| name |
Bundesdruckerei Document Application with tamper-evident casing, Document Application Version 2.4.6; (Firmware Vers. 1.3.28, HW Vers. 0) |
MultiApp V5.1 JCSConfiguration 1 : 5.1 revision B version 2 (0x3055) et filter set 0x00,configuration 2 : 5.1 revision C version 2 (0x3055) et filter set 0x10,configuration 3 : 5.1 revision B version 2 (0x3055) et filter set 0x14,configuration 4 : 5.1 revision C version 2 (0x3055) et filter set 0x24(ANSSI-CC-2025/55) |
| category |
Other Devices and Systems |
ICs, Smart Cards and Smart Card-Related Devices and Systems |
| scheme |
DE |
FR |
| status |
active |
active |
| not_valid_after |
27.10.2026 |
04.02.2031 |
| not_valid_before |
27.10.2021 |
04.02.2026 |
| cert_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1181c_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2025-55-certificat.pdf |
| report_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1181a_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2025-55-rapport.pdf |
| st_link |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/1181b_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2025-55-cible.pdf |
| manufacturer |
Bundesdruckerei GmbH |
THALES DIS FRANCE SA |
| manufacturer_web |
https://www.bundesdruckerei.de |
https://www.thalesgroup.com/en/europe/france |
| security_level |
EAL3 |
ALC_FLR.2, EAL6+ |
| dgst |
4be309edc35f4fe0 |
2317867e9472732a |
| heuristics/cert_id |
BSI-DSZ-CC-1181-2021 |
ANSSI-CC-2025/55 |
| heuristics/cert_lab |
BSI |
[] |
| heuristics/cpe_matches |
{} |
{} |
| heuristics/verified_cpe_matches |
{} |
{} |
| heuristics/related_cves |
{} |
{} |
| heuristics/direct_transitive_cves |
{} |
{} |
| heuristics/indirect_transitive_cves |
{} |
{} |
| heuristics/extracted_sars |
ADV_ARC.1, ATE_COV.2, ATE_FUN.1, ASE_TSS.1, ALC_DEL.1, AVA_VAN.5, ASE_INT.1, ALC_CMC.3, ASE_CCL.1, ALC_LCD.1, ADV_TDS.2, ASE_REQ.2, AGD_OPE.1 |
ALC_CMS.5, ADV_INT.3, ADV_IMP.2, ASE_ECD.1, ATE_FUN.2, AVA_VAN.5, ATE_IND.2, AGD_PRE.1, ASE_OBJ.2, ADV_TDS.5, ALC_DVS.2, AGD_OPE.1, ASE_TSS.2, ATE_COV.3, ALC_CMC.5, ADV_SPM.1, ATE_DPT.3, ASE_REQ.2, ALC_TAT.3, ADV_ARC.1, ALC_DEL.1, ALC_FLR.2, ASE_INT.1, ASE_CCL.1, ALC_LCD.1, ADV_FSP.5, ASE_SPD.1 |
| heuristics/extracted_versions |
1.3.28, 2.4.6 |
5.1 |
| heuristics/prev_certificates |
{} |
{} |
| heuristics/next_certificates |
{} |
{} |
| heuristics/report_references/directly_referenced_by |
BSI-DSZ-CC-1215-2023 |
ANSSI-CC-2026/02, ANSSI-CC-2025/58 |
| heuristics/report_references/directly_referencing |
BSI-DSZ-CC-1161-2020 |
ANSSI-CC-2023/01-R01 |
| heuristics/report_references/indirectly_referenced_by |
BSI-DSZ-CC-1215-2023, BSI-DSZ-CC-1247-2025 |
ANSSI-CC-2026/02, ANSSI-CC-2025/58 |
| heuristics/report_references/indirectly_referencing |
BSI-DSZ-CC-1125-2019, BSI-DSZ-CC-1093, BSI-DSZ-CC-1161-2020 |
ANSSI-CC-2023/01-R01 |
| heuristics/scheme_data |
- category: Electronic ID documents
- cert_id: BSI-DSZ-CC-1181-2021
- certification_date: 27.10.2021
- enhanced:
- applicant: Bundesdruckerei GmbH Kommandantenstraße 18 10969 Berlin
- assurance_level: EAL3
- cert_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1181c_pdf.pdf?__blob=publicationFile&v=2
- certification_date: 27.10.2021
- description: The Target of Evaluation (TOE) is the Bundesdruckerei Document Application with tamper-evident casing 2.4.6. The Document Application is running on a Document Management Terminal (DMT). It is used to read the German Passport (ePass), to read and update the electronic data of the German identification card (“Personalausweis (PA)”) and electronic resident permit (“elektronischer Aufenthaltstitel (eAT)”) as well as to verify the document’s authenticity and the integrity of its data. The TOE is operated by governmental organisations, e.g. municipal office, police, government or other state approved agencies. The TOE is specifically applied in registration offices to allow card holders to verify that their ePass, PA or eAT is working correctly. In case of PA and eAT it is further possible to update the address information of the card holder, the card holder’s PIN for eID applications, and the community ID (“Gemeindeschlüssel”). In addition, the eID application functionality of the PA or eAT can be activated or deactivated. Additionally the TOE ensures secure communication to external control software and provides a tamper-evident enclosure. Necessary protocols for the communication of the TOE with the electronic identity documents like the ePass, PA or eAT are described in [ICAO_9303], [TR-03110-1], [TR-03110-2], and [TR-03110-3].
