crocs-muni · adamjanovsky · Jan 16, 2025 · Jan 22, 2025 · Jan 22, 2025 · Jan 22, 2025
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -1,17 +1,18 @@
 repos:
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.2.2
+    rev: v0.7.4
     hooks:
       - id: ruff
       - id: ruff-format
         args: ["--check"]
   - repo: https://github.com/pre-commit/mirrors-mypy
-    rev: "v1.8.0"
+    rev: "v1.13.0"
     hooks:
       - id: mypy
         additional_dependencies:
           - "numpy"
           - "types-PyYAML"
           - "types-python-dateutil"
           - "types-requests"
+          - "types-dateparser"
           - "datasets"
diff --git a/README.md b/README.md
@@ -68,8 +68,8 @@ df_2015_and_newer = df.loc[df.year_from > 2014]
 df.year_from.value_counts().sort_index().plot.line()
 ```
 
-<!-- ## Authors
+## Authors
 
 This work is being done at [CRoCS MUNI](https://crocs.fi.muni.cz/) by Adam Janovsky, Jan Jancar, Petr Svenda, Jiri Michalik, Lukasz Chmielewski and other contributors. This work was supported by the Internal grant agency of Masaryk University, CZ.02.2.69/0.0/0.0/19_073/0016943.
 
-![](docs/_static/logolink_OP_VVV_hor_barva_eng.jpg) -->
+![](docs/_static/logolink_OP_VVV_hor_barva_eng.jpg)
diff --git a/docs/_static/favicon.png b/docs/_static/favicon.png
diff --git a/docs/_static/logo_dark.svg b/docs/_static/logo_dark.svg
diff --git a/docs/api/dataset.md b/docs/api/dataset.md
@@ -8,7 +8,7 @@
 This documentation doesn't provide full API reference for all members of `dataset` package. Instead, it concentrates on the Dataset that are immediately exposed to the users. Namely, we focus on `CCDataset`, `FIPSDataset` and their abstract base class `Dataset`.
 
 ```{tip}
-The examples related to this package can be found at [common criteria notebook](./../notebooks/examples/cc.ipynb) and [fips notebook](./../notebooks/examples/fips.ipynb).
+The examples related to this package can be found in the [common criteria notebook](./../notebooks/examples/cc.ipynb) and the [fips notebook](./../notebooks/examples/fips.ipynb).
 ```
 
 ## CCDataset

diff --git a/docs/api/model.md b/docs/api/model.md
@@ -6,7 +6,7 @@
 ```
 
 ```{tip}
-The examples related to this package can be found at [model notebook](./../notebooks/examples/model.ipynb).
+The examples related to this package can be found in the [model notebook](./../notebooks/examples/model.ipynb).
 ```
 
