IBM Enterprise PKCS#11 (EP11) Firmware identifier '2b638e8e' (4768)

CSV information ?

Status active
Valid from 02.08.2019
Valid until 02.08.2024
Scheme ­čçę­čç¬ DE
Manufacturer IBM Corporation
Category Other Devices and Systems
Security level EAL4

Heuristics summary ?

Certificate ID: BSI-DSZ-CC-1094-2019

Certification report ?

Extracted keywords

Symmetric Algorithms
AES, TDES
Asymmetric Algorithms
ECDH, ECDSA, DSA
Hash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA256, SHA-2
Schemes
MAC
Randomness
TRNG, DRBG, RNG
Elliptic Curves
secp256k1
Block cipher modes
ECB, CBC

Security level
EAL 4, EAL 2, EAL 1
Security Assurance Requirements (SAR)
ALC_FLR
Certificates
BSI-DSZ-CC-1094-2019, BSI-DSZ-CC-1002-2018
Evaluation facilities
atsec
Certification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Report, Version 2, 2019-07-10, Final Evaluation Technical Report, atsec information security GmbH (confidential document) [8] Configuration lists for the TOE: Configuration list of static content measured by SHA256, Version 1.0, 2016- 12-12, IBM (confidential document) EP11 configuration list BOE, Version 1, 2019-03-27, IBM (confidential document) EP11 configuration, BOE) for documentation files, Version 1, 2017-07-14, IBM (confidential document) Configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential, Notes for the configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential document) Hardware configuration list for IBM 4765 and 4767 EP11 HSMs, Version 1.0, 2017- 08-31, IBM

Certification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Report, Version 2, 2019-07-10, Final Evaluation Technical Report, atsec information security GmbH (confidential document) [8] Configuration lists for the TOE: Configuration list of static content measured by SHA256, Version 1.0, 2016- 12-12, IBM (confidential document) EP11 configuration list BOE, Version 1, 2019-03-27, IBM (confidential document) EP11 configuration, BOE) for documentation files, Version 1, 2017-07-14, IBM (confidential document) Configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential, Notes for the configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential document) Hardware configuration list for IBM 4765 and 4767 EP11 HSMs, Version 1.0, 2017- 08-31, IBM

Standards
FIPS 46-3, FIPS 197, FIPS 180-4, FIPS 186-4, NIST SP 800-38A, NIST SP 800-90A, PKCS#11, PKCS#1, AIS 20, AIS 32, AIS 38, RFC 3447, RFC 5639, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, X.509
Technical reports
BSI TR-02102, BSI 7148

File metadata

Title: Certification Report BSI-DSZ-CC-1094-2019
Subject: Report BSI-DSZ-CC-1094 Zertifizierung
Keywords: "Common Criteria, Certification, Zertifizierung, IBM Enterprise PKCS#11 (EP11) Firmware identifier 2b638e8e"
Author: Bundesamt f├╝r Sicherheit in der Informationstechnik
Creation date: D:20190826112423+02'00'
Modification date: D:20190910151840+02'00'
Pages: 25
Creator: Writer
Producer: LibreOffice 6.1

Frontpage

Certificate ID: BSI-DSZ-CC-1094-2019
Certified item: IBM Enterprise PKCS#11 (EP11) Firmware identifier '2b638e8e' (4768
Certification lab: BSI
Developer: IBM Research & Development Germany

References

Outgoing
  • BSI-DSZ-CC-1002-2018 - IBM Enterprise PKCS#11 Firmware FW IDs 'dada00eb' ((4767) and 'e41c1444' (4765)

Security target ?

Extracted keywords

Symmetric Algorithms
AES, TDES, TDEA, SEED, HMAC, CMAC
Asymmetric Algorithms
RSA 2048, ECDH, ECDSA, ECIES, ECC, DH, Diffie-Hellman, DSA
Hash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, RIPEMD-160
Schemes
MAC, Key Exchange, Key Agreement, Key agreement
Protocols
SSL
Randomness
TRNG, DRBG, RNG
Elliptic Curves
P-192, P-224, P-256, P-384, P-521
Block cipher modes
ECB, CBC

Vendor
STM

Security level
EAL 4, EAL4
Protection profiles
BSI-CC-PP-0045-2009

Side-channel analysis
side-channel, Malfunction, malfunction

Standards
FIPS 197, FIPS 180-4, FIPS 186-4, FIPS 140-2, PKCS#11, PKCS1, PKCS12, PKCS11, PKCS 11, AIS 31, RFC 3394, RFC 5649, RFC 3447, RFC 8017, ISO/IEC 18031:2011, X.509

File metadata

Title: IBM Enterprise PKCS11(on 4768) Security Target (EAL 4 )
Subject: Security Policy [rev. 288]
Keywords: IBM 4768 (hw. 00LV498PLH (3)); PCIeCC; XCP, Enterprise PKCS11 (EP11)
Author: Visegrady, Tamas <tvi (at) zurich.ibm.com>
Creation date: D:20190320220000+01'00'
Modification date: D:20190320220000+01'00'
Pages: 53
Creator: IBM Research --- Zurich and IBM Boeblingen/Poughkeepsie
Producer: pdfTeX

References

Outgoing

Heuristics ?

Certificate ID: BSI-DSZ-CC-1094-2019

Scheme data ?

Cert Id BSI-DSZ-CC-1094-2019
Product IBM Enterprise PKCS#11 (EP11)
Vendor IBM Research & Development Germany
Certification Date 02.08.2019
Category Other products
Url https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Sonstiges/1094.html
Enhanced
Product IBM Enterprise PKCS#11 (EP11)
Applicant IBM Research & Development Germany Sch├Ânaicher Stra├če 220 71032 B├Âblingen
Evaluation Facility atsec information security GmbH
Assurance Level EAL4
Certification Date 02.08.2019
Expiration Date 01.08.2024
Report Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1094a_pdf.pdf?__blob=publicationFile&v=1
Target Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1094b_pdf.pdf?__blob=publicationFile&v=1
Cert Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1094c_pdf.pdf?__blob=publicationFile&v=1
Description The Target of Evaluation (TOE) is the IBM Enterprise PKCS#11 firmware (EP11) running on the IBM CryptoExpress 6 (4768) cryptographic coprocessor. It is an implementation of the industry-standard PKCS#11 cryptographic service provider API version v2.20 with some modifications and algorithmic extensions, adapted to requirements typical in enterprise servers. modifications and algorithmic extensions, adapted to requirements typical in enterprise servers. The EP11 firmware provides a stateless backend, relying mainly on host-resident, encrypted datastores to maintain sensitive state, while presenting services as a regular HSM-based PKCS#11implementation.

