SUSE Linux Enterprise Server, Version 15 SP7

Known vulnerabilities detected

Our automated heuristics have identified vulnerabilities that may be associated with this certificate. See the CVEs section for details.

CSV information

Status active
Valid from 24.02.2026
Valid until 24.02.2031
Scheme 🇩🇪 DE
Manufacturer SUSE LLC
Category Other Devices and Systems
Security level
Protection profiles

Heuristics summary

Certificate ID: BSI-DSZ-CC-1230-2026

Certificate

Certificate PDF TXT

Extracted keywords

Protocols
SSH, TLS

Security level
EAL 4, EAL 2
Security Assurance Requirements (SAR)
ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ALC_TSU_EXT.1, ALC_FLR, ATE_IND.1, AVA_VAN.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1
Certificates
BSI-DSZ-CC-1230-2026

Standards
ISO/IEC 15408, ISO/IEC 18045

File metadata

Title Certification Report BSI-DSZ-CC-1230-2026
Subject Common Criteria, Certification, Zertifizierung, Protection Profile for General Purpose Operating Systems, Linux-based, SSH, TLS
Keywords "Common Criteria, Certification, Zertifizierung, Protection Profile for General Purpose Operating Systems, Linux-based, SSH, TLS"
Author Federal Office for Information Security
Pages 1

Certification report

Certification report PDF TXT

Extracted keywords

Symmetric Algorithms
AES, AES-, HMAC, HMAC-SHA-256, HMAC-SHA-512
Asymmetric Algorithms
ECDH, ECDSA, ECC, DH, Diffie-Hellman
Hash functions
SHA-256, SHA-384, SHA-512, SHA-2, PBKDF2
Schemes
Key Exchange, KEX, Key agreement
Protocols
SSH, SSHv2, TLS, TLS v1.2, TLS 1.3, TLS 1.2, IKE, IKEv2
Randomness
DRBG, RNG
Libraries
OpenSSL
Elliptic Curves
P-384, P-521, NIST P-384
Block cipher modes
CBC, CTR, GCM, XTS

Security level
EAL 4, EAL 2, EAL 1
Claims
OE.PLATFORM, OE.PROPER_USER, OE.PROPER_ADMIN
Security Assurance Requirements (SAR)
ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ALC_TSU_EXT.1, ALC_FLR, ATE_IND.1, AVA_VAN.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1
Security Functional Requirements (SFR)
FTP_ITC_EXT.1
Certificates
BSI-DSZ-CC-1230-2026
Evaluation facilities
atsec

Certification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, Evaluation Technical Report, Version 5, Date 23 February 2026, atsec information security GmbH (confidential document) [7] Protection Profile for General Purpose Operating Systems, Version 4.3, 27 September 2022, March 2019, NIAP [10] Configuration list for the TOE, Master Configuration List, as of 2026-02-23 (confidential document) [11] Guidance documentation for the TOE, Common Criteria Evaluated Configuration Guide for SUSE

Standards
FIPS180-4, FIPS186-5, FIPS197, FIPS 186-5, FIPS198-1, PKCS#1, AIS 20, AIS 32, RFC8017, RFC4253, RFC4252, RFC8332, RFC5903, RFC5656, RFC4419, RFC8268, RFC5647, RFC2104, RFC4251, RFC6668, RFC2898, RFC5246, RFC5288, RFC8446, RFC5289, RFC84468, RFC 8446, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, X.509
Technical reports
BSI TR-02102

File metadata

Title Certification Report BSI-DSZ-CC-1230-2026
Subject Common Criteria, Certification, Zertifizierung, Protection Profile for General Purpose Operating Systems, Linux-based, SSH, TLS
Keywords "Common Criteria, Certification, Zertifizierung, Protection Profile for General Purpose Operating Systems, Linux-based, SSH, TLS"
Author Federal Office for Information Security
Pages 29

Frontpage

Certificate ID BSI-DSZ-CC-1230-2026
Certified item SUSE Linux Enterprise Server Version 15 SP7
Certification lab BSI
Developer SUSE LLC

Security target

Security target PDF TXT

Extracted keywords

Symmetric Algorithms
AES, AES-256, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, CBC-MAC
Asymmetric Algorithms
ECDH, ECDHE, ECDSA, ECC, DH, Diffie-Hellman, DSA
Hash functions
SHA-256, SHA-384, SHA-512, PBKDF
Schemes
MAC, Key Agreement
Protocols
SSH, SSHv2, SSL, TLS, TLSv1.2, TLS v1.2, TLS 1.1, TLS 1.2, TLSv1.0, TLSv1.1, DTLS, PGP
Randomness
PRNG, DRBG, RNG, RBG
Libraries
OpenSSL, libgcrypt
Elliptic Curves
P-384, P-521, secp384r1, secp521r1
Block cipher modes
CBC, CTR, GCM, CCM, XTS
TLS cipher suites
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Vendor
Microsoft

