Thycotic Secret Server Government Edition v10.1

CSV information ?

Status archived
Valid from 21.12.2018
Valid until 21.12.2020
Scheme 🇺🇸 US
Manufacturer Thycotic
Category Access Control Devices and Systems
Security level
Protection profiles

Heuristics summary ?

Certificate ID: CCEVS-VR-VID10953

Certification report ?

Extracted keywords

Symmetric Algorithms
AES, AES-256, HMAC-SHA-256, HMAC-SHA-512
Hash functions
SHA-1, SHA-256, SHA-384, SHA-512
Protocols
SSH, TLSv1.1, TLSv1.2, TLS v1.1, TLS v1.2
Block cipher modes
CBC, GCM

Vendor
Microsoft

Security level
EAL 3
Security Assurance Requirements (SAR)
ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ATE_IND.1, AVA_VAN.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.1, ASE_REQ.1, ASE_TSS.1

Standards
FIPS PUB 186-4, FIPS PUB 197, FIPS PUB 180-4, FIPS PUB 198-1, NIST SP 800-90A

File metadata

Creation date: D:20181227131237-05'00'
Modification date: D:20181227131237-05'00'
Pages: 22

Frontpage

Certificate ID: CCEVS-VR-VID10953
Certified item: for Thycotic Secret Server Government Edition v10.1
Certification lab: US NIAP

References

Security target ?

Extracted keywords

Symmetric Algorithms
AES, AES-256, HMAC-SHA-256, HMAC-SHA-512
Hash functions
SHA-1, SHA-512, SHA-256, SHA-384, bcrypt
Protocols
SSH, TLS, TLS v1.1, TLS v1.2, TLS 1.1, TLS 1.2, TLSv1.1, TLSv1.2, IPsec
Randomness
RBG
Libraries
OpenSSL
Block cipher modes
CBC, GCM
TLS cipher suites
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256

Vendor
Microsoft

Claims
O.ACCESSID, O.AUDIT, O.AUTH, O.EAVES, O.SELFID, O.ROBUST, O.INTEGRITY, O.PROTCOMMS, O.PROTCRED, O.IDENT, O.EXPORT, O.MANAGE, O.BANNER, T.ADMIN_ERROR, T.EAVES, T.UNAUTH, T.FALSIFY, T.FORGE, T.MASK, T.WEAKIA, T.RAWCRED, A.CRYPTO, A.ENROLLMENT, A.ESM, A.FEDERATE, A.MANAGE, A.SYSTIME, OE.ADMIN, OE.CRYPTO, OE.ENROLLMENT, OE.FEDERATE, OE.INSTALL, OE.MANAGEMENT, OE.PERSON, OE.SYSTIME
Security Assurance Requirements (SAR)
ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ATE_IND.1, ATE_IND, AVA_VAN.1
Security Functional Requirements (SFR)
FAU_GEN.1, FAU_STG_EXT.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_STG_EXT.1.1, FAU_STG_EXT.1.2, FAU_STG_EXT.1.3, FCS_TLS_EXT.1, FCS_RBG_EXT.1, FCS_COP.1, FCS_CKM.1, FCS_CKM_EXT.4, FCS_TLS_EXT.1.1, FDP_ACC.1, FIA_AFL.1, FIA_USB.1, FIA_AFL.1.1, FIA_AFL.1.2, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FMT_MOF.1, FMT_MTD.1, FMT_SMF.1, FMT_SMR.1, FMT_MOF.1.1, FMT_MTD.1.1, FMT_SMF.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_SMF, FPT_APW_EXT.1, FPT_SKP_EXT.1, FPT_APW_EXT.1.1, FPT_APW_EXT.1.2, FPT_SKP_EXT.1.1, FTA_SSL.3, FTA_SSL.4, FTA_TAB.1, FTA_TSE.1, FTA_SSL.3.1, FTA_SSL.4.1, FTA_TAB.1.1, FTA_TSE.1.1, FTP_ITC.1, FTP_TRP.1, FTP_ITC, FTP_TRP, FTP_ITC.1.1, FTP_ITC.1.2, FTP_ITC.1.3, FTP_TRP.1.1, FTP_TRP.1.2, FTP_TRP.1.3

Standards
FIPS PUB 186-4, FIPS PUB 197, FIPS PUB 180-4, FIPS PUB 198-1, NIST SP 800-131A, NIST SP 800-38A, NIST SP 800-90A, RFC 4346, RFC 5246, RFC 4510, RFC 5242, CCMB-2012-09-002

File metadata

Creation date: D:20181227130017-05'00'
Modification date: D:20181227130017-05'00'
Pages: 48

References

Heuristics ?

