This page was not yet optimized for use on mobile
devices.
secunet konnektor 2.1.0, Version 5.0.5:2.1.0
CSV information
| Status | active |
|---|---|
| Valid from | 08.04.2022 |
| Valid until | 07.04.2027 |
| Scheme | 🇩🇪 DE |
| Manufacturer | Secunet Security Networks AG |
| Category | Key Management Systems |
| Security level | ADV_IMP.1, ADV_TDS.3, ADV_FSP.4, AVA_VAN.5, ALC_TAT.1, ALC_FLR.2, EAL3+ |
| Protection profiles |
Heuristics summary
Certificate ID: BSI-DSZ-CC-1128-V4-2022
Certificate
certificate file processing did not finish successfully.
Show more...
Download pdf:
OK
Convert pdf to text:
OK
Extract keywords:
ERROR
Extracted keywords
Security level
EAL 3, EAL 5, EAL 4, EAL 2Security Assurance Requirements (SAR)
ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, ALC_TAT.1, ALC_FLR.2, ALC_FLR, AVA_VAN.5Protection profiles
BSI-CC-PP-0097-Certificates
BSI-DSZ-CC-1128-V4-2022Standards
ISO/IEC 15408, ISO/IEC 18045Certification report
Extracted keywords
Symmetric Algorithms
AES, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
ECDH, ECDSA, ECC, Diffie-Hellman, DHHash functions
SHA-1, SHA-256, SHA-512Schemes
Key Exchange, AEADProtocols
TLS, TLS v1.2, TLSv1.2, IKEv2, IKE, IPsec, VPNBlock cipher modes
CBC, GCMOperating System name
STARCOS 3Security level
EAL 3, EAL 5, EAL 4, EAL 2, EAL 1, EAL 5+, EAL 6Claims
OE.NKSecurity Assurance Requirements (SAR)
ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, ALC_TAT.1, ALC_FLR.2, ALC_FLR, ALC_CMS.4, ALC_CMS, AVA_VAN.5, AVA_ACCSecurity Functional Requirements (SFR)
FCS_COP, FCS_CKM.1, FCS_CKM, FDP_ITC, FDP_UIT, FPT_TDC, FTP_ITC, FTP_TRPProtection profiles
BSI-CC-PP-0097-, BSI-CC-PP-0097-V2-2020-MA-, BSI-CC-PP-0097-2021Certificates
BSI-DSZ-CC-1128-V4-2022, BSI-DSZ-CC-1128-V3-2021, BSI-DSZ-CC-1128-V4-2021Evaluation facilities
SRC Security Research & ConsultingStandards
FIPS180-4, FIPS 180-4, FIPS186-4, FIPS 197, FIPS PUB 180-4, FIPS197, SP 800-38D, PKCS#1, PKCS#12, AIS 34, AIS 20, AIS 32, RFC8017, RFC-5639, RFC-8017, RFC-6931, RFC3526, RFC7296, RFC-5246, RFC-3268, RFC-4492, RFC-3526, RFC 7027, RFC-2404, RFC-2104, RFC4055, RFC5280, RFC7292, RFC-4868, RFC-7296, RFC-3602, RFC-4303, RFC-4301, RFC-5289, RFC-5116, RFC-4880, RFC2104, RFC 2104, RFC2404, RFC3268, RFC 3268, RFC3602, RFC4301, RFC4303, RFC4346, RFC4868, RFC4880, RFC5246, RFC5289, RFC5996, RFC7027, ISO/IEC 15408, ISO/IEC 18045, ISO/IEC 17065, X.509Technical reports
BSI TR-02102, BSI TR-03116-1, BSI TR-03154, BSI TR-03155, BSI TR-03157, BSI 7148File metadata
| Title | Zertifizierungsreport BSI-DSZ-CC-1128-V4-2022 |
|---|---|
| Subject | Zertifizierungsreport BSI-DSZ-CC-1128-V4-2022 |
| Keywords | "Common Criteria, Certification, Zertifizierung, eHealth, Konnektor" |
| Author | Bundesamt für Sicherheit in der Informtionstechnik |
| Creation date | D:20220411134611+02'00' |
| Modification date | D:20220411151837+02'00' |
| Pages | 35 |
| Creator | Writer |
| Producer | LibreOffice 6.3 |
Frontpage
