| name |
Citrix XenDesktop 4 Platinum Edition |
IAIK-JCE CC Core 3.15 |
| category |
Access Control Devices and Systems |
Products for Digital Signatures |
| scheme |
UK |
JP |
| status |
archived |
archived |
| not_valid_after |
05.01.2016 |
07.10.2013 |
| not_valid_before |
20.08.2010 |
27.06.2007 |
| cert_link |
None |
None |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/crp256.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0107_erpt.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/crp256st.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/c0107_est.pdf |
| manufacturer |
Citrix Systems, Inc. |
Stiftung Secure Information and Communication Technologies SIC |
| manufacturer_web |
https://www.citrix.com |
https://jce.iaik.tugraz.at/ |
| security_level |
EAL2+, ALC_FLR.2 |
EAL3 |
| dgst |
cd043f860d336c69 |
ee01e752b230504e |
| heuristics/cert_id |
CRP256 |
JISEC-CC-CRP-C0107 |
| heuristics/cert_lab |
[] |
[] |
| heuristics/cpe_matches |
cpe:2.3:a:citrix:xendesktop:4.0:*:*:*:*:*:*:* |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
CVE-2016-6493, CVE-2014-4700 |
{} |
| heuristics/direct_transitive_cves |
CVE-2012-6314, CVE-2016-6493, CVE-2014-4700 |
{} |
| heuristics/indirect_transitive_cves |
CVE-2016-6493, CVE-2012-6314, CVE-2016-4810, CVE-2014-4700 |
{} |
| heuristics/extracted_sars |
ASE_INT.1, AVA_VAN.2, ADV_FSP.2, ASE_ECD.1, ASE_TSS.1, ASE_SPD.1, ALC_DEL.1, AGD_OPE.1, AGD_PRE.1, ALC_CMS.2, ADV_TDS.1, ATE_FUN.1, ATE_COV.1, ADV_ARC.1, ASE_OBJ.2, ALC_FLR.2, ASE_REQ.2, ALC_CMC.2, ATE_IND.2, ASE_CCL.1 |
ALC_DVS.1, ATE_COV.2, ADV_RCR.1, ADV_FSP.1, ADV_HLD.2, ATE_FUN.1, AGD_USR.1, AVA_VLA.1, ATE_IND.2, AGD_ADM.1, AVA_MSU.1, ATE_DPT.1, AVA_SOF.1 |
| heuristics/extracted_versions |
4 |
3.15 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
CRP271 |
{} |
| heuristics/report_references/directly_referencing |
{} |
{} |
| heuristics/report_references/indirectly_referenced_by |
CRP271, CRP282, CRP281 |
{} |
| heuristics/report_references/indirectly_referencing |
{} |
{} |
| heuristics/scheme_data |
|
- cert_id: JISEC-CC-CRP-C0107
- certification_date: 01.06.2007
- claim: EAL3
- enhanced:
- assurance_level: EAL3
- cc_version: 2.3
- cert_link: https://www.ipa.go.jp/en/security/c0107_eimg.pdf
- description: PRODUCT DESCRIPTION The IAIK-JCE CC Core is a set of APIs and implementations of cryptographic functionality. Including: - hash functions - signature schemes - block ciphers - stream ciphers - asymmetric ciphers - message authentication codes - random number generators It supplements the security functionality of the default Java Runtime Environment. The IAIK-JCE CC Core is delivered to the customer as part of the IAIK-JCE toolkit, which extends the CC Core by additional algorithms, features and protocols.
