secunet eID PKI Suite Certified CA Kernel, Version 2.0.3

CSV information ?

Status active
Valid from 15.01.2021
Valid until 14.01.2026
Scheme 🇩🇪 DE
Manufacturer Secunet Security Networks AG
Category Network and Network-Related Devices and Systems
Security level ALC_FLR.2, EAL4

Heuristics summary ?

Certificate ID: BSI-DSZ-CC-1144-2021

Certificate ?

Extracted keywords

Security level
EAL 4, EAL 2, EAL 4 augmented
Security Assurance Requirements (SAR)
ALC_FLR.2, ALC_FLR
Certificates
BSI-DSZ-CC-1144-2021, 383-6-3-CR

Standards
ISO/IEC 15408, ISO/IEC 18045

File metadata

Title Certificate BSI-DSZ-CC-1144-2021
Subject secunet eID PKI Suite Certified CA Kernel
Keywords "Common Criteria, Certification, Zertifizierung, secunet, PKI Suite, CA Kernel"
Author Bundesamt für Sicherheit in der Informationstechnik
Creation date D:20210120142647+01'00'
Modification date D:20210202150216+01'00'
Pages 1
Creator Writer
Producer LibreOffice 6.3

Certification report ?

Extracted keywords

Symmetric Algorithms
E2, HMAC
Hash functions
SHA256, SHA-256
Protocols
SSH, TLS 1.2

Security level
EAL 4, EAL 2, EAL 1, EAL 2+, EAL 4 augmented
Security Assurance Requirements (SAR)
AGD_PRE.1, AGD_OPE.1, ALC_FLR.2, ALC_FLR, ALC_CMS.4, AVA_VAN.3, AVA_VAN.5
Certificates
BSI-DSZ-CC-1144-2021, BSI-DSZ-CC-0960-2015, 383-6-3-CR
Evaluation facilities
SRC Security Research & Consulting

Certification process
being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification, 08.01.2021, Evaluation Technical Report (ETR) - Summary, SRC Security Research & Consulting GmbH, (confidential document) [8] Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Konfigurationsliste ALC_CMS.4, cms_secunet+eID+PKI+Suite_V.1.3.6.pdf, secunet Security Networks AG (confidential document) and Configuration list for the TOE, 06.11.2020, Liste aller source code-Dateien, dateiliste.txt, Security Networks AG (confidential document) [10] Guidance documentation for the TOE, Version 3.4.6, 18.12.2020, Handbuch (AGD_PRE.1 und

Standards
FIPS 140-2, AIS 32, AIS 38, RFC 5280, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, ICAO, X.509
Technical reports
BSI TR-03110, BSI 7148

File metadata

Title Certification Report BSI-DSZ-CC-1144-2021
Subject secunet eID PKI Suite Certified CA Kernel
Keywords "Common Criteria, Certification, Zertifizierung, secunet, PKI Suite, CA Kernel"
Author Bundesamt für Sicherheit in der Informationstechnik
Creation date D:20210120142647+01'00'
Modification date D:20210201124346+01'00'
Pages 30
Creator Writer
Producer LibreOffice 6.3

Frontpage

Certificate ID BSI-DSZ-CC-1144-2021
Certified item secunet eID PKI Suite Certified CA Kernel, Version 2.0.3
Certification lab BSI
Developer secunet Security Networks AG

References

Outgoing

Security target ?

Extracted keywords

Symmetric Algorithms
AES, DES, HMAC
Asymmetric Algorithms
ECDSA
Hash functions
SHA-1, SHA-256, SHA-224, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512
Schemes
MAC
Protocols
SSL
Randomness
RNG
Elliptic Curves
P-192, P-224, P-256, P-384, P-521, Curve P-256, K-163, K-283, K-409, K-571, B-163, B-233, B-283, B-409, B-571, brainpoolP224r1, brainpoolP256r1, brainpoolP320r1, brainpoolP384r1, brainpoolP512r1, brainpoolP224t1, brainpoolP256t1, brainpoolP320t1, brainpoolP384t1, brainpoolP512t1, FRP256v1
Block cipher modes
ECB, CBC

Security level
EAL 4, EAL4, EAL 4 augmented, EAL4 augmented
Claims
A.CPS, A.HSM, OE.CPS, OE.HSM
Security Assurance Requirements (SAR)
ADV_ARC, ADV_FSP, ADV_IMP.1, ADV_TDS, AGD_OPE, AGD_PRE, ALC_FLR.2, ALC_CMC, ALC_CMS, ALC_DEL, ALC_DVS.1, ALC_FLR, ALC_LCD.1, ALC_TAT.1, ATE_COV, ATE_DPT.1, ATE_FUN, ATE_IND, AVA_VAN.5, AVA_VAN
Security Functional Requirements (SFR)
FAU_STG.1, FAU_GEN.1, FAU_GEN.2, FAU_SEL.1, FAU_STG.4, FAU_GEN.1.1, FAU_GEN.1.2, FAU_GEN.2.1, FAU_SEL.1.1, FAU_STG.1.1, FAU_STG.1.2, FAU_STG.4.1, FCO_NRO_CIMC.3, FCO_NRO_CIMC.4, FCO_NRO_CIMC.3.1, FCO_NRO_CIMC.3.2, FCO_NRO_CIMC.3.3, FCO_NRO_CIMC.4.1, FCO_NRO_CIMC.4.2, FCS_CKM_CIMC.5, FCS_CKM.1, FCS_CKM_CIMC.5.1, FCS_CKM.4, FCS_SOF_CIMC.1, FDP_CIMC_CER.1, FDP_ETC_CIMC.5, FDP_UCT.1, FDP_ITT.1, FDP_ACC.1, FDP_ACF.1, FDP_CIMC_CRL.1, FDP_CIMC_CSE.1, FDP_SDI_CIMC.3, FDP_CIMC_OCSP.1, FDP_ACF_CIMC.2, FDP_ACF_CIMC.3, FDP_ACC.1.1, FDP_ACF.1.1, FDP_ACF.1.2, FDP_ACF.1.3, FDP_ACF.1.4, FDP_CIMC_CSE.1.1, FDP_SDI_CIMC.3.1, FDP_SDI_CIMC.3.2, FDP_CIMC_CER.1.1, FDP_CIMC_CER.1.2, FDP_CIMC_CER.1.3, FDP_CIMC_CER.1.4, FDP_CIMC_CRL.1.1, FDP_IFC.1, FIA_ATD.1, FIA_SOS.1, FIA_UAU.1, FIA_UID.1, FIA_USB.1, FIA_ATD.1.1, FIA_SOS.1.1, FIA_UAU.1.1, FIA_UAU.1.2, FIA_UID.1.1, FIA_UID.1.2, FIA_USB.1.1, FIA_USB.1.2, FIA_USB.1.3, FIA_UAU, FMT_MTD_CIMC.7, FMT_MOF.1, FMT_MOF_CIMC.3, FMT_MOF_CIMC.5, FMT_MTD.1, FMT_MSA.1, FMT_SMR.1, FMT_MOF_CIMC.6, FMT_MTD_CIMC.4, FMT_MTD_CIMC.5, FMT_MOF.1.1, FMT_MSA.1.1, FMT_MTD.1.1, FMT_SMR.1.1, FMT_SMR.1.2, FMT_MOF_CIMC.3.1, FMT_MOF_CIMC.3.2, FMT_MOF_CIMC.3.3, FMT_MOF_CIMC.3.4, FMT_MOF_CIMC.5.1, FMT_MOF_CIMC.5.2, FMT_MOF_CIMC.5.3, FMT_MSA.3, FMT_SMF.1, FPT_ITC.1, FPT_ITT.1, FPT_CIMC_TSP.1, FPT_STM.1, FPT_CIMC_TSP.1.1, FPT_CIMC_TSP.1.2, FPT_CIMC_TSP.1.3, FPT_CIMC_TSP.1.4
Certificates
BSI-DSZ-CC-1144