- entries: [frozendict({'id': 'BSI-DSZ-CC-1181-2021-MA-02 (Ausstellungsdatum / Certification Date 23.05.2022)', 'description': '"Rest of the terminal firmware (including the Operating System)"'}), frozendict({'id': 'BSI-DSZ-CC-1181-2021-MA-01 (Ausstellungsdatum / Certification Date 09.03.2022)', 'description': 'Vers. 0) was changed due to an update of the Rest of the terminal firmware (including the Operating System). Configuration Management procedures required a change in the product identifier. Therefore the version number of the Firmware changed from 1.3.28 to 1.4.8. The changes also cover an minor update of the user guidance related to this version number.'}), frozendict({'id': 'BSI-DSZ-CC-1181-2021', 'description': 'Certificate'})]
- evaluation_facility: TÜV Informationstechnik GmbH
- expiration_date: 26.10.2026
- product: Bundesdruckerei Document Application with tamper-evident casing, Document Application Version 2.4.6; (Firmware Vers. 1.3.28, HW Vers. 0)
- protection_profile: Common Criteria Protection Profile for Document Management Terminal DMT-PP, BSI-CC-PP-0064-V2-2018, Version: 2.0, 2018-06-06, Federal Office for Information Security (BSI)
- report_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1181a_pdf.pdf?__blob=publicationFile&v=2
- target_link: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Zertifizierung/Reporte/Reporte1100/1181b_pdf.pdf?__blob=publicationFile&v=2
- product: Bundesdruckerei Document Application with tamper-evident casing, Document Application Version 2.4.6; (Firmware Vers. 1.3.28, …
- subcategory: Software with hardware
- url: https://www.bsi.bund.de/SharedDocs/Zertifikate_CC/CC/Hoheitliche_Dokumente-Software_mit_Hardware/1181.html
- vendor: Bundesdruckerei GmbH
|
|
| heuristics/st_references/directly_referenced_by |
{} |
{} |
| heuristics/st_references/directly_referencing |
{} |
ANSSI-CC-2023/01-R01 |
| heuristics/st_references/indirectly_referenced_by |
{} |
{} |
| heuristics/st_references/indirectly_referencing |
{} |
ANSSI-CC-2023/01-R01 |
| heuristics/protection_profiles |
c3398dec6cc86c4f |
7f886b64878b68c1 |
| maintenance_updates |
|
|
| protection_profiles |
|
|
| protection_profile_links |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0064b_pdf.pdf |
https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp0099V2b_pdf.pdf |
| pdf_data/cert_filename |
1181c_pdf.pdf |
ANSSI-CC-2025-55-certificat.pdf |
| pdf_data/cert_frontpage |
|
|
| pdf_data/cert_keywords/cc_cert_id |
|
|
| pdf_data/cert_keywords/cc_protection_profile_id |
|
|
| pdf_data/cert_keywords/cc_security_level |
|
|
| pdf_data/cert_keywords/cc_sar |
|
|
| pdf_data/cert_keywords/cc_sfr |
|
|
| pdf_data/cert_keywords/cc_claims |
|
|
| pdf_data/cert_keywords/vendor |
|
|
| pdf_data/cert_keywords/eval_facility |
|
|
| pdf_data/cert_keywords/symmetric_crypto |
|
|
| pdf_data/cert_keywords/asymmetric_crypto |
|
|
| pdf_data/cert_keywords/pq_crypto |
|
|
| pdf_data/cert_keywords/hash_function |
|
|
| pdf_data/cert_keywords/crypto_scheme |
|
|
| pdf_data/cert_keywords/crypto_protocol |
|
|
| pdf_data/cert_keywords/randomness |
|
|
| pdf_data/cert_keywords/cipher_mode |
|
|
| pdf_data/cert_keywords/ecc_curve |
|
|
| pdf_data/cert_keywords/crypto_engine |
|
|
| pdf_data/cert_keywords/tls_cipher_suite |
|
|
| pdf_data/cert_keywords/crypto_library |
|
|
