CN111800271A - A Batch Certification Method Based on XML Transmission Format - Google Patents
A Batch Certification Method Based on XML Transmission Format Download PDFInfo
- Publication number
- CN111800271A CN111800271A CN202010609127.9A CN202010609127A CN111800271A CN 111800271 A CN111800271 A CN 111800271A CN 202010609127 A CN202010609127 A CN 202010609127A CN 111800271 A CN111800271 A CN 111800271A
- Authority
- CN
- China
- Prior art keywords
- xml
- format
- batches
- certificate
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
- H04L9/3268—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F40/00—Handling natural language data
- G06F40/10—Text processing
- G06F40/12—Use of codes for handling textual entities
- G06F40/14—Tree-structured documents
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Audiology, Speech & Language Pathology (AREA)
- Artificial Intelligence (AREA)
- Computational Linguistics (AREA)
- General Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
本发明公开的一种基于XML传输格式的批量发证方法,包括以下步骤:S1、产生密钥对,并把相应公钥封装成PKCS10格式的证书请求文件;S2、把封装好的证书请求文件,按照特定的格式逐条写入到XML文件中并生成XML文件;S3、把生成好的XML文件,批量导入到数字证书签发系统;S4、数字证书签发系统签发成功后批量下载签发好的证书;S5、把签发好的数字证书同样以XML的格式返回;S6、再批量导入到发证介质。S7、整个流程发证完成。本发明了实现在网络不通的情况快速发证的目的。
A batch certificate issuing method based on XML transmission format disclosed by the present invention includes the following steps: S1, generating a key pair, and encapsulating the corresponding public key into a certificate request file in PKCS10 format; S2, encapsulating the packaged certificate request file , write it into the XML file one by one according to a specific format and generate the XML file; S3. Import the generated XML file into the digital certificate issuance system in batches; S4. After the digital certificate issuance system is successfully issued, download the issued certificates in batches; S5, return the signed digital certificate in XML format; S6, import it to the issuing medium in batches. S7, the whole process of certification is completed. The invention achieves the purpose of rapidly issuing certificates in the case of network failure.
Description
技术领域technical field
本发明涉及数字证书相关技术领域,特别涉及一种基于XML传输格式的批量发证方法。The invention relates to the related technical field of digital certificates, in particular to a batch certificate issuing method based on an XML transmission format.
背景技术Background technique
随着物联网的快速发展,物联网之前的通信安全也越来越得到重视,给物联网设备签发数字证书就是一种安全的解决方案,但是传统的发证模式基本上是单个签发效率低下而且签发时强依赖证书介质。因此发明一种快速而且不必强依赖证书介质的发证模式就显的很有必要。With the rapid development of the Internet of Things, more and more attention has been paid to the communication security before the Internet of Things. Issuing digital certificates for IoT devices is a safe solution. Strong reliance on certificate media. Therefore, it is necessary to invent a certificate issuance mode that is fast and does not have to rely heavily on the certificate medium.
发明内容SUMMARY OF THE INVENTION
本发明的目的是为了解决现有模式中存在的不足,提出一种不必强依赖发证介质,借助XML数据格式批量快速的发证方法。The purpose of the present invention is to solve the deficiencies in the existing mode, and to propose a batch and fast certificate issuing method without relying strongly on the certificate issuing medium and by means of the XML data format.
为实现上述的目的,本发明采用了如下技术方案:To achieve the above-mentioned purpose, the present invention has adopted the following technical solutions:
一种基于XML传输格式的批量发证方法,包括以下步骤:A batch certificate issuing method based on XML transmission format, comprising the following steps:
S1、产生密钥对,并把相应公钥封装成PKCS10格式的证书请求文件;S1. Generate a key pair, and encapsulate the corresponding public key into a certificate request file in PKCS10 format;
S2、把封装好的证书请求文件,按照特定的格式逐条写入到XML文件中并生成XML文件;S2. Write the packaged certificate request file into the XML file one by one according to a specific format and generate the XML file;
S3、把生成好的XML文件,批量导入到数字证书签发系统;S3. Import the generated XML files into the digital certificate issuance system in batches;
S4、数字证书签发系统签发成功后批量下载签发好的证书;S4. After the digital certificate issuance system is successfully issued, the issued certificates are downloaded in batches;
S5、把签发好的数字证书同样以XML的格式返回;S5. Return the signed digital certificate also in XML format;
S6、再把证书批量导入到发证介质。S6. Import the certificates into the certificate issuing medium in batches.
S7、整个流程发证完成。S7, the whole process of certification is completed.
由于采用了如上的技术方案,本发明通过密钥对,生成PKCS10格式的张书请求,然后封装到XML文件中,然后导入到数字证书签发系统中进行批量发证,把签发好的证书批量下载下来,再把证书批量导入到证书介质中,实现在网络不通的情况快速发证的目的。Due to the adoption of the above technical solution, the present invention generates a book request in PKCS10 format through a key pair, then encapsulates it into an XML file, and then imports it into a digital certificate issuing system for batch issuance, and downloads the issued certificates in batches Then, import the certificates into the certificate medium in batches to achieve the purpose of fast certificate issuance in the case of network failure.
附图说明Description of drawings
图1为本发明基于XML传输格式的批量发证方法的流程示意图。FIG. 1 is a schematic flowchart of a batch certificate issuing method based on XML transmission format according to the present invention.
具体实施方式Detailed ways
以下结合附图和具体实施方式来进一步描述本发明。The present invention will be further described below in conjunction with the accompanying drawings and specific embodiments.
