmission protocol, it encodes the data to be verified, the verification parameters, and the byte length of each of the data to be verified and the verification parameters to obtain the target message byte stream corresponding to the data verification request. Thus, the smart contract can feed back the generated target message byte stream to the virtual machine server.

[0093] Step S603: The virtual machine server receives the target message byte stream fed back from the smart contract.

[0094] Specifically, the virtual machine server can receive the target message byte stream fed back from the smart contract, and parse and verify the target message byte stream to obtain the corresponding data verification results.

[0095] In step S604, the virtual machine server determines the contract registration address of the signature verification pre-compiled contract in the virtual machine, calls the signature verification pre-compiled contract registration interface deployed on the virtual machine, and stores the signature verification pre-compiled contract in the contract registration address.

[0096] The blockchain network deploys a signature verification pre-compiled contract, which can be registered in the signature verification pre-compiled contract module of the virtual machine. The virtual machine server can call the signature verification pre-compiled contract by accessing the signature verification pre-compiled contract module of the virtual machine.

[0097] Specifically, the virtual machine server determines the contract registration address of the signature verification pre-compiled contract within the virtual machine and calls the signature verification pre-compiled contract registration interface deployed on the virtual machine to store the signature verification pre-compiled contract in the contract registration address. This allows subsequent access and invocation of the signature verification pre-compiled contract from the contract registration address. Furthermore, it parses the target message byte stream according to the signature verification data transmission protocol to obtain the target signature data. It is crucial that the contract registration address of the signature verification pre-compiled contract within the virtual machine avoids the virtual machine's reserved addresses to prevent address conflicts that could lead to inaccessibility and invocation issues.

[0098] In step S605, the virtual machine server calls the signature verification pre-compiled contract from the contract registration address, and according to the signature verification data transmission protocol, parses the length of the first byte of the signature verification parameter and the length of the second byte of the data to be verified from the target message byte stream.

[0099] Specifically, the virtual machine server obtains the contract registration address of the signature verification pre-compiled contract in the virtual machine, accesses and calls the signature verification pre-compiled contract from the contract registration address, and parses the target message byte stream according to the signature verification data transmission protocol to parse the first byte length of the signature verification parameters and the second byte length of the data to be verified from the target message byte stream.

[0100] The verification parameters specifically include hash algorithm type, public key encoding type, and signature algorithm type, while the data to be verified specifically includes the message to be signed and the target signature corresponding to the message to be signed. The length of the first byte of the verification parameters parsed from the target message byte stream by the virtual machine server specifically includes the byte length corresponding to each of the hash algorithm type, public key encoding type, and signature algorithm type. The length of the second byte of the data to be verified parsed from the target message byte stream specifically includes the byte length corresponding to each of the message to be signed and the target signature.

[0101] In step S606, the virtual machine server reads the first byte stream representing the signature verification parameters from the target message byte stream according to the first byte length, and reads the second byte stream representing the data to be verified from the target message byte stream according to the second byte length.

[0102] Specifically, the length of the first byte of the signature verification parameter parsed by the virtual machine server from the target message byte stream includes the byte lengths corresponding to the hash algorithm type, public key encoding type, and signature algorithm type. The virtual machine server can then read the first byte stream representing the signature verification parameter from the target message byte stream based on the length of the first byte of the signature verification parameter. In other words, it can read the first byte stream representing the hash algorithm type, public key encoding type, and signature algorithm type from the target message byte stream.

[0103] Similarly, the second byte length of the data to be verified parsed from the target message byte stream by the virtual machine server specifically includes the byte lengths corresponding to the message to be signed and the target signature, respectively. Thus, the virtual machine server can read the second byte stream representing the data to be verified from the target message byte stream according to the second byte length of the data to be verified. That is, it can read the message to be signed byte stream used to represent the message to be signed and the target signature byte stream used to represent the target signature from the target message byte stream.

[0104] In step S607, the virtual machine server obtains the target signature data based on the first byte stream and the second byte stream.

