{"_id": "d265be53c183683d", "_type": "sec_certs.sample.cc.CCCertificate", "dgst": "d265be53c183683d", "status": "active", "category": "ICs, Smart Cards and Smart Card-Related Devices and Systems", "name": "MultiApp V5.0 Java Card Virtual MachineConfiguration 1 : 5.0.1 version 2a ; Configuration 2 : 5.0.1 version 2b (ANSSI-CC-2026/04)", "manufacturer": "THALES DIS FRANCE SA", "scheme": "FR", "security_level": {"_type": "Set", "elements": ["EAL7"]}, "not_valid_before": "2026-02-12", "not_valid_after": "2031-02-16", "report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2026-04-rapport.pdf", "st_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2026-04-cible.pdf", "cert_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/ANSSI-CC-2026-04-certificat.pdf", "manufacturer_web": "https://www.thalesgroup.com/en/europe/france", "protection_profile_links": {"_type": "Set", "elements": []}, "maintenance_updates": {"_type": "Set", "elements": []}, "state": {"_type": "sec_certs.sample.cc_eucc_common.InternalState", "report": {"_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_ok": true, "extract_ok": true, "pdf_hash": "416313d6b0583620a6b9135af793364dc78855f5a51d985a54458b2e591f649f", "txt_hash": "cfa2777f8224faa0de26496eab96ba166ac3536cbe592e6423b6f695c8edbe9f", "json_hash": null}, "st": {"_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_ok": true, "extract_ok": true, "pdf_hash": "0e7590b67f51a11b2c4db625ca243fbc67a802a6d8f6e06a7c5902a96b1f637d", "txt_hash": "6c6712717b4848cea50e56e0cdb2c375126ec18d193eff2c2d245f87eabf0592", "json_hash": null}, "cert": {"_type": "sec_certs.sample.document_state.DocumentState", "download_ok": true, "convert_ok": true, "extract_ok": false, "pdf_hash": "16fce3dae925f7bdda0bf548ae430d07b50894b9370b57936206d816f3b6760b", "txt_hash": "def237275010527ad55448c9eacdc03f383e30e79570d709af552978d69a0f70", "json_hash": null}}, "pdf_data": {"_type": "sec_certs.sample.cc_eucc_common.PdfData", "report_metadata": {"pdf_file_size_bytes": 696915, "pdf_is_encrypted": false, "pdf_number_of_pages": 13, "/Producer": "PDFKit.NET 26.1.0.63468 DMV9", "/CreationDate": "D:20260216144236+01'00'", "/ModDate": "D:20260217084936+00'00'", "/Creator": "Acrobat PDFMaker 25 pour Word", "pdf_hyperlinks": {"_type": "Set", "elements": ["http://www.sogis.eu/", "http://www.cyber.gouv.fr/", "http://www.commoncriteriaportal.org/", "mailto:certification@ssi.gouv.fr"]}}, "st_metadata": {"pdf_file_size_bytes": 1634708, "pdf_is_encrypted": false, "pdf_number_of_pages": 58, "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_Enabled": "true", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_SetDate": "2024-10-09T15:43:23Z", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_Method": "Standard", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_Name": "DIS Limited Distribution Scope", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_SiteId": "6e603289-5e46-4e26-ac7c-03a85420a9a5", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_ActionId": "a7787ff4-7538-4128-8078-c38ba2ebcf74", "/MSIP_Label_c6c1d335-5221-4a6a-889f-c684b2c8474c_ContentBits": "3", "/Title": "MultiApp V5.0: JCVM Security Target", "/Author": "OHAYON Franck", "/Creator": "Microsoft\u00ae Word for Microsoft 365", "/CreationDate": "D:20260126110838+01'00'", "/ModDate": "D:20260126110838+01'00'", "/Producer": "Microsoft\u00ae Word for Microsoft 365", "pdf_hyperlinks": {"_type": "Set", "elements": []}}, "cert_metadata": null, "report_frontpage": {"FR": {}}, "st_frontpage": null, "cert_frontpage": null, "report_keywords": {"cc_cert_id": {"DE": {"BSI-DSZ-CC-1107-V5-2024": 