HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189759 (3 Nov 2024)

GM/T 0013-2012 (GM/T 0013-2021 Newer Version) PDF English


GM/T 0013-2012 (GM/T0013-2012, GMT 0013-2012, GMT0013-2012)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GM/T 0013-2021EnglishRFQ ASK 3 days (Trusted Computing Trusted Cryptographic Module Interface) Valid
GM/T 0013-2012English570 Add to Cart 0-9 seconds. Auto-delivery. Trusted computing--Trusted cryptography module interface compliance Obsolete
Newer version: GM/T 0013-2021     Standards related to (historical): GM/T 0013-2021
PDF Preview

GM/T 0013-2012: PDF in English (GMT 0013-2012)

GM/T 0013-2012 GM CRYPTOGRAPHY INDUSTRY STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 RECORD NO.. 38311-2013 Trusted computing - Trusted cryptography module interface compliance 可信计算 可信密码模块接口 ISSUED ON. NOVEMBER 22, 2012 IMPLEMENTED ON. NOVEMBER 22, 2012 Issued by. State Cryptography Management Table of Contents Foreword ... 5 Introduction .. 6 1 Scope .. 7 2 Normative references ... 7 3 Terms and definitions ... 8 4 Trusted cryptography module interface compliance test .. 9 4.1 General ... 9 4.2 Constant values ... 10 4.3 Test strategy ... 12 4.4 Test method ... 14 5 Command dependency relationships ... 15 5.1 Startup command set ... 15 5.2 State save command set... 16 5.3 Self-test command set .. 16 5.4 TCM operating mode setting command set ... 16 5.5 Owner management command set ... 16 5.6 Attribute management command set ... 17 5.7 Upgrading and maintenance command set ... 17 5.8 Authorization value management command set ... 17 5.9 Nonvolatile storage management command set ... 17 5.10 Operating environment management command set ... 18 5.11 Audit command set ... 18 5.12 Clock command set.. 18 5.13 Counter command set ... 18 5.14 TCM endorsement key management command set ... 19 5.15 Platform identity key management command set ... 19 5.16 Data protection operating command set ... 20 5.17 Key management command set .. 20 5.18 Key agreement command set ... 21 5.19 Key migration command set... 21 5.20 Cryptographic service command set ... 21 5.21 Transport session command set .. 22 5.22 Authorization protocol command set ... 22 5.23 Platform configuration register management command set ... 23 6 Vector commands .. 23 6.1 TCM_Startup .. 23 6.2 TCM-SelfTestFull.. 24 6.3 TCM_ContinueSelfTest ... 25 6.4 TCM_GetTestResult ... 25 6.5 TCM_SetOwnerInstall ... 26 6.6 TCM_OwnerSetDisable ... 27 6.7 TCM_PhysicalEnable ... 28 6.8 TCM_PhysicalDisable ... 29 6.9 TCM_SetTempDeactivated ... 30 6.10 TCM_PhysicalSetDeactivated ... 30 6.11 TCM_TakeOwnership .. 31 6.12 TCM_OwnerClear ... 34 6.13 TCM_ForceClear... 36 6.14 TCM_DisableOwnerClear ... 37 6.15 TCM_DisableForceClear .. 38 6.16 TCM_GetCapability .. 39 6.17 TCM_SetCapacity ... 40 6.18 TCM_ResetLockValue ... 41 6.19 TCM_ChangeAuth ... 43 6.20 TCM_ChangeAuthOwner ... 45 6.21 TCM_NV_DefineSpace ... 47 6.22 TCM_NV_WriteValue .. 50 6.23 TCM_NV_ReadValue .. 51 6.24 TCM_FlushSpecifc ... 51 6.25 TCM_GetAuditDigest .. 52 6.26 TCM_GetAuditDigestSigned .. 53 6.27 TCM_SetOrdinalAuditStatus .. 56 6.28 TCM_GetTicks ... 58 6.29 TCM_TickStampBlob .. 59 6.30 TCM_ReadPubEK... 60 6.31 TCM_OwnerReadInternalPub ... 61 6.32 TCM_Make Identity .. 63 6.33 TCM_ActivatePEKCert... 67 6.34 TCM_ActivatePEK ... 69 6.35 TCM_Seal ... 72 6.36 TCM_Unseal ... 75 6.37 TCM_CreateWrapKey ... 79 6.38 TCM_LoadKey ... 82 6.39 TCM_GetPubKey .. 86 6.40 TCM_WrapKey ... 87 6.41 TCM_CertifyKey ... 91 6.42 TCM_AuthorizeMigrationKey ... 92 6.43 TCM_CreateMigratedBlob .. 94 6.44 TCM_ConvertMigratedBlob ... 97 6.45 TCM_SM3Start ... 100 6.46 TCM_Sm3Update .. 101 6.47 TCM_SM3Complete.. 102 6.48 TCM_SM3CompleteExtend ... 103 6.49 TCM_Sign .. 104 6.50 TCM_SM4Encrypt .. 106 6.51 TCM_SM4Decrypt.. 108 6.52 TCM_SM2Decrypt... 110 6.53 TCM_GetRandom ... 113 6.54 TCM_APCreate ... 113 6.55 TCM_APTerminate .. 115 6.56 TCM_Extend .. 117 6.57 TCM_PCRRead ... 118 6.58 TCM_Quote... 118 6.59 TCM_PCR_Reset .. 121 7 Script vectors ... 122 7.1 TCM_SaveState ... 122 7.2 TCM_SaveContext ... 123 7.3 TCM_LoadContext ... 126 7.4 TCM_FiledUpgrade .. 128 Bibliography .. 130 Foreword This Standard was drafted in accordance with the rules given in GB/T 1.1-2009. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuer of this document shall not be held responsible for identifying any or all such patent rights. This Standard was proposed by and shall be under the jurisdiction of the State Cryptography Management. The drafting organizations of this Standard. Institute of Software Chinese Academy of Sciences, Nationz Technologies Co., Ltd., Legend Holdings Co., Ltd., Tongfang Co., Ltd., Beijing Information Science and Technology University. The main drafters of this Standard. Qin Yu, Wu Qiuxin, Chang Dexian, Chu Xiaobo, Xu Zhen, Liu Xin, Ning Xiaokui, Zheng Bike, Liu Ren, Li Hao, Zhang Qianying, Wang Dan, Liu Ziwen, Yu AImin. Trusted computing - Trusted cryptography module interface compliance 1 Scope This Standard is based on GM/T 0011-2012, Trusted computing - Functionality and interface specification of cryptographic support platform; defines the command test vectors of trusted cryptography modules; and provides effective test methods and flexible test scripts. This Standard applies to the compliance test of trusted cryptography modules, but it can not replace their security check. The security test of trusted cryptography modules shall be conducted in accordance with other specifications. 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition dated applies to this document. For undated references, the latest edition of the referenced documents (including all amendments) applies to This Standard. GB/T 5271.8-2001, Information technology - Vocabulary - Part 8. Security GB/T 16264.8-2005, Information technology - Open systems interconnection - The directory - Part 8. Public-key and attribute certificate frameworks GB 17859-1999, Classified criteria for security protection of computer information system GB/T 18336 (all parts), Information technology - Security techniques - Evaluation criteria for IT security GM/T 0002-2012, SM4 Block cipher algorithm GM/T 0003-2012, Public key cryptographic algorithm SM2 based on elliptic curves GM/T 0004-2012, SM3 password hashing algorithm GM/T 0011-2012, Trusted computing - Functionality and interface specification of cryptographic support platform GM/T 0012-2012, Trusted computing - Interface specification of trusted cryptography module 3 Terms and definitions For the purposes of this document, the following terms and definitions apply. 3.1 trusted computing platform The support system which is established in the computing system and used to implement the trusted computing function. 3.2 trusted cryptography module; TCM The hardware module of the trusted computing platform, which provides the cryptographic operation function for the trusted computing platform and has a protected storage space. 3.3 platform configuration register; PCR The storage unit inside the trusted cryptography module, which is used to store platform integrity measurement values. 3.4 TCM endorsement key; EK The initial key of the trusted cryptography module. 3.5 storage master key; SMK The master key which is used to protect platform identity keys and user keys. 3.6 hash-based message authentication mode; HMAC This Standard adopts SM3 hash algorithm provided in GM/T 0004-2012 to generate message authentication codes. 3.7 This Standard only provides the test strategies and test methods for TCM compliance test, in which all the commands involved come from the standard GM/T 0011; and the optionality of the command input parameters and the randomization factors inside TCM enable manufacturers to implement command test by themselves. Therefore, the test vectors provided in this Standard are only for the reference of users only. If manufacturers add a test process into TCM products regarding it as a mode, then when TMC is in such mode, it is deemed that TCM is in the test mode. The test mode requirements. a) the TCM products in the test mode shall neither contradict with other information of TCM in work, nor disclose such information. b) TCM manufacturers and system providers shall ensure that TCM only providing the compliance mode is not implanted into product systems. c) when TCM is in the compliance test status, proof shall be provided to prove that TCM is in the compliance test status. 1) TCM can provide proof through a certain mechanism of manufacturers. 2) the already-known mechanisms include. -- non-standard version information; -- fixed EK. 4.2 Constant values The examples in this Standard regarding test vectors and test scripts will involve some values; these values have the same functions and can be unified and reused, which is to be benefit of the unification of the whole standard. The following standard values will be applied in the examples of the digital computing TCM commands in the whole standards. 4.2.1 Ke... ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.