This page was not yet optimized for use on mobile devices.

ID-One Cosmo 32 v5

Certificate #597

Webpage information ?

Status	historical
Historical reason	RNG SP800-131A Revision 1 Transition
Validation dates	01.12.2005
Standard	FIPS 140-2
Security level	3
Type	Hardware
Embodiment	Single Chip
Caveat	None
Description	The ID-One Cosmo 32 v5 is a JavaCard cryptographic module specifically designed for identity and government market needs. It offers a full 32K Byte of EEPROM space available for customer discretionary use, together with on-card cryptographic services such as TDES (using double and triple length DES keys), and 2048-bit RSA with on-card key generation. The cryptographic module loads and runs applets written in Java programming language. It includes a native implementation of the latest Java Card TM (Version 2.2) and Open Platform (Version 2.1.1A) specifications, with full support for Delegated Management and DAP / Mandated DAP, that define a secure infrastructure for post-issuance programmable platforms. Additional features include On-Card fingerprint matching and Logical Channels.
Version (Hardware)	P/N 90
Version (Firmware)	E311-063842
Vendor	Oberthur Card Systems
References	This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Certificate

Webpage

Security policy ?

Security target PDF TXT

Symmetric Algorithms

AES, DES, TDES, 3DES

Hash functions

SHA-1, SHA1, MD5

Schemes

MAC

Randomness

RNG

Block cipher modes

ECB, CBC

JavaCard versions

Java Card 2.2, JavaCard 2.2, JC2.2, Global Platform 2.1.1

JavaCard API constants

ALG_DES_CBC_NOPAD, ALG_DES_CBC_ISO9797_M1, ALG_DES_CBC_ISO9797_M2, ALG_DES_ECB_NOPAD, ALG_DES_ECB_ISO9797_M1, ALG_DES_ECB_ISO9797_M2, ALG_DES_MAC4_NOPAD, ALG_DES_MAC4_ISO9797_M1, ALG_DES_MAC4_ISO9797_M2, ALG_DES_MAC4_ISO9797_1_M2_ALG3, ALG_DES_MAC_8_NOPAD, ALG_DES_MAC8_ISO9797_M1, ALG_DES_MAC8_ISO9797_M2, ALG_DES_MAC8_ISO9797_1_M2_ALG3, ALG_RSA_NOPAD, ALG_RSA_PKCS1, ALG_RSA_PKCS1_OAEP, ALG_RSA_SHA_ISO9796, ALG_RSA_SHA_PKCS1, ALG_RSA_SHA_PKCS1_PSS, ALG_RSA_MD5_PKCS1, ALG_RSA_MD5_PKCS1_PSS, ALG_MD59

Vendor

Oberthur Card Systems, Oberthur

Security level

Level 3

Side-channel analysis

DPA, SPA, Timing attacks, Fault Induction, fault induction, fault injection, reverse engineering, Bellcore attack

Certification process

More details about all the power-up self-tests and their implementation are provided in a separate confidential document. ID-One Cosmo 32 v5 Security Policy October 27, 2005 Version R01 Page 33 / 41 © 2004 Oberthur Card, Integrity Mechanisms. The cryptographic key storage integrity mechanism is described in a separate confidential document called Self Test Description. 17.3.4 Key Destruction The ID-One Cosmo 32 v5 destroys cryptographic

Standards

FIPS 140-2, FIPS140-2, FIPS 140, FIPS PUB 186-2, FIPS186-2, PKCS#1, PKCS1, ISO/IEC 7816, ISO/IEC 7816-2, ISO/IEC 7816-3, ISO/IEC 7816-4, ISO/IEC 7816-5, ISO/IEC 9796-2, ISO/IEC 9797-1, ISO/IEC 14443-2, ISO/IEC 14443-3, ISO/IEC 14443-4, ISO/IEC 9797, ISO/IEC 9796, ISO/IEC 14443, ICAO, SCP01, SCP02

File metadata

Title	Microsoft Word - 108g - ID-One Cosmo 32 RSA Security Policy R01 October 27 …
Author	Rose
Creation date	D:20051027143049-07'00'
Modification date	D:20051028163004-07'00'
Pages	41
Creator	PScript5.dll Version 5.2
Producer	Acrobat Distiller 6.0 (Windows)

