CN114880184B - Method and system for batch detection of PCI cipher cards - Google Patents
Method and system for batch detection of PCI cipher cards Download PDFInfo
- Publication number
- CN114880184B CN114880184B CN202210564140.6A CN202210564140A CN114880184B CN 114880184 B CN114880184 B CN 114880184B CN 202210564140 A CN202210564140 A CN 202210564140A CN 114880184 B CN114880184 B CN 114880184B
- Authority
- CN
- China
- Prior art keywords
- pci
- card
- cipher
- cipher card
- password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 61
- 238000001514 detection method Methods 0.000 title claims abstract description 37
- 238000012360 testing method Methods 0.000 claims abstract description 77
- 230000008569 process Effects 0.000 claims abstract description 30
- 238000012163 sequencing technique Methods 0.000 claims abstract description 19
- 230000006870 function Effects 0.000 claims description 23
- 230000007246 mechanism Effects 0.000 claims description 5
- 238000001583 randomness test Methods 0.000 claims description 4
- 238000011835 investigation Methods 0.000 abstract 1
- 238000011990 functional testing Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000000903 blocking effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 230000007717 exclusion Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/26—Functional testing
- G06F11/263—Generation of test inputs, e.g. test vectors, patterns or sequences ; with adaptation of the tested hardware for testability with external testers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/2205—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing using arrangements specific to the hardware being tested
- G06F11/2221—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing using arrangements specific to the hardware being tested to test input/output devices or peripheral units
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/2268—Logging of test results
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/50—Allocation of resources, e.g. of the central processing unit [CPU]
- G06F9/5005—Allocation of resources, e.g. of the central processing unit [CPU] to service a request
- G06F9/5027—Allocation of resources, e.g. of the central processing unit [CPU] to service a request the resource being a machine, e.g. CPUs, Servers, Terminals
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F13/00—Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
- G06F13/14—Handling requests for interconnection or transfer
- G06F13/20—Handling requests for interconnection or transfer for access to input/output bus
- G06F13/28—Handling requests for interconnection or transfer for access to input/output bus using burst mode transfer, e.g. direct memory access DMA, cycle steal
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2209/00—Indexing scheme relating to G06F9/00
- G06F2209/50—Indexing scheme relating to G06F9/50
- G06F2209/5018—Thread allocation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/4401—Bootstrapping
- G06F9/4411—Configuring for operating with peripheral devices; Loading of device drivers
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Quality & Reliability (AREA)
- Software Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method and a system for batch detection of PCI cipher cards, wherein the method comprises the following steps: configuring independent memory space and DMA space for each PCI cipher card, sequentially obtaining the slot number of the main board where each PCI cipher card is located, and determining the sequence number of the access sequence of each PCI cipher card; sequentially enumerating all PCI cipher cards according to the sequencing number, and creating an enumeration equipment list of the PCI cipher cards; sequentially opening PCI cipher card examples in the enumeration equipment list according to the sequencing number, and accessing each PCI cipher card through a handle returned during opening; parallel issuing each password operation instruction to each PCI password card, and carrying out parallel test on each PCI password card for preset time; in the test process, an error log of the error PCI cipher card is created. The invention can realize batch detection of PCI cipher cards, accurately position the error PCI cipher card and the error cipher algorithm, greatly improve the detection speed and facilitate the investigation and repair of errors.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a method and a system for detecting PCI password cards in batches.
Background
The PCI cryptocard is a crypto device having a cryptographic operation function, a key management function, a physical random number generation function, and a device self-security protection measure using a PCI local bus or PCI Express as an interface, and can be applied to a communication device, a computer device, and a security device having a PCI local bus or PCI Express, which require security functions such as cryptographic operation and key management, for example: virtual Private Network (VPN) equipment, related equipment of a Certificate Authority (CA) system, a network crypto-engine, a security server, a security terminal, a security management center, a key management device, and the like. The PCI cipher card is used as important safety equipment deployed at the application end, and realizes the operations of key generation, management, protection, high-speed signature, verification, encryption and decryption, and is the most basic and indispensable cipher equipment in the information safety industry chain.