| Certificate ID | BSI-DSZ-CC-1128-V4-2022 |
|---|---|
| Certified item | secunet konnektor 2.1.0, Version 5.0.5:2.1.0 |
| Certification lab | BSI |
| Developer | secunet Security Networks AG |
References
Outgoing- BSI-DSZ-CC-1128-V3-2021 - active - secunet konnektor 2.1.0, Version 4.1.3:2.1.0
- BSI-DSZ-CC-1128-V5-2022 - active - secunet konnektor 2.1.0, Version 5.1.2:2.1.0
Security target
Extracted keywords
Symmetric Algorithms
AES, AES-128, AES-256, HPC, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
RSA 2048, ECDSA, ECC, Diffie-HellmanHash functions
SHA-1, SHA-256, SHA-2Schemes
MAC, Key ExchangeProtocols
SSL, TLS, TLS 1.3, TLS 1.2, IKEv2, IKE, IPsec, VPNRandomness
RNGElliptic Curves
P-256, P-384, brainpoolP256r1, brainpoolP384r1Block cipher modes
CBC, GCMTLS cipher suites
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384132Operating System name
STARCOS 3Security level
EAL3Claims
O.NK, T.NK, A.NK, OE.NK, OSP.NKSecurity Assurance Requirements (SAR)
ADV_ARC, ADV_FSP.4, ADV_TDS.3, ADV_IMP.1, ADV_ARC.1, ADV_TDS.2, ADV_TDS.1, AGD_OPE.1, AGD_OPE, AGD_PRE.1, ALC_DEL.1, ALC_TAT.1, ALC_FLR.2, ATE_DPT.1, AVA_VAN.5, AVA_VANSecurity Functional Requirements (SFR)
FAU_STG, FAU_GEN, FAU_GEN.1, FAU_GEN.2, FCS_COP, FCS_CKM.1, FCS_CKM.4, FCS_COP.1, FCS_CKM, FCS_CKM.2, FDP_IFC, FDP_IFF, FDP_IFF.1, FDP_IFC.1, FDP_RIP, FDP_RIP.1, FDP_ACC.1, FDP_ACC, FDP_ACF.1, FDP_ACF, FDP_ITC, FDP_ITC.1, FDP_UIT, FDP_UIT.1, FDP_ITC.2, FDP_ETC, FDP_ETC.2, FIA_UAU, FIA_UID.1, FIA_UID, FIA_UAU.1, FMT_MTD.1, FMT_MSA, FMT_MSA.3, FMT_MSA.1, FMT_SMR.1, FMT_SMR.1.1, FMT_MOF, FMT_MTD, FMT_SMF.1, FMT_SMF, FMT_MOF.1, FPT_EMS, FPT_EMS.1, FPT_STM, FPT_EMS.1.1, FPT_EMS.1.2, FPT_TDC, FPT_STM.1, FPT_TDC.1, FPT_TST, FPT_TST.1, FTP_ITC, FTP_TRP, FTP_ITC.1, FTP_TRP.1Protection profiles
BSI-CC-PP-0097, BSI-CC-PP-0098, BSI-CC-PP-0097“Certificates
BSI-DSZ-CC-1128-V4-2021Side-channel analysis
side channelStandards
FIPS PUB 180-4, FIPS 197, FIPS PUB 186-4, FIPS 180-4, PKCS#1, PKCS#12, PKCS #12, RFC 2131, RFC 2132, RFC 4301, RFC 4303, RFC 7296, RFC 3602, RFC 2404, RFC 4868, RFC 8017, RFC 5246, RFC-5639, RFC-7027, RFC 2104, RFC 8422, RFC 5289, RFC 4055, RFC 5639, RFC 2402, RFC 4302, RFC 2406, RFC 2401, RFC 791, RFC 2460, RFC 2663, RFC 958, RFC 2560, RFC 4330, RFC 793, RFC 1323, RFC7296, RFC 5905, RFC 3526, RFC 8446, RFC 3268, RFC 5280, RFC 7027, X.509, CCMB-2017-04-002, CCMB-2017-04-003, CCMB-2017-04-004Technical reports
BSI TR-03116-1, BSI TR-03111, BSI TR-03144File metadata
| Author | Röhnelt, Andreas |
|---|---|
| Creation date | D:20220303173233+01'00' |
| Modification date | D:20220303173233+01'00' |
| Pages | 154 |
| Creator | Microsoft® Word 2016 |
| Producer | Microsoft® Word 2016 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.Certificate ID
BSI-DSZ-CC-1128-V4-2022Extracted SARs
ADV_ARC.1, ADV_FSP.4, ADV_IMP.1, ADV_TDS.3, AGD_OPE.1, AGD_PRE.1, ALC_CMS.4, ALC_DEL.1, ALC_FLR.2, ALC_TAT.1, ATE_DPT.1, AVA_VAN.5Similar certificates
Showing 5 out of 28.