References ?

Updates ?

  • 27.04.2023 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The scheme_data property was set to {'cert_id': 'BSI-DSZ-CC-1094-2019', 'product': 'IBM Enterprise PKCS#11 (EP11)', 'vendor': 'IBM Research & Development Germany', 'certification_date': '02.08.2019', 'category': 'Other products', 'url': 'https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Sonstiges/1094.html', 'enhanced': {'product': 'IBM Enterprise PKCS#11 (EP11)', 'applicant': 'IBM Research & Development Germany\nSch├Ânaicher Stra├če 220\n71032 B├Âblingen', 'evaluation_facility': 'atsec information security GmbH', 'assurance_level': 'EAL4', 'certification_date': '02.08.2019', 'expiration_date': '01.08.2024', 'report_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1094a_pdf.pdf?__blob=publicationFile&v=1', 'target_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1094b_pdf.pdf?__blob=publicationFile&v=1', 'cert_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1094c_pdf.pdf?__blob=publicationFile&v=1', 'description': 'The Target of Evaluation (TOE) is the IBM Enterprise PKCS#11 firmware (EP11) running on the IBM CryptoExpress 6 (4768) cryptographic coprocessor. It is an implementation of the industry-standard PKCS#11 cryptographic service provider API version v2.20 with some modifications and algorithmic extensions, adapted to requirements typical in enterprise servers. modifications and algorithmic extensions, adapted to requirements typical in enterprise servers. The EP11 firmware provides a stateless backend, relying mainly on host-resident, encrypted datastores to maintain sensitive state, while presenting services as a regular HSM-based PKCS#11implementation.'}}.
  • 26.04.2023 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'scheme_data': None}.
  • 11.02.2023 The certificate data changed.
    Certificate changed

    The _type was updated.

    • The new value is sec_certs.sample.cc.CCCertificate.

    The state of the certificate object was updated.

    • The _type property was set to sec_certs.sample.cc.CCCertificate.InternalState.
    • The following properties were deleted: ['errors'].

    The PDF extraction data was updated.

    • The _type property was set to sec_certs.sample.cc.CCCertificate.PdfData.

    The computed heuristics were updated.

    • The following values were inserted: {'direct_transitive_cves': None, 'indirect_transitive_cves': None}.
    • The _type property was set to sec_certs.sample.cc.CCCertificate.Heuristics.
    • The following properties were deleted: ['direct_dependency_cves', 'indirect_dependency_cves'].
  • 25.12.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The errors property was set to [].
  • 25.12.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The errors property was set to ['failed to download report from https://www.commoncriteriaportal.org/files/epfiles/1094a_pdf.pdf, code: nok'].
  • 24.12.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The report_download_ok property was set to True.
    • The report_convert_ok property was set to True.
    • The report_extract_ok property was set to True.
    • The errors property was set to [].
    • The report_pdf_hash property was set to 8b66efa5343db2af49e164e5db73ac665ff80282813ee879abefaee43e042bf0.
    • The report_txt_hash property was set to 3c73dadfa13f7cf3781565e9162d0892106b60c4de3a1285d77c1fa0bad2a919.

    The PDF extraction data was updated.

    • The report_metadata property was set to {'pdf_file_size_bytes': 952779, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 25, '/Author': 'Bundesamt f├╝r Sicherheit in der Informationstechnik', '/CreationDate': "D:20190826112423+02'00'", '/Creator': 'Writer', '/Keywords': '"Common Criteria, Certification, Zertifizierung, IBM Enterprise PKCS#11 (EP11) Firmware identifier 2b638e8e"', '/ModDate': "D:20190910151840+02'00'", '/Producer': 'LibreOffice 6.1', '/Subject': 'Report BSI-DSZ-CC-1094 Zertifizierung', '/Title': 'Certification Report BSI-DSZ-CC-1094-2019', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.bsi.bund.de/AIS', 'https://www-01.ibm.com/servers/resourcelink/svc00100.nsf/pages/zosv2r3izst100/$file/izst100_v2r3.pdf', 'https://www.ibm.com/downloads/cas/WXRDPRAN', 'https://www.bsi.bund.de/', 'https://www.ibm.com/downloads/cas/RMQG64AV', 'https://www.bsi.bund.de/zertifizierungsreporte', 'http://www.commoncriteriaportal.org/cc/', 'https://www.bsi.bund.de/zertifizierung', 'http://www.sogisportal.eu/', 'http://www.commoncriteriaportal.org/']}}.
    • The report_frontpage property was set to {'anssi': {}, 'bsi': {'match_rules': ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)'], 'cert_id': 'BSI-DSZ-CC-1094-2019', 'cert_item': "IBM Enterprise PKCS#11 (EP11) Firmware identifier '2b638e8e' (4768", 'developer': 'IBM Research & Development Germany', 'cert_lab': 'BSI', 'ref_protection_profiles': 'None', 'cc_version': 'Product specific Security Target Common Criteria Part 2 extended', 'cc_security_level': 'Common Criteria Part 3 conformant EAL 4'}, 'nscib': {}, 'niap': {}, 'canada': {}}.
    • The report_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1094-2019': 28, 'BSI-DSZ-CC-1002-2018': 4}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 5, 'EAL 2': 3, 'EAL 1': 1}}, 'cc_sar': {'ALC': {'ALC_FLR': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {'atsec': {'atsec': 3}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 3}}, 'DES': {'3DES': {'TDES': 3}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 4}, 'ECDSA': {'ECDSA': 5}}, 'FF': {'DSA': {'DSA': 4}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 2}, 'SHA2': {'SHA-224': 1, 'SHA-256': 4, 'SHA-384': 1, 'SHA-512': 1, 'SHA256': 4, 'SHA-2': 1}}}, 'crypto_scheme': {'MAC': {'MAC': 1}}, 'crypto_protocol': {}, 'randomness': {'TRNG': {'TRNG': 2}, 'PRNG': {'DRBG': 1}, 'RNG': {'RNG': 1}}, 'cipher_mode': {'ECB': {'ECB': 2}, 'CBC': {'CBC': 3}}, 'ecc_curve': {'NIST': {'secp256k1': 2}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI TR-02102': 1, 'BSI 7148': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 46-3': 1, 'FIPS 197': 1, 'FIPS 180-4': 1, 'FIPS 186-4': 9}, 'NIST': {'NIST SP 800-38A': 2, 'NIST SP 800-90A': 1}, 'PKCS': {'PKCS#11': 14, 'PKCS#1': 1}, 'BSI': {'AIS 20': 2, 'AIS 32': 1, 'AIS 38': 1}, 'RFC': {'RFC 3447': 1, 'RFC 5639': 3}, 'ISO': {'ISO/IEC 15408': 4, 'ISO/IEC 18045': 4, 'ISO/IEC 17065': 2}, 'X509': {'X.509': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'ConfidentialDocument': {'being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, 'Report, Version 2, 2019-07-10, Final Evaluation Technical Report, atsec information security GmbH (confidential document) [8] Configuration lists for the TOE: Configuration list of static content measured by SHA256': 1, 'Version 1.0, 2016- 12-12, IBM (confidential document) EP11 configuration list BOE, Version 1, 2019-03-27, IBM (confidential document) EP11 configuration': 1, 'BOE) for documentation files, Version 1, 2017-07-14, IBM (confidential document) Configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential': 1, 'Notes for the configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential document) Hardware configuration list for IBM 4765 and 4767 EP11 HSMs, Version 1.0, 2017- 08-31, IBM': 1}}}.
    • The report_filename property was set to 1094a_pdf.pdf.