The current PCI crypto card supports various crypto algorithms such as SM1, SM2, SM3, SM4, SM7, SM9 and the like. Different cipher algorithm implementation mechanisms adopt authenticated cipher algorithm chips, and other cipher algorithm implementation mechanisms adopt FPGA hardware logic, so that each cipher algorithm needs to be detected when detecting the cipher card. The detection of the PCI crypto card requires the detection of the correctness of each crypto algorithm while the stability of the PCI crypto card is detected (for 24 hours). In the process of detecting the password card, currently, single-block password card detection is generally adopted, and if the number of the password cards to be detected is very large, the efficiency of single-block detection is obviously very low, so that a method and a system capable of detecting the PCI password cards in batches are needed.
Disclosure of Invention
In view of this, the invention provides a method and a system for batch detection of PCI password cards, which can realize batch detection of PCI password cards, accurately locate error PCI password cards and error password algorithms, greatly improve detection speed and facilitate checking and repairing errors.
In order to achieve the above purpose, the present invention adopts the following technical scheme:
a method for batch detection of PCI cryptographic cards, comprising:
installing a batch PCI cipher card to be detected on a designated slot position of a main board;
configuring independent memory space and DMA space for each PCI cipher card, sequentially obtaining the slot number of the main board where each PCI cipher card is located, and determining the sequence number of the access sequence of each PCI cipher card;
sequentially enumerating each PCI cipher card according to the sequencing serial numbers, and creating an enumeration equipment list of the PCI cipher cards; the enumeration equipment list sequentially stores all PCI cipher card examples according to the sequencing serial numbers;
sequentially opening PCI cipher card examples in the enumeration equipment list according to the sequencing serial numbers, and accessing each PCI cipher card through a handle returned during opening; parallel issuing each password operation instruction to each PCI password card, and carrying out parallel test on each PCI password card for preset time;
in the test process, if the PCI password card is found to be wrong, an error log is created, otherwise, the log is not created; the error log includes: the device serial number of the error PCI cipher card, the slot number of the PCI cipher card and the ID number of the error algorithm.
Further, in the above method for batch detecting PCI cryptographic cards, the method further includes: and wirelessly transmitting the error log to a remote terminal.
Further, in the above method for batch detecting PCI cryptocards, when determining the sequence number for accessing each PCI cryptocard, the method further includes:
and (3) returning the specific operation of the PCI cipher card and the slot number of the PCI cipher card to an application layer when the time is out by adopting a time-out error reporting mechanism.
Further, in the above method for batch detecting PCI cryptocards, the PCI cryptocard list interface functions are enumerated through the cryptocard interface library, and the PCI cryptocard interface functions corresponding to the specified PCI cryptocard instance names are opened/accessed/closed; when the PCI cipher card list interface function is enumerated, returning a PCI cipher card instance name list and the number of PCI cipher cards; when a cipher card interface function corresponding to the appointed PCI cipher card instance name is opened, acquiring equipment serial number information; when the cipher card interface function corresponding to the appointed PCI cipher card instance name is accessed, the slot number of the PCI cipher card is obtained, and the cipher operation service is executed.
Furthermore, in the method for batch detecting PCI cipher cards, before parallel testing is performed on each PCI cipher card, the method further comprises: and reading a preset test time, and automatically stopping the test process after parallel test of the preset time is carried out on each PCI cipher card.
Further, in the above method for batch detection of PCI crypto cards, the performing parallel test for a preset time on each PCI crypto card includes:
based on the number of PCI cipher cards to be detected, circularly creating test subprocesses aiming at each PCI cipher card;
aiming at the test subprocess of each PCI cipher card, opening the appointed PCI cipher card based on the PCI instance name to acquire the equipment information of the PCI cipher card;
initializing each PCI cipher card based on the access control mode mark in the acquired equipment information to make the PCI cipher card enter a work ready state;
and reading a preset test time, carrying out randomness test on the random number quality of each PCI cipher card in parallel in the preset time, and automatically stopping the test process after the preset time is up.
Further, in the above method for batch detecting PCI cryptocards, the content of testing each PCI cryptocard includes: the correctness and random number quality of the SM1, SM2, SM3, SM4, SM7, SM9 cryptographic algorithms are detected.