Scheme data
| Cert Id | BSI-DSZ-CC-1209-V2-2025 | |
|---|---|---|
| Product | secunet konnektor 2.0.0 und 2.1.0 Version 5.70.4:2.0.0 und 5.70.4:2.1.0 | |
| Vendor | secunet Security Networks AG | |
| Certification Date | 10.06.2025 | |
| Category | eHealth | |
| Url | https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_Software/1209.html | |
| Enhanced | ||
| Product | secunet konnektor 2.0.0 und 2.1.0 Version 5.70.4:2.0.0 und 5.70.4:2.1.0 | |
| Applicant | secunet Security Networks AG Weidenauer Straße 223-225 57076 Siegen Deutschland | |
| Evaluation Facility | SRC Security Research & Consulting GmbH | |
| Assurance Level | EAL3,ADV_FSP.4,ADV_IMP.1,ADV_TDS.3,ALC_FLR.2,ALC_TAT.1,AVA_VAN.3 | |
| Protection Profile | Common Criteria Schutzprofil (Protection Profile), Schutzprofil 2: Anforderungen an den Konnektor, BSI-CC-PP-0098-V3-2021-MA-02, Version 1.6.1, 15.03.2023, Bundesamt für Sicherheit in der Informationstechnik (BSI) | |
| Certification Date | 10.06.2025 | |
| Expiration Date | 09.06.2030 | |
| Entries | [frozendict({'id': 'BSI', 'description': 'Der Evaluationsgegenstand (EVG) ist ein Softwareprodukt, bestehend aus dem Netz- und dem Anwendungskonnektor nach dem Schutzprofil BSI-CC-PP-0098. Der Netzkonnektor setzt die Sicherheitsfunktionalität einer Firewall, einer VPN-Client, eines NTP Server, DNS und DHCP Service um. Weiterhin setzt der EVG die Basisfunktionalität zum Herstellen von sicheren TLS-Verbindungen zu anderen IT-Produkten um. Der TOE ist Teil des Konnektors und wird vorinstalliert auf exakt einer Hardwarekonfiguration ausgeliefert. Die Sicherheitsfunktionalität des Anwendungskonnektors umfasst die Signaturanwendung, die Verschlüsselung und Entschlüsselung von Dokumenten, den Kartenterminaldienst und den Chipkartendienst. Zusammen mit dem Netzkonnektor ermöglicht der Anwendungskonnektor zudem die gesicherte Kommunikation zwischen dem Konnektor und dem Clientsystem sowie zwischen Fachmodulen und Fachdiensten.'}), frozendict({'id': 'The Target of evaluation (TOE) is a software product consisting of the Netzkonnektor and the Anwendungskonnektor as specified in the Protection Profile BSI-CC-PP-0098. The Netzkonnektor includes the security functionality of a Firewall, a VPN-client, an NTP Server, a name service (DNS) and a DHCP service. The TOE also includes the basic functions for establishment of secure TLS connections to other IT products. The TOE is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration. The security functionality of the Anwendungskonnektor comprises the signature service, encryption and decryption of documents, a card terminal service and a smart card service. Together with the network connector, the Anwendungskonnektor also enables secure communication between the connector and the client system and between Fachmodulen and Fachdiensten.BSI-DSZ-CC-1209-2023-MA-02 (Ausstellungsdatum / Certification Date 19.08.2024)', 'description': 'Security Target'}), frozendict({'id': 'BSI-DSZ-CC-1209-2023-MA-01 (Ausstellungsdatum / Certification Date 31.10.2023)', 'description': 'Security Target'}), frozendict({'id': 'BSI-DSZ-CC-1209-2023 (Ausstellungsdatum / Certification Date 19.10.2023, gültlig bis / valid until 18.10.2028)', 'description': 'Certificate'})] | |
| Report Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1209V2a_pdf.pdf?__blob=publicationFile&v=2 | |
| Target Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1209V2b_pdf.pdf?__blob=publicationFile&v=2 | |
| Cert Link | https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1209V2c_pdf.pdf?__blob=publicationFile&v=2 | |
| Description | The Target of evaluation (TOE) is a software product consisting of the Netzkonnektor and the Anwendungskonnektor as specified in the Protection Profile BSI-CC-PP-0098. The Netzkonnektor includes the security functionality of a Firewall, a VPN-client, an NTP Server, a name service (DNS) and a DHCP service. The TOE also includes the basic functions for establishment of secure TLS connections to other IT products. The TOE is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration. The security functionality of the Anwendungskonnektor comprises the signature service, encryption and decryption of documents, a card terminal service and a smart card service. Together with the network connector, the Anwendungskonnektor also enables secure communication between the connector and the client system and between Fachmodulen and Fachdiensten. | |
| Subcategory | Software | |
References
Loading...
