This page was not yet optimized for use on mobile devices.

Oberthur PIV EP v1 on ID-One Cosmo 64 v5 D

Certificate #668

Webpage information ?

Status	historical
Historical reason	RNG SP800-131A Revision 1 Transition
Validation dates	02.05.2006 , 27.07.2007 , 06.02.2014
Standard	FIPS 140-2
Security level	2
Type	Hardware
Embodiment	Single Chip
Caveat	None
Exceptions	Roles, Services, and Authentication: Level 3 Physical Security: Level 3 EMI/EMC: Level 3 Design Assurance: Level 3
Description	The PIV EP v1 is a fully validated PIV-II « End Point » smart card to answer HSPD12. It offers Identity proofing (storage of personal data), User authentication, Card authentication, digital signature, encryption and secure post issuance management. To increase flexibility and customization capabilities, the card supports all PIV optional data containers from SP800-73-1, plus additional non-PIV containers and keys configurable during manufacturing. A built-in Card Single Sign-On application allows multiple on card applications to share the same Card Holder Verification Method (Global PIN).
Version (Hardware)	HW P/N 77
Version (Firmware)	FW Version E303-063684 with PIV Applet Suite v1 (PIV Applet v1.08 or v1.09 and SSO Applet v1.08
Vendor	Oberthur Card Systems
References	This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Certificate

Webpage

Security policy ?

Security target PDF TXT

Symmetric Algorithms

DES, TDES, KMAC

Asymmetric Algorithms

RSA1024, RSA-PSS

Hash functions

SHA-1

Schemes

MAC

Block cipher modes

ECB, CBC

JavaCard versions

Java Card 2.2, JC2.2, Global Platform 2.1.1

Vendor

Oberthur Card Systems, Oberthur, OBERTHUR

Security level

Level 2, Level 3

Side-channel analysis

SPA, DPA, Timing attacks, fault induction, Fault Induction, fault injection, reverse engineering, Bellcore attack

Certification process

More details about all the power-up self-tests and their implementation are provided in a separate confidential document. 7.3.2 Conditional Tests RSA Key generation: After generating an RSA key pair, the module performs, Integrity Mechanisms. The cryptographic key storage integrity mechanism is described in a separate confidential document called Self Test Description. 10.5.4 Destruction of Keys & PINs The Oberthur PIV EP destroys

Standards

FIPS 140-2, FIPS 201, FIPS PUB 186-2, FIPS 186-2, FIPS140-2, FIPS186-2, FIPS 140, PKCS#1, PKCS #1, ISO/IEC 7816, ISO/IEC 14443, ISO/IEC 7816-3, ISO/IEC7816, ISO/IEC14443, ISO/IEC 7816-2, ISO/IEC 7816-4, ISO/IEC 7816-5, ISO/IEC 9796-2, ISO/IEC 9797-1, ISO/IEC 14443-2, ISO/IEC 14443-3, ISO/IEC 14443-4, ICAO, SCP01

File metadata

Title	OCS PIV EP v1 Security Policy V1.01 _04-27-06_.doc
Author	cgoyet
Creation date	D:20060427143721-04'00'
Modification date	D:20060427143721-04'00'
Pages	39
Creator	PScript5.dll Version 5.2
Producer	Acrobat Distiller 6.0 (Windows)

References

Outgoing

548 - historical - ID-One Cosmo 64 v5

Heuristics ?

No heuristics are available for this certificate.

References ?

Updates ?

