GM/T 0048-2016 English PDF (GMT0048-2016)
GM/T 0048-2016 English PDF (GMT0048-2016)
Regular price
$310.00 USD
Regular price
Sale price
$310.00 USD
Unit price
/
per
Delivery: 3 seconds. Download true-PDF + Invoice.
Get QUOTATION in 1-minute: Click GM/T 0048-2016
Historical versions: GM/T 0048-2016
Preview True-PDF (Reload/Scroll if blank)
GM/T 0048-2016: Cryptography test specification for cryptographic smart token
GM/T 0048-2016
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
File No.. 58553-2017
Cryptography test specification
for cryptographic smart token
ISSUED ON. DECEMBER 23, 2016
IMPLEMENTED ON. DECEMBER 23, 2016
Issued by. State Cryptography Administration
Table of Contents
Foreword ... 3
1 Scope .. 4
2 Normative references ... 4
3 Terms and definitions ... 4
4 Abbreviation ... 6
5 Test environment .. 6
5.1 Test environment topology ... 6
5.2 Test instrument ... 7
5.3 Test software.. 7
6 Test content ... 8
6.1 Function test .. 8
6.2 Performance test ... 8
6.3 Security test ... 8
7 Test method ... 9
7.1 Function test .. 9
7.1.1 Device management ... 9
7.1.2 Access control .. 10
7.1.3 Application management... 17
7.1.4 File management ... 20
7.1.5 Container management ... 24
7.1.6 Cryptographic service ... 29
7.2 Performance test .. 55
7.2.1 File writing and reading performance ... 55
7.2.2 Symmetric algorithm performance ... 56
7.2.3 Asymmetric algorithm performance ... 57
7.2.4 Hash algorithm performance ... 58
7.3 Security test ... 58
Bibliography ... 59
Foreword
This Standard was drafted in accordance with the rules given in GB/T 1.1-2009.
Attention is drawn to the possibility that some of the elements of this Standard
may be the subject of patent rights. The issuing authority shall not be held
responsible for identifying any or all such patent rights.
This Standard was proposed by and shall be under the jurisdiction of Code
Industry Standardization Technical Committee.
The drafting organizations of this Standard. Beijing Watch Intelligent
Technology Co., Ltd., Feitian Safe Technology Co., Ltd., Beijing HaitaiFangyuan
Technologies Co., Ltd., Beijing Huada Zhibao Electronic Systems Co., Ltd.,
Commercial Cryptography Testing Center of State Cryptography Administration,
Shanghai Geer Software Co., Ltd., Beijing Chong Yuan World Technology Co.,
Ltd.
Main drafters of this Standard. Wang Xuelin, Li Dawei, Chen Guo, Zhu Pengfei,
Jiang Hongyu, Chen Baoru, Deng Kaiyong, Luo Peng, Lin Chun, Lei Yinhua,
Han Lin.
Cryptography test specification
for cryptographic smart token
1 Scope
This Standard specifies the test environment, test content and test method for
cryptographic smart token.
This Standard is applicable to the cryptography test of cryptographic smart
token. It is also used to guide the development and use of cryptographic smart
token.
2 Normative references
The following referenced documents are indispensable for the application of
this document. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any
amendments) applies.
GB/T 32915, Information security technology - Binary sequence randomness
detection method
GM/T 0006, Cryptographic application identifier criterion specification
GM/T 0017-2012, Smart token cryptography application interface data
format specification
GM/T 0027, Technique requirements for smart token
GM/T 0028, Security requirements for cryptographic modules
GM/T 0039, Security test requirements for cryptographic modules
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1 cryptographic smart token
a terminal cryptographic device that realizes cryptographic operation, key
management function, provides cryptographic service
6 Test content
6.1 Function test
The purpose of function test of cryptographic smart token is to test the
realization of cryptographic smart token and correctness of running. The
function test includes the following six aspects.
- device management;
- access control;
- application management;
- file management;
- container management;
- cryptographic service.
6.2 Performance test
The purpose of performance test of cryptographic smart token is to test file
operation of cryptographic smart token and operation efficiency of
cryptographic algorithm. The performance test includes the following four
aspects.
- file reading and writing performance;
- symmetric algorithm performance;
- asymmetric algorithm performance;
- hash algorithm performance.
6.3 Security test
The purpose of security test of cryptographic smart token is to test the security
of cryptographic smart token during design and realization, including
specifications, interfaces, roles, services and authentication, software and
firmware security, operating environment, physical security, non-invasive attack
security, sensitive security parameter management, self-test, life-cycle
assurance, and mitigation of other attacks.