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

09.02.2023 The certificate data changed.
Certificate changed

The cert_id was updated.
- The new value is 597.
The web extraction data was updated.
- The following values were inserted: {'validation_history': [{'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2005-12-01', 'validation_type': 'Initial', 'lab': 'UL VERIFICATION SERVICES INC'}], 'vendor_url': 'http://www.oberthurusa.com', 'certificate_pdf_url': 'https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/140crt597.pdf', 'hw_versions': 'P/N 90', 'fw_versions': 'E311-063842'}.
- The standard property was set to FIPS 140-2.
- The status property was set to historical.
- The level property was set to 3.
- The description property was set to The ID-One Cosmo 32 v5 is a JavaCard cryptographic module specifically designed for identity and government market needs. It offers a full 32K Byte of EEPROM space available for customer discretionary use, together with on-card cryptographic services such as TDES (using double and triple length DES keys), and 2048-bit RSA with on-card key generation. The cryptographic module loads and runs applets written in Java programming language. It includes a native implementation of the latest Java Card TM (Version 2.2) and Open Platform (Version 2.1.1A) specifications, with full support for Delegated Management and DAP / Mandated DAP, that define a secure infrastructure for post-issuance programmable platforms. Additional features include On-Card fingerprint matching and Logical Channels..
- The following properties were deleted: ['date_validation', 'algorithms', 'vendor_www', 'lab', 'lab_nvlap', 'security_policy_www', 'certificate_www', 'hw_version', 'fw_version', 'product_url'].
The PDF extraction data was updated.
- The following values were inserted: {'policy_metadata': {'pdf_file_size_bytes': 255157, 'pdf_is_encrypted': True, 'pdf_number_of_pages': 41, '/Author': 'Rose', '/CreationDate': "D:20051027143049-07'00'", '/Creator': 'PScript5.dll Version 5.2', '/ModDate': "D:20051028163004-07'00'", '/Producer': 'Acrobat Distiller 6.0 (Windows)', '/Title': 'Microsoft Word - 108g - ID-One Cosmo 32 RSA Security Policy R01 October 27 …', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}}.
- The following properties were deleted: ['cert_id', 'algorithms', 'clean_cert_ids', 'st_metadata'].
The computed heuristics were updated.
- The following values were inserted: {'policy_prunned_references': {'_type': 'Set', 'elements': []}, 'module_prunned_references': {'_type': 'Set', 'elements': []}, 'policy_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'module_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'direct_transitive_cves': None, 'indirect_transitive_cves': None}.
- The algorithms property was set to {'_type': 'Set', 'elements': ['RSA#42', 'Triple-DES#303', 'SHS#290', 'RNG#99', 'Triple-DES MAC#303']}.
- The following properties were deleted: ['keywords', 'unmatched_algs', 'clean_cert_ids', 'st_references', 'web_references'].
The state was updated.
- The following values were inserted: {'module_download_ok': True, 'policy_download_ok': True, 'policy_convert_garbage': False, 'policy_convert_ok': True, 'module_extract_ok': True, 'policy_extract_ok': True, 'policy_pdf_hash': 'c546bb5ab1547cbe4312a419e0612dae7ee47b088290d5495777b00731b2700e', 'policy_txt_hash': 'ab6b193dbf336b4ffb0a836e977435f0706ace5afe4773ce949b47ec64cdcb79'}.
- The following properties were deleted: ['sp_path', 'html_path', 'tables_done', 'file_status', 'txt_state'].
07.12.2022 The certificate data changed.
Certificate changed

The computed heuristics were updated.
- The clean_cert_ids property was set to {'# 99': 5, '# 303': 2, '# 42': 1}.
- The st_references property was updated, with the {'directly_referenced_by': {'_type': 'Set', 'elements': ['857', '1791', '1792', '1358', '1359']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['1050', '2981', '857', '2445', '2319', '1791', '1792', '1358', '2304', '2404', '1359']}, 'directly_referencing': {'_type': 'Set', 'elements': ['42', '99', '303']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['42', '99', '303']}} data.
05.11.2022 The certificate data changed.
Certificate changed

