secunet eID PKI Suite Certified CA Kernel, Version 2.0.3
CSV information ?
Status | active |
---|---|
Valid from | 15.01.2021 |
Valid until | 14.01.2026 |
Scheme | 🇩🇪 DE |
Manufacturer | Secunet Security Networks AG |
Category | Network and Network-Related Devices and Systems |
Security level | EAL4, ALC_FLR.2 |
Protection profiles |
Heuristics summary ?
Certificate ?
Extracted keywords
Security level
EAL 4, EAL 2, EAL 4 augmentedSecurity Assurance Requirements (SAR)
ALC_FLR.2, ALC_FLRCertificates
BSI-DSZ-CC-1144-2021, 383-6-3-CRStandards
ISO/IEC 15408, ISO/IEC 18045File metadata
Title: | Certificate BSI-DSZ-CC-1144-2021 |
---|---|
Subject: | secunet eID PKI Suite Certified CA Kernel |
Keywords: | "Common Criteria, Certification, Zertifizierung, secunet, PKI Suite, CA Kernel" |
Author: | Bundesamt für Sicherheit in der Informationstechnik |
Creation date: | D:20210120142647+01'00' |
Modification date: | D:20210202150216+01'00' |
Pages: | 1 |
Creator: | Writer |
Producer: | LibreOffice 6.3 |
Certification report ?
Extracted keywords
Symmetric Algorithms
E2, HMACHash functions
SHA256, SHA-256Protocols
SSH, TLS 1.2Security level
EAL 4, EAL 2, EAL 1, EAL 2+, EAL 4 augmentedSecurity Assurance Requirements (SAR)
AGD_PRE.1, AGD_OPE.1, ALC_FLR.2, ALC_FLR, ALC_CMS.4, AVA_VAN.3, AVA_VAN.5Certificates
BSI-DSZ-CC-1144-2021, BSI-DSZ-CC-0960-2015, 383-6-3-CREvaluation facilities
SRC Security Research & ConsultingCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, 08.01.2021, Evaluation Technical Report (ETR) - Summary, SRC Security Research & Consulting GmbH, (confidential document) [8] Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Konfigurationsliste ALC_CMS.4, cms_secunet+eID+PKI+Suite_V.1.3.6.pdf, secunet Security Networks AG (confidential document) and Configuration list for the TOE, 06.11.2020, Liste aller source code-Dateien, dateiliste.txt, Security Networks AG (confidential document) [10] Guidance documentation for the TOE, Version 3.4.6, 18.12.2020, Handbuch (AGD_PRE.1 undCertification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, 08.01.2021, Evaluation Technical Report (ETR) - Summary, SRC Security Research & Consulting GmbH, (confidential document) [8] Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Konfigurationsliste ALC_CMS.4, cms_secunet+eID+PKI+Suite_V.1.3.6.pdf, secunet Security Networks AG (confidential document) and Configuration list for the TOE, 06.11.2020, Liste aller source code-Dateien, dateiliste.txt, Security Networks AG (confidential document) [10] Guidance documentation for the TOE, Version 3.4.6, 18.12.2020, Handbuch (AGD_PRE.1 undStandards
FIPS 140-2, AIS 32, AIS 38, RFC 5280, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, ICAO, X.509Technical reports
BSI TR-03110, BSI 7148File metadata
Title: | Certification Report BSI-DSZ-CC-1144-2021 |
---|---|
Subject: | secunet eID PKI Suite Certified CA Kernel |
Keywords: | "Common Criteria, Certification, Zertifizierung, secunet, PKI Suite, CA Kernel" |
Author: | Bundesamt für Sicherheit in der Informationstechnik |
Creation date: | D:20210120142647+01'00' |
Modification date: | D:20210201124346+01'00' |
Pages: | 30 |
Creator: | Writer |
Producer: | LibreOffice 6.3 |
Frontpage
Certificate ID: | BSI-DSZ-CC-1144-2021 |
---|---|
Certified item: | secunet eID PKI Suite Certified CA Kernel, Version 2.0.3 |
Certification lab: | BSI |
Developer: | secunet Security Networks AG |
References
Outgoing- BSI-DSZ-CC-0960-2015 - secunet eID PKI Suite Certified CA Kernel Version 1.0.0
Security target ?
Extracted keywords
Symmetric Algorithms
AES, DES, HMACAsymmetric Algorithms
ECDSAHash functions
SHA-1, SHA-256, SHA-224, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512Schemes
MACProtocols
SSLRandomness
RNGElliptic Curves
P-192, P-224, P-256, P-384, P-521, Curve P-256, K-163, K-283, K-409, K-571, B-163, B-233, B-283, B-409, B-571, brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1, brainpoolP224t1, brainpoolP256t1, brainpoolP320t1, brainpoolP384t1, brainpoolP512t1, FRP256v1Block cipher modes
ECB, CBCSecurity level
EAL 4, EAL4, EAL 4 augmented, EAL4 augmentedClaims
A.CPS, A.HSM, OE.CPS, OE.HSMSecurity Assurance Requirements (SAR)
ADV_ARC, ADV_FSP, ADV_IMP.1, ADV_TDS, AGD_OPE, AGD_PRE, ALC_FLR.2, ALC_CMC, ALC_CMS, ALC_DEL, ALC_DVS.1, ALC_FLR, ALC_LCD.1, ALC_TAT.1, ATE_COV, ATE_DPT.1, ATE_FUN, ATE_IND, AVA_VAN.5, AVA_VANSecurity Functional Requirements (SFR)