 ## CPEClassifier

diff --git a/docs/api/sample.md b/docs/api/sample.md
@@ -6,7 +6,7 @@
 ```
 
 ```{tip}
-The examples related to this package can be found at [common criteria notebook](./../notebooks/examples/cc.ipynb) and [fips notebook](./../notebooks/examples/fips.ipynb).
+The examples related to this package can be found in the [common criteria notebook](./../notebooks/examples/cc.ipynb) and the [fips notebook](./../notebooks/examples/fips.ipynb).
 ```
 
 ## CCCertificate

diff --git a/docs/conf.py b/docs/conf.py
@@ -17,9 +17,9 @@
 
 # -- Project information -----------------------------------------------------
 
+author = "CRoCS MUNI"
 project = "sec-certs"
-copyright = "Anonymized | 2020-2023"
-# copyright = "CRoCS MUNI | 2020-2023"
+copyright = "CRoCS MUNI | 2020-2024"
 
 # Note thas this inference won't work from Docker: https://github.com/pypa/setuptools_scm/#usage-from-docker
 release = ".".join(get_version("sec-certs").split(".")[:3])
@@ -61,7 +61,7 @@
 html_static_path = ["_static"]
 
 html_logo = "_static/logo.png"
-html_favicon = "_static/logo_badge.png"
+html_favicon = "_static/favicon.png"
 
 html_theme_options = {
     "repository_url": "https://github.com/crocs-muni/sec-certs",

diff --git a/docs/index.md b/docs/index.md
@@ -2,7 +2,7 @@
 
 Welcome to the technical documentation of *sec-certs* tool for the data analysis of products certified with Common Criteria or FIPS 140 frameworks. If you're looking for general description of the tool, its use cases and capabilites, we refer you to [sec-certs homepage](https://sec-certs.org/). If you are looking for more advanced knowledge, e.g. how to mine your own data, how to extend the tool, and so forth, this is the right place.
 
-There are three main parts of this documentation. *User's guide* describes high-level use of our tool. Driven by this knowledge, you can progress to *Notebook examples* that showcase some of the API that we use in the form of Jupyter notebooks. The documentation also contains some of the modules documented with `autodoc`, see *API reference*. Still, some dark corners of our codebase are not documented. To inspect the code directly, see the [sec_certs](https://github.com/crocs-muni/sec-certs/tree/main/src/sec_certs) module. If you want, you can run the notebooks as they are stored in the [project repository](https://github.com/crocs-muni/sec-certs/tree/main/notebooks). If you are interested in contributing to our project or in other aspects of our development, you can consult the relevant *GitHub artifacts*
+There are three main parts of this documentation. *Quickstart* describes high-level use of our tool. Driven by this knowledge, you can progress to *Notebook examples* that showcase some of the API that we use in the form of Jupyter notebooks. The documentation also contains some of the modules documented with `autodoc`, see *API reference*. Still, some dark corners of our codebase are not documented. To inspect the code directly, see the [sec_certs](https://github.com/crocs-muni/sec-certs/tree/main/src/sec_certs) module. If you want, you can run the notebooks as they are stored in the [project repository](https://github.com/crocs-muni/sec-certs/tree/main/notebooks). If you are interested in contributing to our project or in other aspects of our development, you can consult the relevant *GitHub artifacts*.
 
 ```{button-ref} quickstart
 :align: center
@@ -21,7 +21,7 @@ Each of the notebooks can be launched interactively in MyBinder by clicking on
 :maxdepth: 1
 Sec-certs homepage <https://sec-certs.org/>
 Sec-certs docs <https://sec-certs.org/docs>
-GitHub repo <https://anonymous.4open.science/r/sec-certs-7A92>
+GitHub repo <https://github.com/crocs-muni/sec-certs>
 ```
 
 ```{toctree}
@@ -32,18 +32,19 @@ installation.md
 quickstart.md
 configuration.md
 user_guide.md
+search_examples.md
 ```
 
 ```{toctree}
 :caption: Notebook examples
 :hidden: True
 :maxdepth: 1
-notebooks/examples/est_solution.ipynb
-notebooks/examples/cc.ipynb
-notebooks/examples/fips.ipynb
-notebooks/examples/model.ipynb
-notebooks/examples/fips_iut.ipynb
-notebooks/examples/fips_mip.ipynb
+Demo <notebooks/examples/est_solution.ipynb>
+Common Criteria <notebooks/examples/cc.ipynb>
+FIPS-140 <notebooks/examples/fips.ipynb>
+FIPS-140 IUT <notebooks/examples/fips_iut.ipynb>
+FIPS-140 MIP <notebooks/examples/fips_mip.ipynb>
+Model <notebooks/examples/model.ipynb>
 ```
 
 ```{toctree}
@@ -59,7 +60,7 @@ api/model.md
 :maxdepth: 1
 :hidden: True
 :caption: GitHub artifacts
-readme.md
+README <readme.md>
 contributing.md
 code_of_conduct.md
 license.md