The web extraction data was updated.
- The caveat property was set to None.
- The algorithms property was set to {'_type': 'Set', 'elements': []}.
The PDF extraction data was updated.
- The clean_cert_ids property was set to {'# 99': 5, '# 303': 2, '# 42': 1}.
The computed heuristics were updated.
- The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#303', 'algorithm_type': 'Triple-DES', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#99', 'algorithm_type': 'RNG', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#42', 'algorithm_type': 'RSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#290', 'algorithm_type': 'SHS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#303', 'algorithm_type': 'Triple-DES MAC', 'vendor': None, 'implementation': None, 'date': None}]} values discarded.
25.10.2022 The certificate data changed.
Certificate changed

The PDF extraction data was updated.
- The keywords property was updated, with the {'fips_cert_id': {'__update__': {'Cert': {'__delete__': ['#1']}}}, 'fips_certlike': {'__update__': {'Certlike': {'__update__': {'PKCS#1': 19, 'PKCS1': 1}, '__delete__': ['DES, (2', 'DES, (3']}}}, 'eval_facility': {}, 'symmetric_crypto': {'__update__': {'DES': {'__update__': {'DES': {'__update__': {'DES': 58}}, '3DES': {'__update__': {'TDES': 38}}}}}, '__delete__': ['constructions']}, 'hash_function': {'__update__': {'MD': {'__update__': {'MD5': {'__update__': {'MD5': 11}}}}}}, 'crypto_scheme': {'__update__': {'MAC': {'__update__': {'MAC': 24}}}, '__delete__': ['KA']}, 'randomness': {'__update__': {'RNG': {'__update__': {'RNG': 1}}}}, 'cipher_mode': {'__update__': {'ECB': {'__update__': {'ECB': 8}}, 'CBC': {'__update__': {'CBC': 25}}}}, 'side_channel_analysis': {'__update__': {'SCA': {'__update__': {'SPA': 8, 'DPA': 7}}}}, 'tee_name': {}, 'standard_id': {'__update__': {'FIPS': {'__update__': {'FIPS140-2': 2}}, 'PKCS': {'__update__': {'PKCS#1': 11, 'PKCS1': 1}}, 'ISO': {'__update__': {'ISO/IEC 7816': 8, 'ISO/IEC 9797': 10, 'ISO/IEC 9796': 4, 'ISO/IEC 14443': 4}}}}, 'javacard_api_const': {'__update__': {'ALG': {'__update__': {'DES': {'__update__': {'ALG_DES_CBC_NOPAD': 1, 'ALG_DES_CBC_ISO9797_M1': 1, 'ALG_DES_CBC_ISO9797_M2': 1, 'ALG_DES_ECB_NOPAD': 1, 'ALG_DES_ECB_ISO9797_M1': 1, 'ALG_DES_ECB_ISO9797_M2': 1, 'ALG_DES_MAC4_NOPAD': 1, 'ALG_DES_MAC4_ISO9797_M1': 1, 'ALG_DES_MAC4_ISO9797_M2': 1, 'ALG_DES_MAC4_ISO9797_1_M2_ALG3': 1, 'ALG_DES_MAC8_ISO9797_M1': 1, 'ALG_DES_MAC8_ISO9797_M2': 1, 'ALG_DES_MAC8_ISO9797_1_M2_ALG3': 1}, '__delete__': ['ALG_DES_MAC8_NOPAD']}, 'RSA': {'__update__': {'ALG_RSA_NOPAD': 1, 'ALG_RSA_PKCS1': 1, 'ALG_RSA_PKCS1_OAEP': 1, 'ALG_RSA_SHA_ISO9796': 1, 'ALG_RSA_SHA_PKCS1': 1, 'ALG_RSA_SHA_PKCS1_PSS': 1, 'ALG_RSA_MD5_PKCS1': 1, 'ALG_RSA_MD5_PKCS1_PSS': 1}, '__delete__': ['ALG_RSA_CRT']}}, '__delete__': ['RNG']}}}} data.
- The algorithms property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'C 7816', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 10', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 14', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 9', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '\n10', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '01', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 12', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '9', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 27', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2005', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 8', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 11', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 7', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 13', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]}.
- The clean_cert_ids property was set to {}.
The computed heuristics were updated.
- The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'C 7816', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 10', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 14', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 9', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '\n10', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '01', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 12', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '9', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 27', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2005', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 8', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 11', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 7', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 13', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]} values added.
The state was updated.
- The tables_done property was set to True.
17.07.2022 The certificate data changed.
Certificate changed