The invention also provides a system for batch detection of PCI cipher cards, comprising:
the main board is used for installing the batch PCI cipher card to be detected on the appointed slot position;
the multi-password card driving module is used for configuring independent memory space and DMA space for each PCI password card, sequentially acquiring the slot number of the main board where each PCI password card is positioned, and determining the sequence number of the access sequence of each PCI password card;
the multi-password card enumeration module is used for sequentially enumerating all PCI password cards according to the sequencing serial numbers, and creating an enumeration equipment list of the PCI password cards; the enumeration equipment list sequentially stores all PCI cipher card examples according to the sequencing serial numbers;
the multi-password card detection module is used for sequentially opening the enumeration equipment list according to the sequencing serial numbers
The PCI cipher card instance in (a) and accesses each PCI cipher card through the handle returned when opening; parallel down
The method comprises the steps of obtaining each password operation instruction to each PCI password card, and carrying out parallel test on each PCI password card for preset time;
the log module is used for creating an error log when the error PCI password card is found in the test process, and otherwise, the log is not created; the error log includes: the device serial number of the error PCI cipher card, the slot number of the PCI cipher card and the ID number of the error algorithm.
Further, in the above system for batch detection of PCI cryptocards, the system further includes:
and the remote control module is used for wirelessly transmitting the error log to a remote terminal.
Furthermore, in the above system for batch detection of PCI crypto cards, the multi-crypto card detection module is further configured to preset a test time, test each PCI crypto card in parallel in the preset time, and automatically stop the test process after the preset time has elapsed.
Compared with the prior art, the invention discloses a method and a system for detecting PCI cipher cards in batches, which can install PCI cipher cards to be detected in batches into a main board slot, automatically run after starting up, automatically exit according to preset time, support continuous and stable test of set time, and normally exit if the cipher algorithm and stability detection of each cipher card are normal. If errors occur, an error log is formed, and the slot number of the PCI password card with errors and the password algorithm ID with errors can be initially positioned by checking the file name of the log, so that production personnel can conveniently and timely check the errors or replace algorithm chips.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for batch detection of PCI cryptographic cards provided by the present invention;
FIG. 2 is a schematic diagram of a naming rule of a file name of an error log according to the present invention;
FIG. 3 is a block diagram of a system for batch detection of PCI cryptographic cards according to the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
As shown in fig. 1, the embodiment of the invention discloses a method for detecting PCI cipher cards in batches, which comprises the following steps:
s1, installing a batch PCI cipher card to be detected on a designated slot position of a main board; the motherboard may provide 16-32 PCIE slots.
S2, configuring independent memory space and DMA space for each PCI cipher card, sequentially obtaining the slot number of the main board where each PCI cipher card is located, and determining the sequence number of the access sequence of each PCI cipher card. The 16-32 PCI cipher cards can be driven simultaneously under the Linux operating system.
Independent memory space and DMA space are configured for each PCI cipher card, so that data interaction is realized, and the cipher card spaces are not interfered with each other.
Meanwhile, the intelligent ordering function of the multi-password card is added, and the method supports the sequential acquisition of the slot number of the mainboard where each PCI password card is located through instructions. The two functions can realize the sequence from near to far from the CPU to access each PCI cipher card in sequence, and ensure that the slot number of the main board physically installed by the PCI cipher card corresponds to the slot number recorded when the PCI cipher card detection program is accessed one by one.
S3, sequentially enumerating all PCI password cards according to the sequencing serial numbers, and creating an enumeration equipment list of the PCI password cards; the enumeration equipment list sequentially stores all PCI cipher card examples according to the sequencing serial numbers.
The purpose of creating an enumerated device list of PCI cryptographic cards is to enable the specified PCI cryptographic card instance to be opened/accessed/closed in a subsequent step by accessing the enumerated device list with a serial number. Such as: number 0 represents the first block of cryptographic card near the CPU, number 1 represents the second block of cryptographic card, and so on. Each cipher card instance has independent memory space, data space and mutual exclusion lock, and resource conflict can not be generated when a plurality of processes or threads are called.
S4, sequentially opening PCI password card instances in the enumeration equipment list according to the sequence numbers, and accessing each PCI password card through a handle returned during opening; and issuing each password operation instruction to each PCI password card in parallel, and carrying out parallel test on each PCI password card for preset time.