diff --git a/docs/search_examples.md b/docs/search_examples.md
@@ -0,0 +1,91 @@
+# Search examples
+
+The goal is to provide a curated catalog of search strings over Common Criteria and FIPS-140
+certification artifacts executed on the [sec-certs](https://sec-certs.org) webpage.
+
+
+| {fas}`people-group`    | You are encouraged to contribute - please create a pull request and insert an entry into a suitable section **lexicographically**. Thank you! |
+|------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------|
+
+The sec-certs started in 2019 with the goal of providing automatic processing of certification artifacts.
+The extensive collection of keyword search regex strings is already included by the project in
+[rules.yml](https://github.com/crocs-muni/sec-certs/blob/main/src/sec_certs/rules.yaml) file.
+Custom full text and title-only searches are additionally possible via the web interface.
+This document provides a list of read-to-use *aggregated* search strings for different domains
+using [Whoosh query language](https://whoosh.readthedocs.io/en/latest/querylang.html).
+If you will find this list helpful, please consider citing our work as:
+```latex
+@article{sec-certs,
+	title = {sec-certs: Examining the security certification practice for better vulnerability mitigation},
+	journal = {Computers & Security},
+	volume = {143},
+	year = {2024},
+	issn = {0167-4048},
+	doi = {10.1016/j.cose.2024.103895},
+	url = {https://www.sciencedirect.com/science/article/pii/S0167404824001974},
+	author = {Adam Janovsky and Jan Jancar and Petr Svenda and Łukasz Chmielewski and Jiri Michalik and Vashek Matyas},
+	keywords = {Security certification, Common criteria, Vulnerability assessment, Data analysis, Smartcards}
+}
+```
+
+### Format and notation
+> **Search string goal: Common Criteria** (hyperlinked to search on sec-certs.org page) **( {fas}`network-wired` )**(result of search visualized in graph of references)**, FIPS-140  ( {fas}`network-wired` )**
+> <br>
+> `whole search string` (for manual cut&paste)
+> <br>
+> Short description of search string targeted domain, expected results and interpretation.
+
+````{warning}
+False positives may be present, always check the actual certification document as
+search hit may still be 'out of ToE scope', with 'no security functionality claimed' etc.
+````
+
+---
+
+## Cryptographic capabilities
+
+### Multi-party security
+- Multi-party security use: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=%22multiparty%22%20OR%20%22SMPC%22%20OR%20%22Multi-Party%22%20OR%20%22FROST%22&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=%22multiparty%22%20OR%20%22SMPC%22%20OR%20%22Multi-Party%22%20OR%20%22FROST%22&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), [FIPS-140](https://sec-certs.org/fips/ftsearch/?q=%22multiparty%22%20OR%20%22SMPC%22%20OR%20%22Multi-Party%22%20OR%20%22FROST%22&cat=abcdef&status=Any&type=any) ([{fas}`network-wired`](https://sec-certs.org/fips/network/?q=%22multiparty%22%20OR%20%22SMPC%22%20OR%20%22Multi-Party%22%20OR%20%22FROST%22&cat=abcdef&status=Any&type=any&search=fulltext))
+  <br>
+ ```"multiparty" OR "SMPC" OR "Multi-Party" OR "FROST"```
+  <br> 
+Certificates mentioning generically any multiparty execution, hopefully in security or even cryptographic context. 
+
+
+### Post-quantum cryptography
