Home / Common Criteria / 988394e53c8e52d9

STARCOS 3.7 COS HBA-SMC

CSV information ?

Status active
Valid from 18.06.2021
Valid until 18.06.2026
Scheme 🇩🇪 DE
Manufacturer G+D Mobile Security GmbH
Category ICs, Smart Cards and Smart Card-Related Devices and Systems
Security level EAL4+, AVA_VAN.5, ATE_DPT.2, ALC_DVS.2
Maintenance updates STARCOS 3.7 COS HBA-SMC (09.05.2022) Certification report
Certificate

Heuristics summary ?

Certificate ID: BSI-DSZ-CC-0976-V4-2021

Certification report ?

Certification report PDF TXT

Extracted keywords

Symmetric Algorithms
AES, HPC, CMAC
Asymmetric Algorithms
RSA-OAEP, ECDH, ECDSA, ECC, Diffie-Hellman, DH
Hash functions
SHA-256
Schemes
MAC, Key Agreement
Protocols
PACE
Randomness
PRNG, RNG
Block cipher modes
CBC

Operating System name
STARCOS 3
Vendor
Infineon, Infineon Technologies AG, Giesecke+Devrient, Giesecke & Devrient, G+D

Security level
EAL 4, EAL 5, EAL 2, EAL 1, EAL 2+, EAL5+, EAL6, EAL 5+, EAL 6, EAL 4 augmented
Claims
A.U
Security Assurance Requirements (SAR)
ADV_ARC, ALC_DVS.2, ALC_FLR, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_LCD.1, ALC_TAT.1, ATE_DPT.2, AVA_VAN.5
Security Functional Requirements (SFR)
FCS_COP, FCS_CKM, FCS_RNG.1, FCS_RNG, FIA_UAU, FIA_USB, FPT_ITE.1, FTP_ITC
Protection profiles
BSI-CC-PP-0082-V4-, BSI-CC-PP-0082-V4-2019
Certificates
BSI-DSZ-CC-0976-V4-2021, BSI-DSZ-CC-0976-V3-2019, BSI-DSZ-CC-1110-V3-2020
Evaluation facilities
TĂśV Informationstechnik, SRC Security Research & Consulting
Certification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Target STARCOS 3.7 COS HBA-SMC, Version 2.0, 22 April 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) 7 specifically • AIS 1, Version 14, Durchführung der Ortsbesichtigung in der Entwicklungsumgebung, for STARCOS 3.7 COS HBA-SMC, Version 2.9, 2 June 2021, SRC Security Research & Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976-V4-2021, Configuration List STARCOS 3.7 COS HBA-SMC, 1.1, 19 May 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) [11] Guidance Documentation STARCOS 3.7 COS HBA-SMC – Main Document, Version 1.6, 23 March 2021, design step H13, Version 3.3, 22 April 2020, Infineon Technologies AG, BSI-DSZ-CC-1110-V3-2020 (confidential document) Security Target Lite of the underlying hardware platform, Security Target IFX_CCI_000003h, procedure BSI-DSZ-CC-1110-V3-2020, Version 1, 23 April 2020, TÜV Informationstechnik GmbH (confidential document) [21] Einführung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische

Side-channel analysis
side channel, DPA, SPA, physical tampering, malfunction, DFA, fault injection, JIL
Certification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Target STARCOS 3.7 COS HBA-SMC, Version 2.0, 22 April 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) 7 specifically • AIS 1, Version 14, Durchführung der Ortsbesichtigung in der Entwicklungsumgebung, for STARCOS 3.7 COS HBA-SMC, Version 2.9, 2 June 2021, SRC Security Research & Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976-V4-2021, Configuration List STARCOS 3.7 COS HBA-SMC, 1.1, 19 May 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) [11] Guidance Documentation STARCOS 3.7 COS HBA-SMC – Main Document, Version 1.6, 23 March 2021, design step H13, Version 3.3, 22 April 2020, Infineon Technologies AG, BSI-DSZ-CC-1110-V3-2020 (confidential document) Security Target Lite of the underlying hardware platform, Security Target IFX_CCI_000003h, procedure BSI-DSZ-CC-1110-V3-2020, Version 1, 23 April 2020, TÜV Informationstechnik GmbH (confidential document) [21] Einführung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische

Standards
FIPS 180-4, FIPS 197, FIPS PUB 180-4, FIPS PUB 197, PKCS#1, AIS 34, AIS 36, AIS 37, AIS 26, AIS 25, AIS 20, AIS 31, AIS 46, AIS 35, AIS 1, AIS 14, AIS 19, AIS 23, AIS 32, AIS 38, RFC 5639, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, ISO/IEC 18031:2005
Technical reports
BSI TR-03116-1, BSI TR-03144, BSI TR-03143, BSI 7148

File metadata

Title: Certification Report BSI-DSZ-CC-0976-V4-2021
Subject: STARCOS 3.7 COS HBA-SMC from G+D Mobile Security GmbH, Giesecke+Devrient Mobile Security GmbH
Keywords: "Common Criteria, Certification, Zertifizierung, G2 COS, eHealth, STARCOS 3.7 COS HBA-SMC, Giesecke+Devrient Mobile Security GmbH"
Author: Bundesamt fĂĽr Sicherheit in der Informationstechnik
Creation date: D:20210629114835+02'00'
Modification date: D:20210629121138+02'00'
Pages: 40
Creator: Writer
Producer: LibreOffice 6.3

Frontpage

Certificate ID: BSI-DSZ-CC-0976-V4-2021
Certified item: STARCOS 3.7 COS HBA-SMC
Certification lab: BSI
Developer: Giesecke+Devrient Mobile Security GmbH

References

Outgoing
  • BSI-DSZ-CC-0976-V3-2019 - STARCOS 3.7 COS GKV C2
  • BSI-DSZ-CC-1110-V3-2020 - Infineon Security Controller IFX_CCI_000003h, 000005h, 000008h, 00000Ch, 000013h, 000014h, 000015h, 00001Ch, 00001Dh, 000021h, 000022h in the design step H13 and including optional software libraries and dedicated firmware in several versions
Incoming

Security target ?

Security target PDF TXT

Extracted keywords

Symmetric Algorithms
AES, HPC, CMAC
Asymmetric Algorithms
ECDH, ECDSA, ECC, Diffie-Hellman, DH, DSA
Hash functions
SHA-1, SHA-224, SHA-384, SHA-256, SHA-512
Schemes
MAC, Key agreement, Key Agreement
Protocols
SSL, PACE
Randomness
RND, RNG
Elliptic Curves
brainpoolP256r1, brainpoolP384r1, brainpoolP512r1
Block cipher modes
CBC

Operating System name
STARCOS 3
Trusted Execution Environments
SE
Vendor
NXP Semiconductors, Infineon, Infineon Technologies AG, STMicroelectronics, Giesecke+Devrient

Security level
EAL4, EAL 4, EAL 6, EAL6, EAL6+, EAL4 augmented
Claims
O.RND, O.AES, O.PACE_CHIP, T.RND
Security Assurance Requirements (SAR)
ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, ADV_ARC, ADV_FSP, ADV_IMP, AGD_OPE.1, AGD_PRE.1, AGD_OPE, AGD_PRE, ALC_DVS.2, ALC_CMC.4, ALC_CMS.4, ALC_DEL.1, ALC_LCD.1, ALC_TAT.1, ALC_DEL, ALC_DVS, ALC_CMS, ALC_CMC, ALC_FLR.1, ATE_FUN.1, ATE_IND.2, ATE_DPT.2, ATE_COV.2, ATE_COV, ATE_DPT.1, AVA_VAN.5, AVA_VAN, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1, ASE_ECD
Security Functional Requirements (SFR)
FAU_SAS, FAU_SAS.1, FCS_RNG, FCS_COP, FCS_CKM, FCS_RNG.1, FCS_CKM.4, FCS_RNG.1.1, FCS_RNG.1.2, FCS_CKM.1, FCS_COP.1, FCS_CKM.2, FCS_COP.1.1, FCS_CKM.4.1, FDP_ITT, FDP_IFC, FDP_SDC, FDP_SDI, FDP_RIP.1, FDP_SDI.2, FDP_ACC, FDP_ACF, FDP_SDC.1, FDP_ITT.1, FDP_IFC.1, FDP_RIP.1.1, FDP_SDI.1, FDP_SDI.2.1, FDP_SDI.2.2, FDP_ACF.1, FDP_ACC.1, FDP_ITC.1, FDP_ITC.2, FDP_RIP, FDP_UCT, FDP_UCT.1, FDP_UIT, FDP_UIT.1, FIA_API, FIA_AFL, FIA_ATD.1, FIA_SOS.1, FIA_UAU.1, FIA_UAU.4, FIA_UAU.5, FIA_UAU.6, FIA_API.1, FIA_USB.1, FIA_USB, FIA_UAU, FIA_UID.1, FIA_SOS.1.1, FIA_AFL.1, FIA_ATD.1.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UAU.4.1, FIA_UAU.5.1, FIA_UAU.5.2, FIA_UAU.6.1, FIA_UID.1.1, FIA_UID.1.2, FIA_API.1.1, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FIA_UID, FIA_ATD, FIA_ACF, FIA_ACC, FMT_LIM, FMT_SMR.1, FMT_MSA.3, FMT_SMF.1, FMT_MSA, FMT_MTD, FMT_LIM.1, FMT_LIM.2, FMT_SMR.1.1, FMT_SMR.1.2, FMT_SMF.1.1, FMT_MSA.1, FMT_MSA.3.1, FMT_MSA.3.2, FMT_MTD.1, FMT_SMR, FMT_SRM, FPT_FLS, FPT_PHP, FPT_ITT, FPT_EMS, FPT_ITE, FPT_FLS.1, FPT_EMS.1, FPT_TDC.1, FPT_ITE.1, FPT_ITE.2, FPT_TST.1, FPT_PHP.3, FPT_ITT.1, FPT_FLS.1.1, FPT_TST, FPT_EMS.1.1, FPT_EMS.1.2, FPT_TDC.1.1, FPT_TDC.1.2, FPT_ITE.1.1, FPT_ITE.1.2, FPT_ITE.2.1, FPT_ITE.2.2, FPT_TST.1.1, FPT_TST.1.2, FPT_TST.1.3, FRU_FLT, FRU_FLT.2, FTP_ITC, FTP_ITE, FTP_ITC.1, FTP_TRP.1
Protection profiles
BSI-PP-0084-2014, BSI-CC-PP-0084-2014, BSI-CC-PP- 0084-2014, BSI-CC-PP-0082-V4, BSI-CC-PP- 0082-V4, BSI-CC-PP-0084-2007, BSI-CC-PP-0084-, BSI-CC-PP-0082-V3, BSI-PP-0084-, BSI-CC-PP-0035-2007
Certificates
BSI-DSZ-CC-1110-V3-2020
Certification process
out of scope, and cryptographic key sizes 2048 bits and 3072 bits modulus length for RSA private key operation is out of scope for the TOE. 371 The TOE shall meet the requirement “Cryptographic operation – CB ECC (FCS_COP.1/CB

Side-channel analysis
Leak-Inherent, Physical Probing, side channel, SPA, DPA, physical tampering, Malfunction, malfunction, DFA, Bleichenbacher attack, JIL
Certification process
out of scope, and cryptographic key sizes 2048 bits and 3072 bits modulus length for RSA private key operation is out of scope for the TOE. 371 The TOE shall meet the requirement “Cryptographic operation – CB ECC (FCS_COP.1/CB

Standards
FIPS 180-4, FIPS 197, FIPS PUB 197, FIPS PUB 180-4, NIST SP 800-38B, PKCS #1, AIS31, AIS20, RFC5639, RFC 5639, ISO/IEC 7816, CCMB-2017-05-001, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004
Technical reports
BSI TR-03143, BSI TR-03111

File metadata

Title: G+D MS Security Target to BSI-PP-0082-V4
Subject: Security Target STARCOS 3.7 COS HBA-SMC
Keywords: Version 1.0/18.05.2021
Author: Giesecke+Devrient Mobile Security GmbH
Creation date: D:20210617104602+02'00'
Modification date: D:20210617104602+02'00'
Pages: 166
Creator: Microsoft® Word für Microsoft 365
Producer: Microsoft® Word für Microsoft 365

References

Outgoing
  • BSI-DSZ-CC-1110-V3-2020 - Infineon Security Controller IFX_CCI_000003h, 000005h, 000008h, 00000Ch, 000013h, 000014h, 000015h, 00001Ch, 00001Dh, 000021h, 000022h in the design step H13 and including optional software libraries and dedicated firmware in several versions
Incoming

Heuristics ?

Certificate ID: BSI-DSZ-CC-0976-V4-2021

Extracted SARs

ASE_TSS.1, ATE_FUN.1, ALC_TAT.1, ASE_CCL.1, ASE_INT.1, ADV_TDS.3, ALC_LCD.1, ASE_REQ.2, ASE_SPD.1, ATE_DPT.2, ALC_CMS.4, ALC_DEL.1, AVA_VAN.5, ALC_FLR.1, ALC_DVS.2, AGD_PRE.1, ASE_OBJ.2, AGD_OPE.1, ATE_IND.2, ALC_CMC.4, ADV_IMP.1, ASE_ECD.1, ADV_FSP.4, ATE_COV.2, ADV_ARC.1

Scheme data ?