S5, in the testing process, if the PCI password card is found to be wrong, creating an error log, otherwise, not creating the log; the error log includes: the device serial number of the error PCI cipher card, the slot number of the PCI cipher card and the ID number of the error algorithm. As shown in fig. 2, the device serial number of the wrong PCI crypto card in the error log is 32 bits, the device ID of the crypto card is identified, and each crypto card has a unique device serial number. The slot number is 8bit, the position of the password card installed on the main board is identified, and the corresponding PCI password card can be found according to the information. The algorithm ID is 16 bits, each algorithm has a unique algorithm ID, and a certain algorithm chip on the PCI cipher card can be corresponding to the unique algorithm ID.
The log adopts the naming mode of slot number, equipment serial number and error algorithm ID as the naming mode of file name of log, and can easily locate the error PCI cipher card and error algorithm module according to the naming mode. The error information is recorded in the log file in detail, and the specific content comprises error time, error process or thread ID, error data and the like, so that the specific error cause can be further determined by the detailed information.
In one embodiment, further comprising:
s6, the error log is wirelessly transmitted to the remote terminal. The remote computer may be transmitted over a network or other form, and no manual action is required for the overall process.
In another embodiment, S2 further comprises:
and (3) returning the specific operation of the PCI cipher card and the slot number of the PCI cipher card to an application layer when the time is out by adopting a time-out error reporting mechanism. And the blocking condition of the parallel test process caused by the hardware fault of the PCI cipher card is prevented.
In a further advantageous embodiment, S4 further comprises: and reading a preset test time, and automatically stopping the test process after parallel test of the preset time is carried out on each PCI cipher card.
Meanwhile, the step mainly comprises the steps of detecting correctness and random number quality of cryptographic algorithms such as SM1, SM2, SM3, SM4, SM7 and SM9, and setting an automatic exit detection function when parallel testing is carried out on each PCI cryptographic card, wherein the time for pressure detection can be customized, and the actual detection is generally set to be 24 hours.
In a specific embodiment, S3 implements an enumeration process at the cryptographic card interface library. Enumerating PCI cipher card list interface functions through a cipher card interface library, and opening/accessing/closing the PCI cipher card interface functions corresponding to the appointed PCI cipher card instance names; when the PCI cipher card list interface function is enumerated, returning a PCI cipher card instance name list and the number of PCI cipher cards; when a cipher card interface function corresponding to the appointed PCI cipher card instance name is opened, acquiring equipment serial number information; when the cipher card interface function corresponding to the appointed PCI cipher card instance name is accessed, the slot number of the PCI cipher card is obtained, and the cipher operation service is executed.
The parallel test process in S4 includes a main process and a sub-process.
S41, a main process: based on the number of PCI cipher cards to be detected, a test subprocess for each PCI cipher card is created in a circulating way.
S42, subprocess: aiming at the test subprocesses (obtaining subprocess IDs as test program log contents) of each PCI cipher card, opening the appointed PCI cipher card based on the PCI instance name, and obtaining the equipment information of the PCI cipher card;
s43, initializing each PCI cipher card based on the access control mode mark in the acquired equipment information to enable the PCI cipher card to enter a work ready state;
s44, reading a preset test time, carrying out randomness test (namely functional test) on the random number quality of each PCI cipher card in parallel in the preset time, creating a pressure test under the condition of multi-thread concurrency in the preset time, and automatically stopping the test process after the preset time is up. The functional test mainly comprises: the public key cryptographic algorithm performs testing such as signature, verification, encryption, digital envelope, key negotiation and the like; the symmetric algorithm performs algorithm correctness tests of modes such as ECB, CBC, MAC based on preset standard data, and session key generation, encryption and decryption intercommunication and destruction tests; testing the correctness of the hash algorithm; and creating, writing, reading and deleting file test in the nonvolatile user data area, and entering pressure test after all the functional test items pass.
To simulate the real service use environment, a pressure test under the condition of multithreading and concurrency is created. In the pressure test thread, the functions of signing, verifying, encrypting, decrypting and the like of an external key pair and an internal and external key pair are tested and generated aiming at a public key cryptographic algorithm; aiming at each supported symmetrical algorithm, random numbers with random lengths are generated to carry out encryption, decryption and intercommunication tests of ECB, CBC and other modes; performing algorithm correctness test on the hash algorithm; generating a random number module test, etc.
