{"_id": "62205bdd6007814c", "_type": "sec_certs.sample.cc.CCCertificate", "dgst": "62205bdd6007814c", "status": "active", "category": "ICs, Smart Cards and Smart Card-Related Devices and Systems", "name": "MultiApp V5.1 Java Card Virtual MachineConfiguration 1 : 5.1 revision B version 2 (0x3055) et filter set 0x00,configuration 2 : 5.1 revision C version 2 (0x3055) et filter set 0x10,configuration 3 : 5.1 revision B version 2 (0x3055) et filter set 0x14,configuration 4 : 5.1 revision C version 2 (0x3055) et filter set 0x24 (ANSSI-CC-2026/02)", "manufacturer": "THALES DIS FRANCE SA", "scheme": "FR", "security_level": {"_type": "Set", "elements": ["EAL7"]}, "not_valid_before": "2026-02-16", "not_valid_after": "2031-02-16", "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2026-02-rapport.pdf", "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2026-02-cible.pdf", "cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2026-02-certificat.pdf", "manufacturer_web": "https://www.thalesgroup.com/en/europe/france", "protection_profile_links": {"_type": "Set", "elements": []}, "maintenance_updates": {"_type": "Set", "elements": []}, "state": {"_type": "sec_certs.sample.cc_eucc_common.InternalState", "report": {"_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_ok": true, "extract_ok": true, "pdf_hash": "e421ab0c7106773659540f921c263426118c01272a81e27ad982ca75686de014", "txt_hash": "9bcf641c5098dae0e17a7ccec5e4b5545444c4afa800d59eee4f6a3e42dc1804", "json_hash": null}, "st": {"_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_ok": true, "extract_ok": true, "pdf_hash": "6bbef7e7853385f139bab949e0000369a12a4553c2923a2c8d1174d61bcbaaf8", "txt_hash": "11dcd7f68c97baeb9b850e5dca9402c422cf5863cf4e3ff7286f48cc15850bf2", "json_hash": null}, "cert": {"_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_ok": true, "extract_ok": false, "pdf_hash": "c2ca392b6cb2e116aa3dee25ed1ec3fe4c027c2e6d542819cc45dbd70c137976", "txt_hash": "3f0a69991e49acbb51085c349b35c89660b209bf67ac7d6ced0beb8f41fdf71d", "json_hash": null}}, "pdf_data": {"_type": "sec_certs.sample.cc_eucc_common.PdfData", "report_metadata": {"pdf_file_size_bytes": 869366, "pdf_is_encrypted": false, "pdf_number_of_pages": 15, "/Producer": "PDFKit.NET 26.1.0.63468 DMV9", "/CreationDate": "D:20260212105954+01'00'", "/ModDate": "D:20260217085005+00'00'", "/Creator": "Acrobat PDFMaker 25 pour Word", "pdf_hyperlinks": {"_type": "Set", "elements": ["http://www.sogis.eu/", "http://www.cyber.gouv.fr/", "http://www.commoncriteriaportal.org/", "mailto:certification@ssi.gouv.fr"]}}, "st_metadata": {"pdf_file_size_bytes": 1789546, "pdf_is_encrypted": false, "pdf_number_of_pages": 63, "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_Enabled": "true", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_SetDate": "2024-06-25T15:19:37Z", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_Method": "Standard", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_Name": "DIS Limited Distribution