Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
Canonical Ubuntu Server 18.04.4
CSEC2019029
SECUI NXG W V2.0
None
name Canonical Ubuntu Server 18.04.4 SECUI NXG W V2.0
category Operating Systems Boundary Protection Devices and Systems
scheme SE KR
status active archived
not_valid_after 11.12.2025 01.06.2019
not_valid_before 11.12.2020 11.03.2009
cert_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/CCRA%20-%20Ubuntu.pdf
report_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/Certification%20Report%20-%20Canonical%20Ubuntu%20Server%2018.04%20LTS.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/KECS-NISS-199-EN.pdf
st_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ST%20-%20Canonical%20Ubuntu%20Server%2018.04%20LTS.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/KECS-NISS-199-ST-EN.pdf
manufacturer Canonical Group Limited Secui.com Corp.
manufacturer_web https://www.canonical.com/ https://www.secui.com
security_level EAL2, ALC_FLR.3 EAL4
dgst 17862668d38c8dbe b34fbcce8666b51b
heuristics/cert_id CSEC2019029
heuristics/extracted_sars ATE_IND.2, ASE_REQ.2, ASE_CCL.1, ADV_TDS.1, ADV_FSP.2, AGD_PRE.1, ASE_OBJ.2, ASE_SPD.1, ALC_CMS.2, ALC_CMC.2, ADV_ARC.1, AVA_VAN.2, ATE_FUN.1, ALC_DEL.1, AGD_OPE.1, ASE_TSS.1, ASE_INT.1, ATE_COV.1, ALC_FLR.3, ASE_ECD.1 {}
heuristics/extracted_versions 18.04.4 2.0
pdf_data/cert_filename CCRA - Ubuntu.pdf
pdf_data/cert_keywords/cc_cert_id
  • SE:
    • CSEC2019029: 1
pdf_data/cert_keywords/cc_protection_profile_id
pdf_data/cert_keywords/cc_security_level
  • EAL:
    • EAL 2: 2
pdf_data/cert_keywords/cc_sar
  • ALC:
    • ALC_FLR: 1
pdf_data/cert_keywords/cc_sfr
pdf_data/cert_keywords/cc_claims
pdf_data/cert_keywords/vendor
pdf_data/cert_keywords/eval_facility
  • atsec:
    • atsec: 1
pdf_data/cert_keywords/symmetric_crypto
pdf_data/cert_keywords/asymmetric_crypto
pdf_data/cert_keywords/pq_crypto
pdf_data/cert_keywords/hash_function
pdf_data/cert_keywords/crypto_scheme
pdf_data/cert_keywords/crypto_protocol
pdf_data/cert_keywords/randomness
pdf_data/cert_keywords/cipher_mode
pdf_data/cert_keywords/ecc_curve
pdf_data/cert_keywords/crypto_engine
pdf_data/cert_keywords/tls_cipher_suite
pdf_data/cert_keywords/crypto_library
pdf_data/cert_keywords/vulnerability
pdf_data/cert_keywords/side_channel_analysis
pdf_data/cert_keywords/technical_report_id
pdf_data/cert_keywords/device_model
pdf_data/cert_keywords/tee_name
pdf_data/cert_keywords/os_name
pdf_data/cert_keywords/cplc_data
pdf_data/cert_keywords/ic_data_group