If the password card hardware finds problems of asymmetrical algorithm, symmetrical algorithm, hash algorithm preset standard data detection failure or encryption and decryption test plaintext comparison failure in the test process, the log module is started, and a log file is created according to a log file naming rule. In the actual test process, the PCI cipher card close to the CPU is not welded with an SM2 algorithm chip, and after the starting, an error log is generated under the root directory of the operating system. The PCI cipher card serial number, slot number, algorithm ID number in the log name are compared to be consistent with the error cipher card.
As shown in fig. 3, an embodiment of the present invention further provides a system for detecting PCI cryptographic cards in batches, including:
the main board is used for installing the batch PCI cipher card to be detected on the appointed slot position;
the multi-password card driving module is used for configuring independent memory space and DMA space for each PCI password card, sequentially acquiring the slot number of the main board where each PCI password card is positioned, and determining the sequence number of the access sequence of each PCI password card;
the multi-password card enumeration module is used for sequentially enumerating all PCI password cards according to the sequencing number and creating an enumeration equipment list of the PCI password cards; the enumeration equipment list sequentially stores all PCI cipher card examples according to the sequencing serial numbers;
the multi-password card detection module is used for sequentially opening PCI password card examples in the enumeration equipment list according to the sequence numbers and accessing each PCI password card through a handle returned during opening; parallel issuing each password operation instruction to each PCI password card, and carrying out parallel test on each PCI password card for preset time;
the log module is used for creating an error log when the error PCI password card is found in the test process, and otherwise, the log is not created; the error log includes: the device serial number of the error PCI cipher card, the slot number of the PCI cipher card and the ID number of the error algorithm.
And setting and loading a multi-password card driving module in a starting script of the Linux operating system, setting and starting a multi-password card enumeration module after the PCI password card is reset to be dormant, and starting a multi-password card detection module. In the boot process of the Linux operating system, the multi-password card driving module is automatically loaded, each PCI password card in the loading process is driven to flash in red and green, and the completion of the flash indicates that the multi-password card driving module is successfully loaded.
In one embodiment, further comprising:
and the remote control module is used for wirelessly transmitting the error log to the remote terminal.
In a further advantageous embodiment, the multi-password card detection module is further configured to preset a test time, test each PCI password card in parallel within the preset time, and automatically stop the test process after the preset time has elapsed.
In the present specification, each embodiment is described in a progressive manner, and each embodiment is mainly described in a different point from other embodiments, and identical and similar parts between the embodiments are all enough to refer to each other. For the device disclosed in the embodiment, since it corresponds to the method disclosed in the embodiment, the description is relatively simple, and the relevant points refer to the description of the method section.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.
Claims (9)
1. A method for batch detection of PCI cryptographic cards, comprising:
installing a batch PCI cipher card to be detected on a designated slot position of a main board;
configuring independent memory space and DMA space for each PCI cipher card, sequentially obtaining the slot number of the main board where each PCI cipher card is located, and determining the sequence number of the accessed sequence of each PCI cipher card;
sequentially enumerating each PCI cipher card according to the sequencing serial numbers, and creating an enumeration equipment list of the PCI cipher cards; the enumeration equipment list sequentially stores all PCI cipher card examples according to the sequencing serial numbers;
sequentially opening PCI cipher card examples in the enumeration equipment list according to the sequencing serial numbers, and accessing each PCI cipher card through a handle returned during opening; parallel issuing each password operation instruction to each PCI password card, and carrying out parallel test on each PCI password card for preset time;
in the test process, if the PCI password card is found to be wrong, an error log is created, otherwise, the log is not created; the error log includes: the device serial number of the error PCI cipher card, the slot number of the PCI cipher card and the ID number of the error algorithm;
the parallel test for the preset time of each PCI cipher card comprises the following steps:
based on the number of PCI cipher cards to be detected, circularly creating test subprocesses aiming at each PCI cipher card;
aiming at the test subprocess of each PCI cipher card, opening the appointed PCI cipher card based on the PCI instance name to acquire the equipment information of the PCI cipher card;
initializing each PCI cipher card based on the access control mode mark in the acquired equipment information to make the PCI cipher card enter a work ready state;
and reading a preset test time, carrying out randomness test on the random number quality of each PCI cipher card in parallel in the preset time, and automatically stopping the test process after the preset time is up.