Cert Id BSI-DSZ-CC-0976-V4-2021
Product STARCOS 3.7 COS HBA-SMC
Vendor Giesecke & Devrient GmbH seit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH
Certification Date 18.06.2021
Category eHealth
Url https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_SmartCards/0976_0976V2_0976V3_0976V4.html
Enhanced
Product STARCOS 3.7 COS HBA-SMC
Applicant Giesecke & Devrient GmbH seit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH Prinzregentenstr. 159 81677 MĂĽnchen
Evaluation Facility SRC Security Research & Consulting GmbH
Assurance Level EAL4+,ALC_DVS.2,ATE_DPT.2,AVA_VAN.5
Protection Profile Card Operating System Generation 2 (PP COS G2), Version 2.1, 10 July 2019, BSI-CC-PP-0082-V4-2019
Certification Date 18.06.2021
Expiration Date 17.06.2026
Entries [frozendict({'id': 'BSI-DSZ-CC-0976-V4-2021-MA-01 (Ausstellungsdatum / Certification Date 09.05.2022)', 'description': 'The partial ALC re-evaluation for procedure 0976-V4 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V4-2021 (Ausstellungsdatum / Certification Date 18.06.2021, gültig bis / valid until 17.06.2026)\nZertifizierungsreport / Certification Report', 'description': 'Software'}), frozendict({'id': 'BSI', 'description': 'The partial ALC re-evaluation for procedure 0976-V3 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V3-2019-MA-01 (Ausstellungsdatum / Certification Date 15.06.2021)', 'description': 'Maintenance Report'}), frozendict({'id': 'BSI-DSZ-CC-0976-V3-2019 (Ausstellungsdatum / Certification Date 21.11.2019, gültig bis / valid until 20.11.2024)', 'description': '), to adaptations in the life-cycle model as well as to the integration of the functional package Contactless and further specific changes in the Embedded Software including a corresponding update of the related user guidance documentation. In particular, the TOE’s (crypto) implementation was re-evaluated and reassessed.'}), frozendict({'id': 'BSI-DSZ-CC-0976-V2-2018 (Ausstellungsdatum / Certification Date 20.09.2018, gültig bis / valid until 19.09.2023)', 'description': 'Software'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015-MA-01 (Ausstellungsdatum / Certification Date 02.08.2018)', 'description': 'The changes are related to an update and reevaluation of the product life-cycle caused by changes in the development and porduction sites. The certified product itself did not change.'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015-RA-01 (Ausstellungsdatum / Certification Date 19.09.2017)', 'description': 'Security Target'}), frozendict({'id': 'BSI-DSZ-CC-0976-2015 (Ausstellungsdatum / Certification Date 29.12.2015, gültig bis / valid until 28.12.2020)', 'description': 'Security Target'})]
Report Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4a_pdf.pdf?__blob=publicationFile&v=3
Target Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4b_pdf.pdf?__blob=publicationFile&v=3
Cert Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4c_pdf.pdf?__blob=publicationFile&v=3
Description The Target of Evaluation (TOE) is the product STARCOS 3.6 COSGKV C1 developed by Giesecke & Devrient GmbH. The TOE is a smart card product according to the G2 Card Operating System (G2-COS) specification from gematik. The TOE is intended to be used as a card operating system platform for specific card types and applications of the card generation G2 in the framework of the German health care system, and therefore implements the mandatory part of the G2-COS specification with the base functionality of the operating system platform only. The TOE implements from the PP-0082-V2 the base part without any of the optional packages.
Subcategory Smartcards

References ?

Updates ?

  • 03.07.2023 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1067-V4-2023']}}, 'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1067-V4-2023']}}} data.
  • 26.06.2023 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1068-V4-2023']}}, 'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1068-V4-2023']}}} data.
  • 26.04.2023 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'scheme_data': {'cert_id': 'BSI-DSZ-CC-0976-V4-2021', 'product': 'STARCOS 3.7 COS HBA-SMC', 'vendor': 'Giesecke & Devrient GmbH seit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH', 'certification_date': '18.06.2021', 'category': 'eHealth', 'url': 'https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_SmartCards/0976_0976V2_0976V3_0976V4.html', 'enhanced': {'product': 'STARCOS 3.7 COS HBA-SMC', 'applicant': 'Giesecke & Devrient GmbH\n\nseit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH\nPrinzregentenstr. 159\n81677 MĂĽnchen', 'evaluation_facility': 'SRC Security Research & Consulting GmbH', 'assurance_level': 'EAL4+,ALC_DVS.2,ATE_DPT.2,AVA_VAN.5', 'protection_profile': 'Card Operating System Generation 2 (PP COS G2), Version 2.1, 10 July 2019, BSI-CC-PP-0082-V4-2019', 'certification_date': '18.06.2021', 'expiration_date': '17.06.2026', 'entries': [{'id': 'BSI-DSZ-CC-0976-V4-2021-MA-01 (Ausstellungsdatum / Certification Date 09.05.2022)', 'description': 'The partial ALC re-evaluation for procedure 0976-V4 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.'}, {'id': 'BSI-DSZ-CC-0976-V4-2021 (Ausstellungsdatum / Certification Date 18.06.2021, gĂĽltig bis / valid until 17.06.2026)\nZertifizierungsreport / Certification Report', 'description': 'Software'}, {'id': 'BSI', 'description': 'The partial ALC re-evaluation for procedure 0976-V3 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.'}, {'id': 'BSI-DSZ-CC-0976-V3-2019-MA-01 (Ausstellungsdatum / Certification Date 15.06.2021)', 'description': 'Maintenance Report'}, {'id': 'BSI-DSZ-CC-0976-V3-2019 (Ausstellungsdatum / Certification Date 21.11.2019, gĂĽltig bis / valid until 20.11.2024)', 'description': '), to adaptations in the life-cycle model as well as to the integration of the functional package Contactless and further specific changes in the Embedded Software including a corresponding update of the related user guidance documentation. In particular, the TOE’s (crypto) implementation was re-evaluated and reassessed.'}, {'id': 'BSI-DSZ-CC-0976-V2-2018 (Ausstellungsdatum / Certification Date 20.09.2018, gĂĽltig bis / valid until 19.09.2023)', 'description': 'Software'}, {'id': 'BSI-DSZ-CC-0976-2015-MA-01 (Ausstellungsdatum / Certification Date 02.08.2018)', 'description': 'The changes are related to an update and reevaluation of the product life-cycle caused by changes in the development and porduction sites. The certified product itself did not change.'}, {'id': 'BSI-DSZ-CC-0976-2015-RA-01 (Ausstellungsdatum / Certification Date 19.09.2017)', 'description': 'Security Target'}, {'id': 'BSI-DSZ-CC-0976-2015 (Ausstellungsdatum / Certification Date 29.12.2015, gĂĽltig bis / valid until 28.12.2020)', 'description': 'Security Target'}], 'report_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4a_pdf.pdf?__blob=publicationFile&v=3', 'target_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4b_pdf.pdf?__blob=publicationFile&v=3', 'cert_link': 'https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4c_pdf.pdf?__blob=publicationFile&v=3', 'description': 'The Target of Evaluation (TOE) is the product STARCOS 3.6 COSGKV C1 developed by Giesecke & Devrient GmbH. The TOE is a smart card product according to the G2 Card Operating System (G2-COS) specification from gematik. The TOE is intended to be used as a card operating system platform for specific card types and applications of the card generation G2 in the framework of the German health care system, and therefore implements the mandatory part of the G2-COS specification with the base functionality of the operating system platform only. The TOE implements from the PP-0082-V2 the base part without any of the optional packages.'}, 'subcategory': 'Smartcards'}}.
  • 11.02.2023 The certificate data changed.
    Certificate changed

    The _type was updated.

    • The new value is sec_certs.sample.cc.CCCertificate.

    The Maintenance Updates of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.cc.CCCertificate.MaintenanceReport', 'maintenance_date': '2022-05-09', 'maintenance_title': 'STARCOS 3.7 COS HBA-SMC', 'maintenance_report_link': 'https://www.commoncriteriaportal.org/files/epfiles/0976v4ma1a_pdf.pdf', 'maintenance_st_link': None}]}.

    The state of the certificate object was updated.

    • The _type property was set to sec_certs.sample.cc.CCCertificate.InternalState.
    • The following properties were deleted: ['errors'].

    The PDF extraction data was updated.

    • The _type property was set to sec_certs.sample.cc.CCCertificate.PdfData.

    The computed heuristics were updated.

    • The following values were inserted: {'direct_transitive_cves': None, 'indirect_transitive_cves': None}.
    • The _type property was set to sec_certs.sample.cc.CCCertificate.Heuristics.
    • The following properties were deleted: ['direct_dependency_cves', 'indirect_dependency_cves'].
  • 26.12.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1067-V3-2022']}}, 'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1067-V3-2022']}}} data.
    • The report_references property was updated, with the {'directly_referencing': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0976-V3-2019']}}, 'indirectly_referencing': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0976-2015', 'BSI-DSZ-CC-0976-V2-2018', 'BSI-DSZ-CC-0879-2014', 'BSI-DSZ-CC-0916-2015', 'BSI-DSZ-CC-0945-2017', 'BSI-DSZ-CC-0782-V2-2015', 'BSI-DSZ-CC-0976-V3-2019']}}} data.
  • 25.12.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referenced_by': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1067-V3-2022']}}, 'indirectly_referenced_by': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1067-V3-2022']}}} data.
    • The report_references property was updated, with the {'directly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0976-V3-2019']}}, 'indirectly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0976-V3-2019', 'BSI-DSZ-CC-0976-V2-2018']}, '__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0782-2012', 'BSI-DSZ-CC-0891-2015', 'BSI-DSZ-CC-0891-V2-2016']}}} data.
  • 25.12.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The report_references property was updated, with the {'indirectly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0976-2015', 'BSI-DSZ-CC-0879-2014', 'BSI-DSZ-CC-0782-2012', 'BSI-DSZ-CC-0916-2015', 'BSI-DSZ-CC-0782-V2-2015']}, '__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0945-V2-2018']}}} data.
  • 24.12.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The report_references property was updated, with the {'indirectly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0891-2015', 'BSI-DSZ-CC-0945-V2-2018', 'BSI-DSZ-CC-0945-2017', 'BSI-DSZ-CC-0891-V2-2016']}, '__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0945-V3-2018']}}} data.
  • 24.12.2022 The certificate data changed.
    Certificate changed

    The cert_link was updated.

    • The new value is https://www.commoncriteriaportal.org/files/epfiles/0976V4c_pdf.pdf.

    The manufacturer_web was updated.

    • The new value is https://www.gi-de.com/de/de/mobile-security/.

    The Protection profiles of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Card Operating System Generation 2', 'pp_eal': 'EAL4+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/pp0082b_pdf.pdf', 'pp_ids': None}]}.

    The state of the certificate object was updated.

    • The st_download_ok property was set to True.
    • The st_convert_ok property was set to True.
    • The st_extract_ok property was set to True.
    • The errors property was set to [].
    • The st_pdf_hash property was set to e097b29728ebc08d227c0c049e9b75a778e61e9a3b3358f940f5cac11be3b8ee.
    • The st_txt_hash property was set to a3f0d2ba96a19dac465792312eb6316e80ac3b025f9bd2b530cea51d93931f34.

    The PDF extraction data was updated.

