The Application Notes and Evaluation Activities for FCS_CKM_EXT.4 refer to selection a and selection b. There are 6 selection statements in FCS_CKM_EXT.4 and none of the items in the selections are labelled a or b.

This TD has been superseded by TD 0365 and is archived as of 10-12-2018.

The first paragraph of the Application Note for FCS_CKM_EXT.4.1 is modified as follows:

The interface referenced in the requirement could take different forms, the most likely of which is an application programming interface to an OS kernel. There may be various levels of abstraction visible. For instance, in a given implementation, selection a, that overwrites a key stored in non-volatile memory, the application may have access to the file system details and may be able to logically address specific memory locations. In another implementation, selection b, that instructs the underlying platform to destroy the representation of a key stored in non-volatile memory, the application may simply have a handle to a resource and can only ask the platform to delete the resource, as may be the case with a platforms secure key store. Selection b The latter implementation should only be used for the most restricted access. The level of detail to which the TOE has access will be reflected in the TSS section of the ST.

The first 2 paragraphs of Test 3 are modified as follows:

The following tests apply only to overwriting key stored in non-volatile memory, since the TOE in this instance has more visibility into what is happening within the
underlying platform (e.g., a logical view of the media). In  instructing the underlying platform to destroy the repesentation of the key, the TOE has no visibility into the inner workings and completely relies on the underlying platform, so there is no reason to test the TOE beyond test 2.

The following tests are used to determine the TOE is able to request the platform to overwrite the key with a TOE supplied pattern.

Clarity