[0105] Specifically, the virtual machine server obtains the corresponding hash algorithm type, public key encoding type, and signature algorithm type based on the first byte stream, which is used to represent the hash algorithm type, public key encoding type, and signature algorithm type. Based on the second byte stream, which represents the data to be verified, including the message to be signed byte stream representing the message to be signed and the target signature byte stream representing the target signature, the virtual machine server obtains the message to be signed and the target signature. Thus, the virtual machine server can determine the target signature data based on the obtained hash algorithm type, public key encoding type, signature algorithm type, message to be signed, and target signature.

[0106] In step S608, the virtual machine server performs data type verification on the verification parameters in the target signature data according to the pre-stored verification parameter types.

[0107] Specifically, the virtual machine server verifies the data type of the target signature data by invoking the signature verification pre-compilation contract. Specifically, it verifies the data type of the verification parameters in the target signature data based on the pre-stored signature verification parameter types. These verification parameters specifically include the hash algorithm type, public key encoding type, and signature algorithm type, while the pre-stored signature verification parameter types specifically include the pre-stored algorithm types corresponding to each of the hash algorithm type, public key encoding type, and signature algorithm type.

[0108] Furthermore, when the virtual machine server calls the signature verification pre-compiled contract and performs data type verification on each signature verification parameter, it specifically includes: 1) performing data type verification on the hash algorithm type, determining whether the currently parsed hash algorithm type is a non-existent or unsupported algorithm based on the pre-stored hash algorithm type; 2) performing data type verification on the public key encoding type, determining whether the currently parsed public key encoding type is a non-existent or unsupported type based on the pre-stored public key encoding type; 3) performing data type verification on the signature algorithm type, determining whether the currently parsed signature algorithm type is a non-existent or unsupported signature algorithm based on the pre-stored signature algorithm type.

[0109] Step S609: If the data type verification is successful, the virtual machine server performs deserialization processing on the public key encoding type and signature algorithm type in the signature verification parameters to obtain the public key corresponding to the target signature data.

[0110] Specifically, if the data type verification of each signature parameter is successful, the virtual machine server performs deserialization processing based on the public key encoding type and signature algorithm type in the target signature data to obtain the public key corresponding to the target signature data.

[0111] Furthermore, when the virtual machine server performs deserialization processing based on the public key encoding type and the signature algorithm type, by determining the cryptographic library corresponding to the public key encoding type and the encryption key corresponding to the signature algorithm type, deserialization processing can be performed based on the cryptographic library corresponding to the public key encoding type and the encryption key to determine the public key corresponding to the target signature data.

[0112] In step S610, the virtual machine server performs hash calculation on the message to be signed according to the hash algorithm type in the target signature data to obtain the message hash value corresponding to the message to be signed.

[0113] Specifically, the virtual machine server parses the target signature data to obtain the hash algorithm type within it. Then, according to the obtained hash algorithm type, it performs a hash calculation on the message to be signed to obtain the message hash value corresponding to the message to be signed. For example, if the hash algorithm type is MD (Message Digest) algorithm, the message to be signed can be hashed according to the MD algorithm to obtain the message hash value corresponding to the message to be signed, such as a message digest value calculated based on the MD algorithm.

[0114] In step S611, the virtual machine server determines the standard signature for verification based on the public key and the message hash value, and verifies the target signature in the target signature data according to the standard signature to obtain the data verification result.

[0115] Specifically, the virtual machine server generates a standard signature for verification based on the public key and the message hash value. Specifically, it can generate a standard signature carrying the expected signature address, where the expected signature address refers to the address of the signature object to be signed in the message to be signed.

[0116] Furthermore, the virtual machine server verifies the target signature in the target signature data using a standard signature to determine if the two are consistent, thus obtaining the corresponding data verification result. Specifically, when verifying the target signature based on the standard signature, the virtual machine server can parse the target signature to obtain the target signature address corresponding to the target signature, and then compare the expected signature address in the standard signature with the target signature address corresponding to the target signature to determine if the expected signature address and the target signature address are consistent.

