The invention relates to a digital signature generation method based on encrypted private key secrets. c1, ..., cm are integer secrets, which are optionally selected from [1, n-1] and respectively stored by m devices; one device also stores cm+1, which satisfies the relation cm+1=(c1c2...cm)(1+dA)-1mod n, wherein n is the order of the base point of an SM2 elliptical curve; and the m devices cooperatively generate a digital signature of the SM2 private key dA of a using user for a message by using c1, ..., cm, cm+1 and Gc=[( c1c2...cm)-1]G. Different from the prior art, secret shares, in which the private key is not used, are not stored in the invention; but, the encrypted private key secrets are used; therefore, the security of the scheme is improved; furthermore, each device can update self secret ci; and thus, the security of the scheme is further improved. A digital signature generation system constructed based on the method comprises the m devices using the method.