GM/T 0093-2020 PDF English
Price & Delivery
US$320.00 · In stock · Download in 9 secondsGM/T 0093-2020: Certificate and key exchange format specification
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid
| Standard ID | USD | BUY PDF | Delivery | Standard Title (Description) | Status |
| GM/T 0093-2020 | 320 | Add to Cart | Auto, 9 seconds. | Certificate and key exchange format specification | Valid |
Click to Preview this PDF
Similar standards
GM/T 0093-2020: Certificate and key exchange format specification
---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GMT0093-2020GM CRYPTOGRAPHIC INDUSTRY STANDARD ICS 35.040 CCS L 80 Certificate and key exchange format specification Issued on. DECEMBER 28, 2020 Implemented on. JULY 01, 2021 Issued by. National Cryptography Administration
Table of Contents
Foreword... 3 Introduction... 4 1 Scope... 6 2 Normative references... 6 3 Terms and definitions... 6 4 Abbreviations... 8 5 OID definition... 8 6 Definition of basic type... 9 6.1 CKX type... 9 6.2 AuthenticatedSafe type... 11 6.3 SafeContents type... 12 6.4 SafeBag type... 13 7 Basic process of certificate and key exchange... 16 7.1 Create CKX data unit... 16 7.2 Import keys and certificates from a CKX data unit... 17 8 Extended attributes... 17 Appendix A (Normative) ASN.1 syntax notation... 18 Appendix B (Informative) Import and export example of double certificate and private key... 22 References... 301 Scope
This document specifies the transmission syntax of information, such as certificates and keys, including private keys, certificates, certificate revocation lists, various forms of secret values, as well as their extended standardized packaging. This document is suitable for application scenarios, where personal SM2 algorithm certificates and keys and other information are migrated between different platforms.2 Normative references
The contents of the following documents constitute the indispensable clauses of this document through normative references in the text. Among them, for dated reference documents, only the version corresponding to that date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to this document. GB/T 15852.2-2012 Information technology - Security techniques - Message Authentication Codes (MACs) - Part 2.Mechanisms using a dedicated hash- function GB/T 35275-2017 Information security technology - SM2 cryptographic algorithm encrypted signature message syntax specification GB/T 35276-2017 Information security technology - SM2 cryptography algorithm usage specification GB/T 33560-2017 Information security technology - Cryptographic application identifier criterion specification GM/T 0091-2020 Password-based key derivation specification GM/Z 4001 Cryptographic terms3 Terms and definitions
The terms and definitions, which are defined in GM/Z 4001 and GM/T 0091- 2020, are applicable to this document. 3.1 Attribute An ASN.1 type, which identifies an attribute type (through an object identifier) AND its associated attribute value. 3.2 Platform A collection of machine hardware, operating system, application software. 3.3 Source platform The platform of origin of the personal information, that will ultimately be delivered to the target platform. 3.4 Target platform The final destination platform, to which the personal information generated on the source platform is to be transmitted. 3.5 Destination encryption key pair The key pair of a specific platform, which is used in the public key confidentiality protection method.4 Abbreviations
The following abbreviations apply to this document. ASN.1.Abstract Syntax Notation One, X.208 CKX. Certificate and Key Exchange Format. This document specifies a portable format, for storing and transmitting user or server private keys, public keys, certificates. It is a binary format; these files are also called CKX files.5 OID definition
This document defines the identifiers of the six objects keyBag, shroudedKeyBag, certBag, crlBag, secretBag, safeContentBag, as well as related attribute identifiers, as shown in Table 1.6 Definition of basic type
6.1 CKX type CKX is the highest-level exchange data unit, which is defined in this document. The integrity protection of AuthenticatedSafe content is used, to realize the secure transfer of CKX data units from one platform to another. 6.2 AuthenticatedSafe type The contentType field of authSafe is Data type or SignedData type. The content field of authSafe directly (when the type is Data) or indirectly (when the type is SignedData) contains an AuthenticateSafe type BER code. 6.4 SafeBag type 6.4.1 Overview This document defines 6 types of SafeBag, which are corresponding to KeyBag, ShroudedKeyBag, CertBag, CRLBag, SecretBag, SafeContents types. 6.4.2 KeyBag Type The KeyBag of this document is an SM2 private key type ECPrivateKey. 6.4.5 CrlBag type CRLBag contains a certificate revocation list (CRL). Use object identifiers to distinguish different types of CRLs. 6.4.7 SafeContents type The sixth type of SafeBag is SafeContents, which allows multiple KeyBag, EncryptedPrivateKeyBag, CertBag, CRLBag, SecretBags to be nested, under the upper layer SafeContents, in a recursive manner.7 Basic process of certificate and key exchange
7.1 Create CKX data unit The steps to create a CKX data unit are described below. 7.2 Import keys and certificates from a CKX data unit Importing from CKX is the opposite of the process of creating a CKX. Generally speaking, when an application imports keys from CKX, etc., all irrelevant object identifiers shall be ignored. Sometimes, users need to be reminded to provide certain object identifiers.8 Extended attributes