    • The st_metadata property was set to {'pdf_file_size_bytes': 2539468, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 166, '/Title': 'G+D MS Security Target to BSI-PP-0082-V4', '/Author': 'Giesecke+Devrient Mobile Security GmbH', '/Subject': 'Security Target STARCOS 3.7 COS HBA-SMC', '/Keywords': 'Version 1.0/18.05.2021', '/Creator': 'Microsoft® Word fĂĽr Microsoft 365', '/CreationDate': "D:20210617104602+02'00'", '/ModDate': "D:20210617104602+02'00'", '/Producer': 'Microsoft® Word fĂĽr Microsoft 365', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The st_frontpage property was set to {'anssi': {}, 'bsi': {}, 'nscib': {}, 'niap': {}, 'canada': {}}.
    • The st_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1110-V3-2020': 4}}, 'cc_protection_profile_id': {'BSI': {'BSI-PP-0084-2014': 8, 'BSI-CC-PP-0084-2014': 57, 'BSI-CC-PP- 0084-2014': 6, 'BSI-CC-PP-0082-V4': 27, 'BSI-CC-PP- 0082-V4': 2, 'BSI-CC-PP-0084-2007': 1, 'BSI-CC-PP-0084-': 4, 'BSI-CC-PP-0082-V3': 1, 'BSI-PP-0084-': 2, 'BSI-CC-PP-0035-2007': 1}}, 'cc_security_level': {'EAL': {'EAL4': 14, 'EAL 4': 2, 'EAL 6': 2, 'EAL6': 1, 'EAL6+': 1, 'EAL4 augmented': 4}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 9, 'ADV_FSP.4': 6, 'ADV_IMP.1': 6, 'ADV_TDS.3': 3, 'ADV_ARC': 2, 'ADV_FSP': 2, 'ADV_IMP': 2}, 'AGD': {'AGD_OPE.1': 6, 'AGD_PRE.1': 2, 'AGD_OPE': 2, 'AGD_PRE': 2}, 'ALC': {'ALC_DVS.2': 12, 'ALC_CMC.4': 1, 'ALC_CMS.4': 1, 'ALC_DEL.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.1': 1, 'ALC_DEL': 2, 'ALC_DVS': 2, 'ALC_CMS': 2, 'ALC_CMC': 2, 'ALC_FLR.1': 1}, 'ATE': {'ATE_FUN.1': 6, 'ATE_IND.2': 5, 'ATE_DPT.2': 11, 'ATE_COV.2': 1, 'ATE_COV': 2, 'ATE_DPT.1': 1}, 'AVA': {'AVA_VAN.5': 10, 'AVA_VAN': 2}, 'ASE': {'ASE_CCL.1': 1, 'ASE_ECD.1': 1, 'ASE_INT.1': 1, 'ASE_OBJ.2': 1, 'ASE_REQ.2': 1, 'ASE_SPD.1': 1, 'ASE_TSS.1': 1, 'ASE_ECD': 2}}, 'cc_sfr': {'FAU': {'FAU_SAS': 8, 'FAU_SAS.1': 3}, 'FCS': {'FCS_RNG': 34, 'FCS_COP': 189, 'FCS_CKM': 83, 'FCS_RNG.1': 20, 'FCS_CKM.4': 64, 'FCS_RNG.1.1': 3, 'FCS_RNG.1.2': 2, 'FCS_CKM.1': 39, 'FCS_COP.1': 27, 'FCS_CKM.2': 9, 'FCS_COP.1.1': 1, 'FCS_CKM.4.1': 1}, 'FDP': {'FDP_ITT': 7, 'FDP_IFC': 7, 'FDP_SDC': 8, 'FDP_SDI': 7, 'FDP_RIP.1': 12, 'FDP_SDI.2': 11, 'FDP_ACC': 123, 'FDP_ACF': 110, 'FDP_SDC.1': 3, 'FDP_ITT.1': 3, 'FDP_IFC.1': 16, 'FDP_RIP.1.1': 1, 'FDP_SDI.1': 1, 'FDP_SDI.2.1': 1, 'FDP_SDI.2.2': 1, 'FDP_ACF.1': 41, 'FDP_ACC.1': 44, 'FDP_ITC.1': 35, 'FDP_ITC.2': 35, 'FDP_RIP': 9, 'FDP_UCT': 7, 'FDP_UCT.1': 1, 'FDP_UIT': 8, 'FDP_UIT.1': 2}, 'FIA': {'FIA_API': 10, 'FIA_AFL': 22, 'FIA_ATD.1': 20, 'FIA_SOS.1': 8, 'FIA_UAU.1': 20, 'FIA_UAU.4': 12, 'FIA_UAU.5': 17, 'FIA_UAU.6': 12, 'FIA_API.1': 16, 'FIA_USB.1': 30, 'FIA_USB': 32, 'FIA_UAU': 50, 'FIA_UID.1': 19, 'FIA_SOS.1.1': 1, 'FIA_AFL.1': 4, 'FIA_ATD.1.1': 1, 'FIA_UAU.1.1': 1, 'FIA_UAU.1.2': 1, 'FIA_UAU.4.1': 1, 'FIA_UAU.5.1': 1, 'FIA_UAU.5.2': 1, 'FIA_UAU.6.1': 1, 'FIA_UID.1.1': 1, 'FIA_UID.1.2': 1, 'FIA_API.1.1': 1, 'FIA_USB.1.1': 1, 'FIA_USB.1.2': 1, 'FIA_USB.1.3': 2, 'FIA_UID': 14, 'FIA_ATD': 10, 'FIA_ACF': 1, 'FIA_ACC': 1}, 'FMT': {'FMT_LIM': 15, 'FMT_SMR.1': 41, 'FMT_MSA.3': 39, 'FMT_SMF.1': 51, 'FMT_MSA': 68, 'FMT_MTD': 38, 'FMT_LIM.1': 3, 'FMT_LIM.2': 2, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1, 'FMT_SMF.1.1': 1, 'FMT_MSA.1': 8, 'FMT_MSA.3.1': 1, 'FMT_MSA.3.2': 1, 'FMT_MTD.1': 4, 'FMT_SMR': 9, 'FMT_SRM': 1}, 'FPT': {'FPT_FLS': 7, 'FPT_PHP': 7, 'FPT_ITT': 7, 'FPT_EMS': 10, 'FPT_ITE': 11, 'FPT_FLS.1': 16, 'FPT_EMS.1': 15, 'FPT_TDC.1': 10, 'FPT_ITE.1': 11, 'FPT_ITE.2': 13, 'FPT_TST.1': 11, 'FPT_PHP.3': 4, 'FPT_ITT.1': 3, 'FPT_FLS.1.1': 1, 'FPT_TST': 2, 'FPT_EMS.1.1': 1, 'FPT_EMS.1.2': 1, 'FPT_TDC.1.1': 1, 'FPT_TDC.1.2': 1, 'FPT_ITE.1.1': 1, 'FPT_ITE.1.2': 1, 'FPT_ITE.2.1': 5, 'FPT_ITE.2.2': 1, 'FPT_TST.1.1': 1, 'FPT_TST.1.2': 1, 'FPT_TST.1.3': 1}, 'FRU': {'FRU_FLT': 7, 'FRU_FLT.2': 3}, 'FTP': {'FTP_ITC': 22, 'FTP_ITE': 1, 'FTP_ITC.1': 12, 'FTP_TRP.1': 5}}, 'cc_claims': {'O': {'O.RND': 8, 'O.AES': 7, 'O.PACE_CHIP': 2}, 'T': {'T.RND': 5}}, 'vendor': {'NXP': {'NXP Semiconductors': 1}, 'Infineon': {'Infineon': 2, 'Infineon Technologies AG': 2}, 'STMicroelectronics': {'STMicroelectronics': 1}, 'GD': {'Giesecke+Devrient': 14}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 82}, 'HPC': {'HPC': 1}}, 'constructions': {'MAC': {'CMAC': 43}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 6}, 'ECDSA': {'ECDSA': 38}, 'ECC': {'ECC': 16}}, 'FF': {'DH': {'Diffie-Hellman': 1, 'DH': 12}, 'DSA': {'DSA': 1}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 3}, 'SHA2': {'SHA-224': 2, 'SHA-384': 6, 'SHA-256': 11, 'SHA-512': 4}}}, 'crypto_scheme': {'MAC': {'MAC': 33}, 'KA': {'Key agreement': 1, 'Key Agreement': 1}}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 1}}, 'PACE': {'PACE': 123}}, 'randomness': {'RNG': {'RND': 15, 'RNG': 38}}, 'cipher_mode': {'CBC': {'CBC': 4}}, 'ecc_curve': {'Brainpool': {'brainpoolP256r1': 4, 'brainpoolP384r1': 4, 'brainpoolP512r1': 4}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'Leak-Inherent': 15, 'Physical Probing': 2, 'side channel': 1, 'SPA': 1, 'DPA': 1}, 'FI': {'physical tampering': 3, 'Malfunction': 17, 'malfunction': 1, 'DFA': 1}, 'other': {'Bleichenbacher attack': 1, 'JIL': 3}}, 'technical_report_id': {'BSI': {'BSI TR-03143': 2, 'BSI TR-03111': 3}}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 1}}, 'os_name': {'STARCOS': {'STARCOS 3': 179}}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 180-4': 1, 'FIPS 197': 4, 'FIPS PUB 197': 1, 'FIPS PUB 180-4': 1}, 'NIST': {'NIST SP 800-38B': 1}, 'PKCS': {'PKCS #1': 2}, 'BSI': {'AIS31': 1, 'AIS20': 2}, 'RFC': {'RFC5639': 3, 'RFC 5639': 1}, 'ISO': {'ISO/IEC 7816': 2}, 'CC': {'CCMB-2017-05-001': 1, 'CCMB-2017-04-001': 1, 'CCMB-2017-04-002': 1, 'CCMB-2017-04-003': 1, 'CCMB-2017-04-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'and cryptographic key sizes 2048 bits and 3072 bits modulus length for RSA private key operation is out of scope for the TOE. 371 The TOE shall meet the requirement “Cryptographic operation – CB ECC (FCS_COP.1/CB': 1}}}.
    • The st_filename property was set to 0976V4b_pdf.pdf.

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V3-2020']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V3-2020']}} data.
    • The report_references property was updated, with the {'directly_referencing': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0976-V3-2019']}}, 'indirectly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0945-V3-2018']}, '__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0976-2015', 'BSI-DSZ-CC-0976-V2-2018', 'BSI-DSZ-CC-0879-2014', 'BSI-DSZ-CC-0916-2015', 'BSI-DSZ-CC-0782-V2-2015', 'BSI-DSZ-CC-0976-V3-2019']}}} data.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}]} values added.
  • 23.12.2022 The certificate data changed.
    Certificate changed

    The cert_link was updated.

    • The new value is None.

    The manufacturer_web was updated.

    • The new value is None.

    The Protection profiles of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'PP_COS_G2', 'pp_eal': None, 'pp_link': None, 'pp_ids': None}]}.

    The computed heuristics were updated.

    • The report_references property was updated, with the {'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V3-2020']}, 'indirectly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0976-2015', 'BSI-DSZ-CC-0976-V2-2018', 'BSI-DSZ-CC-0879-2014', 'BSI-DSZ-CC-0916-2015', 'BSI-DSZ-CC-0782-V2-2015', 'BSI-DSZ-CC-0976-V3-2019']}, '__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V3-2020']}}} data.
  • 23.12.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The st_download_ok property was set to False.
    • The st_convert_ok property was set to False.
    • The st_extract_ok property was set to False.
    • The errors property was set to ['failed to download ST from https://www.commoncriteriaportal.org/files/epfiles/0976V4b_pdf.pdf, code: nok'].
    • The st_pdf_hash property was set to None.
    • The st_txt_hash property was set to None.

    The PDF extraction data was updated.

    • The st_metadata property was set to None.
    • The st_frontpage property was set to None.
    • The st_keywords property was set to None.
    • The st_filename property was set to None.

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1068-V3-2022']}}, 'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1068-V3-2022']}}, 'directly_referencing': None, 'indirectly_referencing': None} data.
    • The report_references property was updated, with the {'directly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V3-2020']}}, 'indirectly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V3-2020']}, '__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0879-2014', 'BSI-DSZ-CC-0916-2015', 'BSI-DSZ-CC-0976-2015', 'BSI-DSZ-CC-0782-V2-2015']}}} data.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}]} values discarded.
  • 22.12.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The st_download_ok property was set to True.
    • The st_convert_ok property was set to True.
    • The st_extract_ok property was set to True.
    • The errors property was set to [].
    • The st_pdf_hash property was set to e097b29728ebc08d227c0c049e9b75a778e61e9a3b3358f940f5cac11be3b8ee.
    • The st_txt_hash property was set to a3f0d2ba96a19dac465792312eb6316e80ac3b025f9bd2b530cea51d93931f34.

    The PDF extraction data was updated.