| pdf_data/cert_keywords/vulnerability |
|
|
| pdf_data/cert_keywords/side_channel_analysis |
|
|
| pdf_data/cert_keywords/technical_report_id |
|
|
| pdf_data/cert_keywords/device_model |
|
|
| pdf_data/cert_keywords/tee_name |
|
|
| pdf_data/cert_keywords/os_name |
|
|
| pdf_data/cert_keywords/cplc_data |
|
|
| pdf_data/cert_keywords/ic_data_group |
|
|
| pdf_data/cert_keywords/standard_id |
- ISO:
- ISO/IEC 15408: 2
- ISO/IEC 18045: 2
|
|
| pdf_data/cert_keywords/javacard_version |
|
|
| pdf_data/cert_keywords/javacard_api_const |
|
|
| pdf_data/cert_keywords/javacard_packages |
|
|
| pdf_data/cert_keywords/certification_process |
|
|
| pdf_data/cert_metadata |
|
|
| pdf_data/report_filename |
1181a_pdf.pdf |
ANSSI-CC-2025-55-rapport.pdf |
| pdf_data/report_frontpage |
- FR:
- DE:
- cc_security_level: Common Criteria Part 3 conformant EAL 3
- cc_version: PP conformant Common Criteria Part 2 extended
- cert_id: BSI-DSZ-CC-1181-2021
- cert_item: Bundesdruckerei Document Application with tamper-evident casing Document Application Version 2.4.6; (Firmware Vers. 1.3.28, HW Vers. 0
- cert_lab: BSI
- developer: Bundesdruckerei GmbH
- match_rules: ['(BSI-DSZ-CC-.+?) (?:for|For) (.+?) from (.*)']
- ref_protection_profiles: Common Criteria Protection Profile for Document Management Terminal DMT-PP, BSI-CC-PP-0064- V2-2018, Version: 2.0, 2018-06-06, Federal Office for Information Security (BSI
|
|
| pdf_data/report_keywords/cc_cert_id |
- DE:
- BSI-DSZ-CC-1161-: 1
- BSI-DSZ-CC-1161-2020: 2
- BSI-DSZ-CC-1181: 1
- BSI-DSZ-CC-1181-2021: 15
|
- FR:
- ANSSI-CC-2023/01-R01: 2
- ANSSI-CC-2025/55: 3
|
| pdf_data/report_keywords/cc_protection_profile_id |
- BSI:
- BSI-CC-PP-0064-: 1
- BSI-CC-PP-0064-V2-2018: 3
|
- BSI:
- BSI-CC-PP-0099-V2-2020: 2
|
| pdf_data/report_keywords/cc_security_level |
- EAL:
- EAL 1: 1
- EAL 2: 2
- EAL 2+: 1
- EAL 3: 4
- EAL 4: 1
|
|
| pdf_data/report_keywords/cc_sar |
|
|
| pdf_data/report_keywords/cc_sfr |
- FAU:
- FIA:
- FIA_API.1: 1
- FIA_UAU.2: 1
- FIA_UAU.4: 1
- FIA_UAU.5: 1
- FIA_UAU.6: 1
- FIA_UID.2: 1
- FMT:
- FMT_MTD: 3
- FMT_SMF.1: 1
- FMT_SMR.1: 1
- FPT:
- FTP:
|
|
| pdf_data/report_keywords/cc_claims |
|
|
| pdf_data/report_keywords/vendor |
|
|
| pdf_data/report_keywords/eval_facility |
- TUV:
- TÜV Informationstechnik: 3
|
|
| pdf_data/report_keywords/symmetric_crypto |
- AES_competition:
- DES:
- constructions:
|
|
| pdf_data/report_keywords/asymmetric_crypto |
|
|
| pdf_data/report_keywords/pq_crypto |
|
|
| pdf_data/report_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA224: 1
- SHA256: 10
- SHA384: 6
- SHA512: 1
|
|
| pdf_data/report_keywords/crypto_scheme |
|
|
| pdf_data/report_keywords/crypto_protocol |
|
|
| pdf_data/report_keywords/randomness |
|
|
| pdf_data/report_keywords/cipher_mode |
|
|
| pdf_data/report_keywords/ecc_curve |
|
|
| pdf_data/report_keywords/crypto_engine |
|
|
| pdf_data/report_keywords/tls_cipher_suite |
|
|
| pdf_data/report_keywords/crypto_library |
|
|
| pdf_data/report_keywords/vulnerability |
|
|
| pdf_data/report_keywords/side_channel_analysis |
|
|
| pdf_data/report_keywords/technical_report_id |
|
|
| pdf_data/report_keywords/device_model |
|
|
| pdf_data/report_keywords/tee_name |
|
|
| pdf_data/report_keywords/os_name |
|
|
| pdf_data/report_keywords/cplc_data |
|
|
| pdf_data/report_keywords/ic_data_group |