The _type was updated.
- The new value is sec_certs.sample.fips.FIPSCertificate.
The computed heuristics were updated.
- The following values were inserted: {'clean_cert_ids': {}}.
- The _type property was set to sec_certs.sample.fips.FIPSCertificate.Heuristics.
- The keywords property was set to {}.
- The algorithms property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#303', 'algorithm_type': 'Triple-DES', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#99', 'algorithm_type': 'RNG', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#42', 'algorithm_type': 'RSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#290', 'algorithm_type': 'SHS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#303', 'algorithm_type': 'Triple-DES MAC', 'vendor': None, 'implementation': None, 'date': None}]}.
- The st_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
- The web_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
The state was updated.
- The _type property was set to sec_certs.sample.fips.FIPSCertificate.InternalState.
- The following properties were deleted: ['fragment_path'].
14.06.2022 The certificate data changed.
Certificate changed

The pdf_scan was updated.
- The keywords property was updated, with the {'rules_cert_id': {}, 'rules_standard_id': {'__update__': {'FIPS ?(?:PUB )?[0-9]+-[0-9]+?': {'__delete__': ['FIPS 140-2', 'FIPS140-2', 'FIPS186-2']}, 'FIPS ?(?:PUB )?[0-9]+?': {'__update__': {'FIPS 140': {'__update__': {'count': 1}}}}, 'PKCS[ #]*[1-9]+': {'__update__': {'PKCS#1': {'__update__': {'count': 1}}}, '__delete__': ['PKCS1']}, 'ISO/IEC[ ]*[0-9]+[-]*[0-9]*': {'__update__': {'ISO/IEC 14443': {'__update__': {'count': 1}}}, '__delete__': ['ISO/IEC 7816', 'ISO/IEC 7816-3', 'ISO/IEC 7816-4', 'ISO/IEC 7816-5', 'ISO/IEC 9796-2', 'ISO/IEC 9797-1', 'ISO/IEC 14443-2', 'ISO/IEC 14443-3', 'ISO/IEC 14443-4', 'ISO/IEC 9797', 'ISO/IEC 9796']}, 'ISO/IEC[ ]*[0-9]+': {'__update__': {'ISO/IEC 14443': {'__update__': {'count': 1}}}, '__delete__': ['ISO/IEC 7816', 'ISO/IEC 9797', 'ISO/IEC 9796']}, "(?:SCP|scp)[ ']*[0-9][0-9]": {'__delete__': ['SCP01']}}}, 'rules_javacard': {'__update__': {'(?:Java Card|JavaCard) [2-3]\\.[0-9](?:\\.[0-9]|)': {'__delete__': ['Java Card 2.2']}, '(?:Global Platform|GlobalPlatform) [2-3]\\.[0-9]\\.