Skip to product information
1 of 12

PayPal, credit cards. Download editable-PDF & invoice in 1 second!

GM/T 0048-2016 English PDF (GMT0048-2016)

GM/T 0048-2016 English PDF (GMT0048-2016)

Regular price $305.00 USD
Regular price Sale price $305.00 USD
Sale Sold out
Shipping calculated at checkout.
Quotation: In 1-minute, 24-hr self-service. Click here GM/T 0048-2016 to get it for Purchase Approval, Bank TT...

GM/T 0048-2016: Cryptography test specification for cryptographic smart token

This Standard specifies the test environment, test content and test method for cryptographic smart token. This Standard is applicable to the cryptography test of cryptographic smart token. It is also used to guide the development and use of cryptographic smart token.
GM/T 0048-2016
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE REPUBLIC OF CHINA
ICS 35.040
L 80
File No.. 58553-2017
Cryptography test specification
for cryptographic smart token
ISSUED ON. DECEMBER 23, 2016
IMPLEMENTED ON. DECEMBER 23, 2016
Issued by. State Cryptography Administration
Table of Contents
Foreword ... 3
1 Scope .. 4
2 Normative references ... 4
3 Terms and definitions ... 4
4 Abbreviation ... 6
5 Test environment .. 6
5.1 Test environment topology ... 6
5.2 Test instrument ... 7
5.3 Test software.. 7
6 Test content ... 8
6.1 Function test .. 8
6.2 Performance test ... 8
6.3 Security test ... 8
7 Test method ... 9
7.1 Function test .. 9
7.1.1 Device management ... 9
7.1.2 Access control .. 10
7.1.3 Application management... 17
7.1.4 File management ... 20
7.1.5 Container management ... 24
7.1.6 Cryptographic service ... 29
7.2 Performance test .. 55
7.2.1 File writing and reading performance ... 55
7.2.2 Symmetric algorithm performance ... 56
7.2.3 Asymmetric algorithm performance ... 57
7.2.4 Hash algorithm performance ... 58
7.3 Security test ... 58
Bibliography ... 59
Foreword
This Standard was drafted in accordance with the rules given in GB/T 1.1-2009. Attention is drawn to the possibility that some of the elements of this Standard may be the subject of patent rights. The issuing authority shall not be held responsible for identifying any or all such patent rights.
This Standard was proposed by and shall be under the jurisdiction of Code Industry Standardization Technical Committee.
The drafting organizations of this Standard. Beijing Watch Intelligent
Technology Co., Ltd., Feitian Safe Technology Co., Ltd., Beijing HaitaiFangyuan Technologies Co., Ltd., Beijing Huada Zhibao Electronic Systems Co., Ltd., Commercial Cryptography Testing Center of State Cryptography Administration, Shanghai Geer Software Co., Ltd., Beijing Chong Yuan World Technology Co., Ltd.
Main drafters of this Standard. Wang Xuelin, Li Dawei, Chen Guo, Zhu Pengfei, Jiang Hongyu, Chen Baoru, Deng Kaiyong, Luo Peng, Lin Chun, Lei Yinhua, Han Lin.
Cryptography test specification
for cryptographic smart token
1 Scope
This Standard specifies the test environment, test content and test method for cryptographic smart token.
This Standard is applicable to the cryptography test of cryptographic smart token. It is also used to guide the development and use of cryptographic smart token.
2 Normative references
The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments) applies.
GB/T 32915, Information security technology - Binary sequence randomness detection method
GM/T 0006, Cryptographic application identifier criterion specification GM/T 0017-2012, Smart token cryptography application interface data
format specification
GM/T 0027, Technique requirements for smart token
GM/T 0028, Security requirements for cryptographic modules
GM/T 0039, Security test requirements for cryptographic modules
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply. 3.1 cryptographic smart token
a terminal cryptographic device that realizes cryptographic operation, key management function, provides cryptographic service
6 Test content
6.1 Function test
The purpose of function test of cryptographic smart token is to test the realization of cryptographic smart token and correctness of running. The function test includes the following six aspects.
- device management;
- access control;
- application management;
- file management;
- container management;
- cryptographic service.
6.2 Performance test
The purpose of performance test of cryptographic smart token is to test file operation of cryptographic smart token and operation efficiency of
cryptographic algorithm. The performance test includes the following four aspects.
- file reading and writing performance;