Certificate ID: CCEVS-VR-VID10953

Extracted SARs

ADV_FSP.1, ASE_OBJ.1, ASE_CCL.1, ASE_REQ.1, ALC_CMC.1, ASE_TSS.1, ATE_IND.1, AGD_PRE.1, AVA_VAN.1, ALC_CMS.1, ASE_INT.1, ASE_ECD.1, AGD_OPE.1

References ?

Updates ?

  • 28.01.2022 The certificate was first processed.
    New certificate

    A new Common Criteria certificate with the product name Thycotic Secret Server Government Edition v10.1 was processed.

  • 01.02.2022 The certificate data changed.
    Certificate changed

    The Protection profiles of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'ProtectionProfile', 'pp_name': 'Protection Profile for Enterprise Security Management Identity and Credential Management', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/PP_ESM_ICM_V2.1.pdf', 'pp_ids': {'_type': 'Set', 'elements': ['PP_ESM_ICM_V2.1']}}]}.
  • 18.02.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The report_frontpage property was updated, with the {'nscib': {}, 'niap': {'cert_id': 'CCEVS-VR-VID10953', 'cert_item': 'for Thycotic Secret Server Government Edition v10.1', 'cert_lab': 'US NIAP'}, 'canada': {}} values inserted.
    • The st_frontpage property was updated, with the {'nscib': {}, 'niap': {}, 'canada': {}} values inserted.

    The computed heuristics were updated.

    • The extracted_versions property was set to {'_type': 'Set', 'elements': ['10.1']}.
  • 08.03.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'report_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}}.
    • The cert_lab property was set to ['US'].
    • The cert_id property was set to CCEVS-VR-VID10953.
    • The following properties were deleted: ['directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting'].
  • 24.04.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'direct_dependency_cves': None, 'indirect_dependency_cves': None}.
  • 13.05.2022 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'extracted_sars': {'_type': 'Set', 'elements': [{'_type': 'SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'SAR', 'family': 'ADV_FSP', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_CMC', 'level': 1}, {'_type': 'SAR', 'family': 'ATE_IND', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_OBJ', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_REQ', 'level': 1}, {'_type': 'SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'SAR', 'family': 'ALC_CMS', 'level': 1}, {'_type': 'SAR', 'family': 'AVA_VAN', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'SAR', 'family': 'ASE_INT', 'level': 1}]}}.
  • 14.06.2022 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The following values were inserted: {'report_pdf_hash': '9358c3e76130aaccbbbb8ae32347b55cec0e800e8df000cf598b26310876f090', 'st_pdf_hash': '437a79872a8557d8abd3188988e271d91dd4f8cf1054c63a05fc39ff6d68b9e2', 'report_txt_hash': 'e78a2b444422797136bb75ac77f4fbcd70c127e74726769c3460fd14c6b21478', 'st_txt_hash': '6173f84a36240001ada16565377cd71eb8656d2eb8892baefeef6e2f83e2fe84'}.

    The PDF extraction data was updated.