|
|
| pdf_data/report_keywords/standard_id |
- BSI:
- AIS 20: 1
- AIS 32: 1
- AIS 38: 1
- AIS 48: 1
- FIPS:
- FIPS 197: 8
- FIPS PUB 46-3: 2
- FIPS180-4: 8
- FIPS186-2: 6
- FIPS186-4: 1
- FIPS197: 1
- ICAO:
- ISO:
- ISO/IEC 15408: 4
- ISO/IEC 15946-: 6
- ISO/IEC 17065: 2
- ISO/IEC 18045: 4
- ISO/IEC 9797-: 2
- RFC:
|
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- CCMB-2017-04-004: 1
|
| pdf_data/report_keywords/javacard_version |
|
|
| pdf_data/report_keywords/javacard_api_const |
|
|
| pdf_data/report_keywords/javacard_packages |
|
|
| pdf_data/report_keywords/certification_process |
- ConfidentialDocument:
- Evaluation Technical Report, Version 1, 2021-10-11, BSI-DSZ-CC-1181, TÜV Informationstechnik GmbH, (confidential document) [8] Common Criteria Protection Profile for Document Management Terminal DMT-PP: 1
- Security (BSI) [9] Configuration list for the TOE, Version 1.37, 2021-09-29, Bundesdruckerei GmbH (confidential document) [10] Guidance documentation for the TOE, Version 1.195, 2021-09-17, VISOTEC® V- ÄNDERUNGSTERMINAL: 1
- being maintained, is not given any longer. In particular, prior to the dissemination of confidential documentation and information related to the TOE or resulting from the evaluation and certification: 1
|
|
| pdf_data/report_metadata |
- /Author: Bundesamt für Sicherheit in der Informationstechnik
- /CreationDate: D:20211105104643+01'00'
- /Creator: Writer
- /Keywords: "Common Criteria, Certification, Zertifizierung, BDr, Common Criteria Protection Profile for Document Management Terminal DMT-PP, BSI-CC-PP-0064-V2-2018"
- /ModDate: D:20211108154109+01'00'
- /Producer: LibreOffice 6.3
- /Subject: Bundesdruckerei Document Application withtamper-evident casing
- /Title: Certification Report BSI-DSZ-CC-1181-2021
- pdf_file_size_bytes: 789441
- pdf_hyperlinks: http://www.commoncriteriaportal.org/, https://www.bsi.bund.de/, https://www.bsi.bund.de/AIS, http://www.commoncriteriaportal.org/cc/, https://www.bsi.bund.de/zertifizierung, https://www.sogis.eu/, https://www.bsi.bund.de/zertifizierungsreporte
- pdf_is_encrypted: False
- pdf_number_of_pages: 29
|
|
| pdf_data/st_filename |
1181b_pdf.pdf |
ANSSI-CC-2025-55-cible.pdf |
| pdf_data/st_frontpage |
|
|
| pdf_data/st_keywords/cc_cert_id |
|
|
| pdf_data/st_keywords/cc_protection_profile_id |
- BSI:
- BSI-CC-PP-0064-: 1
- BSI-CC-PP-0064-V2-2018: 3
|
- BSI:
- BSI-CC-PP-0068-V2-2011-MA-01: 1
- BSI-CC-PP-0084-2014: 1
- BSI-CC-PP-0099-V2-2020: 1
- BSI-PP-0055-2009: 1
- BSI-PP-0056-V2-MA-2012: 1
|
| pdf_data/st_keywords/cc_security_level |
- EAL:
- EAL 3: 4
- EAL3: 1
- EAL4+: 2
|
- EAL:
- EAL 6+: 1
- EAL6: 34
- EAL6 augmented: 1
- EAL6+: 3
|
| pdf_data/st_keywords/cc_sar |
- ADV:
- ADV_ARC.1: 1
- ADV_TDS.2: 1
- AGD:
- ALC:
- ALC_CMC.3: 1
- ALC_DEL.1: 1
- ALC_LCD.1: 1
- APE:
- ASE:
- ASE_CCL.1: 1
- ASE_INT.1: 1
- ASE_REQ.2: 1
- ASE_TSS.1: 1
- ATE:
- ATE_COV.2: 1
- ATE_FUN.1: 1
- AVA:
- AVA_VAN.2: 1
- AVA_VAN.5: 2
|
- ADV:
- ADV_ARC: 1
- ADV_ARC.1: 10
- ADV_FSP.1: 1
- ADV_FSP.2: 2
- ADV_FSP.4: 2
- ADV_FSP.5: 8
- ADV_IMP.1: 5
- ADV_IMP.2: 4
- ADV_INT.2: 2
- ADV_INT.3: 2
- ADV_SPM.1: 9
- ADV_TDS.1: 2
- ADV_TDS.3: 3
- ADV_TDS.4: 2
- ADV_TDS.5: 6
- AGD:
- AGD_OPE: 1
- AGD_OPE.1: 9
- AGD_PRE: 2
- AGD_PRE.1: 7
- ALC:
- ALC_CMC.4: 2
- ALC_CMC.5: 4
- ALC_CMS.5: 3
- ALC_DEL.1: 4