1}, "FR": {"ANSSI-CC-2026/04": 3}}, "cc_protection_profile_id": {}, "cc_security_level": {"EAL": {"EAL7": 2, "EAL2": 2}, "ITSEC": {"ITSEC E6 Elev\u00e9": 1}}, "cc_sar": {"AGD": {"AGD_OPE": 2, "AGD_PRE": 1}, "ALC": {"ALC_FLR": 1}, "AVA": {"AVA_VAN": 1}}, "cc_sfr": {}, "cc_claims": {}, "vendor": {"Infineon": {"Infineon": 1}}, "eval_facility": {"CESTI": {"CESTI": 3}, "CEA-LETI": {"CEA - LETI": 1}}, "symmetric_crypto": {"DES": {"DES": {"DES": 1}}}, "asymmetric_crypto": {}, "pq_crypto": {}, "hash_function": {}, "crypto_scheme": {}, "crypto_protocol": {}, "randomness": {}, "cipher_mode": {}, "ecc_curve": {}, "crypto_engine": {}, "tls_cipher_suite": {}, "crypto_library": {}, "vulnerability": {}, "side_channel_analysis": {}, "technical_report_id": {}, "device_model": {}, "tee_name": {}, "os_name": {}, "cplc_data": {}, "ic_data_group": {}, "standard_id": {"CC": {"CCMB-2017-04-001": 1, "CCMB-2017-04-002": 1, "CCMB-2017-04-003": 1, "CCMB-2017-04-004": 1}}, "javacard_version": {}, "javacard_api_const": {}, "javacard_packages": {}, "certification_process": {}}, "st_keywords": {"cc_cert_id": {"DE": {"BSI-DSZ-CC-1107-V5-2024": 1}, "NL": {"CC-1": 2, "CC-2": 3, "CC-3": 3}}, "cc_protection_profile_id": {"BSI": {"BSI-CC-PP-0084-": 1, "BSI-CC-PP-0099-V2-2020": 1}}, "cc_security_level": {"EAL": {"EAL7": 37, "EAL 6+": 1}}, "cc_sar": {"ADV": {"ADV_ARC.1": 6, "ADV_FSP.6": 5, "ADV_IMP.2": 5, "ADV_INT.3": 2, "ADV_SPM.1": 8, "ADV_TDS.6": 7, "ADV_FSP.4": 4, "ADV_ARC": 1, "ADV_TDS.1": 2, "ADV_IMP.1": 4, "ADV_TDS.3": 3, "ADV_FSP.1": 1, "ADV_FSP.2": 1, "ADV_TDS.4": 1}, "AGD": {"AGD_OPE": 1, "AGD_PRE": 1, "AGD_OPE.1": 6, "AGD_PRE.1": 6}, "ALC": {"ALC_CMC.5": 4, "ALC_CMS.5": 1, "ALC_DEL.1": 2, "ALC_DVS.2": 4, "ALC_LCD.2": 3, "ALC_TAT.3": 3, "ALC_TAT.1": 2, "ALC_TAT": 1, "ALC_LCD.1": 1}, "ATE": {"ATE_COV.3": 3, "ATE_DPT.4": 2, "ATE_FUN.2": 4, "ATE_IND.3": 2, "ATE_FUN.1": 3, "ATE_COV.1": 2, "ATE_DPT.1": 1}, "AVA": {"AVA_VAN.5": 2}, "ASE": {"ASE_CCL.1": 1, "ASE_ECD.1": 1, "ASE_INT.1": 1, "ASE_OBJ.2": 1, "ASE_REQ.2": 1, "ASE_SPD.1": 1, "ASE_TSS.1": 1}}, "cc_sfr": {"FAU": {"FAU_ARP.1": 1, "FAU_SAS.1": 1}, "FCO": {"FCO_NRO": 1}, "FCS": {"FCS_RNG.1": 1, "FCS_RNG": 4, "FCS_COP": 8, "FCS_CKM": 8}, "FDP": {"FDP_ACC": 20, "FDP_ACF": 16, "FDP_IFC": 13, "FDP_IFF": 8, "FDP_ROL": 2, "FDP_RIP": 9, "FDP_SDI": 1, "FDP_ITC": 2, "FDP_UIT": 1, "FDP_ACC.2": 2, "FDP_ACF.1": 8, "FDP_IFC.1": 6, "FDP_IFF.1": 8, "FDP_ACC.1": 5, "FDP_SDC.1": 1, "FDP_SDI.2": 1, "FDP_ITT.1": 1, "FDP_UCT.1": 1, "FDP_UIT.1": 1}, "FIA": {"FIA_ATD": 2, "FIA_UID": 4, "FIA_USB": 1, "FIA_UAU": 1, "FIA_UID.1": 1, "FIA_API.1": 1}, "FMT": {"FMT_MSA": 55, "FMT_SMF": 17, "FMT_SMR": 21, "FMT_MTD": 11, "FMT_SMR.1": 10, "FMT_SMF.1": 6, "FMT_MSA.1": 6, "FMT_MSA.2": 2, "FMT_MSA.3": 9, "FMT_MTD.1": 1, "FMT_LIM.1": 1, "FMT_LIM.2": 1, "FMT_LIM": 2}, "FPR": {"FPR_UNO.1": 1, "FPR_UNO": 1}, "FPT": {"FPT_FLS": 5, "FPT_TDC.1": 1, "FPT_RCV": 2, "FPT_TST": 1, "FPT_PHP": 1, "FPT_ITT": 1, "FPT_FLS.1": 1, "FPT_PHP.3": 1, "FPT_ITT.1": 1, "FPT_TST.2": 1}, "FRU": {"FRU_FLT.2": 1}, "FTP": {"FTP_ITC": 1, "FTP_TRP": 1, "FTP_ITC.1": 1}}, "cc_claims": {"D": {"D.APP_CODE": 5, "D.APP_C_DATA": 2, "D.APP_I_DATA": 3, "D.PIN": 4, "D.API_DATA": 3, "D.CRYPTO": 3, "D.JCS_CODE": 3, "D.JCS_DATA": 4, "D.SEC_DATA": 5}, "O": {"O.FIREWALL": 13, "O.APPLET": 2, "O.CODE_CAP_FILE": 3, "O.JAVAOBJECT": 38}, "T": {"T.CONFID-APPLI-DATA": 3, "T.CONFID-JCS-CODE": 3, "T.CONFID-JCS-DATA": 3, "T.INTEG-APPLI-CODE": 6, "T.INTEG-APPLI-DATA": 6, "T.INTEG-JCS-CODE": 3, "T.INTEG-JCS-DATA": 