pdf_data/cert_keywords/standard_id
  • ISO:
    • ISO/IEC 17065: 2
pdf_data/cert_keywords/javacard_version
pdf_data/cert_keywords/javacard_api_const
pdf_data/cert_keywords/javacard_packages
pdf_data/cert_keywords/certification_process
pdf_data/cert_metadata
  • /CreationDate: D:20201216100731+01'00'
  • /Creator: RICOH MP C4504ex
  • /ModDate: D:20201216100731+01'00'
  • /Producer: RICOH MP C4504ex
  • pdf_file_size_bytes: 908771
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 1
pdf_data/report_filename Certification Report - Canonical Ubuntu Server 18.04 LTS.pdf KECS-NISS-199-EN.pdf
pdf_data/report_keywords/cc_cert_id
  • SE:
    • CSEC2019029: 1
pdf_data/report_keywords/cc_security_level
  • EAL:
    • EAL 2: 3
pdf_data/report_keywords/cc_sar
  • ADV:
    • ADV_ARC.1: 1
    • ADV_FSP.2: 1
    • ADV_TDS.1: 1
  • AGD:
    • AGD_OPE.1: 1
    • AGD_PRE.1: 1
  • ALC:
    • ALC_CMC.2: 1
    • ALC_CMS.2: 1
    • ALC_DEL.1: 1
    • ALC_FLR.3: 5
  • ASE:
    • ASE_CCL.1: 1
    • ASE_ECD.1: 1
    • ASE_INT.1: 1
    • ASE_OBJ.2: 1
    • ASE_REQ.2: 1
    • ASE_SPD.1: 1
    • ASE_TSS.1: 1
  • ATE:
    • ATE_COV.1: 1
    • ATE_FUN.1: 1
    • ATE_IND.2: 1
  • AVA:
    • AVA_VAN.2: 1
pdf_data/report_keywords/cc_claims
  • A:
    • A.AUTHUSER: 1
    • A.CONNECT: 1
    • A.DETECT: 1
    • A.IT: 1
    • A.KEYS: 1
    • A.MANAGE: 1
    • A.PEER: 2
    • A.PHYSICAL: 1
    • A.TRAINEDUSER: 1
  • T:
    • T.ACCESS: 6
    • T.COMM: 1
    • T.IA: 2
    • T.INFOFLOW: 1
    • T.RESTRICT: 1
pdf_data/report_keywords/eval_facility
  • atsec:
    • atsec: 4
pdf_data/report_keywords/hash_function
  • PBKDF:
    • PBKDF2: 2
  • SHA:
    • SHA2:
      • SHA-256: 1
pdf_data/report_keywords/crypto_protocol
  • SSH:
    • SSH: 8
    • SSHv2: 1
pdf_data/report_keywords/vulnerability
  • CVE:
    • CVE-2018-20623: 1
    • CVE-2019-1549: 1
    • CVE-2020-10942: 1
    • CVE-2020-24977: 1
    • CVE-2020-8648: 1
pdf_data/report_keywords/standard_id
  • CC:
    • CCMB-2017-04-001: 1
    • CCMB-2017-04-002: 1
    • CCMB-2017-04-003: 1
    • CCMB-2017-04-004: 1
  • ISO:
    • ISO/IEC 17025: 2
  • RFC:
    • RFC 2460: 1
    • RFC 3484: 1
    • RFC 4213: 1
pdf_data/report_keywords/certification_process
  • OutOfScope:
    • out of scope: 1
    • revealed some residual vulnerabilities. Re- sidual vulnerabilities are vulnerabilities that are out of scope because they require a higher attack potential than the actual EAL is designed to protect from. The: 1
pdf_data/report_metadata
  • /Author: Jerry Johansson
  • /CreationDate: D:20201211132819+01'00'