- symmetric algorithm performance;
- asymmetric algorithm performance;
- hash algorithm performance.
6.3 Security test
The purpose of security test of cryptographic smart token is to test the security of cryptographic smart token during design and realization, including
specifications, interfaces, roles, services and authentication, software and firmware security, operating environment, physical security, non-invasive attack security, sensitive security parameter management, self-test, life-cycle assurance, and mitigation of other attacks.
The security of cryptographic smart token shall comply with GM/T 0028. Test and evaluate its security according to GM/T 0039.
Passing criteria.
The normal condition test and abnormal condition test shall receive the results as expected.
7.1.2.6 Unlock PIN
Test purpose.
Verify whether it can correctly unlock the user PIN that is already locked by designated application.
Test condition.
The test sample administrator PIN is unlocked, and the application that creates the file needs to verify the user PIN exists. Application name, administrator PIN and user PIN are already known.
Test process.
a) normal condition test
1) step 1. send VeryfyPIN command specified in GM/T 0017-2012, use
wrong user PIN to verify; repeat operation till it responses "PIN code
locked" status code;
2) step 2. send UnblockPIN command specified in GM/T 0017-2012, use
correct administrator PIN, new user PIN shall be different from original user PIN;
3) step 3. use new user PIN as correct user PIN, verify user PIN and it shall receive the result as expected.
b) abnormal condition test
1) use wrong administrator PIN in step 2, it shall be unsuccessful;
2) send VeryfyPIN command specified in GM/T 0017-2012 to verify
administrator PIN, use wrong administrator PIN; repeat operation till it responses "PIN code locked" status code; unlock user PIN and it shall
be unsuccessful.
Passing criteria.
The normal condition test and abnormal condition test shall receive the results as expected.
7.1.2.7 Clear application security status
Passing criteria.
The normal condition test and abnormal condition test shall receive the results as expected.
7.1.4.3 Enumerate file
Test purpose.
Verify whether it can correctly enumerate all files existing under designated application.
Test condition.
The application required for testing is opened, the file already exists. Test process.
This test item is tested as one part of 7.1.4.1.
7.1.4.4 Obtain file information
Test purpose.
Verify whether it can correctly obtain the attribute information of designated file under designated application.
Test condition.
The application required for testing is already opened, security status is already satisfied.
Test process.
a) normal condition test
1) step 1. send CreateFiles command specified in GM/T 0017-2012,
create file;
2) step 2. send GetFilelnfo command specified in GM/T 0017-2012, use
correct application ID and file name to test, it shall return successfully, obtain file attribute information;
3) step 3. the file size, reading and writing permission information in comparison attribute shall be consistent with that when creating file.
b) abnormal condition test
1) when application ID does not exist, it shall be unsuccessful;
3) step 3. compare the content written in step 1 with the content read in step 2, the content information shall be consistent.
b) abnormal condition test
1) when application ID does not exist, it shall be unsuccessful;
2) when file name does not exist, it shall be unsuccessful;
3) when security status is not satisfied, it shall be unsuccessful;
4) when offset length exceeds the file length, it shall be unsuccessful; 5) when returned length exceeds the maximum length of communication
buffer zone, it shall be unsuccessful.
Passing criteria.
The normal condition test and abnormal condition test shall receive the results as expected.
7.1.5 Container management
7.1.5.1 Create container
Test purpose.
Verify whether it can correctly create container under designated application. Test condition.
The application required for testing is already opened, security status is already satisfied.
Test process.
a) normal condition test
1) step 1. send CreateContainer command specified in GM/T 0017-2012,
create a container;
2) step 2. send EnumContainer command specified in GM/T 0017-2012,
return the container name that has been created.
b) abnormal condition test
1) when testing application is not opened, it shall be unsuccessful;
2) when security status is not satisfied, it shall be unsuccessful;
...

View full details