[0-9]': {'__update__': {'Global Platform 2.1.1': {'__update__': {'count': 1}}}}}}, 'rules_javacard_api_consts': {'__update__': {'ALG_DES_[A-Z_0-9]+': {'__delete__': ['ALG_DES_CBC_NOPAD', 'ALG_DES_CBC_ISO9797_M1', 'ALG_DES_CBC_ISO9797_M2', 'ALG_DES_ECB_NOPAD', 'ALG_DES_ECB_ISO9797_M1', 'ALG_DES_ECB_ISO9797_M2', 'ALG_DES_MAC4_NOPAD', 'ALG_DES_MAC4_ISO9797_M1', 'ALG_DES_MAC4_ISO9797_M2', 'ALG_DES_MAC4_ISO9797_1_M2_ALG3', 'ALG_DES_MAC_8_NOPAD', 'ALG_DES_MAC8_ISO9797_M1', 'ALG_DES_MAC8_ISO9797_M2']}, 'ALG_RSA_[A-Z_0-9]+': {'__delete__': ['ALG_RSA_NOPAD', 'ALG_RSA_PKCS1', 'ALG_RSA_PKCS1_OAEP', 'ALG_RSA_SHA_ISO9796', 'ALG_RSA_SHA_PKCS1', 'ALG_RSA_SHA_PKCS1_PSS', 'ALG_RSA_MD5_PKCS1']}}}, 'rules_block_cipher_modes': {'__update__': {'ECB': {'__update__': {'ECB': {'__update__': {'count': 1}}}}, 'CBC': {'__update__': {'CBC': {'__update__': {'count': 1}}}}}}} data.
The computed heuristics were updated.
- The keywords property was updated, with the {'rules_cert_id': {}, 'rules_standard_id': {'__update__': {'FIPS ?(?:PUB )?[0-9]+-[0-9]+?': {'__delete__': ['FIPS 140-2', 'FIPS140-2', 'FIPS186-2']}, 'FIPS ?(?:PUB )?[0-9]+?': {'__update__': {'FIPS 140': {'__update__': {'count': 1}}}}, 'PKCS[ #]*[1-9]+': {'__update__': {'PKCS#1': {'__update__': {'count': 1}}}, '__delete__': ['PKCS1']}, 'ISO/IEC[ ]*[0-9]+[-]*[0-9]*': {'__update__': {'ISO/IEC 14443': {'__update__': {'count': 1}}}, '__delete__': ['ISO/IEC 7816', 'ISO/IEC 7816-3', 'ISO/IEC 7816-4', 'ISO/IEC 7816-5', 'ISO/IEC 9796-2', 'ISO/IEC 9797-1', 'ISO/IEC 14443-2', 'ISO/IEC 14443-3', 'ISO/IEC 14443-4', 'ISO/IEC 9797', 'ISO/IEC 9796']}, 'ISO/IEC[ ]*[0-9]+': {'__update__': {'ISO/IEC 14443': {'__update__': {'count': 1}}}, '__delete__': ['ISO/IEC 7816', 'ISO/IEC 9797', 'ISO/IEC 9796']}, "(?:SCP|scp)[ ']*[0-9][0-9]": {'__delete__': ['SCP01']}}}, 'rules_javacard': {'__update__': {'(?:Java Card|JavaCard) [2-3]\\.[0-9](?:\\.[0-9]|)': {'__delete__': ['Java Card 2.2']}, '(?:Global Platform|GlobalPlatform) [2-3]\\.[0-9]\\.[0-9]': {'__update__': {'Global Platform 2.1.1': {'__update__': {'count': 1}}}}}}, 'rules_javacard_api_consts': {'__update__': {'ALG_DES_[A-Z_0-9]+': {'__delete__': ['ALG_DES_CBC_NOPAD', 'ALG_DES_CBC_ISO9797_M1', 'ALG_DES_CBC_ISO9797_M2', 'ALG_DES_ECB_NOPAD', 'ALG_DES_ECB_ISO9797_M1', 'ALG_DES_ECB_ISO9797_M2', 'ALG_DES_MAC4_NOPAD', 'ALG_DES_MAC4_ISO9797_M1', 'ALG_DES_MAC4_ISO9797_M2', 'ALG_DES_MAC4_ISO9797_1_M2_ALG3', 'ALG_DES_MAC_8_NOPAD', 'ALG_DES_MAC8_ISO9797_M1', 'ALG_DES_MAC8_ISO9797_M2']}, 'ALG_RSA_[A-Z_0-9]+': {'__delete__': ['ALG_RSA_NOPAD', 'ALG_RSA_PKCS1', 'ALG_RSA_PKCS1_OAEP', 'ALG_RSA_SHA_ISO9796', 'ALG_RSA_SHA_PKCS1', 'ALG_RSA_SHA_PKCS1_PSS', 'ALG_RSA_MD5_PKCS1']}}}, 'rules_block_cipher_modes': {'__update__': {'ECB': {'__update__': {'ECB': {'__update__': {'count': 1}}}}, 'CBC': {'__update__': {'CBC': {'__update__': {'count': 1}}}}}}} data.
08.03.2022 The certificate data changed.
Certificate changed

