GB/T 37376-2024 PDF English
Search result: GB/T 37376-2024 English: PDF (GB/T37376-2024)
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Name of Chinese Standard | Status |
| GB/T 37376-2024 | English | 560 |
Add to Cart
|
0-9 seconds. Auto-delivery.
|
Transportation - Digital certificate format
| Valid |
| GB/T 37376-2019 | English | 175 |
Add to Cart
|
0-9 seconds. Auto-delivery.
|
Transportation - Digital Certificate Format
| Valid |
PDF Preview: GB/T 37376-2024
PDF Preview: GB/T 37376-2019
GB/T 37376-2024: PDF in English (GBT 37376-2024) GB/T 37376-2024
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 03.220.20; 35.240.60
CCS R 07
Replacing GB/T 37376-2019
Transportation - Digital certificate format
ISSUED ON: AUGUST 23, 2024
IMPLEMENTED ON: MARCH 01, 2025
Issued by: State Administration for Market Regulation;
National Standardization Administration.
Table of Contents
Foreword ... 3
1 Scope ... 6
2 Normative references ... 6
3 Terms and definitions ... 7
4 Abbreviations ... 7
5 Classification of digital certificates ... 8
6 Digital certificate format ... 8
Appendix A (Normative) Signature calculation process ... 42
Appendix B (Informative) Example of ITS certificate ... 44
Appendix C (Normative) ITS CRL security encapsulation related data structure ... 47
Appendix D (Informative) Example of ITS CRL ... 52
References ... 54
Foreword
This document was drafted in accordance with the provisions of GB/T 1.1-2020
"Directives for standardization - Part 1: Rules for the structure and drafting of
standardizing documents".
This document replaces GB/T 37376-2019 "Transportation - Digital certificate format".
Compared with GB/T 37376-2019, in addition to structural adjustments and editorial
changes, the main technical changes are as follows:
a) DELETE the terms and definitions of intelligent transport system and cooperative
intelligent transport system (see 3.1 and 3.2 of the 2019 edition);
b) CHANGE the terms and definitions of ITS certificate and SM2 algorithm (see 3.2
and 3.3; 3.4 and 3.5 of the 2019 edition);
c) ADD abbreviations such as COER, CRACA, LA, SPDU, SSP; DELETE the
abbreviation UTC (see Chapter 4; Chapter 4 of the 2019 edition);
d) CHANGE the classification of digital certificates (see Chapter 5; Chapter 5 of the
2019 edition);
e) CHANGE the general format requirements of digital certificates (see 6.1; 6.1 of
the 2019 edition);
f) CHANGE the encoding rules of basic elements of ITS digital certificates (see
6.2.1.1; 6.2.1.1 of the 2019 edition);
g) CHANGE the structure definitions of basic data types, 32-bit time, geographic
validity area, rectangular area, three-dimensional location information, latitude,
longitude, symmetric encryption algorithm, signature (see 6.2.1.2, 6.2.1.8,
6.2.1.10, 6.2.1.12, 6.2.1.16, 6.2.1.17, 6.2.1.18, 6.2.1.24, 6.2.1.27; 6.2.1.2, 6.2.1.9,
6.2.1.10, 6.2.1.12, 6.2.1.15, 6.2.1.16, 6.2.1.17, 6.2.1.6, 6.2.2.7 of the 2019
edition);
h) CHANGE the "8-byte hash value", "digest algorithm", "encryption public key"
into "8-byte hash value", "hash algorithm", "public key encryption key", changing
its structure definition (see 6.2.1.5, 6.2.1.7, 6.2.1.23; 6.2.1.3, 6.2.1.4, 6.2.1.8 of
the 2019 edition);
i) ADD the structure definitions of application identification, 3-byte hash value, 10-
byte hash value, 64-bit time, identified area, elevation, CRL series, encryption
key, symmetric encryption key, public key encryption key of a specific algorithm,
256-bit elliptic curve, 256-bit SM2 signature (see 6.2.1.3, 6.2.1.4, 6.2.1.6, 6.2.1.9,
6.2.1.14, 6.2.1.19 ~ 6.2.1.22, 6.2.1.25, 6.2.1.26, 6.2.1.28);
Transportation - Digital certificate format
1 Scope
This document specifies the requirements for the classification and format of digital
certificates in transportation information systems.
