GB/T 38540-2020 PDF EnglishUS$205.00 · In stock · Download in 9 seconds
GB/T 38540-2020: Information Security Technology - Technical Specification of Secure Electronic Seal Signature Cryptography Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure Status: Valid
Similar standardsGB/T 38540-2020: Information Security Technology - Technical Specification of Secure Electronic Seal Signature Cryptography---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT38540-2020 NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Information Security Technology - Technical Specification of Secure Electronic Seal Signature Cryptography ISSUED ON: MARCH 06, 2020 IMPLEMENTED ON: OCTOBER 01, 2020 Issued by: State Administration for Market Regulation; Standardization Administration of PRC. Table of ContentsForeword ... 3 1 Scope ... 4 2 Normative References ... 4 3 Terms and Definitions ... 4 4 Abbreviations ... 6 5 Overview ... 6 6 Electronic Seal ... 7 6.1 Data format ... 7 6.2 Generation process of electronic seal ... 11 6.3 Verification process of electronic seal ... 12 7 Electronic Seal Signature ... 13 7.1 Data format ... 13 7.2 Generation process of electronic seal signature ... 15 7.3 Verification process of electronic seal signature ... 16 Information Security Technology - Technical Specification of Secure Electronic Seal Signature Cryptography1 ScopeThis Standard specifies the definition of the data structure of electronic seals and electronic signatures using cryptographic technology, and the corresponding generation and verification process. This Standard is applicable to the development and use of electronic seal systems and may also be used to guide the detection of such systems.2 Normative ReferencesThe following documents are essential to the application of this document. For the dated documents, only the versions with the dates indicated are applicable to this document; for the undated documents, only the latest version (including all the amendments) are applicable to this document. GB/T 20518 Information Security Technology - Public Key Infrastructure - Digital Certificate Format GB/T 20520 Information Security Technology - Public Key Infrastructure - Time Stamp Specification GB/T 32905 Information Security Technology SM3 Cryptographic Hash Algorithm GB/T 32918 (all parts) Information Security Techniques – SM2 Elliptic Curve Public Key Cryptography GB/T 33560 Information Security Technology - Cryptographic Application Identifier Criterion Specification GB/T 35276 Information Security Technology - SM2 Cryptography Algorithm Usage Specification3 Terms and DefinitionsFor the purpose of this document, the following terms and definitions apply. electronic seal. 3.8 SM2 algorithm An elliptic curve cryptographic algorithm that is defined by GB/T 32918. 3.9 SM3 algorithm A hash algorithm that is defined by GB/T 32905.4 AbbreviationsFor the purpose of this document, the following abbreviations apply. ANS.1: Abstract Syntax Notation One BMP: Bitmap DER: Distinguished Encoding Rules GIF Graphics Interchange Format JPG: Joint Photographic Experts Group OID: Object Identifier PKI: Public Key Infrastructure SVG: Scalable Vector Graphics5 OverviewSecure electronic seal signature is a combination of digital image processing technology and electronic signature technology by using PKI public key cryptography technology to digitally sign electronic documents with stamped image data in electronic form, to ensure the authenticity of the document source and the document Integrity, prevent unauthorized tampering of documents, and ensure the non-repudiation of signatures. In order to ensure the integrity, unforgeability of the electronic seal, and only legal users can use it, a secure electronic seal data format needs to be defined. Through digital signature, the image data of the seal is securely bound to the seal attributes such as the signer to form a secure electronic seal. In the process of using the seal, the electronic seal shall be verified for security. In the process of electronically signing various documents using electronic seals, the signature operation on the seal information field of procedure a) above to form a signature value; c) The data of procedures a) and b) above, as well as the electronic seal marker certificate and the signature algorithm identification, form the electronic seal data format defined in 6.1.1. 6.3 Verification process of electronic seal The verification process of electronic seal is as follows: a) Verify the correctness of the electronic seal data format Analyze the electronic seal according to the electronic seal format and verify whether it conforms to the electronic seal data format defined in 6.1. If the data format of the electronic seal is incorrect, the verification fails, then it shall return an error code and exit the verification process. b) Verify whether the electronic seal signature value is correct Verify whether the signature value in the electronic seal is correct based on the seal information, electronic seal maker certificate, and signature algorithm identification. If the verification of the electronic seal signature fails, it shall return an error code and exit the verification process. c) Verify the validity of the electronic seal maker certificate To verify the validity of the seal maker certificate, the verification items include at least: verification of the seal maker certificate trust chain, verification of the validity period of the electronic seal maker certificate, whether the electronic seal maker certificate is revoked, and whether the key usage is correct. If the verification of the electronic seal maker certificate fails, it shall return an error code and the exit verification process. d) Verify the validity of the electronic seal According to the start time and end time of the seal validity period the in the seal attributes, verify whether the electronic seal has expired. If the electronic seal has expired, the verification fails, it shall return an error code and exit the verification process. If the verification of the above procedures is successful, the electronic seal verification is correct and effective, and the verification process may be exited normally. the electronic seal signer; note that the algorithm used for the original text hash in the signature process shall be coordinated with the signature algorithm. If the signature algorithm is SM2, the hash algorithm shall use the SM3 algorithm. If the signature algorithm uses SM2, it shall comply with the provisions of GB/T 35276. 