[0117] Specifically, the data verification results include: verification results where the target signature address and the expected signature address are consistent, and verification results where the target signature address and the expected signature address are inconsistent, and verification results where the data verification fails.

[0118] In the aforementioned data verification method, a data verification request is received, and the data to be verified and verification parameters corresponding to the request are obtained. The data verification request, the data to be verified, and the verification parameters are then fed back to the smart contract. The smart contract can then call the basic verification contract. Based on the verification function associated with the basic verification contract, the byte lengths of the data to be verified and the verification parameters are calculated. Following the signature verification data transmission protocol, the data to be verified, the verification parameters, and their respective byte lengths are encoded to obtain the target message byte stream corresponding to the data verification request. Further, by calling the verification pre-compilation contract, the obtained target message byte stream is parsed according to the signature verification data transmission protocol to obtain the target signature data. The data type of the target signature data is then verified. If the data type verification passes, the public key corresponding to the target signature data is determined based on the public key encoding type and signature algorithm type in the target signature data. Specifically, the public key can be used to verify the target signature in the target signature data to obtain the data verification result. By defining a signature verification data transmission protocol, it is possible to compile and parse various different data to be verified and verification parameters, thereby improving the data type compatibility of signature data verification and not being limited to a single type of signature data verification, thus improving the efficiency of verification processing for different types of digital signatures.

[0119] In one exemplary embodiment, such as Figure 7 As shown, a data verification system is provided, referring to... Figure 7 It is known that the data verification system includes: object terminal 702, virtual machine service 704, and smart contract terminal 706. Among them:

[0120] The object terminal 702 is used to: after detecting a data verification request triggered by the object, send the data verification request back to the virtual machine server 704.

[0121] Virtual machine server 704 is used to: receive data verification requests, obtain the data to be verified and verification parameters corresponding to the data verification request, and feed back the data verification request, the data to be verified and the verification parameters to the smart contract terminal 706.

[0122] Specifically, for both the target terminal and the virtual machine server, a signature verification data transmission protocol needs to be defined. After the target terminal triggers a data verification request, it needs to encode the data to be verified and the verification parameters according to the signature verification data transmission protocol to obtain a target message byte stream that can be sent to the virtual machine server for verification. The virtual machine server then parses the target message byte stream according to the signature verification data transmission protocol and verifies the legality of the message to be signed and the target signature in the target message byte stream.

[0123] Specifically, after receiving a data verification request triggered by the target terminal, the virtual machine server obtains the data to be verified and the verification parameters corresponding to the data verification request, and feeds back the data verification request, the data to be verified and the verification parameters to the smart contract. The smart contract then calls the basic verification contract to encode the data to be verified and the verification parameters according to the signature verification data transmission protocol, thus obtaining the target message byte stream that can be sent to the virtual machine server for verification.

[0124] The smart contract terminal 706 is used to: respond to a data verification request, call the basic verification contract, calculate the byte length of the data to be verified and the verification parameters according to the verification function associated with the basic verification contract; encode the data to be verified, the verification parameters, and the byte length of the data to be verified and the verification parameters according to the signature verification data transmission protocol to obtain the target message byte stream corresponding to the data verification request; and feed the target message byte stream back to the virtual machine server 704.

[0125] On the smart contract side, a basic signature verification contract is provided as a base class contract for objects to inherit and call to verify signature data. This basic signature verification contract provides verification functions, specifically:

[0126] 1) The verification function receives the hash algorithm type, public key encoding type, signature algorithm type, public key serialization value, message to be signed, and target signature as parameters; 2) The verification function calculates the byte length of the public key serialization value, message to be signed, and target signature respectively; 3) The basic signature verification contract encodes the parameters of the verification function (including the hash algorithm type, public key encoding type, signature algorithm type, public key serialization value, message to be signed, and target signature) and the calculated three lengths (including the byte length of the public key serialization value, message to be signed, and target signature) into a target message byte stream according to the signature verification data transmission protocol, and uses the obtained target message byte stream as the data to be verified; 4) The basic signature verification contract calls the signature verification pre-compilation contract in the virtual machine to parse and verify the target message byte stream, and returns the verification result of the signature data.