    The computed heuristics were updated.

    • The cert_lab property was set to ['BSI'].
    • The cert_id property was set to BSI-DSZ-CC-1094-2019.
    • The report_references property was updated, with the {'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1002-2018']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1002-2018']}} data.
  • 24.12.2022 The certificate data changed.
    Certificate changed

    The cert_link was updated.

    • The new value is https://www.commoncriteriaportal.org/files/epfiles/1094c_pdf.pdf.

    The manufacturer_web was updated.

    • The new value is https://www.ibm.com.

    The state of the certificate object was updated.

    • The st_download_ok property was set to True.
    • The report_download_ok property was set to False.
    • The st_convert_ok property was set to True.
    • The report_convert_ok property was set to False.
    • The st_extract_ok property was set to True.
    • The report_extract_ok property was set to False.
    • The errors property was updated, with the [[1, 'failed to download report from https://www.commoncriteriaportal.org/files/epfiles/1094a_pdf.pdf, code: nok']] values inserted.
    • The st_pdf_hash property was set to 7d443a5d04fd00163c6b14499ff05684502a188c2df61cb1d59db52e24448820.
    • The report_pdf_hash property was set to None.
    • The st_txt_hash property was set to 94da6d55a7e2d4220fea15772a773e2db1e6a0f17dcf88075da95e50217c89e3.
    • The report_txt_hash property was set to None.

    The PDF extraction data was updated.

    • The report_metadata property was set to None.
    • The st_metadata property was set to {'pdf_file_size_bytes': 841608, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 53, '/Title': 'IBM Enterprise PKCS11(on 4768) Security Target (EAL 4 )', '/Creator': 'IBM Research --- Zurich and IBM Boeblingen/Poughkeepsie', '/Author': 'Visegrady, Tamas <tvi (at) zurich.ibm.com>', '/Subject': 'Security Policy [rev. 288]', '/Keywords': 'IBM 4768 (hw. 00LV498PLH (3)); PCIeCC; XCP, Enterprise PKCS11 (EP11)', '/Producer': 'pdfTeX', '/CreationDate': "D:20190320220000+01'00'", '/ModDate': "D:20190320220000+01'00'", '/Trapped': '/False', '/PTEX.Fullbanner': 'This is pdfTeX, Version 3.14159265-2.6-1.40.19 (TeX Live 2018/TeX Live for SUSE Linux) kpathsea version 6.3.0', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The report_frontpage property was set to None.
    • The st_frontpage property was set to {'anssi': {}, 'bsi': {}, 'nscib': {}, 'niap': {}, 'canada': {}}.
    • The report_keywords property was set to None.
    • The st_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0045-2009': 1}}, 'cc_security_level': {'EAL': {'EAL 4': 1, 'EAL4': 3}}, 'cc_sar': {}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {'STMicroelectronics': {'STM': 4}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 13}}, 'DES': {'3DES': {'TDES': 8, 'TDEA': 1}}, 'miscellaneous': {'SEED': {'SEED': 1}}, 'constructions': {'MAC': {'HMAC': 7, 'CMAC': 2}}}, 'asymmetric_crypto': {'RSA': {'RSA 2048': 1}, 'ECC': {'ECDH': {'ECDH': 5}, 'ECDSA': {'ECDSA': 8}, 'ECIES': {'ECIES': 1}, 'ECC': {'ECC': 1}}, 'FF': {'DH': {'DH': 4, 'Diffie-Hellman': 2}, 'DSA': {'DSA': 12}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 7}, 'SHA2': {'SHA-224': 5, 'SHA-256': 14, 'SHA-384': 4, 'SHA-512': 4}}, 'RIPEMD': {'RIPEMD-160': 1}}, 'crypto_scheme': {'MAC': {'MAC': 10}, 'KEX': {'Key Exchange': 1}, 'KA': {'Key Agreement': 2, 'Key agreement': 1}}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 1}}}, 'randomness': {'TRNG': {'TRNG': 5}, 'PRNG': {'DRBG': 2}, 'RNG': {'RNG': 19}}, 'cipher_mode': {'ECB': {'ECB': 4}, 'CBC': {'CBC': 6}}, 'ecc_curve': {'NIST': {'P-192': 8, 'P-224': 8, 'P-256': 8, 'P-384': 8, 'P-521': 8}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'side-channel': 1}, 'FI': {'Malfunction': 3, 'malfunction': 2}}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 197': 4, 'FIPS 180-4': 1, 'FIPS 186-4': 1, 'FIPS 140-2': 3}, 'PKCS': {'PKCS#11': 158, 'PKCS1': 14, 'PKCS12': 1, 'PKCS11': 1, 'PKCS 11': 1}, 'BSI': {'AIS 31': 1}, 'RFC': {'RFC 3394': 1, 'RFC 5649': 1, 'RFC 3447': 12, 'RFC 8017': 1}, 'ISO': {'ISO/IEC 18031:2011': 1}, 'X509': {'X.509': 6}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
    • The report_filename property was set to None.
    • The st_filename property was set to 1094b_pdf.pdf.