7.1.6 Time stamp timeStamp: time stamp on signature value shall comply with the provisions of GB/T 20520; the time stamp format shall be stored in the DER encoding. 7.2 Generation process of electronic seal signature The generation process of electronic seal signature is as follows: a) Prepare the electronic seal; and verify the correctness and validity of the electronic seal. The specific procedures are as follows: 1) Verify the electronic seal. Verify the correctness and validity of the electronic seal in accordance with 6.3. 2) Select the electronic seal signer certificate to be electronically signed and verify the validity of the certificate. The verification items include at least: certificate trust chain, verification of certificate validity period, whether the certificate is revoked, and whether the key usage is correct. 3) According to the certificate list type of electronic seal signer in the electronic seal, extract the certificate information list of electronic seal signer in the electronic seal and use it to judge whether the selected electronic seal signer certificate in procedure 2) is in the list. If the value of the certificate information type is 1, the certificate is directly compared; if the value is 2, the hash of the certificate in procedure 2) is calculated and then compared: --- If the person who intends to sign the seal is in the list of electronic seal signers of the electronic seal, the subsequent process will be carried out; --- If the comparison fails, it shall return an error code and exit the seal signature process. According to the error code, if the comparison fails because the electronic seal signer's certificate is updated and reissued, the program shall prompt to re-make the seal. b) Electronically sign the original text, the specific procedures are as follows: 1) Prepare the original text to be signed according to the signature protection scope in propertyInfo; 2) Perform a hash calculation on the original text data to be signed to form the certificates in certificate information list of electronic seal signer in the electronic seal. If both of the comparisons fail, it shall return an error code and exit the verification process. 3) If the certificate information type of the above-mentioned electronic seal signer is 2, then compare the hash value of the certificate. Firstly, calculate procedure a) to analyze the hash value of the electronic seal signer certificate; and then compare it with the hash values in the certificate information list of the electronic seal signer in the electronic seal one by one. If the comparisons fail, then it shall return an error code and exit the verification process. d) Verify the validity of the electronic seal 1) Extract the electronic seal from the electronic seal signature information; and verify the validity of the seal according to the 6.3 verification process of electronic seal. If the verification fails, it shall be comprehensively judge based on the seal signature time in the seal signature information. 2) If the invalidity of the electronic seal is caused by the invalidity of the electronic seal maker certificate, and the electronic seal maker certificate is also invalid at the time point of seal signature, it shall be recorded as the reminding information. 3) If the invalidity of the electronic seal is due to expiration or revocation, and the seal signature time is not within the validity period of the electronic seal, or the electronic seal is not in a normal state at that time, it shall return an error code and exit the verification process. 4) Verify whether the electronic seal is in a normal state at the moment of seal signature. If it is not, it shall return an error code and exit the verification process. e) Verify the validity of the electronic seal signer certificate 1) Obtain the electronic seal signer certificate from the electronic seal signature data and verify the validity of the electronic seal signer certificate. The verification items include at least: verification of certificate trust chain, verification of certificate validity period, whether the certificate is revoked, and whether the key usage is correct. 2) If the validity verification of electronic seal signer certificate fails and is due to verification of certificate trust chain or key usage is incorrect, it shall return an error code and the exit the verification process. 3) If the validity verification of the electronic seal signer certificate fails and is due to the expiration of the certificate or the certificate status has been revoked, ......Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al. Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of English version of GB/T 38540-2020 be delivered?Answer: The full copy PDF of English version of GB/T 38540-2020 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.Question 2: Can I share the purchased PDF of GB/T 38540-2020_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 38540-2020_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. www.ChineseStandard.us -- GB/T 38540-2020 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.How to buy and download a true PDF of English version of GB/T 38540-2020?A step-by-step guide to download PDF of GB/T 38540-2020_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).Step 2: Search keyword "GB/T 38540-2020". Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart. Step 4: Select payment option (Via payment agents Stripe or PayPal). Step 5: Customize Tax Invoice -- Fill up your email etc. Step 6: Click "Checkout". Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively. Step 8: Optional -- Go to download PDF. Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice. See screenshots for above steps: Steps 1~3 Steps 4~6 Step 7 Step 8 Step 9 |