This document provides the exchange format of certificates and keys. GM/T 0093-2020 GM CRYPTOGRAPHIC INDUSTRY STANDARD ICS 35.040 CCS L 80 Certificate and key exchange format specification Issued on. DECEMBER 28, 2020 Implemented on. JULY 01, 2021 Issued by. National Cryptography AdministrationTable of Contents
Foreword... 3 Introduction... 4 1 Scope... 6 2 Normative references... 6 3 Terms and definitions... 6 4 Abbreviations... 8 5 OID definition... 8 6 Definition of basic type... 9 6.1 CKX type... 9 6.2 AuthenticatedSafe type... 11 6.3 SafeContents type... 12 6.4 SafeBag type... 13 7 Basic process of certificate and key exchange... 16 7.1 Create CKX data unit... 16 7.2 Import keys and certificates from a CKX data unit... 17 8 Extended attributes... 17 Appendix A (Normative) ASN.1 syntax notation... 18 Appendix B (Informative) Import and export example of double certificate and private key... 22 References... 301 Scope
This document specifies the transmission syntax of information, such as certificates and keys, including private keys, certificates, certificate revocation lists, various forms of secret values, as well as their extended standardized packaging. This document is suitable for application scenarios, where personal SM2 algorithm certificates and keys and other information are migrated between different platforms.2 Normative references
The contents of the following documents constitute the indispensable clauses of this document through normative references in the text. Among them, for dated reference documents, only the version corresponding to that date is applicable to this document; for undated reference documents, the latest version (including all amendments) is applicable to this document. GB/T 15852.2-2012 Information technology - Security techniques - Message Authentication Codes (MACs) - Part 2.Mechanisms using a dedicated hash- function GB/T 35275-2017 Information security technology - SM2 cryptographic algorithm encrypted signature message syntax specification GB/T 35276-2017 Information security technology - SM2 cryptography algorithm usage specification GB/T 33560-2017 Information security technology - Cryptographic application identifier criterion specification GM/T 0091-2020 Password-based key derivation specification GM/Z 4001 Cryptographic terms3 Terms and definitions
The terms and definitions, which are defined in GM/Z 4001 and GM/T 0091- 2020, are applicable to this document. 3.1 Attribute An ASN.1 type, which identifies an attribute type (through an object identifier) AND its associated attribute value. 3.2 Platform A collection of machine hardware, operating system, application software. 3.3 Source platform The platform of origin of the personal information, that will ultimately be delivered to the target platform. 3.4 Target platform The final destination platform, to which the personal information generated on the source platform is to be transmitted. 3.5 Destination encryption key pair The key pair of a specific platform, which is used in the public key confidentiality protection method.4 Abbreviations
The following abbreviations apply to this document. ASN.1.Abstract Syntax Notation One, X.208 CKX. Certificate and Key Exchange Format. This document specifies a portable format, for storing and transmitting user or server private keys, public keys, certificates. It is a binary format; these files are also called CKX files.5 OID definition
This document defines the identifiers of the six objects keyBag, shroudedKeyBag, certBag, crlBag, secretBag, safeContentBag, as well as related attribute identifiers, as shown in Table 1.6 Definition of basic type
6.1 CKX type CKX is the highest-level exchange data unit, which is defined in this document. The integrity protection of AuthenticatedSafe content is used, to realize the secure transfer of CKX data units from one platform to another. 6.2 AuthenticatedSafe type The contentType field of authSafe is Data type or SignedData type. The content field of authSafe directly (when the type is Data) or indirectly (when the type is SignedData) contains an AuthenticateSafe type BER code. 6.4 SafeBag type 6.4.1 Overview This document defines 6 types of SafeBag, which are corresponding to KeyBag, ShroudedKeyBag, CertBag, CRLBag, SecretBag, SafeContents types. 6.4.2 KeyBag Type The KeyBag of this document is an SM2 private key type ECPrivateKey. 6.4.5 CrlBag type CRLBag contains a certificate revocation list (CRL). Use object identifiers to distinguish different types of CRLs. 6.4.7 SafeContents type The sixth type of SafeBag is SafeContents, which allows multiple KeyBag, EncryptedPrivateKeyBag, CertBag, CRLBag, SecretBags to be nested, under the upper layer SafeContents, in a recursive manner.7 Basic process of certificate and key exchange
7.1 Create CKX data unit The steps to create a CKX data unit are described below. 7.2 Import keys and certificates from a CKX data unit Importing from CKX is the opposite of the process of creating a CKX. Generally speaking, when an application imports keys from CKX, etc., all irrelevant object identifiers shall be ignored. Sometimes, users need to be reminded to provide certain object identifiers.8 Extended attributes
This document provides the exchange format of certificates and keys. ......Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.