    • The st_metadata property was set to {'pdf_file_size_bytes': 2539468, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 166, '/Title': 'G+D MS Security Target to BSI-PP-0082-V4', '/Author': 'Giesecke+Devrient Mobile Security GmbH', '/Subject': 'Security Target STARCOS 3.7 COS HBA-SMC', '/Keywords': 'Version 1.0/18.05.2021', '/Creator': 'Microsoft® Word fĂĽr Microsoft 365', '/CreationDate': "D:20210617104602+02'00'", '/ModDate': "D:20210617104602+02'00'", '/Producer': 'Microsoft® Word fĂĽr Microsoft 365', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The st_frontpage property was set to {'anssi': {}, 'bsi': {}, 'nscib': {}, 'niap': {}, 'canada': {}}.
    • The st_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1110-V3-2020': 4}}, 'cc_protection_profile_id': {'BSI': {'BSI-PP-0084-2014': 8, 'BSI-CC-PP-0084-2014': 57, 'BSI-CC-PP- 0084-2014': 6, 'BSI-CC-PP-0082-V4': 27, 'BSI-CC-PP- 0082-V4': 2, 'BSI-CC-PP-0084-2007': 1, 'BSI-CC-PP-0084-': 4, 'BSI-CC-PP-0082-V3': 1, 'BSI-PP-0084-': 2, 'BSI-CC-PP-0035-2007': 1}}, 'cc_security_level': {'EAL': {'EAL4': 14, 'EAL 4': 2, 'EAL 6': 2, 'EAL6': 1, 'EAL6+': 1, 'EAL4 augmented': 4}}, 'cc_sar': {'ADV': {'ADV_ARC.1': 9, 'ADV_FSP.4': 6, 'ADV_IMP.1': 6, 'ADV_TDS.3': 3, 'ADV_ARC': 2, 'ADV_FSP': 2, 'ADV_IMP': 2}, 'AGD': {'AGD_OPE.1': 6, 'AGD_PRE.1': 2, 'AGD_OPE': 2, 'AGD_PRE': 2}, 'ALC': {'ALC_DVS.2': 12, 'ALC_CMC.4': 1, 'ALC_CMS.4': 1, 'ALC_DEL.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.1': 1, 'ALC_DEL': 2, 'ALC_DVS': 2, 'ALC_CMS': 2, 'ALC_CMC': 2, 'ALC_FLR.1': 1}, 'ATE': {'ATE_FUN.1': 6, 'ATE_IND.2': 5, 'ATE_DPT.2': 11, 'ATE_COV.2': 1, 'ATE_COV': 2, 'ATE_DPT.1': 1}, 'AVA': {'AVA_VAN.5': 10, 'AVA_VAN': 2}, 'ASE': {'ASE_CCL.1': 1, 'ASE_ECD.1': 1, 'ASE_INT.1': 1, 'ASE_OBJ.2': 1, 'ASE_REQ.2': 1, 'ASE_SPD.1': 1, 'ASE_TSS.1': 1, 'ASE_ECD': 2}}, 'cc_sfr': {'FAU': {'FAU_SAS': 8, 'FAU_SAS.1': 3}, 'FCS': {'FCS_RNG': 34, 'FCS_COP': 189, 'FCS_CKM': 83, 'FCS_RNG.1': 20, 'FCS_CKM.4': 64, 'FCS_RNG.1.1': 3, 'FCS_RNG.1.2': 2, 'FCS_CKM.1': 39, 'FCS_COP.1': 27, 'FCS_CKM.2': 9, 'FCS_COP.1.1': 1, 'FCS_CKM.4.1': 1}, 'FDP': {'FDP_ITT': 7, 'FDP_IFC': 7, 'FDP_SDC': 8, 'FDP_SDI': 7, 'FDP_RIP.1': 12, 'FDP_SDI.2': 11, 'FDP_ACC': 123, 'FDP_ACF': 110, 'FDP_SDC.1': 3, 'FDP_ITT.1': 3, 'FDP_IFC.1': 16, 'FDP_RIP.1.1': 1, 'FDP_SDI.1': 1, 'FDP_SDI.2.1': 1, 'FDP_SDI.2.2': 1, 'FDP_ACF.1': 41, 'FDP_ACC.1': 44, 'FDP_ITC.1': 35, 'FDP_ITC.2': 35, 'FDP_RIP': 9, 'FDP_UCT': 7, 'FDP_UCT.1': 1, 'FDP_UIT': 8, 'FDP_UIT.1': 2}, 'FIA': {'FIA_API': 10, 'FIA_AFL': 22, 'FIA_ATD.1': 20, 'FIA_SOS.1': 8, 'FIA_UAU.1': 20, 'FIA_UAU.4': 12, 'FIA_UAU.5': 17, 'FIA_UAU.6': 12, 'FIA_API.1': 16, 'FIA_USB.1': 30, 'FIA_USB': 32, 'FIA_UAU': 50, 'FIA_UID.1': 19, 'FIA_SOS.1.1': 1, 'FIA_AFL.1': 4, 'FIA_ATD.1.1': 1, 'FIA_UAU.1.1': 1, 'FIA_UAU.1.2': 1, 'FIA_UAU.4.1': 1, 'FIA_UAU.5.1': 1, 'FIA_UAU.5.2': 1, 'FIA_UAU.6.1': 1, 'FIA_UID.1.1': 1, 'FIA_UID.1.2': 1, 'FIA_API.1.1': 1, 'FIA_USB.1.1': 1, 'FIA_USB.1.2': 1, 'FIA_USB.1.3': 2, 'FIA_UID': 14, 'FIA_ATD': 10, 'FIA_ACF': 1, 'FIA_ACC': 1}, 'FMT': {'FMT_LIM': 15, 'FMT_SMR.1': 41, 'FMT_MSA.3': 39, 'FMT_SMF.1': 51, 'FMT_MSA': 68, 'FMT_MTD': 38, 'FMT_LIM.1': 3, 'FMT_LIM.2': 2, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1, 'FMT_SMF.1.1': 1, 'FMT_MSA.1': 8, 'FMT_MSA.3.1': 1, 'FMT_MSA.3.2': 1, 'FMT_MTD.1': 4, 'FMT_SMR': 9, 'FMT_SRM': 1}, 'FPT': {'FPT_FLS': 7, 'FPT_PHP': 7, 'FPT_ITT': 7, 'FPT_EMS': 10, 'FPT_ITE': 11, 'FPT_FLS.1': 16, 'FPT_EMS.1': 15, 'FPT_TDC.1': 10, 'FPT_ITE.1': 11, 'FPT_ITE.2': 13, 'FPT_TST.1': 11, 'FPT_PHP.3': 4, 'FPT_ITT.1': 3, 'FPT_FLS.1.1': 1, 'FPT_TST': 2, 'FPT_EMS.1.1': 1, 'FPT_EMS.1.2': 1, 'FPT_TDC.1.1': 1, 'FPT_TDC.1.2': 1, 'FPT_ITE.1.1': 1, 'FPT_ITE.1.2': 1, 'FPT_ITE.2.1': 5, 'FPT_ITE.2.2': 1, 'FPT_TST.1.1': 1, 'FPT_TST.1.2': 1, 'FPT_TST.1.3': 1}, 'FRU': {'FRU_FLT': 7, 'FRU_FLT.2': 3}, 'FTP': {'FTP_ITC': 22, 'FTP_ITE': 1, 'FTP_ITC.1': 12, 'FTP_TRP.1': 5}}, 'cc_claims': {'O': {'O.RND': 8, 'O.AES': 7, 'O.PACE_CHIP': 2}, 'T': {'T.RND': 5}}, 'vendor': {'NXP': {'NXP Semiconductors': 1}, 'Infineon': {'Infineon': 2, 'Infineon Technologies AG': 2}, 'STMicroelectronics': {'STMicroelectronics': 1}, 'GD': {'Giesecke+Devrient': 14}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 82}, 'HPC': {'HPC': 1}}, 'constructions': {'MAC': {'CMAC': 43}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 6}, 'ECDSA': {'ECDSA': 38}, 'ECC': {'ECC': 16}}, 'FF': {'DH': {'Diffie-Hellman': 1, 'DH': 12}, 'DSA': {'DSA': 1}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 3}, 'SHA2': {'SHA-224': 2, 'SHA-384': 6, 'SHA-256': 11, 'SHA-512': 4}}}, 'crypto_scheme': {'MAC': {'MAC': 33}, 'KA': {'Key agreement': 1, 'Key Agreement': 1}}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 1}}, 'PACE': {'PACE': 123}}, 'randomness': {'RNG': {'RND': 15, 'RNG': 38}}, 'cipher_mode': {'CBC': {'CBC': 4}}, 'ecc_curve': {'Brainpool': {'brainpoolP256r1': 4, 'brainpoolP384r1': 4, 'brainpoolP512r1': 4}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'Leak-Inherent': 15, 'Physical Probing': 2, 'side channel': 1, 'SPA': 1, 'DPA': 1}, 'FI': {'physical tampering': 3, 'Malfunction': 17, 'malfunction': 1, 'DFA': 1}, 'other': {'Bleichenbacher attack': 1, 'JIL': 3}}, 'technical_report_id': {'BSI': {'BSI TR-03143': 2, 'BSI TR-03111': 3}}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 1}}, 'os_name': {'STARCOS': {'STARCOS 3': 179}}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 180-4': 1, 'FIPS 197': 4, 'FIPS PUB 197': 1, 'FIPS PUB 180-4': 1}, 'NIST': {'NIST SP 800-38B': 1}, 'PKCS': {'PKCS #1': 2}, 'BSI': {'AIS31': 1, 'AIS20': 2}, 'RFC': {'RFC5639': 3, 'RFC 5639': 1}, 'ISO': {'ISO/IEC 7816': 2}, 'CC': {'CCMB-2017-05-001': 1, 'CCMB-2017-04-001': 1, 'CCMB-2017-04-002': 1, 'CCMB-2017-04-003': 1, 'CCMB-2017-04-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'and cryptographic key sizes 2048 bits and 3072 bits modulus length for RSA private key operation is out of scope for the TOE. 371 The TOE shall meet the requirement “Cryptographic operation – CB ECC (FCS_COP.1/CB': 1}}}.
    • The st_filename property was set to 0976V4b_pdf.pdf.

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referenced_by': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1067-V3-2022']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1067-V3-2022']}, 'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V3-2020']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V3-2020']}} data.
    • The report_references property was updated, with the {'indirectly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0879-2014', 'BSI-DSZ-CC-0916-2015', 'BSI-DSZ-CC-0976-2015', 'BSI-DSZ-CC-0782-V2-2015']}, '__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0891-2015']}}} data.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}]} values added.
  • 21.12.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The st_download_ok property was set to False.
    • The st_convert_ok property was set to False.
    • The st_extract_ok property was set to False.
    • The errors property was set to ['failed to download ST from https://www.commoncriteriaportal.org/files/epfiles/0976V4b_pdf.pdf, code: nok'].
    • The st_pdf_hash property was set to None.
    • The st_txt_hash property was set to None.

    The PDF extraction data was updated.

    • The st_metadata property was set to None.
    • The st_frontpage property was set to None.
    • The st_keywords property was set to None.
    • The st_filename property was set to None.

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None} data.
    • The report_references property was updated, with the {'indirectly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0891-2015']}}} data.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}]} values discarded.
  • 05.10.2022 The certificate data changed.
    Certificate changed

    The Protection profiles of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Card Operating System Generation 2', 'pp_eal': 'EAL4+', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/pp0082b_pdf.pdf', 'pp_ids': None}]}.

    The state of the certificate object was updated.

    • The following values were inserted: {'st_convert_garbage': False, 'report_convert_garbage': False}.
  • 04.10.2022 The certificate data changed.
    Certificate changed

