JP2024027133A - Program, information processing apparatus, and method - Google Patents

Abstract

The present invention provides a program, an information processing device, and a method by which a user directly adds an electronic signature to a document to be electronically signed stored in a server. SOLUTION: A program that runs on a processor of an information processing device, which includes a step S102 of calculating a hash value of a document to the processor, and a step S103 of transmitting the hash value of the document to a first terminal operated by a user. Step S104 receives from the first terminal an encrypted hash value obtained by encrypting the hash value of the document using a private key used for the user's electronic signature; In response to the step S107 of attaching the digital signature as a signature and accepting the request for the document from the requesting terminal, the requesting terminal is permitted to view the document to which the electronic signature has been attached, but Steps that do not allow saving and are executed. [Selection diagram] Figure 11

Description

The present disclosure relates to a program, an information processing device, and a method.

2. Description of the Related Art Conventionally, there has been a technology for attaching an electronic signature to a contract in an electronic contract. Patent Document 1 states, ``The user sets the authentication information he or she has come up with for his/her own signature key stored in the tamper-resistant device (5) via the terminal device (2). When signing a signature, the user sends his or her authentication information to the tamper-resistant device (5) via the terminal device (2) to request permission to use the signature key. The authentication information provided will be verified, and only if the correct authentication information is entered, the signature will be permitted and an electronic signature will be issued.''

JP 2021-90114 Publication

However, with conventional technology, users are required to apply electronic signatures to documents such as contracts on their own terminals, so even documents stored on the cloud need to be downloaded to the user's terminals. . As described above, problems arise when a document to be electronically signed is moved, copied, etc. For example, there is a problem in that it is not possible to ensure the identity of a document before an electronic signature and a document after an electronic signature, and it becomes necessary to verify the identity. Even if the document is in PDF (Portable Document Format) format, it can be edited using specific software. For this reason, downloading of contracts, etc. may not be permitted in some cases.

Furthermore, for example, when a document to be digitally signed is downloaded from the cloud to a user's terminal, the amount of communication increases depending on the amount of data of the document. In addition, the user has to download the software once, which causes trouble for the user. Furthermore, if there are multiple downloaded documents, there is a possibility that the user may mix up the documents and end up electronically signing another document.

Therefore, in the present disclosure, a technology is provided that allows a user to directly add an electronic signature to a document to be electronically signed stored in a server.

A program according to the present disclosure is a program for operating a computer that is equipped with a processor and that creates and/or manages documents for the purpose of expressing or notifying a user's intention, the program comprising , calculating a hash value of the document, transmitting the hash value of the document to a first terminal operated by the user, and transmitting the hash value of the document from the first terminal to the user's electronic a step of receiving an encrypted hash value encrypted with a private key used for signature; a step of adding the encrypted hash value to the document as the electronic signature of the user; In response to receiving a request for the document, the requesting terminal is allowed to view the document to which the electronic signature has been attached, but is not allowed to save the document.

According to the present disclosure, a user can directly add an electronic signature to a document that is stored in a server and is subject to an electronic signature.

1 is a diagram showing the overall configuration of an information processing system 1. FIG. 1 is a diagram showing the configuration of an information processing device 10. FIG. 1 is a diagram showing a functional configuration of an information processing device 10. FIG. It is a diagram showing an example of the data structure of a document DB. FIG. 3 is a diagram showing a functional configuration of a first terminal. It is a figure which shows an example of a document confirmation screen. It is a figure which shows an example of a document confirmation screen. It is a figure which shows an example of a completion screen. It is a figure which shows an example of a verification result display screen. It is a figure which shows an example of a verification result display screen. 2 is a flowchart illustrating a process in which the information processing device 10 adds an electronic signature. 2 is a flowchart showing a process in which the first terminal 20 adds an electronic signature. 2 is a flowchart illustrating a process in which the information processing device 10 performs verification.

Embodiments of the present disclosure will be described below with reference to the drawings. In the following description, the same parts are given the same reference numerals. Their names and functions are also the same. Therefore, detailed description thereof will not be repeated.

<Summary of this disclosure>
The present disclosure describes a program, an information processing device, and a method for adding an electronic signature to a document in an information processing system that creates and manages documents for the purpose of expressing or notifying a user's intention. The present disclosure also describes a program, etc. that verifies an electronic signature given to a document in an information processing system that creates and/or manages documents for the purpose of expressing or notifying a user's intention.

<1. Configuration of information processing system 1>
An information processing system 1 according to the present disclosure will be described using FIG. 1. The information processing system 1 according to the present disclosure manages documents for the purpose of expressing or notifying a user's intention, and adds an electronic signature to the documents. The information processing system 1 also verifies the electronic signature given to the document.

FIG. 1 is a diagram showing the configuration of an information processing system 1. As shown in FIG. The information processing system 1 includes an information processing device 10, a first terminal 20, a tamper-resistant device 30, a second terminal 40, a CA 50, and a network 60.

