GM/T 0013-2021 English PDFGM/T 0013: Historical versions
Basic dataStandard ID: GM/T 0013-2021 (GM/T0013-2021)Description (Translated English): (Trusted Computing Trusted Cryptographic Module Interface) Sector / Industry: Chinese Industry Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 111,186 Date of Issue: 2021-10-18 Date of Implementation: 2022-05-01 Issuing agency(ies): State Administration of Cryptography GM/T 0013-2012: Trusted computing--Trusted cryptography module interface compliance---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.Trusted computing--Trusted cryptography module interface compliance ICS 35.040 L80 Record number. 38311-2013 People's Republic of China Password Industry Standard Trusted Computing Trusted Cryptographic Module Interface Compliance test specification 2012-11-22 released 2012-11-22 implementation Issued by the National Cryptography Administration Table of contentsPreface Ⅴ Introduction Ⅵ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Trusted cryptographic module interface compliance test 2 4.1 Overview 2 4.2 Constant value 3 4.3 Test Strategy 4 4.4 Test method 5 5 Command dependency 6 5.1 Start command set 6 5.2 State save command set 6 5.3 Self-check command set 6 5.4 TCM working mode setting command set 7 5.5 Owner management command set 7 5.6 Property Management Command Set 7 5.7 Upgrade and Maintenance Command Set 7 5.8 Authorized value management command set 7 5.9 Non-volatile storage management command set 7 5.10 Operating environment management command set 8 5.11 Audit Command Set 8 5.12 Clock Command Set 8 5.13 Counter command set 8 5.14 TCM endorsement key management command set 8 5.15 Platform Identity Key Management Command Set 9 5.16 Data protection operation command set 9 5.17 Key Management Command Set 9 5.18 Key Agreement Command Set 10 5.19 Key Migration Command Set 10 5.20 Password Service Command Set 11 5.21 Transmission session command set 11 5.22 Authorization protocol command set 11 5.23 Platform configuration register management command set 12 6 Vector commands 12 6.1 TCM_Startup 12 6.2 TCM_SelfTestFul 13 6.3 TCM_ContinueSelfTest 13 6.4 TCM_GetTestResult 14 6.5 TCM_SetOwnerInstal 14 6.6 TCM_OwnerSetDisable 15 6.7 TCM_PhysicalEnable 16 6.8 TCM_PhysicalDisable 17 6.9 TCM_SetTempDeactivated 17 6.10 TCM_PhysicalSetDeactivated 18 6.11 TCM_TakeOwnership 18 6.12 TCM_OwnerClear 21 6.13 TCM_ForceClear 23 6.14 TCM_DisableOwnerClear 23 6.15 TCM_DisableForceClear 25 6.16 TCM_GetCapability 25 6.17 TCM_SetCapability 26 6.18 TCM_ResetLockValue 27 6.19 TCM_ChangeAuth 28 6.20 TCM_ChangeAuthOwner 30 6.21 TCM_NV_DefineSpace 32 6.22 TCM_NV_WriteValue 34 6.23 TCM_NV_ReadValue 35 6.24 TCM_FlushSpecific 36 6.25 TCM_GetAuditDigest 37 6.26 TCM_GetAuditDigestSigned 38 6.27 TCM_SetOrdinalAuditStatus 40 6.28 TCM_GetTicks 41 6.29 TCM_TickStampBlob 42 6.30 TCM_ReadPubEK 43 6.31 TCM_OwnerReadInternalPub 44 6.32 TCM_MakeIdentity 46 6.33 TCM_ActivatePEKCert 49 6.34 TCM_ActivatePEK 51 6.35 TCM_Seal 53 6.36 TCM_Unseal 56 6.37 TCM_CreateWrapKey 59 6.38 TCM_LoadKey 61 6.39 TCM_GetPubKey 64 6.40 TCM_WrapKey 65 6.41 TCM_CertifyKey 69 6.42 TCM_AuthorizeMigrationKey 70 6.43 TCM_CreateMigratedBlob 71 6.44 TCM_ConvertMigratedBlob 74 6.45 TCM_SM3Start 77 6.46 TCM_SM3Update 78 6.47 TCM_SM3Complete 79 6.48 TCM_SM3CompleteExtend 79 6.49 TCM_Sign 80 6.50 TCM_SM4Encrypt 82 6.51 TCM_SM4Decrypt 84 6.52 TCM_SM2Decrypt 86 6.53 TCM_GetRandom 88 6.54 TCM_APCreate 89 6.55 TCM_APTerminate 90 6.56 TCM_Extend 91 6.57 TCM_PCRRead 92 6.58 TCM_Quote 93 6.59 TCM_PCR_Reset 95 7 Script vector 96 7.1 TCM_SaveState 96 7.2 TCM_SaveContext 96 7.3 TCM_LoadContext 99 7.4 TCM_FiledUpgrade 101 References 102ForewordThis standard was drafted in accordance with the rules given in GB/T 1.1-2009. Please note that certain contents