09.02.2023 The certificate data changed.
Certificate changed

The cert_id was updated.
- The new value is 668.
The web extraction data was updated.
- The following values were inserted: {'validation_history': [{'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2006-05-02', 'validation_type': 'Initial', 'lab': 'UL VERIFICATION SERVICES INC'}, {'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2007-07-27', 'validation_type': 'Update', 'lab': ''}, {'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2014-02-06', 'validation_type': 'Update', 'lab': ''}], 'vendor_url': 'http://www.oberthurusa.com', 'certificate_pdf_url': 'https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/140crt668.pdf', 'hw_versions': 'HW P/N 77', 'fw_versions': 'FW Version E303-063684 with PIV Applet Suite v1 (PIV Applet v1.08 or v1.09 and SSO Applet v1.08'}.
- The standard property was set to FIPS 140-2.
- The status property was set to historical.
- The level property was set to 2.
- The description property was set to The PIV EP v1 is a fully validated PIV-II « End Point » smart card to answer HSPD12. It offers Identity proofing (storage of personal data), User authentication, Card authentication, digital signature, encryption and secure post issuance management. To increase flexibility and customization capabilities, the card supports all PIV optional data containers from SP800-73-1, plus additional non-PIV containers and keys configurable during manufacturing. A built-in Card Single Sign-On application allows multiple on card applications to share the same Card Holder Verification Method (Global PIN)..
- The following properties were deleted: ['date_validation', 'algorithms', 'vendor_www', 'lab', 'lab_nvlap', 'security_policy_www', 'certificate_www', 'hw_version', 'fw_version', 'product_url'].
The PDF extraction data was updated.
- The following values were inserted: {'policy_metadata': {'pdf_file_size_bytes': 277690, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 39, '/ModDate': "D:20060427143721-04'00'", '/CreationDate': "D:20060427143721-04'00'", '/Title': 'OCS PIV EP v1 Security Policy V1.01 _04-27-06_.doc', '/Creator': 'PScript5.dll Version 5.2', '/Producer': 'Acrobat Distiller 6.0 (Windows)', '/Author': 'cgoyet', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}}.
- The following properties were deleted: ['cert_id', 'algorithms', 'clean_cert_ids', 'st_metadata'].
The computed heuristics were updated.
- The following values were inserted: {'policy_prunned_references': {'_type': 'Set', 'elements': ['548']}, 'module_prunned_references': {'_type': 'Set', 'elements': []}, 'policy_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': {'_type': 'Set', 'elements': ['548']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['123', '548', '112', '246']}}, 'module_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'direct_transitive_cves': None, 'indirect_transitive_cves': None}.
- The algorithms property was set to {'_type': 'Set', 'elements': ['SHS#209', 'Triple-DES#232', 'CVL#204', 'Triple-DES MAC#232', 'RNG#94', 'RSA#43']}.
- The following properties were deleted: ['keywords', 'unmatched_algs', 'clean_cert_ids', 'st_references', 'web_references'].
The state was updated.
- The following values were inserted: {'module_download_ok': True, 'policy_download_ok': True, 'policy_convert_garbage': False, 'policy_convert_ok': True, 'module_extract_ok': True, 'policy_extract_ok': True, 'policy_pdf_hash': '736bcc5b7aa10dda6780bbd520aa901a8acdeb7b009abdd89a79959caa962d3d', 'policy_txt_hash': '4bc9a12a2942a605398f149aa02a32777edb421e5d7b64c449d6ef61b43ec0cd'}.
- The following properties were deleted: ['sp_path', 'html_path', 'tables_done', 'file_status', 'txt_state'].
07.12.2022 The certificate data changed.
Certificate changed

The computed heuristics were updated.
- The st_references property was updated, with the {'directly_referenced_by': {'_type': 'Set', 'elements': ['1430', '1045']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['2956', '2109', '3300', '1430', '1045']}} data.
05.11.2022 The certificate data changed.
Certificate changed

The web extraction data was updated.
- The caveat property was set to None.
- The algorithms property was set to {'_type': 'Set', 'elements': []}.
The computed heuristics were updated.
- The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#94', 'algorithm_type': 'RNG', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#43', 'algorithm_type': 'RSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#209', 'algorithm_type': 'SHS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#204', 'algorithm_type': 'CVL', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#232', 'algorithm_type': 'Triple-DES', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#232', 'algorithm_type': 'Triple-DES MAC', 'vendor': None, 'implementation': None, 'date': None}]} values discarded.
25.10.2022 The certificate data changed.
Certificate changed