Claims
O.ACCOUNTABILITY, O.INTEGRITY, O.MANAGEMENT, O.PROTECTED_STORAGE, O.PROTECTED_COMMS, T.NETWORK_ATTACK, T.NETWORK_EAVESDROP, T.LOCAL_ATTACK, T.LIMITED_PHYSICAL_ACCESS, A.PLATFORM, A.PROPER_USER, A.PROPER_ADMIN, OE.PLATFORM, OE.PROPER_USER, OE.PROPER_ADMIN
Security Assurance Requirements (SAR)
ALC_TSU_EXT.1, ALC_TSU_EXT
Security Functional Requirements (SFR)
FAU_GEN.1, FAU_GEN.1.1, FAU_GEN.1.2, FAU_GEN, FCS_CKM.1, FCS_CKM.2, FCS_CKM_EXT.4, FCS_COP, FCS_RBG_EXT.1, FCS_STO_EXT.1, FCS_TLS_EXT.1, FCS_TLSC_EXT.1, FCS_TLSC_EXT.2, FCS_TLSC_EXT.5, FCS_SSH_EXT.1, FCS_SSHC_EXT.1, FCS_SSHS_EXT.1, FCS_RBG_EXT.1.2, FCS_TLSS_EXT.1.1, FCS_SSHS_EXT.1.3, FCS_COP.1, FCS_SSH_EXT, FCS_CKM.1.1, FCS_CKM.2.1, FCS_CKM_EXT.4.1, FCS_CKM_EXT.4.2, FCS_RBG_EXT.1.1, FCS_RNG.1, FCS_RNG.1.2, FCS_STO_EXT.1.1, FCS_TLS_EXT.1.1, FCS_TLSC_EXT, FCS_SSH_EXT.1.1, FCS_SSH_EXT.1.2, FCS_SSH_EXT.1.3, FCS_SSH_EXT.1.4, FCS_SSH_EXT.1.5, FCS_SSH_EXT.1.6, FCS_SSH_EXT.1.7, FCS_SSH_EXT.1.8, FCS_SSHC_EXT, FCS_SSHS_EXT, FCS_STO_EXT, FCS_RBG_EXT, FCS_CKM, FCS_CKM_EXT, FDP_ACF_EXT.1, FDP_ACF_EXT.1.1, FDP_ACF_EXT, FIA_AFL.1, FIA_UAU.5, FIA_AFL.1.1, FIA_AFL.1.2, FIA_UAU.5.1, FIA_UAU.5.2, FIA_AFL, FIA_UAU, FMT_MOF_EXT.1, FMT_SMF_EXT.1, FMT_SMF_EXT.1.1, FMT_MOF_EXT, FMT_SMF_EXT, FPT_ACF_EXT.1, FPT_ASLR_EXT.1, FPT_SBOP_EXT.1, FPT_TST_EXT.1, FPT_TUD_EXT.1, FPT_TUD_EXT.2, FPT_ACF_EXT.1.1, FPT_ACF_EXT.1.2, FPT_ASLR_EXT, FPT_SBOP_EXT, FPT_TST_EXT.1.1, FPT_TUD_EXT.1.1, FPT_TUD_EXT.1.2, FPT_TUD_EXT.2.1, FPT_TUD_EXT.2.2, FPT_TUD_EXT, FPT_ACF_EXT, FPT_TST_EXT, FTA_TAB.1, FTA_TAB.1.1, FTA_TAB, FTP_ITC_EXT.1, FTP_TRP.1, FTP_TRP.1.3, FTP_ITC_EXT.1.1, FTP_TRP.1.1, FTP_TRP.1.2, FTP_ITC_EXT, FTP_TRP
Certificates
BSI-DSZ-CC-1230
Evaluation facilities
atsec

Side-channel analysis
Bleichenbacher Attack
Certification process
out of scope, The OS relies upon a trustworthy computing platform for its execution. This underlying platform is out of scope of this PP. A.PROPER_USER PP Origin: OSPP The user of the OS is not willfully negligent or hostile

Standards
FIPS 186-4, FIPS 186-5, FIPS PUB 186-5, FIPS 140, NIST SP 800-38A, NIST SP 800-38E, NIST SP 800-38D, NIST SP 800-57, NIST SP 800-56A, RFC 5246, RFC 5288, RFC 5289, RFC 6125, RFC 4252, RFC 8332, RFC 5656, RFC 4253, RFC 5647, RFC 6668, RFC 8268, RFC 4251, RFC 5280, RFC 8603, RFC4253, RFC5656, RFC4252, RFC5280, RFC8603, X.509