Scope", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_SiteId": "6e603289-5e46-4e26-ac7c-03a85420a9a5", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_ActionId": "2cd0a445-651b-48d3-8019-2df0b93c1cab", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_ContentBits": "3", "/Producer": "Microsoft\u00ae Word for Microsoft 365", "/Creator": "Microsoft\u00ae Word for Microsoft 365", "/CreationDate": "D:20251212181023+01'00'", "/ModDate": "D:20251212181023+01'00'", "pdf_hyperlinks": {"_type": "Set", "elements": []}}, "cert_metadata": null, "report_frontpage": {"FR": {}}, "st_frontpage": null, "cert_frontpage": null, "report_keywords": {"cc_cert_id": {"FR": {"ANSSI-CC-2026/02": 3, "ANSSI-CC-2025/55": 1}}, "cc_protection_profile_id": {}, "cc_security_level": {"EAL": {"EAL7": 3, "EAL2": 2, "EAL6": 1, "EAL 7": 1}, "ITSEC": {"ITSEC E6 Elev\u00e9": 1}}, "cc_sar": {"AGD": {"AGD_OPE": 2, "AGD_PRE": 1}, "ALC": {"ALC_FLR.2": 1, "ALC_FLR": 1}, "AVA": {"AVA_VAN": 1}}, "cc_sfr": {}, "cc_claims": {}, "vendor": {}, "eval_facility": {"CESTI": {"CESTI": 3}, "CEA-LETI": {"CEA - LETI": 1}}, "symmetric_crypto": {"DES": {"DES": {"DES": 1}}}, "asymmetric_crypto": {}, "pq_crypto": {}, "hash_function": {}, "crypto_scheme": {}, "crypto_protocol": {}, "randomness": {}, "cipher_mode": {}, "ecc_curve": {}, "crypto_engine": {}, "tls_cipher_suite": {}, "crypto_library": {}, "vulnerability": {}, "side_channel_analysis": {}, "technical_report_id": {}, "device_model": {}, "tee_name": {}, "os_name": {}, "cplc_data": {}, "ic_data_group": {}, "standard_id": {"CC": {"CCMB-2017-04-001": 1, "CCMB-2017-04-002": 1, "CCMB-2017-04-003": 1, "CCMB-2017-04-004": 1}}, "javacard_version": {}, "javacard_api_const": {}, "javacard_packages": {}, "certification_process": {}}, "st_keywords": {"cc_cert_id": {"FR": {"ANSSI-CC-2023/01-R01": 1}, "NL": {"CC-1": 2, "CC-2": 3, "CC-3": 3}}, "cc_protection_profile_id": {"BSI": {"BSI-CC-PP-0084-": 1, "BSI-CC-PP-0099-V2-2020": 1, "BSI-CC-PP-0084-2014": 1}}, "cc_security_level": {"EAL": {"EAL7": 36, "EAL6": 1, "EAL 6+": 1}}, "cc_sar": {"ADV": {"ADV_ARC.1": 6, "ADV_FSP.6": 5, "ADV_IMP.2": 5, "ADV_INT.3": 2, "ADV_SPM.1": 8, "ADV_TDS.6": 7, "ADV_FSP.4": 4, "ADV_ARC": 1, "ADV_TDS.1": 2, "ADV_IMP.1": 4, "ADV_TDS.3": 3, "ADV_FSP.1": 1, "ADV_FSP.2": 1, "ADV_TDS.4": 1}, "AGD": {"AGD_OPE": 1, "AGD_PRE": 1, "AGD_OPE.1": 6, "AGD_PRE.1": 6}, "ALC": {"ALC_FLR.2": 1, "ALC_CMC.5": 4, "ALC_CMS.5": 1, "ALC_DEL.1": 2, "ALC_DVS.2": 4, "ALC_LCD.2": 3, "ALC_TAT.3": 3, "ALC_TAT.1": 2, "ALC_TAT": 1, "ALC_LCD.1": 1}, "ATE": {"ATE_COV.3": 3, "ATE_DPT.4": 2, "ATE_FUN.2": 4, "ATE_IND.3": 2, "ATE_FUN.1": 3, "ATE_COV.1": 2, "ATE_DPT.1": 1}, "AVA": {"AVA_VAN.5": 2}, "ASE": {"ASE_TSS.2": 1, "ASE_CCL.1": 1, "ASE_ECD.1": 1, "ASE_INT.1": 1, "ASE_OBJ.2": 1, "ASE_REQ.2": 1, "ASE_SPD.1": 1, "ASE_TSS.1": 1}}, "cc_sfr": {"FAU": {"FAU_ARP.1": 1, "FAU_SAS.1": 1}, "FCO": {"FCO_NRO": 1}, "FCS": {"FCS_RNG.1": 2, "FCS_RNG": 1}, "FDP": {"FDP_ACC": 22, "FDP_ACF": 18, "FDP_IFC": 17, "FDP_IFF": 12, "FDP_ROL": 2, "FDP_RIP": 9, "FDP_SDI": 3, "FDP_ITC": 2, "FDP_UIT": 2, "FDP_ACC.2": 2, "FDP_ACF.1": 9, "FDP_IFC.1": 6, "FDP_IFF.1": 8, "FDP_ACC.1": 