- ALC_DVS.2: 6
- ALC_FLR.2: 7
- ALC_LCD.1: 6
- ALC_TAT.1: 2
- ALC_TAT.2: 2
- ALC_TAT.3: 4
- ASE:
- ASE_CCL.1: 1
- ASE_ECD.1: 1
- ASE_INT.1: 1
- ASE_OBJ.2: 1
- ASE_REQ.2: 1
- ASE_SPD.1: 1
- ASE_TSS.1: 1
- ASE_TSS.2: 1
- ATE:
- ATE_COV.1: 2
- ATE_COV.2: 3
- ATE_COV.3: 2
- ATE_DPT.1: 1
- ATE_DPT.3: 4
- ATE_FUN.1: 6
- ATE_FUN.2: 4
- ATE_IND.2: 5
- AVA:
|
| pdf_data/st_keywords/cc_sfr |
- FAU:
- FAU_GEN: 1
- FAU_GEN.1: 5
- FAU_GEN.1.1: 3
- FAU_GEN.1.2: 2
- FCS:
- FCS_CKM: 13
- FCS_CKM.1: 15
- FCS_CKM.4: 5
- FCS_CKM.4.1: 1
- FCS_COP: 29
- FCS_COP.1: 25
- FCS_RNG: 3
- FCS_RNG.1: 6
- FCS_RNG.1.1: 1
- FCS_RNG.1.2: 1
- FDP:
- FDP_RIP.1: 4
- FDP_RIP.1.1: 1
- FIA:
- FIA_API: 1
- FIA_API.1: 6
- FIA_API.1.1: 1
- FIA_UAU.1: 3
- FIA_UAU.2: 6
- FIA_UAU.2.1: 1
- FIA_UAU.4: 5
- FIA_UAU.4.1: 1
- FIA_UAU.5: 4
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.6: 4
- FIA_UAU.6.1: 1
- FIA_UID.1: 2
- FIA_UID.2: 6
- FIA_UID.2.1: 1
- FMT:
- FMT_MTD: 22
- FMT_MTD.1: 5
- FMT_SMF.1: 7
- FMT_SMF.1.1: 1
- FMT_SMR.1: 5
- FMT_SMR.1.1: 1
- FMT_SMR.1.2: 1
- FPT:
- FTP:
- FTP_TRP: 4
- FTP_TRP.1: 3
- FTP_TRP.1.2: 1
|
- FAU:
- FAU_ARP.1: 16
- FAU_ARP.1.1: 1
- FAU_SAA.1: 2
- FAU_SAS.1: 2
- FCO:
- FCS:
- FCS_CKM: 53
- FCS_CKM.1: 30
- FCS_CKM.1.1: 3
- FCS_CKM.2: 11
- FCS_CKM.2.1: 1
- FCS_CKM.3: 6
- FCS_CKM.3.1: 1
- FCS_CKM.4: 30
- FCS_CKM.4.1: 2
- FCS_CMK.4: 1
- FCS_COP: 57
- FCS_COP.1: 25
- FCS_COP.1.1: 5
- FCS_RNG: 21
- FCS_RNG.1: 12
- FCS_RNG.1.1: 3
- FCS_RNG.1.2: 3
- FDP:
- FDP_ACC: 52
- FDP_ACC.1: 19
- FDP_ACC.2: 6
- FDP_ACF: 47
- FDP_ACF.1: 24
- FDP_IFC: 27
- FDP_IFC.1: 14
- FDP_IFC.2: 2
- FDP_IFF: 17
- FDP_IFF.1: 14
- FDP_ITC: 14
- FDP_ITC.1: 15
- FDP_ITC.2: 20
- FDP_ITT.1: 2
- FDP_RIP: 107
- FDP_RIP.1: 11
- FDP_RIP.1.1: 1
- FDP_ROL: 14
- FDP_ROL.1: 5
- FDP_SDC.1: 2
- FDP_SDI: 9
- FDP_SDI.2: 4
- FDP_UCT.1: 2
- FDP_UIT: 7
- FDP_UIT.1: 4
- FIA:
- FIA_AFL: 27
- FIA_AFL.1.1: 2
- FIA_AFL.1.2: 2
- FIA_API.1: 2
- FIA_ATD: 14
- FIA_ATD.1: 3
- FIA_UAU: 75
- FIA_UAU.1: 6
- FIA_UAU.1.1: 2
- FIA_UAU.1.2: 2
- FIA_UAU.4: 1
- FIA_UAU.4.1: 1
- FIA_UAU.5.1: 1
- FIA_UAU.5.2: 1
- FIA_UAU.6.1: 1
- FIA_UID: 44
- FIA_UID.1: 19
- FIA_UID.1.1: 2
- FIA_UID.1.2: 2
- FIA_UID.2: 1
- FIA_USB: 7
- FIA_USB.1: 3
- FMT:
- FMT_LIM: 42
- FMT_LIM.1: 18
- FMT_LIM.1.1: 2
- FMT_LIM.2: 17
- FMT_LIM.2.1: 2
- FMT_MSA: 114
- FMT_MSA.1: 15
- FMT_MSA.2: 2
- FMT_MSA.3: 22
- FMT_MTD: 69
- FMT_MTD.1: 13
- FMT_MTD.3: 1
- FMT_SMF: 83
- FMT_SMF.1: 29
- FMT_SMF.1.1: 2
- FMT_SMR: 94
- FMT_SMR.1: 35
- FMT_SMR.1.1: 2
- FMT_SMR.1.2: 2
- FPR:
- FPR_UNO: 6
- FPR_UNO.1: 9
- FPR_UNO.1.1: 1
- FPT:
- FPT_EMS: 4
- FPT_EMS.1: 16
- FPT_EMS.1.1: 3
- FPT_EMS.1.2: 3
- FPT_FLS: 54
- FPT_FLS.1: 18
- FPT_FLS.1.1: 2
- FPT_ITT: 7
- FPT_ITT.1: 2
- FPT_PHP: 8
- FPT_PHP.3: 19
- FPT_PHP.3.1: 1
- FPT_RCV: 15
- FPT_RCV.3: 4
- FPT_RCV.4: 1
- FPT_TDC.1: 8
- FPT_TDC.1.1: 1
- FPT_TDC.1.2: 1
- FPT_TST: 9
- FPT_TST.1: 16
- FPT_TST.1.1: 1
- FPT_TST.1.2: 1
- FPT_TST.1.3: 1
- FRU:
- FTP:
- FTP_ITC: 20
- FTP_ITC.1: 7
- FTP_ITC.1.1: 1
- FTP_ITC.1.2: 1
- FTP_ITC.1.3: 1
- FTP_TRP: 6
- FTP_TRP.1: 7
|
| pdf_data/st_keywords/cc_claims |
|
- A:
- A.CAP_FILE: 4
- A.DELETION: 4
- A.OS-UPDATE-EVIDENCE: 3
- A.SECURE_ACODE_MANAGEMENT: 3
- A.VERIFICATION: 3
- D:
- D.API_DATA: 3
- D.APP_CODE: 6
- D.APP_C_DATA: 3
- D.APP_I_DATA: 5
- D.APP_KEYS: 1
- D.CRYPTO: 5
- D.JCS_CODE: 6
- D.JCS_DATA: 8
- D.OS-: 1