    The computed heuristics were updated.

    • The cert_lab property was set to None.
    • The cert_id property was set to None.
    • The report_references property was updated, with the {'directly_referencing': None, 'indirectly_referencing': None} data.
  • 23.12.2022 The certificate data changed.
    Certificate changed

    The cert_link was updated.

    • The new value is None.

    The manufacturer_web was updated.

    • The new value is None.

    The state of the certificate object was updated.

    • The st_download_ok property was set to False.
    • The st_convert_ok property was set to False.
    • The st_extract_ok property was set to False.
    • The errors property was set to ['failed to download report from https://www.commoncriteriaportal.org/files/epfiles/1094a_pdf.pdf, code: nok', 'failed to download ST from https://www.commoncriteriaportal.org/files/epfiles/1094b_pdf.pdf, code: nok'].
    • The st_pdf_hash property was set to None.
    • The st_txt_hash property was set to None.

    The PDF extraction data was updated.

    • The st_metadata property was set to None.
    • The st_frontpage property was set to None.
    • The st_keywords property was set to None.
    • The st_filename property was set to None.
  • 23.12.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The st_download_ok property was set to True.
    • The st_convert_ok property was set to True.
    • The st_extract_ok property was set to True.
    • The errors property was set to [].
    • The st_pdf_hash property was set to 7d443a5d04fd00163c6b14499ff05684502a188c2df61cb1d59db52e24448820.
    • The st_txt_hash property was set to 94da6d55a7e2d4220fea15772a773e2db1e6a0f17dcf88075da95e50217c89e3.

    The PDF extraction data was updated.

    • The st_metadata property was set to {'pdf_file_size_bytes': 841608, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 53, '/Title': 'IBM Enterprise PKCS11(on 4768) Security Target (EAL 4 )', '/Creator': 'IBM Research --- Zurich and IBM Boeblingen/Poughkeepsie', '/Author': 'Visegrady, Tamas <tvi (at) zurich.ibm.com>', '/Subject': 'Security Policy [rev. 288]', '/Keywords': 'IBM 4768 (hw. 00LV498PLH (3)); PCIeCC; XCP, Enterprise PKCS11 (EP11)', '/Producer': 'pdfTeX', '/CreationDate': "D:20190320220000+01'00'", '/ModDate': "D:20190320220000+01'00'", '/Trapped': '/False', '/PTEX.Fullbanner': 'This is pdfTeX, Version 3.14159265-2.6-1.40.19 (TeX Live 2018/TeX Live for SUSE Linux) kpathsea version 6.3.0', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The st_frontpage property was set to {'anssi': {}, 'bsi': {}, 'nscib': {}, 'niap': {}, 'canada': {}}.
    • The st_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0045-2009': 1}}, 'cc_security_level': {'EAL': {'EAL 4': 1, 'EAL4': 3}}, 'cc_sar': {}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {'STMicroelectronics': {'STM': 4}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 13}}, 'DES': {'3DES': {'TDES': 8, 'TDEA': 1}}, 'miscellaneous': {'SEED': {'SEED': 1}}, 'constructions': {'MAC': {'HMAC': 7, 'CMAC': 2}}}, 'asymmetric_crypto': {'RSA': {'RSA 2048': 1}, 'ECC': {'ECDH': {'ECDH': 5}, 'ECDSA': {'ECDSA': 8}, 'ECIES': {'ECIES': 1}, 'ECC': {'ECC': 1}}, 'FF': {'DH': {'DH': 4, 'Diffie-Hellman': 2}, 'DSA': {'DSA': 12}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 7}, 'SHA2': {'SHA-224': 5, 'SHA-256': 14, 'SHA-384': 4, 'SHA-512': 4}}, 'RIPEMD': {'RIPEMD-160': 1}}, 'crypto_scheme': {'MAC': {'MAC': 10}, 'KEX': {'Key Exchange': 1}, 'KA': {'Key Agreement': 2, 'Key agreement': 1}}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 1}}}, 'randomness': {'TRNG': {'TRNG': 5}, 'PRNG': {'DRBG': 2}, 'RNG': {'RNG': 19}}, 'cipher_mode': {'ECB': {'ECB': 4}, 'CBC': {'CBC': 6}}, 'ecc_curve': {'NIST': {'P-192': 8, 'P-224': 8, 'P-256': 8, 'P-384': 8, 'P-521': 8}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'side-channel': 1}, 'FI': {'Malfunction': 3, 'malfunction': 2}}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 197': 4, 'FIPS 180-4': 1, 'FIPS 186-4': 1, 'FIPS 140-2': 3}, 'PKCS': {'PKCS#11': 158, 'PKCS1': 14, 'PKCS12': 1, 'PKCS11': 1, 'PKCS 11': 1}, 'BSI': {'AIS 31': 1}, 'RFC': {'RFC 3394': 1, 'RFC 5649': 1, 'RFC 3447': 12, 'RFC 8017': 1}, 'ISO': {'ISO/IEC 18031:2011': 1}, 'X509': {'X.509': 6}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
    • The st_filename property was set to 1094b_pdf.pdf.
  • 22.12.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The st_download_ok property was set to False.
    • The st_convert_ok property was set to False.
    • The st_extract_ok property was set to False.
    • The errors property was set to ['failed to download ST from https://www.commoncriteriaportal.org/files/epfiles/1094b_pdf.pdf, code: nok'].
    • The st_pdf_hash property was set to None.
    • The st_txt_hash property was set to None.

    The PDF extraction data was updated.

