Archived TD0227: NIT Technical Decision for TOE acting as a TLS Client and RSA key generation
NDcPP V1.0, FWcPP V1.0, FCS_CKM.1
The NIT has issued a technical decision for TOE acting as a TLS Client and RSA key generation.
For TLS_RSA, the client encrypts the pre-master secret with the server's public key. Since the server's RSA keys were (most likely) not generated on the TLS client, the client is simply the receiver of the public keys. In this case, then the TLS client would not need to implement RSA key generation.
The NIT also provides the following clarifications:
a. As per RFI 201701rev2 TLS_RSA_WITH_AES_128_CBC_SHA support is no longer mandatory. Therefore it is possible to claim evaluated configuration where TLS would not utilize RSA keys. In such cases, as clarified by RFI 201700: “The evaluator shall neither carry out EAs related to SFRs that are not claimed in the ST nor EAs related to specific selected or assigned values that are not claimed in the ST.”
b. FCS_CKM.1 specifies key generation by the TOE. Since there is no SFR covering secure key injection, RSA key generation is applicable in any case when RSA keys originating from the TOE are used (FCS_TLSS_EXT.1, FCS_TLSS_EXT.2, FCS_TLSC_EXT.2).
c. In the case of TLS_RSA ciphers where only FCS_TLSC_EXT.1 is claimed (that is, the TOE is a client and not configured for mutual authentication) it is acceptable to not generate RSA keys. For all other cases, RSA key generation as specified in FCS_CKM.1 is expected.
FCS_CKM.1, Application Note 7 shall be modified as follows:
"If the TOE acts as a receiver in the key establishment schemes and is not configured to support mutual authentication, the TOE does not need to implement key generation.”
For further information, please see the NIT interpretation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRfI201703.pdf
See issue description.