The PDF extraction data was updated.
- The keywords property was updated, with the {'fips_cert_id': {'__update__': {'Cert': {'__update__': {'#1': 1}, '__delete__': ['#548']}}}, 'fips_certlike': {'__update__': {'Certlike': {'__delete__': ['DES128', 'DES192']}}}, 'vendor': {'__update__': {'Oberthur': {'__update__': {'Oberthur': 51}}}}, 'eval_facility': {}, 'symmetric_crypto': {'__update__': {'DES': {'__update__': {'DES': {'__update__': {'DES': 8}}, '3DES': {'__update__': {'TDES': 28}}}}, 'constructions': {'__update__': {'MAC': {'__update__': {'KMAC': 1}}}}}}, 'crypto_scheme': {'__update__': {'MAC': {'__update__': {'MAC': 7}}}, '__delete__': ['KA']}, 'randomness': {}, 'cipher_mode': {'__update__': {'ECB': {'__update__': {'ECB': 6}}, 'CBC': {'__update__': {'CBC': 8}}}}, 'side_channel_analysis': {'__update__': {'SCA': {'__update__': {'SPA': 8, 'DPA': 7}}}}, 'tee_name': {}, 'standard_id': {'__update__': {'FIPS': {'__update__': {'FIPS 140': 5, 'FIPS140-2': 3}}, 'ISO': {'__update__': {'ISO/IEC 7816': 6, 'ISO/IEC 14443': 14}, '__delete__': ['ISO/IEC 9796', 'ISO/IEC 9797']}}}, 'certification_process': {'__update__': {'ConfidentialDocument': {'__insert__': {'Integrity Mechanisms. The cryptographic key storage integrity mechanism is described in a separate confidential document called Self Test Description. 10.5.4 Destruction of Keys & PINs The Oberthur PIV EP destroys': 1}, '__delete__': ['Integrity Mechanisms. The cryptographic key storage integrity mechanism is described in a separate confidential document called Self Test Description. 10.5.4 Destruction of Keys & PINs The Oberthur PIV EP destroys crypto']}}}} data.
- The algorithms property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 16', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 9', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 31', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2006', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 8', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 23', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 17', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 7', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 14', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 7', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 21', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 11', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 20', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 19', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 27', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 10', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'C 14443', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 13', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 64', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 12', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 15', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'C 7816', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]}.
- The clean_cert_ids property was updated.
The computed heuristics were updated.
- The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 16', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 9', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 31', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2006', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 8', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 23', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 17', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 7', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 14', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 7', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 21', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 11', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 20', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 19', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 27', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 10', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'C 14443', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 13', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 64', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 12', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '0', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 15', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': 'C 7816', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]} values added.
- The clean_cert_ids property was set to {}.
The state was updated.
- The tables_done property was set to True.
08.10.2022 The certificate data changed.
Certificate changed

The computed heuristics were updated.
- The st_references property was updated, with the {'directly_referencing': None, 'indirectly_referencing': None} data.
17.07.2022 The certificate data changed.
Certificate changed

The _type was updated.
- The new value is sec_certs.sample.fips.FIPSCertificate.
The computed heuristics were updated.
- The following values were inserted: {'clean_cert_ids': {'#548': 1}}.
- The _type property was set to sec_certs.sample.fips.FIPSCertificate.Heuristics.
- The keywords property was set to {}.
- The algorithms property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#94', 'algorithm_type': 'RNG', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#43', 'algorithm_type': 'RSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#209', 'algorithm_type': 'SHS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#204', 'algorithm_type': 'CVL', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#232', 'algorithm_type': 'Triple-DES', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#232', 'algorithm_type': 'Triple-DES MAC', 'vendor': None, 'implementation': None, 'date': None}]}.
- The st_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References', 'directly_referencing': {'_type': 'Set', 'elements': ['548']}, 'indirectly_referencing': {'_type': 'Set', 'elements': ['548']}} data.
- The web_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.
The state was updated.
- The _type property was set to sec_certs.sample.fips.FIPSCertificate.InternalState.
- The following properties were deleted: ['fragment_path'].
14.06.2022 The certificate data changed.
Certificate changed