[0127] In an exemplary embodiment, if the user has a need to verify signature data in the data verification contract developed based on the smart contract, the signature verification contract file needs to be imported in advance, and the developed data verification contract is inherited from the base signature verification contract as the base class contract. That is, the developed data verification contract will have the signature verification function of the base class contract and can call the verification function to verify the signature data.

[0128] Specifically, for the developed data verification contract, when signature verification is required, the verification function of the basic signature verification contract inherited by the data verification contract can be directly called, and the corresponding parameters are passed in the order of the parameter list. The verification function will encode each parameter to obtain the corresponding target message byte stream, and call the signature verification pre-compilation contract registered in the virtual machine through assembly instructions to parse and verify the target message byte stream and return the corresponding data signature verification result.

[0129] Virtual machine server 704 is also used for: receiving the target message byte stream fed back by smart contract terminal 706, calling the signature verification pre-compiled contract, parsing the target message byte stream according to the signature verification data transmission protocol to obtain target signature data; verifying the data type of the target signature data, and if the data type verification is successful, determining the public key corresponding to the target signature data based on the public key encoding type and signature algorithm type in the target signature data; and verifying the target signature in the target signature data based on the public key to obtain the data verification result.

[0130] Specifically, the signature verification pre-compiled contract is developed in accordance with the specifications of the pre-compiled contract registration interface. It receives the target message byte stream as a parameter and, according to the signature verification data transmission protocol, parses specific information from the target message byte stream, including hash algorithm type, signature algorithm type, public key encoding type, public key length, message length, message byte stream, signature length, and signature byte stream. If an error occurs during parsing, parsing immediately stops and a parsing failure error message is returned. The error message should include the fields that failed to be parsed and the reason for the failure; for example, the public key length field might be parsed as a negative value.

[0131] Furthermore, the pre-compiled contract verification also needs to verify the parsed data, that is, to verify the data type of the target signature data, including: 1) checking whether the hash algorithm type is a non-existent or unsupported algorithm; 2) checking whether the public key encoding type is a non-existent or unsupported type; 3) checking whether the signature algorithm type is a non-existent or unsupported signature algorithm, etc.

[0132] Among them, virtual machine server 704 is also used to: determine the contract registration address of the signature verification pre-compiled contract in the virtual machine; call the signature verification pre-compiled contract registration interface deployed on the virtual machine, and store the signature verification pre-compiled contract in the contract registration address.

[0133] Specifically, by determining the contract registration address of the signature verification pre-compiled contract in the virtual machine, the signature verification pre-compiled contract can be registered with the signature verification pre-compiled contract module deployed on the virtual machine. The contract registration address refers to the key value (i.e., index value) of the signature verification pre-compiled contract. Therefore, when the signature verification pre-compiled contract needs to be called, the corresponding functional entry point of the signature verification pre-compiled contract can be found based on the address. Accessing this functional entry point allows the signature verification pre-compiled contract to be invoked for parameter parsing and data verification.

[0134] In an exemplary embodiment, the virtual machine server 704 is further configured to: invoke the signature verification pre-compilation contract, and according to the signature verification data transmission protocol, parse the first byte length of the signature verification parameters and the second byte length of the data to be verified from the target message byte stream; read the first byte stream representing the signature verification parameters from the target message byte stream according to the first byte length, and read the second byte stream representing the data to be verified from the target message byte stream according to the second byte length; and obtain the target signature data according to the first byte stream and the second byte stream.