    • The st_metadata property was set to None.
    • The st_frontpage property was set to None.
    • The st_keywords property was set to None.
    • The st_filename property was set to None.
  • 05.10.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The following values were inserted: {'st_convert_garbage': False, 'report_convert_garbage': False}.
  • 24.09.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The following values were inserted: {'report_filename': '1094a_pdf.pdf', 'st_filename': '1094b_pdf.pdf'}.
    • The report_keywords property was updated, with the {'cc_cert_id': {'__update__': {'DE': {'__update__': {'BSI-DSZ-CC-1094-2019': 28}}}}, 'cc_security_level': {'__update__': {'EAL': {'__update__': {'EAL 4': 5}}}}, 'symmetric_crypto': {'__update__': {'DES': {'__delete__': ['DES']}}}, 'asymmetric_crypto': {'__update__': {'FF': {'__update__': {'DSA': {'__update__': {'DSA': 4}}}, '__delete__': ['DH']}}}, 'crypto_scheme': {'__delete__': ['KA']}, 'randomness': {'__update__': {'PRNG': {'__update__': {'DRBG': 1}}, 'RNG': {'__update__': {'RNG': 1}, '__delete__': ['RBG']}}}, 'technical_report_id': {'__update__': {'BSI': {'__insert__': {'BSI TR-02102': 1}}}}, 'tee_name': {}, 'standard_id': {'__update__': {'BSI': {'__delete__': ['AIS 7']}, 'ISO': {'__update__': {'ISO/IEC 15408': 4, 'ISO/IEC 18045': 4}}}}, 'certification_process': {'__update__': {'ConfidentialDocument': {'__insert__': {'being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, 'Version 1.0, 2016- 12-12, IBM (confidential document) EP11 configuration list BOE, Version 1, 2019-03-27, IBM (confidential document) EP11 configuration': 1, 'BOE) for documentation files, Version 1, 2017-07-14, IBM (confidential document) Configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential': 1, 'Notes for the configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential document) Hardware configuration list for IBM 4765 and 4767 EP11 HSMs, Version 1.0, 2017- 08-31, IBM': 1}, '__delete__': ['identiality being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification', 'hashes, Version 1.0, 2016- 12-12, IBM (confidential document) EP11 configuration list BOE, Version 1, 2019-03-27, IBM (confidential document) EP11 configuration', 'list (BOE) for documentation files, Version 1, 2017-07-14, IBM (confidential document) Configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential', 'cument) Notes for the configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential document) Hardware configuration list for IBM 4765 and 4767 EP11 HSMs, Version 1.0, 2017- 08-31, IBM ', 'confidential document) [9] Guidance documentation of the TOE: Enterprise PKCS#11 (EP11) Library structure, 2019-03-06']}}}} data.
    • The st_keywords property was updated, with the {'cc_security_level': {'__update__': {'EAL': {'__update__': {'EAL4': 3}}}}, 'symmetric_crypto': {'__update__': {'AES_competition': {'__update__': {'AES': {'__update__': {'AES': 13}}}}, 'DES': {'__update__': {'3DES': {'__update__': {'TDES': 8}}}, '__delete__': ['DES']}, 'miscellaneous': {'__update__': {'SEED': {'__update__': {'SEED': 1}}}}}}, 'asymmetric_crypto': {'__update__': {'ECC': {'__update__': {'ECDH': {'__update__': {'ECDH': 5}}, 'ECDSA': {'__update__': {'ECDSA': 8}}}}, 'FF': {'__update__': {'DH': {'__update__': {'DH': 4}}, 'DSA': {'__update__': {'DSA': 12}}}}}}, 'hash_function': {'__insert__': {'RIPEMD': {'RIPEMD-160': 1}}, '__update__': {'SHA': {'__update__': {'SHA1': {'__update__': {'SHA-1': 7}}}}}}, 'crypto_scheme': {'__update__': {'MAC': {'__update__': {'MAC': 10}}, 'KA': {'__delete__': ['KA']}}}, 'crypto_protocol': {'__update__': {'TLS': {'__delete__': ['TLS']}}}, 'randomness': {'__update__': {'PRNG': {'__update__': {'DRBG': 2}}, 'RNG': {'__update__': {'RNG': 19}, '__delete__': ['RBG']}}}, 'cipher_mode': {'__update__': {'CBC': {'__update__': {'CBC': 6}}}}, 'ecc_curve': {'__update__': {'NIST': {'__update__': {'P-192': 8, 'P-224': 8, 'P-256': 8, 'P-384': 8}, '__delete__': ['P-320', 'P-512']}}}, 'side_channel_analysis': {'__update__': {'FI': {'__update__': {'Malfunction': 3}}}}, 'standard_id': {'__update__': {'FIPS': {'__delete__': ['FIPS2009', 'FIPS2011']}, 'PKCS': {'__update__': {'PKCS#11': 158, 'PKCS1': 14}}}}, 'javacard_api_const': {}} data.
  • 18.07.2022 The certificate data changed.
    Certificate changed

    The _type was updated.

    • The new value is sec_certs.sample.common_criteria.CommonCriteriaCert.

    The state of the certificate object was updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.InternalState.

    The PDF extraction data was updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.PdfData.