- D.OS-UPDATE-CODE-ID: 3
- D.OS-UPDATE_ADDITIONALCODE: 5
- D.OS-UPDATE_DEC-KEY: 2
- D.OS-UPDATE_SGNVER-KEY: 2
- D.PIN: 4
- D.SEC_DATA: 7
- O:
- O.ALARM: 15
- O.APPLET: 28
- O.ARRAY_VIEWS_CONFID: 7
- O.ARRAY_VIEWS_INTEG: 3
- O.CARD-MANAGEMENT: 21
- O.CIPHER: 11
- O.CODE_CAP_FILE: 23
- O.CONFID-OS-UPDATE: 4
- O.DELETION: 4
- O.FIREWALL: 12
- O.GLOBAL_ARRAYS_CONFID: 9
- O.GLOBAL_ARRAYS_INTEG: 5
- O.INSTALL: 7
- O.JAVAOBJECT: 68
- O.KEY-MNGT: 6
- O.LOAD: 11
- O.NATIVE: 12
- O.OBJ-DELETION: 4
- O.OBJ_DELETION: 4
- O.OPERATE: 15
- O.PIN-MNGT: 6
- O.PIN_MNGT: 4
- O.REALLOCATION: 5
- O.RESOURCES: 9
- O.RND: 1
- O.RNG: 11
- O.SCP: 39
- O.SECURE_AC_ACTIVATION: 5
- O.SECURE_LOAD_ACODE: 9
- O.SID: 13
- O.TOE_IDENTIFICATION: 7
- O.TRANSACTION: 6
- OE:
- OE.CAP_FILE: 5
- OE.CARD-MANAGEMENT: 1
- OE.CODE-EVIDENCE: 11
- OE.NATIVE: 1
- OE.OS-UPDATE-ENCRYPTION: 6
- OE.OS-UPDATE-EVIDENCE: 3
- OE.SCP: 6
- OE.SECURE_ACODE_MANAGEMENT: 3
- OE.VERIFICATION: 25
- OP:
- OP.ARRAY_AASTORE: 3
- OP.ARRAY_ACCESS: 7
- OP.ARRAY_LENGTH: 3
- OP.ARRAY_T_ALOAD: 3
- OP.ARRAY_T_ASTORE: 3
- OP.CREATE: 11
- OP.DELETE_APPLET: 6
- OP.DELETE_CAP_FILE: 4
- OP.DELETE_CAP_FILE_APPLET: 4
- OP.INSTANCE_FIELD: 6
- OP.INVK_INTERFACE: 10
- OP.INVK_VIRTUAL: 8
- OP.JAVA: 8
- OP.PUT: 8
- OP.PUTFIELD: 1
- OP.PUTSTATIC: 1
- OP.THROW: 7
- OP.TYPE_ACCESS: 7
- OSP:
- OSP.ADDITIONAL_CODE_ENCRYPTION: 3
- OSP.ADDITIONAL_CODE_SIGNING: 3
- OSP.ATOMIC_ACTIVATION: 3
- OSP.RNG: 3
- OSP.TOE_IDENTIFICATION: 3
- OSP.VERIFICATION: 3
- OT:
- R:
- T:
- T.CONFID-APPLI-DATA: 3
- T.CONFID-JCS-CODE: 3
- T.CONFID-JCS-DATA: 3
- T.CONFID-OS-UPDATE_LOAD: 3
- T.DELETION: 3
- T.EXE-CODE: 6
- T.FAKE-SGNVER-KEY: 3
- T.INSTALL: 3
- T.INTEG-APPLI-CODE: 6
- T.INTEG-APPLI-DATA: 6
- T.INTEG-JCS-CODE: 3
- T.INTEG-JCS-DATA: 3
- T.INTEG-OS-UPDATE_LOAD: 3
- T.NATIVE: 3
- T.OBJ-DELETION: 3
- T.PHYSICAL: 3
- T.RESOURCES: 3
- T.SID: 6
- T.UNAUTHORIZED_TOE_CODE_UPDATE: 3
- T.WRONG-UPDATE-STATE: 3
|
| pdf_data/st_keywords/vendor |
|
|
| pdf_data/st_keywords/eval_facility |
|
|
| pdf_data/st_keywords/symmetric_crypto |
- AES_competition:
- DES:
- constructions:
|
- AES_competition:
- DES:
- 3DES:
- 3DES: 2
- TDEA: 1
- TDES: 12
- Triple-DES: 3
- DES:
- constructions:
|
| pdf_data/st_keywords/asymmetric_crypto |
|
|
| pdf_data/st_keywords/pq_crypto |
|
|
| pdf_data/st_keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-224: 2
- SHA-256: 5
- SHA-384: 2
- SHA-512: 2
- SHA256: 2
|
- SHA:
- SHA1:
- SHA2:
- SHA-224: 1
- SHA-256: 2
- SHA-384: 1
- SHA-512: 2
- SHA2: 1
- SHA224: 1
- SHA3:
- SHA3: 2
- SHA3-384: 1
- SHA3-512: 1
|
| pdf_data/st_keywords/crypto_scheme |
|
- KA:
- Key Agreement: 6
- Key agreement: 2
- MAC:
|
| pdf_data/st_keywords/crypto_protocol |
|
|
| pdf_data/st_keywords/randomness |
|
|
| pdf_data/st_keywords/cipher_mode |
|
|
| pdf_data/st_keywords/ecc_curve |
- Brainpool:
- brainpoolP224r1: 1
- brainpoolP256r1: 2
- brainpoolP384r1: 2
- brainpoolP512r1: 2
- NIST:
- NIST P-384: 1
- P-256: 2
- P-384: 1
- prime256v1: 2
- secp256r1: 1
- secp384r1: 3
- secp521r1: 1
|
|
| pdf_data/st_keywords/crypto_engine |
|
|
| pdf_data/st_keywords/tls_cipher_suite |
|
|
| pdf_data/st_keywords/crypto_library |
|
|
| pdf_data/st_keywords/vulnerability |
|
|
| pdf_data/st_keywords/side_channel_analysis |
|
- FI:
- Malfunction: 6
- Physical Tampering: 3
- fault induction: 2