The pdf_scan was updated.
- The keywords property was updated, with the {'rules_cert_id': {}, 'rules_standard_id': {'__update__': {'FIPS ?(?:PUB )?[0-9]+-[0-9]+?': {'__update__': {'FIPS140-2': {'__update__': {'count': 1}}}, '__delete__': ['FIPS 140-2', 'FIPS 186-2', 'FIPS186-2']}, 'FIPS ?(?:PUB )?[0-9]+?': {'__update__': {'FIPS 140': {'__update__': {'count': 1}}}, '__delete__': ['FIPS 201']}, 'PKCS[ #]*[1-9]+': {'__delete__': ['PKCS#1']}, 'ISO/IEC[ ]*[0-9]+[-]*[0-9]*': {'__delete__': ['ISO/IEC 7816', 'ISO/IEC 14443', 'ISO/IEC 7816-3', 'ISO/IEC7816', 'ISO/IEC14443', 'ISO/IEC 7816-4', 'ISO/IEC 7816-5', 'ISO/IEC 9796-2', 'ISO/IEC 9797-1', 'ISO/IEC 14443-2', 'ISO/IEC 14443-3']}, 'ISO/IEC[ ]*[0-9]+': {'__update__': {'ISO/IEC 14443': {'__update__': {'count': 1}}}, '__delete__': ['ISO/IEC 7816', 'ISO/IEC7816', 'ISO/IEC14443']}}}, 'rules_block_cipher_modes': {'__update__': {'ECB': {'__update__': {'ECB': {'__update__': {'count': 1}}}}, 'CBC': {'__update__': {'CBC': {'__update__': {'count': 1}}}}}}} data.
The computed heuristics were updated.
- The keywords property was updated, with the {'rules_cert_id': {}, 'rules_standard_id': {'__update__': {'FIPS ?(?:PUB )?[0-9]+-[0-9]+?': {'__update__': {'FIPS140-2': {'__update__': {'count': 1}}}, '__delete__': ['FIPS 140-2', 'FIPS 186-2', 'FIPS186-2']}, 'FIPS ?(?:PUB )?[0-9]+?': {'__update__': {'FIPS 140': {'__update__': {'count': 1}}}, '__delete__': ['FIPS 201']}, 'PKCS[ #]*[1-9]+': {'__delete__': ['PKCS#1']}, 'ISO/IEC[ ]*[0-9]+[-]*[0-9]*': {'__delete__': ['ISO/IEC 7816', 'ISO/IEC 14443', 'ISO/IEC 7816-3', 'ISO/IEC7816', 'ISO/IEC14443', 'ISO/IEC 7816-4', 'ISO/IEC 7816-5', 'ISO/IEC 9796-2', 'ISO/IEC 9797-1', 'ISO/IEC 14443-2', 'ISO/IEC 14443-3']}, 'ISO/IEC[ ]*[0-9]+': {'__update__': {'ISO/IEC 14443': {'__update__': {'count': 1}}}, '__delete__': ['ISO/IEC 7816', 'ISO/IEC7816', 'ISO/IEC14443']}}}, 'rules_block_cipher_modes': {'__update__': {'ECB': {'__update__': {'ECB': {'__update__': {'count': 1}}}}, 'CBC': {'__update__': {'CBC': {'__update__': {'count': 1}}}}}}} data.
08.03.2022 The certificate data changed.
Certificate changed

The web_scan was updated.
- The following properties were deleted: ['connections'].
The pdf_scan was updated.
- The following properties were deleted: ['connections'].
The computed heuristics were updated.
- The following values were inserted: {'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'web_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}}.
- The following properties were deleted: ['connections', 'directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting'].
18.02.2022 The certificate data changed.
Certificate changed

The computed heuristics were updated.
- The extracted_versions property was set to {'_type': 'Set', 'elements': ['1.08', '1.09']}.
02.02.2022 The certificate data changed.
Certificate changed

The web_scan was updated.
- The module_type property was set to Hardware.
30.01.2022 The certificate was first processed.