FAU_STG.1, FAU_GEN.1, FAU_GEN.2, FAU_SEL.1, FAU_STG.4, FAU_GEN.1.1, FAU_GEN.1.2, FAU_GEN.2.1, FAU_SEL.1.1, FAU_STG.1.1, FAU_STG.1.2, FAU_STG.4.1, FCO_NRO_CIMC.3, FCO_NRO_CIMC.4, FCO_NRO_CIMC.3.1, FCO_NRO_CIMC.3.2, FCO_NRO_CIMC.3.3, FCO_NRO_CIMC.4.1, FCO_NRO_CIMC.4.2, FCS_CKM_CIMC.5, FCS_CKM.1, FCS_CKM_CIMC.5.1, FCS_CKM.4, FCS_SOF_CIMC.1, FDP_CIMC_CER.1, FDP_ETC_CIMC.5, FDP_UCT.1, FDP_ITT.1, FDP_ACC.1, FDP_ACF.1, FDP_CIMC_CRL.1, FDP_CIMC_CSE.1, FDP_SDI_CIMC.3, FDP_CIMC_OCSP.1, FDP_ACF_CIMC.2, FDP_ACF_CIMC.3, FDP_ACC.1.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_CIMC_CSE.1.1, FDP_SDI_CIMC.3.1, FDP_SDI_CIMC.3.2, FDP_CIMC_CER.1.1, FDP_CIMC_CER.1.2, FDP_CIMC_CER.1.3, FDP_CIMC_CER.1.4, FDP_CIMC_CRL.1.1, FDP_IFC.1, FIA_ATD.1, FIA_SOS.1, FIA_UAU.1, FIA_UID.1, FIA_USB.1, FIA_ATD.1.1, FIA_SOS.1.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UID.1.1, FIA_UID.1.2, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FIA_UAU, FMT_MTD_CIMC.7, FMT_MOF.1, FMT_MOF_CIMC.3, FMT_MOF_CIMC.5, FMT_MTD.1, FMT_MSA.1, FMT_SMR.1, FMT_MOF_CIMC.6, FMT_MTD_CIMC.4, FMT_MTD_CIMC.5, FMT_MOF.1.1, FMT_MSA.1.1, FMT_MTD.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_MOF_CIMC.3.1, FMT_MOF_CIMC.3.2, FMT_MOF_CIMC.3.3, FMT_MOF_CIMC.3.4, FMT_MOF_CIMC.5.1, FMT_MOF_CIMC.5.2, FMT_MOF_CIMC.5.3, FMT_MSA.3, FMT_SMF.1, FPT_ITC.1, FPT_ITT.1, FPT_CIMC_TSP.1, FPT_STM.1, FPT_CIMC_TSP.1.1, FPT_CIMC_TSP.1.2, FPT_CIMC_TSP.1.3, FPT_CIMC_TSP.1.4Certificates
BSI-DSZ-CC-1144Standards
FIPS 140-2, FIPS 186-2, FIPS140-2, FIPS PUB 140-2, NIST SP 800-90, PKCS #1, PKCS#1, RFC5280, RFC6960, RFC2104, RFC 5280, RFC4210, RFC4211, ICAO, X.509, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004Technical reports
BSI TR-03110File metadata
Title: | secunet eID PKI Suite Certified CA Kernel Security Target |
---|---|
Subject: | Common Criteria certification of secunet eID PKI Suite Certified CA Kernel (in short: Certified CA Kernel) |
Keywords: | Public Key Infrastructure, PKI, Certificate Issuing and Management Component |
Author: | secunet Security Networks AG |
Creation date: | D:20210108101730Z00'00' |
Modification date: | D:20210108111900+01'00' |
Pages: | 75 |
Creator: | Word |
Producer: | macOS Version 10.15.7 (Build 19H2) Quartz PDFContext |
References
OutgoingHeuristics ?
Extracted SARs
AVA_VAN.5, ALC_FLR.2, ALC_DVS.1, ADV_IMP.1, ALC_TAT.1, ALC_LCD.1, AGD_PRE.1, ATE_DPT.1, AGD_OPE.1, ALC_CMS.4Scheme data ?
Cert Id | BSI-DSZ-CC-1144-2021 | |
---|---|---|
Product | secunet eID PKI Suite Certified CA Kernel, Version 2.0.3 | |
Vendor | secunet Security Networks AG | |
Certification Date | 15.01.2021 | |
Category | Network and Network related Devices and Systems | |
Url | https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Netzwerk_und_Kommunikationsprodukte/1144.html | |
Enhanced | ||
Product | secunet eID PKI Suite Certified CA Kernel, Version 2.0.3 | |
Applicant | secunet Security Networks AG Weidenauer Straße 223-225 57076 Siegen | |
Evaluation Facility | SRC Security Research & Consulting GmbH | |
Assurance Level | EAL4,ALC_FLR.2 | |
Protection Profile | Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Communications Security Establishment Canada, Document number: 383-6-3-CR | |
Certification Date | 15.01.2021 | |
Expiration Date | 14.01.2026 | |
Target Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144b_pdf.pdf?__blob=publicationFile&v=4 | |
Cert Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144c_pdf.pdf?__blob=publicationFile&v=4 | |
Description | The Target of evaluation is the product secunet eID PKI Suite Certified CA Kernel provided by secunet Security Networks AG. The TOE type is "Certificate Issuing and Management Component". The TOE is a CA (Certification Authority) Kernel that provides request, issuance, revocation, and overall management of certificates and certificate status information. The secunet eID PKI Suite Certified CA Kernel supports Extended Access Control Certification Authorities (EAC CAs,) according the Technical Guideline BSI TR-03110 and International Civil Aviation Organization CAs (ICAO CAs), which are X.509 CAs according to ITU-T X.509. For cryptographic operations the secunet CA Kernel relies on a FIPS-2 Level 3 validated Hardware Security Module (HSM). The CA-Server administrator integrates the secunet eID PKI Suite Certified CA Kernel into a TOE functional environment. He is defined as the TOE end-user. |
References ?
Updates ?
-
15.02.2024 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The following values were inserted:
{'report': {'_type': 'sec_certs.sample.cc.CCCertificate.DocumentState', 'download_ok': True, 'convert_garbage': False, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '791f3810e8feabeb6ecd3b3cd7d7792cdfaccb8bbb95e7bbce38d383ff5c1dfb', 'txt_hash': '89a08e342e5977cb9144f871c6314198b43d0acee74796d51d54cf114eba7491'}, 'st': {'_type': 'sec_certs.sample.cc.CCCertificate.DocumentState', 'download_ok': True, 'convert_garbage': False, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '829c5c955e3a5ac85ba0e37c4e3c12c2f0953e786b6e61ae15188522d8c575ee', 'txt_hash': '7d5ec433d3dbade33ff14a74d315e0e9d5a3717a943698b1e4b4f699b466d384'}, 'cert': {'_type': 'sec_certs.sample.cc.CCCertificate.DocumentState', 'download_ok': True, 'convert_garbage': False, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '860e7a5a6f89bf7f115610bdf694c2fc56a301db7cf31fbffc45343671b0b50a', 'txt_hash': 'a03ada1c13d973e22149bde4c278f27c912cedb1ec1e1a2968b8683ec8aff1e5'}}
. - The following properties were deleted:
['st_download_ok', 'report_download_ok', 'st_convert_garbage', 'report_convert_garbage', 'st_convert_ok', 'report_convert_ok', 'st_extract_ok', 'report_extract_ok', 'st_pdf_hash', 'report_pdf_hash', 'st_txt_hash', 'report_txt_hash']
.
The PDF extraction data was updated.