参见图1,一种基于XML传输格式的批量发证方法,包括以下步骤:Referring to Figure 1, a batch certification method based on XML transmission format includes the following steps:
S1、产生密钥对,并把相应公钥封装成PKCS10格式的证书请求文件;S1. Generate a key pair, and encapsulate the corresponding public key into a certificate request file in PKCS10 format;
S2、把封装好的证书请求文件,按照特定的格式逐条写入到XML文件中并生成XML文件;S2. Write the packaged certificate request file into the XML file one by one according to a specific format and generate the XML file;
S3、把生成好的XML文件,批量导入到数字证书签发系统;S3. Import the generated XML files into the digital certificate issuance system in batches;
S4、数字证书签发系统签发成功后批量下载签发好的证书;S4. After the digital certificate issuance system is successfully issued, the issued certificates are downloaded in batches;
S5、把签发好的数字证书同样以XML的格式返回;S5. Return the signed digital certificate also in XML format;
S6、再把证书批量导入到发证介质。S6. Import the certificates into the certificate issuing medium in batches.
S7、整个流程发证完成。S7, the whole process of certification is completed.
Claims (1)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010609127.9A CN111800271A (en) | 2020-06-29 | 2020-06-29 | A Batch Certification Method Based on XML Transmission Format |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010609127.9A CN111800271A (en) | 2020-06-29 | 2020-06-29 | A Batch Certification Method Based on XML Transmission Format |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111800271A true CN111800271A (en) | 2020-10-20 |
Family
ID=72810832
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010609127.9A Pending CN111800271A (en) | 2020-06-29 | 2020-06-29 | A Batch Certification Method Based on XML Transmission Format |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111800271A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1989731A (en) * | 2004-07-23 | 2007-06-27 | 数码安信有限公司 | System and method for implementing digital signature using one time private keys |
| CN101527714A (en) * | 2008-12-31 | 2009-09-09 | 北京飞天诚信科技有限公司 | Method, device and system for accreditation |
| US20090287931A1 (en) * | 2005-12-22 | 2009-11-19 | Cian Kinsella | Establishing Proof of Existence and Possession of Digital Content |
| CN101827094A (en) * | 2010-04-01 | 2010-09-08 | 北京数码视讯科技股份有限公司 | Method for sending down digital certificate, device and system |
| CN102932136A (en) * | 2007-09-14 | 2013-02-13 | 安全第一公司 | Systems and methods for managing cryptographic keys |
| CN108964883A (en) * | 2017-05-27 | 2018-12-07 | 北京安软天地科技有限公司 | It is a kind of using smart phone as the digital certificate store of medium and endorsement method |
-
2020
- 2020-06-29 CN CN202010609127.9A patent/CN111800271A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1989731A (en) * | 2004-07-23 | 2007-06-27 | 数码安信有限公司 | System and method for implementing digital signature using one time private keys |
| US20090287931A1 (en) * | 2005-12-22 | 2009-11-19 | Cian Kinsella | Establishing Proof of Existence and Possession of Digital Content |
| CN102932136A (en) * | 2007-09-14 | 2013-02-13 | 安全第一公司 | Systems and methods for managing cryptographic keys |
| CN101527714A (en) * | 2008-12-31 | 2009-09-09 | 北京飞天诚信科技有限公司 | Method, device and system for accreditation |
| CN101827094A (en) * | 2010-04-01 | 2010-09-08 | 北京数码视讯科技股份有限公司 | Method for sending down digital certificate, device and system |
| CN108964883A (en) * | 2017-05-27 | 2018-12-07 | 北京安软天地科技有限公司 | It is a kind of using smart phone as the digital certificate store of medium and endorsement method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN114422115B (en) | A method, system, device and readable storage medium for power grid data encryption transmission | |
| CN109889494B (en) | A revocable method for safe sharing of cloud data | |
| CN106020139A (en) | Intelligent substation configuration file consistency guaranteeing method based on process control | |
| CN112804217B (en) | A method and device for depositing certificates based on blockchain technology | |
| JP2019134423A (en) | Compact security certificate | |
| US11777745B2 (en) | Cloud-side collaborative multi-mode private data circulation method based on smart contract | |
| CN113193961B (en) | Digital certificate management method and device | |
| CN114448727B (en) | Information processing method and system based on industrial Internet identification analysis system | |
| CN108833438A (en) | A blockchain-based method for secure storage of industrial Internet of Things information | |
| CN115459979A (en) | Https bidirectional authentication-based vehicle-mounted end and vehicle cloud platform mutual communication method and system | |
| CN111800271A (en) | A Batch Certification Method Based on XML Transmission Format | |
| CN102054135A (en) | Software authorization method and device | |
| CN111274615A (en) | A long-term digital signature method based on OFD format file | |
| CN104639330B (en) | A kind of GOOSE message completeness certification method | |
| CN113206746B (en) | Digital certificate management method and device | |
| CN115037479A (en) | Client side comprehensive energy public information data storage protection method | |
| CN101777980B (en) | Method for protection of digital certificate extension information | |
| CN113206745A (en) | Digital certificate management method and device | |
| CN218450552U (en) | Electric core network terminal based on 5G | |
| CN111738853A (en) | A transaction optimization method and device based on a blockchain distributed system | |
| CN101534262B (en) | A message transmission method, network device and network system | |
| CN113242132B (en) | A digital certificate management method and device | |
| CN116506127A (en) | TEE-based under-blockchain verifiable storage method | |
| CN113469692A (en) | Internet of things data transaction method based on block chain | |
| CN111343166A (en) | Method, system and storage medium for connection between client and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201020 |