    • The report_keywords property was updated, with the {'rules_symmetric_crypto': {'AES': 2, 'AES-256': 1, 'HMAC-SHA-256': 1, 'HMAC-SHA-512': 1}, 'rules_asymmetric_crypto': {}, 'rules_pq_crypto': {}, 'rules_hashes': {'SHA-1': 2, 'SHA-256': 2, 'SHA-384': 1, 'SHA-512': 2}, 'rules_crypto_schemes': {'TLS': 2}, 'rules_randomness': {'DRBG': 1, 'RBG': 1}, 'rules_tee': {}, 'rules_side_channels': {}} values inserted.
    • The st_keywords property was updated, with the {'rules_symmetric_crypto': {'AES': 3, 'AES-256': 1, 'HMAC-SHA-256': 1, 'HMAC-SHA-512': 1}, 'rules_asymmetric_crypto': {}, 'rules_pq_crypto': {}, 'rules_hashes': {'SHA-1': 2, 'SHA-512': 4, 'SHA256': 4, 'SHA-256': 2, 'SHA-384': 1, 'bcrypt': 3}, 'rules_crypto_schemes': {'TLS': 32, 'SSL': 2}, 'rules_randomness': {'DRBG': 1, 'RBG': 2}, 'rules_tee': {'SE': 1}, 'rules_side_channels': {}} values inserted.
  • 17.07.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The report_metadata property was updated, with the {'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://www.niap-ccevs.org/']}} values inserted.
    • The st_metadata property was updated, with the {'pdf_hyperlinks': {'_type': 'Set', 'elements': []}} values inserted.
    • The report_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 3': 1}}, 'cc_sar': {'ADV': {'ADV_FSP.1': 1}, 'AGD': {'AGD_OPE.1': 1, 'AGD_PRE.1': 1}, 'ALC': {'ALC_CMC.1': 1, 'ALC_CMS.1': 1}, 'ATE': {'ATE_IND.1': 1}, 'AVA': {'AVA_VAN.1': 1}, 'ASE': {'ASE_CCL.1': 1, 'ASE_ECD.1': 1, 'ASE_INT.1': 1, 'ASE_OBJ.1': 1, 'ASE_REQ.1': 1, 'ASE_TSS.1': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {'Microsoft': {'Microsoft': 6}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 2, 'AES-256': 1}}, 'constructions': {'MAC': {'HMAC-SHA-256': 1, 'HMAC-SHA-512': 1}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 2}, 'SHA2': {'SHA-256': 2, 'SHA-384': 1, 'SHA-512': 2}}}, 'crypto_scheme': {}, 'crypto_protocol': {'SSH': {'SSH': 2}, 'TLS': {'TLS': {'TLSv1.1': 1, 'TLSv1.2': 1, 'TLS v1.1': 1, 'TLS v1.2': 1}}}, 'randomness': {'PRNG': {'DRBG': 1}, 'RNG': {'RBG': 1}}, 'cipher_mode': {'CBC': {'CBC': 1}, 'GCM': {'GCM': 1}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS PUB 186-4': 1, 'FIPS PUB 197': 1, 'FIPS PUB 180-4': 2, 'FIPS PUB 198-1': 1}, 'NIST': {'NIST SP 800-90A': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
    • The st_keywords property was set to {'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {}, 'cc_sar': {'ADV': {'ADV_FSP.1': 4}, 'AGD': {'AGD_OPE.1': 4, 'AGD_PRE.1': 4}, 'ALC': {'ALC_CMC.1': 5, 'ALC_CMS.1': 4}, 'ATE': {'ATE_IND.1': 4, 'ATE_IND': 3}, 'AVA': {'AVA_VAN.1': 4}}, 'cc_sfr': {'FAU': {'FAU_GEN.1': 6, 'FAU_STG_EXT.1': 8, 'FAU_GEN.1.1': 1, 'FAU_GEN.1.2': 1, 'FAU_STG_EXT.1.1': 1, 'FAU_STG_EXT.1.2': 1, 'FAU_STG_EXT.1.3': 1}, 'FCS': {'FCS_TLS_EXT.1': 7, 'FCS_RBG_EXT.1': 2, 'FCS_COP.1': 3, 'FCS_CKM.1': 1, 'FCS_CKM_EXT.4': 