File metadata

Title SUSE Linux Enterprise Server 15 SP7 Security Target (version 1.0 as of 2026-02-23)
Subject SUSE Linux Enterprise Server
Keywords SLES, operating system
Author SUSE supported by atsec consultants (generated by CCTool version 2.8.4.66)
Pages 65

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

Certificate ID

BSI-DSZ-CC-1230-2026

Extracted SARs

ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ALC_TSU_EXT.1, ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1, ATE_IND.1, AVA_VAN.1

CPE matches

Related CVEs

ID Links Severity CVSS Score Published on
Base score
CVE-2026-31431
C N
HIGH 7.8 22.04.2026

Scheme data

Cert Id BSI-DSZ-CC-1230-2026
Product SUSE Linux Enterprise Server, Version 15 SP7
Vendor SUSE LLC
Certification Date 24.02.2026
Category Operating systems
Url https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Betriebssysteme/1230.html
Enhanced
Product SUSE Linux Enterprise Server, Version 15 SP7
Applicant SUSE LLC 1221 S Valley Grove Way #500, Pleasant Grove UT 84062 United States
Evaluation Facility atsec information security GmbH
Protection Profile U.S. Government Approved Protection Profile - Protection Profile for General Purpose Operating Systems, Version 4.3, 27 September 2022, CCEVS-VR-PP-0091; Functional Package for Transport Layer Security (TLS), Version 1.1, 12 Februar 2019, NIAP; Functional Package for Secure Shell (SSH), Version 1.0, 13 May 2021, CCEVS-VR-PP-0075, NIAP;
Certification Date 24.02.2026
Expiration Date 23.02.2031
Report Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1230a_pdf.pdf?__blob=publicationFile&v=2
Target Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1230b_pdf.pdf?__blob=publicationFile&v=2
Cert Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1230c_pdf.pdf?__blob=publicationFile&v=2
Description SUSE Linux Enterprise Server 15 SP17 is a highly-configurable Linux-based operating system that has been developed to provide a good level of security as required in commercial environments. It also meets all requirements of the General Purpose Operating System Protection Profile together with the Functional Package for SSH Version 1.0 as well as the Functional Package for TLS Version 1.1.

References

No references are available for this certificate.