    The Protection profiles of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Card Operating System Generation 2', 'pp_eal': 'http://www.commoncriteriaportal.org/files/ppfiles/pp0082b_pdf.pdf', 'pp_link': None, 'pp_ids': None}]}.
  • 28.09.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The report_references property was updated, with the {'indirectly_referencing': {'__discard__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0782-V2']}}} data.
  • 24.09.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The following values were inserted: {'report_filename': '0976V4a_pdf.pdf', 'st_filename': '0976V4b_pdf.pdf'}.
    • The report_keywords property was updated, with the {'cc_cert_id': {'__update__': {'DE': {'__update__': {'BSI-DSZ-CC-0976-V4-2021': 52, 'BSI-DSZ-CC-0976-V3-2019': 6}}}}, 'cc_security_level': {'__update__': {'EAL': {'__update__': {'EAL 4': 5}}}}, 'cc_sar': {'__update__': {'AVA': {'__update__': {'AVA_VAN.5': 4}}}, '__delete__': ['ACE']}, 'cc_sfr': {'__insert__': {'FIA': {'FIA_UAU': 2, 'FIA_USB': 1}, 'FTP': {'FTP_ITC': 2}}, '__update__': {'FCS': {'__insert__': {'FCS_COP': 29, 'FCS_CKM': 4, 'FCS_RNG': 3}}}}, 'cc_claims': {'__update__': {'A': {'__delete__': ['A.S', 'A.V']}}, '__delete__': ['SA']}, 'vendor': {'__update__': {'Infineon': {'__update__': {'Infineon Technologies AG': 7}, '__delete__': ['Infineon Technologies']}, 'GD': {'__update__': {'G+D': 2}}}}, 'symmetric_crypto': {'__update__': {'AES_competition': {'__update__': {'AES': {'__delete__': ['AES-']}}}, 'constructions': {'__update__': {'MAC': {'__update__': {'CMAC': 15}}}}}}, 'asymmetric_crypto': {'__update__': {'ECC': {'__update__': {'ECDSA': {'__update__': {'ECDSA': 14}}}}, 'FF': {'__update__': {'DH': {'__update__': {'DH': 1}}}, '__delete__': ['DSA']}}}, 'crypto_scheme': {'__update__': {'MAC': {'__update__': {'MAC': 3}}}}, 'crypto_protocol': {'__update__': {'PACE': {'__update__': {'PACE': 15}}}}, 'randomness': {'__update__': {'RNG': {'__update__': {'RNG': 5}}}}, 'tee_name': {}, 'os_name': {'__update__': {'STARCOS': {'STARCOS 3': 38}}}, 'standard_id': {'__update__': {'ISO': {'__update__': {'ISO/IEC 18045': 4}}}}, 'certification_process': {'__update__': {'ConfidentialDocument': {'__insert__': {'being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, 'for STARCOS 3.7 COS HBA-SMC, Version 2.9, 2 June 2021, SRC Security Research & Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976-V4-2021, Configuration List STARCOS 3.7 COS HBA-SMC': 1, '1.1, 19 May 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) [11] Guidance Documentation STARCOS 3.7 COS HBA-SMC – Main Document, Version 1.6, 23 March 2021': 1, 'design step H13, Version 3.3, 22 April 2020, Infineon Technologies AG, BSI-DSZ-CC-1110-V3-2020 (confidential document) Security Target Lite of the underlying hardware platform, Security Target IFX_CCI_000003h': 1, 'procedure BSI-DSZ-CC-1110-V3-2020, Version 1, 23 April 2020, TĂśV Informationstechnik GmbH (confidential document) [21] EinfĂĽhrung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische': 1}, '__delete__': ['identiality being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification', 'ary for STARCOS 3.7 COS HBA-SMC, Version 2.9, 2 June 2021, SRC Security Research & Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976-V4-2021, Configuration List STARCOS 3.7 COS HBA-SMC', 'Version 1.1, 19 May 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) [11] Guidance Documentation STARCOS 3.7 COS HBA-SMC – Main Document, Version 1.6, 23 March 2021', '22h design step H13, Version 3.3, 22 April 2020, Infineon Technologies AG, BSI-DSZ-CC-1110-V3-2020 (confidential document) Security Target Lite of the underlying hardware platform, Security Target IFX_CCI_000003h', 'fication procedure BSI-DSZ-CC-1110-V3-2020, Version 1, 23 April 2020, TĂśV Informationstechnik GmbH (confidential document) [21] EinfĂĽhrung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische']}}}} data.
    • The st_keywords property was updated, with the {'cc_security_level': {'__update__': {'EAL': {'__update__': {'EAL4': 14}}}}, 'cc_sar': {'__update__': {'ADV': {'__update__': {'ADV_ARC.1': 9, 'ADV_TDS.3': 3}}, 'AGD': {'__update__': {'AGD_PRE.1': 2}}, 'ALC': {'__insert__': {'ALC_FLR.1': 1}, '__update__': {'ALC_DVS.2': 12}}, 'ATE': {'__update__': {'ATE_IND.2': 5, 'ATE_DPT.2': 11}}, 'AVA': {'__update__': {'AVA_VAN.5': 10}}}, '__delete__': ['ACE']}, 'cc_sfr': {'__update__': {'FAU': {'__update__': {'FAU_SAS': 8}}, 'FCS': {'__insert__': {'FCS_COP': 189, 'FCS_CKM': 83}, '__update__': {'FCS_RNG': 34, 'FCS_RNG.1': 20, 'FCS_CKM.1': 39, 'FCS_COP.1': 27}}, 'FDP': {'__insert__': {'FDP_ITT': 7, 'FDP_IFC': 7, 'FDP_SDI': 7, 'FDP_ACC': 123, 'FDP_ACF': 110, 'FDP_RIP': 9, 'FDP_UCT': 7, 'FDP_UCT.1': 1, 'FDP_UIT': 8, 'FDP_UIT.1': 2}, '__update__': {'FDP_SDC': 8, 'FDP_RIP.1': 12, 'FDP_SDI.2': 11, 'FDP_ACF.1': 41, 'FDP_ACC.1': 44}}, 'FIA': {'__insert__': {'FIA_AFL': 22, 'FIA_USB': 32, 'FIA_UAU': 50, 'FIA_AFL.1': 4, 'FIA_UID': 14, 'FIA_ATD': 10, 'FIA_ACF': 1, 'FIA_ACC': 1}, '__update__': {'FIA_API': 10, 'FIA_UAU.1': 20, 'FIA_UAU.5': 17, 'FIA_UAU.6': 12, 'FIA_API.1': 16, 'FIA_USB.1': 30, 'FIA_UID.1': 19}}, 'FMT': {'__insert__': {'FMT_MSA': 68, 'FMT_MTD': 38, 'FMT_MTD.1': 4, 'FMT_SMR': 9, 'FMT_SRM': 1}, '__update__': {'FMT_LIM': 15, 'FMT_SMR.1': 41, 'FMT_MSA.3': 39, 'FMT_SMF.1': 51, 'FMT_LIM.2': 2, 'FMT_MSA.1': 8}}, 'FPT': {'__insert__': {'FPT_FLS': 7, 'FPT_PHP': 7, 'FPT_ITT': 7, 'FPT_ITE': 11, 'FPT_TST': 2}, '__update__': {'FPT_EMS': 10, 'FPT_FLS.1': 16, 'FPT_EMS.1': 15, 'FPT_ITE.1': 11, 'FPT_ITE.2': 13}}, 'FRU': {'__insert__': {'FRU_FLT': 7}}, 'FTP': {'__insert__': {'FTP_ITC': 22, 'FTP_ITE': 1}, '__update__': {'FTP_ITC.1': 12}}}}, 'cc_claims': {'__update__': {'O': {'__update__': {'O.RND': 8, 'O.AES': 7}}}, '__delete__': ['A', 'SA']}, 'vendor': {'__update__': {'GD': {'__delete__': ['G&D']}}}, 'symmetric_crypto': {'__update__': {'AES_competition': {'__update__': {'AES': {'__update__': {'AES': 82}, '__delete__': ['AES-']}, 'HPC': {'__update__': {'HPC': 1}}}}, 'constructions': {'__update__': {'MAC': {'__update__': {'CMAC': 43}}}}}}, 'asymmetric_crypto': {'__update__': {'ECC': {'__update__': {'ECDH': {'__update__': {'ECDH': 6}}, 'ECDSA': {'__update__': {'ECDSA': 38}}}}, 'FF': {'__update__': {'DH': {'__update__': {'Diffie-Hellman': 1, 'DH': 12}}, 'DSA': {'__update__': {'DSA': 1}}}}}}, 'crypto_scheme': {'__update__': {'MAC': {'__update__': {'MAC': 33}}, 'KA': {'__delete__': ['KA']}}}, 'crypto_protocol': {'__update__': {'PACE': {'__update__': {'PACE': 123}}}}, 'randomness': {'__update__': {'RNG': {'__update__': {'RND': 15, 'RNG': 38}}}, '__delete__': ['TRNG']}, 'side_channel_analysis': {'__update__': {'FI': {'__update__': {'physical tampering': 3}}}}, 'tee_name': {'__update__': {'IBM': {'__update__': {'SE': 1}}}}, 'os_name': {'__update__': {'STARCOS': {'STARCOS 3': 179}}}, 'standard_id': {'__update__': {'FIPS': {'__insert__': {'FIPS 180-4': 1}}}}, 'certification_process': {'__update__': {'OutOfScope': {'__insert__': {'and cryptographic key sizes 2048 bits and 3072 bits modulus length for RSA private key operation is out of scope for the TOE. 371 The TOE shall meet the requirement “Cryptographic operation – CB ECC (FCS_COP.1/CB': 1}, '__delete__': ['and cryptographic key sizes 2048 bits and 3072 bits modulus length for RSA private key operation is out of scope for the TOE. 371 The TOE shall meet the requirement “Cryptographic operation – CB ECC ']}}}} data.

    The computed heuristics were updated.

    • The report_references property was updated, with the {'indirectly_referencing': {'__add__': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0945-V3-2018', 'BSI-DSZ-CC-1110-2019']}}} data.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_FLR', 'level': 1}]} values added.
  • 25.08.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The st_references property was updated, with the {'directly_referenced_by': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1068-V3-2022', 'BSI-DSZ-CC-1067-V3-2022']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1068-V3-2022', 'BSI-DSZ-CC-1067-V3-2022']}} data.
  • 18.07.2022 The certificate data changed.
    Certificate changed

    The _type was updated.

    • The new value is sec_certs.sample.common_criteria.CommonCriteriaCert.

    The Protection profiles of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Card Operating System Generation 2', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/pp0082b_pdf.pdf', 'pp_ids': None}]}.

    The Maintenance Updates of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.common_criteria.CommonCriteriaCert.MaintenanceReport', 'maintenance_date': '2022-05-09', 'maintenance_title': 'STARCOS 3.7 COS HBA-SMC', 'maintenance_report_link': 'https://www.commoncriteriaportal.org/files/epfiles/0976v4ma1a_pdf.pdf', 'maintenance_st_link': None}]}.

    The state of the certificate object was updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.InternalState.

    The PDF extraction data was updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.PdfData.