- The following values were inserted:
{'cert_metadata': {'pdf_file_size_bytes': 242421, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 1, '/Author': 'Bundesamt für Sicherheit in der Informationstechnik', '/CreationDate': "D:20210120142647+01'00'", '/Creator': 'Writer', '/Keywords': '"Common Criteria, Certification, Zertifizierung, secunet, PKI Suite, CA Kernel"', '/ModDate': "D:20210202150216+01'00'", '/Producer': 'LibreOffice 6.3', '/Subject': 'secunet eID PKI Suite Certified CA Kernel', '/Title': 'Certificate BSI-DSZ-CC-1144-2021', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}, 'cert_frontpage': None, 'cert_keywords': {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1144-2021': 1}, 'CA': {'383-6-3-CR': 1}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 1, 'EAL 2': 1, 'EAL 4 augmented': 1}}, 'cc_sar': {'ALC': {'ALC_FLR.2': 1, 'ALC_FLR': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'ISO': {'ISO/IEC 15408': 2, 'ISO/IEC 18045': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}, 'cert_filename': '1144c_pdf.pdf'}
. - The report_frontpage property was set to
{'DE': {'match_rules': ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)'], 'cert_id': 'BSI-DSZ-CC-1144-2021', 'cert_item': 'secunet eID PKI Suite Certified CA Kernel, Version 2.0.3', 'developer': 'secunet Security Networks AG', 'cert_lab': 'BSI', 'ref_protection_profiles': 'Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Communications Security Establishment Canada, Document number: 383-6-3-CR', 'cc_version': 'PP conformant Common Criteria Part 2 extended', 'cc_security_level': 'Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.2'}}
. - The st_frontpage property was set to
None
. - The report_keywords property was updated, with the
{'cc_cert_id': {'__insert__': {'CA': {'383-6-3-CR': 4}}, '__update__': {'DE': {'__update__': {'BSI-DSZ-CC-1144-2021': 16, 'BSI-DSZ-CC-0960-2015': 3}}}}}
data. - The st_keywords property was updated, with the
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-1144': 2}}}
data.
- The following values were inserted:
-
13.02.2024 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_keywords property was updated, with the
{'cc_cert_id': {'__update__': {'DE': {'__update__': {'BSI-DSZ-CC-1144-2021': 32, 'BSI-DSZ-CC-0960-2015': 6}}}, '__delete__': ['CA']}}
data. - The st_keywords property was updated, with the
{'cc_cert_id': {}}
data.
- The report_keywords property was updated, with the
-
07.02.2024 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_keywords property was updated, with the
{'cc_cert_id': {'__insert__': {'CA': {'383-6-3-CR': 4}}, '__update__': {'DE': {'__update__': {'BSI-DSZ-CC-1144-2021': 16, 'BSI-DSZ-CC-0960-2015': 3}}}}}
data. - The st_keywords property was updated, with the
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-1144': 2}}}
data.
- The report_keywords property was updated, with the
-
04.01.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'annotated_references': None}
.
- The following values were inserted:
-
26.04.2023 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'scheme_data': {'cert_id': 'BSI-DSZ-CC-1144-2021', 'product': 'secunet eID PKI Suite Certified CA Kernel, Version 2.0.3', 'vendor': 'secunet Security Networks AG', 'certification_date': '15.01.2021', 'category': 'Network and Network related Devices and Systems', 'url': 'https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Netzwerk_und_Kommunikationsprodukte/1144.html', 'enhanced': {'product': 'secunet eID PKI Suite Certified CA Kernel, Version 2.0.3', 'applicant': 'secunet Security Networks AG\nWeidenauer Straße 223-225\n57076 Siegen', 'evaluation_facility': 'SRC Security Research & Consulting GmbH', 'assurance_level': 'EAL4,ALC_FLR.2', 'protection_profile': 'Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Communications Security Establishment Canada, Document number: 383-6-3-CR', 'certification_date': '15.01.2021', 'expiration_date': '14.01.2026', 'target_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144b_pdf.pdf?__blob=publicationFile&v=4', 'cert_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144c_pdf.pdf?__blob=publicationFile&v=4', 'description': 'The Target of evaluation is the product secunet eID PKI Suite Certified CA Kernel provided by secunet Security Networks AG. The TOE type is "Certificate Issuing and Management Component". The TOE is a CA (Certification Authority) Kernel that provides request, issuance, revocation, and overall management of certificates and certificate status information. The secunet eID PKI Suite Certified CA Kernel supports Extended Access Control Certification Authorities (EAC CAs,) according the Technical Guideline BSI TR-03110 and International Civil Aviation Organization CAs (ICAO CAs), which are X.509 CAs according to ITU-T X.509. For cryptographic operations the secunet CA Kernel relies on a FIPS-2 Level 3 validated Hardware Security Module (HSM). The CA-Server administrator integrates the secunet eID PKI Suite Certified CA Kernel into a TOE functional environment. He is defined as the TOE end-user.'}}}
.
- The following values were inserted:
-
11.02.2023 The certificate data changed.
Certificate changed
The _type was updated.
- The new value is
sec_certs.sample.cc.CCCertificate
.
The state of the certificate object was updated.
- The _type property was set to
sec_certs.sample.cc.CCCertificate.InternalState
. - The following properties were deleted:
['errors']
.
The PDF extraction data was updated.
- The _type property was set to
sec_certs.sample.cc.CCCertificate.PdfData
.
The computed heuristics were updated.
- The following values were inserted:
{'direct_transitive_cves': None, 'indirect_transitive_cves': None}
. - The _type property was set to
sec_certs.sample.cc.CCCertificate.Heuristics
. - The following properties were deleted:
['direct_dependency_cves', 'indirect_dependency_cves']
.
- The new value is
-
25.12.2022 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The errors property was set to
[]
.
- The errors property was set to
-
25.12.2022 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The errors property was set to
['failed to download report from https://www.commoncriteriaportal.org/files/epfiles/1144a_pdf.pdf, code: nok']
.
- The errors property was set to
-
24.12.2022 The certificate data changed.
Certificate changed
The cert_link was updated.
- The new value is
https://www.commoncriteriaportal.org/files/epfiles/1144c_pdf.pdf
.
The manufacturer_web was updated.
- The new value is
https://www.secunet.com/en/
.
The Protection profiles of the certificate were updated.
- The new value is
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Certificate Issuing and Management Components version 1.5', 'pp_eal': 'EAL4+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/cert-issu-v15-sec-eng.pdf', 'pp_ids': {'_type': 'Set', 'elements': ['CIMC V1.5']}}]}
.
- The new value is
-
23.12.2022 The certificate data changed.
Certificate changed
The cert_link was updated.
- The new value is
None
.
The manufacturer_web was updated.
- The new value is
None
.
The Protection profiles of the certificate were updated.
- The new value is
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'CIMC V1.5', 'pp_eal': None, 'pp_link': None, 'pp_ids': None}]}
.
- The new value is
-
05.10.2022 The certificate data changed.
Certificate changed
The Protection profiles of the certificate were updated.
- The new value is
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Certificate Issuing and Management Components version 1.5', 'pp_eal': 'EAL4+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/cert-issu-v15-sec-eng.pdf', 'pp_ids': {'_type': 'Set', 'elements': ['CIMC V1.5']}}]}
.
The state of the certificate object was updated.
- The following values were inserted:
{'st_convert_garbage': False, 'report_convert_garbage': False}
.
- The new value is
-
04.10.2022 The certificate data changed.
Certificate changed
The Protection profiles of the certificate were updated.
- The new value is
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Certificate Issuing and Management Components version 1.5', 'pp_eal': 'http://www.commoncriteriaportal.org/files/ppfiles/cert-issu-v15-sec-eng.pdf', 'pp_link': None, 'pp_ids': None}]}
.