of this document may involve patents. The issuing agency of this document is not responsible for identifying these patents. This standard was proposed and managed by the State Cryptography Administration. Drafting organizations of this standard. Institute of Software, Chinese Academy of Sciences, National Technology Co., Ltd., Legend Holdings Co., Ltd., and Tongfang Limited company, Beijing Information Technology University. The main drafters of this standard. Qin Yu, Wu Qiuxin, Chang Dexian, Chu Xiaobo, Xu Zhen, Liu Xin, Ning Xiaokui, Zheng Bike, Liu Ren, Li Hao, Zhang Qianying, Wang Dan, Liu Ziwen, Yu Aimin.IntroductionIn order to promote the development of trusted computing technology in China, GM/T 0012-2012 "Trusted Computing Trusted Cryptographic Module Interface Specification" and GM/T 0011-2012 "Trusted Computing Trusted Cryptographic Support Platform Function and Interface Specification" is used to guide my country's related trusted computing products Development and application. However, product specifications and technical indicators produced by different manufacturers may be different, so it is necessary to complete the relevant products. Conformance testing to ensure compatibility between products. All content related to cryptographic algorithms in this standard shall be implemented in accordance with relevant national regulations. Trusted Computing Trusted Cryptographic Module Interface Compliance test specification1 ScopeThis standard is based on GM/T 0011-2012 "Trusted Computing Trusted Cryptographic Support Platform Function and Interface Specification", which defines trusted Command test vector of cryptographic module, and provide effective test method and flexible test script. This standard only applies to the compliance test of the trusted cryptographic module and cannot replace its security check. Security check of trusted cryptographic module The test needs to be carried out in accordance with other relevant specifications.2 Normative referencesThe following documents are indispensable for the application of this document. For dated reference documents, only the dated version applies to this article Pieces. For undated references, the latest version (including all amendments) applies to this document. GB/T 5271.8-2001 Information Technology Vocabulary Part 8.Security GB/T 16264.8-2005 Information Technology Open System Interconnection Catalog Part 8.Public Key and Attribute Certificate Framework GB 17859-1999 Classification criteria for security protection grades of computer information systems GB/T 18336 (all parts) Information technology security technology Information technology security assessment criteria GM/T 0002-2012 SM4 block cipher algorithm GM/T 0003-2012 (all parts) SM2 elliptic curve public key cryptographic algorithm GM/T 0004-2012 SM3 cryptographic hash algorithm GM/T 0011-2012 Trusted Computing Trusted Cryptographic Support Platform Function and Interface Specification GM/T 0012-2012 Trusted Computing Trusted Cryptographic Module Interface Specification3 Terms and definitionsThe following terms and definitions apply to this document. 3.1 Trusted Computing Platform trustedcomputingplatform Built in computing system, it is used to realize the support system of trusted computing function. 3.2 Trusted cryptography module trusted cryptography module; TCM The hardware modules of the trusted computing platform provide cryptographic computing functions for the trusted computing platform and have protected storage space. 3.3 Platform configuration register platform configuration register; PCR The internal storage unit of the trusted cryptographic module for storing platform integrity metrics. 3.4 TCM endorsement key TCMendorsementkey; EK The initial key of the trusted cryptographic module. ...... |