Standards
FIPS 140-2, FIPS 186-2, FIPS140-2, FIPS PUB 140-2, NIST SP 800-90, PKCS #1, PKCS#1, RFC5280, RFC6960, RFC2104, RFC 5280, RFC4210, RFC4211, ICAO, X.509, CCMB-2017-04-001, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004
Technical reports
BSI TR-03110

File metadata

Title secunet eID PKI Suite Certified CA Kernel Security Target
Subject Common Criteria certification of secunet eID PKI Suite Certified CA Kernel (in short: Certified CA Kernel)
Keywords Public Key Infrastructure, PKI, Certificate Issuing and Management Component
Author secunet Security Networks AG
Creation date D:20210108101730Z00'00'
Modification date D:20210108111900+01'00'
Pages 75
Creator Word
Producer macOS Version 10.15.7 (Build 19H2) Quartz PDFContext

Heuristics ?

Certificate ID: BSI-DSZ-CC-1144-2021

Extracted SARs

ADV_IMP.1, AGD_OPE.1, AGD_PRE.1, ALC_CMS.4, ALC_DVS.1, ALC_FLR.2, ALC_LCD.1, ALC_TAT.1, ATE_DPT.1, AVA_VAN.5

Scheme data ?

Cert Id BSI-DSZ-CC-1144-2021
Product secunet eID PKI Suite Certified CA Kernel, Version 2.0.3
Vendor secunet Security Networks AG
Certification Date 15.01.2021
Category Network and Network related Devices and Systems
Url https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Netzwerk_und_Kommunikationsprodukte/1144.html
Enhanced
Product secunet eID PKI Suite Certified CA Kernel, Version 2.0.3
Applicant secunet Security Networks AG Weidenauer Straße 223-225 57076 Siegen
Evaluation Facility SRC Security Research & Consulting GmbH
Assurance Level EAL4,ALC_FLR.2
Protection Profile Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Communications Security Establishment Canada, Document number: 383-6-3-CR
Certification Date 15.01.2021
Expiration Date 14.01.2026
Report Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144a_pdf.pdf?__blob=publicationFile&v=7
Target Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144b_pdf.pdf?__blob=publicationFile&v=4
Cert Link https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144c_pdf.pdf?__blob=publicationFile&v=4
Description The Target of evaluation is the product secunet eID PKI Suite Certified CA Kernel provided by secunet Security Networks AG. The TOE type is "Certificate Issuing and Management Component". The TOE is a CA (Certification Authority) Kernel that provides request, issuance, revocation, and overall management of certificates and certificate status information. The secunet eID PKI Suite Certified CA Kernel supports Extended Access Control Certification Authorities (EAC CAs,) according the Technical Guideline BSI TR-03110 and International Civil Aviation Organization CAs (ICAO CAs), which are X.509 CAs according to ITU-T X.509. For cryptographic operations the secunet CA Kernel relies on a FIPS-2 Level 3 validated Hardware Security Module (HSM). The CA-Server administrator integrates the secunet eID PKI Suite Certified CA Kernel into a TOE functional environment. He is defined as the TOE end-user.

References ?

Updates ?

  • 21.11.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The following values were inserted: {'prev_certificates': [], 'next_certificates': []}.
  • 09.11.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The scheme_data property was updated, with the {'certification_date': '2021-01-15', 'enhanced': {'__update__': {'applicant': 'secunet Security Networks AG Weidenauer Straße 223-225 57076 Siegen', 'certification_date': '2021-01-15', 'expiration_date': '2026-01-14'}}} data.
  • 22.08.2024 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The st property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '829c5c955e3a5ac85ba0e37c4e3c12c2f0953e786b6e61ae15188522d8c575ee', 'txt_hash': '7d5ec433d3dbade33ff14a74d315e0e9d5a3717a943698b1e4b4f699b466d384'} data.
    • The cert property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '860e7a5a6f89bf7f115610bdf694c2fc56a301db7cf31fbffc45343671b0b50a', 'txt_hash': 'a03ada1c13d973e22149bde4c278f27c912cedb1ec1e1a2968b8683ec8aff1e5'} data.

    The PDF extraction data was updated.