- The new value is
-
24.09.2022 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The following values were inserted:
{'report_filename': '1144a_pdf.pdf', 'st_filename': '1144b_pdf.pdf'}
. - The report_keywords property was updated, with the
{'cc_cert_id': {'__update__': {'DE': {'__update__': {'BSI-DSZ-CC-1144-2021': 32, 'BSI-DSZ-CC-0960-2015': 6}}}}, 'cc_security_level': {'__update__': {'EAL': {'__update__': {'EAL 4': 6}}}}, 'cc_sar': {'__update__': {'ALC': {'__update__': {'ALC_FLR.2': 4}}, 'AVA': {'__insert__': {'AVA_VAN.3': 1}}}}, 'cc_claims': {}, 'crypto_scheme': {}, 'crypto_protocol': {'__update__': {'TLS': {'__update__': {'TLS': {'TLS 1.2': 1}}}}}, 'randomness': {}, 'tee_name': {}, 'standard_id': {'__insert__': {'RFC': {'RFC 5280': 1}}, '__update__': {'ISO': {'__update__': {'ISO/IEC 15408': 4, 'ISO/IEC 18045': 4}}}}, 'certification_process': {'__update__': {'ConfidentialDocument': {'__insert__': {'being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, 'Security Networks AG (confidential document) [10] Guidance documentation for the TOE, Version 3.4.6, 18.12.2020, Handbuch (AGD_PRE.1 und': 1}, '__delete__': ['identiality being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification', 'secunet Security Networks AG (confidential document) [10] Guidance documentation for the TOE, Version 3.4.6, 18.12.2020, Handbuch (AGD_PRE.1 und']}}}}
data. - The st_keywords property was updated, with the
{'cc_sar': {'__insert__': {'AGD': {'AGD_OPE': 1, 'AGD_PRE': 1}}, '__update__': {'ADV': {'__insert__': {'ADV_ARC': 1, 'ADV_FSP': 1, 'ADV_TDS': 1}}, 'ALC': {'__insert__': {'ALC_CMC': 1, 'ALC_CMS': 1, 'ALC_DEL': 1, 'ALC_FLR': 1}}, 'ATE': {'__insert__': {'ATE_COV': 1, 'ATE_FUN': 1, 'ATE_IND': 1}}, 'AVA': {'__insert__': {'AVA_VAN': 1}}}}, 'cc_sfr': {'__update__': {'FAU': {'__update__': {'FAU_SEL.1': 8}}, 'FDP': {'__update__': {'FDP_ACF.1.1': 5}}, 'FIA': {'__insert__': {'FIA_UAU': 1}}}}, 'vendor': {}, 'asymmetric_crypto': {'__delete__': ['FF']}, 'crypto_scheme': {'__update__': {'MAC': {'__update__': {'MAC': 4}}}}, 'randomness': {'__update__': {'RNG': {'__update__': {'RNG': 1}}}}, 'ecc_curve': {'__update__': {'NIST': {'__update__': {'P-521': 2}}}}, 'standard_id': {'__update__': {'RFC': {'__insert__': {'RFC4211': 1}}, 'X509': {'__update__': {'X.509': 30}}}}}
data.
- The following values were inserted:
-
18.07.2022 The certificate data changed.
Certificate changed
The _type was updated.
- The new value is
sec_certs.sample.common_criteria.CommonCriteriaCert
.
The Protection profiles of the certificate were updated.
- The new value is
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Certificate Issuing and Management Components version 1.5', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/cert-issu-v15-sec-eng.pdf', 'pp_ids': {'_type': 'Set', 'elements': ['CIMC V1.5']}}]}
.
The state of the certificate object was updated.
- The _type property was set to
sec_certs.sample.common_criteria.CommonCriteriaCert.InternalState
.
The PDF extraction data was updated.
- The _type property was set to
sec_certs.sample.common_criteria.CommonCriteriaCert.PdfData
.
The computed heuristics were updated.
- The _type property was set to
sec_certs.sample.common_criteria.CommonCriteriaCert.Heuristics
. - The st_references property was updated, with the
{'_type': 'sec_certs.sample.certificate.References'}
data. - The report_references property was updated, with the
{'_type': 'sec_certs.sample.certificate.References'}
data. - The extracted_sars property was set to
{'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}]}
.
- The new value is
-
17.07.2022 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_metadata property was updated, with the
{'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.sogis.eu/', 'https://www.bsi.bund.de/zertifizierungsreporte', 'http://www.commoncriteriaportal.org/', 'https://www.bsi.bund.de/', 'http://www.commoncriteriaportal.org/cc/', 'https://www.bsi.bund.de/zertifizierung', 'https://www.bsi.bund.de/AIS']}}
values inserted. - The st_metadata property was updated, with the
{'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}
values inserted. - The report_keywords property was set to
{'cc_cert_id': {'DE': {'BSI-DSZ-CC-1144-2021': 60, 'BSI-DSZ-CC-0960-2015': 4}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 5, 'EAL 2': 2, 'EAL 1': 1, 'EAL 2+': 1, 'EAL 4 augmented': 3}}, 'cc_sar': {'AGD': {'AGD_PRE.1': 1, 'AGD_OPE.1': 1}, 'ALC': {'ALC_FLR.2': 3, 'ALC_FLR': 3, 'ALC_CMS.4': 1}, 'AVA': {'AVA_VAN.5': 1}}, 'cc_sfr': {}, 'cc_claims': {'T': {'T.MF': 1}}, 'vendor': {}, 'eval_facility': {'SRC': {'SRC Security Research & Consulting': 3}}, 'symmetric_crypto': {'AES_competition': {'E2': {'E2': 1}}, 'constructions': {'MAC': {'HMAC': 3}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA256': 8, 'SHA-256': 1}}}, 'crypto_scheme': {'MAC': {'MAC': 3}}, 'crypto_protocol': {'SSH': {'SSH': 2}, 'TLS': {'TLS': {'TLS': 1}}}, 'randomness': {'RNG': {'RNG': 1}}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI TR-03110': 