Validated Product - Public Key Infrastructure Framework Version 2.1

Certificate Date: 08 January 2008

Validation Report Number: CCEVS-VR-VID10235-2008

Product Type: PKI/KMI

Conformance Claim: EAL4 Augmented with ALC_FLR.2

PP Identifier: U.S. Government Family of Protection Profiles for Public Key-Enabled Applications for Basic Robustness Environments, Version 2.77 (Archived)

CC Testing Lab: atsec information security corporation

CC Certificate [PDF]
Security Target [PDF]
Validation Report [PDF]

PRODUCT DESCRIPTION

The target of evaluation (TOE) is the Public Key Infrastructure Framework Version 2.1 (PKIFv2). PKIFv2 is a toolkit used by application developers to incorporate secure PKI functionality into an application. The TOE provides a collection of extensible C++ classes, packaged as a dynamic-link library on Windows platforms or a dynamically loaded shared library on Linux and UNIX platforms, that perform a variety of basic PKI-related functions.

  • The following security functions are implemented by PKIFv2 and have been assessed as part of this evaluation:
  • The TOE performs X.509 certification path processing, including path building and path validation.
  • The TOE performs digital signature generation and verification in conformance to RFC 3369.
  • The TOE performs public key encryption and decryption of public key using key transfer algorithms in compliance with RFC 3369.

SECURITY EVALUATION SUMMARY

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the PKIFv2 TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 2.3, and National and International Interpretations effective on 2007-03-20. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3.

The CCTL (atsec) determined that the Target of Evaluation is conformant with Evaluation Assurance Level (EAL) 4, augmented with ACL_FLR.2. The product, when configured as specified by the Common Criteria guidance, satisfies all of the security functional requirements stated in the Public Key Infrastructure Framework Version 2.1 Security Target, and is compliant with the U.S. Government Family of Protection Profiles Public Key-Enabled Applications for Basic Robustness Environments, Version 2.77, February 1, 2007 (PKE PP). The evaluation was completed in October 2007. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report prepared by CCEVS.

ENVIRONMENTAL STRENGTHS

The functionality of PKIFv2 is consistent with the requirements stated in the PKE PP on the platforms specified in the Security Target.
The purpose of PKIFv2, the TOE, is to provide secure PKI support to an application. The TOE is intended to be incorporated into a software application, which is part of the TOE environment. The TOE is a software library and, as such, does not offer self-protection; corresponding assumptions on the IT and operational environment are defined in the Security Target and reflected in the guidance provided to consumers. The TOE provides the capability to process certification paths, generate and verify digital signatures, and encrypt and decrypt public keys.

PKIFv2 is implemented by CygnaCom Solutions, Inc. for numerous operational platforms. This evaluation covers PKIFv2 on the platforms and operating systems specified in the Security Target.

The TOE itself does not perform any cryptographic operations; it relies on Cryptographic Service Providers (CSPs) provided by the underlying IT environment. In the evaluated version, the CSP must be a Microsoft CAPI on Windows or Network Security Services (NSS) on Linux platform that has been validated according to FIPS 140 Level 1 or higher.

The following security functions are implemented by PKIFv2 and have been assessed as part of this evaluation:

  • Certification path processing

The TOE offers certification path processing, which includes path building and validating, and certificate revocation status checking. Certification path validation consists of validating certificates starting with the certificate certified by a trust anchor and ending with the certificate issued to the subscriber of interest.

The TOE is also capable of generating Online Certificate Status Protocol (OCSP) requests and validating OCSP responses to determine revocation status of public key certificates. Furthermore, the TOE verifies OCSP Responder as a trust anchor, as a CA, or as an end entity authorized to sign OCSP responses. The TOE establishes trust in the OCSP responder certificates by performing certification path validation.

The TOE provides Certificate Revocation List (CRL) validation functionality that enables applications to determine the revocation status of a certificate by using a CRL. The TOE is capable of processing CRLs that are obtained from specified sources, including locations indicated by a CRL Distribution Point extension, local storage facilities, or LDAP-accessible directories. The TOE environment is responsible to control access to the API to the users in the TOE environment that are authorized to use the provided functions.

PKIFv2 supports X.509 version 3 certificates and CRLs, versions 1 and 2. All processing is compliant to X.509 and RFC3280 specifications.

  • Signature generation and verification

The TOE offers the capability to process digital signature generation and verification using CMS format in conformance to RFC 3369.

  • Public key encryption and decryption

The TOE offers the capability to perform public key encryption and decryption using key transfer algorithms (e.g., TDES, AES, DES) in compliance with RFC 3369.

Vendor Information

Vendor logo

LtCol Bradley R. Schieferdecker
703-432-5136
703-432-5184 (Fax)