[0135] The virtual machine server 704 is also used to: perform data type verification on the verification parameters in the target signature data according to the pre-stored verification parameter type; if the data type verification is found to be successful, perform deserialization processing on the public key encoding type and signature algorithm type in the verification parameters to obtain the public key corresponding to the target signature data.

[0136] Furthermore, the virtual machine server 704 is also used to: perform hash calculation on the message to be signed according to the hash algorithm type in the target signature data to obtain the message hash value corresponding to the message to be signed; determine the standard signature used for signature verification based on the public key and the message hash value; and verify the target signature in the target signature data based on the standard signature to obtain the data signature verification result.

[0137] In one exemplary embodiment, such as Figure 8 As shown, a process for data verification based on a data verification system is provided, referring to... Figure 8 It can be seen that the data verification process specifically includes:

[0138] In step S801, the object terminal will send the data verification request triggered by the object back to the virtual machine server.

[0139] In step S802, the virtual machine server receives a data verification request and obtains the data to be verified and the verification parameters corresponding to the data verification request.

[0140] In step S803, the virtual machine server sends the data verification request, the data to be verified, and the verification parameters back to the smart contract.

[0141] In step S804, the smart contract responds to the data verification request by calling the basic verification contract and calculating the byte length of the data to be verified and the verification parameters according to the verification function associated with the basic verification contract.

[0142] In step S805, the smart contract encodes the data to be verified, the verification parameters, and the byte lengths of the data to be verified and the verification parameters according to the signature verification data transmission protocol, to obtain the target message byte stream corresponding to the data verification request.

[0143] In step S806, the smart contract sends the target message byte stream back to the virtual machine server.

[0144] In step S807, the virtual machine server calls the signature verification pre-compilation contract, and performs parameter parsing on the target message byte stream according to the signature verification data transmission protocol to obtain the target signature data.

[0145] Step S808: The virtual machine server verifies the data type of the target signature data. If the data type verification is successful, the public key corresponding to the target signature data is determined based on the public key encoding type and signature algorithm type in the target signature data.

[0146] In step S809, the virtual machine server verifies the target signature in the target signature data based on the public key and obtains the data verification result.

[0147] In the aforementioned data verification system, when the virtual machine server receives a data verification request, it obtains the data to be verified and verification parameters corresponding to the request, and then feeds back the data verification request, the data to be verified, and the verification parameters to the smart contract. The smart contract can then call the basic verification contract, calculate the byte length of the data to be verified and the verification parameters according to the verification function associated with the basic verification contract, and encode the data to be verified, the verification parameters, and their respective byte lengths according to the signature verification data transmission protocol to obtain the target message byte stream corresponding to the data verification request. Further, the virtual machine server calls the verification pre-compilation contract to parse the parameters of the obtained target message byte stream according to the signature verification data transmission protocol, obtains the target signature data, and performs data type verification on the target signature data. If the data type verification passes, the server determines the public key corresponding to the target signature data based on the public key encoding type and signature algorithm type in the target signature data. Specifically, the virtual machine server can verify the target signature in the target signature data based on the public key and obtain the data verification result. By defining a signature verification data transmission protocol, it can compile and parse various different data to be verified and verification parameters, improve the data type compatibility of signature data verification, and not be limited to a single type of signature data verification, thereby improving the efficiency of verification processing for different types of digital signatures.

[0148] It should be understood that although the steps in the flowcharts of the above embodiments are shown sequentially according to the arrows, these steps are not necessarily executed in the order indicated by the arrows. Unless explicitly stated herein, there is no strict order restriction on the execution of these steps, and they can be executed in other orders. Moreover, at least some steps in the flowcharts of the above embodiments may include multiple steps or multiple stages. These steps or stages are not necessarily completed at the same time, but can be executed at different times. The execution order of these steps or stages is not necessarily sequential, but can be performed alternately or in turn with other steps or at least some of the steps or stages of other steps.