7, "FDP_SDC.1": 1, "FDP_SDI.2": 1, "FDP_ITT.1": 1, "FDP_UCT.1": 1, "FDP_UIT.1": 1}, "FIA": {"FIA_ATD": 2, "FIA_UID": 5, "FIA_USB": 1, "FIA_UAU": 2, "FIA_UID.1": 1, "FIA_API.1": 1}, "FMT": {"FMT_MSA": 66, "FMT_SMF": 19, "FMT_SMR": 20, "FMT_MTD": 10, "FMT_SMR.1": 9, "FMT_SMF.1": 6, "FMT_MSA.1": 6, "FMT_MSA.2": 2, "FMT_MSA.3": 9, "FMT_MTD.1": 1, "FMT_LIM.1": 1, "FMT_LIM": 10, "FMT_LIM.2": 1}, "FPR": {"FPR_UNO.1": 1, "FPR_UNO": 1}, "FPT": {"FPT_FLS": 10, "FPT_TDC.1": 1, "FPT_RCV": 2, "FPT_TST": 1, "FPT_PHP": 3, "FPT_ITT": 2, "FPT_FLS.1": 1, "FPT_PHP.3": 1, "FPT_ITT.1": 1}, "FRU": {"FRU_FLT.2": 1}, "FTP": {"FTP_ITC": 3, "FTP_TRP": 1, "FTP_ITC.1": 1}}, "cc_claims": {"D": {"D.APP_CODE": 5, "D.APP_C_DATA": 2, "D.APP_I_DATA": 3, "D.PIN": 4, "D.API_DATA": 3, "D.CRYPTO": 3, "D.JCS_CODE": 3, "D.JCS_DATA": 4, "D.SEC_DATA": 5}, "O": {"O.FIREWALL": 15, "O.ARRAY_VIEWS_CONFID": 4, "O.GLOBAL_ARRAYS_INTEG": 4, "O.ARRAY_VIEW_CONFID": 1, "O.ARRAY_VIEWS_INTEG": 2, "O.APPLET": 2, "O.CODE_CAP_FILE": 3, "O.JAVAOBJECT": 38}, "T": {"T.CONFID-APPLI-DATA": 3, "T.CONFID-JCS-CODE": 3, "T.CONFID-JCS-DATA": 3, "T.INTEG-APPLI-CODE": 6, "T.INTEG-APPLI-DATA": 6, "T.INTEG-JCS-CODE": 3, "T.INTEG-JCS-DATA": 3, "T.SID": 6, "T.EXE-CODE": 6, "T.NATIVE": 3}, "A": {"A.VERIFICATION": 3, "A.CAP_FILE": 3}, "R": {"R.JAVA": 9}, "OP": {"OP.ARRAY_ACCESS": 7, "OP.ARRAY_LENGTH": 3, "OP.ARRAY_AASTORE": 3, "OP.ARRAY_T_ALOAD": 3, "OP.ARRAY_T_ASTORE": 3, "OP.CREATE": 9, "OP.DELETE_APPLET": 1, "OP.DELETE_CAP_FILE": 1, "OP.DELETE_CAP_FILE_APPLET": 1, "OP.INSTANCE_FIELD": 6, "OP.INVK_VIRTUAL": 8, "OP.INVK_INTERFACE": 10, "OP.JAVA": 6, "OP.THROW": 7, "OP.TYPE_ACCESS": 7, "OP.PUT": 8, "OP.PUTFIELD": 1, "OP.PUTSTATIC": 1}, "OE": {"OE.VERIFICATION": 25, "OE.CAP_FILE": 4, "OE.CODE-EVIDENCE": 11, "OE.SID": 8, "OE.NATIVE": 7, "OE.OPERATE": 13, "OE.REALLOCATION": 5, "OE.LOAD": 5, "OE.INSTALL": 4, "OE.ALARM": 11, "OE.CARD-MANAGEMENT": 2, "OE.SCP": 16, "OE.CARD_MANAGEMENT": 10}, "OSP": {"OSP.VERIFICATION": 3}}, "vendor": {"Infineon": {"Infineon": 1}, "Thales": {"Thales": 31}}, "eval_facility": {}, "symmetric_crypto": {"AES_competition": {"AES": {"AES": 1}}, "DES": {"DES": {"DES": 1}}, "constructions": {"MAC": {"HMAC": 1}}}, "asymmetric_crypto": {"ECC": {"ECC": {"ECC": 3}}, "FF": {"DH": {"DH": 1}}}, "pq_crypto": {}, "hash_function": {"SHA": {"SHA3": {"SHA3": 1}}}, "crypto_scheme": {}, "crypto_protocol": {"PACE": {"PACE": 2}}, "randomness": {"RNG": {"RNG": 1}}, "cipher_mode": {}, "ecc_curve": {}, "crypto_engine": {}, "tls_cipher_suite": {}, "crypto_library": {}, "vulnerability": {}, "side_channel_analysis": {"SCA": {"physical probing": 1}, "FI": {"malfunction": 1}}, "technical_report_id": {}, "device_model": {}, "tee_name": {"IBM": {"SE": 2}}, "os_name": {}, "cplc_data": {"ICFab": {"IC Fabricator": 1}, "ICType": {"IC Type": 1}}, "ic_data_group": {}, "standard_id": {"BSI": {"BSI-AIS31": 1, "AIS31": 1}, "CC": {"CCMB-2017-04-001": 1, "CCMB-2017-04-002": 1, "CCMB-2017-04-003": 1}}, "javacard_version": {"JavaCard": {"Java Card 3.1": 4}}, "javacard_api_const": {"misc": {"TYPE_ACCESS": 