- evaluation_facility: TÜV Informationstechnik GmbH Evaluation Body for IT-Security
- product: IAIK-JCE CC Core
- product_type: IT Product (cryptographic library)
- report_link: https://www.ipa.go.jp/en/security/c0107_erpt.pdf
- target_link: https://www.ipa.go.jp/en/security/c0107_est.pdf
- toe_version: 3.15
- vendor: Stiftung Secure Information and Communication Technologies SIC
- expiration_date: 01.10.2013
- supplier: Stiftung Secure Information and Communication Technologies SIC
- toe_japan_name: -----
- toe_overseas_link: https://www.ipa.go.jp/en/security/jisec/software/certified-cert/c0107_it6096.html
- toe_overseas_name: IAIK-JCE CC Core 3.15
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
{} |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
{} |
| heuristics/protection_profiles |
{} |
{} |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
{} |
{} |
| pdf_data/cert_filename |
None |
None |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
crp256.pdf |
c0107_erpt.pdf |
| pdf_data/report_frontpage |
|
|
| pdf_data/report_keywords/cc_cert_id |
|
- JP:
- CRP-C0107-01: 1
- Certification No. C0107: 1
|
| pdf_data/report_keywords/cc_protection_profile_id |
|
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 2: 1
- EAL 2 augmented: 1
- EAL2: 1
|
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
|
- TUV:
- TÜV Informationstechnik: 2
|
| pdf_data/report_keywords/symmetric_crypto |
|
- AES_competition:
- DES:
- constructions:
|
| pdf_data/report_keywords/asymmetric_crypto |
|
- RSA:
- RSA 1024: 1
- RSA-OAEP: 1
- RSA-PSS: 1
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
|
- RIPEMD:
- SHA:
- SHA1:
- SHA2:
- SHA-256: 7
- SHA-384: 6
- SHA-512: 7
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- CC:
- CCMB-2009-07-001: 1
- CCMB-2009-07-002: 1
- CCMB-2009-07-003: 1
- CCMB-2009-07-004: 1
|
- BSI:
- CC:
- CCMB-2005-08-001: 2
- CCMB-2005-08-002: 2
- CCMB-2005-08-003: 2
- CCMB-2005-08-004: 2
- FIPS:
- FIPS 46-3: 2
- FIPS PUB 180-1: 5
- FIPS PUB 180-2: 11
- FIPS PUB 197: 3
- FIPS PUB 46-3: 1
- ISO:
- ISO/IEC 10118-3: 4
- ISO/IEC 15408:2005: 1
- ISO/IEC 18045:2005: 2
- PKCS:
- RFC:
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
|
- OutOfScope:
- out of scope: 1
- secret. A.KeyManagement The IT-Environment is responsible for key management. Key management is out of scope of the TOE. O.PrivateKey and O.SecretKey, needed for computation of O.CipherText, O.MAC and O: 1
|
| pdf_data/report_metadata |
- /Author:
- /Company: CESG Certification Body
- /CreationDate: D:20100823173833+01'00'
- /Creator: Acrobat PDFMaker 9.0 for Word
- /ModDate: D:20100831083026+01'00'
- /Producer: Acrobat Distiller 9.0.0 (Windows)
- /SourceModified: D:20100823163452
- /Title: Certification Report CRP256
- /_AdHocReviewCycleID: 703382741
- /_AuthorEmail: Nigel.WhittakerAxon@cesg.gsi.gov.uk
- /_AuthorEmailDisplayName: WhittakerAxon, Nigel
- /_EmailSubject: T005 - certified!