The information processing device 10 creates and/or manages documents for the purpose of expressing or notifying the user's intentions. Details will be described later.

The first terminal 20 is a terminal operated by a user. Details will be described later.

The tamper-resistant device 30 is a card-type device that includes an IC chip. The tamper-resistant device 30 is, for example, a My Number card, a transportation IC card, or the like. The IC chip stores the user's private key, public key, public key certificate, etc. in advance. The IC chip has tamper resistance. The IC chip also has a function of encrypting received data using the private key and transmitting the result. The tamper-resistant device 30 also has a function of transmitting a public key corresponding to the private key and a public key certificate.

The second terminal 40 is a terminal operated by a user or a third party. The second terminal 40 is, for example, a computer such as a laptop computer, a desktop computer, a smartphone, or a tablet terminal. CA50 is a certification authority.

The first terminal 20, the second terminal 40, and the CA 50 are configured to be able to communicate with each other via the network 60. Further, the first terminal 20 and the tamper-resistant device 30 are configured to be able to communicate through contact communication, short-range wireless communication, or the like.

<1.1. Configuration of information processing device 10>
The information processing device 10 will be explained using FIGS. 2 and 3. The information processing device 10 is, for example, a laptop computer, a rack mount type computer, a tower type computer, or the like. The information processing device 10 may be configured by a plurality of information processing devices 10 and the like. How to allocate the plurality of functions required to realize the information processing system 1 can be determined as appropriate in view of the processing capacity of each piece of hardware, the specifications required of the information processing system 1, and the like.

FIG. 2 is a diagram showing the configuration of the information processing device 10. As shown in FIG. The information processing device 10 includes a processor 11, a memory 12, a storage 13, a communication IF 14, and an input/output IF 15.

The processor 11 is hardware for executing a set of instructions written in a program, and is composed of an arithmetic unit, registers, peripheral circuits, and the like.

The memory 12 is for temporarily storing programs and data processed by the programs, and is, for example, a volatile memory such as DRAM (Dynamic Random Access Memory).

The storage 13 is a storage device for storing data, and is, for example, a flash memory, an HDD (Hard Disc Drive), or an SSD (Solid State Drive).

The communication IF 14 is an interface for inputting and outputting signals so that the information processing device 10 communicates with an external device. The communication IF 14 is connected to a network 60 such as the Internet or wide area Ethernet by wire or wirelessly.

The input/output IF 15 functions as an interface with an input device (for example, a pointing device such as a mouse, a keyboard) for receiving input operations, and an output device (display, speaker, etc.) for presenting information.

FIG. 3 is a block diagram showing the functional configuration of the information processing device 10. As shown in FIG. 3, the information processing device 10 includes a communication section 110, a storage section 120, and a control section 130.

The communication unit 110 performs processing for the information processing device 10 to communicate with an external device.

The storage unit 120 stores data and programs used by the information processing device 10. The storage unit 120 stores a document DB 121 and the like.

The document DB 121 is a database that holds information regarding user documents. FIG. 4 is a diagram showing an example of the data structure of the document DB 121. As shown in FIG. 4, the document DB 121 includes items such as "Document ID", "Document Name", "Sender/Recipient", "Hash Value", "Electronic Signature", and "Public Key Certificate". /Validity date”, item “Electronic signature verification result”, etc.

The item "document ID" is information for identifying a document. The document of the present disclosure is a document in which matters necessary for a user to express an intention, notify an intention, or notify an idea are described. The documents are related to, for example, an application form in an administrative procedure, a single act such as a will, a joint act by a plurality of users, a contract involving a counterparty, and the like. Further, the document may be a document concluded through an electronic contract. The document may be text data or image data as long as it is converted into data.

The item "document name" is the name of the document. The name of the document is, for example, given by the user.

The item “sender/receiver” is information that identifies the person who sent the document to the information processing device 10 and the person who received the document from the information processing device 10. The sender is, for example, a user who created a document. When the user transmits the document to the information processing device 10 and the document is managed by the information processing device 10, the user ID of the user is stored in the sender. The recipient is, for example, a party, agent, participant, etc. in a contract or joint act regarding the document. The recipient is set in advance by the sender.

The item "hash value" is the hash value of the document. Specifically, the hash value is a value calculated using a document, a random number, and a predetermined hash function. Note that another digest value (for example, a digest value obtained by MD5) may be used as the hash value.

The item "electronic signature" is an electronic signature given to a document.

The item "public key certificate/expiration date" is the public key certificate corresponding to the private key used for the electronic signature given to the document and its expiration date.

The item "electronic signature verification result" is the result of verifying the electronic signature.

The control unit 130 includes a reception control unit 131, a transmission control unit 132, a calculation unit 133, a signature unit 134, a viewing unit 135, a verification unit 136, and a presentation unit by the processor 11 of the information processing device 10 performing processing according to a program. 137.