    • The st_metadata property was set to {'pdf_file_size_bytes': 1688822, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 75, '/Author': 'secunet Security Networks AG', '/CreationDate': "D:20210108101730Z00'00'", '/Creator': 'Word', '/Keywords': 'Public Key Infrastructure, PKI, Certificate Issuing and Management Component', '/ModDate': "D:20210108111900+01'00'", '/Producer': 'macOS Version 10.15.7 (Build 19H2) Quartz PDFContext', '/Subject': 'Common Criteria certification of secunet eID PKI Suite Certified CA Kernel (in short: Certified CA Kernel)', '/Title': 'secunet eID PKI Suite Certified CA Kernel Security Target', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The cert_metadata property was set to {'pdf_file_size_bytes': 242421, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 1, '/Author': 'Bundesamt für Sicherheit in der Informationstechnik', '/CreationDate': "D:20210120142647+01'00'", '/Creator': 'Writer', '/Keywords': '"Common Criteria, Certification, Zertifizierung, secunet, PKI Suite, CA Kernel"', '/ModDate': "D:20210202150216+01'00'", '/Producer': 'LibreOffice 6.3', '/Subject': 'secunet eID PKI Suite Certified CA Kernel', '/Title': 'Certificate BSI-DSZ-CC-1144-2021', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.
    • The st_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1144': 2}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 5, 'EAL4': 1, 'EAL 4 augmented': 2, 'EAL4 augmented': 1}}, 'cc_sar': {'ADV': {'ADV_ARC': 1, 'ADV_FSP': 1, 'ADV_IMP.1': 1, 'ADV_TDS': 1}, 'AGD': {'AGD_OPE': 1, 'AGD_PRE': 1}, 'ALC': {'ALC_FLR.2': 4, 'ALC_CMC': 1, 'ALC_CMS': 1, 'ALC_DEL': 1, 'ALC_DVS.1': 1, 'ALC_FLR': 1, 'ALC_LCD.1': 1, 'ALC_TAT.1': 1}, 'ATE': {'ATE_COV': 1, 'ATE_DPT.1': 1, 'ATE_FUN': 1, 'ATE_IND': 1}, 'AVA': {'AVA_VAN.5': 2, 'AVA_VAN': 1}}, 'cc_sfr': {'FAU': {'FAU_STG.1': 10, 'FAU_GEN.1': 16, 'FAU_GEN.2': 6, 'FAU_SEL.1': 8, 'FAU_STG.4': 6, 'FAU_GEN.1.1': 1, 'FAU_GEN.1.2': 1, 'FAU_GEN.2.1': 1, 'FAU_SEL.1.1': 1, 'FAU_STG.1.1': 1, 'FAU_STG.1.2': 1, 'FAU_STG.4.1': 1}, 'FCO': {'FCO_NRO_CIMC.3': 13, 'FCO_NRO_CIMC.4': 6, 'FCO_NRO_CIMC.3.1': 1, 'FCO_NRO_CIMC.3.2': 1, 'FCO_NRO_CIMC.3.3': 4, 'FCO_NRO_CIMC.4.1': 1, 'FCO_NRO_CIMC.4.2': 1}, 'FCS': {'FCS_CKM_CIMC.5': 7, 'FCS_CKM.1': 1, 'FCS_CKM_CIMC.5.1': 1, 'FCS_CKM.4': 3, 'FCS_SOF_CIMC.1': 1}, 'FDP': {'FDP_CIMC_CER.1': 7, 'FDP_ETC_CIMC.5': 3, 'FDP_UCT.1': 2, 'FDP_ITT.1': 2, 'FDP_ACC.1': 11, 'FDP_ACF.1': 12, 'FDP_CIMC_CRL.1': 7, 'FDP_CIMC_CSE.1': 6, 'FDP_SDI_CIMC.3': 5, 'FDP_CIMC_OCSP.1': 2, 'FDP_ACF_CIMC.2': 1, 'FDP_ACF_CIMC.3': 1, 'FDP_ACC.1.1': 1, 'FDP_ACF.1.1': 5, 'FDP_ACF.1.2': 1, 'FDP_ACF.1.3': 2, 'FDP_ACF.1.4': 2, 'FDP_CIMC_CSE.1.1': 1, 'FDP_SDI_CIMC.3.1': 2, 'FDP_SDI_CIMC.3.2': 2, 'FDP_CIMC_CER.1.1': 2, 'FDP_CIMC_CER.1.2': 2, 'FDP_CIMC_CER.1.3': 2, 'FDP_CIMC_CER.1.4': 1, 'FDP_CIMC_CRL.1.1': 1, 'FDP_IFC.1': 1}, 'FIA': {'FIA_ATD.1': 8, 'FIA_SOS.1': 8, 'FIA_UAU.1': 9, 'FIA_UID.1': 19, 'FIA_USB.1': 6, 'FIA_ATD.1.1': 1, 'FIA_SOS.1.1': 