1, 'BSI 7148': 1}}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 2}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 140-2': 2}, 'BSI': {'AIS 32': 1, 'AIS 38': 1}, 'ISO': {'ISO/IEC 15408': 2, 'ISO/IEC 17065': 2, 'ISO/IEC 18045': 2}, 'ICAO': {'ICAO': 1}, 'X509': {'X.509': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'ConfidentialDocument': {'identiality being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, '08.01.2021, Evaluation Technical Report (ETR) - Summary, SRC Security Research & Consulting GmbH, (confidential document) [8] Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011': 1, 'Konfigurationsliste ALC_CMS.4, cms_secunet+eID+PKI+Suite_V.1.3.6.pdf, secunet Security Networks AG (confidential document) and Configuration list for the TOE, 06.11.2020, Liste aller source code-Dateien, dateiliste.txt': 1, 'secunet Security Networks AG (confidential document) [10] Guidance documentation for the TOE, Version 3.4.6, 18.12.2020, Handbuch (AGD_PRE.1 und': 1}}}
. - The st_keywords property was set to
{'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 5, 'EAL4': 1, 'EAL 4 augmented': 2, 'EAL4 augmented': 1}}, 'cc_sar': {'ADV': {'ADV_IMP.1': 1}, 'ALC': {'ALC_FLR.2': 4, 'ALC_DVS.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.1': 1}, 'ATE': {'ATE_DPT.1': 1}, 'AVA': {'AVA_VAN.5': 2}}, 'cc_sfr': {'FAU': {'FAU_STG.1': 10, 'FAU_GEN.1': 16, 'FAU_GEN.2': 6, 'FAU_SEL.1': 6, 'FAU_STG.4': 6, 'FAU_GEN.1.1': 1, 'FAU_GEN.1.2': 1, 'FAU_GEN.2.1': 1, 'FAU_SEL.1.1': 1, 'FAU_STG.1.1': 1, 'FAU_STG.1.2': 1, 'FAU_STG.4.1': 1}, 'FCO': {'FCO_NRO_CIMC.3': 13, 'FCO_NRO_CIMC.4': 6, 'FCO_NRO_CIMC.3.1': 1, 'FCO_NRO_CIMC.3.2': 1, 'FCO_NRO_CIMC.3.3': 4, 'FCO_NRO_CIMC.4.1': 1, 'FCO_NRO_CIMC.4.2': 1}, 'FCS': {'FCS_CKM_CIMC.5': 7, 'FCS_CKM.1': 1, 'FCS_CKM_CIMC.5.1': 1, 'FCS_CKM.4': 3, 'FCS_SOF_CIMC.1': 1}, 'FDP': {'FDP_CIMC_CER.1': 7, 'FDP_ETC_CIMC.5': 3, 'FDP_UCT.1': 2, 'FDP_ITT.1': 2, 'FDP_ACC.1': 11, 'FDP_ACF.1': 12, 'FDP_CIMC_CRL.1': 7, 'FDP_CIMC_CSE.1': 6, 'FDP_SDI_CIMC.3': 5, 'FDP_CIMC_OCSP.1': 2, 'FDP_ACF_CIMC.2': 1, 'FDP_ACF_CIMC.3': 1, 'FDP_ACC.1.1': 1, 'FDP_ACF.1.1': 1, 'FDP_ACF.1.2': 1, 'FDP_ACF.1.3': 2, 'FDP_ACF.1.4': 2, 'FDP_CIMC_CSE.1.1': 1, 'FDP_SDI_CIMC.3.1': 2, 'FDP_SDI_CIMC.3.2': 2, 'FDP_CIMC_CER.1.1': 2, 'FDP_CIMC_CER.1.2': 2, 'FDP_CIMC_CER.1.3': 2, 'FDP_CIMC_CER.1.4': 1, 'FDP_CIMC_CRL.1.1': 1, 'FDP_IFC.1': 1}, 'FIA': {'FIA_ATD.1': 8, 'FIA_SOS.1': 8, 'FIA_UAU.1': 9, 'FIA_UID.1': 19, 'FIA_USB.1': 6, 'FIA_ATD.1.1': 1, 'FIA_SOS.1.1': 1, 'FIA_UAU.1.1': 1, 'FIA_UAU.1.2': 1, 'FIA_UID.1.1': 1, 'FIA_UID.1.2': 1, 'FIA_USB.1.1': 1, 'FIA_USB.1.2': 1, 'FIA_USB.1.3': 1}, 'FMT': {'FMT_MTD_CIMC.7': 3, 'FMT_MOF.1': 16, 'FMT_MOF_CIMC.3': 7, 'FMT_MOF_CIMC.5': 8, 'FMT_MTD.1': 10, 'FMT_MSA.1': 8, 'FMT_SMR.1': 18, 'FMT_MOF_CIMC.6': 3, 'FMT_MTD_CIMC.4': 1, 'FMT_MTD_CIMC.5': 1, 'FMT_MOF.1.1': 1, 'FMT_MSA.1.1': 1, 'FMT_MTD.1.1': 1, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1, 'FMT_MOF_CIMC.3.1': 2, 'FMT_MOF_CIMC.3.2': 3, 'FMT_MOF_CIMC.3.3': 3, 'FMT_MOF_CIMC.3.4': 2, 'FMT_MOF_CIMC.5.1': 2, 'FMT_MOF_CIMC.5.2': 3, 'FMT_MOF_CIMC.5.3': 3, 'FMT_MSA.3': 2, 'FMT_SMF.1': 6}, 'FPT': {'FPT_ITC.1': 2, 'FPT_ITT.1': 2, 'FPT_CIMC_TSP.1': 7, 'FPT_STM.1': 3, 'FPT_CIMC_TSP.1.1': 1, 'FPT_CIMC_TSP.1.2': 1, 'FPT_CIMC_TSP.1.3': 1, 'FPT_CIMC_TSP.1.4': 1}}, 'cc_claims': {'A': {'A.CPS': 3, 'A.HSM': 3}, 'OE': {'OE.CPS': 5, 'OE.HSM': 5}}, 'vendor': {'STMicroelectronics': {'STM': 3}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 3}}, 'DES': {'DES': {'DES': 3}}, 'constructions': {'MAC': {'HMAC': 12}}}, 'asymmetric_crypto': {'ECC': {'ECDSA': {'ECDSA': 2}}, 'FF': {'DSA': {'DSA': 2}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 3}, 'SHA2': {'SHA-256': 6, 'SHA-224': 5, 'SHA-384': 5, 'SHA-512': 6}, 'SHA3': {'SHA3-224': 2, 'SHA3-256': 2, 'SHA3-384': 2, 'SHA3-512': 2}}}, 'crypto_scheme': {'MAC': {'MAC': 15}}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 2}}}, 'randomness': {'RNG': {'RNG': 5}}, 'cipher_mode': {'ECB': {'ECB': 1}, 'CBC': {'CBC': 1}}, 'ecc_curve': {'NIST': {'P-192': 2, 'P-224': 4, 'P-256': 3, 'P-384': 4, 'P-521': 4, 'Curve P-256': 1, 'K-163': 1, 'K-283': 1, 'K-409': 1, 'K-571': 1, 'B-163': 1, 'B-233': 1, 'B-283': 1, 'B-409': 1, 'B-571': 1}, 'Brainpool': {'brainpoolP224r1': 1, 'brainpoolP256r1': 1, 'brainpoolP320r1': 1, 'brainpoolP384r1': 1, 'brainpoolP512r1': 1, 'brainpoolP224t1': 1, 'brainpoolP256t1': 1, 'brainpoolP320t1': 1, 'brainpoolP384t1': 1, 'brainpoolP512t1': 1}, 'ANSSI': {'FRP256v1': 1}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI TR-03110': 7}}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 140-2': 9, 'FIPS 186-2': 4, 'FIPS140-2': 1, 'FIPS PUB 140-2': 1}, 'NIST': {'NIST SP 800-90': 1}, 'PKCS': {'PKCS #1': 2, 'PKCS#1': 2}, 'RFC': {'RFC5280': 4, 'RFC6960': 3, 'RFC2104': 5, 'RFC 5280': 3, 'RFC4210': 1}, 'ICAO': {'ICAO': 2}, 'X509': {'X.509': 28}, 'CC': {'CCMB-2017-04-001': 1, 'CCMB-2017-04-002': 1, 'CCMB-2017-04-003': 1, 'CCMB-2017-04-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}
.