    The computed heuristics were updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.Heuristics.
    • The st_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
    • The report_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
    • The extracted_sars property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_ARC', 'level': 1}]}.
  • 17.07.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The report_metadata property was updated, with the {'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.bsi.bund.de/AIS', 'https://www.sogis.eu/', 'https://www.bsi.bund.de/', 'https://www.bsi.bund.de/zertifizierungsreporte', 'http://www.commoncriteriaportal.org/cc/', 'https://www.bsi.bund.de/zertifizierung', 'http://www.commoncriteriaportal.org/']}} values inserted.
    • The st_metadata property was updated, with the {'pdf_hyperlinks': {'_type': 'Set', 'elements': []}} values inserted.
    • The report_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-0976-V4-2021': 90, 'BSI-DSZ-CC-0976-V3-2019': 4, 'BSI-DSZ-CC-1110-V3-2020': 14}}, 'cc_protection_profile_id': {'BSI': {'BSI-CC-PP-0082-V4-': 1, 'BSI-CC-PP-0082-V4-2019': 3}}, 'cc_security_level': {'EAL': {'EAL 4': 4, 'EAL 5': 4, 'EAL 2': 2, 'EAL 1': 1, 'EAL 2+': 1, 'EAL5+': 1, 'EAL6': 1, 'EAL 5+': 1, 'EAL 6': 1, 'EAL 4 augmented': 3}}, 'cc_sar': {'ACE': {'ACE_PCD': 1}, 'ADV': {'ADV_ARC': 1}, 'ALC': {'ALC_DVS.2': 5, 'ALC_FLR': 2, 'ALC_CMC.4': 1, 'ALC_CMS.4': 1, 'ALC_DEL.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.1': 1}, 'ATE': {'ATE_DPT.2': 4}, 'AVA': {'AVA_VAN.5': 3}}, 'cc_sfr': {'FCS': {'FCS_RNG.1': 1}, 'FPT': {'FPT_ITE.1': 1}}, 'cc_claims': {'A': {'A.U': 1, 'A.S': 4, 'A.V': 2}, 'SA': {'SA.S': 4, 'SA.V': 2}}, 'vendor': {'Infineon': {'Infineon': 11, 'Infineon Technologies AG': 6, 'Infineon Technologies': 1}, 'GD': {'Giesecke+Devrient': 29, 'G+D': 3, 'Giesecke & Devrient': 3}}, 'eval_facility': {'TUV': {'TĂśV Informationstechnik': 1}, 'SRC': {'SRC Security Research & Consulting': 3}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 30, 'AES-': 3}, 'HPC': {'HPC': 4}}, 'constructions': {'MAC': {'CMAC': 18}}}, 'asymmetric_crypto': {'RSA': {'RSA-OAEP': 2}, 'ECC': {'ECDH': {'ECDH': 4}, 'ECDSA': {'ECDSA': 10}, 'ECC': {'ECC': 10}}, 'FF': {'DH': {'DH': 4, 'Diffie-Hellman': 1}, 'DSA': {'DSA': 10}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA-256': 3}}}, 'crypto_scheme': {'MAC': {'MAC': 18}, 'KA': {'Key Agreement': 1}}, 'crypto_protocol': {'PACE': {'PACE': 13}}, 'randomness': {'PRNG': {'PRNG': 1}, 'RNG': {'RNG': 7}}, 'cipher_mode': {'CBC': {'CBC': 10}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'side channel': 1, 'DPA': 1, 'SPA': 1}, 'FI': {'physical tampering': 1, 'malfunction': 1, 'DFA': 1, 'fault injection': 1}, 'other': {'JIL': 6}}, 'technical_report_id': {'BSI': {'BSI TR-03116-1': 1, 'BSI TR-03144': 10, 'BSI TR-03143': 5, 'BSI 7148': 1}}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 2}}, 'os_name': {'STARCOS': {'STARCOS 3.7': 38}}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 180-4': 9, 'FIPS 197': 12, 'FIPS PUB 180-4': 1, 'FIPS PUB 197': 1}, 'PKCS': {'PKCS#1': 5}, 'BSI': {'AIS 34': 4, 'AIS 36': 5, 'AIS 37': 2, 'AIS 26': 4, 'AIS 25': 4, 'AIS 20': 6, 'AIS 31': 5, 'AIS 46': 2, 'AIS 35': 2, 'AIS 1': 1, 'AIS 14': 1, 'AIS 19': 1, 'AIS 23': 1, 'AIS 32': 1, 'AIS 38': 1}, 'RFC': {'RFC 5639': 12}, 'ISO': {'ISO/IEC 15408': 4, 'ISO/IEC 17065': 2, 'ISO/IEC 18045': 2, 'ISO/IEC 18031:2005': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'ConfidentialDocument': {'identiality being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, 'Target STARCOS 3.7 COS HBA-SMC, Version 2.0, 22 April 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) 7 specifically • AIS 1, Version 14, DurchfĂĽhrung der Ortsbesichtigung in der Entwicklungsumgebung': 1, 'ary for STARCOS 3.7 COS HBA-SMC, Version 2.9, 2 June 2021, SRC Security Research & Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976-V4-2021, Configuration List STARCOS 3.7 COS HBA-SMC': 1, 'Version 1.1, 19 May 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) [11] Guidance Documentation STARCOS 3.7 COS HBA-SMC – Main Document, Version 1.6, 23 March 2021': 1, '22h design step H13, Version 3.3, 22 April 2020, Infineon Technologies AG, BSI-DSZ-CC-1110-V3-2020 (confidential document) Security Target Lite of the underlying hardware platform, Security Target IFX_CCI_000003h': 1, 'fication procedure BSI-DSZ-CC-1110-V3-2020, Version 1, 23 April 2020, TĂśV Informationstechnik GmbH (confidential document) [21] EinfĂĽhrung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische': 1}}}.
    • The st_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1110-V3-2020': 4}}, 'cc_protection_profile_id': {'BSI': {'BSI-PP-0084-2014': 8, 'BSI-CC-PP-0084-2014': 57, 'BSI-CC-PP- 0084-2014': 6, 'BSI-CC-PP-0082-V4': 27, 'BSI-CC-PP- 0082-V4': 2, 'BSI-CC-PP-0084-2007': 1, 'BSI-CC-PP-0084-': 4, 'BSI-CC-PP-0082-V3': 1, 'BSI-PP-0084-': 2, 'BSI-CC-PP-0035-2007': 1}}, 'cc_security_level': {'EAL': {'EAL4': 13, 'EAL 4': 2, 'EAL 6': 2, 'EAL6': 1, 'EAL6+': 1, 'EAL4 augmented': 4}}, 'cc_sar': {'ACE': {'ACE_PCD': 1, 'ACE_CHIP': 2}, 'ADV': {'ADV_ARC.1': 8, 'ADV_FSP.4': 6, 'ADV_IMP.1': 6, 'ADV_TDS.3': 5, 'ADV_ARC': 2, 'ADV_FSP': 2, 'ADV_IMP': 2}, 'AGD': {'AGD_OPE.1': 6, 'AGD_PRE.1': 3, 'AGD_OPE': 2, 'AGD_PRE': 2}, 'ALC': {'ALC_DVS.2': 10, 'ALC_CMC.4': 1, 'ALC_CMS.4': 1, 'ALC_DEL.1': 1, 'ALC_LCD.1': 1, 'ALC_TAT.1': 1, 'ALC_DEL': 2, 'ALC_DVS': 2, 'ALC_CMS': 2, 'ALC_CMC': 2}, 'ATE': {'ATE_FUN.1': 6, 'ATE_IND.2': 4, 'ATE_DPT.2': 12, 'ATE_COV.2': 1, 'ATE_COV': 2, 'ATE_DPT.1': 1}, 'AVA': {'AVA_VAN.5': 7, 'AVA_VAN': 2}, 'ASE': {'ASE_CCL.1': 1, 'ASE_ECD.1': 1, 'ASE_INT.1': 1, 'ASE_OBJ.2': 1, 'ASE_REQ.2': 1, 'ASE_SPD.1': 1, 'ASE_TSS.1': 1, 'ASE_ECD': 2}}, 'cc_sfr': {'FAU': {'FAU_SAS': 1, 'FAU_SAS.1': 3}, 'FCS': {'FCS_RNG': 1, 'FCS_RNG.1': 16, 'FCS_CKM.4': 64, 'FCS_RNG.1.1': 3, 'FCS_RNG.1.2': 2, 'FCS_CKM.1': 35, 'FCS_CKM.2': 9, 'FCS_COP.1': 11, 'FCS_COP.1.1': 1, 'FCS_CKM.4.1': 1}, 'FDP': {'FDP_SDC': 1, 'FDP_RIP.1': 9, 'FDP_SDI.2': 12, 'FDP_SDC.1': 3, 'FDP_ITT.1': 3, 'FDP_IFC.1': 16, 'FDP_RIP.1.1': 1, 'FDP_SDI.1': 1, 'FDP_SDI.2.1': 1, 'FDP_SDI.2.2': 1, 'FDP_ACF.1': 13, 'FDP_ACC.1': 26, 'FDP_ITC.1': 35, 'FDP_ITC.2': 35}, 'FIA': {'FIA_API': 1, 'FIA_ATD.1': 20, 'FIA_SOS.1': 8, 'FIA_UAU.1': 18, 'FIA_UAU.4': 12, 'FIA_UAU.5': 15, 'FIA_UAU.6': 10, 'FIA_API.1': 15, 'FIA_USB.1': 20, 'FIA_UID.1': 18, 'FIA_SOS.1.1': 1, 'FIA_ATD.1.1': 1, 'FIA_UAU.1.1': 1, 'FIA_UAU.1.2': 1, 'FIA_UAU.4.1': 1, 'FIA_UAU.5.1': 1, 'FIA_UAU.5.2': 1, 'FIA_UAU.6.1': 1, 'FIA_UID.1.1': 1, 'FIA_UID.1.2': 1, 'FIA_API.1.1': 1, 'FIA_USB.1.1': 1, 'FIA_USB.1.2': 1, 'FIA_USB.1.3': 2}, 'FMT': {'FMT_LIM': 1, 'FMT_SMR.1': 39, 'FMT_MSA.3': 38, 'FMT_SMF.1': 52, 'FMT_LIM.1': 3, 'FMT_LIM.2': 3, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1, 'FMT_SMF.1.1': 1, 'FMT_MSA.1': 4, 'FMT_MSA.3.1': 1, 'FMT_MSA.3.2': 1}, 'FPT': {'FPT_EMS': 1, 'FPT_FLS.1': 15, 'FPT_EMS.1': 14, 'FPT_TDC.1': 10, 'FPT_ITE.1': 10, 'FPT_ITE.2': 11, 'FPT_TST.1': 11, 'FPT_PHP.3': 4, 'FPT_ITT.1': 3, 'FPT_FLS.1.1': 1, 'FPT_EMS.1.1': 1, 'FPT_EMS.1.2': 1, 'FPT_TDC.1.1': 1, 'FPT_TDC.1.2': 1, 'FPT_ITE.1.1': 1, 'FPT_ITE.1.2': 1, 'FPT_ITE.2.1': 5, 'FPT_ITE.2.2': 1, 'FPT_TST.1.1': 1, 'FPT_TST.1.2': 1, 'FPT_TST.1.3': 1}, 'FRU': {'FRU_FLT.2': 3}, 'FTP': {'FTP_ITC.1': 5, 'FTP_TRP.1': 5}}, 'cc_claims': {'O': {'O.RND': 10, 'O.AES': 10, 'O.PACE_CHIP': 2}, 'T': {'T.RND': 5}, 'A': {'A.S': 29, 'A.V': 13}, 'SA': {'SA.S': 29, 'SA.V': 13}}, 'vendor': {'NXP': {'NXP Semiconductors': 1}, 'Infineon': {'Infineon': 2, 'Infineon Technologies AG': 2}, 'STMicroelectronics': {'STMicroelectronics': 1}, 'GD': {'Giesecke+Devrient': 14, 'G&D': 1}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 77, 'AES-': 1}, 'HPC': {'HPC': 4}}, 'constructions': {'MAC': {'CMAC': 53}}}, 'asymmetric_crypto': {'ECC': {'ECDH': {'ECDH': 4}, 'ECDSA': {'ECDSA': 12}, 'ECC': {'ECC': 16}}, 'FF': {'DH': {'Diffie-Hellman': 3, 'DH': 10}, 'DSA': {'DSA': 12}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 3}, 'SHA2': {'SHA-224': 2, 'SHA-384': 6, 'SHA-256': 11, 'SHA-512': 4}}}, 'crypto_scheme': {'MAC': {'MAC': 74}, 'KA': {'Key agreement': 1, 'KA': 1, 'Key Agreement': 1}}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 1}}, 'PACE': {'PACE': 174}}, 'randomness': {'TRNG': {'TRNG': 7}, 'RNG': {'RND': 13, 'RNG': 43}}, 'cipher_mode': {'CBC': {'CBC': 4}}, 'ecc_curve': {'Brainpool': {'brainpoolP256r1': 4, 'brainpoolP384r1': 4, 'brainpoolP512r1': 4}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'Leak-Inherent': 15, 'Physical Probing': 2, 'side channel': 1, 'SPA': 1, 'DPA': 1}, 'FI': {'physical tampering': 2, 'Malfunction': 17, 'malfunction': 1, 'DFA': 1}, 'other': {'Bleichenbacher attack': 1, 'JIL': 3}}, 'technical_report_id': {'BSI': {'BSI TR-03143': 2, 'BSI TR-03111': 3}}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 13}}, 'os_name': {'STARCOS': {'STARCOS 3.7': 181}}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 197': 4, 'FIPS PUB 197': 1, 'FIPS PUB 180-4': 1}, 'NIST': {'NIST SP 800-38B': 1}, 'PKCS': {'PKCS #1': 2}, 'BSI': {'AIS31': 1, 'AIS20': 2}, 'RFC': {'RFC5639': 3, 'RFC 5639': 1}, 'ISO': {'ISO/IEC 7816': 2}, 'CC': {'CCMB-2017-05-001': 1, 'CCMB-2017-04-001': 1, 'CCMB-2017-04-002': 1, 'CCMB-2017-04-003': 1, 'CCMB-2017-04-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'OutOfScope': {'out of scope': 1, 'and cryptographic key sizes 2048 bits and 3072 bits modulus length for RSA private key operation is out of scope for the TOE. 371 The TOE shall meet the requirement “Cryptographic operation – CB ECC ': 1}}}.

    The computed heuristics were updated.

    • The _type property was set to Heuristics.
  • 14.06.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The following values were inserted: {'report_pdf_hash': 'cab554e05b93e59ae6196b56276ae428ca12b1212c7d5312483f1e3940599b8a', 'st_pdf_hash': 'e097b29728ebc08d227c0c049e9b75a778e61e9a3b3358f940f5cac11be3b8ee', 'report_txt_hash': '9a6dd405cc7ed5f578361b6673f19f41ac76abeae96a1b3d81922ee4c64e0e8f', 'st_txt_hash': 'a3f0d2ba96a19dac465792312eb6316e80ac3b025f9bd2b530cea51d93931f34'}.

    The PDF extraction data was updated.

    • The report_keywords property was updated, with the {'rules_symmetric_crypto': {'AES': 30, 'AES-': 3, 'HPC': 4}, 'rules_asymmetric_crypto': {'ECDH': 4, 'ECDSA': 10, 'ECC': 10, 'DH': 4, 'Diffie-Hellman': 1, 'DSA': 10}, 'rules_pq_crypto': {}, 'rules_hashes': {'SHA-256': 3}, 'rules_crypto_schemes': {'PACE': 13, 'MAC': 18}, 'rules_randomness': {'PRNG': 1, 'RNG': 7}, 'rules_tee': {'SE': 2}, 'rules_side_channels': {'malfunction': 1, 'physical tampering': 1, 'side channel': 1, 'SPA': 1, 'DPA': 1, 'DFA': 1, 'fault injection': 1}} values inserted.
    • The st_keywords property was updated, with the {'rules_symmetric_crypto': {'AES': 77, 'AES-': 1, 'HPC': 4}, 'rules_asymmetric_crypto': {'ECDH': 4, 'ECDSA': 12, 'ECC': 16, 'Diffie-Hellman': 1, 'DH': 10, 'DSA': 12}, 'rules_pq_crypto': {}, 'rules_hashes': {'SHA-1': 3, 'SHA-224': 2, 'SHA-384': 6, 'SHA-256': 11, 'SHA-512': 4}, 'rules_crypto_schemes': {'PACE': 174, 'MAC': 74, 'SSL': 1}, 'rules_randomness': {'TRNG': 7, 'RND': 13, 'RNG': 43}, 'rules_tee': {'SE': 13}, 'rules_side_channels': {'Malfunction': 17, 'malfunction': 1, 'Leak-Inherent': 15, 'Physical Probing': 2, 'physical tampering': 2, 'side channel': 1, 'SPA': 1, 'DPA': 1, 'DFA': 1, 'Bleichenbacher attack': 1}} values inserted.
  • 25.05.2022 The certificate data changed.
    Certificate changed

    The Maintenance Updates of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'MaintenanceReport', 'maintenance_date': '2022-05-09', 'maintenance_title': 'STARCOS 3.7 COS HBA-SMC', 'maintenance_report_link': 'https://www.commoncriteriaportal.org/files/epfiles/0976v4ma1a_pdf.pdf', 'maintenance_st_link': None}]}.
  • 13.05.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'extracted_sars': {'_type': 'Set', 'elements': [{'_type': 'SAR', 'family': 'ALC_DEL', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_TDS', 'level': 3}, {'_type': 'SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_REQ', 'level': 2}, {'_type': 'SAR', 'family': 'ADV_ARC', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_SPD', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'SAR', 'family': 'ATE_DPT', 'level': 2}, {'_type': 'SAR', 'family': 'ATE_FUN', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_CMC', 'level': 4}, {'_type': 'SAR', 'family': 'ATE_IND', 'level': 2}, {'_type': 'SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_DVS', 'level': 2}, {'_type': 'SAR', 'family': 'AVA_VAN', 'level': 5}, {'_type': 'SAR', 'family': 'ATE_COV', 'level': 2}, {'_type': 'SAR', 'family': 'ADV_FSP', 'level': 4}, {'_type': 'SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_OBJ', 'level': 2}]}}.
  • 24.04.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'direct_dependency_cves': None, 'indirect_dependency_cves': None}.
  • 08.03.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V3-2020']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-1110-V3-2020']}}, 'report_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0976-V3-2019', 'BSI-DSZ-CC-1110-V3-2020']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0782-V2-2015', 'BSI-DSZ-CC-0976-2015', 'BSI-DSZ-CC-0976-V2-2018', 'BSI-DSZ-CC-0782-V2', 'BSI-DSZ-CC-0879-2014', 'BSI-DSZ-CC-1110-V3-2020', 'BSI-DSZ-CC-0782-2012', 'BSI-DSZ-CC-0916-2015', 'BSI-DSZ-CC-0945-2017', 'BSI-DSZ-CC-0891-V2-2016', 'BSI-DSZ-CC-1110-V2-2019', 'BSI-DSZ-CC-0976-V3-2019', 'BSI-DSZ-CC-0891-2015', 'BSI-DSZ-CC-0945-V2-2018']}}}.
    • The following properties were deleted: ['directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting'].
  • 18.02.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The report_frontpage property was updated, with the {'nscib': {}, 'niap': {}, 'canada': {}} values inserted.
    • The st_frontpage property was updated, with the {'nscib': {}, 'niap': {}, 'canada': {}} values inserted.

    The computed heuristics were updated.

    • The extracted_versions property was set to {'_type': 'Set', 'elements': ['3.7']}.
  • 28.01.2022 The certificate was first processed.
    New certificate

    A new Common Criteria certificate with the product name STARCOS 3.7 COS HBA-SMC was processed.

