1. Field of the Invention
The present invention relates to a communication apparatus, a control method thereof and a computer readable medium, and more particularly, to a technique of transmitting transmission target data having an electronic signature.
2. Description of the Related Art
To protect the security of information in data communication, communication data is encrypted. Particularly, an encryption technique called PKI (Public Key Infrastructure) is widely used in recent years. The PKI is based on public key cryptography such as RSA encryption or digital signature and an authentication technology using an electronic certificate issued by an authentication organization called a certificate authority (CA). Server and client authentication through a network and data encryption key exchange are done by using the electronic certificate. In addition, data encryption communication using the exchanged key is executed, thereby ensuring safe network communication.
In SSL (Secure Socket Layer)/TLS (Transport Layer Security), which is an encryption communication protocol generally used in the WWW, server and client authentication using a digital signature is performed before the start of encryption communication.
Not only a communication apparatus such as a PC that executes the above-described communication but also an MFP (Multi-Function Peripheral) recently used in an office has a function of transmitting the electronic data of a document read by a scanner by e-mail (Japanese Patent Laid-Open No. 11-134263). In such an MFP, to ensure highly secure transmission, document data read by a scanner is converted into a data format such as PDF®. The MFP also has a function (to be referred to as an electronic-signature-attached electric document transmission function hereinafter) of adding an electronic signature based on the PKI to the converted data and transmitting the data. With this function, the MFP holds an MFP's or user's private key and an electronic certificate containing a public key for electronic signature creation in advance and adds an electronic signature to electronic data by using the private key and electronic certificate. This clarifies which user has created the electronic data by using which device (MFP). This allows a guarantee of the authenticity of the device and user and detection of alteration of electronic data. Hence, the security of electronic data can be maintained.
FIG. 19 is a view for simply explaining the mechanism of a conventional digital signature.
A transmitting-side MFP 1901 converts document data 1902 into PDF data 1903. A digest 1904 is calculated using a hash function based on the PDF data 1903. The digest 1904 is encrypted by using a transmitting-side private key 1905, thereby creating a digital signature 1906. Transmission data 1907 is generated by combining the generated PDF data 1903 with the digital signature 1906 and then it is transmitted to a receiving-side MFP 1911. The receiving-side MFP 1911 calculates a digest 1913 from the PDF data portion of reception data 1912 by using the same hash function as on the transmitting side. The digital signature of the reception data 1912 is decrypted to a digest 1915 by using a sender's public key 1914 which is acquired in advance. The receiving-side MFP compares the digest 1913 with the digest 1915, thereby detecting alteration of the reception data 1912.
The data format of an electronic certificate generally used in the above-described function is currently based on the standard X.509, that is, the standard specifications of a digital certificate defined by the ITU (International Telecommunications Union). An electronic certificate of the X.509 format includes an X.509 version number, the serial number of the electronic certificate, public key information, the identification information of the certificate authority that has issued the electronic certificate, the expiration date of the electronic certificate, the identification information of the subject to be certified (electronic certificate issue destination), and extension area.
To make the CA issue an electronic certificate, the subject of the electronic certificate issue destination sends, to the CA, data of a certificate issuing request format called CSR (Certificate Signing Request). The CA issues a certificate based on the contents described in the CSR. As the format of the CSR, a standard PKC#10 (RFC2986 Internet X.509 Certificate Request Message Format Version 1.7) is used. The CSR generally includes public key information held by the electronic certificate issue destination and the information of the subject to be certified (electronic certificate issue destination). When the CA should issue an electronic certificate to a printing apparatus, the printing apparatus generates a CSR including public key information held by it and the identification information of the printing apparatus and requests the CA to issue a certificate.
Such an MFP has a timer transmission function as one of the functions of transmitting an electronic document read by a-scanner by, for example, e-mail. With the timer transmission function, the MFP temporarily holds, in the storage unit, the data of a document scanned by its scanner, instead of immediately transmitting the document data after scanning. The user designates the transmission time and destination of the held document data so that the document data is transmitted to the designated destination at the designated time. At the designated time, the MFP converts the stored document data into a transmission file format such as PDF and transmits it to the designated destination.
If the timer transmission function is to be implemented by the electronic-signature-attached document data transmission function, the following problems are posed.
To add an electronic signature to document data, the MFP's or user's private key and an electronic certificate containing a public key paired with the private key are necessary. Hence, the MFP must hold the private key and electronic certificate for electronic signature creation in advance. The private key and electronic certificate are generally managed while enabling operations such as key pair or electronic certificate generation, registration, display, and deletion using a user interface such as the operation panel of the MFP. However, when timer transmission is set by the electronic-signature-attached document data transmission function, the private key and electronic certificate necessary for electronic signature addition may be deleted contrary to sender's intention. In this case, when the designated timer transmission date/time has come, no electronic signature can be added to the document data because the necessary private key and electronic certificate had been deleted. To prevent this, when timer transmission is set before deletion of the necessary private key and electronic certificate, the document data may be converted into the transmission file format, and an electronic signature may be created based on the converted file and added to the transmission file. In this case, however, the plurality of file formats are held until the transmission time in correspondence with the target document data, consuming an unnecessary storage area.
An electronic certificate used for an electronic signature has an expiration date until which the validity of the electronic certificate is guaranteed. For this reason, an electronic signature created by using an electronic certificate whose valid time has not started yet or an expired electronic certificate has no validity in itself. If document data with an electronic signature is transmitted by the timer transmission function at a designated date/time outside the valid time of the electronic certificate, the document data is transmitted together with an invalid electronic signature.