[0149] Based on the same inventive concept, this application also provides a data verification device for implementing the data verification method described above. The solution provided by this device is similar to the implementation described in the above method; therefore, the specific limitations in one or more data verification device embodiments provided below can be found in the limitations of the data verification method described above, and will not be repeated here.

[0150] In one exemplary embodiment, such as Figure 9 As shown, a data signature verification device is provided, including: a target message byte stream acquisition module 902, a parameter parsing module 904, a data type verification module 906, and a data signature verification module 908, wherein:

[0151] The target message byte stream acquisition module 902 is used to receive data verification requests and acquire the target message byte stream corresponding to the data verification request. The target message byte stream is obtained by encoding the data to be verified and the verification parameters corresponding to the data verification request. The parameter parsing module 904 is used to call the verification pre-compilation contract and parse the parameters of the target message byte stream according to the signature verification data transmission protocol to obtain the target signature data. The data type verification module 906 is used to verify the data type of the target signature data. If the data type verification is successful, the public key corresponding to the target signature data is determined according to the public key encoding type and signature algorithm type in the target signature data. The data verification module 908 is used to verify the target signature in the target signature data according to the public key to obtain the data verification result.

[0152] In the aforementioned data verification device, a data verification request is received, the target message byte stream corresponding to the request is obtained, and a verification pre-compilation contract is invoked. Following the signature verification data transmission protocol, the target message byte stream is parsed to obtain the target signature data. Further, the data type of the target signature data is verified. Upon successful verification, the public key corresponding to the target signature data is determined based on the public key encoding type and signature algorithm type. The target signature in the target signature data is then verified using this public key to obtain the verification result. This allows for the compilation and parsing of various types of data to be verified and verification parameters through a defined signature verification data transmission protocol, improving the data type compatibility of signature data verification and moving beyond a single type of signature data verification. This enhances the efficiency of verifying different types of digital signatures.

[0153] In an exemplary embodiment, the parameter parsing module is further configured to: invoke the signature verification pre-compilation contract, and according to the signature verification data transmission protocol, parse the first byte length of the signature verification parameter and the second byte length of the data to be verified from the target message byte stream; read the first byte stream representing the signature verification parameter from the target message byte stream according to the first byte length, and read the second byte stream representing the data to be verified from the target message byte stream according to the second byte length; and obtain the target signature data based on the first byte stream and the second byte stream.

[0154] In an exemplary embodiment, the data type verification module is further configured to: perform data type verification on the verification parameters in the target signature data according to the pre-stored verification parameter type; if the data type verification is found to be successful, perform deserialization processing on the public key encoding type and signature algorithm type in the verification parameters to obtain the public key corresponding to the target signature data.

[0155] In an exemplary embodiment, the data verification module is further configured to: perform hash calculation on the message to be signed according to the hash algorithm type in the target signature data to obtain a message hash value corresponding to the message to be signed; determine a standard signature for verification based on the public key and the message hash value; and verify the target signature in the target signature data based on the standard signature to obtain a data verification result.

[0156] In an exemplary embodiment, the target message byte stream acquisition module is further configured to: receive a data verification request, acquire the data to be verified and the verification parameters corresponding to the data verification request; feed back the data verification request, the data to be verified, and the verification parameters to the smart contract; the data verification request is used to instruct the smart contract to call the basic verification contract, calculate the byte length of the data to be verified and the verification parameters according to the verification function associated with the basic verification contract, and encode the data to be verified, the verification parameters, and the byte length of the data to be verified and the verification parameters according to the signature verification data transmission protocol to obtain the target message byte stream corresponding to the data verification request; and receive the target message byte stream fed back by the smart contract.

[0157] In one exemplary embodiment, a data verification device is provided, which further includes a contract registration module for: determining the contract registration address of the verification pre-compiled contract in a virtual machine; and calling the verification pre-compiled contract registration interface deployed on the virtual machine to store the verification pre-compiled contract in the contract registration address.