  • /Creator: Microsoft® Word 2016
  • /ModDate: D:20201211132819+01'00'
  • /Producer: Microsoft® Word 2016
  • /Subject: 20FMV108-30:1
  • /Title: Certification Report - Canonical Ubuntu Server 18.04 LTS
  • pdf_file_size_bytes: 454103
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 20
pdf_data/st_filename ST - Canonical Ubuntu Server 18.04 LTS.pdf KECS-NISS-199-ST-EN.pdf
pdf_data/st_keywords/cc_cert_id
  • SE:
    • CSEC 2019029: 1
pdf_data/st_keywords/cc_security_level
  • EAL:
    • EAL2: 4
    • EAL2 augmented: 1
    • EAL4: 1
pdf_data/st_keywords/cc_sar
  • ADV:
    • ADV_ARC.1: 1
    • ADV_FSP.2: 1
    • ADV_TDS.1: 1
  • AGD:
    • AGD_OPE.1: 1
    • AGD_PRE.1: 1
  • ALC:
    • ALC_CMC.2: 1
    • ALC_CMS.2: 1
    • ALC_DEL.1: 1
    • ALC_FLR.3: 5
  • ASE:
    • ASE_CCL.1: 2
    • ASE_ECD.1: 1
    • ASE_INT.1: 1
    • ASE_OBJ.2: 1
    • ASE_REQ.2: 1
    • ASE_SPD.1: 1
    • ASE_TSS.1: 1
  • ATE:
    • ATE_COV.1: 1
    • ATE_FUN.1: 1
    • ATE_IND.2: 1
  • AVA:
    • AVA_VAN.2: 1
pdf_data/st_keywords/cc_sfr
  • FAU:
    • FAU_GEN: 2
    • FAU_GEN.1: 12
    • FAU_GEN.1.1: 1
    • FAU_GEN.1.2: 1
    • FAU_GEN.2: 6
    • FAU_GEN.2.1: 1
    • FAU_SAR.1: 8
    • FAU_SAR.1.1: 1
    • FAU_SAR.1.2: 1
    • FAU_SAR.2: 6
    • FAU_SAR.2.1: 1
    • FAU_SEL.1: 8
    • FAU_SEL.1.1: 1
    • FAU_STG.1: 10
    • FAU_STG.1.1: 1
    • FAU_STG.1.2: 1
    • FAU_STG.3: 7
    • FAU_STG.3.1: 1
    • FAU_STG.4: 8
    • FAU_STG.4.1: 1
  • FCS:
    • FCS_CKM.1: 44
    • FCS_CKM.1.1: 4
    • FCS_CKM.2: 14
    • FCS_CKM.2.1: 1
    • FCS_CKM.4: 14
    • FCS_CKM.4.1: 1
    • FCS_COP.1: 28
    • FCS_COP.1.1: 6
    • FCS_RNG: 2
    • FCS_RNG.1: 35
    • FCS_RNG.1.1: 4
    • FCS_RNG.1.2: 5
  • FDP:
    • FDP_ACC.1: 38
    • FDP_ACC.1.1: 3
    • FDP_ACC.2: 19
    • FDP_ACC.2.1: 2
    • FDP_ACC.2.2: 2
    • FDP_ACF.1: 42
    • FDP_ACF.1.1: 5
    • FDP_ACF.1.2: 5
    • FDP_ACF.1.3: 5
    • FDP_ACF.1.4: 5
    • FDP_CDP: 5
    • FDP_CDP.1: 14
    • FDP_CDP.1.1: 2
    • FDP_ETC.2: 8
    • FDP_ETC.2.1: 1
    • FDP_ETC.2.2: 1
    • FDP_ETC.2.3: 1
    • FDP_ETC.2.4: 1
    • FDP_IFC.1: 14
    • FDP_IFC.2: 20
    • FDP_IFC.2.1: 2
    • FDP_IFC.2.2: 2
    • FDP_IFF.1: 26
    • FDP_IFF.1.1: 3
    • FDP_IFF.1.2: 3
    • FDP_IFF.1.3: 3
    • FDP_IFF.1.4: 3
    • FDP_IFF.1.5: 3
    • FDP_ITC.1: 4
    • FDP_ITC.2: 22
    • FDP_ITC.2.1: 2
    • FDP_ITC.2.2: 2
    • FDP_ITC.2.3: 2
    • FDP_ITC.2.4: 2
    • FDP_ITC.2.5: 2
    • FDP_RIP.2: 13
    • FDP_RIP.2.1: 1
    • FDP_UCT: 1
  • FIA:
    • FIA_AFL.1: 9