1, 'FCS_TLS_EXT.1.1': 1}, 'FDP': {'FDP_ACC.1': 3}, 'FIA': {'FIA_AFL.1': 7, 'FIA_USB.1': 6, 'FIA_AFL.1.1': 1, 'FIA_AFL.1.2': 1, 'FIA_USB.1.1': 1, 'FIA_USB.1.2': 1, 'FIA_USB.1.3': 1}, 'FMT': {'FMT_MOF.1': 6, 'FMT_MTD.1': 5, 'FMT_SMF.1': 6, 'FMT_SMR.1': 6, 'FMT_MOF.1.1': 1, 'FMT_MTD.1.1': 1, 'FMT_SMF.1.1': 1, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1, 'FMT_SMF': 1}, 'FPT': {'FPT_APW_EXT.1': 6, 'FPT_SKP_EXT.1': 6, 'FPT_APW_EXT.1.1': 1, 'FPT_APW_EXT.1.2': 1, 'FPT_SKP_EXT.1.1': 1}, 'FTA': {'FTA_SSL.3': 6, 'FTA_SSL.4': 5, 'FTA_TAB.1': 7, 'FTA_TSE.1': 6, 'FTA_SSL.3.1': 1, 'FTA_SSL.4.1': 1, 'FTA_TAB.1.1': 1, 'FTA_TSE.1.1': 1}, 'FTP': {'FTP_ITC.1': 7, 'FTP_TRP.1': 6, 'FTP_ITC': 1, 'FTP_TRP': 1, 'FTP_ITC.1.1': 1, 'FTP_ITC.1.2': 1, 'FTP_ITC.1.3': 1, 'FTP_TRP.1.1': 1, 'FTP_TRP.1.2': 1, 'FTP_TRP.1.3': 1}}, 'cc_claims': {'O': {'O.ACCESSID': 1, 'O.AUDIT': 1, 'O.AUTH': 1, 'O.EAVES': 1, 'O.SELFID': 1, 'O.ROBUST': 1, 'O.INTEGRITY': 1, 'O.PROTCOMMS': 1, 'O.PROTCRED': 1, 'O.IDENT': 1, 'O.EXPORT': 1, 'O.MANAGE': 1, 'O.BANNER': 1}, 'T': {'T.ADMIN_ERROR': 1, 'T.EAVES': 1, 'T.UNAUTH': 1, 'T.FALSIFY': 1, 'T.FORGE': 1, 'T.MASK': 1, 'T.WEAKIA': 1, 'T.RAWCRED': 1}, 'A': {'A.CRYPTO': 1, 'A.ENROLLMENT': 1, 'A.ESM': 1, 'A.FEDERATE': 1, 'A.MANAGE': 1, 'A.SYSTIME': 1}, 'OE': {'OE.ADMIN': 1, 'OE.CRYPTO': 1, 'OE.ENROLLMENT': 1, 'OE.FEDERATE': 1, 'OE.INSTALL': 1, 'OE.MANAGEMENT': 1, 'OE.PERSON': 1, 'OE.SYSTIME': 1}}, 'vendor': {'Microsoft': {'Microsoft': 20}}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 3, 'AES-256': 1}}, 'constructions': {'MAC': {'HMAC-SHA-256': 1, 'HMAC-SHA-512': 1}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 2}, 'SHA2': {'SHA-512': 4, 'SHA256': 4, 'SHA-256': 2, 'SHA-384': 1}}, 'bcrypt': {'bcrypt': 3}}, 'crypto_scheme': {'KA': {'KA': 1}}, 'crypto_protocol': {'SSH': {'SSH': 14}, 'TLS': {'SSL': {'SSL': 2}, 'TLS': {'TLS v1.1': 4, 'TLS v1.2': 4, 'TLS': 22, 'TLS 1.1': 1, 'TLS 1.2': 1, 'TLSv1.1': 1, 'TLSv1.2': 1}}, 'IPsec': {'IPsec': 1}}, 'randomness': {'PRNG': {'DRBG': 1}, 'RNG': {'RBG': 2}}, 'cipher_mode': {'CBC': {'CBC': 1}, 'GCM': {'GCM': 1}}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {'TLS': {'TLS_RSA_WITH_AES_128_CBC_SHA': 2, 'TLS_RSA_WITH_AES_256_CBC_SHA': 2, 'TLS_DHE_RSA_WITH_AES_128_CBC_SHA': 2, 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA': 2, 'TLS_RSA_WITH_AES_128_CBC_SHA256': 2, 'TLS_RSA_WITH_AES_256_CBC_SHA256': 2}}, 'crypto_library': {'OpenSSL': {'OpenSSL': 2}}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {'IBM': {'SE': 1}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS PUB 186-4': 2, 'FIPS PUB 197': 1, 'FIPS PUB 180-4': 2, 'FIPS PUB 198-1': 1}, 'NIST': {'NIST SP 800-131A': 1, 'NIST SP 800-38A': 1, 'NIST SP 800-90A': 1}, 'RFC': {'RFC 4346': 3, 'RFC 5246': 3, 'RFC 4510': 1, 'RFC 5242': 2}, 'CC': {'CCMB-2012-09-002': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.