This document applies to the design, development, testing, application of software and
hardware systems related to digital certificates in transportation information systems.
2 Normative references
The contents of the following documents constitute essential clauses of this document
through normative references in the text. Among them, for dated references, only the
version corresponding to that date applies to this document; for undated references, the
latest version (including all amendments) applies to this document.
GB/T 2659.1 Codes for the representation of names of countries and their
subdivisions - Part 1: Country code
GB/T 13000 Information technology - Universal multiple-octet coded character set
(UCS)
GB/T 16262 (all parts) Information technology - Abstract syntax notation one
(ASN.1)
GB/T 20518 Information security technology - Public key infrastructure - Digital
certificate format
GB/T 25069 Information security techniques - Terminology
GB/T 32905 Information security techniques - SM3 cryptographic hash algorithm
GB/T 32907 Information security technology - SM4 block cipher algorithm
GB/T 32918.1 Information security technology - Public key cryptographic
algorithm SM2 based on elliptic curves - Part 1: General
GB/T 32918.2 Information security technology - Public key cryptographic
algorithm SM2 based on elliptic curves - Part 2: Digital signature algorithm
YD/T 3957-2021 LTE-based vehicular communication - Technical requirement of
security certificate management system
ISO/IEC 8825-7 Information technology - ASN.1 encoding rules - Part 7:
Specification of Octet Encoding Rules (OER)
3 Terms and definitions
The terms and definitions as defined in GB/T 25069, GB/T 32905, GB/T 32907, GB/T
32918.2, as well as the following terms and definitions, apply to this document.
3.1
Digital certificate
A trusted digital document digitally signed by a third-party certificate authority (CA)
recognized by the state and with authority, credibility, impartiality.
[Source: GB/T 20518-2018, 3.7]
3.2
ITS certificate
A digital certificate with a specific format issued to on-board units, roadside units,
mobile terminals, operation service providers in intelligent transportation systems.
3.3
SM2 algorithm
An elliptic curve public key cryptographic algorithm defined by GB/T 32918.
[Source: GB/T 25069-2022, 3.583]
4 Abbreviations
The following abbreviations apply to this document.
COER: Canonical Octet Encoding Rules
CRACA: Certificate Revocation Authorizing Certificate Authority
CRL: Certificate Revocation List
ITS: Intelligent Transport System
LA: Linkage Authority
SPDU: Secured Protocol Data Unit
SSP: Service Specific Permissions
5 Classification of digital certificates
The digital certificates issued and managed in the transportation information system
include the following 5 categories:
a) Institutional certificates - General format certificates issued to transportation
information system institutions;
b) Civil servant certificates - General format certificates issued to end users of
transportation information system staff;
c) Social public certificates - General format certificates issued to end users of the
public outside the transportation information system;
d) Equipment certificate - General format certificate issued to servers and supporting
terminal equipment of transportation information systems;
e) ITS certificate - Special format certificate issued to on-board units, roadside units,
mobile terminals, operation service providers in intelligent transportation systems.
6 Digital certificate format
6.1 General format
Institutional certificates, public servant certificates, social public certificates,
equipment certificate formats, certificate revocation lists shall comply with the
requirements of GB/T 20518.
6.2 ITS certificate format
6.2.1 Basic elements
6.2.1.1 Encoding rules
The data structure defined in this document shall comply with the requirements of GB/T
16262 (all parts). The various information in the digital certificate format shall be
encoded using the COER encoding rules specified in ISO/IEC 8825-7.
6.2.1.2 Basic data types
The basic data types are defined as follows:
the certificate structure is self, the certificate is valid worldwide;
• Otherwise, the certificate has the same valid region as the certificate that issued
the certificate.
- assuranceLevel represents the assurance level of the certificate holder.
- appPermissions represents the permissions of the certificate holder to use this
certificate to sign application data. A valid instance of appPermissions contains at
most one entry for any particular Aid value.
