Skip to product information
1 of 10

PayPal, credit cards. Download editable-PDF and invoice in 1 second!

GM/T 0013-2012 English PDF (GMT0013-2012)

GM/T 0013-2012 English PDF (GMT0013-2012)

Regular price $570.00 USD
Regular price Sale price $570.00 USD
Sale Sold out
Shipping calculated at checkout.
Quotation: 24-hr self-service. Click GM/T 0013-2012
See Chinese contents: GM/T 0013-2012

GM/T 0013-2012: Trusted computing--Trusted cryptography module interface compliance

This Standard is based on GM/T 0011-2012, Trusted computing - Functionality and interface specification of cryptographic support platform; defines the command test vectors of trusted cryptography modules; and provides effective test methods and flexible test scripts.
GM/T 0013-2012
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE REPUBLIC OF CHINA
ICS 35.040
L 80
RECORD NO.. 38311-2013
Trusted computing - Trusted cryptography
module interface compliance
???????????? ????????????????????????
ISSUED ON. NOVEMBER 22, 2012
IMPLEMENTED ON. NOVEMBER 22, 2012
Issued by. State Cryptography Management
Table of Contents
Foreword ... 5
Introduction .. 6
1 Scope .. 7
2 Normative references ... 7
3 Terms and definitions ... 8
4 Trusted cryptography module interface compliance test .. 9
4.1 General ... 9
4.2 Constant values ... 10
4.3 Test strategy ... 12
4.4 Test method ... 14
5 Command dependency relationships ... 15
5.1 Startup command set ... 15
5.2 State save command set... 16
5.3 Self-test command set .. 16
5.4 TCM operating mode setting command set ... 16
5.5 Owner management command set ... 16
5.6 Attribute management command set ... 17
5.7 Upgrading and maintenance command set ... 17
5.8 Authorization value management command set ... 17
5.9 Nonvolatile storage management command set ... 17
5.10 Operating environment management command set ... 18
5.11 Audit command set ... 18
5.12 Clock command set.. 18
5.13 Counter command set ... 18
5.14 TCM endorsement key management command set ... 19
5.15 Platform identity key management command set ... 19
5.16 Data protection operating command set ... 20
5.17 Key management command set .. 20
5.18 Key agreement command set ... 21
5.19 Key migration command set... 21
5.20 Cryptographic service command set ... 21
5.21 Transport session command set .. 22
5.22 Authorization protocol command set ... 22
5.23 Platform configuration register management command set ... 23
6 Vector commands .. 23
6.1 TCM_Startup .. 23
6.2 TCM-SelfTestFull.. 24
6.3 TCM_ContinueSelfTest ... 25
6.4 TCM_GetTestResult ... 25
6.5 TCM_SetOwnerInstall ... 26
6.6 TCM_OwnerSetDisable ... 27
6.7 TCM_PhysicalEnable ... 28
6.8 TCM_PhysicalDisable ... 29
6.9 TCM_SetTempDeactivated ... 30
6.10 TCM_PhysicalSetDeactivated ... 30
6.11 TCM_TakeOwnership .. 31
6.12 TCM_OwnerClear ... 34
6.13 TCM_ForceClear... 36
6.14 TCM_DisableOwnerClear ... 37
6.15 TCM_DisableForceClear .. 38
6.16 TCM_GetCapability .. 39
6.17 TCM_SetCapacity ... 40
6.18 TCM_ResetLockValue ... 41
6.19 TCM_ChangeAuth ... 43
6.20 TCM_ChangeAuthOwner ... 45
6.21 TCM_NV_DefineSpace ... 47
6.22 TCM_NV_WriteValue .. 50
6.23 TCM_NV_ReadValue .. 51
6.24 TCM_FlushSpecifc ... 51
6.25 TCM_GetAuditDigest .. 52
6.26 TCM_GetAuditDigestSigned .. 53
6.27 TCM_SetOrdinalAuditStatus .. 56
6.28 TCM_GetTicks ... 58
6.29 TCM_TickStampBlob .. 59
6.30 TCM_ReadPubEK... 60
6.31 TCM_OwnerReadInternalPub ... 61
6.32 TCM_Make Identity .. 63
6.33 TCM_ActivatePEKCert... 67
6.34 TCM_ActivatePEK ... 69
6.35 TCM_Seal ... 72
6.36 TCM_Unseal ... 75
6.37 TCM_CreateWrapKey ... 79
6.38 TCM_LoadKey ... 82
6.39 TCM_GetPubKey .. 86
6.40 TCM_WrapKey ... 87
6.41 TCM_CertifyKey ... 91
6.42 TCM_AuthorizeMigrationKey ... 92
6.43 TCM_CreateMigratedBlob .. 94
6.44 TCM_ConvertMigratedBlob ... 97
6.45 TCM_SM3Start ... 100
6.46 TCM_Sm3Update .. 101
6.47 TCM_SM3Complete.. 102
6.48 TCM_SM3CompleteExtend ... 103
6.49 TCM_Sign .. 104
6.50 TCM_SM4Encrypt .. 106
6.51 TCM_SM4Decrypt.. 108
6.52 TCM_SM2Decrypt... 110
6.53 TCM_GetRandom ... 113
6.54 TCM_APCreate ... 113
6.55 TCM_APTerminate .. 115
6.56 TCM_Extend .. 117
6.57 TCM_PCRRead ... 118
6.58 TCM_Quote... 118
6.59 TCM_PCR_Reset .. 121
7 Script vectors ... 122
7.1 TCM_SaveState ... 122
7.2 TCM_SaveContext ... 123
7.3 TCM_LoadContext ... 126
7.4 TCM_FiledUpgrade .. 128
Bibliography .. 130
Foreword
This Standard was drafted in accordance with the rules given in GB/T 1.1-2009. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. The issuer of this document shall not be held responsible for identifying any or all such patent rights.