+- Post-quantum algorithms support: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=%22post%20quantum%22%20OR%20%22post-quantum%22%20OR%20%22PQC%22%20OR%20%22KYBER%22%20OR%20%22SPHINCS%22%20OR%20%22NTRU%22%20OR%20%22XMSS%22%20OR%20%22LWE%22%20OR%20%22CSIDH%22%20OR%20%22BLISS%22%20OR%20%22RLCE%22%20OR%20%22McEliece%22%20OR%20%22CRYSTALS%22%20OR%20%22Dilithium%22&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=%22post%20quantum%22%20OR%20%22post-quantum%22%20OR%20%22PQC%22%20OR%20%22KYBER%22%20OR%20%22SPHINCS%22%20OR%20%22NTRU%22%20OR%20%22XMSS%22%20OR%20%22LWE%22%20OR%20%22CSIDH%22%20OR%20%22BLISS%22%20OR%20%22RLCE%22%20OR%20%22McEliece%22%20OR%20%22CRYSTALS%22%20OR%20%22Dilithium%22&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), [FIPS-140](https://sec-certs.org/fips/ftsearch/?q=%22post%20quantum%22%20OR%20%22post-quantum%22%20OR%20%22PQC%22%20OR%20%22KYBER%22%20OR%20%22SPHINCS%22%20OR%20%22NTRU%22%20OR%20%22XMSS%22%20OR%20%22LWE%22%20OR%20%22CSIDH%22%20OR%20%22BLISS%22%20OR%20%22RLCE%22%20OR%20%22McEliece%22%20OR%20%22CRYSTALS%22%20OR%20%22Dilithium%22&cat=abcdef&status=Any&type=any) ([{fas}`network-wired`](https://sec-certs.org/fips/network/?q=%22post%20quantum%22%20OR%20%22post-quantum%22%20OR%20%22PQC%22%20OR%20%22KYBER%22%20OR%20%22SPHINCS%22%20OR%20%22NTRU%22%20OR%20%22XMSS%22%20OR%20%22LWE%22%20OR%20%22CSIDH%22%20OR%20%22BLISS%22%20OR%20%22RLCE%22%20OR%20%22McEliece%22%20OR%20%22CRYSTALS%22%20OR%20%22Dilithium%22&cat=abcdef&status=Any&type=any&search=fulltext))
+  <br>
+ ```"post quantum" OR "post-quantum" OR "PQC" OR "KYBER" OR "SPHINCS" OR "NTRU" OR "XMSS" OR "LWE" OR "CSIDH" OR "BLISS" OR "RLCE" OR "McEliece" OR "CRYSTALS" OR "Dilithium"```
+  <br> 
+Certificates mentioning post-quantum cryptographic algorithms support.
+
+## Vulnerabilites assesment
+
+### ROCA vulnerability
+ROCA [CVE-2017-15361](https://nvd.nist.gov/vuln/detail/CVE-2017-15361) is private key recovery vulnerability present in Infineon RSALib library used by smartcard and TPM devices between roughly 2004 and 2017. More details available [here](https://crocs.fi.muni.cz/papers/rsa_ccs17). 
+
+- ROCA-vulnerable Infineon RSALib library v1.02.013: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=%22v1.02.013%22&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=%22v1.02.013%22&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), no FIPS-140
+  <br>
+ ```"v1.02.013"```
+  <br> 
+Certificates mentioning confirmed vulnerable version of Infineon RSALib 1.02.013 library.
+
+- ROCA-vulnerable Infineon RSALib library and similar (wildcard) v1.02.0??: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=v1.02.0*&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=v1.02.0*&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), no FIPS-140
+  <br>
+ ```v1.02.0*```
+  <br> 
+Certificates mentioning Infineon RSALib 1.02.013 and other similar library versions. Versions v1.02.008, v1.02.010, v1.02.014 possibly also vulnerable.
+
+- ROCA-vulnerable (likely) Infineon RSALib libraries other than v1.02.013: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=v1.02.0*%20NOT%20%22v1.02.013%22&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=v1.02.0*%20NOT%20%22v1.02.013%22&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), no FIPS-140
+  <br>
+ ```v1.02.0* NOT "v1.02.013"```
+  <br> 
+Certificates mentioning posibly vulnerable RSALib version other than v1.02.013. Versions v1.02.008, v1.02.010, v1.02.014 possibly also vulnerable.
+
+- Certificate IDs from Austria report 163484: [Common Criteria](https://sec-certs.org/cc/ftsearch/?q=%22BSI-DSZ-CC-0833-2013%22%20OR%20%22BSI-DSZ-CC-0921-2014%22%20OR%20%22BSI-DSZ-CC-0782-2012%22%20OR%20%22BSI-DSZ-CC-0758-2012%22%20OR%20%22ANSSI-CC-2013%2F55%22&cat=abcdefghijklmop&status=any&type=any) ([{fas}`network-wired`](https://sec-certs.org/cc/network/?q=%22BSI-DSZ-CC-0833-2013%22%20OR%20%22BSI-DSZ-CC-0921-2014%22%20OR%20%22BSI-DSZ-CC-0782-2012%22%20OR%20%22BSI-DSZ-CC-0758-2012%22%20OR%20%22ANSSI-CC-2013%2F55%22&cat=abcdefghijklmop&status=any&type=any&search=fulltext)), no FIPS-140
+  <br>
+ ```"BSI-DSZ-CC-0833-2013" OR "BSI-DSZ-CC-0921-2014" OR "BSI-DSZ-CC-0782-2012" OR "BSI-DSZ-CC-0758-2012" OR "ANSSI-CC-2013/55"```
+  <br> 
+Certificates mentioning certificate IDs directly or indirectly mentioned in [Austria report 163484](https://archive.org/details/incident-report-id-163484-austria) related to Estonian eID platform (ANSSI-CC-2013/55).
+
+## Unsorted