The web_scan was updated.
- The following properties were deleted: ['connections'].
The pdf_scan was updated.
- The following properties were deleted: ['connections'].
The computed heuristics were updated.
- The following values were inserted: {'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'web_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}}.
- The following properties were deleted: ['connections', 'directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting'].
18.02.2022 The certificate data changed.
Certificate changed

The computed heuristics were updated.
- The extracted_versions property was set to {'_type': 'Set', 'elements': ['90', '063842', '32']}.
02.02.2022 The certificate data changed.
Certificate changed

The web_scan was updated.
- The module_type property was set to Hardware.
30.01.2022 The certificate was first processed.

New certificate

A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 597,
  "dgst": "fcf1e4bf9cc9c108",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "Triple-DES#303",
        "SHS#290",
        "Triple-DES MAC#303",
        "RSA#42",
        "RNG#99"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "90",
        "063842",
        "32"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {},
      "certification_process": {
        "ConfidentialDocument": {
          "Integrity Mechanisms. The cryptographic key storage integrity mechanism is described in a separate confidential document called Self Test Description. 17.3.4 Key Destruction The ID-One Cosmo 32 v5 destroys cryptographic": 1,
          "More details about all the power-up self-tests and their implementation are provided in a separate confidential document. ID-One Cosmo 32 v5 Security Policy October 27, 2005 Version R01 Page 33 / 41 \u00a9 2004 Oberthur Card": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 25
        },
        "ECB": {
          "ECB": 8
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "MAC": {
          "MAC": 24
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "# 1": 1,
          "# 2": 1,
          "# 286": 1,
          "# 290": 1,
          "# 303": 2,
          "# 42": 1,
          "# 99": 5
        }
      },
      "fips_certlike": {
        "Certlike": {
          "DES [Certificate # 286": 1,
          "DES3": 2,
          "PKCS#1": 19,
          "PKCS1": 1,
          "RSA PKCS#1": 3,
          "RSA PKCS1": 1,
          "SHA-1": 7,
          "SHA-1 [Certificate # 290": 1,
          "SHA1": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 3": 17
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 11
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 8,
            "SHA1": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {
        "ALG": {
          "DES": {
            "ALG_DES_CBC_ISO9797_M1": 1,
            "ALG_DES_CBC_ISO9797_M2": 1,
            "ALG_DES_CBC_NOPAD": 1,
            "ALG_DES_ECB_ISO9797_M1": 1,
            "ALG_DES_ECB_ISO9797_M2": 1,
            "ALG_DES_ECB_NOPAD": 1,
            "ALG_DES_MAC4_ISO9797_1_M2_ALG3": 1,
            "ALG_DES_MAC4_ISO9797_M1": 1,
            "ALG_DES_MAC4_ISO9797_M2": 1,
            "ALG_DES_MAC4_NOPAD": 1,
            "ALG_DES_MAC8_ISO9797_1_M2_ALG3": 1,
            "ALG_DES_MAC8_ISO9797_M1": 1,
            "ALG_DES_MAC8_ISO9797_M2": 1,
            "ALG_DES_MAC_8_NOPAD": 1
          },
          "MD": {
            "ALG_MD59": 1
          },
          "RSA": {
            "ALG_RSA_MD5_PKCS1": 1,
            "ALG_RSA_MD5_PKCS1_PSS": 1,
            "ALG_RSA_NOPAD": 1,
            "ALG_RSA_PKCS1": 1,
            "ALG_RSA_PKCS1_OAEP": 1,
            "ALG_RSA_SHA_ISO9796": 1,
            "ALG_RSA_SHA_PKCS1": 1,
            "ALG_RSA_SHA_PKCS1_PSS": 1
          }
        }
      },
      "javacard_packages": {},
      "javacard_version": {
        "GlobalPlatform": {
          "Global Platform 2.1.1": 4
        },
        "JavaCard": {
          "JC2.2": 1,
          "Java Card 2.2": 1,
          "JavaCard 2.2": 1
        }
      },
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RNG": 1
        }
      },