This Standard was proposed by and shall be under the jurisdiction of the State Cryptography Management.
The drafting organizations of this Standard. Institute of Software Chinese Academy of Sciences, Nationz Technologies Co., Ltd., Legend Holdings Co., Ltd., Tongfang Co., Ltd., Beijing Information Science and Technology University. The main drafters of this Standard. Qin Yu, Wu Qiuxin, Chang Dexian, Chu Xiaobo, Xu Zhen, Liu Xin, Ning Xiaokui, Zheng Bike, Liu Ren, Li Hao, Zhang Qianying, Wang Dan, Liu Ziwen, Yu AImin.
Trusted computing - Trusted cryptography
module interface compliance
1 Scope
This Standard is based on GM/T 0011-2012, Trusted computing - Functionality and interface specification of cryptographic support platform; defines the command test vectors of trusted cryptography modules; and provides effective test methods and flexible test scripts.
This Standard applies to the compliance test of trusted cryptography modules, but it can not replace their security check. The security test of trusted cryptography modules shall be conducted in accordance with other
specifications.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition dated applies to this document. For undated references, the latest edition of the referenced
documents (including all amendments) applies to This Standard.
GB/T 5271.8-2001, Information technology - Vocabulary - Part 8. Security GB/T 16264.8-2005, Information technology - Open systems interconnection - The directory - Part 8. Public-key and attribute certificate frameworks GB 17859-1999, Classified criteria for security protection of computer
information system
GB/T 18336 (all parts), Information technology - Security techniques -
Evaluation criteria for IT security
GM/T 0002-2012, SM4 Block cipher algorithm
GM/T 0003-2012, Public key cryptographic algorithm SM2 based on elliptic curves
GM/T 0004-2012, SM3 password hashing algorithm
GM/T 0011-2012, Trusted computing - Functionality and interface
specification of cryptographic support platform
GM/T 0012-2012, Trusted computing - Interface specification of trusted
cryptography module
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply. 3.1
trusted computing platform
The support system which is established in the computing system and used to implement the trusted computing function.
3.2
trusted cryptography module; TCM
The hardware module of the trusted computing platform, which provides the cryptographic operation function for the trusted computing platform and has a protected storage space.
3.3
platform configuration register; PCR
The storage unit inside the trusted cryptography module, which is used to store platform integrity measurement values.
3.4
TCM endorsement key; EK
The initial key of the trusted cryptography module.
3.5
storage master key; SMK
The master key which is used to protect platform identity keys and user keys. 3.6
hash-based message authentication mode; HMAC
This Standard adopts SM3 hash algorithm provided in GM/T 0004-2012 to
generate message authentication codes.
3.7
This Standard only provides the test strategies and test methods for TCM compliance test, in which all the commands involved come from the standard GM/T 0011; and the optionality of the command input parameters and the
randomization factors inside TCM enable manufacturers to implement
command test by themselves. Therefore, the test vectors provided in this Standard are only for the reference of users only.
If manufacturers add a test process into TCM products regarding it as a mode, then when TMC is in such mode, it is deemed that TCM is in the test mode. The test mode requirements.
a) the TCM products in the test mode shall neither contradict with other information of TCM in work, nor disclose such information.
b) TCM manufacturers and system providers shall ensure that TCM only
providing the compliance mode is not implanted into product systems.
c) when TCM is in the compliance test status, proof shall be provided to prove that TCM is in the compliance test status.
1) TCM can provide proof through a certain mechanism of manufacturers.
2) the already-known mechanisms include.
-- non-standard version information;
-- fixed EK.
4.2 Constant values
The examples in this Standard regarding test vectors and test scripts will involve some values; these values have the same functions and can be unified and reused, which is to be benefit of the unification of the whole standard. The following standard values will be applied in the examples of the digital computing TCM commands in the whole standards.
4.2.1 Ke...

View full details