    The computed heuristics were updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.Heuristics.
    • The st_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
    • The report_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
  • 17.07.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The report_metadata property was updated, with the {'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.bsi.bund.de/AIS', 'https://www-01.ibm.com/servers/resourcelink/svc00100.nsf/pages/zosv2r3izst100/$file/izst100_v2r3.pdf', 'https://www.ibm.com/downloads/cas/WXRDPRAN', 'https://www.bsi.bund.de/', 'https://www.bsi.bund.de/zertifizierungsreporte', 'https://www.ibm.com/downloads/cas/RMQG64AV', 'http://www.commoncriteriaportal.org/cc/', 'https://www.bsi.bund.de/zertifizierung', 'http://www.sogisportal.eu/', 'http://www.commoncriteriaportal.org/']}} values inserted.
    • The st_metadata property was updated, with the {'pdf_hyperlinks': {'_type': 'Set', 'elements': []}} values inserted.
    • The report_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1094-2019': 52, 'BSI-DSZ-CC-1002-2018': 4}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 3, 'EAL 2': 3, 'EAL 1': 1}}, 'cc_sar': {'ALC': {'ALC_FLR': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {'atsec': {'atsec': 3}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 3}}, 'DES': {'DES': {'DES': 3}, '3DES': {'TDES': 3}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 4}, 'ECDSA': {'ECDSA': 5}}, 'FF': {'DH': {'DH': 4}, 'DSA': {'DSA': 9}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 2}, 'SHA2': {'SHA-224': 1, 'SHA-256': 4, 'SHA-384': 1, 'SHA-512': 1, 'SHA256': 4, 'SHA-2': 1}}}, 'crypto_scheme': {'MAC': {'MAC': 1}, 'KA': {'KA': 2}}, 'crypto_protocol': {}, 'randomness': {'TRNG': {'TRNG': 2}, 'PRNG': {'DRBG': 3}, 'RNG': {'RNG': 6, 'RBG': 3}}, 'cipher_mode': {'ECB': {'ECB': 2}, 'CBC': {'CBC': 3}}, 'ecc_curve': {'NIST': {'secp256k1': 2}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI 7148': 1}}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 2}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 46-3': 1, 'FIPS 197': 1, 'FIPS 180-4': 1, 'FIPS 186-4': 9}, 'NIST': {'NIST SP 800-38A': 2, 'NIST SP 800-90A': 1}, 'PKCS': {'PKCS#11': 14, 'PKCS#1': 1}, 'BSI': {'AIS 20': 2, 'AIS 7': 1, 'AIS 32': 1, 'AIS 38': 1}, 'RFC': {'RFC 3447': 1, 'RFC 5639': 3}, 'ISO': {'ISO/IEC 15408': 2, 'ISO/IEC 17065': 2, 'ISO/IEC 18045': 2}, 'X509': {'X.509': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'ConfidentialDocument': {'identiality being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, 'Report, Version 2, 2019-07-10, Final Evaluation Technical Report, atsec information security GmbH (confidential document) [8] Configuration lists for the TOE: Configuration list of static content measured by SHA256': 1, 'hashes, Version 1.0, 2016- 12-12, IBM (confidential document) EP11 configuration list BOE, Version 1, 2019-03-27, IBM (confidential document) EP11 configuration': 1, 'list (BOE) for documentation files, Version 1, 2017-07-14, IBM (confidential document) Configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential': 1, 'cument) Notes for the configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential document) Hardware configuration list for IBM 4765 and 4767 EP11 HSMs, Version 1.0, 2017- 08-31, IBM ': 1, 'confidential document) [9] Guidance documentation of the TOE: Enterprise PKCS#11 (EP11) Library structure, 2019-03-06': 1}}}.
    • The st_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0045-2009': 1}}, 'cc_security_level': {'EAL': {'EAL 4': 1, 'EAL4': 2}}, 'cc_sar': {}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {'STMicroelectronics': {'STM': 4}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 23}}, 'DES': {'DES': {'DES': 18, 'DEA': 1}, '3DES': {'TDES': 18, 'TDEA': 1}}, 'miscellaneous': {'SEED': {'SEED': 2}}, 'constructions': {'MAC': {'HMAC': 7, 'CMAC': 2}}}, 'asymmetric_crypto': {'RSA': {'RSA 2048': 1}, 'ECC': {'ECDH': {'ECDH': 9}, 'ECDSA': {'ECDSA': 12}, 'ECIES': {'ECIES': 1}, 'ECC': {'ECC': 1}}, 'FF': {'DH': {'DH': 15, 'Diffie-Hellman': 2}, 'DSA': {'DSA': 34}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 6}, 'SHA2': {'SHA-224': 5, 'SHA-256': 14, 'SHA-384': 4, 'SHA-512': 4}}}, 'crypto_scheme': {'MAC': {'MAC': 21}, 'KEX': {'Key Exchange': 1}, 'KA': {'Key Agreement': 2, 'KA': 15, 'Key agreement': 1}}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 1}, 'TLS': {'TLS': 1}}}, 'randomness': {'TRNG': {'TRNG': 5}, 'PRNG': {'DRBG': 3}, 'RNG': {'RNG': 22, 'RBG': 3}}, 'cipher_mode': {'ECB': {'ECB': 4}, 'CBC': {'CBC': 7}}, 'ecc_curve': {'NIST': {'P-192': 10, 'P-224': 10, 'P-256': 10, 'P-384': 10, 'P-521': 8, 'P-320': 1, 'P-512': 1}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'side-channel': 1}, 'FI': {'Malfunction': 5, 'malfunction': 2}}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 197': 4, 'FIPS 180-4': 1, 'FIPS 186-4': 1, 'FIPS 140-2': 3, 'FIPS2009': 2, 'FIPS2011': 1}, 'PKCS': {'PKCS#11': 157, 'PKCS1': 15, 'PKCS12': 1, 'PKCS11': 1, 'PKCS 11': 1}, 'BSI': {'AIS 31': 1}, 'RFC': {'RFC 3394': 1, 'RFC 5649': 1, 'RFC 3447': 12, 'RFC 8017': 1}, 'ISO': {'ISO/IEC 18031:2011': 1}, 'X509': {'X.509': 6}}, 'javacard_version': {}, 'javacard_api_const': {'ALG': {'EC': {'ALG_EC_BPOOLCRV': 1, 'ALG_EC_NISTCRV': 1}}}, 'javacard_packages': {}, 'certification_process': {}}.

    The computed heuristics were updated.

    • The _type property was set to Heuristics.
  • 14.06.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The following values were inserted: {'report_pdf_hash': '8b66efa5343db2af49e164e5db73ac665ff80282813ee879abefaee43e042bf0', 'st_pdf_hash': '7d443a5d04fd00163c6b14499ff05684502a188c2df61cb1d59db52e24448820', 'report_txt_hash': '3c73dadfa13f7cf3781565e9162d0892106b60c4de3a1285d77c1fa0bad2a919', 'st_txt_hash': '94da6d55a7e2d4220fea15772a773e2db1e6a0f17dcf88075da95e50217c89e3'}.

    The PDF extraction data was updated.

    • The report_keywords property was updated, with the {'rules_symmetric_crypto': {'AES': 3, 'TDES': 3}, 'rules_asymmetric_crypto': {'ECDH': 4, 'ECDSA': 5, 'DH': 4, 'DSA': 9}, 'rules_pq_crypto': {}, 'rules_hashes': {'SHA-1': 2, 'SHA-224': 1, 'SHA-256': 4, 'SHA-384': 1, 'SHA-512': 1, 'SHA256': 4}, 'rules_crypto_schemes': {'MAC': 1}, 'rules_randomness': {'TRNG': 2, 'DRBG': 3, 'RNG': 6, 'RBG': 3}, 'rules_tee': {'SE': 2}, 'rules_side_channels': {}} values inserted.
    • The st_keywords property was updated, with the {'rules_ecc_curves': {'__insert__': {'P-320': 1, 'P-512': 1}}} data.
  • 13.05.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'extracted_sars': None}.
  • 24.04.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'direct_dependency_cves': None, 'indirect_dependency_cves': None}.
  • 08.03.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'report_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1002-2018']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1002-2018']}}}.
    • The following properties were deleted: ['directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting'].
  • 18.02.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The report_frontpage property was updated, with the {'nscib': {}, 'niap': {}, 'canada': {}} values inserted.
    • The st_frontpage property was updated, with the {'nscib': {}, 'niap': {}, 'canada': {}} values inserted.