1, 'FIA_UAU.1.1': 1, 'FIA_UAU.1.2': 1, 'FIA_UID.1.1': 1, 'FIA_UID.1.2': 1, 'FIA_USB.1.1': 1, 'FIA_USB.1.2': 1, 'FIA_USB.1.3': 1, 'FIA_UAU': 1}, 'FMT': {'FMT_MTD_CIMC.7': 3, 'FMT_MOF.1': 16, 'FMT_MOF_CIMC.3': 7, 'FMT_MOF_CIMC.5': 8, 'FMT_MTD.1': 10, 'FMT_MSA.1': 8, 'FMT_SMR.1': 18, 'FMT_MOF_CIMC.6': 3, 'FMT_MTD_CIMC.4': 1, 'FMT_MTD_CIMC.5': 1, 'FMT_MOF.1.1': 1, 'FMT_MSA.1.1': 1, 'FMT_MTD.1.1': 1, 'FMT_SMR.1.1': 1, 'FMT_SMR.1.2': 1, 'FMT_MOF_CIMC.3.1': 2, 'FMT_MOF_CIMC.3.2': 3, 'FMT_MOF_CIMC.3.3': 3, 'FMT_MOF_CIMC.3.4': 2, 'FMT_MOF_CIMC.5.1': 2, 'FMT_MOF_CIMC.5.2': 3, 'FMT_MOF_CIMC.5.3': 3, 'FMT_MSA.3': 2, 'FMT_SMF.1': 6}, 'FPT': {'FPT_ITC.1': 2, 'FPT_ITT.1': 2, 'FPT_CIMC_TSP.1': 7, 'FPT_STM.1': 3, 'FPT_CIMC_TSP.1.1': 1, 'FPT_CIMC_TSP.1.2': 1, 'FPT_CIMC_TSP.1.3': 1, 'FPT_CIMC_TSP.1.4': 1}}, 'cc_claims': {'A': {'A.CPS': 3, 'A.HSM': 3}, 'OE': {'OE.CPS': 5, 'OE.HSM': 5}}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 3}}, 'DES': {'DES': {'DES': 3}}, 'constructions': {'MAC': {'HMAC': 12}}}, 'asymmetric_crypto': {'ECC': {'ECDSA': {'ECDSA': 2}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 3}, 'SHA2': {'SHA-256': 6, 'SHA-224': 5, 'SHA-384': 5, 'SHA-512': 6}, 'SHA3': {'SHA3-224': 2, 'SHA3-256': 2, 'SHA3-384': 2, 'SHA3-512': 2}}}, 'crypto_scheme': {'MAC': {'MAC': 4}}, 'crypto_protocol': {'TLS': {'SSL': {'SSL': 2}}}, 'randomness': {'RNG': {'RNG': 1}}, 'cipher_mode': {'ECB': {'ECB': 1}, 'CBC': {'CBC': 1}}, 'ecc_curve': {'NIST': {'P-192': 2, 'P-224': 4, 'P-256': 3, 'P-384': 4, 'P-521': 2, 'Curve P-256': 1, 'K-163': 1, 'K-283': 1, 'K-409': 1, 'K-571': 1, 'B-163': 1, 'B-233': 1, 'B-283': 1, 'B-409': 1, 'B-571': 1}, 'Brainpool': {'brainpoolP224r1': 1, 'brainpoolP256r1': 1, 'brainpoolP320r1': 1, 'brainpoolP384r1': 1, 'brainpoolP512r1': 1, 'brainpoolP224t1': 1, 'brainpoolP256t1': 1, 'brainpoolP320t1': 1, 'brainpoolP384t1': 1, 'brainpoolP512t1': 1}, 'ANSSI': {'FRP256v1': 1}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI TR-03110': 7}}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 140-2': 9, 'FIPS 186-2': 4, 'FIPS140-2': 1, 'FIPS PUB 140-2': 1}, 'NIST': {'NIST SP 800-90': 1}, 'PKCS': {'PKCS #1': 2, 'PKCS#1': 2}, 'RFC': {'RFC5280': 4, 'RFC6960': 3, 'RFC2104': 5, 'RFC 5280': 3, 'RFC4210': 1, 'RFC4211': 1}, 'ICAO': {'ICAO': 2}, 'X509': {'X.509': 30}, 'CC': {'CCMB-2017-04-001': 1, 'CCMB-2017-04-002': 1, 'CCMB-2017-04-003': 1, 'CCMB-2017-04-004': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
    • The cert_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1144-2021': 1}, 'CA': {'383-6-3-CR': 1}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 1, 'EAL 2': 1, 'EAL 4 augmented': 1}}, 'cc_sar': {'ALC': {'ALC_FLR.2': 1, 'ALC_FLR': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'ISO': {'ISO/IEC 15408': 2, 'ISO/IEC 18045': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
    • The st_filename property was set to 1144b_pdf.pdf.
    • The cert_filename property was set to 1144c_pdf.pdf.