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "Other Devices and Systems",
  "cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1230c_pdf.pdf",
  "dgst": "553481e36a435b41",
  "heuristics": {
    "_type": "sec_certs.sample.cc_eucc_common.Heuristics",
    "annotated_references": null,
    "cert_id": "BSI-DSZ-CC-1230-2026",
    "cert_lab": [
      "BSI"
    ],
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:o:suse:linux_enterprise_server:15:sp7:*:*:-:-:*:*",
        "cpe:2.3:o:suse:linux_enterprise_server:15:sp7:*:*:-:sap:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "eal": "EAL1",
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_IND",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_CCL",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_INT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMC",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TSU_EXT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_TSS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_ECD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_OBJ",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_SPD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_FSP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ASE_REQ",
          "level": 2
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "15"
      ]
    },
    "indirect_transitive_cves": null,
    "next_certificates": null,
    "prev_certificates": null,
    "protection_profiles": {
      "_type": "Set",
      "elements": [
        "3d6ad6fde534f6c6",
        "ed9c9d74c3710878",
        "c40ae795865a0dba"
      ]
    },
    "related_cves": {
      "_type": "Set",
      "elements": [
        "CVE-2026-31431"
      ]
    },
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "scheme_data": {
      "category": "Operating systems",
      "cert_id": "BSI-DSZ-CC-1230-2026",
      "certification_date": "2026-02-24",
      "enhanced": {
        "applicant": "SUSE LLC 1221 S Valley Grove Way #500, Pleasant Grove UT 84062 United States",
        "cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1230c_pdf.pdf?__blob=publicationFile\u0026v=2",
        "certification_date": "2026-02-24",
        "description": "SUSE Linux Enterprise Server 15 SP17 is a highly-configurable Linux-based operating system that has been developed to provide a good level of security as required in commercial environments. It also meets all requirements of the General Purpose Operating System Protection Profile together with the Functional Package for SSH Version 1.0 as well as the Functional Package for TLS Version 1.1.",
        "evaluation_facility": "atsec information security GmbH",
        "expiration_date": "2031-02-23",
        "product": "SUSE Linux Enterprise Server, Version 15 SP7",
        "protection_profile": "U.S. Government Approved Protection Profile - Protection Profile for General Purpose Operating Systems, Version 4.3, 27 September 2022, CCEVS-VR-PP-0091; Functional Package for Transport Layer Security (TLS), Version 1.1, 12 Februar 2019, NIAP; Functional Package for Secure Shell (SSH), Version 1.0, 13 May 2021, CCEVS-VR-PP-0075, NIAP;",
        "report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1230a_pdf.pdf?__blob=publicationFile\u0026v=2",
        "target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1230b_pdf.pdf?__blob=publicationFile\u0026v=2"
      },
      "product": "SUSE Linux Enterprise Server, Version 15 SP7",
      "url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Betriebssysteme/1230.html",
      "vendor": "SUSE LLC"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "SUSE LLC",
  "manufacturer_web": "https://www.suse.com",
  "name": "SUSE Linux Enterprise Server, Version 15 SP7",
  "not_valid_after": "2031-02-24",
  "not_valid_before": "2026-02-24",
  "pdf_data": {
    "_type": "sec_certs.sample.cc_eucc_common.PdfData",
    "cert_filename": "1230c_pdf.pdf",
    "cert_frontpage": null,
    "cert_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1230-2026": 1
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_FSP.1": 1
        },
        "AGD": {
          "AGD_OPE.1": 1,
          "AGD_PRE.1": 1
        },
        "ALC": {
          "ALC_CMC.1": 1,
          "ALC_CMS.1": 1,
          "ALC_FLR": 1,
          "ALC_TSU_EXT.1": 1
        },
        "ASE": {
          "ASE_CCL.1": 1,
          "ASE_ECD.1": 1,
          "ASE_INT.1": 1,
          "ASE_OBJ.2": 1,
          "ASE_REQ.2": 1,
          "ASE_SPD.1": 1,
          "ASE_TSS.1": 1
        },
        "ATE": {
          "ATE_IND.1": 1
        },
        "AVA": {
          "AVA_VAN.1": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 2": 1,
          "EAL 4": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "SSH": {