- malfunction: 9
- physical tampering: 1
- SCA:
- DPA: 2
- Leak-Inherent: 3
- SPA: 1
- physical probing: 7
- timing attacks: 1
|
| pdf_data/st_keywords/technical_report_id |
|
|
| pdf_data/st_keywords/device_model |
|
|
| pdf_data/st_keywords/tee_name |
|
|
| pdf_data/st_keywords/os_name |
|
|
| pdf_data/st_keywords/cplc_data |
|
|
| pdf_data/st_keywords/ic_data_group |
- EF:
- EF.COM: 2
- EF.DG1: 2
- EF.DG13: 1
- EF.DG16: 2
- EF.DG2: 1
- EF.DG3: 2
- EF.DG4: 2
- EF.DG5: 1
- EF.SOD: 2
|
- EF:
- EF.DG1: 4
- EF.DG16: 4
- EF.DG3: 1
- EF.DG4: 1
|
| pdf_data/st_keywords/standard_id |
- BSI:
- FIPS:
- FIPS 180-4: 2
- FIPS 186-2: 1
- FIPS 186-4: 1
- FIPS PUB 197: 1
- FIPS180-4: 3
- FIPS186-2: 2
- FIPS186-4: 3
- FIPS197: 2
- ICAO:
- ISO:
- ISO/IEC 14443: 2
- ISO/IEC 7816-4: 1
- RFC:
|
- BSI:
- AIS20: 1
- AIS31: 6
- BSI-AIS31: 1
- CC:
- CCMB-2017-04-001: 1
- CCMB-2017-04-002: 1
- CCMB-2017-04-003: 1
- FIPS:
- FIPS 197: 1
- FIPS180-4: 2
- FIPS197: 5
- FIPS202: 2
- ICAO:
- NIST:
- PKCS:
- SCP:
- SCP01: 4
- SCP02: 4
- SCP03: 5
|
| pdf_data/st_keywords/javacard_version |
|
|
| pdf_data/st_keywords/javacard_api_const |
|
|
| pdf_data/st_keywords/javacard_packages |
|
- com:
- com.gemalto.belpic: 1
- com.gemalto.javacard.eid: 1
- com.gemalto.javacard.fido.ctap: 1
- com.gemalto.javacard.iasclassic: 1
- com.gemalto.javacard.mspnp: 1
- com.gemalto.javacardx.gdp: 1
- com.gemalto.moc.client: 1
- com.gemalto.moc.server: 1
- com.gemalto.mpcos: 1
- com.gemalto.puredi: 1
- com.gemalto.tacho: 1
- java:
- javacard:
- javacard.eid: 1
- javacard.fido.ctap: 1
- javacard.framework: 3
- javacard.iasclassic: 1
- javacard.mspnp: 1
- javacardx:
|
| pdf_data/st_keywords/certification_process |
|
- OutOfScope:
- • The DELETE and INSTALL APDU commands are out of scope of this SPM: 1
- 1 : MultiApp v5.1 Rev. B with biometry features but forbidden to use without patch (biometry is out of scope of the TOE) 2. Config 2 : MultiApp v5.1 Rev. C with biometry features but forbidden to use without: 1
- 1, are out of the scope of the SPM as they are linked to the applet loading or deletion that is out of scope of the SPM boundaries limited to VM opcodes The SFR FMT_MTD.3/JCRE is out of scope of the SPM: 1
- Context, the Selected Applet Context, and the Active Applets Note: the Selected Applet context is out of scope of the VM functionalities. It is a process that occurs prior to VM start The initial setting of: 1
- a timeout policy that prevent them from being blocked should a card fails to answer. That point is out of scope of this Security Target, though. Finally, the objectives O.SCP.RECOVERY and O.SCP.SUPPORT are: 1
- and deletion; see #.DELETION and #.INSTALL). • The DELETE and INSTALL APDU commands are out of scope of this SPM. The list of registred applets’ AIDs is proven to be not modified during the execution: 1
- as a null reference. Such a mechanism is implementation-dependent. The deletion of applets is out of scope of this SPM scope. In the case of an array type, fields are components of the array ([JVM], §2.14: 1
- because AID registry is created during loading phase, which is also out of scope of the SPM (Hypothesis 2 of the SPM document [MAV51_SPM]). MultiApp V5.1: JCS Security Target ST: 1
- biometry is out of scope of the TOE: 2
- biometry is out of scope of the TOE) 3. Config 3 : MultiApp v5.1 Rev. B with biometry features included in the TOE (Upgraded: 1