    The computed heuristics were updated.

    • The report_references property was updated, with the {'directly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0960-2015']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['BSI-DSZ-CC-0960-2015']}} data.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}]} values added.
  • 19.08.2024 The certificate data changed.
    Certificate changed

    The state of the certificate object was updated.

    • The report property was updated, with the {'download_ok': True, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '791f3810e8feabeb6ecd3b3cd7d7792cdfaccb8bbb95e7bbce38d383ff5c1dfb', 'txt_hash': '89a08e342e5977cb9144f871c6314198b43d0acee74796d51d54cf114eba7491'} data.

    The PDF extraction data was updated.

    • The report_metadata property was set to {'pdf_file_size_bytes': 435936, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 30, '/Author': 'Bundesamt für Sicherheit in der Informationstechnik', '/CreationDate': "D:20210120142647+01'00'", '/Creator': 'Writer', '/Keywords': '"Common Criteria, Certification, Zertifizierung, secunet, PKI Suite, CA Kernel"', '/ModDate': "D:20210201124346+01'00'", '/Producer': 'LibreOffice 6.3', '/Subject': 'secunet eID PKI Suite Certified CA Kernel', '/Title': 'Certification Report BSI-DSZ-CC-1144-2021', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://www.bsi.bund.de/', 'https://www.sogis.eu/', 'https://www.bsi.bund.de/zertifizierung', 'http://www.commoncriteriaportal.org/cc/', 'https://www.bsi.bund.de/zertifizierungsreporte', 'http://www.commoncriteriaportal.org/', 'https://www.bsi.bund.de/AIS']}}.
    • The report_frontpage property was set to {'DE': {'match_rules': ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)'], 'cert_id': 'BSI-DSZ-CC-1144-2021', 'cert_item': 'secunet eID PKI Suite Certified CA Kernel, Version 2.0.3', 'developer': 'secunet Security Networks AG', 'cert_lab': 'BSI', 'ref_protection_profiles': 'Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Communications Security Establishment Canada, Document number: 383-6-3-CR', 'cc_version': 'PP conformant Common Criteria Part 2 extended', 'cc_security_level': 'Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.2'}}.
    • The report_keywords property was set to {'cc_cert_id': {'DE': {'BSI-DSZ-CC-1144-2021': 16, 'BSI-DSZ-CC-0960-2015': 3}, 'CA': {'383-6-3-CR': 4}}, 'cc_protection_profile_id': {}, 'cc_security_level': {'EAL': {'EAL 4': 6, 'EAL 2': 2, 'EAL 1': 1, 'EAL 2+': 1, 'EAL 4 augmented': 3}}, 'cc_sar': {'AGD': {'AGD_PRE.1': 1, 'AGD_OPE.1': 1}, 'ALC': {'ALC_FLR.2': 4, 'ALC_FLR': 3, 'ALC_CMS.4': 1}, 'AVA': {'AVA_VAN.3': 1, 'AVA_VAN.5': 1}}, 'cc_sfr': {}, 'cc_claims': {}, 'vendor': {}, 'eval_facility': {'SRC': {'SRC Security Research & Consulting': 3}}, 'symmetric_crypto': {'AES_competition': {'E2': {'E2': 1}}, 'constructions': {'MAC': {'HMAC': 3}}}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA256': 8, 'SHA-256': 1}}}, 'crypto_scheme': {}, 'crypto_protocol': {'SSH': {'SSH': 2}, 'TLS': {'TLS': {'TLS 1.2': 1}}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {'BSI': {'BSI TR-03110': 1, 'BSI 7148': 1}}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 140-2': 2}, 'BSI': {'AIS 32': 1, 'AIS 38': 1}, 'RFC': {'RFC 5280': 1}, 'ISO': {'ISO/IEC 15408': 4, 'ISO/IEC 18045': 4, 'ISO/IEC 17065': 2}, 'ICAO': {'ICAO': 1}, 'X509': {'X.509': 2}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {'ConfidentialDocument': {'being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification': 1, '08.01.2021, Evaluation Technical Report (ETR) - Summary, SRC Security Research & Consulting GmbH, (confidential document) [8] Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011': 1, 'Konfigurationsliste ALC_CMS.4, cms_secunet+eID+PKI+Suite_V.1.3.6.pdf, secunet Security Networks AG (confidential document) and Configuration list for the TOE, 06.11.2020, Liste aller source code-Dateien, dateiliste.txt': 1, 'Security Networks AG (confidential document) [10] Guidance documentation for the TOE, Version 3.4.6, 18.12.2020, Handbuch (AGD_PRE.1 und': 1}}}.
    • The report_filename property was set to 1144a_pdf.pdf.

    The computed heuristics were updated.

    • The cert_lab property was set to ['BSI'].
    • The cert_id property was set to BSI-DSZ-CC-1144-2021.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 5}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}]} values added.
  • 17.08.2024 The certificate data changed.
    Certificate changed

    The report_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1144a_pdf.pdf.

    The st_link was updated.

    • The new value is https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1144b_pdf.pdf.

    The state of the certificate object was updated.

    • The report property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.
    • The st property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.
    • The cert property was updated, with the {'download_ok': False, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': None, 'txt_hash': None} data.

    The PDF extraction data was updated.

    • The report_metadata property was set to None.
    • The st_metadata property was set to None.
    • The cert_metadata property was set to None.
    • The report_frontpage property was set to None.
    • The report_keywords property was set to None.
    • The st_keywords property was set to None.
    • The cert_keywords property was set to None.
    • The report_filename property was set to None.
    • The st_filename property was set to None.
    • The cert_filename property was set to None.

    The computed heuristics were updated.

    • The cert_lab property was set to None.
    • The cert_id property was set to None.
    • The report_references property was updated, with the {'directly_referencing': None, 'indirectly_referencing': None} data.
    • The extracted_sars property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_PRE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_CMS', 'level': 4}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_TAT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_DVS', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AGD_OPE', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ADV_IMP', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ATE_DPT', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'ALC_LCD', 'level': 1}, {'_type': 'sec_certs.sample.sar.SAR', 'family': 'AVA_VAN', 'level': 5}]} values discarded.
  • 23.07.2024 The certificate was first processed.
    New certificate

    A new Common Criteria certificate with the product name secunet eID PKI Suite Certified CA Kernel, Version 2.0.3 was processed.