7}}, "javacard_packages": {"javacard": {"javacard.iasclassic": 1, "javacard.mspnp": 1, "javacard.eid": 1, "javacard.fido.ctap": 1}, "javacardx": {"javacardx.gdp": 1}, "com": {"com.gemalto.javacardx.gdp": 1, "com.gemalto.javacard.iasclassic": 1, "com.gemalto.moc.client": 1, "com.gemalto.moc.server": 1, "com.gemalto.javacard.mspnp": 1, "com.gemalto.puredi": 1, "com.gemalto.tacho": 1, "com.gemalto.belpic": 1, "com.gemalto.javacard.eid": 1, "com.gemalto.mpcos": 1, "com.gemalto.javacard.fido.ctap": 1}}, "certification_process": {"OutOfScope": {"out of scope": 10, "biometry is out of scope of the TOE": 2, " \u2022 The DELETE and INSTALL APDU commands are out of scope of this SPM": 1, "1 : MultiApp v5.1 Rev. B with biometry features but forbidden to use without patch (biometry is out of scope of the TOE) 2. Config 2 : MultiApp v5.1 Rev. C with biometry features but forbidden to use without": 1, "biometry is out of scope of the TOE) 3. Config 3 : MultiApp v5.1 Rev. B with biometry features included in the TOE (Upgraded": 1, "1, are out of the scope of the SPM as they are linked to the applet loading or deletion that is out of scope of the SPM boundaries limited to VM opcodes The SFR FMT_MTD.3/JCRE is out of scope of the SPM": 1, "because AID registry is created during loading phase, which is also out of scope of the SPM (Hypothesis 2 of the SPM document [MAV51_SPM]). MultiApp V5.1: Security Target Java": 1, "the active context is not the same as the Selected Applet Context. Application note: This rule is out of scope of the SPM modelisation because CLEAR_ON_DESELECT objects can be created exclusively in the API": 1, "is also out of scope (Hypothesis 4 of the SPM document [MAV51_SPM]).. 3) S.CAP_FILE performing OP.ARRAY_AASTORE of the": 1, "as a null reference. Such a mechanism is implementation-dependent. The deletion of applets is out of scope of this SPM scope. In the case of an array type, fields are components of the array ([JVM], \u00a72.14": 1, "management functions: \u2022 Modify the Currently Active Context Note: the Selected Applet context is out of scope of the VM functionalities. It is a process that occurs prior to VM start The initial setting of": 1, "and deletion; see #.DELETION and #.INSTALL). \u2022 The DELETE and INSTALL APDU commands are out of scope of this SPM. The list of registred applets\u2019 AIDs is proven to be not modified during the execution": 1}}}, "cert_keywords": {"cc_cert_id": {"FR": {"ANSSI-CC-2026/02": 2}}, "cc_protection_profile_id": {}, "cc_security_level": {"EAL": {"EAL7": 1, "EAL2": 1}}, "cc_sar": {}, "cc_sfr": {}, "cc_claims": {}, "vendor": {}, "eval_facility": {"CEA-LETI": {"CEA - LETI": 