          "SSH": 1
        },
        "TLS": {
          "TLS": {
            "TLS": 1
          }
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "ISO": {
          "ISO/IEC 15408": 2,
          "ISO/IEC 18045": 2
        }
      },
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "cert_metadata": {
      "/Author": "Federal Office for Information Security",
      "/Keywords": "\"Common Criteria, Certification, Zertifizierung, Protection Profile for General Purpose Operating Systems, Linux-based, SSH, TLS\"",
      "/Subject": "Common Criteria, Certification, Zertifizierung, Protection Profile for General Purpose Operating Systems, Linux-based, SSH, TLS",
      "/Title": "Certification Report BSI-DSZ-CC-1230-2026",
      "pdf_file_size_bytes": 238815,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 1
    },
    "report_filename": "1230a_pdf.pdf",
    "report_frontpage": {
      "DE": {
        "cc_security_level": "Common Criteria Part 3 extended ASE_CCL.1, ASE_ECD.1, ASE_INT.1, ASE_OBJ.2, ASE_REQ.2, ASE_SPD.1, ASE_TSS.1, ADV_FSP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMC.1, ALC_CMS.1, ALC_TSU_EXT.1, ATE_IND.1, AVA_VAN.1 valid until: 23 February 2031",
        "cc_version": "PP conformant Common Criteria Part 2 extended",
        "cert_id": "BSI-DSZ-CC-1230-2026",
        "cert_item": "SUSE Linux Enterprise Server Version 15 SP7",
        "cert_lab": "BSI",
        "developer": "SUSE LLC",
        "match_rules": [
          "(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
        ],
        "ref_protection_profiles": "U.S. Government Approved Protection Profile - Protection Profile for General Purpose Operating Systems, Version 4.3, 27 September 2022, CCEVS-VR-PP-0091, Functional Package for Transport Layer Security (TLS), Version 1.1, 12 Februar 2019, NIAP, Functional Package for Secure Shell (SSH), Version 1.0, 13 May 2021, CCEVS-VR-PP-0075, NIAP"
      }
    },
    "report_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDH": {
            "ECDH": 4
          },
          "ECDSA": {
            "ECDSA": 7
          }
        },
        "FF": {
          "DH": {
            "DH": 5,
            "Diffie-Hellman": 2
          }
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1230-2026": 16
        }
      },
      "cc_claims": {
        "OE": {
          "OE.PLATFORM": 1,
          "OE.PROPER_ADMIN": 1,
          "OE.PROPER_USER": 1
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_FSP.1": 2
        },
        "AGD": {
          "AGD_OPE.1": 2,
          "AGD_PRE.1": 2
        },
        "ALC": {
          "ALC_CMC.1": 2,
          "ALC_CMS.1": 2,
          "ALC_FLR": 3,
          "ALC_TSU_EXT.1": 3
        },
        "ASE": {
          "ASE_CCL.1": 2,
          "ASE_ECD.1": 2,
          "ASE_INT.1": 2,
          "ASE_OBJ.2": 2,
          "ASE_REQ.2": 2,
          "ASE_SPD.1": 2,
          "ASE_TSS.1": 2
        },
        "ATE": {
          "ATE_IND.1": 2
        },
        "AVA": {
          "AVA_VAN.1": 2
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 1": 1,
          "EAL 2": 3,
          "EAL 4": 3
        }
      },
      "cc_sfr": {
        "FTP": {
          "FTP_ITC_EXT.1": 2
        }
      },
      "certification_process": {
        "ConfidentialDocument": {
          "Evaluation Technical Report, Version 5, Date 23 February 2026, atsec information security GmbH (confidential document) [7] Protection Profile for General Purpose Operating Systems, Version 4.3, 27 September 2022": 1,
          "March 2019, NIAP [10] Configuration list for the TOE, Master Configuration List, as of 2026-02-23 (confidential document) [11] Guidance documentation for the TOE, Common Criteria Evaluated Configuration Guide for SUSE": 1,
          "being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 1
        },
        "CTR": {
          "CTR": 1
        },
        "GCM": {
          "GCM": 10
        },
        "XTS": {
          "XTS": 2
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 1
        }
      },
      "crypto_protocol": {
        "IKE": {
          "IKE": 1,
          "IKEv2": 1
        },
        "SSH": {
          "SSH": 21,
          "SSHv2": 1
        },
        "TLS": {
          "TLS": {
            "TLS": 17,
            "TLS 1.2": 1,
            "TLS 1.3": 1,
            "TLS v1.2": 2
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key agreement": 2
        },
        "KEX": {
          "KEX": 1,
          "Key Exchange": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "NIST P-384": 3,
          "P-384": 7,
          "P-521": 10
        }
      },
      "eval_facility": {
        "atsec": {
          "atsec": 3
        }
      },
      "hash_function": {
        "PBKDF": {
          "PBKDF2": 2
        },