The reception control unit 131 controls a process in which the information processing device 10 receives a signal from an external device according to a communication protocol.

The transmission control unit 132 controls a process in which the information processing device 10 transmits a signal to an external device according to a communication protocol.

The calculation unit 133 calculates a hash value of the document. Specifically, the calculation unit 133 calculates the hash value of the document using a predetermined hash function. The calculation unit 133 causes the transmission control unit 132 to transmit the calculated hash value to the first terminal 20.

The signature unit 134 adds the encrypted hash value received from the first terminal to the document as the user's electronic signature. Specifically, the signature unit 134 receives an encrypted hash value obtained by encrypting the hash value of the document received from the first terminal using the private key used for the user's signature, and the private key. Obtain the public key corresponding to .

Next, the signature unit 134 verifies the validity of the encrypted hash value based on the hash value of the document, the encrypted hash value, and the public key corresponding to the private key. More specifically, the signature unit 134 uses the public key to compare the decrypted hash value obtained by decrypting the encrypted hash value with the hash value of the document calculated by the calculation unit 133, thereby verifying the validity of the document. Verify gender. If the decrypted hash value matches the hash value of the document, the signature unit 134 determines that the encrypted hash value is valid. Note that the signature unit 134 may be configured to receive a public key certificate from the first terminal 20 and verify both the expiration date of the public key and the validity of the public key. At this time, the signature section 134 may be configured to perform verification using a verification section 136, which will be described later.

Then, when the validity of the encrypted hash value is recognized, the signature unit 134 adds the encrypted hash value to the document as the user's electronic signature. Further, the signature unit 134 causes the transmission control unit 132 to transmit the result of adding the electronic signature to the first terminal 20.

In response to receiving a request for a document from a requesting terminal, the viewing unit 135 causes the requesting terminal to view the document to which an electronic signature has been added. Specifically, the viewing unit 135 receives a request for a document from a requesting terminal. In response to the request, the viewing unit 135 causes the requesting terminal to temporarily store the document in the memory of the terminal when an application for viewing the document to which the electronic signature is attached is being executed. To give permission. However, the viewing unit 135 does not permit storage in the memory of the requesting terminal when the application is not being executed.

More specifically, the viewing unit 135 first receives a request for a document, such as a request to view the document, from the requesting terminal when the reception control unit 131 receives it. The requesting terminals are, for example, the first terminal 20, the second terminal 40, etc. The viewing unit 135 verifies whether the requesting terminal has the authority for the requested document by performing authentication on the requesting terminal.

If the requesting terminal has the authority, the viewing unit 135 causes the requesting terminal to view the document by transmitting viewing data regarding the document to which the electronic signature has been attached to the requesting terminal. At this time, the viewing unit 135 allows viewing of the document to which the electronic signature has been added, but does not allow the document to be saved. The requesting terminal displays viewing data about the document using a specific application. The viewing data can be displayed on the specific application, but is configured such that it cannot be downloaded, edited, etc. on the specific application. Such application functions can be realized by, for example, a mechanism for sharing documents managed on the cloud to which only viewing privileges are granted, or a mechanism for allowing PDF files to be viewed on a browser but not downloaded. I can do it. In order to disallow such storage, the viewing unit 135 confirms whether or not the requesting terminal has the authority for the requested document, if the request is made via the specific application. Check whether or not. Furthermore, in order to disallow such storage, the viewing unit 135 may check whether the particular application is being executed on the requesting terminal. Note that the viewing unit 135 may be configured to permit viewing of the document when the specific application is in an executable state even if the specific application is not being executed.

Further, if an alert indicating that the expiration date of the public key, which will be described later, is approaching, is set, the viewing unit 135 displays the alert on the requesting terminal.

The verification unit 136 corresponds to a pre-calculated hash value of the document, an encrypted hash value that is an electronic signature given to the document, and a private key used when encrypting the encrypted hash value. Based on the public key, it is verified whether the encrypted hash value is valid as the user's electronic signature for the document. Specifically, the verification unit 136 performs three verifications: (1) verification of the validity of the electronic signature, (2) verification of the validity of the public key, and (3) verification of the validity of the public key. Further, the verification unit 136 starts verification when the reception control unit 131 receives a verification request from, for example, a terminal operated by a user who requests verification. The terminals operated by the user requesting verification are, for example, the first terminal 20, the second terminal 40, and the like. The verification request is transmitted from the terminal operated by the user requesting verification to the information processing device 10 by operating a screen for executing verification displayed on the terminal operated by the user requesting verification. .