[0158] Each module in the aforementioned data verification device can be implemented entirely or partially through software, hardware, or a combination thereof. These modules can be embedded in the processor of a computer device in hardware form or independent of it, or stored in the memory of a computer device in software form, so that the processor can call and execute the corresponding operations of each module.

[0159] In one exemplary embodiment, a computer device is provided, which may be a server or an object terminal. Taking the computer device as a server as an example, its internal structure diagram can be as follows: Figure 10 As shown, this computer device includes a processor, memory, input / output interfaces (I / O), and a communication interface. The processor, memory, and I / O interfaces are connected via a system bus, and the communication interface is also connected to the system bus via the I / O interfaces. The processor provides computational and control capabilities. The memory includes non-volatile storage media and internal memory. The non-volatile storage media stores the operating system, computer programs, and a database. The internal memory provides the environment for the operating system and computer programs stored in the non-volatile storage media. The database stores target message byte streams, data to be verified, verification parameters, verification pre-compiled contracts, signature verification data transmission protocols, target signature data, public key encoding type, signature algorithm type, public key, target signature, and data verification results. The I / O interfaces are used for exchanging information between the processor and external devices. The communication interface is used for communicating with external terminals via a network connection. When executed by the processor, the computer program implements a data verification method.

[0160] Those skilled in the art will understand that Figure 10 The structure shown is merely a block diagram of a portion of the structure related to the present application and does not constitute a limitation on the computer device to which the present application is applied. Specific computer devices may include more or fewer components than those shown in the figure, or combine certain components, or have different component arrangements.

[0161] In one embodiment, a computer device is also provided, including a memory and a processor, wherein the memory stores a computer program, and the processor executes the computer program to implement the steps in the above method embodiments.

[0162] In one embodiment, a computer-readable storage medium is provided having a computer program stored thereon that, when executed by a processor, implements the steps in the above method embodiments.

[0163] In one embodiment, a computer program product is provided, including a computer program that, when executed by a processor, implements the steps in the above method embodiments.

[0164] It should be noted that the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data used for analysis, data stored, data displayed, etc.) involved in this application are all information and data authorized by the user or fully authorized by all parties, and the collection, use and processing of the relevant data must comply with relevant regulations.

[0165] Those skilled in the art will understand that all or part of the processes in the methods of the above embodiments can be implemented by a computer program instructing related hardware. The computer program can be stored in a non-volatile computer-readable storage medium, and when executed, it can include the processes of the embodiments of the above methods. Any references to memory, databases, or other media used in the embodiments provided in this application can include at least one of non-volatile memory and volatile memory. Non-volatile memory can include read-only memory (ROM), magnetic tape, floppy disk, flash memory, optical memory, high-density embedded non-volatile memory, resistive random access memory (ReRAM), magnetic random access memory (MRAM), ferroelectric random access memory (FRAM), phase change memory (PCM), graphene memory, etc. Volatile memory can include random access memory (RAM) or external cache memory, etc. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM). The databases involved in the embodiments provided in this application may include at least one type of relational database and non-relational database. Non-relational databases may include, but are not limited to, blockchain-based distributed databases. The processors involved in the embodiments provided in this application may be general-purpose processors, central processing units, graphics processing units, digital signal processors, programmable logic devices, quantum computing-based data processing logic devices, artificial intelligence (AI) processors, etc., and are not limited to these.

[0166] The technical features of the above embodiments can be combined arbitrarily. For the sake of brevity, not all possible combinations of the technical features in the above embodiments are described. However, as long as the combination of these technical features does not contradict each other, it should be considered within the scope of this application. The above embodiments only illustrate several implementation methods of this application, and their descriptions are relatively specific and detailed, but they should not be construed as limiting the scope of this application. It should be noted that for those skilled in the art, several modifications and improvements can be made without departing from the concept of this application, and these all fall within the protection scope of this application. Therefore, the protection scope of this application should be determined by the appended claims.