        "SHA": {
          "SHA2": {
            "SHA-2": 6,
            "SHA-256": 2,
            "SHA-384": 1,
            "SHA-512": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 1
        },
        "RNG": {
          "RNG": 3
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "BSI": {
          "AIS 20": 2,
          "AIS 32": 1
        },
        "FIPS": {
          "FIPS 186-5": 2,
          "FIPS180-4": 10,
          "FIPS186-5": 6,
          "FIPS197": 3,
          "FIPS198-1": 4
        },
        "ISO": {
          "ISO/IEC 15408": 4,
          "ISO/IEC 17065": 2,
          "ISO/IEC 18045": 4
        },
        "PKCS": {
          "PKCS#1": 3
        },
        "RFC": {
          "RFC 8446": 1,
          "RFC2104": 2,
          "RFC2898": 2,
          "RFC4251": 2,
          "RFC4252": 3,
          "RFC4253": 6,
          "RFC4419": 2,
          "RFC5246": 5,
          "RFC5288": 3,
          "RFC5289": 2,
          "RFC5647": 3,
          "RFC5656": 3,
          "RFC5903": 2,
          "RFC6668": 2,
          "RFC8017": 4,
          "RFC8268": 2,
          "RFC8332": 2,
          "RFC8446": 1,
          "RFC84468": 1
        },
        "X509": {
          "X.509": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 10,
            "AES-": 1
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 6,
            "HMAC-SHA-256": 1,
            "HMAC-SHA-512": 1
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI TR-02102": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Federal Office for Information Security",
      "/Keywords": "\"Common Criteria, Certification, Zertifizierung, Protection Profile for General Purpose Operating Systems, Linux-based, SSH, TLS\"",
      "/Subject": "Common Criteria, Certification, Zertifizierung, Protection Profile for General Purpose Operating Systems, Linux-based, SSH, TLS",
      "/Title": "Certification Report BSI-DSZ-CC-1230-2026",
      "pdf_file_size_bytes": 381708,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 29
    },
    "st_filename": "1230b_pdf.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 3
          },
          "ECDH": {
            "ECDH": 3,
            "ECDHE": 2
          },
          "ECDSA": {
            "ECDSA": 8
          }
        },
        "FF": {
          "DH": {
            "DH": 1,
            "Diffie-Hellman": 2
          },
          "DSA": {
            "DSA": 1
          }
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1230": 1
        }
      },
      "cc_claims": {
        "A": {
          "A.PLATFORM": 4,
          "A.PROPER_ADMIN": 4,
          "A.PROPER_USER": 4
        },
        "O": {
          "O.ACCOUNTABILITY": 7,
          "O.INTEGRITY": 18,
          "O.MANAGEMENT": 9,
          "O.PROTECTED_COMMS": 23,
          "O.PROTECTED_STORAGE": 8
        },
        "OE": {
          "OE.PLATFORM": 3,
          "OE.PROPER_ADMIN": 2,
          "OE.PROPER_USER": 3
        },
        "T": {
          "T.LIMITED_PHYSICAL_ACCESS": 3,
          "T.LOCAL_ATTACK": 2,
          "T.NETWORK_ATTACK": 10,
          "T.NETWORK_EAVESDROP": 4
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ALC": {
          "ALC_TSU_EXT": 5,
          "ALC_TSU_EXT.1": 4
        }
      },
      "cc_security_level": {},
      "cc_sfr": {
        "FAU": {
          "FAU_GEN": 1,
          "FAU_GEN.1": 8,
          "FAU_GEN.1.1": 1,
          "FAU_GEN.1.2": 1
        },
        "FCS": {
          "FCS_CKM": 2,
          "FCS_CKM.1": 9,
          "FCS_CKM.1.1": 1,
          "FCS_CKM.2": 9,
          "FCS_CKM.2.1": 1,
          "FCS_CKM_EXT": 1,
          "FCS_CKM_EXT.4": 10,
          "FCS_CKM_EXT.4.1": 2,
          "FCS_CKM_EXT.4.2": 1,
          "FCS_COP": 49,
          "FCS_COP.1": 5,
          "FCS_RBG_EXT": 2,
          "FCS_RBG_EXT.1": 10,
          "FCS_RBG_EXT.1.1": 1,
          "FCS_RBG_EXT.1.2": 2,
          "FCS_RNG.1": 2,
          "FCS_RNG.1.2": 1,
          "FCS_SSHC_EXT": 1,
          "FCS_SSHC_EXT.1": 8,
          "FCS_SSHS_EXT": 1,
          "FCS_SSHS_EXT.1": 9,
          "FCS_SSHS_EXT.1.3": 1,
          "FCS_SSH_EXT": 1,
          "FCS_SSH_EXT.1": 14,
          "FCS_SSH_EXT.1.1": 1,
          "FCS_SSH_EXT.1.2": 1,
          "FCS_SSH_EXT.1.3": 1,
          "FCS_SSH_EXT.1.4": 1,
          "FCS_SSH_EXT.1.5": 1,
          "FCS_SSH_EXT.1.6": 1,
          "FCS_SSH_EXT.1.7": 1,
          "FCS_SSH_EXT.1.8": 1,
          "FCS_STO_EXT": 1,
          "FCS_STO_EXT.1": 8,
          "FCS_STO_EXT.1.1": 1,
          "FCS_TLSC_EXT": 5,
          "FCS_TLSC_EXT.1": 11,
          "FCS_TLSC_EXT.2": 9,
          "FCS_TLSC_EXT.5": 9,
          "FCS_TLSS_EXT.1.1": 1,
          "FCS_TLS_EXT.1": 9,
          "FCS_TLS_EXT.1.1": 1
        },
        "FDP": {
          "FDP_ACF_EXT": 1,
          "FDP_ACF_EXT.1": 8,