Raw data 

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "ICs, Smart Cards and Smart Card-Related Devices and Systems",
  "cert_link": "https://www.commoncriteriaportal.org/files/epfiles/0976V4c_pdf.pdf",
  "dgst": "988394e53c8e52d9",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "cert_id": "BSI-DSZ-CC-0976-V4-2021",
    "cert_lab": [
      "BSI"
    ],
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_IMP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_LCD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 5
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_TDS",
          "level": 3
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_SPD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_DPT",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_FUN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_OBJ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TAT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_REQ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DVS",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DEL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_TSS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_COV",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_ARC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_ECD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_INT",
          "level": 1
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "3.7"
      ]
    },
    "indirect_transitive_cves": null,
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-0976-V3-2019",
          "BSI-DSZ-CC-1110-V3-2020"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-0782-2012",
          "BSI-DSZ-CC-0891-V2-2016",
          "BSI-DSZ-CC-1110-2019",
          "BSI-DSZ-CC-0879-2014",
          "BSI-DSZ-CC-0976-V2-2018",
          "BSI-DSZ-CC-0945-V3-2018",
          "BSI-DSZ-CC-1110-V3-2020",
          "BSI-DSZ-CC-0945-V2-2018",
          "BSI-DSZ-CC-1110-V2-2019",
          "BSI-DSZ-CC-0976-V3-2019",
          "BSI-DSZ-CC-0945-2017",
          "BSI-DSZ-CC-0976-2015",
          "BSI-DSZ-CC-0891-2015",
          "BSI-DSZ-CC-0916-2015",
          "BSI-DSZ-CC-0782-V2-2015"
        ]
      }
    },
    "scheme_data": {
      "category": "eHealth",
      "cert_id": "BSI-DSZ-CC-0976-V4-2021",
      "certification_date": "18.06.2021",
      "enhanced": {
        "applicant": "Giesecke \u0026 Devrient GmbH\n\nseit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH\nPrinzregentenstr. 159\n81677 M\u00fcnchen",
        "assurance_level": "EAL4+,ALC_DVS.2,ATE_DPT.2,AVA_VAN.5",
        "cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4c_pdf.pdf?__blob=publicationFile\u0026v=3",
        "certification_date": "18.06.2021",
        "description": "The Target of Evaluation (TOE) is the product STARCOS 3.6 COSGKV C1 developed by Giesecke \u0026 Devrient GmbH. The TOE is a smart card product according to the G2 Card Operating System (G2-COS) specification from gematik. The TOE is intended to be used as a card operating system platform for specific card types and applications of the card generation G2 in the framework of the German health care system, and therefore implements the mandatory part of the G2-COS specification with the base functionality of the operating system platform only. The TOE implements from the PP-0082-V2 the base part without any of the optional packages.",
        "entries": [
          {
            "description": "The partial ALC re-evaluation for procedure 0976-V4 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.",
            "id": "BSI-DSZ-CC-0976-V4-2021-MA-01 (Ausstellungsdatum / Certification Date 09.05.2022)"
          },
          {
            "description": "Software",
            "id": "BSI-DSZ-CC-0976-V4-2021 (Ausstellungsdatum / Certification Date 18.06.2021, g\u00fcltig bis / valid until 17.06.2026)\nZertifizierungsreport / Certification Report"
          },
          {
            "description": "The partial ALC re-evaluation for procedure 0976-V3 covers the update of the product life-cycle concerning the involved development and production sites. The certified product itself did not change.",
            "id": "BSI"
          },
          {
            "description": "Maintenance Report",
            "id": "BSI-DSZ-CC-0976-V3-2019-MA-01 (Ausstellungsdatum / Certification Date 15.06.2021)"
          },
          {
            "description": "), to adaptations in the life-cycle model as well as to the integration of the functional package Contactless and further specific changes in the Embedded Software including a corresponding update of the related user guidance documentation. In particular, the TOE\u2019s (crypto) implementation was re-evaluated and reassessed.",
            "id": "BSI-DSZ-CC-0976-V3-2019 (Ausstellungsdatum / Certification Date 21.11.2019, g\u00fcltig bis / valid until 20.11.2024)"
          },
          {
            "description": "Software",
            "id": "BSI-DSZ-CC-0976-V2-2018 (Ausstellungsdatum / Certification Date 20.09.2018, g\u00fcltig bis / valid until 19.09.2023)"
          },
          {
            "description": "The changes are related to an update and reevaluation of the product life-cycle caused by changes in the development and porduction sites.  The certified product itself did not change.",
            "id": "BSI-DSZ-CC-0976-2015-MA-01 (Ausstellungsdatum / Certification Date 02.08.2018)"
          },
          {
            "description": "Security Target",
            "id": "BSI-DSZ-CC-0976-2015-RA-01 (Ausstellungsdatum / Certification Date 19.09.2017)"
          },
          {
            "description": "Security Target",
            "id": "BSI-DSZ-CC-0976-2015 (Ausstellungsdatum / Certification Date 29.12.2015, g\u00fcltig bis / valid until 28.12.2020)"
          }
        ],
        "evaluation_facility": "SRC Security Research \u0026 Consulting GmbH",
        "expiration_date": "17.06.2026",
        "product": "STARCOS 3.7 COS HBA-SMC",
        "protection_profile": "Card Operating System Generation 2 (PP COS G2), Version 2.1, 10 July 2019, BSI-CC-PP-0082-V4-2019",
        "report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4a_pdf.pdf?__blob=publicationFile\u0026v=3",
        "target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte09/0976V4b_pdf.pdf?__blob=publicationFile\u0026v=3"
      },
      "product": "STARCOS 3.7 COS HBA-SMC",
      "subcategory": "Smartcards",
      "url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_SmartCards/0976_0976V2_0976V3_0976V4.html",
      "vendor": "Giesecke \u0026 Devrient GmbH seit 1. Juli 2017 Giesecke+Devrient Mobile Security GmbH"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-1067-V3-2022",
          "BSI-DSZ-CC-1068-V3-2022",
          "BSI-DSZ-CC-1068-V4-2023",
          "BSI-DSZ-CC-1067-V4-2023"
        ]
      },
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-1110-V3-2020"
        ]
      },
      "indirectly_referenced_by": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-1068-V4-2023",
          "BSI-DSZ-CC-1068-V3-2022",
          "BSI-DSZ-CC-1067-V3-2022",
          "BSI-DSZ-CC-1067-V4-2023"
        ]
      },
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-1110-V3-2020"
        ]
      }
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": [
      {
        "_type": "sec_certs.sample.cc.CCCertificate.MaintenanceReport",
        "maintenance_date": "2022-05-09",
        "maintenance_report_link": "https://www.commoncriteriaportal.org/files/epfiles/0976v4ma1a_pdf.pdf",
        "maintenance_st_link": null,
        "maintenance_title": "STARCOS 3.7 COS HBA-SMC"
      }
    ]
  },
  "manufacturer": "G+D Mobile Security GmbH",
  "manufacturer_web": "https://www.gi-de.com/de/de/mobile-security/",
  "name": "STARCOS 3.7 COS HBA-SMC",
  "not_valid_after": "2026-06-18",
  "not_valid_before": "2021-06-18",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "report_filename": "0976V4a_pdf.pdf",
    "report_frontpage": {
      "anssi": {},
      "bsi": {
        "cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by ALC_DVS.2, ATE_DPT.2 and AVA_VAN.5",
        "cc_version": "PP conformant Common Criteria Part 2 extended",
        "cert_id": "BSI-DSZ-CC-0976-V4-2021",
        "cert_item": "STARCOS 3.7 COS HBA-SMC",
        "cert_lab": "BSI",
        "developer": "Giesecke+Devrient Mobile Security GmbH",
        "match_rules": [
          "(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
        ],
        "ref_protection_profiles": "Card Operating System Generation 2 (PP COS G2), Version 2.1, 10 July 2019, BSI-CC-PP-0082-V4- 2019"
      },
      "canada": {},
      "niap": {},
      "nscib": {}
    },
    "report_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 10
          },
          "ECDH": {
            "ECDH": 4
          },
          "ECDSA": {
            "ECDSA": 14
          }
        },
        "FF": {
          "DH": {
            "DH": 1,
            "Diffie-Hellman": 1
          }
        },
        "RSA": {
          "RSA-OAEP": 2
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-0976-V3-2019": 6,
          "BSI-DSZ-CC-0976-V4-2021": 52,
          "BSI-DSZ-CC-1110-V3-2020": 14
        }
      },
      "cc_claims": {
        "A": {
          "A.U": 1
        }
      },
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP-0082-V4-": 1,
          "BSI-CC-PP-0082-V4-2019": 3
        }
      },
      "cc_sar": {
        "ADV": {
          "ADV_ARC": 1
        },
        "ALC": {
          "ALC_CMC.4": 1,
          "ALC_CMS.4": 1,
          "ALC_DEL.1": 1,
          "ALC_DVS.2": 5,
          "ALC_FLR": 2,
          "ALC_LCD.1": 1,
          "ALC_TAT.1": 1
        },
        "ATE": {
          "ATE_DPT.2": 4
        },
        "AVA": {
          "AVA_VAN.5": 4
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 1": 1,
          "EAL 2": 2,
          "EAL 2+": 1,
          "EAL 4": 5,
          "EAL 4 augmented": 3,
          "EAL 5": 4,
          "EAL 5+": 1,
          "EAL 6": 1,
          "EAL5+": 1,
          "EAL6": 1
        }
      },
      "cc_sfr": {
        "FCS": {
          "FCS_CKM": 4,
          "FCS_COP": 29,
          "FCS_RNG": 3,
          "FCS_RNG.1": 1
        },
        "FIA": {
          "FIA_UAU": 2,
          "FIA_USB": 1
        },
        "FPT": {
          "FPT_ITE.1": 1
        },
        "FTP": {
          "FTP_ITC": 2
        }
      },
      "certification_process": {
        "ConfidentialDocument": {
          "1.1, 19 May 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) [11] Guidance Documentation STARCOS 3.7 COS HBA-SMC \u2013 Main Document, Version 1.6, 23 March 2021": 1,
          "Target STARCOS 3.7 COS HBA-SMC, Version 2.0, 22 April 2021, Giesecke+Devrient Mobile Security GmbH (confidential document) 7 specifically \u2022 AIS 1, Version 14, Durchf\u00fchrung der Ortsbesichtigung in der Entwicklungsumgebung": 1,
          "being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1,
          "design step H13, Version 3.3, 22 April 2020, Infineon Technologies AG, BSI-DSZ-CC-1110-V3-2020 (confidential document) Security Target Lite of the underlying hardware platform, Security Target IFX_CCI_000003h": 1,
          "for STARCOS 3.7 COS HBA-SMC, Version 2.9, 2 June 2021, SRC Security Research \u0026 Consulting GmbH (confidential document) [10] Configuration List BSI-DSZ-CC-0976-V4-2021, Configuration List STARCOS 3.7 COS HBA-SMC": 1,
          "procedure BSI-DSZ-CC-1110-V3-2020, Version 1, 23 April 2020, T\u00dcV Informationstechnik GmbH (confidential document) [21] Einf\u00fchrung der Gesundheitskarte, Spezifikation des Card Operating System (COS), Elektrische": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 10
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "PACE": {
          "PACE": 15
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1
        },
        "MAC": {
          "MAC": 3
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "SRC": {
          "SRC Security Research \u0026 Consulting": 3
        },
        "TUV": {
          "T\u00dcV Informationstechnik": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA2": {
            "SHA-256": 3
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {
        "STARCOS": {
          "STARCOS 3": 38
        }
      },
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "PRNG": 1
        },
        "RNG": {
          "RNG": 5
        }
      },
      "side_channel_analysis": {
        "FI": {
          "DFA": 1,
          "fault injection": 1,
          "malfunction": 1,
          "physical tampering": 1
        },
        "SCA": {
          "DPA": 1,
          "SPA": 1,
          "side channel": 1
        },
        "other": {
          "JIL": 6
        }
      },
      "standard_id": {
        "BSI": {
          "AIS 1": 1,
          "AIS 14": 1,
          "AIS 19": 1,
          "AIS 20": 6,
          "AIS 23": 1,
          "AIS 25": 4,
          "AIS 26": 4,
          "AIS 31": 5,
          "AIS 32": 1,
