Home Cart Quotation Policy About-Us
www.ChineseStandard.net
Database: 221887 (14 Apr 2026)
SEARCH
Path: Home > MISC > Page117 > GM/T 0060-2018

GM/T 0060-2018 English PDF

Price & Delivery

US$310.00 · In stock · Download in 9 seconds
GM/T 0060-2018: Test specification for signature/verification server
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid
Standard IDUSDBUY PDFDeliveryStandard Title (Description)Status
GM/T 0060-2018310 Add to Cart Auto, 9 seconds. Test specification for signature/verification server Valid

Click to Preview this PDF

GM/T 0060-2018: Test specification for signature/verification server

---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GMT0060-2018
CRYPTOGRAPHIC INDUSTRY STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Registration number: 62995-2018 GB/T 0060-2018 Test specification for signature/verification server ISSUED ON: MAY 02, 2018 IMPLEMENTED ON: MAY 02, 2018 Issued by: State Cryptography Administration

Table of Contents

Foreword ... 3 1 Scope ... 4 2 Normative references ... 4 3 Terms and definitions ... 5 4 Abbreviations ... 5 5 Requirements of testing environment ... 6 5.1 General testing environment ... 6 5.2 Cross-network testing environment ... 6 6 Testing content and testing method ... 7 6.1 Inspection of appearance and structure ... 7 6.2 Function testing ... 8 6.3 Testing of performance ... 13 6.4 Other testing ... 16 7 Requirements of technical documentation for inspection ... 17 Appendix A (Normative) List of test items ... 19 Test specification for signature/verification server

1 Scope

This standard specifies the testing content, testing methods and testing requirements for signature/verification server. This standard applies to the testing of signature/verification server, as well as the research & development of such cryptographic equipment. It may also be used to guide application development based on such cryptographic equipment.

2 Normative references

The following documents are essential to the application of this document. For the dated documents, only the versions with the dates indicated are applicable to this document; for the undated documents, only the latest version (including all the amendments) are applicable to this standard. GB/T 17901 Information technology - Security techniques - Key management - Part 1: Framework GB/T 32905 Information security technology SM3 cryptographic hash algorithm GB/T 32915 Information security technology - Binary sequence randomness testing method GB/T 32918 Information security techniques - Elliptic Curve public - key cryptography GB/T 33560 Information security technology - Cryptographic application identifier criterion specification GM/T 0009 SM2 cryptography algorithm application specification GM/T 0010 SM2 cryptography message syntax specification GM/T 0015 Digital certificate format based on SM2 algorithm GM/T 0020 Certificate application integrated service interface specification GM/T 0029-2014 Sign and verify server technical specification GM/T 0039 Security test requirements for cryptographic modules b) Redundant power supply; c) Key destruction button or latch, which can only be used if all the keys in the signature/verification server have been determined to be no longer used; d) Serial port. 6.2 Function testing 6.2.1 Testing of initialization function The signature/verification server can start normally and perform initialization function testing on the signature/verification server. Initialization mainly includes system configuration and generation of administrators, to make the device work normally. The signature/verification server shall be able to initialize properly. 6.2.2 Testing of connection function with public key infrastructure The testing range of the connection function of the signature/verification server and the public key infrastructure includes operations such as CRL connection configuration and OCSP connection configuration. It is tested by using the management tool of the signature/verification server. 6.2.3 Testing of application management function The testing range of application management function of the signature/verification server mainly includes the storage and destruction of the registration and user information of the application entity (the application entity’s name, the configured key index number, the set private key authorization code, the imported certificate, etc.). It is tested by the use of the management tools of the signature/verification server. 6.2.4 Testing of certificate management and verification function The testing range of the certificate management and verification function of the signature/verification server includes operations such as import, storage, verification, use, deletion, backup, recovery, etc., of the application entity certificate, user certificate, root certificate or certificate chain. It includes such operations as the generation, import, storage, destruction, backup, recovery of the key. It is tested by the use of the management tools of the signature/verification server. When the certificate management and verification function of the signature/verification server is tested, the SM2 certificate shall comply with the requirements of GM/T 0015. corresponding operation; d) Calls to the application interface can also be logged. 6.2.8 Testing of system self-testing function The signature/verification server shall have a self-testing function, to verify the software and hardware status of the cryptographic component, algorithm, random number, etc. of the signature/verification server itself, including testing of algorithm correctness, testing of random number generator, testing of storage key and data integrity, the testing of correctness of key components. The self-testing function shall be automatically executed after each power-on start. It shall report the testing results at the end of self-testing. The self-testing is successful, the signature/verification server enters the management status or working state. The self-testing fails, the signature/verification server stops working and the test results are reported. 6.2.9 Testing of NTP time source synchronization function The signature/verification server shall be able to connect to the time source server, to automatically synchronize the time. It is tested by the use of the management tool of the signature/verification server. 6.2.10 Testing of service interface The service interface of the signature/verification server shall comply with the requirements of Appendix A and Appendix B of GM/T 0029-2014 or GM/T 0020. For the correct calling environment and calling process of the signature/verification server, the API function shall return the correct result and complete the corresponding function. For the incorrect calling environment and calling process, the API function shall return the corresponding error code. 6.2.11 Testing of management tool function The management tools provided by the signature/verification server shall have the following main management functions: a) Network address configuration function, including but not limited to configuring IP address, subnet mask, gateway address; b) Status management, including but not limited to component status, software status, version status, current status; c) Configuration management, including but not limited to configuration 6.2.15.1 Testing of symmetric algorithm The signature/verification server shall support SM1 or SM4 symmetric cryptographic algorithms. Each algorithm shall provide at least three working modes: ECB, CBC, OFB. Meanwhile it can be extended to support other working modes. The signature/verification server shall be able to encrypt and decrypt the data according to the specified working mode. It shall be able to support the given key and plaintext (ciphertext) in each mode, test the correctness of the operation results, including: a) The signature/verification server encrypts the given key and plaintext via the symmetric algorithm ECB mode, the result is exactly the same as the given ciphertext; b) The signature/verification server decrypts the given key and ciphertext via the symmetric algorithm ECB mode, the result is exactly the same as the given plaintext; c) The signature/verification server encrypts the given key and plaintext via the symmetric algorithm CBC mode, the result is exactly the same as the given ciphertext; d) The signature/verification server decrypts the given key and ciphertext through the symmetric algorithm CBC mode, the result is exactly the same as the given plaintext; e) The signature/verification server encrypts the given key and plaintext by the symmetric algorithm OFB mode, the result is exactly the same as the given ciphertext; f) The signature/verification server decrypts the given key and ciphertext via the symmetric algorithm OFB mode, the result is exactly the same as the given plaintext. 6.2.15.2 Testing of asymmetric algorithm The signature/verification server shall support the SM2 public key’s cryptography algorithm. The signature/verification server shall be able to use the SM2 algorithm to carry out encryption, decryption, signature/verification, key negotiation operation. It shall be able to support the given key and plaintext, the message to be signed, the key negotiation parameters, meanwhile test the correctness of the operation results, including: a) After the signature/verification server encrypts the given key and plaintext using the SM2 algorithm, the testing platform decrypts the ciphertext, the signature (CRL/OCSP), SM2 file signature, SM2 authentication file signature (CRL/OCSP), SM2 message signature, SM2 authentication message signature (CRL/OCSP): Send a fixed-length data message (the length of the data can be selected from 32 bytes, 128 bytes, 256 bytes, 1024 bytes, etc.) to the signature/verification server for digital signature/verification, repeat the operation N times, measure the completion time T. According to the specific time-consumption of each test item, select the number of tests according to the equal ratio sequence. For example, the number of tests N can be selected once, 10 times, 100 times, 1 000 times, etc., which are tested respectively to obtain the performance sequence at different number of tests. The performance is calculated as follows: Where: S - Speed, in time per second (tps); N - Number of tests; T - The time it takes for measurement, in seconds (s). b) SM2 encryption/decryption, SM2 file encryption/decryption and other performance tests: Send a data message of length L (L can select 32 bytes, 128 bytes, 256 bytes, 1024 bytes, etc.) to the signature/verification server, for encryption/decryption operation, repeat the operation N times, measure its completion time T(s). The formula is: Where: S - Speed, in megabits per second (Mbit/s). If the signature/verification server supports multiple public key cryptographic algorithms, it shall test all public key cryptographic algorithms supported and their various application modes. 6.3.2 Testing of algorithm performance The algorithms of the signature/verification server shall meet certain speed indicators. a) One application server corresponds to one signature/verification server; b) One application server corresponds to multiple signature/verification servers; c) Multiple application servers correspond to one signature/verification server; d) Multiple application servers correspond to multiple signature/verification servers. The above four application modes shall be built separately using network devices such as switches, to test whether the signature/verification server works normally in each application mode. 6.4.2 Testing of equipment security The security test of signature/verification server device complies with the requirements of GM/T 0039. 6.4.3 Environmental adaptability testing of equipment The environmental adaptability test of the signature/verification server equipment shall meet the requirements of 6.8 of GM/T 0029-2014. 6.4.4 Reliability testing of equipment The reliability test of the signature/verification server equipment shall meet the requirements of 6.9 of GM/T 0029-2014.

7 Requirements of technical documentation for

inspection The development organization of signature/verification server submits relevant documents and materials in accordance with the testing requirements of the national cryptography management department, as the testing basis for the signature/verification server. Documentation shall include, but is not limited to, the following: a) Structural block diagram, flow chart, source code of basic functions of the back-end service program, application program interface, client management software; b) Description of the working principle of the power-on self-test; c) Description of the working principle of the self-test program; ......
Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of English version of GM/T 0060-2018 be delivered?Answer: The full copy PDF of English version of GM/T 0060-2018 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.

Question 2: Can I share the purchased PDF of GM/T 0060-2018_English with my colleagues?Answer: Yes. The purchased PDF of GM/T 0060-2018_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?Answer: Yes. www.ChineseStandard.us -- GM/T 0060-2018 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.

How to buy and download a true PDF of English version of GM/T 0060-2018?

A step-by-step guide to download PDF of GM/T 0060-2018_EnglishStep 1: Visit website ChineseStandard.net (Pay in USD), or ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).
Step 2: Search keyword "GM/T 0060-2018".
Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 And 3 to add up to 12 PDFs to cart.
Step 4: Select payment option (Via payment agents Stripe Or PayPal).
Step 5: Customize Tax Invoice -- Fill up your email etc.
Step 6: Click "Checkout".
Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment Is completed And in 9 seconds, you will receive 2 emails attached with the purchased PDFs And PDF-invoice, respectively.
Step 8: Optional -- Go to download PDF.
Step 9: Optional -- Click Open/Download PDF to download PDFs And invoice.
Refund Policy Privacy Policy Terms of Service