- pdf_file_size_bytes: 500557
- pdf_hyperlinks: https://www.citrix.com/security
- pdf_is_encrypted: False
- pdf_number_of_pages: 20
|
- /CreationDate: D:20080207191148+09'00'
- /ModDate: D:20080207191148+09'00'
- /Producer: Acrobat Distiller 6.0 (Windows)
- /Title: untitled
- pdf_file_size_bytes: 132396
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 20
|
| pdf_data/st_filename |
crp256st.pdf |
c0107_est.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
|
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL2: 5
- EAL2 augmented: 2
|
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 1
- ADV_FSP.2: 1
- ADV_TDS.1: 1
- AGD:
- AGD_OPE.1: 1
- AGD_PRE.1: 1
- ALC:
- ALC_CMC.2: 1
- ALC_CMS.2: 1
- ALC_DEL.1: 1
- ALC_FLR.2: 5
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.1: 1
- ATE_FUN.1: 1
- ATE_IND.2: 1
- AVA:
|
- ACM:
- ACM_CAP.3: 4
- ACM_SCP.1: 3
- ADO:
- ADO_DEL.1: 4
- ADO_IGS.1: 4
- ADV:
- ADV_FSP.1: 11
- ADV_HLD.1: 3
- ADV_HLD.2: 3
- ADV_RCR.1: 4
- AGD:
- AGD_ADM.1: 8
- AGD_USR.1: 6
- ALC:
- ATE:
- ATE_COV.2: 4
- ATE_DPT.1: 1
- ATE_FUN.1: 6
- ATE_IND.2: 3
- AVA:
- AVA_MSU.1: 4
- AVA_SOF.1: 2
- AVA_VLA.1: 4
|
| pdf_data/st_keywords/cc_sfr |
- FCO:
- FCO_SCO: 38
- FCO_SCO.1: 21
- FCO_SCO.1.1: 1
- FCO_SCO.1.2: 1
- FCO_SCO.1.3: 2
- FCO_SCO.1.4: 1
- FCS:
- FCS_ECA: 18
- FCS_ECA.1: 7
- FCS_ECA.1.1: 1
- FDP:
- FDP_ACC: 24
- FDP_ACC.1: 5
- FDP_ACF: 23
- FDP_ACF.1: 10
- FDP_IFC.1: 1
- FDP_RIP: 7
- FDP_RIP.1: 1
- FIA:
- FIA_ATD: 8
- FIA_ATD.1: 1
- FIA_UAU: 8
- FIA_UAU.2: 1
- FIA_UID: 10
- FIA_UID.1: 2
- FIA_UID.2: 1
- FMT:
- FMT_MOF: 10
- FMT_MOF.1: 1
- FMT_MSA: 35
- FMT_MSA.1: 3
- FMT_MSA.3: 6
- FMT_SMF: 17
- FMT_SMF.1: 4
- FMT_SMR: 18
- FMT_SMR.1: 6
|
- FCS:
- FCS_CKM: 87
- FCS_CKM.1: 4
- FCS_CKM.2: 9
- FCS_CKM.4: 26
- FCS_CKM.4.1: 2
- FCS_COP: 123
- FCS_COP.1: 9
- FCS_RND: 21
- FCS_RND.1: 5
- FCS_RND.1.1: 1
- FCS_RND.1.2: 1
- FDP:
- FDP_ACC.1: 2
- FDP_IFC.1: 2
- FDP_ITC: 13
- FDP_ITC.1: 41
- FDP_ITC.1.1: 1
- FDP_ITC.1.2: 1
- FDP_ITC.1.3: 1
- FDP_ITC.2: 22
- FDP_RIP.1: 3
- FDP_RIP.1.1: 2
- FMT:
- FMT_MSA: 6
- FMT_MSA.2: 32
- FMT_MSA.3: 2
- FPT:
|
| pdf_data/st_keywords/cc_claims |
|
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
- TUV:
- TÜV Informationstechnik: 1
|
| pdf_data/st_keywords/symmetric_crypto |
|
- AES_competition:
- DES:
- 3DES:
- Triple-DES: 3
- TripleDES: 1
- DES:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
|
- RSA:
- RSA 1024: 1
- RSA-OAEP: 1
- RSA-PSS: 1
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
|
- RIPEMD:
- SHA:
- SHA1:
- SHA2:
- SHA-256: 17
- SHA-384: 14
- SHA-512: 17
|
| pdf_data/st_keywords/crypto_scheme |
|
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
- TLS:
- TLS_RSA_WITH_3DES_EDE_CBC_SHA: 3
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
|
|
| pdf_data/st_keywords/standard_id |
- CC:
- CCMB-2009-07-001: 1
- CCMB-2009-07-002: 1
- CCMB-2009-07-003: 1
- CCMB-2009-07-004: 1
- FIPS:
- FIPS 140: 2
- FIPS 140-2: 9
- FIPS PUB 140-2: 1
- FIPS140-2: 10
- RFC:
|
- BSI:
- AIS 20: 1
- AIS 31: 2
- AIS20: 7
- AIS31: 1
- FIPS:
- FIPS 46-3: 4
- FIPS PUB 180-1: 11
- FIPS PUB 180-2: 29
- FIPS PUB 186-2: 2
- FIPS PUB 197: 5
- FIPS PUB 46-3: 3
- ISO:
- PKCS:
- RFC:
- RFC 2104: 5
- RFC 2268: 5
- RFC2104: 1
- RFC2268: 1
- X509:
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
|
| pdf_data/st_keywords/certification_process |
- OutOfScope:
- 17 1.4.3 Summary of items out of scope of the TOE : 2