- filter set = 0x00 and 0x10) no patch is loaded and Biometry feature is out of scope of the TOE: 1
- for 2 others configurations (filter set = 0x00 and 0x10) no patch is loaded and Biometry feature is out of scope of the TOE. If another patch is required in the future, it would require at least a maintenance of: 1
- in §1.3, Filter set field = 0X00 Rev. C with patch or 0X10 Rev. C with patch), we consider BioPIN out of scope of the TOE: 1
- in §1.3, Filter set field = 0X00 Rev. C with patch or 0X10 Rev. C with patch), we consider BioPIN out of scope of the TOE. 2.4 TOE DESCRIPTION 2.4.1 Architecture The MultiApp V5.1 platform is an operating: 1
- is also out of scope (Hypothesis 4 of the SPM document [MAV51_SPM]).. 3) S.CAP_FILE performing OP.ARRAY_AASTORE of the: 1
- out of scope: 13
- the active context is not the same as the Selected Applet Context. Application note: This rule is out of scope of the SPM modelisation because CLEAR_ON_DESELECT objects can be created exclusively in the API: 1
|
| pdf_data/st_metadata |
- /Author: Alexander Haferland
- /CreationDate: D:20210909141650+02'00'
- /Creator: Microsoft® Word 2016
- /Keywords: CC, ST, Common Criteria, Security Target, Inspection System, PA, eAT, ePass
- /ModDate: D:20210909141650+02'00'
- /Producer: Microsoft® Word 2016
- /Subject: Security Target
- /Title: Bundesdruckerei Document Application Common Criteria Evaluation
- pdf_file_size_bytes: 1655411
- pdf_hyperlinks: {}
- pdf_is_encrypted: False
- pdf_number_of_pages: 92
|
- /CreationDate: D:20251211164905+01'00'
- /Creator: Microsoft® Word for Microsoft 365
- /MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_ActionId: f58ac3a4-cc4c-4041-89a2-6ca192dcfb3a
- /MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_ContentBits: 3
- /MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_Enabled: true
- /MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_Method: Privileged
- /MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_Name: DIS Limited Distribution Scope
- /MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_SetDate: 2025-09-18T16:02:23Z
- /MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_SiteId: 6e603289-5e46-4e26-ac7c-03a85420a9a5
- /ModDate: D:20251211164905+01'00'
- /Producer: Microsoft® Word for Microsoft 365
- pdf_file_size_bytes: 4460503
- pdf_hyperlinks: https://www.ssi.gouv.fr/uploads/2021/03/anssi-guide-mecanismes_crypto-2.04.pdf
- pdf_is_encrypted: False
- pdf_number_of_pages: 156
|
| state/cert/convert_garbage |
None |
None |
| state/cert/convert_ok |
True |
True |
| state/cert/download_ok |
True |
True |
| state/cert/extract_ok |
False |
False |
| state/cert/pdf_hash |
Different |
Different |
| state/cert/txt_hash |
Different |
Different |
| state/report/convert_garbage |
None |
None |
| state/report/convert_ok |
True |
True |
| state/report/download_ok |
True |
True |
| state/report/extract_ok |
True |
True |
| state/report/pdf_hash |
Different |
Different |
| state/report/txt_hash |
Different |
Different |
| state/st/convert_garbage |
None |
None |
| state/st/convert_ok |
True |
True |
| state/st/download_ok |
True |
True |
| state/st/extract_ok |
True |
True |
| state/st/pdf_hash |
Different |
Different |
| state/st/txt_hash |
Different |
Different |