The computed heuristics were updated.
- The _type property was set to
Heuristics
.
- The report_metadata property was updated, with the
-
14.06.2022 The certificate data changed.
Certificate changed
The state of the certificate object was updated.
- The following values were inserted:
{'report_pdf_hash': '791f3810e8feabeb6ecd3b3cd7d7792cdfaccb8bbb95e7bbce38d383ff5c1dfb', 'st_pdf_hash': '829c5c955e3a5ac85ba0e37c4e3c12c2f0953e786b6e61ae15188522d8c575ee', 'report_txt_hash': '89a08e342e5977cb9144f871c6314198b43d0acee74796d51d54cf114eba7491', 'st_txt_hash': '7d5ec433d3dbade33ff14a74d315e0e9d5a3717a943698b1e4b4f699b466d384'}
.
The PDF extraction data was updated.
- The report_keywords property was updated, with the
{'rules_symmetric_crypto': {'E2': 1, 'HMAC': 3}, 'rules_asymmetric_crypto': {}, 'rules_pq_crypto': {}, 'rules_hashes': {'SHA256': 8, 'SHA-256': 1}, 'rules_crypto_schemes': {'MAC': 3, 'TLS': 1}, 'rules_randomness': {'RNG': 1}, 'rules_tee': {'SE': 2}, 'rules_side_channels': {}}
values inserted. - The st_keywords property was updated, with the
{'rules_ecc_curves': {'__insert__': {'K-163': 1, 'K-283': 1, 'K-409': 1, 'K-571': 1, 'B-163': 1, 'B-233': 1, 'B-283': 1, 'B-409': 1, 'B-571': 1}, '__update__': {'P-256': 2}}}
data.
- The following values were inserted:
-
13.05.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'extracted_sars': {'_type': 'Set', 'elements': [{'_type': 'SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'SAR', 'family': 'AVA_VAN', 'level': 5}, {'_type': 'SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_FLR', 'level': 2}]}}
.
- The following values were inserted:
-
24.04.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'direct_dependency_cves': None, 'indirect_dependency_cves': None}
.
- The following values were inserted:
-
08.03.2022 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The following values were inserted:
{'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'report_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0960-2015']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0960-2015']}}}
. - The following properties were deleted:
['directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting']
.
- The following values were inserted:
-
18.02.2022 The certificate data changed.
Certificate changed
The PDF extraction data was updated.
- The report_frontpage property was updated, with the
{'nscib': {}, 'niap': {}, 'canada': {}}
values inserted. - The st_frontpage property was updated, with the
{'nscib': {}, 'niap': {}, 'canada': {}}
values inserted.
The computed heuristics were updated.
- The extracted_versions property was set to
{'_type': 'Set', 'elements': ['2.0.3']}
.
- The report_frontpage property was updated, with the
-
01.02.2022 The certificate data changed.
Certificate changed
The Protection profiles of the certificate were updated.
- The new value is
{'_type': 'Set', 'elements': [{'_type': 'ProtectionProfile', 'pp_name': 'Certificate Issuing and Management Components version 1.5', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/cert-issu-v15-sec-eng.pdf', 'pp_ids': {'_type': 'Set', 'elements': ['CIMC V1.5']}}]}
.
- The new value is
-
28.01.2022 The certificate was first processed.
New certificate
A new Common Criteria certificate with the product name secunet eID PKI Suite Certified CA Kernel, Version 2.0.3 was processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Network and Network-Related Devices and Systems",
"cert_link": "https://www.commoncriteriaportal.org/files/epfiles/1144c_pdf.pdf",
"dgst": "1416afc51d8ce022",
"heuristics": {
"_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-1144-2021",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_LCD",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DVS",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 4
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"2.0.3"
]
},
"indirect_transitive_cves": null,
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0960-2015"
]
},
"indirectly_referenced_by": null,
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-0960-2015"
]
}
},
"scheme_data": {
"category": "Network and Network related Devices and Systems",
"cert_id": "BSI-DSZ-CC-1144-2021",
"certification_date": "15.01.2021",
"enhanced": {
"applicant": "secunet Security Networks AG\nWeidenauer Stra\u00dfe 223-225\n57076 Siegen",
"assurance_level": "EAL4,ALC_FLR.2",
"cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144c_pdf.pdf?__blob=publicationFile\u0026v=4",
"certification_date": "15.01.2021",
"description": "The Target of evaluation is the product secunet eID PKI Suite Certified CA Kernel provided by secunet Security Networks AG. The TOE type is \"Certificate Issuing and Management Component\". The TOE is a CA (Certification Authority) Kernel that provides request, issuance, revocation, and overall management of certificates and certificate status information. The secunet eID PKI Suite Certified CA Kernel supports Extended Access Control Certification Authorities (EAC CAs,) according the Technical Guideline BSI TR-03110 and International Civil Aviation Organization CAs (ICAO CAs), which are X.509 CAs according to ITU-T X.509. For cryptographic operations the secunet CA Kernel relies on a FIPS-2 Level 3 validated Hardware Security Module (HSM). The CA-Server administrator integrates the secunet eID PKI Suite Certified CA Kernel into a TOE functional environment. He is defined as the TOE end-user.",
"evaluation_facility": "SRC Security Research \u0026 Consulting GmbH",
"expiration_date": "14.01.2026",
"product": "secunet eID PKI Suite Certified CA Kernel, Version 2.0.3",
