| 摘要 |
A self-authenticating document is created by providing a one-way hash value in a symbol creation process, and then using a public key to decrypt data of the self-authenticating document. Raw data to be provided with the self-authenticating document is received, and an account digital signature key is retrieved and used to sign the raw data. A non-repudiation hash value from a previously-created self-authenticating document is utilized, and the raw data and the digital signature key is combined with the hash value to create a new hash value for the self-authenticating document. The hashed data is then encrypted, and any non-encrypted fields are merged in to create a full data packet. The full data packet is used to provide a self-authenticating symbol, such as a bar code label, on the self-authenticating document. The self-authenticating code is used during a document verification step to ensure that the document is genuine. The non-encrypted data within the self-authenticating code contains flags indicating which public key should be used to decrypt the encrypted data within the self-authenticating code. After decryption, a checksum is performed and compared against a checksum value stored in the decrypted portion of the self-authenticating code. If they match, and if a digital signature within the self-authenticating code is verified using an appropriate public key, the document is determined to be authentic.
|