          "AIS 34": 4,
          "AIS 35": 2,
          "AIS 36": 5,
          "AIS 37": 2,
          "AIS 38": 1,
          "AIS 46": 2
        },
        "FIPS": {
          "FIPS 180-4": 9,
          "FIPS 197": 12,
          "FIPS PUB 180-4": 1,
          "FIPS PUB 197": 1
        },
        "ISO": {
          "ISO/IEC 15408": 4,
          "ISO/IEC 17065": 2,
          "ISO/IEC 18031:2005": 1,
          "ISO/IEC 18045": 4
        },
        "PKCS": {
          "PKCS#1": 5
        },
        "RFC": {
          "RFC 5639": 12
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 30
          },
          "HPC": {
            "HPC": 4
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 15
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI 7148": 1,
          "BSI TR-03116-1": 1,
          "BSI TR-03143": 5,
          "BSI TR-03144": 10
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "GD": {
          "G+D": 2,
          "Giesecke \u0026 Devrient": 3,
          "Giesecke+Devrient": 29
        },
        "Infineon": {
          "Infineon": 11,
          "Infineon Technologies AG": 7
        }
      },
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "/CreationDate": "D:20210629114835+02\u002700\u0027",
      "/Creator": "Writer",
      "/Keywords": "\"Common Criteria, Certification, Zertifizierung, G2 COS, eHealth, STARCOS 3.7 COS HBA-SMC, Giesecke+Devrient Mobile Security GmbH\"",
      "/ModDate": "D:20210629121138+02\u002700\u0027",
      "/Producer": "LibreOffice 6.3",
      "/Subject": "STARCOS 3.7 COS HBA-SMC from G+D Mobile Security GmbH, Giesecke+Devrient Mobile Security GmbH",
      "/Title": "Certification Report BSI-DSZ-CC-0976-V4-2021",
      "pdf_file_size_bytes": 936127,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.commoncriteriaportal.org/cc/",
          "https://www.bsi.bund.de/zertifizierungsreporte",
          "http://www.commoncriteriaportal.org/",
          "https://www.bsi.bund.de/",
          "https://www.bsi.bund.de/AIS",
          "https://www.sogis.eu/",
          "https://www.bsi.bund.de/zertifizierung"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 40
    },
    "st_filename": "0976V4b_pdf.pdf",
    "st_frontpage": {
      "anssi": {},
      "bsi": {},
      "canada": {},
      "niap": {},
      "nscib": {}
    },
    "st_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 16
          },
          "ECDH": {
            "ECDH": 6
          },
          "ECDSA": {
            "ECDSA": 38
          }
        },
        "FF": {
          "DH": {
            "DH": 12,
            "Diffie-Hellman": 1
          },
          "DSA": {
            "DSA": 1
          }
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1110-V3-2020": 4
        }
      },
      "cc_claims": {
        "O": {
          "O.AES": 7,
          "O.PACE_CHIP": 2,
          "O.RND": 8
        },
        "T": {
          "T.RND": 5
        }
      },
      "cc_protection_profile_id": {
        "BSI": {
          "BSI-CC-PP- 0082-V4": 2,
          "BSI-CC-PP- 0084-2014": 6,
          "BSI-CC-PP-0035-2007": 1,
          "BSI-CC-PP-0082-V3": 1,
          "BSI-CC-PP-0082-V4": 27,
          "BSI-CC-PP-0084-": 4,
          "BSI-CC-PP-0084-2007": 1,
          "BSI-CC-PP-0084-2014": 57,
          "BSI-PP-0084-": 2,
          "BSI-PP-0084-2014": 8
        }
      },
      "cc_sar": {
        "ADV": {
          "ADV_ARC": 2,
          "ADV_ARC.1": 9,
          "ADV_FSP": 2,
          "ADV_FSP.4": 6,
          "ADV_IMP": 2,
          "ADV_IMP.1": 6,
          "ADV_TDS.3": 3
        },
        "AGD": {
          "AGD_OPE": 2,
          "AGD_OPE.1": 6,
          "AGD_PRE": 2,
          "AGD_PRE.1": 2
        },
        "ALC": {
          "ALC_CMC": 2,
          "ALC_CMC.4": 1,
          "ALC_CMS": 2,
          "ALC_CMS.4": 1,
          "ALC_DEL": 2,
          "ALC_DEL.1": 1,
          "ALC_DVS": 2,
          "ALC_DVS.2": 12,
          "ALC_FLR.1": 1,
          "ALC_LCD.1": 1,
          "ALC_TAT.1": 1
        },
        "ASE": {
          "ASE_CCL.1": 1,
          "ASE_ECD": 2,
          "ASE_ECD.1": 1,
          "ASE_INT.1": 1,
          "ASE_OBJ.2": 1,
          "ASE_REQ.2": 1,
          "ASE_SPD.1": 1,
          "ASE_TSS.1": 1
        },
        "ATE": {
          "ATE_COV": 2,
          "ATE_COV.2": 1,
          "ATE_DPT.1": 1,
          "ATE_DPT.2": 11,
          "ATE_FUN.1": 6,
          "ATE_IND.2": 5
        },
        "AVA": {
          "AVA_VAN": 2,
          "AVA_VAN.5": 10
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 4": 2,
          "EAL 6": 2,
          "EAL4": 14,
          "EAL4 augmented": 4,
          "EAL6": 1,
          "EAL6+": 1
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_SAS": 8,
          "FAU_SAS.1": 3
        },
        "FCS": {
          "FCS_CKM": 83,
          "FCS_CKM.1": 39,
          "FCS_CKM.2": 9,
          "FCS_CKM.4": 64,
          "FCS_CKM.4.1": 1,
          "FCS_COP": 189,
          "FCS_COP.1": 27,
          "FCS_COP.1.1": 1,
          "FCS_RNG": 34,
          "FCS_RNG.1": 20,
          "FCS_RNG.1.1": 3,
          "FCS_RNG.1.2": 2
        },
        "FDP": {
          "FDP_ACC": 123,
          "FDP_ACC.1": 44,
          "FDP_ACF": 110,
          "FDP_ACF.1": 41,
          "FDP_IFC": 7,
          "FDP_IFC.1": 16,
          "FDP_ITC.1": 35,
          "FDP_ITC.2": 35,
          "FDP_ITT": 7,
          "FDP_ITT.1": 3,
          "FDP_RIP": 9,
          "FDP_RIP.1": 12,
          "FDP_RIP.1.1": 1,
          "FDP_SDC": 8,
          "FDP_SDC.1": 3,
          "FDP_SDI": 7,
          "FDP_SDI.1": 1,
          "FDP_SDI.2": 11,
          "FDP_SDI.2.1": 1,
          "FDP_SDI.2.2": 1,
          "FDP_UCT": 7,
          "FDP_UCT.1": 1,
          "FDP_UIT": 8,
          "FDP_UIT.1": 2
        },
        "FIA": {
          "FIA_ACC": 1,
          "FIA_ACF": 1,
          "FIA_AFL": 22,
          "FIA_AFL.1": 4,
          "FIA_API": 10,
          "FIA_API.1": 16,
          "FIA_API.1.1": 1,
          "FIA_ATD": 10,
          "FIA_ATD.1": 20,
          "FIA_ATD.1.1": 1,
          "FIA_SOS.1": 8,
          "FIA_SOS.1.1": 1,
          "FIA_UAU": 50,
          "FIA_UAU.1": 20,
          "FIA_UAU.1.1": 1,
          "FIA_UAU.1.2": 1,
          "FIA_UAU.4": 12,
          "FIA_UAU.4.1": 1,
          "FIA_UAU.5": 17,
          "FIA_UAU.5.1": 1,
          "FIA_UAU.5.2": 1,
          "FIA_UAU.6": 12,
          "FIA_UAU.6.1": 1,
          "FIA_UID": 14,
          "FIA_UID.1": 19,
          "FIA_UID.1.1": 1,
          "FIA_UID.1.2": 1,
          "FIA_USB": 32,
          "FIA_USB.1": 30,
          "FIA_USB.1.1": 1,
          "FIA_USB.1.2": 1,
          "FIA_USB.1.3": 2
        },
        "FMT": {
          "FMT_LIM": 15,
          "FMT_LIM.1": 3,
          "FMT_LIM.2": 2,
          "FMT_MSA": 68,
          "FMT_MSA.1": 8,
          "FMT_MSA.3": 39,
          "FMT_MSA.3.1": 1,
          "FMT_MSA.3.2": 1,
          "FMT_MTD": 38,
          "FMT_MTD.1": 4,
          "FMT_SMF.1": 51,
          "FMT_SMF.1.1": 1,
          "FMT_SMR": 9,
          "FMT_SMR.1": 41,
          "FMT_SMR.1.1": 1,
          "FMT_SMR.1.2": 1,
          "FMT_SRM": 1
        },
        "FPT": {
          "FPT_EMS": 10,
          "FPT_EMS.1": 15,
          "FPT_EMS.1.1": 1,
          "FPT_EMS.1.2": 1,
          "FPT_FLS": 7,
          "FPT_FLS.1": 16,
          "FPT_FLS.1.1": 1,
          "FPT_ITE": 11,
          "FPT_ITE.1": 11,
          "FPT_ITE.1.1": 1,
          "FPT_ITE.1.2": 1,
          "FPT_ITE.2": 13,
          "FPT_ITE.2.1": 5,
          "FPT_ITE.2.2": 1,
          "FPT_ITT": 7,
          "FPT_ITT.1": 3,
          "FPT_PHP": 7,
          "FPT_PHP.3": 4,
          "FPT_TDC.1": 10,
          "FPT_TDC.1.1": 1,
          "FPT_TDC.1.2": 1,
          "FPT_TST": 2,
          "FPT_TST.1": 11,
          "FPT_TST.1.1": 1,
          "FPT_TST.1.2": 1,
          "FPT_TST.1.3": 1
        },
        "FRU": {
          "FRU_FLT": 7,
          "FRU_FLT.2": 3
        },
        "FTP": {
          "FTP_ITC": 22,
          "FTP_ITC.1": 12,
          "FTP_ITE": 1,
          "FTP_TRP.1": 5
        }
      },
      "certification_process": {
        "OutOfScope": {
          "and cryptographic key sizes 2048 bits and 3072 bits modulus length for RSA private key operation is out of scope for the TOE. 371 The TOE shall meet the requirement \u201cCryptographic operation \u2013 CB ECC (FCS_COP.1/CB": 1,
          "out of scope": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "PACE": {
          "PACE": 123
        },
        "TLS": {
          "SSL": {
            "SSL": 1
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1,
          "Key agreement": 1
        },
        "MAC": {
          "MAC": 33
        }
      },
      "device_model": {},
      "ecc_curve": {
        "Brainpool": {
          "brainpoolP256r1": 4,
          "brainpoolP384r1": 4,
          "brainpoolP512r1": 4
        }
      },
      "eval_facility": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 3
          },
          "SHA2": {
            "SHA-224": 2,
            "SHA-256": 11,
            "SHA-384": 6,
            "SHA-512": 4
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {
        "STARCOS": {
          "STARCOS 3": 179
        }
      },
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RND": 15,
          "RNG": 38
        }
      },
      "side_channel_analysis": {
        "FI": {
          "DFA": 1,
          "Malfunction": 17,
          "malfunction": 1,
          "physical tampering": 3
        },
        "SCA": {
          "DPA": 1,
          "Leak-Inherent": 15,
          "Physical Probing": 2,
          "SPA": 1,
          "side channel": 1
        },
        "other": {
          "Bleichenbacher attack": 1,
          "JIL": 3
        }
      },
      "standard_id": {
        "BSI": {
          "AIS20": 2,
          "AIS31": 1
        },
        "CC": {
          "CCMB-2017-04-001": 1,
          "CCMB-2017-04-002": 1,
          "CCMB-2017-04-003": 1,
          "CCMB-2017-04-004": 1,
          "CCMB-2017-05-001": 1
        },
        "FIPS": {
          "FIPS 180-4": 1,
          "FIPS 197": 4,
          "FIPS PUB 180-4": 1,
          "FIPS PUB 197": 1
        },
        "ISO": {
          "ISO/IEC 7816": 2
        },
        "NIST": {
          "NIST SP 800-38B": 1
        },
        "PKCS": {
          "PKCS #1": 2
        },
        "RFC": {
          "RFC 5639": 1,
          "RFC5639": 3
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 82
          },
          "HPC": {
            "HPC": 1
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 43
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI TR-03111": 3,
          "BSI TR-03143": 2
        }
      },
      "tee_name": {
        "IBM": {
          "SE": 1
        }
      },
      "tls_cipher_suite": {},
      "vendor": {
        "GD": {
          "Giesecke+Devrient": 14
        },
        "Infineon": {
          "Infineon": 2,
          "Infineon Technologies AG": 2
        },
        "NXP": {
          "NXP Semiconductors": 1
        },
        "STMicroelectronics": {
          "STMicroelectronics": 1
        }
      },
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "Giesecke+Devrient Mobile Security GmbH",
      "/CreationDate": "D:20210617104602+02\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word f\u00fcr Microsoft 365",
      "/Keywords": "Version 1.0/18.05.2021",
      "/ModDate": "D:20210617104602+02\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word f\u00fcr Microsoft 365",
      "/Subject": "Security Target STARCOS 3.7 COS HBA-SMC",
      "/Title": "G+D MS Security Target to BSI-PP-0082-V4",
      "pdf_file_size_bytes": 2539468,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 166
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": [
      {
        "_type": "sec_certs.sample.protection_profile.ProtectionProfile",
        "pp_eal": "EAL4+",
        "pp_ids": null,
        "pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/pp0082b_pdf.pdf",
        "pp_name": "Card Operating System Generation 2"
      }
    ]
  },
  "report_link": "https://www.commoncriteriaportal.org/files/epfiles/0976V4a_pdf.pdf",
  "scheme": "DE",
  "security_level": {
    "_type": "Set",
    "elements": [
      "AVA_VAN.5",
      "ALC_DVS.2",
      "ATE_DPT.2",
      "EAL4+"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/files/epfiles/0976V4b_pdf.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "report_convert_garbage": false,
    "report_convert_ok": true,
    "report_download_ok": true,
    "report_extract_ok": true,
    "report_pdf_hash": "cab554e05b93e59ae6196b56276ae428ca12b1212c7d5312483f1e3940599b8a",
    "report_txt_hash": "9a6dd405cc7ed5f578361b6673f19f41ac76abeae96a1b3d81922ee4c64e0e8f",
    "st_convert_garbage": false,
    "st_convert_ok": true,
    "st_download_ok": true,
    "st_extract_ok": true,
    "st_pdf_hash": "e097b29728ebc08d227c0c049e9b75a778e61e9a3b3358f940f5cac11be3b8ee",
    "st_txt_hash": "a3f0d2ba96a19dac465792312eb6316e80ac3b025f9bd2b530cea51d93931f34"
  },
  "status": "active"
}