The security of cryptographic smart token shall comply with GM/T 0028. Test
and evaluate its security according to GM/T 0039.
Passing criteria.
The normal condition test and abnormal condition test shall receive the results
as expected.
7.1.2.6 Unlock PIN
Test purpose.
Verify whether it can correctly unlock the user PIN that is already locked by
designated application.
Test condition.
The test sample administrator PIN is unlocked, and the application that creates
the file needs to verify the user PIN exists. Application name, administrator PIN
and user PIN are already known.
Test process.
a) normal condition test
1) step 1. send VeryfyPIN command specified in GM/T 0017-2012, use
wrong user PIN to verify; repeat operation till it responses "PIN code
locked" status code;
2) step 2. send UnblockPIN command specified in GM/T 0017-2012, use
correct administrator PIN, new user PIN shall be different from original
user PIN;
3) step 3. use new user PIN as correct user PIN, verify user PIN and it
shall receive the result as expected.
b) abnormal condition test
1) use wrong administrator PIN in step 2, it shall be unsuccessful;
2) send VeryfyPIN command specified in GM/T 0017-2012 to verify
administrator PIN, use wrong administrator PIN; repeat operation till it
responses "PIN code locked" status code; unlock user PIN and it shall
be unsuccessful.
Passing criteria.
The normal condition test and abnormal condition test shall receive the results
as expected.
7.1.2.7 Clear application security status
Passing criteria.
The normal condition test and abnormal condition test shall receive the results
as expected.
7.1.4.3 Enumerate file
Test purpose.
Verify whether it can correctly enumerate all files existing under designated
application.
Test condition.
The application required for testing is opened, the file already exists.
Test process.
This test item is tested as one part of 7.1.4.1.
7.1.4.4 Obtain file information
Test purpose.
Verify whether it can correctly obtain the attribute information of designated file
under designated application.
Test condition.
The application required for testing is already opened, security status is already
satisfied.
Test process.
a) normal condition test
1) step 1. send CreateFiles command specified in GM/T 0017-2012,
create file;
2) step 2. send GetFilelnfo command specified in GM/T 0017-2012, use
correct application ID and file name to test, it shall return successfully,
obtain file attribute information;
3) step 3. the file size, reading and writing permission information in
comparison attribute ...
Get QUOTATION in 1-minute: Click GM/T 0048-2016
Historical versions: GM/T 0048-2016
Preview True-PDF (Reload/Scroll if blank)
GM/T 0048-2016: Cryptography test specification for cryptographic smart token
GM/T 0048-2016
GM
CRYPTOGRAPHY INDUSTRY STANDARD
OF THE PEOPLE’S REPUBLIC OF CHINA
ICS 35.040
L 80
File No.. 58553-2017
Cryptography test specification
for cryptographic smart token
ISSUED ON. DECEMBER 23, 2016
IMPLEMENTED ON. DECEMBER 23, 2016
Issued by. State Cryptography Administration
Table of Contents
Foreword ... 3
1 Scope .. 4
2 Normative references ... 4
3 Terms and definitions ... 4
4 Abbreviation ... 6
5 Test environment .. 6
5.1 Test environment topology ... 6
5.2 Test instrument ... 7
5.3 Test software.. 7
6 Test content ... 8
6.1 Function test .. 8
6.2 Performance test ... 8
6.3 Security test ... 8
7 Test method ... 9
7.1 Function test .. 9
7.1.1 Device management ... 9
7.1.2 Access control .. 10
7.1.3 Application management... 17
7.1.4 File management ... 20
7.1.5 Container management ... 24
7.1.6 Cryptographic service ... 29
7.2 Performance test .. 55
7.2.1 File writing and reading performance ... 55
7.2.2 Symmetric algorithm performance ... 56
7.2.3 Asymmetric algorithm performance ... 57
7.2.4 Hash algorithm performance ... 58
7.3 Security test ... 58
Bibliography ... 59
Foreword
This Standard was drafted in accordance with the rules given in GB/T 1.1-2009.
Attention is drawn to the possibility that some of the elements of this Standard
may be the subject of patent rights. The issuing authority shall not be held
responsible for identifying any or all such patent rights.
This Standard was proposed by and shall be under the jurisdiction of Code
Industry Standardization Technical Committee.
The drafting organizations of this Standard. Beijing Watch Intelligent
Technology Co., Ltd., Feitian Safe Technology Co., Ltd., Beijing HaitaiFangyuan
Technologies Co., Ltd., Beijing Huada Zhibao Electronic Systems Co., Ltd.,
Commercial Cryptography Testing Center of State Cryptography Administration,
Shanghai Geer Software Co., Ltd., Beijing Chong Yuan World Technology Co.,
Ltd.