          "FDP_ACF_EXT.1.1": 1
        },
        "FIA": {
          "FIA_AFL": 1,
          "FIA_AFL.1": 8,
          "FIA_AFL.1.1": 1,
          "FIA_AFL.1.2": 1,
          "FIA_UAU": 1,
          "FIA_UAU.5": 8,
          "FIA_UAU.5.1": 1,
          "FIA_UAU.5.2": 1
        },
        "FMT": {
          "FMT_MOF_EXT": 2,
          "FMT_MOF_EXT.1": 8,
          "FMT_SMF_EXT": 1,
          "FMT_SMF_EXT.1": 9,
          "FMT_SMF_EXT.1.1": 2
        },
        "FPT": {
          "FPT_ACF_EXT": 1,
          "FPT_ACF_EXT.1": 8,
          "FPT_ACF_EXT.1.1": 1,
          "FPT_ACF_EXT.1.2": 1,
          "FPT_ASLR_EXT": 2,
          "FPT_ASLR_EXT.1": 8,
          "FPT_SBOP_EXT": 1,
          "FPT_SBOP_EXT.1": 10,
          "FPT_TST_EXT": 1,
          "FPT_TST_EXT.1": 8,
          "FPT_TST_EXT.1.1": 1,
          "FPT_TUD_EXT": 2,
          "FPT_TUD_EXT.1": 9,
          "FPT_TUD_EXT.1.1": 1,
          "FPT_TUD_EXT.1.2": 1,
          "FPT_TUD_EXT.2": 8,
          "FPT_TUD_EXT.2.1": 1,
          "FPT_TUD_EXT.2.2": 1
        },
        "FTA": {
          "FTA_TAB": 1,
          "FTA_TAB.1": 8,
          "FTA_TAB.1.1": 1
        },
        "FTP": {
          "FTP_ITC_EXT": 3,
          "FTP_ITC_EXT.1": 8,
          "FTP_ITC_EXT.1.1": 1,
          "FTP_TRP": 1,
          "FTP_TRP.1": 8,
          "FTP_TRP.1.1": 1,
          "FTP_TRP.1.2": 1,
          "FTP_TRP.1.3": 2
        }
      },
      "certification_process": {
        "OutOfScope": {
          "The OS relies upon a trustworthy computing platform for its execution. This underlying platform is out of scope of this PP. A.PROPER_USER PP Origin: OSPP The user of the OS is not willfully negligent or hostile": 1,
          "out of scope": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 2
        },
        "CCM": {
          "CCM": 1
        },
        "CTR": {
          "CTR": 2
        },
        "GCM": {
          "GCM": 2
        },
        "XTS": {
          "XTS": 2
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 9
        },
        "libgcrypt": {
          "libgcrypt": 2
        }
      },
      "crypto_protocol": {
        "PGP": {
          "PGP": 1
        },
        "SSH": {
          "SSH": 106,
          "SSHv2": 3
        },
        "TLS": {
          "DTLS": {
            "DTLS": 1
          },
          "SSL": {
            "SSL": 2
          },
          "TLS": {
            "TLS": 107,
            "TLS 1.1": 2,
            "TLS 1.2": 2,
            "TLS v1.2": 1,
            "TLSv1.0": 1,
            "TLSv1.1": 1,
            "TLSv1.2": 4
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1
        },
        "MAC": {
          "MAC": 4
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-384": 16,
          "P-521": 16,
          "secp384r1": 2,
          "secp521r1": 2
        }
      },
      "eval_facility": {
        "atsec": {
          "atsec": 1
        }
      },
      "hash_function": {
        "PBKDF": {
          "PBKDF": 1
        },
        "SHA": {
          "SHA2": {
            "SHA-256": 6,
            "SHA-384": 6,
            "SHA-512": 6
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 5,
          "PRNG": 1
        },
        "RNG": {
          "RBG": 2,
          "RNG": 6
        }
      },
      "side_channel_analysis": {
        "other": {
          "Bleichenbacher Attack": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140": 1,
          "FIPS 186-4": 2,
          "FIPS 186-5": 1,
          "FIPS PUB 186-5": 5
        },
        "NIST": {
          "NIST SP 800-38A": 2,
          "NIST SP 800-38D": 2,
          "NIST SP 800-38E": 2,
          "NIST SP 800-56A": 1,
          "NIST SP 800-57": 1
        },
        "RFC": {
          "RFC 4251": 1,
          "RFC 4252": 6,
          "RFC 4253": 5,
          "RFC 5246": 11,
          "RFC 5280": 3,
          "RFC 5288": 2,
          "RFC 5289": 4,
          "RFC 5647": 1,
          "RFC 5656": 9,
          "RFC 6125": 2,
          "RFC 6668": 2,
          "RFC 8268": 2,
          "RFC 8332": 6,
          "RFC 8603": 1,
          "RFC4252": 4,
          "RFC4253": 4,
          "RFC5280": 1,
          "RFC5656": 2,
          "RFC8603": 1
        },
        "X509": {
          "X.509": 14
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 5,
            "AES-256": 1
          }
        },
        "constructions": {
          "MAC": {
            "CBC-MAC": 1,
            "HMAC": 4,
            "HMAC-SHA-256": 2,
            "HMAC-SHA-384": 2,
            "HMAC-SHA-512": 2
          }
        }
      },
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {
        "TLS": {
          "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256": 2,
          "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384": 2,