    The computed heuristics were updated.

    • The _type property was set to Heuristics.
  • 18.07.2022 The certificate data changed.
    Certificate changed

    The _type was updated.

    • The new value is sec_certs.sample.common_criteria.CommonCriteriaCert.

    The Protection profiles of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Protection Profile for Enterprise Security Management Identity and Credential Management', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/PP_ESM_ICM_V2.1.pdf', 'pp_ids': {'_type': 'Set', 'elements': ['PP_ESM_ICM_V2.1']}}]}.

    The state of the certificate object was updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.InternalState.

    The PDF extraction data was updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.PdfData.

    The computed heuristics were updated.

    • The _type property was set to sec_certs.sample.common_criteria.CommonCriteriaCert.Heuristics.
    • The st_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
    • The report_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
    • The extracted_sars property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_FSP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_OBJ', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_CCL', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_REQ', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMC', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_IND', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_TSS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_INT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ASE_ECD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}]}.
  • 24.09.2022 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The following values were inserted: {'report_filename': 'st_vid10953-vr.pdf', 'st_filename': 'st_vid10953-st.pdf'}.
    • The report_keywords property was updated, with the {'hash_function': {'__update__': {'SHA': {'__update__': {'SHA1': {'__update__': {'SHA-1': 1}}, 'SHA2': {'__update__': {'SHA-256': 1, 'SHA-512': 1}}}}}}, 'randomness': {}} data.
    • The st_keywords property was updated, with the {'cc_sar': {'__update__': {'ADV': {'__update__': {'ADV_FSP.1': 10}}, 'AGD': {'__update__': {'AGD_OPE.1': 13, 'AGD_PRE.1': 5}}, 'ALC': {'__update__': {'ALC_CMC.1': 8, 'ALC_CMS.1': 8}}, 'ATE': {'__update__': {'ATE_IND.1': 8}}, 'AVA': {'__update__': {'AVA_VAN.1': 9}}}}, 'cc_sfr': {'__update__': {'FAU': {'__update__': {'FAU_STG_EXT.1': 9}}, 'FMT': {'__update__': {'FMT_MOF.1': 7, 'FMT_SMR.1': 7}}, 'FTA': {'__update__': {'FTA_SSL.3': 7, 'FTA_SSL.4': 6, 'FTA_TAB.1': 8, 'FTA_TSE.1': 7}}, 'FTP': {'__update__': {'FTP_ITC.1': 8, 'FTP_TRP.1': 7}}}}, 'hash_function': {'__update__': {'SHA': {'__update__': {'SHA1': {'__update__': {'SHA-1': 1}}, 'SHA2': {'__update__': {'SHA-512': 3, 'SHA-256': 1}, '__delete__': ['SHA256']}}}}}, 'crypto_scheme': {}, 'crypto_protocol': {'__update__': {'TLS': {'__update__': {'TLS': {'__update__': {'TLS': 23}}}, '__delete__': ['SSL']}}}, 'randomness': {'__update__': {'RNG': {'__update__': {'RBG': 1}}}, '__delete__': ['PRNG']}, 'tls_cipher_suite': {'__update__': {'TLS': {'__update__': {'TLS_RSA_WITH_AES_256_CBC_SHA': 1, 'TLS_DHE_RSA_WITH_AES_256_CBC_SHA': 1, 'TLS_RSA_WITH_AES_256_CBC_SHA256': 1}}}}, 'tee_name': {}} data.
  • 04.10.2022 The certificate data changed.
    Certificate changed

    The Protection profiles of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Protection Profile for Enterprise Security Management Identity and Credential Management', 'pp_eal': 'http://www.commoncriteriaportal.org/files/ppfiles/PP_ESM_ICM_V2.1.pdf', 'pp_link': None, 'pp_ids': None}]}.
  • 05.10.2022 The certificate data changed.
    Certificate changed

    The Protection profiles of the certificate were updated.