Claims

1. A data verification method, characterized in that, The method includes: Receive a data verification request and obtain the target message byte stream corresponding to the data verification request; the target message byte stream is obtained by encoding the data to be verified and the verification parameters corresponding to the data verification request. The signature verification pre-compilation contract is invoked, and the target message byte stream is parsed according to the signature verification data transmission protocol to obtain the target signature data; The target signature data is validated for data type. If the data type validation is successful, the public key corresponding to the target signature data is determined based on the public key encoding type and signature algorithm type in the target signature data. Based on the public key, the target signature in the target signature data is verified to obtain the data verification result.

2. The method according to claim 1, characterized in that, The invocation of the signature verification pre-compiled contract involves parsing the target message byte stream according to the signature verification data transmission protocol to obtain the target signature data, including: Invoke the signature verification pre-compiled contract, and according to the signature verification data transmission protocol, parse the first byte length of the signature verification parameters and the second byte length of the data to be verified from the target message byte stream; Based on the first byte length, a first byte stream representing the signature verification parameters is read from the target message byte stream, and based on the second byte length, a second byte stream representing the data to be verified is read from the target message byte stream; The target signature data is obtained based on the first byte stream and the second byte stream.

3. The method according to claim 1, characterized in that, The target signature data undergoes data type verification. If the data type verification passes, the public key corresponding to the target signature data is determined based on the public key encoding type and signature algorithm type in the target signature data, including: Based on the pre-stored signature verification parameter type, perform data type verification on the signature verification parameters in the target signature data; If the data type verification is successful, the public key encoding type and signature algorithm type in the signature verification parameters are deserialized to obtain the public key corresponding to the target signature data.

4. The method according to claim 1, characterized in that, The step of verifying the target signature in the target signature data based on the public key to obtain the data verification result includes: According to the hash algorithm type in the target signature data, perform hash calculation on the message to be signed to obtain the message hash value corresponding to the message to be signed; Based on the public key and the message hash value, a standard signature for signature verification is determined; Based on the standard signature, the target signature in the target signature data is verified to obtain the data verification result.

5. The method according to any one of claims 1 to 4, characterized in that, The step of receiving a data verification request and obtaining the target message byte stream corresponding to the data verification request includes: Receive a data verification request and obtain the data to be verified and the verification parameters corresponding to the data verification request; The data verification request, the data to be verified, and the verification parameters are fed back to the smart contract. The data verification request is used to instruct the smart contract to call the basic verification contract, calculate the byte length of the data to be verified and the verification parameters according to the verification function associated with the basic verification contract, and encode the data to be verified, the verification parameters, and the byte length of the data to be verified and the verification parameters according to the signature verification data transmission protocol to obtain the target message byte stream corresponding to the data verification request. Receive the target message byte stream fed back from the smart contract.

6. The method according to any one of claims 1 to 4, characterized in that, The method further includes: Determine the contract registration address of the signature verification precompiled contract in the virtual machine; Call the signature verification pre-compiled contract registration interface deployed on the virtual machine to store the signature verification pre-compiled contract in the contract registration address.

7. A data verification device, characterized in that, The device includes: The target message byte stream acquisition module is used to receive a data verification request and acquire the target message byte stream corresponding to the data verification request; the target message byte stream is obtained by encoding the data to be verified and the verification parameters corresponding to the data verification request. The parameter parsing module is used to call the signature verification pre-compiled contract, and perform parameter parsing on the target message byte stream according to the signature verification data transmission protocol to obtain the target signature data; The data type verification module is used to verify the data type of the target signature data. If the data type verification is found to be successful, the public key corresponding to the target signature data is determined according to the public key encoding type and signature algorithm type in the target signature data. The data signature verification module is used to verify the target signature in the target signature data based on the public key, and obtain the data signature verification result.

8. A computer device comprising a memory and a processor, wherein the memory stores a computer program, characterized in that, When the processor executes the computer program, it implements the steps of the method according to any one of claims 1 to 6.

9. A computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 6.

10. A computer program product, comprising a computer program, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 6.