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.cc.CCCertificate",
"category": "Key Management Systems",
"cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1128V4c_pdf.pdf",
"dgst": "e7f32273d0c69183",
"heuristics": {
"_type": "sec_certs.sample.cc_eucc_common.Heuristics",
"annotated_references": null,
"cert_id": "BSI-DSZ-CC-1128-V4-2022",
"cert_lab": [
"BSI"
],
"cpe_matches": null,
"direct_transitive_cves": null,
"eal": "EAL3+",
"extracted_sars": {
"_type": "Set",
"elements": [
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_TAT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AVA_VAN",
"level": 5
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_OPE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_ARC",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_IMP",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "AGD_PRE",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_FSP",
"level": 4
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ATE_DPT",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_FLR",
"level": 2
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_DEL",
"level": 1
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ADV_TDS",
"level": 3
},
{
"_type": "sec_certs.sample.sar.SAR",
"family": "ALC_CMS",
"level": 4
}
]
},
"extracted_versions": {
"_type": "Set",
"elements": [
"5.0.5",
"2.1.0"
]
},
"indirect_transitive_cves": null,
"next_certificates": null,
"prev_certificates": null,
"protection_profiles": {
"_type": "Set",
"elements": [
"19e2d2b1593c97a5"
]
},
"related_cves": null,
"report_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1128-V5-2022"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1128-V3-2021"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1128-V5-2022"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"BSI-DSZ-CC-1128-V3-2021",
"BSI-DSZ-CC-1044-V2-2019",
"BSI-DSZ-CC-1044-2019"
]
}
},
"scheme_data": {
"category": "eHealth",
"cert_id": "BSI-DSZ-CC-1209-V2-2025",
"certification_date": "2025-06-10",
"enhanced": {
"applicant": "secunet Security Networks AG Weidenauer Stra\u00dfe 223-225 57076 Siegen Deutschland",
"assurance_level": "EAL3,ADV_FSP.4,ADV_IMP.1,ADV_TDS.3,ALC_FLR.2,ALC_TAT.1,AVA_VAN.3",
"cert_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1209V2c_pdf.pdf?__blob=publicationFile\u0026v=2",
"certification_date": "2025-06-10",
"description": "The Target of evaluation (TOE) is a software product consisting of the Netzkonnektor and the Anwendungskonnektor as specified in the Protection Profile BSI-CC-PP-0098. The Netzkonnektor includes the security functionality of a Firewall, a VPN-client, an NTP Server, a name service (DNS) and a DHCP service. The TOE also includes the basic functions for establishment of secure TLS connections to other IT products. The TOE is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration. The security functionality of the Anwendungskonnektor comprises the signature service, encryption and decryption of documents, a card terminal service and a smart card service. Together with the network connector, the Anwendungskonnektor also enables secure communication between the connector and the client system and between Fachmodulen and Fachdiensten.",
"entries": [
{
"description": "Der Evaluationsgegenstand (EVG) ist ein Softwareprodukt, bestehend aus dem Netz- und dem Anwendungskonnektor nach dem Schutzprofil BSI-CC-PP-0098. Der Netzkonnektor setzt die Sicherheitsfunktionalit\u00e4t einer Firewall, einer VPN-Client, eines NTP Server, DNS und DHCP Service um. Weiterhin setzt der EVG die Basisfunktionalit\u00e4t zum Herstellen von sicheren TLS-Verbindungen zu anderen IT-Produkten um. Der TOE ist Teil des Konnektors und wird vorinstalliert auf exakt einer Hardwarekonfiguration ausgeliefert. Die Sicherheitsfunktionalit\u00e4t des Anwendungskonnektors umfasst die Signaturanwendung, die Verschl\u00fcsselung und Entschl\u00fcsselung von Dokumenten, den Kartenterminaldienst und den Chipkartendienst. Zusammen mit dem Netzkonnektor erm\u00f6glicht der Anwendungskonnektor zudem die gesicherte Kommunikation zwischen dem Konnektor und dem Clientsystem sowie zwischen Fachmodulen und Fachdiensten.",