Main drafters of this Standard. Wang Xuelin, Li Dawei, Chen Guo, Zhu Pengfei,
Jiang Hongyu, Chen Baoru, Deng Kaiyong, Luo Peng, Lin Chun, Lei Yinhua,
Han Lin.
Cryptography test specification
for cryptographic smart token
1 Scope
This Standard specifies the test environment, test content and test method for
cryptographic smart token.
This Standard is applicable to the cryptography test of cryptographic smart
token. It is also used to guide the development and use of cryptographic smart
token.
2 Normative references
The following referenced documents are indispensable for the application of
this document. For dated references, only the edition cited applies. For undated
references, the latest edition of the referenced document (including any
amendments) applies.
GB/T 32915, Information security technology - Binary sequence randomness
detection method
GM/T 0006, Cryptographic application identifier criterion specification
GM/T 0017-2012, Smart token cryptography application interface data
format specification
GM/T 0027, Technique requirements for smart token
GM/T 0028, Security requirements for cryptographic modules
GM/T 0039, Security test requirements for cryptographic modules
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
3.1 cryptographic smart token
a terminal cryptographic device that realizes cryptographic operation, key
management function, provides cryptographic service
6 Test content
6.1 Function test
The purpose of function test of cryptographic smart token is to test the
realization of cryptographic smart token and correctness of running. The
function test includes the following six aspects.
- device management;
- access control;
- application management;
- file management;
- container management;
- cryptographic service.
6.2 Performance test
The purpose of performance test of cryptographic smart token is to test file
operation of cryptographic smart token and operation efficiency of
cryptographic algorithm. The performance test includes the following four
aspects.
- file reading and writing performance;
- symmetric algorithm performance;
- asymmetric algorithm performance;
- hash algorithm performance.
6.3 Security test
The purpose of security test of cryptographic smart token is to test the security
of cryptographic smart token during design and realization, including
specifications, interfaces, roles, services and authentication, software and
firmware security, operating environment, physical security, non-invasive attack
security, sensitive security parameter management, self-test, life-cycle
assurance, and mitigation of other attacks.
The security of cryptographic smart token shall comply with GM/T 0028. Test
and evaluate its security according to GM/T 0039.
Passing criteria.
The normal condition test and abnormal condition test shall receive the results
as expected.
7.1.2.6 Unlock PIN
Test purpose.
Verify whether it can correctly unlock the user PIN that is already locked by
designated application.
Test condition.
The test sample administrator PIN is unlocked, and the application that creates
the file needs to verify the user PIN exists. Application name, administrator PIN
and user PIN are already known.
Test process.
a) normal condition test
1) step 1. send VeryfyPIN command specified in GM/T 0017-2012, use
wrong user PIN to verify; repeat operation till it responses "PIN code
locked" status code;
2) step 2. send UnblockPIN command specified in GM/T 0017-2012, use
correct administrator PIN, new user PIN shall be different from original
user PIN;
3) step 3. use new user PIN as correct user PIN, verify user PIN and it
shall receive the result as expected.
b) abnormal condition test
1) use wrong administrator PIN in step 2, it shall be unsuccessful;
2) send VeryfyPIN command specified in GM/T 0017-2012 to verify
administrator PIN, use wrong administrator PIN; repeat operation till it
responses "PIN code locked" status code; unlock user PIN and it shall
be unsuccessful.
Passing criteria.
The normal condition test and abnormal condition test shall receive the results
as expected.
7.1.2.7 Clear application security status
Passing criteria.
The normal condition test and abnormal condition test shall receive the results
as expected.
7.1.4.3 Enumerate file
Test purpose.
Verify whether it can correctly enumerate all files existing under designated
application.
Test condition.
The application required for testing is opened, the file already exists.
Test process.
This test item is tested as one part of 7.1.4.1.
7.1.4.4 Obtain file information
Test purpose.
Verify whether it can correctly obtain the attribute information of designated file
under designated application.
Test condition.
The application required for testing is already opened, security status is already
satisfied.
Test process.
a) normal condition test
1) step 1. send CreateFiles command specified in GM/T 0017-2012,
create file;
2) step 2. send GetFilelnfo command specified in GM/T 0017-2012, use
correct application ID and file name to test, it shall return successfully,
obtain file attribute information;
3) step 3. the file size, reading and writing permission information in
comparison attribute ...