(1) Verification of validity of electronic signature The verification unit 136 verifies the validity of the electronic signature by comparing the pre-calculated hash value of the document with the hash value obtained by decoding the encrypted hash value using the public key. Verify. Specifically, the verification unit 136 obtains from the document DB 121 an encrypted hash value obtained by encrypting the hash value of the document using the user's private key, and a public key corresponding to the private key. The verification unit 136 also obtains the hash value of the document from the document DB 121. Next, the verification unit 136 decrypts the encrypted hash value using the public key. The verification unit 136 determines that the electronic signature is valid when the pre-calculated hash value of the document matches the decrypted hash value obtained by decoding the encrypted hash value. On the other hand, if they do not match, the verification unit 136 determines that the electronic signature is not valid.

(2) Verification of validity of public key The verification unit 136 verifies the validity of the public key. Specifically, if the public key certificate for the public key is within its validity period and the public key is not listed in the certificate revocation list (CRL), or if the certificate has been revoked, If the result of the online check (OCSP: Online Certificate Status Protocol) is valid, it is assumed that the public key is valid.

More specifically, the verification unit 136 acquires the public key certificate stored in association with the electronic signature from the document DB 121. The verification unit 136 calculates the remaining period until the expiration date of the public key certificate at the time of verification. Then, if the remaining period is positive, the verification unit 136 determines that the public key certificate of the public key is within its validity period. If the remaining period is positive and less than or equal to a predetermined threshold, the verification unit 136 sets an alert to the user who has signed the electronic signature, indicating that the expiration date of the public key is approaching. Any value such as 30 days, 60 days, June, etc. can be adopted as the threshold value.

The verification unit 136 also obtains a certificate revocation list (CRL) stored in advance from the storage unit 120. The verification unit 136 verifies whether or not the public key is written by searching the CRL. Note that the verification unit 136 may be configured to obtain the CRL by receiving it from a reliable server that issues the CRL via the network 60. Further, the verification unit 136 may be configured to periodically acquire the CRL from the reliable server. Further, the verification unit 136 may be configured to check the revocation status of the certificate online via the network 60. In this case, the verification unit 136 uses, for example, OCSP to check the revocation status of the certificate.

(3) Verification of validity of public key The verification unit 136 verifies that the public key of the user who digitally signed the document was issued by a valid certification authority. Specifically, the verification unit 136 obtains a public key for decrypting the electronic signature of the public key certificate from the CA 50 included in the public key certificate. The verification unit 136 uses the obtained public key of the CA 50 to decrypt the electronic signature of the public key certificate. The verification unit 136 determines the validity of the user's public key by verifying the decrypted electronic signature.

The presenting unit 137 presents the verified results to the user requesting the verification by transmitting the verified results to a terminal operated by the user requesting the verification. Specifically, the presentation unit 137 presents the results of the verification performed by the verification unit 136 by (1) verifying the validity of the electronic signature, (2) verifying the validity of the public key, and (3) verifying the validity of the public key. is sent to the terminal operated by the user requesting the verification, thereby presenting the verification results to the user. Further, when the above-mentioned alert is set, the presentation unit 137 presents an alert indicating that the expiration date of the public key is approaching, together with the verification result, to the user requesting the verification.

<1.2. Configuration of first terminal 20>
The first terminal 20 will be explained using FIGS. 2 and 5. The first terminal 20 is, for example, a computer such as a laptop computer or a desktop computer.

FIG. 2 is a diagram showing the configuration of the first terminal 20. As shown in FIG. Since the hardware configurations of the first terminal 20 and the information processing device 10 are the same, the same reference numerals are given and the explanation will be omitted.

FIG. 5 is a block diagram showing the functional configuration of the first terminal 20. As shown in FIG. As shown in FIG. 5, the first terminal 20 includes a communication section 210, a storage section 220, and a control section 230.

The communication unit 210 performs processing for the first terminal 20 to communicate with an external device.

The storage unit 220 stores data and programs used by the first terminal 20.

The control unit 230 performs the functions shown in the reception control unit 231, transmission control unit 232, acquisition unit 233, signature unit 234, and display unit 235 by the processor 11 of the first terminal 20 performing processing according to a program. .

The reception control unit 231 controls the process by which the first terminal 20 receives a signal from an external device according to a communication protocol.

The transmission control unit 232 controls a process in which the first terminal 20 transmits a signal to an external device according to a communication protocol.

The acquisition unit 233 acquires the hash value of the document from the management server. Specifically, the acquisition unit 233 detects that, for example, a user who operates the first terminal 20 and requests the attachment of an electronic signature operates a screen for executing the attachment of the electronic signature. This requests the information processing device 10 for the hash value of the document. The acquisition unit 233 acquires the hash value of the document by the reception control unit 131 receiving the hash value of the document from the information processing device 10 in response to the request.

