HOME   Cart(0)   Quotation   About-Us Tax PDFs Standard-List Powered by Google www.ChineseStandard.net Database: 189759 (1 Dec 2024)

GM/T 0016-2012 (GM/T 0016-2023 Newer Version) PDF English


GM/T 0016-2012 (GM/T0016-2012, GMT 0016-2012, GMT0016-2012)
Standard IDContents [version]USDSTEP2[PDF] delivered inName of Chinese StandardStatus
GM/T 0016-2023English1789 Add to Cart 10 days (Smart Password Key Password Application Interface Specification) Valid
GM/T 0016-2012English385 Add to Cart 0-9 seconds. Auto-delivery. Smart token cryptography application interface specification Valid
Newer version: GM/T 0016-2023     Standards related to (historical): GM/T 0016-2023
PDF Preview

GM/T 0016-2012: PDF in English (GMT 0016-2012)

GM/T 0016-2012 GM CRYPTOGRAPHY INDUSTRY STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 File No.. 38314-2013 Smart token cryptography application interface specification ISSUED ON. NOVEMBER 22, 2012 IMPLEMENTED ON. NOVEMBER 22, 2012 Issued by. State Cryptography Administration Table of Contents Foreword ... 3  1 Scope .. 4  2 Normative references ... 4  3 Terms and definitions ... 4  4 Abbreviations .. 5  5 Structural model ... 6  5.1 Hierarchy .. 6  5.2 Device application structure .. 6  6 Data type definition .. 8  6.1 Algorithm identification.. 8  6.2 Basic data types .. 8  6.3 Constant definition .. 9  6.4 Composite data types ... 9  7 Interface function ... 17  7.1 Device management ... 17  7.2 Access control ... 20  7.3 Application management ... 22  7.4 File management .. 24  7.5 Container management ... 26  7.6 Cryptographic service ... 29  8 Device security requirements ... 42  8.1 Device use phase ... 42  8.2 Permission management ... 43  8.3 Key security requirements .. 44  8.4 Device anti-attack requirements .. 45  Appendix A (Normative) Error code definition and description ... 46  Foreword This Standard was drafted in accordance with the rules given in GB/T 1.1-2009. Attention is drawn to the possibility that some of the elements of this Standard may be the subject of patent rights. The issuing authority shall not be held responsible for identifying any or all such patent rights. This Standard was proposed by and shall be under the jurisdiction of Code Industry Standardization Technical Committee. Appendix A of this standard is normative appendix. Main drafting organizations of this Standard. Beijing Haitai Fangyuan Science and Technology Co., Ltd., Beijing Woqi Smart Technology Co., Ltd., Beijing Daming Wuzhou Technology Co., Ltd., Hublot Co., Ltd., Shenzhen Minghua Aohan Technology Co., Ltd., Wuhan Tianyu Information Industry Co., Ltd., Beijing Feitian Chengxin Technology Co., Ltd., Huaxiangteng Digital Technology Co., Ltd. Main drafters of this Standard. Liu Ping, Guo Baoan, Shi Yuping, Liu Zengshou, Hu Junyi, Guan Yanjun, Xiang Li, Lei Jiye, Hu Peng, Zhao Zaixing, Duan Xiaoyi, Liu Yufeng, Liu Weifeng, Chen Ji, He Yongfu, Li Gaofeng, Huang Dongjie, Wang Jiancheng, Wang Xuelin, Zhao Liming. This standard involves cryptographic algorithms related content, which is implemented in accordance with the relevant state laws and regulations. Smart token cryptography application interface specification 1 Scope This standard specifies the PKI cryptosystem-based smart token cryptographic application interface, describes the function, the data type, the definition of parameters and equipment security requirements of the cryptographic application interface. This standard applies to the development, use and testing of smart token products. 2 Normative references The following documents are essential to the application of this document. For the dated documents, only the versions with the dates indicated are applicable to this document; for the undated documents, only the latest version (including all the amendments) are applicable to this standard. GM/T 0006 Cryptographic application identifier criterion specification GM/T 0009 SM2 cryptography algorithm application specification 3 Terms and definitions The following terms and definitions apply to this document. 3.1 Application A structure including containers, device certification key and file, which has independent permission management. 3.2 Container The unique storage space used to store the key in the cryptographic device. 3.3 Device In this standard the smart token is collectively referred to as device. 3.4 Device authentication Authentication of the application by the smart token. 3.5 Device authentication key Key used for device authentication. 3.6 Label Another name of device, which can be set by the user and stored inside the device. 3.7 Message authentication code; MAC Message authentication algorithm output. 3.8 Administrator PIN Administrator password, which is an ASCII string. 