"id": "BSI"
},
{
"description": "Security Target",
"id": "The Target of evaluation (TOE) is a software product consisting of the Netzkonnektor and the Anwendungskonnektor as specified in the Protection Profile BSI-CC-PP-0098. The Netzkonnektor includes the security functionality of a Firewall, a VPN-client, an NTP Server, a name service (DNS) and a DHCP service. The TOE also includes the basic functions for establishment of secure TLS connections to other IT products. The TOE is part of the Konnektor and it is delivered pre-installed on exactly one hardware-configuration. The security functionality of the Anwendungskonnektor comprises the signature service, encryption and decryption of documents, a card terminal service and a smart card service. Together with the network connector, the Anwendungskonnektor also enables secure communication between the connector and the client system and between Fachmodulen and Fachdiensten.BSI-DSZ-CC-1209-2023-MA-02 (Ausstellungsdatum / Certification Date 19.08.2024)"
},
{
"description": "Security Target",
"id": "BSI-DSZ-CC-1209-2023-MA-01 (Ausstellungsdatum / Certification Date 31.10.2023)"
},
{
"description": "Certificate",
"id": "BSI-DSZ-CC-1209-2023 (Ausstellungsdatum / Certification Date 19.10.2023, g\u00fcltlig bis / valid until 18.10.2028)"
}
],
"evaluation_facility": "SRC Security Research \u0026 Consulting GmbH",
"expiration_date": "2030-06-09",
"product": "secunet konnektor 2.0.0 und 2.1.0 Version 5.70.4:2.0.0 und 5.70.4:2.1.0",
"protection_profile": "Common Criteria Schutzprofil (Protection Profile), Schutzprofil 2: Anforderungen an den Konnektor, BSI-CC-PP-0098-V3-2021-MA-02, Version 1.6.1, 15.03.2023, Bundesamt f\u00fcr Sicherheit in der Informationstechnik (BSI)",
"report_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1209V2a_pdf.pdf?__blob=publicationFile\u0026v=2",
"target_link": "https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1200/1209V2b_pdf.pdf?__blob=publicationFile\u0026v=2"
},
"product": "secunet konnektor 2.0.0 und 2.1.0 Version 5.70.4:2.0.0 und 5.70.4:2.1.0",
"subcategory": "Software",
"url": "https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Gesundheitswesen_Software/1209.html",
"vendor": "secunet Security Networks AG"
},
"st_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"verified_cpe_matches": null
},
"maintenance_updates": {
"_type": "Set",
"elements": []
},
"manufacturer": "Secunet Security Networks AG",
"manufacturer_web": "https://www.secunet.com/en/",
"name": "secunet konnektor 2.1.0, Version 5.0.5:2.1.0",
"not_valid_after": "2027-04-07",
"not_valid_before": "2022-04-08",
"pdf_data": {
"_type": "sec_certs.sample.cc_eucc_common.PdfData",
"cert_filename": "1128V4c_pdf.pdf",
"cert_frontpage": null,
"cert_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1128-V4-2022": 1
}
},
"cc_claims": {},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0097-": 1
}
},
"cc_sar": {
"ADV": {
"ADV_FSP.4": 1,
"ADV_IMP.1": 1,
"ADV_TDS.3": 1
},
"ALC": {
"ALC_FLR": 1,
"ALC_FLR.2": 1,
"ALC_TAT.1": 1
},
"AVA": {
"AVA_VAN.5": 1
}
},
"cc_security_level": {
"EAL": {
"EAL 2": 1,
"EAL 3": 1,
"EAL 4": 1,
"EAL 5": 1
}
},
"cc_sfr": {},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"ISO": {
"ISO/IEC 15408": 2,
"ISO/IEC 18045": 2
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"cert_metadata": null,
"report_filename": "1128V4a_pdf.pdf",
"report_frontpage": {
"DE": {
"cert_id": "BSI-DSZ-CC-1128-V4-2022",