The signature unit 234 transmits the electronic signature to the document to the information processing device 10, thereby causing the information processing device 10 to attach the electronic signature to the document. Specifically, the signature unit 234 first sends a request for adding an electronic signature to the information processing device 10, thereby causing the information processing device 10 to send the hash value of the document. The signature unit 234 transmits the hash value of the obtained document to the tamper-resistant device 30. Next, the signature unit 234 receives from the tamper-resistant device 30 an encrypted hash value encrypted using the private key used for the electronic signature of the user, a public key corresponding to the private key, and the public key. Receive the public key certificate for the key. Then, the signature unit 234 transmits the encrypted hash value, the public key corresponding to the private key, and the public key certificate of the public key to the information processing device 10. value to the document as the electronic signature of the user.

The display unit 235 presents the user with a screen that displays information regarding the document. Specifically, the display unit 235 displays screens such as a document confirmation screen, a completion screen, and a verification result display screen to the user.

The document confirmation screen is a screen that allows the user to view the document by displaying the document. 6 and 7 are diagrams showing examples of document confirmation screens. Screen 300 and screen 310 are document confirmation screens. Screen 300 is a screen for managing unsigned documents for a certain user. The unsigned document is a document with a counterparty, and is a document that has been registered by being sent to the information processing device 10 by the user. When a contract is concluded with the consent of the other party, the document will be displayed on the screen 310. Screen 300 includes a viewing button 301 .

The viewing button 301 is a button for viewing the document. When the viewing button 301 is pressed, the display unit 235 transmits a document viewing request to the information processing device 10. The display unit 235 receives document data from the information processing device 10, and transitions to a screen 320 or 321 that displays the document data shown in FIG. The display unit 235 transitions to a screen 320 if the document does not have an electronic signature, and transitions to a screen 321 if the document has an electronic signature. On screen 320 and screen 321, the contents of the document are displayed. Here, the screen 320 and the screen 321 are configured so that the document cannot be downloaded. Screen 320 includes a signature button 312. Screen 321 includes a verification button 313. The signature button 312 and verification button 313 will be described later.

Screen 310 is a screen for managing concluded documents for a certain user. Note that concluded documents include not only contract documents but also documents for the purpose of expressing or notifying the intention of a single person or multiple persons. The screen 310 includes a view button 301, a signature button 312, a verification button 313, and the like.

The signature button 312 is a button for attaching an electronic signature to a document. The signature button 312 is displayed on the screen 310 under the category of documents that have not been electronically signed. When the signature button 312 is pressed, an electronic signature start command is sent to the acquisition unit 233, and the acquisition unit 233 and the signature unit 234 execute processing for adding an electronic signature. When the electronic signature is added, the display unit 235 changes to a screen 330 in FIG. 8.

The verification button 313 is a button for verifying the electronic signature attached to the document. The verification button 313 is displayed on the screen 310 in the field of documents to which electronic signatures have been added. When the verification button 313 is pressed, the display unit 235 transmits a verification request to the information processing device 10. By transmitting the verification request, the information processing device 10 verifies the electronic signature. When the verification is executed, the display unit 235 transitions to a screen 340 in FIG. 8.

The completion screen is a screen that displays that the electronic signature or verification has been completed.
FIG. 8 is a diagram showing an example of a completion screen. Screen 330 is an example of an electronic signature completion screen, and screen 340 is an example of a verification completion screen. Specifically, the display unit 235 displays a dialog indicating that the electronic signature or verification is completed on the screen 330 and the screen 340. Screen 330 includes dialog 331. When the OK button in dialog 331 is pressed, display section 235 transitions to screen 310. For example, contract 001 on screen 310. When an electronic signature is added to a file, the result of adding the electronic signature is reflected, such as the electronic signature changes to "electronically signed" and the button changes to a verification button 313.

The screen 340 also includes a dialog 341. When the OK button in the dialog 341 is pressed, the display section 235 transitions to a screen 342 shown in FIG. 9. FIG. 9 is a diagram showing an example of a verification result display screen. Screen 342 is a screen for presenting the verified results to the user requesting verification. The screen 342 displays the results of verifications (1) to (3) by the parties to the document. Further, the screen 342 displays a details button 343 in association with each verification item. When the details button 343 is pressed, the display unit 235 displays verification details to the user.

Further, if an alert is set, the display unit 235 displays the alert on the verification result display screen. FIG. 10 is a diagram showing an example of a verification result display screen. The display unit 235 displays an alert to the user requesting verification by displaying an alert 344 on a screen 342, for example, as shown in FIG. If the user requesting the verification is the one who signed the electronic signature, this provides an opportunity to update the public key and update the electronic signature.

<2. Operation>
Below, processing in the information processing system 1 will be explained with reference to the drawings.

<2.1. Electronic signature processing＞
FIG. 11 is a flowchart illustrating an example of the flow of electronic signature processing performed by the information processing apparatus 10. The information processing device 10 executes this process at the timing when it receives the electronic signature assignment request from the first terminal 20.

In step S<b>101 , the reception control unit 131 receives an electronic signature assignment request from the first terminal 20 .

