GM/T 0048-2016 PDF EnglishUS$310.00 · In stock · Download in 9 seconds
GM/T 0048-2016: Cryptography test specification for cryptographic smart token Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure Status: Valid
Similar standardsGM/T 0048-2016: Cryptography test specification for cryptographic smart token---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GMT0048-2016GM CRYPTOGRAPHY INDUSTRY STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 File No.. 58553-2017 Cryptography test specification for cryptographic smart token Issued on: DECEMBER 23, 2016 Implemented on: DECEMBER 23, 2016 Issued by. State Cryptography Administration Table of ContentsForeword ... 3 1 Scope .. 4 2 Normative references ... 4 3 Terms and definitions ... 4 4 Abbreviation ... 6 5 Test environment .. 6 5.1 Test environment topology ... 6 5.2 Test instrument ... 7 5.3 Test software.. 7 6 Test content ... 8 6.1 Function test .. 8 6.2 Performance test ... 8 6.3 Security test ... 8 7 Test method ... 9 7.1 Function test .. 9 7.1.1 Device management ... 9 7.1.2 Access control .. 10 7.1.3 Application management... 17 7.1.4 File management ... 20 7.1.5 Container management ... 24 7.1.6 Cryptographic service ... 29 7.2 Performance test .. 55 7.2.1 File writing and reading performance ... 55 7.2.2 Symmetric algorithm performance ... 56 7.2.3 Asymmetric algorithm performance ... 57 7.2.4 Hash algorithm performance ... 58 7.3 Security test ... 58 Bibliography ... 59ForewordThis Standard was drafted in accordance with the rules given in GB/T 1.1-2009. Attention is drawn to the possibility that some of the elements of this Standard may be the subject of patent rights. The issuing authority shall not be held responsible for identifying any or all such patent rights. This Standard was proposed by and shall be under the jurisdiction of Code Industry Standardization Technical Committee. The drafting organizations of this Standard. Beijing Watch Intelligent Technology Co., Ltd., Feitian Safe Technology Co., Ltd., Beijing HaitaiFangyuan Technologies Co., Ltd., Beijing Huada Zhibao Electronic Systems Co., Ltd., Commercial Cryptography Testing Center of State Cryptography Administration, Shanghai Geer Software Co., Ltd., Beijing Chong Yuan World Technology Co., Ltd. Main drafters of this Standard. Wang Xuelin, Li Dawei, Chen Guo, Zhu Pengfei, Jiang Hongyu, Chen Baoru, Deng Kaiyong, Luo Peng, Lin Chun, Lei Yinhua, Han Lin. Cryptography test specification for cryptographic smart token1 ScopeThis Standard specifies the test environment, test content and test method for cryptographic smart token. This Standard is applicable to the cryptography test of cryptographic smart token. It is also used to guide the development and use of cryptographic smart token.2 Normative referencesThe following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies. GB/T 32915, Information security technology - Binary sequence randomness detection method GM/T 0006, Cryptographic application identifier criterion specification GM/T 0017-2012, Smart token cryptography application interface data format specification GM/T 0027, Technique requirements for smart token GM/T 0028, Security requirements for cryptographic modules GM/T 0039, Security test requirements for cryptographic modules3 Terms and definitionsFor the purposes of this document, the following terms and definitions apply. 3.1 cryptographic smart token a terminal cryptographic device that realizes cryptographic operation, key management function, provides cryptographic service6 Test content6.1 Function test The purpose of function test of cryptographic smart token is to test the realization of cryptographic smart token and correctness of running. The function test includes the following six aspects. - device management; - access control; - application management; - file management; - container management; - cryptographic service. 6.2 Performance test The purpose of performance test of cryptographic smart token is to test file operation of cryptographic smart token and operation efficiency of cryptographic algorithm. The performance test includes the following four aspects. - file reading and writing performance; - symmetric algorithm performance; - asymmetric algorithm performance; - hash algorithm performance. 6.3 Security test The purpose of security test of cryptographic smart token is to test the security of cryptographic smart token during design and realization, including specifications, interfaces, roles, services and authentication, software and firmware security, operating environment, physical security, non-invasive attack security, sensitive security parameter management, self-test, life-cycle assurance, and mitigation of other attacks. The security of cryptographic smart token shall comply with GM/T 0028. Test and evaluate its security according to GM/T 0039. Passing criteria. The normal condition test and abnormal condition test shall receive the results as expected. 