"cert_item": "secunet konnektor 2.1.0, Version 5.0.5:2.1.0",
"cert_lab": "BSI",
"developer": "secunet Security Networks AG",
"match_rules": [
"(BSI-DSZ-CC-.+?) zu (.+?) der (.*)"
]
}
},
"report_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 3
},
"ECDH": {
"ECDH": 3
},
"ECDSA": {
"ECDSA": 6
}
},
"FF": {
"DH": {
"DH": 7,
"Diffie-Hellman": 3
}
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1128-V3-2021": 2,
"BSI-DSZ-CC-1128-V4-2021": 1,
"BSI-DSZ-CC-1128-V4-2022": 17
}
},
"cc_claims": {
"OE": {
"OE.NK": 4
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0097-": 1,
"BSI-CC-PP-0097-2021": 1,
"BSI-CC-PP-0097-V2-2020-MA-": 1
}
},
"cc_sar": {
"ADV": {
"ADV_FSP.4": 4,
"ADV_IMP.1": 4,
"ADV_TDS.3": 4
},
"ALC": {
"ALC_CMS": 1,
"ALC_CMS.4": 1,
"ALC_FLR": 3,
"ALC_FLR.2": 4,
"ALC_TAT.1": 4
},
"AVA": {
"AVA_ACC": 1,
"AVA_VAN.5": 6
}
},
"cc_security_level": {
"EAL": {
"EAL 1": 1,
"EAL 2": 3,
"EAL 3": 4,
"EAL 4": 4,
"EAL 5": 1,
"EAL 5+": 1,
"EAL 6": 1
}
},
"cc_sfr": {
"FCS": {
"FCS_CKM": 5,
"FCS_CKM.1": 1,
"FCS_COP": 11
},
"FDP": {
"FDP_ITC": 2,
"FDP_UIT": 2
},
"FPT": {
"FPT_TDC": 9
},
"FTP": {
"FTP_ITC": 3,
"FTP_TRP": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 1
},
"GCM": {
"GCM": 5
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 3,
"IKEv2": 9
},
"IPsec": {
"IPsec": 8
},
"TLS": {
"TLS": {
"TLS": 35,
"TLS v1.2": 7,
"TLSv1.2": 1
}
},
"VPN": {
"VPN": 8
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KEX": {
"Key Exchange": 4
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"SRC": {
"SRC Security Research \u0026 Consulting": 4
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-256": 5,
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {
"STARCOS": {
"STARCOS 3": 2
}
},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"BSI": {
"AIS 20": 2,
"AIS 32": 1,
"AIS 34": 2
},
"FIPS": {
"FIPS 180-4": 8,
"FIPS 197": 3,
"FIPS PUB 180-4": 1,
"FIPS180-4": 5,
"FIPS186-4": 2,
"FIPS197": 1
},
"ISO": {
"ISO/IEC 15408": 4,
"ISO/IEC 17065": 2,
"ISO/IEC 18045": 4
},
"NIST": {
"SP 800-38D": 1
},
"PKCS": {
"PKCS#1": 3,
"PKCS#12": 1
},
"RFC": {
"RFC 2104": 1,
"RFC 3268": 1,
"RFC 7027": 1,
"RFC-2104": 3,
"RFC-2404": 2,
"RFC-3268": 3,
"RFC-3526": 1,
"RFC-3602": 2,
"RFC-4301": 2,
"RFC-4303": 2,
"RFC-4492": 2,
"RFC-4868": 1,
"RFC-4880": 1,
"RFC-5116": 1,
"RFC-5246": 4,
"RFC-5289": 1,
"RFC-5639": 2,
"RFC-6931": 1,
"RFC-7296": 2,
"RFC-8017": 5,
"RFC2104": 1,
"RFC2404": 1,
"RFC3268": 1,
"RFC3526": 2,
"RFC3602": 1,
"RFC4055": 1,
"RFC4301": 1,
"RFC4303": 1,
"RFC4346": 1,
"RFC4868": 1,
"RFC4880": 1,
"RFC5246": 1,
"RFC5280": 1,
"RFC5289": 1,
"RFC5996": 1,
"RFC7027": 1,
"RFC7292": 1,
"RFC7296": 3,
"RFC8017": 3
},
"X509": {
"X.509": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 9
}
},
"constructions": {
"MAC": {
"HMAC": 12,
"HMAC-SHA-256": 2,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 1
}
}
},
"technical_report_id": {
"BSI": {
"BSI 7148": 1,
"BSI TR-02102": 1,
"BSI TR-03116-1": 1,
"BSI TR-03154": 1,
"BSI TR-03155": 1,
"BSI TR-03157": 2
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"report_metadata": {
"/Author": "Bundesamt f\u00fcr Sicherheit in der Informtionstechnik",
"/CreationDate": "D:20220411134611+02\u002700\u0027",
"/Creator": "Writer",
"/Keywords": "\"Common Criteria, Certification, Zertifizierung, eHealth, Konnektor\"",
"/ModDate": "D:20220411151837+02\u002700\u0027",
"/Producer": "LibreOffice 6.3",
"/Subject": "Zertifizierungsreport BSI-DSZ-CC-1128-V4-2022",
"/Title": "Zertifizierungsreport BSI-DSZ-CC-1128-V4-2022",
"pdf_file_size_bytes": 605403,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.bsi.bund.de/AIS",
"https://www.commoncriteriaportal.org/",
"https://www.sogis.eu/",
"https://www.bsi.bund.de/",
"https://www.bsi.bund.de/zertifizierung",
"https://www.bsi.bund.de/zertifizierungsreporte",