    • The new value is {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.protection_profile.ProtectionProfile', 'pp_name': 'Protection Profile for Enterprise Security Management Identity and Credential Management', 'pp_eal': 'EAL1', 'pp_link': 'https://www.commoncriteriaportal.org/files/ppfiles/PP_ESM_ICM_V2.1.pdf', 'pp_ids': {'_type': 'Set', 'elements': ['PP_ESM_ICM_V2.1']}}]}.

    The state of the certificate object was updated.

    • The following values were inserted: {'st_convert_garbage': False, 'report_convert_garbage': False}.

Raw data

{
  "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert",
  "category": "Access Control Devices and Systems",
  "cert_link": "https://www.commoncriteriaportal.org/files/epfiles/st_vid10953-ci.pdf",
  "dgst": "d8cf045c31d471bc",
  "heuristics": {
    "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert.Heuristics",
    "cert_id": "CCEVS-VR-VID10953",
    "cert_lab": [
      "US"
    ],
    "cpe_matches": null,
    "direct_dependency_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_TSS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_INT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_REQ",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_OBJ",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_ECD",
          "level": 1
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "10.1"
      ]
    },
    "indirect_dependency_cves": null,
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "Thycotic",
  "manufacturer_web": "https://www.thycotic.com/",
  "name": "Thycotic Secret Server Government Edition v10.1",
  "not_valid_after": "2020-12-21",
  "not_valid_before": "2018-12-21",
  "pdf_data": {
    "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert.PdfData",
    "report_filename": "st_vid10953-vr.pdf",
    "report_frontpage": {
      "anssi": {},
      "bsi": {},
      "canada": {},
      "niap": {
        "cert_id": "CCEVS-VR-VID10953",
        "cert_item": "for Thycotic Secret Server Government Edition v10.1",
        "cert_lab": "US NIAP"
      },
      "nscib": {}
    },
    "report_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {},
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_FSP.1": 1
        },
        "AGD": {
          "AGD_OPE.1": 1,
          "AGD_PRE.1": 1
        },
        "ALC": {
          "ALC_CMC.1": 1,
          "ALC_CMS.1": 1
        },
        "ASE": {
          "ASE_CCL.1": 1,
          "ASE_ECD.1": 1,
          "ASE_INT.1": 1,
          "ASE_OBJ.1": 1,
          "ASE_REQ.1": 1,
          "ASE_TSS.1": 1
        },
        "ATE": {
          "ATE_IND.1": 1
        },
        "AVA": {
          "AVA_VAN.1": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 3": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 1
        },
        "GCM": {
          "GCM": 1
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "SSH": {
          "SSH": 2
        },
        "TLS": {
          "TLS": {
            "TLS v1.1": 1,
            "TLS v1.2": 1,
            "TLSv1.1": 1,
            "TLSv1.2": 1
          }
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 1
          },
          "SHA2": {
            "SHA-256": 1,
            "SHA-384": 1,
            "SHA-512": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS PUB 180-4": 2,
          "FIPS PUB 186-4": 1,
          "FIPS PUB 197": 1,
          "FIPS PUB 198-1": 1
        },
        "NIST": {
          "NIST SP 800-90A": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 2,
            "AES-256": 1
          }
        },
        "constructions": {
          "MAC": {
            "HMAC-SHA-256": 1,
            "HMAC-SHA-512": 1
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 6
        }
      },