- certIssuePermissions indicates the certificate holder's permission to use this
certificate to sign other certificates. This array does not typically contain multiple
entries where the AidSspRange field indicates "all". If the array has multiple entries
and the AidSspRange field of one entry indicates "all", the entry indicating "all"
specifies permission for all aids except those explicitly specified in other entries.
See AidGroupPermissions for details.
- certRequestPermissions indicates the certificate holder's permission to use this
certificate to sign certificate requests. This array does not typically contain multiple
entries where the AidSspRange field indicates "all". If the array has multiple entries
and the AidSspRange field of one entry indicates "all", the entry indicating "all"
specifies permission for all AIDs except those explicitly specified in other entries,
as described in AidGroupPermissions.
- canRequestRollover indicates that this certificate can be used to sign a request
message requesting another certificate with the same permissions.
- encryptionKey contains the public key used for encryption; the certificate holder
holds the corresponding private key.
- verifyKeyIndicator contains material that can be used to recover the public key,
which is used to verify the data signed by the certificate.
- For encryptionKey and verifyKeyIndicator, a compressed public key shall be used,
that is, these points select compressed-y-0 or com-pressed-y-1.
For examples of ITS certificate data encoding, see Appendix B.
6.2.2.9 Certificate holder information
Definition type: CertificateId
Structure:
associated with a given entry in AidSsp. The meaning of the SSP depends on the
associated Aid, which can be either an AID-specific octet string or a bitmap. If a
certificate has an appPermissions entry A where the ssp field is opaque, then A is
consistent with the issuing certificate if the issuing certificate contains a
SubjectPermissions field that selects all and no AidSspRange field contains the aid
value in A, or contains an AidSspRange P where the aid field in P is equal to the aid
field in A and the sspRange field in P indicates all or the sspRange field in P indicates
opaque and an entry in the opaque field in P is the same octet string as the opaque field
in A.
6.2.2.23 Bitmap
Definition type: BitmapSsp
Structure: BitmapSsp ::= OCTET STRING (SIZE(0..31))
Description: This data structure represents a bitmap of the SSP. The constraints on
which the bitmap is mapped to the signed SPDU depend on the AID. A is consistent
with the issuing certificate, if the certificate has an appPermissions entry A whose ssp
field is bitmapSsp, the issuing certificate contains a SubjectPermissions field that
selects all, no AidSspRange field contains the aid value in A. A is consistent with the
issuing certificate, if the issuing certificate contains an AidSspRange P, where the aid
field in P is equal to the aid field in A, and the sspRange field in P represents all, or the
sspRange field in R represents bitmapSspRange, and for each bit in R's sspBitmask that
is set to 1, the sspValue in P and the sspValue in R have the same value at that bit
position. For each bit in R where the sspBitmask is set to 1, if the sspValue of B and R
have the same value at that bit position, then B's BitmapSsp and BitmapSspRange R
are said to be consistent. For bits in R where sspBitmask is set to 0, B can be set to 0 or
1 freely. Whether B and R are consistent has nothing to do with the values of these bits.
6.2.2.24 Application identifier set permissions
Definition type: AidGroupPermissions
Structure:
Description: This data structure represents the permissions that a certificate holder has
when issuing and requesting certificates corresponding to a specific AID set, which
contains the following content.
- SubjectPermissions represents the AID and SSP range covered by this field.
- minChainLength and chainLengthRange represent the length of the certificate
chain allowed from this certificate to the end-entity certificate. The length of the
certificate chain refers to the number of certificates in the chain below this
certificate, up to and including the end-entity certificate. The certificate chain
length is greater than or equal to minChainLength and less than or equal to
minChainLength + chainLengthRange. When this type appears in the
certIssuePermissions field of ToBeSignedCertificate, the certificate with a
minChainLength field value of 0 is invalid.
- The value of chainLengthRange -1 is a special case, indicating that the certificate
chain can be any length greater than or equal to minChainLength; for the
minChainLength and chainLengthRange of the certIssuePermissions field AID of
the subordinate certificate and the upper-level certificate that issued it, their values
satisfy the following relationship (assuming that the minChainLength of the
subordinate certificate is mcls, the chainLengthRange of the subordinate certificate
is clrs, the minChainLength of the upper-level issuing certificate is mcli, the
chainLengthRange of the upper-level issuing certificate is clri): mcli ≤ mcls + 1,
and (mcli + clri) ≥ (mcls + clrs +1).