Raw data

{
  "_type": "sec_certs.sample.cc.CCCertificate",
  "category": "Network and Network-Related Devices and Systems",
  "cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1144c_pdf.pdf",
  "dgst": "9c9a36e25c55c410",
  "heuristics": {
    "_type": "sec_certs.sample.cc.CCCertificate.Heuristics",
    "annotated_references": null,
    "cert_id": "BSI-DSZ-CC-1144-2021",
    "cert_lab": [
      "BSI"
    ],
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_sars": {
      "_type": "Set",
      "elements": [
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_TAT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_FLR",
          "level": 2
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_CMS",
          "level": 4
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ADV_IMP",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_OPE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_LCD",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ATE_DPT",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AGD_PRE",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "ALC_DVS",
          "level": 1
        },
        {
          "_type": "sec_certs.sample.sar.SAR",
          "family": "AVA_VAN",
          "level": 5
        }
      ]
    },
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "2.0.3"
      ]
    },
    "indirect_transitive_cves": null,
    "next_certificates": [],
    "prev_certificates": [],
    "related_cves": null,
    "report_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-0960-2015"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "BSI-DSZ-CC-0960-2015"
        ]
      }
    },
    "scheme_data": {
      "category": "Network and Network related Devices and Systems",
      "cert_id": "BSI-DSZ-CC-1144-2021",
      "certification_date": "2021-01-15",
      "enhanced": {
        "applicant": "secunet Security Networks AG Weidenauer Stra\u00dfe 223-225 57076 Siegen",
        "assurance_level": "EAL4,ALC_FLR.2",
        "cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144c_pdf.pdf?__blob=publicationFile\u0026v=4",
        "certification_date": "2021-01-15",
        "description": "The Target of evaluation is the product secunet eID PKI Suite Certified CA Kernel provided by secunet Security Networks AG. The TOE type is \"Certificate Issuing and Management Component\". The TOE is a CA (Certification Authority) Kernel that provides request, issuance, revocation, and overall management of certificates and certificate status information. The secunet eID PKI Suite Certified CA Kernel supports Extended Access Control Certification Authorities (EAC CAs,) according the Technical Guideline BSI TR-03110 and International Civil Aviation Organization CAs (ICAO CAs), which are X.509 CAs according to ITU-T X.509. For cryptographic operations the secunet CA Kernel relies on a FIPS-2 Level 3 validated Hardware Security Module (HSM). The CA-Server administrator integrates the secunet eID PKI Suite Certified CA Kernel into a TOE functional environment. He is defined as the TOE end-user.",
        "evaluation_facility": "SRC Security Research \u0026 Consulting GmbH",
        "expiration_date": "2026-01-14",
        "product": "secunet eID PKI Suite Certified CA Kernel, Version 2.0.3",
        "protection_profile": "Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Communications Security Establishment Canada, Document number: 383-6-3-CR",
        "report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144a_pdf.pdf?__blob=publicationFile\u0026v=7",
        "target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1144b_pdf.pdf?__blob=publicationFile\u0026v=4"
      },
      "product": "secunet eID PKI Suite Certified CA Kernel, Version 2.0.3",
      "url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Netzwerk_und_Kommunikationsprodukte/1144.html",
      "vendor": "secunet Security Networks AG"
    },
    "st_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "verified_cpe_matches": null
  },
  "maintenance_updates": {
    "_type": "Set",
    "elements": []
  },
  "manufacturer": "Secunet Security Networks AG",
  "manufacturer_web": "https://www.secunet.com/en/",
  "name": "secunet eID PKI Suite Certified CA Kernel, Version 2.0.3",
  "not_valid_after": "2026-01-14",
  "not_valid_before": "2021-01-15",
  "pdf_data": {
    "_type": "sec_certs.sample.cc.CCCertificate.PdfData",
    "cert_filename": "1144c_pdf.pdf",
    "cert_frontpage": null,
    "cert_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "CA": {
          "383-6-3-CR": 1
        },
        "DE": {
          "BSI-DSZ-CC-1144-2021": 1
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ALC": {
          "ALC_FLR": 1,
          "ALC_FLR.2": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 2": 1,
          "EAL 4": 1,
          "EAL 4 augmented": 1
        }
      },
      "cc_sfr": {},
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "hash_function": {},
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "ISO": {
          "ISO/IEC 15408": 2,
          "ISO/IEC 18045": 2
        }
      },
      "symmetric_crypto": {},
      "technical_report_id": {},
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "cert_metadata": {
      "/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "/CreationDate": "D:20210120142647+01\u002700\u0027",
      "/Creator": "Writer",
      "/Keywords": "\"Common Criteria, Certification, Zertifizierung, secunet, PKI Suite, CA Kernel\"",
      "/ModDate": "D:20210202150216+01\u002700\u0027",
      "/Producer": "LibreOffice 6.3",
      "/Subject": "secunet eID PKI Suite Certified CA Kernel",
      "/Title": "Certificate BSI-DSZ-CC-1144-2021",
      "pdf_file_size_bytes": 242421,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 1
    },
    "report_filename": "1144a_pdf.pdf",
    "report_frontpage": {
      "DE": {
        "cc_security_level": "Common Criteria Part 3 conformant EAL 4 augmented by ALC_FLR.2",
        "cc_version": "PP conformant Common Criteria Part 2 extended",
        "cert_id": "BSI-DSZ-CC-1144-2021",
        "cert_item": "secunet eID PKI Suite Certified CA Kernel, Version 2.0.3",
        "cert_lab": "BSI",
        "developer": "secunet Security Networks AG",
        "match_rules": [
          "(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)"
        ],