"https://www.commoncriteriaportal.org/cc/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 35
},
"st_filename": "1128V4b_pdf.pdf",
"st_frontpage": null,
"st_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 5
},
"ECDSA": {
"ECDSA": 4
}
},
"FF": {
"DH": {
"Diffie-Hellman": 1
}
},
"RSA": {
"RSA 2048": 1
}
},
"cc_cert_id": {
"DE": {
"BSI-DSZ-CC-1128-V4-2021": 1
}
},
"cc_claims": {
"A": {
"A.NK": 63
},
"O": {
"O.NK": 190
},
"OE": {
"OE.NK": 169
},
"OSP": {
"OSP.NK": 22
},
"T": {
"T.NK": 154
}
},
"cc_protection_profile_id": {
"BSI": {
"BSI-CC-PP-0097": 4,
"BSI-CC-PP-0097\u201c": 2,
"BSI-CC-PP-0098": 6
}
},
"cc_sar": {
"ADV": {
"ADV_ARC": 2,
"ADV_ARC.1": 1,
"ADV_FSP.4": 7,
"ADV_IMP.1": 9,
"ADV_TDS.1": 1,
"ADV_TDS.2": 2,
"ADV_TDS.3": 7
},
"AGD": {
"AGD_OPE": 1,
"AGD_OPE.1": 13,
"AGD_PRE.1": 1
},
"ALC": {
"ALC_DEL.1": 5,
"ALC_FLR.2": 6,
"ALC_TAT.1": 8
},
"ATE": {
"ATE_DPT.1": 1
},
"AVA": {
"AVA_VAN": 1,
"AVA_VAN.5": 11
}
},
"cc_security_level": {
"EAL": {
"EAL3": 14
}
},
"cc_sfr": {
"FAU": {
"FAU_GEN": 16,
"FAU_GEN.1": 5,
"FAU_GEN.2": 1,
"FAU_STG": 2
},
"FCS": {
"FCS_CKM": 86,
"FCS_CKM.1": 14,
"FCS_CKM.2": 6,
"FCS_CKM.4": 13,
"FCS_COP": 77,
"FCS_COP.1": 12
},
"FDP": {
"FDP_ACC": 11,
"FDP_ACC.1": 7,
"FDP_ACF": 5,
"FDP_ACF.1": 5,
"FDP_ETC": 8,
"FDP_ETC.2": 4,
"FDP_IFC": 18,
"FDP_IFC.1": 7,
"FDP_IFF": 20,
"FDP_IFF.1": 20,
"FDP_ITC": 16,
"FDP_ITC.1": 15,
"FDP_ITC.2": 17,
"FDP_RIP": 6,
"FDP_RIP.1": 1,
"FDP_UIT": 6,
"FDP_UIT.1": 2
},
"FIA": {
"FIA_UAU": 11,
"FIA_UAU.1": 2,
"FIA_UID": 9,
"FIA_UID.1": 5
},
"FMT": {
"FMT_MOF": 12,
"FMT_MOF.1": 1,
"FMT_MSA": 40,
"FMT_MSA.1": 2,
"FMT_MSA.3": 7,
"FMT_MTD": 7,
"FMT_MTD.1": 2,
"FMT_SMF": 19,
"FMT_SMF.1": 4,
"FMT_SMR.1": 28,
"FMT_SMR.1.1": 1
},
"FPT": {
"FPT_EMS": 16,
"FPT_EMS.1": 7,
"FPT_EMS.1.1": 2,
"FPT_EMS.1.2": 2,
"FPT_STM": 11,
"FPT_STM.1": 2,
"FPT_TDC": 22,
"FPT_TDC.1": 6,
"FPT_TST": 7,
"FPT_TST.1": 3
},
"FTP": {
"FTP_ITC": 41,
"FTP_ITC.1": 21,
"FTP_TRP": 13,
"FTP_TRP.1": 6
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"GCM": {
"GCM": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 22,
"IKEv2": 8
},
"IPsec": {
"IPsec": 31
},
"TLS": {
"SSL": {
"SSL": 2
},
"TLS": {
"TLS": 147,
"TLS 1.2": 2,
"TLS 1.3": 2
}
},
"VPN": {
"VPN": 59
}
},
"crypto_scheme": {
"KEX": {
"Key Exchange": 4
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"Brainpool": {
"brainpoolP256r1": 2,
"brainpoolP384r1": 1
},
"NIST": {
"P-256": 2,
"P-384": 2
}
},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 5
},
"SHA2": {
"SHA-2": 2,
"SHA-256": 6
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {
"STARCOS": {
"STARCOS 3": 2
}
},
"pq_crypto": {},
"randomness": {
"RNG": {
"RNG": 14
}
},
"side_channel_analysis": {
"SCA": {
"side channel": 1
}
},
"standard_id": {
"CC": {
"CCMB-2017-04-002": 1,
"CCMB-2017-04-003": 1,
"CCMB-2017-04-004": 1
},
"FIPS": {
"FIPS 180-4": 1,
"FIPS 197": 2,
"FIPS PUB 180-4": 5,
"FIPS PUB 186-4": 2
},
"PKCS": {
"PKCS #12": 1,
"PKCS#1": 2,
"PKCS#12": 2
},
"RFC": {
"RFC 1323": 1,
"RFC 2104": 2,
"RFC 2131": 2,
"RFC 2132": 2,
"RFC 2401": 1,
"RFC 2402": 1,
"RFC 2404": 2,
"RFC 2406": 2,
"RFC 2460": 1,
"RFC 2560": 1,
"RFC 2663": 1,
"RFC 3268": 1,
"RFC 3526": 1,
"RFC 3602": 3,
"RFC 4055": 2,
"RFC 4301": 5,
"RFC 4302": 2,
"RFC 4303": 6,
"RFC 4330": 1,
"RFC 4868": 2,
"RFC 5246": 4,
"RFC 5280": 1,
"RFC 5289": 2,
"RFC 5639": 3,
"RFC 5905": 1,
"RFC 7027": 1,
"RFC 7296": 7,
"RFC 791": 1,
"RFC 793": 1,
"RFC 8017": 3,
"RFC 8422": 2,
"RFC 8446": 1,
"RFC 958": 1,
"RFC-5639": 1,
"RFC-7027": 1,
"RFC7296": 1
},
"X509": {
"X.509": 16
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 23,
"AES-128": 3,
"AES-256": 2
},
"HPC": {
"HPC": 1
}
},
"constructions": {
"MAC": {
"HMAC": 33,
"HMAC-SHA-256": 1,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 1
}
}
},
"technical_report_id": {
"BSI": {
"BSI TR-03111": 2,
