GM/T 0131-2023 Electronic seal signature application interface specification
1 Scope
This document specifies the external service interfaces provided by the electronic seal signature system, and provides a unified data interaction format and usage interface between the electronic seal signature system and the application system, including two forms of electronic seal usage interface, i.e., service calling and component calling.
This document is applicable to the development, use and testing of electronic seal signature system, as well as the application development based on such system.
2 Normative references
The following documents contain provisions which, through reference in this text, constitute provisions of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 20518 Information security technology - Public key infrastructure - Digital certificate format
GB/T 20520 Information security technology - Public key infrastructure - Time stamp specification
GB/T 32010.1 Document management - Portable document format - Part 1: PDF 1.7
GB/T 32905 Information security techniques - SM3 cryptographic hash algorithm
GB/T 33190 Electronic files storage and exchange formats - Fixed layout documents
GB/T 33560 Information security technology - Cryptographic application identifier criterion specification
GB/T 35275-2017 Information security technology - SM2 cryptographic algorithm encrypted signature message syntax specification
GB/T 35291 Information security technology - Cryptography token application interface specification
GB/T 36322 Information security technology - Cryptographic device application interface specifications
GB/T 38540-2020 Information security technology - Technical specification secure electronic seal signature cryptography
GM/T 0031-2014 Secure electronic seal cryptography technical specification
GM/T 0094-2020 Public key cryptographic application technology framework specification
GM/T 0099 Cryptography application technical specification of open fixed layout documents
GM/T 0112 Technical requirements of cryptography application in portable document format
GM/Z 4001 Cryptology terminology
RFC 4648 Base16, Base32, and Base64 data encodings
3 Terms and definitions
For the purposes of this document, the terms and definitions given in GM/Z 4001 and the following apply.
3.1
electronic seal
security data with the digital signature of the electronic seal maker
Note: It includes the electronic seal owner information and the graphical data, and is used to securely sign the data messages.
[Source: GB/T 38540-2020, 3.1]
3.2
electronic seal signature
process of signing a data message using an electronic seal
Note: The electronic seal signature can achieve a visual effect similar to the signature of paper documents, and can ensure the authenticity of data source, the integrity of data and the non-repudiation of the signer's behavior.
[Source: GB/T 38540-2020, 3.2]
3.3
electronic seal signature service
electronic seal signature service that supports the signature of digital messages in formats such as OFD and PDF
3.4
electronic seal signature system
software system that provides electronic seal signature, digital signature, signature verification and other services for data messages
3.5
decentralized electronic seal signature
storage and computing of electronic seal private keys in the cryptographic module controlled by the electronic seal owner
Note: The private key computing includes collaborative signature methods.
3.6
centralized electronic seal signature
use of electronic seal by the user through electronic seal signature system, with the electronic seal private keys uniformly stored in the designated cryptographic device controlled by the electronic seal signature system
3.7
user seal
electronic seal of the user, which is authorized in the electronic seal signature system
3.8
user certificate
digital certificate of the user, which is authorized in the electronic seal signature system
3.9
browser/server mode
application system mode in which the client is unified as a WEB browser, and the realization of the core function of the system is concentrated on the server
4 Abbreviations
For the purposes of this document, the following abbreviations apply.
DER: Distinguished Encoding Rules
HTTP: Hyper Text Transfer Protocol
JSON: JavaScript Object Notation
OFD: Open Fixedlayout Document
OID: Object ID
PDF: Portable Document Format
PKI: Public Key Infrastructure
SDK: Software Development Kit
5 Overview of electronic seal signature application interface
5.1 General requirements
Foreword i
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviations
5 Overview of electronic seal signature application interface
5.1 General requirements
5.2 Service calling interface
5.3 Component calling interface
6 Service calling interface
6.1 Basic interface
6.2 Integrated interface
7 Component calling interface
7.1 Basic interface
7.2 Integrated interface
Annex A (Normative) Customized JSON message data structure
Annex B (Normative) Customized C language data structure
Annex C (Informative) Example of typical service calling interfaces
Annex D (Informative) Example of typical component calling interface
Annex E (Normative) Definition of error codes
Bibliography