      "side_channel_analysis": {
        "FI": {
          "Fault Induction": 2,
          "fault induction": 1,
          "fault injection": 1
        },
        "SCA": {
          "DPA": 7,
          "SPA": 8,
          "Timing attacks": 1
        },
        "other": {
          "Bellcore attack": 1,
          "reverse engineering": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140": 5,
          "FIPS 140-2": 32,
          "FIPS PUB 186-2": 3,
          "FIPS140-2": 2,
          "FIPS186-2": 1
        },
        "ICAO": {
          "ICAO": 1
        },
        "ISO": {
          "ISO/IEC 14443": 4,
          "ISO/IEC 14443-2": 1,
          "ISO/IEC 14443-3": 1,
          "ISO/IEC 14443-4": 1,
          "ISO/IEC 7816": 8,
          "ISO/IEC 7816-2": 1,
          "ISO/IEC 7816-3": 4,
          "ISO/IEC 7816-4": 2,
          "ISO/IEC 7816-5": 2,
          "ISO/IEC 9796": 4,
          "ISO/IEC 9796-2": 1,
          "ISO/IEC 9797": 10,
          "ISO/IEC 9797-1": 1
        },
        "PKCS": {
          "PKCS#1": 11,
          "PKCS1": 1
        },
        "SCP": {
          "SCP01": 1,
          "SCP02": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 1
          }
        },
        "DES": {
          "3DES": {
            "3DES": 2,
            "TDES": 38
          },
          "DES": {
            "DES": 58
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Oberthur": {
          "Oberthur": 10,
          "Oberthur Card Systems": 53
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Rose",
      "/CreationDate": "D:20051027143049-07\u002700\u0027",
      "/Creator": "PScript5.dll Version 5.2",
      "/ModDate": "D:20051028163004-07\u002700\u0027",
      "/Producer": "Acrobat Distiller 6.0 (Windows)",
      "/Title": "Microsoft Word - 108g - ID-One Cosmo 32 RSA Security Policy R01 October 27 \u2026",
      "pdf_file_size_bytes": 255157,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": true,
      "pdf_number_of_pages": 41
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "c546bb5ab1547cbe4312a419e0612dae7ee47b088290d5495777b00731b2700e",
    "policy_txt_hash": "ab6b193dbf336b4ffb0a836e977435f0706ace5afe4773ce949b47ec64cdcb79"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "None",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/140crt597.pdf",
    "date_sunset": null,
    "description": "The ID-One Cosmo 32 v5 is a JavaCard cryptographic module specifically designed for identity and government market needs. It offers a full 32K Byte of EEPROM space available for customer discretionary use, together with on-card cryptographic services such as TDES (using double and triple length DES keys), and 2048-bit RSA with on-card key generation. The cryptographic module loads and runs applets written in Java programming language. It includes a native implementation of the latest Java Card TM (Version 2.2) and Open Platform (Version 2.1.1A) specifications, with full support for Delegated Management and DAP / Mandated DAP, that define a secure infrastructure for post-issuance programmable platforms. Additional features include On-Card fingerprint matching and Logical Channels.",
    "embodiment": "Single Chip",
    "exceptions": null,
    "fw_versions": "E311-063842",
    "historical_reason": "RNG SP800-131A Revision 1 Transition",
    "hw_versions": "P/N 90",
    "level": 3,
    "mentioned_certs": {},
    "module_name": "ID-One Cosmo 32 v5",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2005-12-01",
        "lab": "UL VERIFICATION SERVICES INC",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Oberthur Card Systems",
    "vendor_url": "http://www.oberthurusa.com"
  }
}

ID-One Cosmo 32 v5

Certificate #597

Webpage information ?

Security policy ?

Cryptography

Symmetric Algorithms

Hash functions

Schemes

Randomness

Block cipher modes

Device

JavaCard versions

JavaCard API constants

Vendor

Security

Security level

Side-channel analysis

Certification process

Other

Standards

File metadata

Heuristics ?

References ?

Updates ?

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

New certificate

Raw data