        "ref_protection_profiles": "Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011, Communications Security Establishment Canada, Document number: 383-6-3-CR"
      }
    },
    "report_keywords": {
      "asymmetric_crypto": {},
      "cc_cert_id": {
        "CA": {
          "383-6-3-CR": 4
        },
        "DE": {
          "BSI-DSZ-CC-0960-2015": 3,
          "BSI-DSZ-CC-1144-2021": 16
        }
      },
      "cc_claims": {},
      "cc_protection_profile_id": {},
      "cc_sar": {
        "AGD": {
          "AGD_OPE.1": 1,
          "AGD_PRE.1": 1
        },
        "ALC": {
          "ALC_CMS.4": 1,
          "ALC_FLR": 3,
          "ALC_FLR.2": 4
        },
        "AVA": {
          "AVA_VAN.3": 1,
          "AVA_VAN.5": 1
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 1": 1,
          "EAL 2": 2,
          "EAL 2+": 1,
          "EAL 4": 6,
          "EAL 4 augmented": 3
        }
      },
      "cc_sfr": {},
      "certification_process": {
        "ConfidentialDocument": {
          "08.01.2021, Evaluation Technical Report (ETR) - Summary, SRC Security Research \u0026 Consulting GmbH, (confidential document) [8] Certificate Issuing and Management Components Protection Profile Version 1.5, 11 August, 2011": 1,
          "Konfigurationsliste ALC_CMS.4, cms_secunet+eID+PKI+Suite_V.1.3.6.pdf, secunet Security Networks AG (confidential document) and Configuration list for the TOE, 06.11.2020, Liste aller source code-Dateien, dateiliste.txt": 1,
          "Security Networks AG (confidential document) [10] Guidance documentation for the TOE, Version 3.4.6, 18.12.2020, Handbuch (AGD_PRE.1 und": 1,
          "being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification": 1
        }
      },
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "SSH": {
          "SSH": 2
        },
        "TLS": {
          "TLS": {
            "TLS 1.2": 1
          }
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "SRC": {
          "SRC Security Research \u0026 Consulting": 3
        }
      },
      "hash_function": {
        "SHA": {
          "SHA2": {
            "SHA-256": 1,
            "SHA256": 8
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "BSI": {
          "AIS 32": 1,
          "AIS 38": 1
        },
        "FIPS": {
          "FIPS 140-2": 2
        },
        "ICAO": {
          "ICAO": 1
        },
        "ISO": {
          "ISO/IEC 15408": 4,
          "ISO/IEC 17065": 2,
          "ISO/IEC 18045": 4
        },
        "RFC": {
          "RFC 5280": 1
        },
        "X509": {
          "X.509": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "E2": {
            "E2": 1
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 3
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI 7148": 1,
          "BSI TR-03110": 1
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "report_metadata": {
      "/Author": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "/CreationDate": "D:20210120142647+01\u002700\u0027",
      "/Creator": "Writer",
      "/Keywords": "\"Common Criteria, Certification, Zertifizierung, secunet, PKI Suite, CA Kernel\"",
      "/ModDate": "D:20210201124346+01\u002700\u0027",
      "/Producer": "LibreOffice 6.3",
      "/Subject": "secunet eID PKI Suite Certified CA Kernel",
      "/Title": "Certification Report BSI-DSZ-CC-1144-2021",
      "pdf_file_size_bytes": 435936,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://www.sogis.eu/",
          "https://www.bsi.bund.de/",
          "https://www.bsi.bund.de/zertifizierung",
          "http://www.commoncriteriaportal.org/",
          "https://www.bsi.bund.de/zertifizierungsreporte",
          "https://www.bsi.bund.de/AIS",
          "http://www.commoncriteriaportal.org/cc/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 30
    },
    "st_filename": "1144b_pdf.pdf",
    "st_frontpage": null,
    "st_keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDSA": {
            "ECDSA": 2
          }
        }
      },
      "cc_cert_id": {
        "DE": {
          "BSI-DSZ-CC-1144": 2
        }
      },
      "cc_claims": {
        "A": {
          "A.CPS": 3,
          "A.HSM": 3
        },
        "OE": {
          "OE.CPS": 5,
          "OE.HSM": 5
        }
      },
      "cc_protection_profile_id": {},
      "cc_sar": {
        "ADV": {
          "ADV_ARC": 1,
          "ADV_FSP": 1,
          "ADV_IMP.1": 1,
          "ADV_TDS": 1
        },
        "AGD": {
          "AGD_OPE": 1,
          "AGD_PRE": 1
        },
        "ALC": {
          "ALC_CMC": 1,
          "ALC_CMS": 1,
          "ALC_DEL": 1,
          "ALC_DVS.1": 1,
          "ALC_FLR": 1,
          "ALC_FLR.2": 4,
          "ALC_LCD.1": 1,
          "ALC_TAT.1": 1
        },
        "ATE": {
          "ATE_COV": 1,
          "ATE_DPT.1": 1,
          "ATE_FUN": 1,
          "ATE_IND": 1
        },
        "AVA": {
          "AVA_VAN": 1,
          "AVA_VAN.5": 2
        }
      },
      "cc_security_level": {
        "EAL": {
          "EAL 4": 5,
          "EAL 4 augmented": 2,
          "EAL4": 1,
          "EAL4 augmented": 1
        }
      },
      "cc_sfr": {
        "FAU": {
          "FAU_GEN.1": 16,
          "FAU_GEN.1.1": 1,
          "FAU_GEN.1.2": 1,
          "FAU_GEN.2": 6,
          "FAU_GEN.2.1": 1,
          "FAU_SEL.1": 8,
          "FAU_SEL.1.1": 1,
          "FAU_STG.1": 10,
          "FAU_STG.1.1": 1,
          "FAU_STG.1.2": 1,
          "FAU_STG.4": 6,
          "FAU_STG.4.1": 1
        },
        "FCO": {
          "FCO_NRO_CIMC.3": 13,
          "FCO_NRO_CIMC.3.1": 1,
          "FCO_NRO_CIMC.3.2": 1,
          "FCO_NRO_CIMC.3.3": 4,
          "FCO_NRO_CIMC.4": 6,
          "FCO_NRO_CIMC.4.1": 1,
          "FCO_NRO_CIMC.4.2": 1
        },
        "FCS": {
          "FCS_CKM.1": 1,
          "FCS_CKM.4": 3,
          "FCS_CKM_CIMC.5": 7,
          "FCS_CKM_CIMC.5.1": 1,
          "FCS_SOF_CIMC.1": 1
        },
        "FDP": {
          "FDP_ACC.1": 11,
          "FDP_ACC.1.1": 1,
          "FDP_ACF.1": 12,
          "FDP_ACF.1.1": 5,
          "FDP_ACF.1.2": 1,
          "FDP_ACF.1.3": 2,
          "FDP_ACF.1.4": 2,
          "FDP_ACF_CIMC.2": 1,
          "FDP_ACF_CIMC.3": 1,
          "FDP_CIMC_CER.1": 7,
          "FDP_CIMC_CER.1.1": 2,
          "FDP_CIMC_CER.1.2": 2,
          "FDP_CIMC_CER.1.3": 2,
          "FDP_CIMC_CER.1.4": 1,