2. The method for batch detection of PCI cryptographic cards according to claim 1, further comprising: and wirelessly transmitting the error log to a remote terminal.
3. The method for batch detection of PCI cryptographic cards according to claim 1, wherein determining the sequence number to which each PCI cryptographic card is accessed further comprises:
and (3) returning the specific operation of the PCI cipher card and the slot number of the PCI cipher card to an application layer when the time is out by adopting a time-out error reporting mechanism.
4. The method for batch detection of PCI cards according to claim 1 wherein PCI card list interface functions are enumerated through a card interface library and PCI card interface functions corresponding to specified PCI card instance names are opened/accessed/closed; when the PCI cipher card list interface function is enumerated, returning a PCI cipher card instance name list and the number of PCI cipher cards; when a PCI cipher card interface function corresponding to the appointed PCI cipher card instance name is opened, acquiring equipment serial number information; when the PCI cipher card interface function corresponding to the appointed PCI cipher card instance name is accessed, the slot number of the PCI cipher card is obtained, and the cipher operation service is executed.
5. The method for batch testing of PCI cryptographic cards according to claim 1, further comprising, prior to parallel testing of each PCI cryptographic card: and reading a preset test time, and automatically stopping the test process after parallel test of the preset time is carried out on each PCI cipher card.
6. The method for batch testing of PCI cryptographic cards according to claim 1, wherein the contents of testing each PCI cryptographic card comprises: the correctness and random number quality of the SM1, SM2, SM3, SM4, SM7, SM9 cryptographic algorithms are detected.
7. A system for batch testing of PCI cryptographic cards, comprising:
the main board is used for installing the batch PCI cipher card to be detected on the appointed slot position;
the multi-password card driving module is used for configuring independent memory space and DMA space for each PCI password card, sequentially acquiring the slot number of the main board where each PCI password card is positioned, and determining the sequencing sequence number of the accessed sequence of each PCI password card;
the multi-password card enumeration module is used for sequentially enumerating all PCI password cards according to the sequencing serial numbers, and creating an enumeration equipment list of the PCI password cards; the enumeration equipment list sequentially stores all PCI cipher card examples according to the sequencing serial numbers;
the multi-password card detection module is used for sequentially opening PCI password card instances in the enumeration equipment list according to the sequencing serial numbers and accessing each PCI password card through a handle returned during opening; parallel issuing each password operation instruction to each PCI password card, and carrying out parallel test on each PCI password card for preset time; the parallel test for the preset time of each PCI cipher card comprises the following steps:
based on the number of PCI cipher cards to be detected, circularly creating test subprocesses aiming at each PCI cipher card;
aiming at the test subprocess of each PCI cipher card, opening the appointed PCI cipher card based on the PCI instance name to acquire the equipment information of the PCI cipher card;
initializing each PCI cipher card based on the access control mode mark in the acquired equipment information to make the PCI cipher card enter a work ready state;
reading a preset test time, carrying out randomness test on the random number quality of each PCI cipher card in parallel in the preset time, and automatically stopping the test process after the preset time is reached;
the log module is used for creating an error log when the error PCI password card is found in the test process, and otherwise, the log is not created; the error log includes: the device serial number of the error PCI cipher card, the slot number of the PCI cipher card and the ID number of the error algorithm.
8. The system for batch detection of PCI cryptographic cards according to claim 7, further comprising:
and the remote control module is used for wirelessly transmitting the error log to a remote terminal.