In step S102, the calculation unit 133 calculates a hash value of the document.

In step S103, the transmission control unit 132 transmits the hash value to the first terminal 20.

In step S104, the reception control unit 131 receives the encrypted hash value, public key, and public key certificate from the first terminal 20.

In step S105, the signature unit 134 verifies the validity of the encrypted hash value based on the hash value of the document, the encrypted hash value, and the public key corresponding to the private key.

In step S106, the signature unit 134 determines whether the encrypted hash value is validated.

If the validity of the encrypted hash value is recognized (Y in step S106 above), in step S107, the signature unit 134 adds the encrypted hash value to the document as the user's electronic signature.

On the other hand, if the validity of the encrypted hash value is not recognized (N in step S106 above), the signature unit 134 does not add an electronic signature to the document and proceeds to step S108.

In step S108, the transmission control unit 132 transmits the result of adding the digital signature to the first terminal 20, and ends the process.
<2.2. Electronic signature processing>
FIG. 12 is a flowchart illustrating an example of the flow of electronic signature processing performed by the first terminal 20. The first terminal 20 executes this process at the timing when the signature button 312 is pressed.

In step S111, the transmission control unit 232 transmits an electronic signature addition request to the information processing device 10.

In step S112, the reception control unit 231 receives the hash value of the document from the information processing device 10.

In step S113, the signature unit 234 performs authentication for communicating with the tamper-resistant device 30.

In step S114, the signature unit 234 transmits the hash value of the document to the tamper-resistant device 30.

In step S115, the signature unit 234 receives the encrypted hash value, the public key, and the public key certificate from the tamper-resistant device 30.

In step S116, the transmission control unit 232 transmits the encrypted hash value, the public key, and the public key certificate to the information processing device 10.

In step S117, the reception control unit 131 receives the electronic signature assignment result from the information processing device 10, and ends the process.
<2.3. Verification process>
FIG. 13 is a flowchart illustrating an example of the flow of verification processing performed by the information processing device 10. The information processing device 10 executes this process at the timing when it receives a verification request from a terminal operated by a user who requests verification.

In step S121, the reception control unit 131 receives a verification request from a terminal operated by a user requesting verification.

In step S122, the verification unit 136 verifies the validity of the electronic signature by comparing the pre-calculated hash value of the document with the hash value obtained by decrypting the encrypted hash value using the public key.

In step S123, the verification unit 136 verifies that the public key of the user who digitally signed the document was issued by a valid certification authority.

In step S124, the verification unit 136 verifies the validity of the public key.

In step S125, the verification unit 136 determines whether the remaining period until the expiration date of the public key certificate is less than or equal to a predetermined threshold.

If it is less than or equal to the predetermined threshold (Y in step S125 above), in step S126, the verification unit 136 sets an alert indicating that the expiration date of the public key is approaching.

On the other hand, if it is not below the predetermined threshold (N in step S125 above), the verification unit 136 proceeds to step S127.

In step S127, the transmission control unit 132 transmits the verification result to the terminal operated by the user requesting verification, and ends the process.

<3. Summary＞
As explained above, according to the present disclosure, there is provided a program for operating a computer that is equipped with a processor and that creates and/or manages documents for the purpose of expressing or notifying a user's intention, the program calculates a hash value of the document to the processor; transmits the hash value of the document to a first terminal operated by the user; and the management server, from the first terminal, a step of receiving an encrypted hash value obtained by encrypting the hash value of the document using a private key used for the electronic signature of the user; In response to the step of attaching the electronic signature as a signature and accepting a request for the document from the requesting terminal, the requesting terminal is permitted to view the document to which the electronic signature has been attached, but the document is By performing the step of disallowing the storage of the document, the user can directly add an electronic signature to the document to be electronically signed stored in the server.

Further, according to the present disclosure, there is provided a program for operating a computer that is equipped with a processor and that creates and/or manages documents for the purpose of expressing or notifying a user's intention, the program comprising: a step of obtaining an encrypted hash value obtained by encrypting a hash value of the document to be verified using a private key of a user who has given an electronic signature, and a public key corresponding to the private key; a step of verifying whether the encrypted hash value is valid as the electronic signature of the user for the document, based on the hash value of the user, the encrypted hash value, and the public key; By transmitting the results to a terminal operated by the user requesting the verification, and presenting the verified results to the user requesting the verification, the user can easily add information to the document. The digital signature can be verified.

<Other variations>
Although the disclosed embodiments have been described above, they can be implemented in various other forms, and can be implemented with various omissions, substitutions, and changes. These embodiments and modifications, as well as omissions, substitutions, and changes, are included within the technical scope of the claims and their equivalents.

For example, each function of the information processing device 10 may be configured in another device. For example, the storage unit 120 may be constructed as an external database.