- Ver 1-0 SPB 17 August 2010 Page 18 of 53 Figure 4: Logical boundaries 1.4.3 Summary of items out of scope of the TOE The items out of scope of the TOE include the Microsoft components with which Citrix: 1
- integrates, as detailed in section 1.2.3. Also out of scope of the TOE are the following Citrix components which are included in XenDesktop Platinum Edition: •: 1
- out of scope: 4
|
- OutOfScope:
- Key Management. The IT-Environment is responsible for key management. Key management is out of scope of the TOE. O.PrivateKey and O.SecretKey, needed for computation of O.CipherText, O.MAC and O: 1
- its own key pad for entering this authentication data. Displaying data to be signed or verified is out of scope of the TOE. • Conventional Signatures. The TOE is used without hardware support to create: 1
- out of scope: 3
- several algorithms that can be used for data encryption and decryption. Key management is out of scope of the TOE. The application provides the keys to the TOE. The TOE does not modify the keys it gets: 1
|
| pdf_data/st_metadata |
- /Author:
- /CreationDate: D:20100816144755Z
- /Creator: PScript5.dll Version 5.2
- /ModDate: D:20100831083207+01'00'
- /Producer: GPL Ghostscript 8.15
- /Title: CIN2-ST-0001 v1-0
- pdf_file_size_bytes: 1833337
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 53
|
- /Author: Karl Scheibelhofer, Dieter Bratko, Harald Bratko
- /Company: IAIK, Graz University of Technology, Stiftung SIC
- /CreationDate: D:20070523123515+02'00'
- /Creator: Acrobat PDFMaker 7.0.5 für Word
- /Manager: Karl Scheibelhofer
- /ModDate: D:20070523123643+02'00'
- /Producer: Acrobat Distiller 7.0.5 (Windows)
- /SourceModified: D:20070523103041
- /Subject: Common Criteria Evaluation of IAIK-JCE
- /Title: Security Target, IAIK-JCE CC
- /Version: 1.8
- pdf_file_size_bytes: 413325
- pdf_hyperlinks: http://java.sun.com/products/archive/jdk/1.1/index.html, http://java.sun.com/j2se/1.4.2/docs/api/, http://java.sun.com/j2se/1.4.2/docs/guide/security/HowToImplAProvider.html, http://java.sun.com/docs/books/vmspec/index.html, http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf, http://www.ietf.org/rfc/rfc2104.txt, http://java.sun.com/j2se/1.4/docs/guide/security/CryptoSpec.html, http://www.ietf.org/rfc/rfc2268.txt, http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf, http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/JCERefGuide.html, http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide.html, http://www.commoncriteriaportal.org/, http://java.sun.com/j2se/1.4.2/docs/api/javax/crypto/package-summary.html, http://java.sun.com/j2se/1.5.0/docs/api/java/security/package-summary.html, http://java.sun.com/security/index.html, http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/, http://java.sun.com/j2se/1.4.2/docs/api/java/security/package-summary.html, http://java.sun.com/products/jce/, http://java.sun.com/j2se/1.4.2/docs/guide/security/jce/HowToImplAJCEProvider.html, http://java.sun.com/j2se/1.5.0/docs/api/, http://java.sun.com/j2se/1.5/docs/guide/security/CryptoSpec.html, http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf
- pdf_is_encrypted: False
- pdf_number_of_pages: 55
|
| state/cert/convert_garbage |
False |
False |
| state/cert/convert_ok |
False |
False |
| state/cert/download_ok |
False |
False |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Equal |
Equal |
| state/cert/txt_hash |
Equal |
Equal |
| state/report/convert_garbage |
False |
False |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
False |
False |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |