Introduction ..................................................................................................................................................................... 3 About this Document ....................................................................................................................................................... 3免责声明...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................General ................................................................................................................................................................... 6 2.加密模块接口...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................Roles, Services, and Authentication .................................................................................................................... 13 4.1 Roles ..................................................................................................................................................................... 13 4.2 Authentication ..................................................................................................................................................... 13 4.3 Services ................................................................................................................................................................. 13 5.Cryptographic Module Specification ..................................................................................................................... 7 2.1 Overall Security Design and Rules of Operation ................................................................................................. 11 2.1.1 Usage of AES-GCM .................................................................................................................................................... 11 2.1.2 RSA and ECDSA Keys ................................................................................................................................................. 11 2.1.3 CSP Sharing ............................................................................................................................................................... 11 2.1.4 Modes of Operation ................................................................................................................................................. 11 3.Software/Firmware Security ................................................................................................................................ 17 5.1 Module Format .................................................................................................................................................... 17 6.Operational Environment .................................................................................................................................... 17 7.Physical Security ................................................................................................................................................... 17 8.Non-invasive Security ........................................................................................................................................... 17 9.Sensitive Security Parameter Management ........................................................................................................ 18 10.Self-Tests .............................................................................................................................................................. 22 10.1 Pre-Operational Self-Tests ................................................................................................................................... 22 10.2 Conditional Self-Tests .......................................................................................................................................... 22 11.Life-Cycle Assurance............................................................................................................................................. 24 11.1 Installation Instructions ....................................................................................................................................... 24 11.1.1 Building for Android ............................................................................................................................................ 24 11.1.2 Building for Linux................................................................................................................................................. 25 11.1.3 Retrieving Module Name and Version ............................................................................................................... 26 12.Mitigation of Other Attacks ................................................................................................................................. 26 References and Standards ..................................................................................................................................................... 27 Acronyms ...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................