Further, in the above embodiment, the case where the IC chip is mounted on a card-type device has been described as an example, but the present invention is not limited to this. For example, the IC chip may be built into a terminal such as a smartphone or a personal computer.

Alternatively, the information processing device 10 may be configured to send an alert via email, SMS, etc. to a user for whom an alert has been set.

Further, in the verification process, the verification result may be returned to a terminal operated by a user who does not have the authority to view the document but has the authority to execute the verification process. For example, in the case of in-camera court proceedings, only the judge has the authority to view documents. In this case, even if a party, agent, or intervenor other than the judge makes a request to view the documents, they may not be permitted to view the documents. However, the configuration may be such that the parties, agents, or participants are given authority to execute the verification process, and the verification results can be confirmed by the parties, agents, or participants. Although the document is not disclosed to anyone other than the document owner and the judge, even if the parties, agents, or participants can confirm only the verification results of the electronic signature of the document, evidence collection and preparation documents can proceed. . For example, when a party's representative judges the validity of an electronic document, even if he or she cannot view the document and electronic signature information, the validity of the electronic signature can be verified. There is no need to fight about gender. With such a configuration, this modified example can eliminate waste in the attack and defense scene in a trial, ensure promptness of litigation, and eliminate economic waste in litigation. .

<Additional notes>
The matters described in each of the above embodiments are additionally described below.
(Additional Note 1) A program for operating a computer (for example, information processing device 10) that is equipped with a processor (11) and that creates and/or manages documents for the purpose of expressing or notifying a user's intention. , the program includes a step of calculating a hash value of the document in the processor (S102), a step of transmitting the hash value of the document to a first terminal operated by a user (S103), and a step of calculating the hash value of the document to the processor (S103); a step (S104) of receiving an encrypted hash value obtained by encrypting the hash value of the document using a private key used for the electronic signature of the user; (S107), and in response to accepting a request for the document from the requesting terminal, the requesting terminal is permitted to view the document to which the electronic signature is attached. but does not allow the document to be saved.

(Additional Note 2) In the step of not allowing, in response to accepting a request for the document from the requesting terminal, the requesting terminal is requested to view the document to which an electronic signature has been attached. The program according to Supplementary Note 1, which allows temporary storage in the memory of the terminal when the application is running, but does not allow storage in the memory of the terminal when the application is not running. .

(Additional Note 3) The encrypted hash value is provided by the first terminal on an IC chip that stores the private key in advance and transmits the result of encrypting the received data using the private key. The program according to (Appendix 1) or (Appendix 2), which is encrypted using .

(Additional Note 4) The program according to (Additional Note 3), wherein the IC chip is built into a contactless card or built into the first terminal.

(Additional Note 5) A step (S105) of verifying the validity of the encrypted hash value based on the hash value of the document, the encrypted hash value, and the public key corresponding to the private key. Further, in the receiving step, the encrypted hash value and the public key are received from the first terminal, and in the providing step, the verifying step causes the encrypted hash value to be received from the first terminal. The program according to any one of (Appendix 1) to (Appendix 4), which adds the encrypted hash value to the document as the user's electronic signature when the validity of the value is recognized.

(Additional Note 6) An information processing device (10) that includes a processor (11) and that performs at least one of creating and managing documents for the purpose of expressing or notifying a user, and that calculates a hash value of the document. a step (S102), a step (S103) of transmitting the hash value of the document to a first terminal operated by the user; and a step (S103) of transmitting the hash value of the document to a first terminal operated by the user; (S104), adding the encrypted hash value to the document as the electronic signature of the user (S107); , in response to accepting a request for the document, allowing the requesting terminal to view the document to which the electronic signature has been attached, but not allowing the document to be stored; Processing equipment.

(Additional note 7) A computer (for example, information processing device 10) that includes a processor (11) and that creates and/or manages documents for the purpose of expressing or notifying the user's intention calculates a hash value of the document. (S102), transmitting the hash value of the document to a first terminal operated by the user (S103), and transmitting the hash value of the document from the first terminal to the electronic signature of the user. a step of receiving an encrypted hash value encrypted with the used private key (S104), a step of adding the encrypted hash value to the document as the user's electronic signature (S107), and a requesting terminal , in response to accepting a request for the document, permitting the requesting terminal to view the document to which the electronic signature has been attached, but not allowing the document to be stored. Method.

(Additional Note 8) A first terminal (20) operated by a user, and a server (10) that performs at least one of creating and managing documents for the purpose of expressing or notifying the user, and the server , a step of calculating a hash value of the document (S102), a step of the server transmitting the hash value of the document to the first terminal (S103), and a step of the first terminal calculating the hash value of the document from the server. , a step of acquiring a hash value of the document (S112), and the first terminal stores in advance a private key used for the electronic signature of the user, and uses the private key for the received data. transmitting the hash value of the document to an IC chip that transmits the encrypted result (S114); and the first terminal encrypts the hash value of the document from the IC chip with the private key. a step of receiving the encrypted hash value (S115); a step of the first terminal transmitting the encrypted hash value to the server (S116); (S104), the server adds the encrypted hash value to the document as the electronic signature of the user (S107); In response to accepting a request for the document from an originating terminal, the requesting terminal is permitted to view the electronically signed document, but is not permitted to save the document; A system (1) that executes.