7.1.2.6 Unlock PIN Test purpose. Verify whether it can correctly unlock the user PIN that is already locked by designated application. Test condition. The test sample administrator PIN is unlocked, and the application that creates the file needs to verify the user PIN exists. Application name, administrator PIN and user PIN are already known. Test process. a) normal condition test 1) step 1. send VeryfyPIN command specified in GM/T 0017-2012, use wrong user PIN to verify; repeat operation till it responses "PIN code locked" status code; 2) step 2. send UnblockPIN command specified in GM/T 0017-2012, use correct administrator PIN, new user PIN shall be different from original user PIN; 3) step 3. use new user PIN as correct user PIN, verify user PIN and it shall receive the result as expected. b) abnormal condition test 1) use wrong administrator PIN in step 2, it shall be unsuccessful; 2) send VeryfyPIN command specified in GM/T 0017-2012 to verify administrator PIN, use wrong administrator PIN; repeat operation till it responses "PIN code locked" status code; unlock user PIN and it shall be unsuccessful. Passing criteria. The normal condition test and abnormal condition test shall receive the results as expected. 7.1.2.7 Clear application security status Passing criteria. The normal condition test and abnormal condition test shall receive the results as expected. 7.1.4.3 Enumerate file Test purpose. Verify whether it can correctly enumerate all files existing under designated application. Test condition. The application required for testing is opened, the file already exists. Test process. This test item is tested as one part of 7.1.4.1. 7.1.4.4 Obtain file information Test purpose. Verify whether it can correctly obtain the attribute information of designated file under designated application. Test condition. The application required for testing is already opened, security status is already satisfied. Test process. a) normal condition test 1) step 1. send CreateFiles command specified in GM/T 0017-2012, create file; 2) step 2. send GetFilelnfo command specified in GM/T 0017-2012, use correct application ID and file name to test, it shall return successfully, obtain file attribute information; 3) step 3. the file size, reading and writing permission information in comparison attribute shall be consistent with that when creating file. b) abnormal condition test 1) when application ID does not exist, it shall be unsuccessful; 3) step 3. compare the content written in step 1 with the content read in step 2, the content information shall be consistent. b) abnormal condition test 1) when application ID does not exist, it shall be unsuccessful; 2) when file name does not exist, it shall be unsuccessful; 3) when security status is not satisfied, it shall be unsuccessful; 4) when offset length exceeds the file length, it shall be unsuccessful; 5) when returned length exceeds the maximum length of communication buffer zone, it shall be unsuccessful. Passing criteria. The normal condition test and abnormal condition test shall receive the results as expected. 7.1.5 Container management 7.1.5.1 Create container Test purpose. Verify whether it can correctly create container under designated application. Test condition. The application required for testing is already opened, security status is already satisfied. Test process. a) normal condition test 1) step 1. send CreateContainer command specified in GM/T 0017-2012, create a container; 2) step 2. send EnumContainer command specified in GM/T 0017-2012, return the container name that has been created. b) abnormal condition test 1) when testing application is not opened, it shall be unsuccessful; 2) when security status is not satisfied, it shall be unsuccessful; ... ......Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al. Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of English version of GM/T 0048-2016 be delivered?Answer: The full copy PDF of English version of GM/T 0048-2016 can be downloaded in 9 seconds, and it will also be emailed to you in 9 seconds (double mechanisms to ensure the delivery reliably), with PDF-invoice.Question 2: Can I share the purchased PDF of GM/T 0048-2016_English with my colleagues?Answer: Yes. The purchased PDF of GM/T 0048-2016_English will be deemed to be sold to your employer/organization who actually paid for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. www.ChineseStandard.us -- GM/T 0048-2016 -- Click this link and select your country/currency to pay, the exact amount in your currency will be printed on the invoice. Full PDF will also be downloaded/emailed in 9 seconds.How to buy and download a true PDF of English version of GM/T 0048-2016?A step-by-step guide to download PDF of GM/T 0048-2016_EnglishStep 1: Visit website https://www.ChineseStandard.net (Pay in USD), or https://www.ChineseStandard.us (Pay in any currencies such as Euro, KRW, JPY, AUD).Step 2: Search keyword "GM/T 0048-2016". Step 3: Click "Add to Cart". If multiple PDFs are required, repeat steps 2 and 3 to add up to 12 PDFs to cart. Step 4: Select payment option (Via payment agents Stripe or PayPal). Step 5: Customize Tax Invoice -- Fill up your email etc. Step 6: Click "Checkout". Step 7: Make payment by credit card, PayPal, Google Pay etc. After the payment is completed and in 9 seconds, you will receive 2 emails attached with the purchased PDFs and PDF-invoice, respectively. Step 8: Optional -- Go to download PDF. Step 9: Optional -- Click Open/Download PDF to download PDFs and invoice. See screenshots for above steps: Steps 1~3 Steps 4~6 Step 7 Step 8 Step 9 |