New certificate

A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 668,
  "dgst": "6f81082badfd0073",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "RNG#94",
        "CVL#204",
        "Triple-DES MAC#232",
        "RSA#43",
        "SHS#209",
        "Triple-DES#232"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "1.08",
        "1.09"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "548"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "123",
          "112",
          "246",
          "548"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "548"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "RSA": {
          "RSA-PSS": 1,
          "RSA1024": 1
        }
      },
      "certification_process": {
        "ConfidentialDocument": {
          "Integrity Mechanisms. The cryptographic key storage integrity mechanism is described in a separate confidential document called Self Test Description. 10.5.4 Destruction of Keys \u0026 PINs The Oberthur PIV EP destroys": 1,
          "More details about all the power-up self-tests and their implementation are provided in a separate confidential document. 7.3.2 Conditional Tests RSA Key generation: After generating an RSA key pair, the module performs": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 8
        },
        "ECB": {
          "ECB": 6
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "MAC": {
          "MAC": 7
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#1": 1,
          "Certificate 548": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "PKCS #1": 1,
          "PKCS#1": 1,
          "RSA PKCS #1": 1,
          "RSA PKCS#1": 1,
          "RSA1024": 1,
          "SHA-1": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 2": 5,
          "Level 3": 2
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {
        "GlobalPlatform": {
          "Global Platform 2.1.1": 1
        },
        "JavaCard": {
          "JC2.2": 1,
          "Java Card 2.2": 1
        }
      },
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {
        "FI": {
          "Fault Induction": 1,
          "fault induction": 1,
          "fault injection": 1
        },
        "SCA": {
          "DPA": 7,
          "SPA": 8,
          "Timing attacks": 1
        },
        "other": {
          "Bellcore attack": 1,
          "reverse engineering": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140": 5,
          "FIPS 140-2": 14,
          "FIPS 186-2": 1,
          "FIPS 201": 4,
          "FIPS PUB 186-2": 1,
          "FIPS140-2": 3,
          "FIPS186-2": 1
        },
        "ICAO": {
          "ICAO": 1
        },
        "ISO": {
          "ISO/IEC 14443": 14,
          "ISO/IEC 14443-2": 1,
          "ISO/IEC 14443-3": 1,
          "ISO/IEC 14443-4": 1,
          "ISO/IEC 7816": 6,
          "ISO/IEC 7816-2": 1,
          "ISO/IEC 7816-3": 6,
          "ISO/IEC 7816-4": 2,
          "ISO/IEC 7816-5": 2,
          "ISO/IEC 9796-2": 1,
          "ISO/IEC 9797-1": 1,
          "ISO/IEC14443": 2,
          "ISO/IEC7816": 2
        },
        "PKCS": {
          "PKCS #1": 1,
          "PKCS#1": 1
        },
        "SCP": {
          "SCP01": 1
        }
      },
      "symmetric_crypto": {
        "DES": {
          "3DES": {
            "TDES": 28
          },
          "DES": {
            "DES": 8
          }
        },
        "constructions": {
          "MAC": {
            "KMAC": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Oberthur": {
          "OBERTHUR": 2,
          "Oberthur": 51,
          "Oberthur Card Systems": 47
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "cgoyet",
      "/CreationDate": "D:20060427143721-04\u002700\u0027",
      "/Creator": "PScript5.dll Version 5.2",
      "/ModDate": "D:20060427143721-04\u002700\u0027",
      "/Producer": "Acrobat Distiller 6.0 (Windows)",
      "/Title": "OCS PIV EP v1 Security Policy V1.01 _04-27-06_.doc",
      "pdf_file_size_bytes": 277690,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 39
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "736bcc5b7aa10dda6780bbd520aa901a8acdeb7b009abdd89a79959caa962d3d",
    "policy_txt_hash": "4bc9a12a2942a605398f149aa02a32777edb421e5d7b64c449d6ef61b43ec0cd"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "None",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/140crt668.pdf",
    "date_sunset": null,
    "description": "The PIV EP v1 is a fully validated PIV-II \u00ab End Point \u00bb smart card to answer HSPD12. It offers Identity proofing (storage of personal data), User authentication, Card authentication, digital signature, encryption and secure post issuance management. To increase flexibility and customization capabilities, the card supports all PIV optional data containers from SP800-73-1, plus additional non-PIV containers and keys configurable during manufacturing. A built-in Card Single Sign-On application allows multiple on card applications to share the same Card Holder Verification Method (Global PIN).",
    "embodiment": "Single Chip",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Physical Security: Level 3",
      "EMI/EMC: Level 3",
      "Design Assurance: Level 3"
    ],
    "fw_versions": "FW Version E303-063684 with PIV Applet Suite v1 (PIV Applet v1.08 or v1.09 and SSO Applet v1.08",
    "historical_reason": "RNG SP800-131A Revision 1 Transition",
    "hw_versions": "HW P/N 77",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Oberthur PIV EP v1 on ID-One Cosmo 64 v5 D",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2006-05-02",
        "lab": "UL VERIFICATION SERVICES INC",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2007-07-27",
        "lab": "",
        "validation_type": "Update"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2014-02-06",
        "lab": "",
        "validation_type": "Update"
      }
    ],
    "vendor": "Oberthur Card Systems",
    "vendor_url": "http://www.oberthurusa.com"
  }
}

Oberthur PIV EP v1 on ID-One Cosmo 64 v5 D

Certificate #668

Webpage information ?

Security policy ?

Cryptography

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Block cipher modes

Device

JavaCard versions

Vendor

Security

Security level

Side-channel analysis

Certification process

Other

Standards

File metadata

References

Heuristics ?

References ?

Updates ?

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

New certificate

Raw data