"protection_profile": "Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Communications Security Establishment Canada, Document number: 383-6-3-CR",
"target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144b_pdf.pdf?__blob=publicationFile\u0026v=4"
},
"product": "secunet eID PKI Suite Certified CA Kernel, Version 2.0.3",
"url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Netzwerk_und_Kommunikationsprodukte/1144.html",
"vendor": "secunet Security Networks AG"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "Secunet Security Networks AG",
"manufacturer_web": "https://www.secunet.com/en/",
"name": "secunet eID PKI Suite Certified CA Kernel, Version 2.0.3",
"not_valid_after": "2026-01-14",
"not_valid_before": "2021-01-15",
"pdf_data": {
"_type": "sec_certs.sample.cc.CCCertificate.PdfData",
"cert_filename": "1144c_pdf.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"CA": {
"383-6-3-CR": 1
},
"DE": {
"BSI-DSZ-CC-1144-2021": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {
"ALC": {
"ALC_FLR": 1,
"ALC_FLR.2": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 2": 1,
"EAL 4": 1,
"EAL 4 augmented": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"ISO": {
"ISO/IEC 15408": 2,
"ISO/IEC 18045": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": {
"/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"/CreationDate": "D:20210120142647+01\u002700\u0027",
"/Creator": "Writer",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, secunet, PKI Suite, CA Kernel\"",
"/ModDate": "D:20210202150216+01\u002700\u0027",
"/Producer": "LibreOffice 6.3",
"/Subject": "secunet eID PKI Suite Certified CA Kernel",
"/Title": "Certificate BSI-DSZ-CC-1144-2021",
"pdf_file_size_bytes": 242421,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 1
},
"report_filename": "1144a_pdf.pdf",
"report_frontpage": {
"DE": {
"cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.2",
"cc_version": "PP conformant Common Criteria Part 2 extended",
"cert_id": "BSI-DSZ-CC-1144-2021",
"cert_item": "secunet eID PKI Suite Certified CA Kernel, Version 2.0.3",
"cert_lab": "BSI",
"developer": "secunet Security Networks AG",
"match_rules": [
"(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
],
"ref_protection_profiles": "Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Communications Security Establishment Canada, Document number: 383-6-3-CR"
}
},
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"CA": {
"383-6-3-CR": 4
},
"DE": {
"BSI-DSZ-CC-0960-2015": 3,
"BSI-DSZ-CC-1144-2021": 16
}
},
"cc_claims": {},
"cc_protection_profile_id": {},
"cc_sar": {
"AGD": {
"AGD_OPE.1": 1,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_CMS.4": 1,
"ALC_FLR": 3,
"ALC_FLR.2": 4
},
"AVA": {
"AVA_VAN.3": 1,
"AVA_VAN.5": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 2,
"EAL 2+": 1,
"EAL 4": 6,
"EAL 4 augmented": 3
}
},
"cc_sfr": {},
"certification_process": {
"ConfidentialDocument": {
"08.01.2021, Evaluation Technical Report (ETR) - Summary, SRC Security Research \u0026 Consulting GmbH, (confidential document) [8] Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011": 1,
"Konfigurationsliste ALC_CMS.4, cms_secunet+eID+PKI+Suite_V.1.3.6.pdf, secunet Security Networks AG (confidential document) and Configuration list for the TOE, 06.11.2020, Liste aller source code-Dateien, dateiliste.txt": 1,
"Security Networks AG (confidential document) [10] Guidance documentation for the TOE, Version 3.4.6, 18.12.2020, Handbuch (AGD_PRE.1 und": 1,
"being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1
}
},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"SSH": {
"SSH": 2
},
"TLS": {
"TLS": {
"TLS 1.2": 1
}
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"SRC": {
"SRC Security Research \u0026 Consulting": 3
}
},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-256": 1,
"SHA256": 8
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"BSI": {
"AIS 32": 1,
"AIS 38": 1
},
"FIPS": {
"FIPS 140-2": 2
},
"ICAO": {
"ICAO": 1
},
"ISO": {
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4
},
"RFC": {
"RFC 5280": 1
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"E2": {
"E2": 1
}
},
"constructions": {
"MAC": {
"HMAC": 3
}
}
},
"technical_report_id": {
"BSI": {
"BSI 7148": 1,
"BSI TR-03110": 1
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"/CreationDate": "D:20210120142647+01\u002700\u0027",
"/Creator": "Writer",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, secunet, PKI Suite, CA Kernel\"",
"/ModDate": "D:20210201124346+01\u002700\u0027",
"/Producer": "LibreOffice 6.3",
"/Subject": "secunet eID PKI Suite Certified CA Kernel",
"/Title": "Certification Report BSI-DSZ-CC-1144-2021",
"pdf_file_size_bytes": 435936,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.bsi.bund.de/zertifizierung",
"https://www.bsi.bund.de/zertifizierungsreporte",
"https://www.sogis.eu/",
"http://www.commoncriteriaportal.org/cc/",
"https://www.bsi.bund.de/AIS",
"http://www.commoncriteriaportal.org/",
"https://www.bsi.bund.de/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 30
},
"st_filename": "1144b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDSA": {
"ECDSA": 2
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1144": 2
}
},
"cc_claims": {
"A": {
"A.CPS": 3,
"A.HSM": 3
},
"OE": {
"OE.CPS": 5,
"OE.HSM": 5
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_ARC": 1,
"ADV_FSP": 1,
"ADV_IMP.1": 1,
"ADV_TDS": 1
},
"AGD": {
"AGD_OPE": 1,
"AGD_PRE": 1
},
"ALC": {
"ALC_CMC": 1,
"ALC_CMS": 1,
"ALC_DEL": 1,
"ALC_DVS.1": 1,
"ALC_FLR": 1,
"ALC_FLR.2": 4,
"ALC_LCD.1": 1,
"ALC_TAT.1": 1
},
"ATE": {
"ATE_COV": 1,
"ATE_DPT.1": 1,
"ATE_FUN": 1,
"ATE_IND": 1
},