      "vulnerability": {}
    },
    "report_metadata": {
      "/CreationDate": "D:20181227131237-05\u002700\u0027",
      "/ModDate": "D:20181227131237-05\u002700\u0027",
      "pdf_file_size_bytes": 661333,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.niap-ccevs.org/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 22
    },
    "st_filename": "st_vid10953-st.pdf",
    "st_frontpage": {
      "anssi": {},
      "bsi": {},
      "canada": {},
      "niap": {},
      "nscib": {}
    },
    "st_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {},
      "cc_claims": {
        "A": {
          "A.CRYPTO": 1,
          "A.ENROLLMENT": 1,
          "A.ESM": 1,
          "A.FEDERATE": 1,
          "A.MANAGE": 1,
          "A.SYSTIME": 1
        },
        "O": {
          "O.ACCESSID": 1,
          "O.AUDIT": 1,
          "O.AUTH": 1,
          "O.BANNER": 1,
          "O.EAVES": 1,
          "O.EXPORT": 1,
          "O.IDENT": 1,
          "O.INTEGRITY": 1,
          "O.MANAGE": 1,
          "O.PROTCOMMS": 1,
          "O.PROTCRED": 1,
          "O.ROBUST": 1,
          "O.SELFID": 1
        },
        "OE": {
          "OE.ADMIN": 1,
          "OE.CRYPTO": 1,
          "OE.ENROLLMENT": 1,
          "OE.FEDERATE": 1,
          "OE.INSTALL": 1,
          "OE.MANAGEMENT": 1,
          "OE.PERSON": 1,
          "OE.SYSTIME": 1
        },
        "T": {
          "T.ADMIN_ERROR": 1,
          "T.EAVES": 1,
          "T.FALSIFY": 1,
          "T.FORGE": 1,
          "T.MASK": 1,
          "T.RAWCRED": 1,
          "T.UNAUTH": 1,
          "T.WEAKIA": 1
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_FSP.1": 10
        },
        "AGD": {
          "AGD_OPE.1": 13,
          "AGD_PRE.1": 5
        },
        "ALC": {
          "ALC_CMC.1": 8,
          "ALC_CMS.1": 8
        },
        "ATE": {
          "ATE_IND": 3,
          "ATE_IND.1": 8
        },
        "AVA": {
          "AVA_VAN.1": 9
        }
      },
      "cc_security_level": {},
      "cc_sfr": {
        "FAU": {
          "FAU_GEN.1": 6,
          "FAU_GEN.1.1": 1,
          "FAU_GEN.1.2": 1,
          "FAU_STG_EXT.1": 9,
          "FAU_STG_EXT.1.1": 1,
          "FAU_STG_EXT.1.2": 1,
          "FAU_STG_EXT.1.3": 1
        },
        "FCS": {
          "FCS_CKM.1": 1,
          "FCS_CKM_EXT.4": 1,
          "FCS_COP.1": 3,
          "FCS_RBG_EXT.1": 2,
          "FCS_TLS_EXT.1": 7,
          "FCS_TLS_EXT.1.1": 1
        },
        "FDP": {
          "FDP_ACC.1": 3
        },
        "FIA": {
          "FIA_AFL.1": 7,
          "FIA_AFL.1.1": 1,
          "FIA_AFL.1.2": 1,
          "FIA_USB.1": 6,
          "FIA_USB.1.1": 1,
          "FIA_USB.1.2": 1,
          "FIA_USB.1.3": 1
        },
        "FMT": {
          "FMT_MOF.1": 7,
          "FMT_MOF.1.1": 1,
          "FMT_MTD.1": 5,
          "FMT_MTD.1.1": 1,
          "FMT_SMF": 1,
          "FMT_SMF.1": 6,
          "FMT_SMF.1.1": 1,
          "FMT_SMR.1": 7,
          "FMT_SMR.1.1": 1,
          "FMT_SMR.1.2": 1
        },
        "FPT": {
          "FPT_APW_EXT.1": 6,
          "FPT_APW_EXT.1.1": 1,
          "FPT_APW_EXT.1.2": 1,
          "FPT_SKP_EXT.1": 6,
          "FPT_SKP_EXT.1.1": 1
        },
        "FTA": {
          "FTA_SSL.3": 7,
          "FTA_SSL.3.1": 1,
          "FTA_SSL.4": 6,
          "FTA_SSL.4.1": 1,
          "FTA_TAB.1": 8,
          "FTA_TAB.1.1": 1,
          "FTA_TSE.1": 7,
          "FTA_TSE.1.1": 1
        },
        "FTP": {
          "FTP_ITC": 1,
          "FTP_ITC.1": 8,
          "FTP_ITC.1.1": 1,
          "FTP_ITC.1.2": 1,
          "FTP_ITC.1.3": 1,
          "FTP_TRP": 1,
          "FTP_TRP.1": 7,
          "FTP_TRP.1.1": 1,
          "FTP_TRP.1.2": 1,
          "FTP_TRP.1.3": 1