          "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 2,
          "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": 2
        }
      },
      "vendor": {
        "Microsoft": {
          "Microsoft": 2
        }
      },
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "SUSE supported by atsec consultants (generated by CCTool version 2.8.4.66)",
      "/Keywords": "SLES, operating system",
      "/Subject": "SUSE Linux Enterprise Server",
      "/Title": "SUSE Linux Enterprise Server 15 SP7 Security Target (version 1.0 as of 2026-02-23)",
      "pdf_file_size_bytes": 883405,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://www.niap-ccevs.org/technical-decisions/TD0739",
          "http://tools.ietf.org/html/rfc4252",
          "https://www.niap-ccevs.org/technical-decisions/TD0682",
          "https://www.niap-ccevs.org/technical-decisions/TD0812",
          "https://www.niap-ccevs.org/technical-decisions/TD0773",
          "https://www.niap-ccevs.org/technical-decisions/TD0955",
          "https://www.niap-ccevs.org/technical-decisions/TD0469",
          "https://www.niap-ccevs.org/protectionprofiles/469",
          "https://www.niap-ccevs.org/technical-decisions/TD0675",
          "http://tools.ietf.org/html/rfc4253",
          "https://www.niap-ccevs.org/technical-decisions/TD0906",
          "https://www.niap-ccevs.org/technical-decisions/TD0839",
          "https://www.niap-ccevs.org/technical-decisions/TD0512",
          "https://www.suse.com/support/security/",
          "https://www.niap-ccevs.org/technical-decisions/TD0930",
          "http://www.commoncriteriaportal.org/files/ccfiles/CCPART1V3.1R5.pdf",
          "https://www.niap-ccevs.org/technical-decisions/TD0691",
          "https://www.niap-ccevs.org/technical-decisions/TD0779",
          "https://www.niap-ccevs.org/technical-decisions/TD0789",
          "https://www.niap-ccevs.org/technical-decisions/TD0696",
          "https://www.niap-ccevs.org/technical-decisions/TD0442",
          "https://www.suse.com/support/update/",
          "https://www.niap-ccevs.org/protectionprofiles/439",
          "https://www.niap-ccevs.org/technical-decisions/TD0770",
          "https://www.niap-ccevs.org/technical-decisions/TD0726",
          "https://www.niap-ccevs.org/technical-decisions/TD0695",
          "https://www.niap-ccevs.org/technical-decisions/TD0713",
          "https://www.niap-ccevs.org/technical-decisions/TD0904",
          "https://www.niap-ccevs.org/technical-decisions/TD0712",
          "https://www.suse.com/support/security/contact/",
          "https://www.niap-ccevs.org/technical-decisions/TD0499",
          "https://www.niap-ccevs.org/protectionprofiles/459",
          "http://www.commoncriteriaportal.org/files/ccfiles/CCPART3V3.1R5.pdf",
          "https://www.niap-ccevs.org/technical-decisions/TD0844",
          "https://www.niap-ccevs.org/technical-decisions/TD0777",
          "https://www.niap-ccevs.org/technical-decisions/TD0732",
          "http://tools.ietf.org/html/rfc5656",
          "https://www.niap-ccevs.org/technical-decisions/TD0873",
          "https://www.niap-ccevs.org/technical-decisions/TD0693",
          "https://www.niap-ccevs.org/technical-decisions/TD0821",
          "https://www.niap-ccevs.org/technical-decisions/TD0701",
          "http://www.commoncriteriaportal.org/files/ccfiles/CCPART2V3.1R5.pdf"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 65
    }
  },
  "protection_profile_links": {
    "_type": "Set",
    "elements": [
      "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pkg_ssh_v1.0.pdf",
      "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/PKG_TLS_V1.1.pdf",
      "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/PP_OS_4.3.pdf"
    ]
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1230a_pdf.pdf",
  "scheme": "DE",
  "security_level": {
    "_type": "Set",
    "elements": []
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1230b_pdf.pdf",
  "state": {
    "_type": "sec_certs.sample.cc_eucc_common.InternalState",
    "cert": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": "1ab7c93189b7ec797ceeb448302cf2544873cf9fb215505cd092b5123b954a12",
      "txt_hash": "417f3b36cdfd4f3e0a586aeab86a84f328df7dbe2aa0a6e45786f257d6744d58"
    },
    "report": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": "156481d76f32afcaa543bdb7a73f2272b00d738ad28bf916bf1740847c1e7be8",
      "txt_hash": "ab8648a8e526fc4eb4d5f0617a2a478742d1afbeb5dd26cb5a62b1a5ed2d7bbd"
    },
    "st": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": "420a77e5b3ece2a0f85b6d5d013d3cb15f49249b57e3a24735f2baa34219e355",
      "txt_hash": "361bdbbdf48b5df79fdee0eb409df522f6ac46cd65e93dbb63c97556646d2272"
    }
  },
  "status": "active"
}