    The computed heuristics were updated.

    • The extracted_versions property was set to {'_type': 'Set', 'elements': ['11', '4768']}.
  • 28.01.2022 The certificate was first processed.
    New certificate

    A new Common Criteria certificate with the product name IBM Enterprise PKCS#11 (EP11) Firmware identifier '2b638e8e' (4768) was processed.

Raw data

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "Other Devices and Systems",
  "cert_link": "https://www.commoncriteriaportal.org/files/epfiles/1094c_pdf.pdf",
  "dgst": "3f45ee333ce457bb",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "cert_id": "BSI-DSZ-CC-1094-2019",
    "cert_lab": [
      "BSI"
    ],
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_sars": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "11",
        "4768"
      ]
    },
    "indirect_transitive_cves": null,
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-1002-2018"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-1002-2018"
        ]
      }
    },
    "scheme_data": {
      "category": "Other products",
      "cert_id": "BSI-DSZ-CC-1094-2019",
      "certification_date": "02.08.2019",
      "enhanced": {
        "applicant": "IBM Research \u0026 Development Germany\nSch\u00f6naicher Stra\u00dfe 220\n71032 B\u00f6blingen",
        "assurance_level": "EAL4",
        "cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1094c_pdf.pdf?__blob=publicationFile\u0026v=1",
        "certification_date": "02.08.2019",
        "description": "The Target of Evaluation (TOE) is the IBM Enterprise PKCS#11 firmware (EP11) running on the IBM CryptoExpress 6 (4768) cryptographic coprocessor. It is an implementation of the industry-standard PKCS#11 cryptographic service provider API version v2.20 with some modifications and algorithmic extensions, adapted to requirements typical in enterprise servers. modifications and algorithmic extensions, adapted to requirements typical in enterprise servers. The EP11 firmware provides a stateless backend, relying mainly on host-resident, encrypted datastores to maintain sensitive state, while presenting services as a regular HSM-based PKCS#11implementation.",
        "evaluation_facility": "atsec information security GmbH",
        "expiration_date": "01.08.2024",
        "product": "IBM Enterprise PKCS#11 (EP11)",
        "report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1094a_pdf.pdf?__blob=publicationFile\u0026v=1",
        "target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1000/1094b_pdf.pdf?__blob=publicationFile\u0026v=1"
      },
      "product": "IBM Enterprise PKCS#11 (EP11)",
      "url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Sonstiges/1094.html",
      "vendor": "IBM Research \u0026 Development Germany"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "IBM Corporation",
  "manufacturer_web": "https://www.ibm.com",
  "name": "IBM Enterprise PKCS#11 (EP11) Firmware identifier \u00272b638e8e\u0027 (4768)",
  "not_valid_after": "2024-08-02",
  "not_valid_before": "2019-08-02",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "report_filename": "1094a_pdf.pdf",
    "report_frontpage": {
      "anssi": {},
      "bsi": {
        "cc_security_level": "Common Criteria Part 3 conformant EAL 4",
        "cc_version": "Product specific Security Target Common Criteria Part 2 extended",
        "cert_id": "BSI-DSZ-CC-1094-2019",
        "cert_item": "IBM Enterprise PKCS#11 (EP11) Firmware identifier \u00272b638e8e\u0027 (4768",
        "cert_lab": "BSI",
        "developer": "IBM Research \u0026 Development Germany",
        "match_rules": [
          "(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
        ],
        "ref_protection_profiles": "None"
      },
      "canada": {},
      "niap": {},
      "nscib": {}
    },
    "report_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDH": {
            "ECDH": 4
          },
          "ECDSA": {
            "ECDSA": 5
          }
        },
        "FF": {
          "DSA": {
            "DSA": 4
          }
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1002-2018": 4,
          "BSI-DSZ-CC-1094-2019": 28
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ALC": {
          "ALC_FLR": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 1": 1,
          "EAL 2": 3,
          "EAL 4": 5
        }
      },
      "cc_sfr": {},
      "certification_process": {
        "ConfidentialDocument": {
          "BOE) for documentation files, Version 1, 2017-07-14, IBM (confidential document) Configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential": 1,
          "Notes for the configuration list from git, Charlotte part; Version 1, Date 2019-03-14, IBM (confidential document) Hardware configuration list for IBM 4765 and 4767 EP11 HSMs, Version 1.0, 2017- 08-31, IBM": 1,
          "Report, Version 2, 2019-07-10, Final Evaluation Technical Report, atsec information security GmbH (confidential document) [8] Configuration lists for the TOE: Configuration list of static content measured by SHA256": 1,
          "Version 1.0, 2016- 12-12, IBM (confidential document) EP11 configuration list BOE, Version 1, 2019-03-27, IBM (confidential document) EP11 configuration": 1,
          "being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 3
        },
        "ECB": {
          "ECB": 2
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "MAC": {
          "MAC": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "secp256k1": 2
        }
      },
      "eval_facility": {
        "atsec": {
          "atsec": 3
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 2
          },
          "SHA2": {
            "SHA-2": 1,
            "SHA-224": 1,
            "SHA-256": 4,
            "SHA-384": 1,
            "SHA-512": 1,
            "SHA256": 4
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 1
        },
        "RNG": {
          "RNG": 1
        },
        "TRNG": {
          "TRNG": 2
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "BSI": {
          "AIS 20": 2,
          "AIS 32": 1,
          "AIS 38": 1
        },
        "FIPS": {
          "FIPS 180-4": 1,
          "FIPS 186-4": 9,
          "FIPS 197": 1,
          "FIPS 46-3": 1
        },
        "ISO": {
          "ISO/IEC 15408": 4,
          "ISO/IEC 17065": 2,
          "ISO/IEC 18045": 4
        },
        "NIST": {
          "NIST SP 800-38A": 2,
          "NIST SP 800-90A": 1
        },