1 information processing system, 10 information processing device, 11 processor, 12 memory, 13 storage, 14 communication IF, 15 input/output IF, 20 first terminal, 30 tamper-resistant device, 40 second terminal, 60 network, 110 communication section, 120 storage section, 121 document DB, 130 control section, 131 reception control section, 132 transmission control section, 133 calculation section, 134 signature section, 135 viewing section, 136 verification section, 137 presentation section, 210 communication section, 220 storage section, 230 control section, 231 reception control section, 232 transmission control section, 233 acquisition section, 234 signature section, 235 display section, 300 screen, 301 viewing button, 310 screen, 312 signature button, 313 verification button, 320 screen, 321 screen, 330 screen, 331 dialog, 340 screen, 341 dialog, 342 screen, 343 details button, 344 alert.

Claims (8)

A program for operating a computer that is equipped with a processor and that creates and/or manages documents for the purpose of expressing or notifying a user's intention, the program causing the processor to:
calculating a hash value of the document;
transmitting a hash value of the document to a first terminal operated by a user;
receiving from the first terminal an encrypted hash value obtained by encrypting the hash value of the document with a private key used for the electronic signature of the user;
adding the encrypted hash value to the document as an electronic signature of the user;
a step of, in response to accepting a request for the document from a requesting terminal, allowing the requesting terminal to view the document to which the electronic signature has been attached, but not allowing the requesting terminal to save the document; ,
A program to run. In the disallowing step, in response to accepting a request for the document from the requesting terminal, an application for viewing the document to which an electronic signature is attached is executed on the requesting terminal. The program according to claim 1, wherein the program allows temporary storage in the terminal's memory when the application is running, but does not allow storage in the terminal's memory when the application is not being executed. The encrypted hash value is generated by the first terminal using an IC chip that stores the private key in advance and transmits the result of encrypting the received data using the private key. It is encrypted,
The program according to claim 1 or claim 2. The program according to claim 3, wherein the IC chip is built into a contactless card or built into the first terminal. verifying the validity of the encrypted hash value based on the hash value of the document, the encrypted hash value, and a public key corresponding to the private key;
further execute,
In the receiving step, receiving the encrypted hash value and the public key from the first terminal,
In the step of attaching, if the validity of the encrypted hash value is recognized in the step of verifying, the encrypted hash value is attached to the document as an electronic signature of the user;
The program according to any one of claims 1 to 4. An information processing device that is equipped with a processor and that creates and/or manages documents for the purpose of expressing or notifying a user's intention,
calculating a hash value of the document;
transmitting a hash value of the document to a first terminal operated by a user;
receiving from the first terminal an encrypted hash value obtained by encrypting the hash value of the document with a private key used for the electronic signature of the user;
adding the encrypted hash value to the document as an electronic signature of the user;
a step of, in response to accepting a request for the document from a requesting terminal, allowing the requesting terminal to view the document to which the electronic signature has been attached, but not allowing the requesting terminal to save the document; ,
An information processing device that executes. A computer that is equipped with a processor and that creates and/or manages documents for the purpose of expressing or notifying the user's intention,
calculating a hash value of the document;
transmitting a hash value of the document to a first terminal operated by a user;
receiving from the first terminal an encrypted hash value obtained by encrypting the hash value of the document with a private key used for the electronic signature of the user;
adding the encrypted hash value to the document as an electronic signature of the user;
a step of, in response to accepting a request for the document from a requesting terminal, allowing the requesting terminal to view the document to which the electronic signature has been attached, but not allowing the requesting terminal to save the document; ,
How to do it. including a first terminal operated by a user and a server that creates and manages at least one of documents for the purpose of expressing or notifying the user's intention,
the management server calculating a hash value of the document;
the management server transmitting a hash value of the document to the first terminal;
the first terminal obtaining a hash value of the document from the server;
The first terminal stores the private key used for the electronic signature of the user in advance, and encrypts the received data using the private key, and transmits the result of encrypting the document to an IC chip. a step of transmitting the hash value;
the first terminal receiving from the IC chip an encrypted hash value obtained by encrypting the hash value of the document using the private key;
the first terminal transmitting the encrypted hash value to the management server;
the server receiving the encrypted hash value from the first terminal;
the server adding the encrypted hash value to the document as the user's electronic signature;
In response to receiving a request for the document from a requesting terminal, the server allows the requesting terminal to view the document to which an electronic signature has been attached, but does not allow the requesting terminal to save the document. steps that are not allowed,
A system that runs