"BSI TR-03116-1": 2,
"BSI TR-03144": 1
}
},
"tee_name": {},
"tls_cipher_suite": {
"TLS": {
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA": 3,
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA": 3,
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 3,
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 2,
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": 3,
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": 3,
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": 3,
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA": 3,
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384": 3,
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": 2,
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384132": 1
}
},
"vendor": {},
"vulnerability": {}
},
"st_metadata": {
"/Author": "R\u00f6hnelt, Andreas",
"/CreationDate": "D:20220303173233+01\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2016",
"/ModDate": "D:20220303173233+01\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2016",
"pdf_file_size_bytes": 1824868,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://tools.ietf.org/html/rfc4330",
"http://tools.ietf.org/html/rfc791",
"http://tools.ietf.org/html/rfc2402",
"http://tools.ietf.org/html/rfc4302",
"http://tools.ietf.org/html/rfc958",
"http://tools.ietf.org/html/rfc1323",
"https://tools.ietf.org/html/rfc5639",
"http://www.rfc-editor.org/rfc/rfc3526.txt",
"http://www.rfc-editor.org/rfc/rfc2404.txt",
"http://tools.ietf.org/html/",
"http://www.dimdi.de/",
"http://www.ietf.org/rfc/rfc7296.txt",
"http://www.ietf.org/rfc/rfc5905.txt",
"http://tools.ietf.org/html/rfc2401",
"http://www.bundesnetzagentur.de/",
"http://tools.ietf.org/html/rfc793",
"http://www.rfc-editor.org/rfc/rfc4868.txt",
"http://www.ietf.org/rfc/rfc2406.txt",
"http://www.ietf.org/rfc/rfc4303.txt",
"http://www.rfc-editor.org/rfc/rfc3602.txt",
"http://www.gematik.de/",
"http://tools.ietf.org/html/rfc2406",
"http://tools.ietf.org/html/rfc2460",
"http://tools.ietf.org/html/rfc4303",
"http://www.ietf.org/rfc/rfc5280.txt",
"http://www.rfc-editor.org/rfc/rfc8017.txt",
"http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
"http://tools.ietf.org/html/rfc5996",
"http://www.ietf.org/rfc/rfc2131.txt",
"http://www.bmg.bund.de/",
"http://tools.ietf.org/html/rfc2663",
"http://tools.ietf.org/html/rfc4301",
"http://www.rfc-editor.org/rfc/rfc4055.txt",
"http://www.eecis.udel.edu/~mills/ntp/html/release.html",
"http://www.ietf.org/rfc/rfc7027.txt",
"http://www.ietf.org/rfc/rfc2132.txt"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 154
}
},
"protection_profile_links": {
"_type": "Set",
"elements": [
"https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0097V2b_pdf.pdf"
]
},
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1128V4a_pdf.pdf",
"scheme": "DE",
"security_level": {
"_type": "Set",
"elements": [
"EAL3+",
"AVA_VAN.5",
"ADV_IMP.1",
"ADV_FSP.4",
"ALC_FLR.2",
"ADV_TDS.3",
"ALC_TAT.1"
]
},
"st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1128V4b_pdf.pdf",
"state": {
"_type": "sec_certs.sample.cc_eucc_common.InternalState",
"cert": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": false,
"json_hash": null,
"pdf_hash": "ae956cdaeb7155d8f55bde1afb1da441cc75d2bc208d4916ecfba51e1e0c07e4",
"txt_hash": "021cb5cbd27482e8b9c6db7c58e116d9a8b332a2502ea8fde36888afd0dd3d8c"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "19378fb12202bcc589ebde2e2631e992bde3cdfd14127f8aee5e074323d9e6d3",
"txt_hash": "755347476f03b89d98f37213eb4f57b00fd13fc652082d21004531920c2b1569"
},
"st": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"json_hash": null,
"pdf_hash": "6ee7f93dea2b743e1bfb8715f1023e0711e16ad324f65dcbdcd0d977cf850db1",
"txt_hash": "93c77ef3993fdc76a4426007a4716730b9fd9e48ac02d6b46380b0e5bfdb1ea1"
}
},
"status": "active"
}