"AVA": {
"AVA_VAN": 1,
"AVA_VAN.5": 2
}
},
"cc_security_level": {
"EAL": {
"EAL 4": 5,
"EAL 4 augmented": 2,
"EAL4": 1,
"EAL4 augmented": 1
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN.1": 16,
"FAU_GEN.1.1": 1,
"FAU_GEN.1.2": 1,
"FAU_GEN.2": 6,
"FAU_GEN.2.1": 1,
"FAU_SEL.1": 8,
"FAU_SEL.1.1": 1,
"FAU_STG.1": 10,
"FAU_STG.1.1": 1,
"FAU_STG.1.2": 1,
"FAU_STG.4": 6,
"FAU_STG.4.1": 1
},
"FCO": {
"FCO_NRO_CIMC.3": 13,
"FCO_NRO_CIMC.3.1": 1,
"FCO_NRO_CIMC.3.2": 1,
"FCO_NRO_CIMC.3.3": 4,
"FCO_NRO_CIMC.4": 6,
"FCO_NRO_CIMC.4.1": 1,
"FCO_NRO_CIMC.4.2": 1
},
"FCS": {
"FCS_CKM.1": 1,
"FCS_CKM.4": 3,
"FCS_CKM_CIMC.5": 7,
"FCS_CKM_CIMC.5.1": 1,
"FCS_SOF_CIMC.1": 1
},
"FDP": {
"FDP_ACC.1": 11,
"FDP_ACC.1.1": 1,
"FDP_ACF.1": 12,
"FDP_ACF.1.1": 5,
"FDP_ACF.1.2": 1,
"FDP_ACF.1.3": 2,
"FDP_ACF.1.4": 2,
"FDP_ACF_CIMC.2": 1,
"FDP_ACF_CIMC.3": 1,
"FDP_CIMC_CER.1": 7,
"FDP_CIMC_CER.1.1": 2,
"FDP_CIMC_CER.1.2": 2,
"FDP_CIMC_CER.1.3": 2,
"FDP_CIMC_CER.1.4": 1,
"FDP_CIMC_CRL.1": 7,
"FDP_CIMC_CRL.1.1": 1,
"FDP_CIMC_CSE.1": 6,
"FDP_CIMC_CSE.1.1": 1,
"FDP_CIMC_OCSP.1": 2,
"FDP_ETC_CIMC.5": 3,
"FDP_IFC.1": 1,
"FDP_ITT.1": 2,
"FDP_SDI_CIMC.3": 5,
"FDP_SDI_CIMC.3.1": 2,
"FDP_SDI_CIMC.3.2": 2,
"FDP_UCT.1": 2
},
"FIA": {
"FIA_ATD.1": 8,
"FIA_ATD.1.1": 1,
"FIA_SOS.1": 8,
"FIA_SOS.1.1": 1,
"FIA_UAU": 1,
"FIA_UAU.1": 9,
"FIA_UAU.1.1": 1,
"FIA_UAU.1.2": 1,
"FIA_UID.1": 19,
"FIA_UID.1.1": 1,
"FIA_UID.1.2": 1,
"FIA_USB.1": 6,
"FIA_USB.1.1": 1,
"FIA_USB.1.2": 1,
"FIA_USB.1.3": 1
},
"FMT": {
"FMT_MOF.1": 16,
"FMT_MOF.1.1": 1,
"FMT_MOF_CIMC.3": 7,
"FMT_MOF_CIMC.3.1": 2,
"FMT_MOF_CIMC.3.2": 3,
"FMT_MOF_CIMC.3.3": 3,
"FMT_MOF_CIMC.3.4": 2,
"FMT_MOF_CIMC.5": 8,
"FMT_MOF_CIMC.5.1": 2,
"FMT_MOF_CIMC.5.2": 3,
"FMT_MOF_CIMC.5.3": 3,
"FMT_MOF_CIMC.6": 3,
"FMT_MSA.1": 8,
"FMT_MSA.1.1": 1,
"FMT_MSA.3": 2,
"FMT_MTD.1": 10,
"FMT_MTD.1.1": 1,
"FMT_MTD_CIMC.4": 1,
"FMT_MTD_CIMC.5": 1,
"FMT_MTD_CIMC.7": 3,
"FMT_SMF.1": 6,
"FMT_SMR.1": 18,
"FMT_SMR.1.1": 1,
"FMT_SMR.1.2": 1
},
"FPT": {
"FPT_CIMC_TSP.1": 7,
"FPT_CIMC_TSP.1.1": 1,
"FPT_CIMC_TSP.1.2": 1,
"FPT_CIMC_TSP.1.3": 1,
"FPT_CIMC_TSP.1.4": 1,
"FPT_ITC.1": 2,
"FPT_ITT.1": 2,
"FPT_STM.1": 3
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"ECB": {
"ECB": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 2
}
}
},
"crypto_scheme": {
"MAC": {
"MAC": 4
}
},
"device_model": {},
"ecc_curve": {
"ANSSI": {
"FRP256v1": 1
},
"Brainpool": {
"brainpoolP224r1": 1,
"brainpoolP224t1": 1,
"brainpoolP256r1": 1,
"brainpoolP256t1": 1,
"brainpoolP320r1": 1,
"brainpoolP320t1": 1,
"brainpoolP384r1": 1,
"brainpoolP384t1": 1,
"brainpoolP512r1": 1,
"brainpoolP512t1": 1
},
"NIST": {
"B-163": 1,
"B-233": 1,
"B-283": 1,
"B-409": 1,
"B-571": 1,
"Curve P-256": 1,
"K-163": 1,
"K-283": 1,
"K-409": 1,
"K-571": 1,
"P-192": 2,
"P-224": 4,
"P-256": 3,
"P-384": 4,
"P-521": 2
}
},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 3
},
"SHA2": {
"SHA-224": 5,
"SHA-256": 6,
"SHA-384": 5,
"SHA-512": 6
},
"SHA3": {
"SHA3-224": 2,
"SHA3-256": 2,
"SHA3-384": 2,
"SHA3-512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2017-04-001": 1,
"CCMB-2017-04-002": 1,
"CCMB-2017-04-003": 1,
"CCMB-2017-04-004": 1
},
"FIPS": {
"FIPS 140-2": 9,
"FIPS 186-2": 4,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"ICAO": {
"ICAO": 2
},
"NIST": {
"NIST SP 800-90": 1
},
"PKCS": {
"PKCS #1": 2,
"PKCS#1": 2
},
"RFC": {
"RFC 5280": 3,
"RFC2104": 5,
"RFC4210": 1,
"RFC4211": 1,
"RFC5280": 4,
"RFC6960": 3
},
"X509": {
"X.509": 30
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 3
}
},
"DES": {
"DES": {
"DES": 3
}
},
"constructions": {
"MAC": {
"HMAC": 12
}
}
},
"technical_report_id": {
"BSI": {
"BSI TR-03110": 7
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"st_metadata": {
"/Author": "secunet Security Networks AG",
"/CreationDate": "D:20210108101730Z00\u002700\u0027",
"/Creator": "Word",
"/Keywords": "Public Key Infrastructure, PKI, Certificate Issuing and Management Component",
"/ModDate": "D:20210108111900+01\u002700\u0027",
"/Producer": "macOS Version 10.15.7 (Build 19H2) Quartz PDFContext",
"/Subject": "Common Criteria certification of secunet eID PKI Suite Certified CA Kernel (in short: Certified CA Kernel)",
"/Title": "secunet eID PKI Suite Certified CA Kernel Security Target",
"pdf_file_size_bytes": 1688822,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 75
}
},
"protection_profiles": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.protection_profile.ProtectionProfile",
"pp_eal": "EAL4+",
"pp_ids": {
"_type": "Set",
"elements": [
"CIMC V1.5"
]
},
"pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/cert-issu-v15-sec-eng.pdf",
"pp_name": "Certificate Issuing and Management Components version 1.5"
}
]
},
"report_link": "https://www.commoncriteriaportal.org/files/epfiles/1144a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"EAL4",
"ALC_FLR.2"
]
},
"st_link": "https://www.commoncriteriaportal.org/files/epfiles/1144b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc.CCCertificate.InternalState",
"cert": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "860e7a5a6f89bf7f115610bdf694c2fc56a301db7cf31fbffc45343671b0b50a",
"txt_hash": "a03ada1c13d973e22149bde4c278f27c912cedb1ec1e1a2968b8683ec8aff1e5"
},
"report": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "791f3810e8feabeb6ecd3b3cd7d7792cdfaccb8bbb95e7bbce38d383ff5c1dfb",
"txt_hash": "89a08e342e5977cb9144f871c6314198b43d0acee74796d51d54cf114eba7491"
},
"st": {
"_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "829c5c955e3a5ac85ba0e37c4e3c12c2f0953e786b6e61ae15188522d8c575ee",
"txt_hash": "7d5ec433d3dbade33ff14a74d315e0e9d5a3717a943698b1e4b4f699b466d384"
}
},
"status": "active"
}