The VPN Client PP-Module did not have the current key generation and key establishment selections necessary for use with the GPOS PP.

MOD_VPN_CLI_V2.1 is modified as follows:

Section 5.1.2 Applicable Modified SFRs

FCS_CKM.1.1(1) The OS shall generate asymmetric cryptographic keys in accordance with a specified cryptographic key generation algorithm:

·         ECC schemes using “NIST curves” P-256, P-384, and [selection: P-521, no other curves] that meet the following: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.4; and

[selection:

·         FFC schemes using cryptographic key sizes of 2048-bit or greater that meet the following: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.1;

·         FFC Schemes using Diffie-Hellman group 14 that meet the following: RFC 3526, Section 3

·         FFC Schemes using safe primes that meet the following: ‘NIST Special Publication 800-56A Revision 3, “Recommendation for Pair-Wise Key Establishment Schemes]; and

[selection:

·         RSA schemes using cryptographic key sizes of 2048-bit or greater that meet the following: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.3;

·         no other key generation methods].

Application Note: This SFR is functionally identical to what is defined in the GPOS PP except that FFC and ECC key generation have been made mandatory in support of IPsec due to the mandated support for DH groups 14, 19, and 20 in FCS_IPSEC_EXT.1.8. RSA remains present as a selection since it may be used by facets of the OS TOE that are not specifically related to VPN client functionality.

FCS_CKM.2.1(1)  The OS shall implement functionality to perform cryptographic key establishment in accordance with a specified key establishment method:

·         Elliptic curve-based key establishment schemes that meets the following: NIST Special Publication 800-56A Revision 3 “Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography,” and

[selection:

·         Finite field-based key establishment schemes that meets the following: NIST Special Publication 800-56A Revision 3, “Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography”,

·         Key establishment scheme using Diffie-Hellman group 14 that meets the following: RFC 3526, Section 3]; and

[selection:

·         RSA-based key establishment schemes that meets the following: RSAES-PKCS1-v1_5 as specified in Section 7.2 of RFC 8017, “Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.2,

·         no other key establishment schemes].

Application Note: This SFR differs from its definition in the GPOS PP by moving elliptic curve-based key establishment schemes from selectable to mandatory (due to the mandated support for DH groups 19 and 20 in FCS_IPSEC_EXT.1.8). It also provides the ability to claim either NIST SP 800-56A or RFC 3526 for key establishment using finite field cryptography. One of these two claims must be made in support of DH group 14 in FCS_IPSEC_EXT.1.8.

MOD_VPN_CLI_V2.1-SD is modified as follows:

Section 2.1.1.1.1: FCS_CKM.2(1) Cryptographic Key Establishment

Refer to the Assurance Activity for FCS_CKM.1(1) in the GPOS PP for evaluating this SFR. Note that because a TOE that conforms to this PP-Module must implement IPsec, the tested protocols shall include IPsec at minimum.

8. References

The GPOS PP reference is replaced as follows:

[GPOS PP] Protection Profile for General Purpose Operating Systems, Version 4.2.1, 22 April 2019

See issue description.