- eeType takes one or more of the values "app" and "enroll", indicating the type of
certificate or the AidGroupPermissions instance in the request certificate is
authorized for authorization checking. If this field indicates app, the certificate
chain is allowed to end with an authorization certificate. If this field does not
indicate app, but the certificate chain ends with an authorization certificate, the
certificate chain is invalid. If this field indicates enroll, the certificate chain is
allowed to end with an enrollment certificate; different AidGroupPermissions
instances in ToBeSignedCertificate may have different eeType values.
6.2.2.25 Certificate holder permissions
Definition type: SubjectPermissions
Structure:
Description: This data structure represents the AidGroupPermissions data structure that
grants certificate issuance or request permissions to the AID and associated SSP. If its
- nextCrl contains the expected time when the next CRL with the same crlSeries and
crlCraca is issued; unless nextCrl is strictly after issueDate, the CRL is invalid.
This field is used to set the expected update time of the revocation information
associated with (crlCraca, crlSeries).
- priorityInfo contains information that can assist devices with limited storage space
in determining the priority of retaining revocation information. typeSpecific
contains the CRL body:
• fullHashCrl contains a full hash-based CRL, i.e., a hash list of all certificates
containing the specified cracAid and crlSeries values, hashes of revoked
certificates, certificates that have been revoked, certificates that have not expired;
• deltaHashCrl contains a delta-hash-based CRL, i.e., a hash list of all certificates
containing the specified cracAid and crlSeries values, hashes of revoked
certificates, certificates that have been revoked since the last CRL containing the
specified cracAid and crlSeries values;
• fullLinkedCrl contains a complete LinkedID-based CRL, i.e., a list of individual
and/or group Linked data for all certificates containing the specified cracAid and
crlSeries values, certificates revoked by LinkedID data, certificates that have
been revoked, certificates that have not expired;
• deltaLinkedCrl contains a deltaLinked ID-based CRL, i.e., a list of individual
and/or group linked data for all certificates containing the specified cracAid and
crlSeries values, certificates revoked by LinkedID data, certificates that have
been revoked since the last CRL containing the specified cracAid and crlSeries
values.
For an example of ITS CRL, see Appendix D.
6.3.3 Priority information
Definition Type: CrlPriorityInfo
Structure:
Description: This data structure represents priority information to assist devices with
limited storage space in determining which revocation information to retain and discard.
priority indicates the priority of this revocation information relative to other CRLs
issued for certificates with the same crlCracaId and crlSeries values. The higher the
value of this field, the more important the revocation information is.
Appendix A
(Normative)
Signature calculation process
A.1 Basic requirements
The SM2 digital signature algorithm shall comply with the provisions of GB/T 32918.2.
SM2 is an elliptic curve cryptography algorithm, that is associated with only a single
specific 256-bit elliptic curve; identifiers associated with SM2 are not represented by
additional curves.
The signature format of SM2 is represented by integers. SM2 names the hash function
by adding an identity string to the message to be hashed. The identity string is:
Where:
a) ENTLA is a 2-octet character converted from the length of IDA, the value is the
number of valid bits of IDA;
b) IDA is the sender's ID;
c) a and b are the equation parameters of the SM2 elliptic curve;
d) xG and yG are the x and y coordinates of the SM2 base point;
e) xA and yA are the x and y coordinates of the verification public key.
IDA is the 32-byte hash value of the certificate that the issuer is using, that is, IDA =
HashedId32(Certificate) and performs bit string to octet string conversion according to
GB/T 32918.1. ENTLA is 2 octets (0x01, 0x00). When the issued certificate is a self-
signed certificate, IDA is 16 octets (0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38,
0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38); it performs integer to octet string
conversion according to GB/T 32918.1. ENTLA is 2 octets (0x00, 0x80).
A.2 Preprocessing of signature and verification operations
The hash processing rules for signing or verifying data are as follows:
a) The signature or verification process uses the identity string ZA and the data to be
signed as input; creates a cascade and calculates the hash value internally. The
hash algorithm is SM3;
b) The message value input during the signature or verification process is:
......
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.
|