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 1
        },
        "GCM": {
          "GCM": 1
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 2
        }
      },
      "crypto_protocol": {
        "IPsec": {
          "IPsec": 1
        },
        "SSH": {
          "SSH": 14
        },
        "TLS": {
          "TLS": {
            "TLS": 23,
            "TLS 1.1": 1,
            "TLS 1.2": 1,
            "TLS v1.1": 4,
            "TLS v1.2": 4,
            "TLSv1.1": 1,
            "TLSv1.2": 1
          }
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 1
          },
          "SHA2": {
            "SHA-256": 1,
            "SHA-384": 1,
            "SHA-512": 3
          }
        },
        "bcrypt": {
          "bcrypt": 3
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RBG": 1
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "CC": {
          "CCMB-2012-09-002": 1
        },
        "FIPS": {
          "FIPS PUB 180-4": 2,
          "FIPS PUB 186-4": 2,
          "FIPS PUB 197": 1,
          "FIPS PUB 198-1": 1
        },
        "NIST": {
          "NIST SP 800-131A": 1,
          "NIST SP 800-38A": 1,
          "NIST SP 800-90A": 1
        },
        "RFC": {
          "RFC 4346": 3,
          "RFC 4510": 1,
          "RFC 5242": 2,
          "RFC 5246": 3
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 3,
            "AES-256": 1
          }
        },
        "constructions": {
          "MAC": {
            "HMAC-SHA-256": 1,
            "HMAC-SHA-512": 1
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {
        "TLS": {
          "TLS_DHE_RSA_WITH_AES_128_CBC_SHA": 2,
          "TLS_DHE_RSA_WITH_AES_256_CBC_SHA": 1,
          "TLS_RSA_WITH_AES_128_CBC_SHA": 2,
          "TLS_RSA_WITH_AES_128_CBC_SHA256": 2,
          "TLS_RSA_WITH_AES_256_CBC_SHA": 1,
          "TLS_RSA_WITH_AES_256_CBC_SHA256": 1
        }
      },
      "vendor": {
        "Microsoft": {
          "Microsoft": 20
        }
      },
      "vulnerability": {}
    },
    "st_metadata": {
      "/CreationDate": "D:20181227130017-05\u002700\u0027",
      "/ModDate": "D:20181227130017-05\u002700\u0027",
      "pdf_file_size_bytes": 1214550,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 48
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": [
      {
        "_type": "sec_certs.sample.protection_profile.ProtectionProfile",
        "pp_eal": "EAL1",
        "pp_ids": {
          "_type": "Set",
          "elements": [
            "PP_ESM_ICM_V2.1"
          ]
        },
        "pp_link": "https://www.commoncriteriaportal.org/files/ppfiles/PP_ESM_ICM_V2.1.pdf",
        "pp_name": "Protection Profile for Enterprise Security Management Identity and Credential Management"
      }
    ]
  },
  "report_link": "https://www.commoncriteriaportal.org/files/epfiles/st_vid10953-vr.pdf",
  "scheme": "US",
  "security_level": {
    "_type": "Set",
    "elements": []
  },
  "st_link": "https://www.commoncriteriaportal.org/files/epfiles/st_vid10953-st.pdf",
  "state": {
    "_type": "sec_certs.sample.common_criteria.CommonCriteriaCert.InternalState",
    "errors": [],
    "report_convert_garbage": false,
    "report_convert_ok": true,
    "report_download_ok": true,
    "report_extract_ok": true,
    "report_pdf_hash": "9358c3e76130aaccbbbb8ae32347b55cec0e800e8df000cf598b26310876f090",
    "report_txt_hash": "e78a2b444422797136bb75ac77f4fbcd70c127e74726769c3460fd14c6b21478",
    "st_convert_garbage": false,
    "st_convert_ok": true,
    "st_download_ok": true,
    "st_extract_ok": true,
    "st_pdf_hash": "437a79872a8557d8abd3188988e271d91dd4f8cf1054c63a05fc39ff6d68b9e2",
    "st_txt_hash": "6173f84a36240001ada16565377cd71eb8656d2eb8892baefeef6e2f83e2fe84"
  },
  "status": "archived"
}