9. The system for batch detection of PCI cryptographic cards according to claim 7, wherein the multi-cryptographic card detection module is further configured to preset a test time, test each PCI cryptographic card in parallel within the preset time, and automatically stop the test process after the preset time has elapsed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210564140.6A CN114880184B (en) | 2022-05-23 | 2022-05-23 | Method and system for batch detection of PCI cipher cards |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210564140.6A CN114880184B (en) | 2022-05-23 | 2022-05-23 | Method and system for batch detection of PCI cipher cards |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114880184A CN114880184A (en) | 2022-08-09 |
| CN114880184B true CN114880184B (en) | 2023-09-08 |
Family
ID=82678147
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210564140.6A Active CN114880184B (en) | 2022-05-23 | 2022-05-23 | Method and system for batch detection of PCI cipher cards |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114880184B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105680960A (en) * | 2015-12-29 | 2016-06-15 | 深圳市金溢科技股份有限公司 | Automatic test method for Bluetooth card reader, test upper computer and test system |
| CN110597751A (en) * | 2019-08-30 | 2019-12-20 | 北京三未信安科技发展有限公司 | PCI password card access method, system, storage medium and computer equipment |
| CN211768446U (en) * | 2020-03-25 | 2020-10-27 | 邵阳学院 | Computer hard disk batch testing device |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| IES20000160A2 (en) * | 2000-02-29 | 2001-10-17 | Internat Test Technologies | A Method and system for testing microprocessor-based boards in a manufacturing environment |
| US7412639B2 (en) * | 2002-05-24 | 2008-08-12 | Verigy (Singapore) Pte. Ltd. | System and method for testing circuitry on a wafer |
| US10114658B2 (en) * | 2016-05-23 | 2018-10-30 | Baida USA LLC | Concurrent testing of PCI express devices on a server platform |
-
2022
- 2022-05-23 CN CN202210564140.6A patent/CN114880184B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105680960A (en) * | 2015-12-29 | 2016-06-15 | 深圳市金溢科技股份有限公司 | Automatic test method for Bluetooth card reader, test upper computer and test system |
| CN110597751A (en) * | 2019-08-30 | 2019-12-20 | 北京三未信安科技发展有限公司 | PCI password card access method, system, storage medium and computer equipment |
| CN211768446U (en) * | 2020-03-25 | 2020-10-27 | 邵阳学院 | Computer hard disk batch testing device |
Non-Patent Citations (1)
| Title |
|---|
| CMOS图像传感器的并行测试开发;黄海华;《中国优秀硕士学位论文全文数据库》;I140-74 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114880184A (en) | 2022-08-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10872154B2 (en) | Secure device state apparatus and method and lifecycle management | |
| US8059814B1 (en) | Techniques for carrying out seed or key derivation | |
| US10003612B1 (en) | Protection for computing systems from revoked system updates | |
| CN107797827A (en) | Secure storage system and the method for safe storage | |
| US9442833B1 (en) | Managing device identity | |
| CN108347361B (en) | Application program testing method and device, computer equipment and storage medium | |
| TW201635186A (en) | System and method for computing device with improved firmware service security using credential-derived encryption key | |
| CN101432752B (en) | Trusted platform field upgrading system and method | |
| CN106971102A (en) | A kind of start authentication method and device based on harddisk password module | |
| CN111199058B (en) | System and method for ensuring data integrity and confidentiality | |
| US20180089438A1 (en) | Boot images for units under test | |
| CN101493870A (en) | Credible platform module test device | |
| US11329834B2 (en) | System and method for generating and authenticating a physically unclonable function | |
| CN103198037A (en) | Reliable pipe control method and system for IO (input output) equipment | |
| CN102456102A (en) | Method for carrying out identity recertification on particular operation of information system by using Usb key technology | |
| US10382417B2 (en) | Secure protocol for chip authentication | |
| CN115221500A (en) | JTAG control method and device based on chip life cycle | |
| CN114880184B (en) | Method and system for batch detection of PCI cipher cards | |
| US20220200807A1 (en) | Device attestation | |
| CN115062330B (en) | TPM-based intelligent password key password application interface implementation method | |
| CN112632515B (en) | Access method and system of PCI (peripheral component interconnect) password card under PMON (Power management on) | |
| TWI498737B (en) | Debug authorization determining method for motherboard control module and motherboard control module thereof | |
| CN115688120A (en) | Secure chip firmware importing method, secure chip and computer readable storage medium | |
| CN111177752A (en) | A method, device and device for storing trusted files based on static metrics | |
| JP2010160765A (en) | System lsi and debugging method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |