Standard No.:	GM/T 0131-2023
English Name:	Electronic seal signature application interface specification
Chinese Name:	电子签章应用接口规范
Chinese Classification:	L80    Data encryption
Professional Classification:	GM
Source Content Issued by:	Office of Security Commercial Code Administration
Issued on:	2023-12-04
Implemented on:	2024-6-1
Status:	valid
Target Language:	English
File Format:	PDF
Word Count:	29000 words
Translation Price(USD):	870.0
Delivery:	via email in 1 business day

GM/T 0131-2023 Electronic seal signature application interface specification 1 Scope This document specifies the external service interfaces provided by the electronic seal signature system, and provides a unified data interaction format and usage interface between the electronic seal signature system and the application system, including two forms of electronic seal usage interface, i.e., service calling and component calling. This document is applicable to the development, use and testing of electronic seal signature system, as well as the application development based on such system. 2 Normative references The following documents contain provisions which, through reference in this text, constitute provisions of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. GB/T 20518 Information security technology - Public key infrastructure - Digital certificate format GB/T 20520 Information security technology - Public key infrastructure - Time stamp specification GB/T 32010.1 Document management - Portable document format - Part 1: PDF 1.7 GB/T 32905 Information security techniques - SM3 cryptographic hash algorithm GB/T 33190 Electronic files storage and exchange formats - Fixed layout documents GB/T 33560 Information security technology - Cryptographic application identifier criterion specification GB/T 35275-2017 Information security technology - SM2 cryptographic algorithm encrypted signature message syntax specification GB/T 35291 Information security technology - Cryptography token application interface specification GB/T 36322 Information security technology - Cryptographic device application interface specifications GB/T 38540-2020 Information security technology - Technical specification secure electronic seal signature cryptography GM/T 0031-2014 Secure electronic seal cryptography technical specification GM/T 0094-2020 Public key cryptographic application technology framework specification GM/T 0099 Cryptography application technical specification of open fixed layout documents GM/T 0112 Technical requirements of cryptography application in portable document format GM/Z 4001 Cryptology terminology RFC 4648 Base16, Base32, and Base64 data encodings 3 Terms and definitions For the purposes of this document, the terms and definitions given in GM/Z 4001 and the following apply. 3.1 electronic seal security data with the digital signature of the electronic seal maker Note: It includes the electronic seal owner information and the graphical data, and is used to securely sign the data messages. [Source: GB/T 38540-2020, 3.1] 3.2 electronic seal signature process of signing a data message using an electronic seal Note: The electronic seal signature can achieve a visual effect similar to the signature of paper documents, and can ensure the authenticity of data source, the integrity of data and the non-repudiation of the signer's behavior. [Source: GB/T 38540-2020, 3.2] 3.3 electronic seal signature service electronic seal signature service that supports the signature of digital messages in formats such as OFD and PDF 3.4 electronic seal signature system software system that provides electronic seal signature, digital signature, signature verification and other services for data messages 3.5 decentralized electronic seal signature storage and computing of electronic seal private keys in the cryptographic module controlled by the electronic seal owner Note: The private key computing includes collaborative signature methods. 3.6 centralized electronic seal signature use of electronic seal by the user through electronic seal signature system, with the electronic seal private keys uniformly stored in the designated cryptographic device controlled by the electronic seal signature system 3.7 user seal electronic seal of the user, which is authorized in the electronic seal signature system 3.8 user certificate digital certificate of the user, which is authorized in the electronic seal signature system 3.9 browser/server mode application system mode in which the client is unified as a WEB browser, and the realization of the core function of the system is concentrated on the server 4 Abbreviations For the purposes of this document, the following abbreviations apply. DER: Distinguished Encoding Rules HTTP: Hyper Text Transfer Protocol JSON: JavaScript Object Notation OFD: Open Fixedlayout Document OID: Object ID PDF: Portable Document Format PKI: Public Key Infrastructure SDK: Software Development Kit 5 Overview of electronic seal signature application interface 5.1 General requirements

Foreword i 1 Scope 2 Normative references 3 Terms and definitions 4 Abbreviations 5 Overview of electronic seal signature application interface 5.1 General requirements 5.2 Service calling interface 5.3 Component calling interface 6 Service calling interface 6.1 Basic interface 6.2 Integrated interface 7 Component calling interface 7.1 Basic interface 7.2 Integrated interface Annex A (Normative) Customized JSON message data structure Annex B (Normative) Customized C language data structure Annex C (Informative) Example of typical service calling interfaces Annex D (Informative) Example of typical component calling interface Annex E (Normative) Definition of error codes Bibliography