3.9 User PIN The user's password, which is an ASCII string. 4 Abbreviations The following abbreviations apply to this specification API. Application Programming Interface PKI. Public Key Infrastructure Function prototype ULONG DEVAPI SKF_Encrypt (HANDLE hKey, BYTE * pbData, ULONG ulDataLen, BYTE * pbEncryptedData, ULONG * pulEncryptedLen) Functional description Single-group data encryption operation. It uses the specified encryption key to encrypt the specified data, the encrypted data only contains one group, the encrypted ciphertext is stored in the specified buffer area. SKF_Encrypt only encrypt a single-group data, the SKF_Encrypt must be called to initialize the encryption operation before calling the SKF_Encrypt. SKF_Encrypt is equivalent to calling SKF_EncryptUpdate first and then SKF_EncryptFinal. Parameter hKey [IN] Encryption key handle. pbData [IN] Data to be encrypted. ulDataLen [IN] Length of data to be encrypted. pbEncryptedData [OUT] The encrypted data buffer pointer, which can be NULL, is used to obtain the encrypted data length. pulEncryptedLen [IN, OUT] Input indicates the buffer length of the result data, output indicates the result data actual length. Return value SAR_OK Success. Others Error code. 7.6.21 Multi-group data encryption Function prototype ULONG DEVAPI SKF_EncryptUpdate (HANDLE hKey, BYTE * pbData, ULONG ulDataLen, BYTE * pbEncryptedData, ULONG * pulEncryptedLen) Functional description Multi-group data encryption operation. It uses the specified encryption key to encrypt the specified data, the encrypted data contains multiple group, the encrypted ciphertext is stored in the specified buffer area. SKF_EncryptUpdate encrypts multi-group data, the SKF_EncryptInit must be called to initialize the encryption operation before calling the SKF_EncryptUpdate. SKF_EncryptFinal must be called to end the encryption operation after calling the SKF_EncryptUpdate. Parameter hKey [IN] Encryption key handle. pbData [IN] Data to be encrypted. ulDataLen [IN] Length of data to be encrypted. pbEncryptedData [OUT] The encrypted data buffer pointer. pulEncryptedLen [OUT] Return the encrypted data length. Return value SAR_OK Success. Others Error code. 7.6.22 End encryption Function prototype ULONG DEVAPI SKF_EncryptFinal (HANDLE hKey, BYTE * pbEncryptedData, ULONG * pEncryptedDataLen) Functional description End the encryption of multi-group data, return the remaining encryption result. First call SKF_Encryptlnit to initialize the encryption operation, then call SKF_EncryptUpdate to encrypt multi-group data, and finally call SKF_EncryptFinal to end the encryption of multi-group data. Parameter hKey [IN] Encryption key handle. pbEncryptedData [OUT] Encrypted result buffer. SKF_DecryptUpdate decrypts multi-group data. Before calling SKF_DecryptUpdate, it must call SKF_Decryptlnit to initialize the decryption operation. After calling SKF_DecryptUpdate, it must call SKF_DecryptFinal to end the decryption operation. Parameter hKey [IN] Decryption key handle. pbEncryptedData [IN] Data to be decrypted. ulEncryptedLen [IN] Length of data to be decrypted. pbData [OUT] Pointer to the decrypted data buffer. pulDataLen [IN, OUT] Input indicates the result data buffer length, output indicates the result data actual length. Return value SAR_OK Success. Others Error code. 7.6.26 End decryption Function prototype ULONG DEVAPI SKF_DecryptFinal (HANDLE hKey, BYTE * pbDecryptedData, ULONG * pulDecryptedDataLen) Functional description End the decryption of multi-group data. First call SKF_Decryptlnit to initialize decryption operation, and then call SKF_DecryptUpdate to decrypt multi- group data, the finally call SKF_DecryptFinal to end multi-group data decryption. Parameter hKey [IN] Decryption key handle. pbDecryptedData [OUT] Point to the decrypted result buffer. If this parameter is NULL, the length of the decrypted result is returned by pulDecryptedDataLen. pulDecryptedDataLen [IN, OUT] Input indicates the length of the pbDecryptedData buffer, output indicates the length of the decrypted result. Return value SAR_OK Success. Others Error code. 7.6.27 Cryptographic hash initialization Function prototype ULONG DEVAPI SKF_Digestlnit (DEVHANDLE hDev, ULONG ulAlgID, ECCPUBLICKEYBLOB * pPubKey, unsigned char * pucID, ULONG ulIDLen, HANDLE * phHash) Functional description Initialize the cryptographic hash calculation operation, specify the algorithm to calculate the cryptographic hash. Parameter hDev [IN] Device handle returned when the device is connected. ulAlgID [IN] Cryptographic hash algorithm identi... ......
 
Source: Above contents are excerpted from the PDF -- translated/reviewed by: www.chinesestandard.net / Wayne Zheng et al.