        "PKCS": {
          "PKCS#1": 1,
          "PKCS#11": 14
        },
        "RFC": {
          "RFC 3447": 1,
          "RFC 5639": 3
        },
        "X509": {
          "X.509": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 3
          }
        },
        "DES": {
          "3DES": {
            "TDES": 3
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI 7148": 1,
          "BSI TR-02102": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "/CreationDate": "D:20190826112423+02\u002700\u0027",
      "/Creator": "Writer",
      "/Keywords": "\"Common Criteria, Certification, Zertifizierung, IBM Enterprise PKCS#11 (EP11) Firmware identifier 2b638e8e\"",
      "/ModDate": "D:20190910151840+02\u002700\u0027",
      "/Producer": "LibreOffice 6.1",
      "/Subject": "Report BSI-DSZ-CC-1094 Zertifizierung",
      "/Title": "Certification Report BSI-DSZ-CC-1094-2019",
      "pdf_file_size_bytes": 952779,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://www.bsi.bund.de/AIS",
          "https://www.ibm.com/downloads/cas/RMQG64AV",
          "http://www.sogisportal.eu/",
          "http://www.commoncriteriaportal.org/",
          "https://www.bsi.bund.de/zertifizierung",
          "https://www.bsi.bund.de/",
          "https://www-01.ibm.com/servers/resourcelink/svc00100.nsf/pages/zosv2r3izst100/$file/izst100_v2r3.pdf",
          "https://www.bsi.bund.de/zertifizierungsreporte",
          "http://www.commoncriteriaportal.org/cc/",
          "https://www.ibm.com/downloads/cas/WXRDPRAN"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 25
    },
    "st_filename": "1094b_pdf.pdf",
    "st_frontpage": {
      "anssi": {},
      "bsi": {},
      "canada": {},
      "niap": {},
      "nscib": {}
    },
    "st_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 1
          },
          "ECDH": {
            "ECDH": 5
          },
          "ECDSA": {
            "ECDSA": 8
          },
          "ECIES": {
            "ECIES": 1
          }
        },
        "FF": {
          "DH": {
            "DH": 4,
            "Diffie-Hellman": 2
          },
          "DSA": {
            "DSA": 12
          }
        },
        "RSA": {
          "RSA 2048": 1
        }
      },
      "cc_cert_id": {},
      "cc_claims": {},
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP-0045-2009": 1
        }
      },
      "cc_sar": {},
      "cc_security_level": {
        "EAL": {
          "EAL 4": 1,
          "EAL4": 3
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 6
        },
        "ECB": {
          "ECB": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "SSL": {
            "SSL": 1
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 2,
          "Key agreement": 1
        },
        "KEX": {
          "Key Exchange": 1
        },
        "MAC": {
          "MAC": 10
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-192": 8,
          "P-224": 8,
          "P-256": 8,
          "P-384": 8,
          "P-521": 8
        }
      },
      "eval_facility": {},
      "hash_function": {
        "RIPEMD": {
          "RIPEMD-160": 1
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 7
          },
          "SHA2": {
            "SHA-224": 5,
            "SHA-256": 14,
            "SHA-384": 4,
            "SHA-512": 4
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 2
        },
        "RNG": {
          "RNG": 19
        },
        "TRNG": {
          "TRNG": 5
        }
      },
      "side_channel_analysis": {
        "FI": {
          "Malfunction": 3,
          "malfunction": 2
        },
        "SCA": {
          "side-channel": 1
        }
      },
      "standard_id": {
        "BSI": {
          "AIS 31": 1
        },
        "FIPS": {
          "FIPS 140-2": 3,
          "FIPS 180-4": 1,
          "FIPS 186-4": 1,
          "FIPS 197": 4
        },
        "ISO": {
          "ISO/IEC 18031:2011": 1
        },
        "PKCS": {
          "PKCS 11": 1,
          "PKCS#11": 158,
          "PKCS1": 14,
          "PKCS11": 1,
          "PKCS12": 1
        },
        "RFC": {
          "RFC 3394": 1,
          "RFC 3447": 12,
          "RFC 5649": 1,
          "RFC 8017": 1
        },
        "X509": {
          "X.509": 6
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 13
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 1,
            "TDES": 8
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 2,
            "HMAC": 7
          }
        },
        "miscellaneous": {
          "SEED": {
            "SEED": 1
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "STMicroelectronics": {
          "STM": 4
        }
      },
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "Visegrady, Tamas \u003ctvi (at) zurich.ibm.com\u003e",
      "/CreationDate": "D:20190320220000+01\u002700\u0027",
      "/Creator": "IBM Research --- Zurich and IBM Boeblingen/Poughkeepsie",
      "/Keywords": "IBM 4768 (hw. 00LV498PLH (3)); PCIeCC; XCP, Enterprise PKCS11 (EP11)",
      "/ModDate": "D:20190320220000+01\u002700\u0027",
      "/PTEX.Fullbanner": "This is pdfTeX, Version 3.14159265-2.6-1.40.19 (TeX Live 2018/TeX Live for SUSE Linux) kpathsea version 6.3.0",
      "/Producer": "pdfTeX",
      "/Subject": "Security Policy [rev. 288]",
      "/Title": "IBM Enterprise PKCS11(on 4768) Security Target (EAL 4 )",
      "/Trapped": "/False",
      "pdf_file_size_bytes": 841608,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 53
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": []
  },
  "report_link": "https://www.commoncriteriaportal.org/files/epfiles/1094a_pdf.pdf",
  "scheme": "DE",
  "security_level": {
    "_type": "Set",
    "elements": [
      "EAL4"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/files/epfiles/1094b_pdf.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "report_convert_garbage": false,
    "report_convert_ok": true,
    "report_download_ok": true,
    "report_extract_ok": true,
    "report_pdf_hash": "8b66efa5343db2af49e164e5db73ac665ff80282813ee879abefaee43e042bf0",
    "report_txt_hash": "3c73dadfa13f7cf3781565e9162d0892106b60c4de3a1285d77c1fa0bad2a919",
    "st_convert_garbage": false,
    "st_convert_ok": true,
    "st_download_ok": true,
    "st_extract_ok": true,
    "st_pdf_hash": "7d443a5d04fd00163c6b14499ff05684502a188c2df61cb1d59db52e24448820",
    "st_txt_hash": "94da6d55a7e2d4220fea15772a773e2db1e6a0f17dcf88075da95e50217c89e3"
  },
  "status": "active"
}