          "FDP_CIMC_CRL.1": 7,
          "FDP_CIMC_CRL.1.1": 1,
          "FDP_CIMC_CSE.1": 6,
          "FDP_CIMC_CSE.1.1": 1,
          "FDP_CIMC_OCSP.1": 2,
          "FDP_ETC_CIMC.5": 3,
          "FDP_IFC.1": 1,
          "FDP_ITT.1": 2,
          "FDP_SDI_CIMC.3": 5,
          "FDP_SDI_CIMC.3.1": 2,
          "FDP_SDI_CIMC.3.2": 2,
          "FDP_UCT.1": 2
        },
        "FIA": {
          "FIA_ATD.1": 8,
          "FIA_ATD.1.1": 1,
          "FIA_SOS.1": 8,
          "FIA_SOS.1.1": 1,
          "FIA_UAU": 1,
          "FIA_UAU.1": 9,
          "FIA_UAU.1.1": 1,
          "FIA_UAU.1.2": 1,
          "FIA_UID.1": 19,
          "FIA_UID.1.1": 1,
          "FIA_UID.1.2": 1,
          "FIA_USB.1": 6,
          "FIA_USB.1.1": 1,
          "FIA_USB.1.2": 1,
          "FIA_USB.1.3": 1
        },
        "FMT": {
          "FMT_MOF.1": 16,
          "FMT_MOF.1.1": 1,
          "FMT_MOF_CIMC.3": 7,
          "FMT_MOF_CIMC.3.1": 2,
          "FMT_MOF_CIMC.3.2": 3,
          "FMT_MOF_CIMC.3.3": 3,
          "FMT_MOF_CIMC.3.4": 2,
          "FMT_MOF_CIMC.5": 8,
          "FMT_MOF_CIMC.5.1": 2,
          "FMT_MOF_CIMC.5.2": 3,
          "FMT_MOF_CIMC.5.3": 3,
          "FMT_MOF_CIMC.6": 3,
          "FMT_MSA.1": 8,
          "FMT_MSA.1.1": 1,
          "FMT_MSA.3": 2,
          "FMT_MTD.1": 10,
          "FMT_MTD.1.1": 1,
          "FMT_MTD_CIMC.4": 1,
          "FMT_MTD_CIMC.5": 1,
          "FMT_MTD_CIMC.7": 3,
          "FMT_SMF.1": 6,
          "FMT_SMR.1": 18,
          "FMT_SMR.1.1": 1,
          "FMT_SMR.1.2": 1
        },
        "FPT": {
          "FPT_CIMC_TSP.1": 7,
          "FPT_CIMC_TSP.1.1": 1,
          "FPT_CIMC_TSP.1.2": 1,
          "FPT_CIMC_TSP.1.3": 1,
          "FPT_CIMC_TSP.1.4": 1,
          "FPT_ITC.1": 2,
          "FPT_ITT.1": 2,
          "FPT_STM.1": 3
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 1
        },
        "ECB": {
          "ECB": 1
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "SSL": {
            "SSL": 2
          }
        }
      },
      "crypto_scheme": {
        "MAC": {
          "MAC": 4
        }
      },
      "device_model": {},
      "ecc_curve": {
        "ANSSI": {
          "FRP256v1": 1
        },
        "Brainpool": {
          "brainpoolP224r1": 1,
          "brainpoolP224t1": 1,
          "brainpoolP256r1": 1,
          "brainpoolP256t1": 1,
          "brainpoolP320r1": 1,
          "brainpoolP320t1": 1,
          "brainpoolP384r1": 1,
          "brainpoolP384t1": 1,
          "brainpoolP512r1": 1,
          "brainpoolP512t1": 1
        },
        "NIST": {
          "B-163": 1,
          "B-233": 1,
          "B-283": 1,
          "B-409": 1,
          "B-571": 1,
          "Curve P-256": 1,
          "K-163": 1,
          "K-283": 1,
          "K-409": 1,
          "K-571": 1,
          "P-192": 2,
          "P-224": 4,
          "P-256": 3,
          "P-384": 4,
          "P-521": 2
        }
      },
      "eval_facility": {},
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 3
          },
          "SHA2": {
            "SHA-224": 5,
            "SHA-256": 6,
            "SHA-384": 5,
            "SHA-512": 6
          },
          "SHA3": {
            "SHA3-224": 2,
            "SHA3-256": 2,
            "SHA3-384": 2,
            "SHA3-512": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RNG": 1
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "CC": {
          "CCMB-2017-04-001": 1,
          "CCMB-2017-04-002": 1,
          "CCMB-2017-04-003": 1,
          "CCMB-2017-04-004": 1
        },
        "FIPS": {
          "FIPS 140-2": 9,
          "FIPS 186-2": 4,
          "FIPS PUB 140-2": 1,
          "FIPS140-2": 1
        },
        "ICAO": {
          "ICAO": 2
        },
        "NIST": {
          "NIST SP 800-90": 1
        },
        "PKCS": {
          "PKCS #1": 2,
          "PKCS#1": 2
        },
        "RFC": {
          "RFC 5280": 3,
          "RFC2104": 5,
          "RFC4210": 1,
          "RFC4211": 1,
          "RFC5280": 4,
          "RFC6960": 3
        },
        "X509": {
          "X.509": 30
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 3
          }
        },
        "DES": {
          "DES": {
            "DES": 3
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 12
          }
        }
      },
      "technical_report_id": {
        "BSI": {
          "BSI TR-03110": 7
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "st_metadata": {
      "/Author": "secunet Security Networks AG",
      "/CreationDate": "D:20210108101730Z00\u002700\u0027",
      "/Creator": "Word",
      "/Keywords": "Public Key Infrastructure, PKI, Certificate Issuing and Management Component",
      "/ModDate": "D:20210108111900+01\u002700\u0027",
      "/Producer": "macOS Version 10.15.7 (Build 19H2) Quartz PDFContext",
      "/Subject": "Common Criteria certification of secunet eID PKI Suite Certified CA Kernel (in short:  Certified CA Kernel)",
      "/Title": "secunet eID PKI Suite Certified CA Kernel Security Target",
      "pdf_file_size_bytes": 1688822,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 75
    }
  },
  "protection_profiles": {
    "_type": "Set",
    "elements": []
  },
  "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1144a_pdf.pdf",
  "scheme": "DE",
  "security_level": {
    "_type": "Set",
    "elements": [
      "ALC_FLR.2",
      "EAL4"
    ]
  },
  "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1144b_pdf.pdf",
  "state": {
    "_type": "sec_certs.sample.cc.CCCertificate.InternalState",
    "cert": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "860e7a5a6f89bf7f115610bdf694c2fc56a301db7cf31fbffc45343671b0b50a",
      "txt_hash": "a03ada1c13d973e22149bde4c278f27c912cedb1ec1e1a2968b8683ec8aff1e5"
    },
    "report": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "791f3810e8feabeb6ecd3b3cd7d7792cdfaccb8bbb95e7bbce38d383ff5c1dfb",
      "txt_hash": "89a08e342e5977cb9144f871c6314198b43d0acee74796d51d54cf114eba7491"
    },
    "st": {
      "_type": "sec_certs.sample.cc.CCCertificate.DocumentState",
      "convert_garbage": false,
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "pdf_hash": "829c5c955e3a5ac85ba0e37c4e3c12c2f0953e786b6e61ae15188522d8c575ee",
      "txt_hash": "7d5ec433d3dbade33ff14a74d315e0e9d5a3717a943698b1e4b4f699b466d384"
    }
  },
  "status": "active"
}