1}}, "symmetric_crypto": {}, "asymmetric_crypto": {}, "pq_crypto": {}, "hash_function": {}, "crypto_scheme": {}, "crypto_protocol": {}, "randomness": {}, "cipher_mode": {}, "ecc_curve": {}, "crypto_engine": {}, "tls_cipher_suite": {}, "crypto_library": {}, "vulnerability": {}, "side_channel_analysis": {}, "technical_report_id": {}, "device_model": {}, "tee_name": {}, "os_name": {}, "cplc_data": {}, "ic_data_group": {}, "standard_id": {}, "javacard_version": {}, "javacard_api_const": {}, "javacard_packages": {}, "certification_process": {}}, "report_filename": "ANSSI-CC-2026-02-rapport.pdf", "st_filename": "ANSSI-CC-2026-02-cible.pdf", "cert_filename": "ANSSI-CC-2026-02-certificat.pdf"}, "heuristics": {"_type": "sec_certs.sample.cc_eucc_common.Heuristics", "extracted_versions": {"_type": "Set", "elements": ["5.1"]}, "cpe_matches": null, "verified_cpe_matches": null, "related_cves": null, "cert_lab": null, "cert_id": "ANSSI-CC-2026/02", "prev_certificates": null, "next_certificates": null, "st_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, "indirectly_referenced_by": null, "directly_referencing": {"_type": "Set", "elements": ["ANSSI-CC-2023/01-R01"]}, "indirectly_referencing": {"_type": "Set", "elements": ["ANSSI-CC-2023/01-R01"]}}, "report_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, "indirectly_referenced_by": null, "directly_referencing": {"_type": "Set", "elements": ["ANSSI-CC-2025/55"]}, "indirectly_referencing": {"_type": "Set", "elements": ["ANSSI-CC-2025/55", "ANSSI-CC-2023/01-R01"]}}, "annotated_references": null, "extracted_sars": {"_type": "Set", "elements": [{"_type": "sec_certs.sample.sar.SAR", "family": "AVA_VAN", "level": 5}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_SPD", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_INT", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_ECD", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_TAT", "level": 3}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_DVS", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_LCD", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_REQ", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_IMP", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_TDS", "level": 6}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_FLR", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_OBJ", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_DEL", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "AGD_PRE", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ATE_FUN", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_CCL", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ATE_IND", "level": 3}, {"_type": "sec_certs.sample.sar.SAR", "family": "AGD_OPE", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_CMS", "level": 5}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_TSS", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_ARC", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_SPM", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_INT", "level": 3}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_CMC", "level": 5}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_FSP", "level": 6}, {"_type": "sec_certs.sample.sar.SAR", "family": "ATE_COV", "level": 3}, {"_type": "sec_certs.sample.sar.SAR", "family": "ATE_DPT", "level": 4}]}, "direct_transitive_cves": null, "indirect_transitive_cves": null, "scheme_data": null, "protection_profiles": null, "eal": "EAL7"}}