    • FIA_AFL.1.1: 1
    • FIA_AFL.1.2: 1
    • FIA_ATD.1: 19
    • FIA_ATD.1.1: 2
    • FIA_SOS.1: 8
    • FIA_SOS.1.1: 1
    • FIA_UAU.1: 12
    • FIA_UAU.1.1: 1
    • FIA_UAU.1.2: 1
    • FIA_UAU.5: 10
    • FIA_UAU.5.1: 1
    • FIA_UAU.5.2: 1
    • FIA_UAU.7: 7
    • FIA_UAU.7.1: 1
    • FIA_UID.1: 14
    • FIA_UID.1.1: 1
    • FIA_UID.1.2: 1
    • FIA_UID.2: 8
    • FIA_UID.2.1: 1
    • FIA_USB.1: 8
    • FIA_USB.1.1: 1
    • FIA_USB.1.2: 1
    • FIA_USB.1.3: 1
  • FMT:
    • FMT_MSA.1: 50
    • FMT_MSA.1.1: 5
    • FMT_MSA.3: 51
    • FMT_MSA.3.1: 7
    • FMT_MSA.3.2: 7
    • FMT_MSA.4: 6
    • FMT_MSA.4.1: 1
    • FMT_MTD.1: 91
    • FMT_MTD.1.1: 13
    • FMT_REV.1: 15
    • FMT_REV.1.1: 2
    • FMT_REV.1.2: 2
    • FMT_SMF.1: 25
    • FMT_SMF.1.1: 1
    • FMT_SMR.1: 35
    • FMT_SMR.1.1: 1
    • FMT_SMR.1.2: 1
  • FPT:
    • FPT_STM.1: 8
    • FPT_STM.1.1: 1
    • FPT_TDC.1: 22
    • FPT_TDC.1.1: 2
    • FPT_TDC.1.2: 2
  • FTA:
    • FTA_SSL.1: 7
    • FTA_SSL.1.1: 1
    • FTA_SSL.1.2: 1
    • FTA_SSL.2: 7
    • FTA_SSL.2.1: 1
    • FTA_SSL.2.2: 1
  • FTP:
    • FTP_ITC.1: 11
    • FTP_ITC.1.1: 1
    • FTP_ITC.1.2: 1
    • FTP_ITC.1.3: 1
    • FTP_TRP.1: 2
pdf_data/st_keywords/cc_claims
  • A:
    • A.AUTHUSER: 3
    • A.CONNECT: 5
    • A.DETECT: 3
    • A.IT: 3
    • A.KEYS: 2
    • A.MANAGE: 5
    • A.PEER: 6
    • A.PHYSICAL: 4
    • A.TRAINEDUSER: 3
  • O:
    • O.AUDITING: 14
    • O.COMP: 31
    • O.CP: 17
    • O.CRYPTO: 16
    • O.DISCRETIONARY: 10
    • O.MANAGE: 26
    • O.NETWORK: 12
    • O.SUBJECT: 10
    • O.TRUSTED_CHANNEL: 5
  • OE:
    • OE.ADMIN: 6
    • OE.INFO_PROTECT: 9
    • OE.INSTALL: 4
    • OE.IT: 4
    • OE.MAINTENANCE: 3
    • OE.PHYSICAL: 3
    • OE.RECOVER: 4
    • OE.REMOTE: 4
    • OE.TRUSTED: 5
  • T:
    • T.ACCESS: 24
    • T.COMM: 4
    • T.IA: 6
    • T.INFOFLOW: 4
    • T.RESTRICT: 3
pdf_data/st_keywords/eval_facility
  • atsec:
    • atsec: 115
pdf_data/st_keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 15
      • AES-256: 2
  • DES:
    • 3DES:
      • TDES: 1
      • Triple-DES: 2
  • constructions:
    • MAC:
      • HMAC: 3
pdf_data/st_keywords/asymmetric_crypto
  • ECC:
    • ECDSA:
      • ECDSA: 16
    • EdDSA:
      • EdDSA: 5
  • FF:
    • DH:
      • Diffie-Hellman: 12
pdf_data/st_keywords/hash_function
  • PBKDF:
    • PBKDF2: 5
  • SHA:
    • SHA1:
      • SHA-1: 6
    • SHA2:
      • SHA-2: 3
      • SHA-224: 1
      • SHA-256: 4
      • SHA-384: 4
      • SHA-512: 5
pdf_data/st_keywords/crypto_scheme
  • KEX:
    • Key Exchange: 1
  • MAC:
    • MAC: 2
pdf_data/st_keywords/crypto_protocol
  • IKE:
    • IKE: 1
  • SSH:
    • SSH: 60
    • SSHv2: 8
  • TLS:
    • SSL:
      • SSL: 11
    • TLS:
      • TLS: 3
  • VPN:
    • VPN: 1
pdf_data/st_keywords/randomness
  • PRNG:
    • DRBG: 1
  • RNG:
    • RNG: 18
pdf_data/st_keywords/cipher_mode
  • CBC:
    • CBC: 5
  • CTR:
    • CTR: 3
  • ECB:
    • ECB: 2
  • GCM:
    • GCM: 1
  • XTS:
    • XTS: 3
pdf_data/st_keywords/ecc_curve
  • Edwards:
    • Ed25519: 1
  • NIST:
    • P-256: 1
    • P-384: 1
    • P-521: 1
    • curve P-256: 1
    • curve P-384: 1
    • curve P-521: 1
pdf_data/st_keywords/crypto_library
  • OpenSSL:
    • OpenSSL: 5
  • libgcrypt:
    • libgcrypt: 2
pdf_data/st_keywords/standard_id
  • BSI:
    • AIS 20: 1
    • AIS 31: 1
  • FIPS:
    • FIPS 140-2: 9
    • FIPS 180-4: 6
    • FIPS 186-4: 1
    • FIPS 186-5: 1
    • FIPS 197: 6
    • FIPS 198-1: 2
    • FIPS 46-3: 1
    • FIPS PUB 186-4: 4
    • FIPS PUB 186-5: 2
    • FIPS180-4: 2
    • FIPS197: 2
  • PKCS:
    • PKCS #1: 1
  • RFC:
    • RFC 2460: 1
    • RFC 3484: 1
    • RFC 3542: 1
    • RFC 4213: 1
    • RFC 4252: 4
    • RFC 4253: 3
    • RFC 768: 1
    • RFC 791: 2
    • RFC 792: 1
    • RFC 793: 1
    • RFC3526: 2
    • RFC4252: 6
    • RFC4253: 13
    • RFC4419: 3
    • RFC5647: 2
    • RFC5656: 4
    • RFC6668: 2
pdf_data/st_keywords/certification_process
  • OutOfScope:
    • DAC mechanism but may be supplemented by further restrictions. These additional restrictions are out of scope for this evaluation. Examples of objects which are accessible to users that cannot be used to store: 1
    • PAT) for simple as well as more complex protocols. This mechanism is out of scope for the evaluation: 1
    • as Port Address Translation (PAT) for simple as well as more complex protocols. This mechanism is out of scope for the evaluation. Furthermore, packet mangling support is provided with IPTables which is also: 1
    • out of scope: 3
pdf_data/st_metadata
state/cert/convert_garbage True False
state/cert/convert_ok True False
state/cert/download_ok True False
state/cert/extract_ok True False
state/cert/pdf_hash Different Different
state/cert/txt_hash Different Different
state/report/convert_garbage False True
state/report/extract_ok True False
state/report/pdf_hash Different Different
state/report/txt_hash Different Different
state/st/convert_garbage False True
state/st/extract_ok True False
state/st/pdf_hash Different Different
state/st/txt_hash Different Different