3, "T.SID": 6, "T.EXE-CODE": 6, "T.NATIVE": 3}, "A": {"A.VERIFICATION": 3, "A.CAP_FILE": 3}, "R": {"R.JAVA": 9}, "OP": {"OP.ARRAY_ACCESS": 7, "OP.ARRAY_LENGTH": 3, "OP.ARRAY_AASTORE": 3, "OP.ARRAY_T_ALOAD": 3, "OP.ARRAY_T_ASTORE": 3, "OP.CREATE": 9, "OP.DELETE_APPLET": 1, "OP.DELETE_CAP_FILE": 1, "OP.DELETE_CAP_FILE_APPLET": 1, "OP.INSTANCE_FIELD": 6, "OP.INVK_VIRTUAL": 8, "OP.INVK_INTERFACE": 10, "OP.JAVA": 6, "OP.THROW": 7, "OP.TYPE_ACCESS": 7, "OP.PUT": 8, "OP.PUTFIELD": 1, "OP.PUTSTATIC": 1}, "OE": {"OE.VERIFICATION": 25, "OE.CAP_FILE": 4, "OE.CODE-EVIDENCE": 11, "OE.SID": 8, "OE.NATIVE": 7, "OE.OPERATE": 13, "OE.REALLOCATION": 5, "OE.LOAD": 5, "OE.INSTALL": 4, "OE.ALARM": 11, "OE.CARD-MANAGEMENT": 2, "OE.SCP": 16, "OE.CARD_MANAGEMENT": 10}, "OSP": {"OSP.VERIFICATION": 3}}, "vendor": {"Infineon": {"Infineon": 18}, "Gemalto": {"Gemalto": 7}, "Thales": {"Thales": 27}}, "eval_facility": {}, "symmetric_crypto": {"AES_competition": {"AES": {"AES": 1}}, "DES": {"DES": {"DES": 1}}, "constructions": {"MAC": {"HMAC": 1}}}, "asymmetric_crypto": {"ECC": {"ECC": {"ECC": 3}}, "FF": {"DH": {"DH": 1}}}, "pq_crypto": {}, "hash_function": {}, "crypto_scheme": {}, "crypto_protocol": {"PACE": {"PACE": 2}}, "randomness": {"RNG": {"RNG": 1}}, "cipher_mode": {}, "ecc_curve": {}, "crypto_engine": {}, "tls_cipher_suite": {}, "crypto_library": {}, "vulnerability": {}, "side_channel_analysis": {}, "technical_report_id": {}, "device_model": {}, "tee_name": {"IBM": {"SE": 2}}, "os_name": {}, "cplc_data": {"ICFab": {"IC Fabricator": 1}, "ICType": {"IC Type": 1}}, "ic_data_group": {}, "standard_id": {"BSI": {"AIS31": 1}, "CC": {"CCMB-2017-04-001": 1, "CCMB-2017-04-002": 1, "CCMB-2017-04-003": 1}}, "javacard_version": {"JavaCard": {"Java Card 3.1": 4}}, "javacard_api_const": {"misc": {"TYPE_ACCESS": 7}}, "javacard_packages": {}, "certification_process": {"OutOfScope": {"out of scope": 8, " \u2022 The DELETE and INSTALL APDU commands are out of scope of this SPM": 1, "1, are out of the scope of the SPM as they are linked to the applet loading or deletion that is out of scope of the SPM boundaries limited to VM opcodes The SFR FMT_MTD.3/JCRE is out of scope of the SPM": 1, "because AID registry is created during loading phase, which is also out of scope of the SPM (Hypothesis 2 of the SPM document [MAV5_SPM]). MultiApp V5: Security Target Java Card": 1, "the active context is not the same as the Selected Applet Context. Application note: This rule is out of scope of the SPM modelisation because CLEAR_ON_DESELECT objects can be created exclusively in the API": 1, "is also out of scope (Hypothesis 4 of the SPM document [MAV5_SPM]).. 3) S.CAP_FILE performing OP.ARRAY_AASTORE of the": 1, "as a null reference. Such a mechanism is implementation-dependent. The deletion of applets is out of scope of this SPM scope. In the case of an array type, fields are components of the array ([JVM], \u00a72.14": 1, "management functions: \u2022 Modify the Currently Active Context Note: the Selected Applet context is out of scope of the VM functionalities. It is a process that occurs prior to VM start The initial setting of": 1, "and deletion; see #.DELETION and #.INSTALL). \u2022 The DELETE and INSTALL APDU commands are out of scope of this SPM. The list of registred applets\u2019 AIDs is proven to be not modified during the execution": 1}}}, "cert_keywords": {"cc_cert_id": {"FR": {"ANSSI-CC-2026/04": 2}}, "cc_protection_profile_id": {}, "cc_security_level": {"EAL": {"EAL7": 1, "EAL2": 1}}, "cc_sar": {}, "cc_sfr": {}, "cc_claims": {}, "vendor": {}, "eval_facility": {"CEA-LETI": {"CEA - LETI": 1}}, "symmetric_crypto": {}, "asymmetric_crypto": {}, "pq_crypto": {}, "hash_function": {}, "crypto_scheme": {}, "crypto_protocol": {}, "randomness": {}, "cipher_mode": {}, "ecc_curve": {}, "crypto_engine": {}, "tls_cipher_suite": {}, "crypto_library": {}, "vulnerability": {}, "side_channel_analysis": {}, "technical_report_id": {}, "device_model": {}, "tee_name": {}, "os_name": {}, "cplc_data": {}, "ic_data_group": {}, "standard_id": {}, "javacard_version": {}, "javacard_api_const": {}, "javacard_packages": {}, "certification_process": {}}, "report_filename": "ANSSI-CC-2026-04-rapport.pdf", "st_filename": "ANSSI-CC-2026-04-cible.pdf", "cert_filename": "ANSSI-CC-2026-04-certificat.pdf"}, "heuristics": {"_type": "sec_certs.sample.cc_eucc_common.Heuristics", "extracted_versions": {"_type": "Set", "elements": ["5.0", "5.0.1"]}, "cpe_matches": null, "verified_cpe_matches": null, "related_cves": null, "cert_lab": null, "cert_id": "ANSSI-CC-2026/04", "prev_certificates": null, "next_certificates": null, "st_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, "indirectly_referenced_by": null, "directly_referencing": {"_type": "Set", "elements": ["BSI-DSZ-CC-1107-V5-2024"]}, "indirectly_referencing": {"_type": "Set", "elements": ["BSI-DSZ-CC-1107-V5-2024"]}}, "report_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, "indirectly_referenced_by": null, "directly_referencing": {"_type": "Set", "elements": ["BSI-DSZ-CC-1107-V5-2024"]}, "indirectly_referencing": {"_type": "Set", "elements": ["BSI-DSZ-CC-1107-V5-2024", "BSI-DSZ-CC-1107-V4-2023", "BSI-DSZ-CC-1107-V3-2022"]}}, "annotated_references": null, "extracted_sars": {"_type": "Set", "elements": [{"_type": "sec_certs.sample.sar.SAR", "family": "AVA_VAN", "level": 5}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_SPD", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_INT", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_ECD", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_TAT", "level": 3}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_DVS", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_LCD", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_TSS", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_REQ", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_IMP", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_TDS", "level": 6}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_OBJ", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_DEL", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ATE_FUN", "level": 2}, {"_type": "sec_certs.sample.sar.SAR", "family": "AGD_PRE", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ASE_CCL", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ATE_IND", "level": 3}, {"_type": "sec_certs.sample.sar.SAR", "family": "AGD_OPE", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_CMS", "level": 5}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_ARC", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_SPM", "level": 1}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_INT", "level": 3}, {"_type": "sec_certs.sample.sar.SAR", "family": "ALC_CMC", "level": 5}, {"_type": "sec_certs.sample.sar.SAR", "family": "ADV_FSP", "level": 6}, {"_type": "sec_certs.sample.sar.SAR", "family": "ATE_COV", "level": 3}, {"_type": "sec_certs.sample.sar.SAR", "family": "ATE_DPT", "level": 4}]}, "direct_transitive_cves": null, "indirect_transitive_cves": null, "scheme_data": null, "protection_profiles": null, "eal": "EAL7"}}