TD0560: Email Encryption Algorithms
RFC5751 is obsoleted by RFC8551. RFC8551 mandates both encryption and decryption support for AES-128 GCM, AES-256 GCM, and AES-128 CBC, the AES-GCM algorithms will be added as selections in FCS_SMIME_EXT.1.2. Future versions of the EP will most likely mandate them.
This TD supersedes TD0254 and TD0381.
FCS_SMIME_EXT.1.1 and its Application Note is replaced as follows:
FCS_SMIME_EXT.1.1 The email client shall implement both a sending and receiving S/MIME v4.0 Agent as defined in RFC 8551, using CMS as defined in RFCs 5652, 5754, and 3565.
Application Note: The RFCs allow for an agent to be either sending or receiving, or to include both capabilities. The intent of this requirement is to ensure that the email client is capable of both sending and receiving S/MIME v4.0 messages.
FCS_SMIME_EXT.1.2 is replaced as follows:
FCS_SMIME_EXT.1.2 The email client shall transmit the ContentEncryptionAlgorithmIdentifier for AES-128 CBC, AES-256 CBC, and [selection: AES-128 GCM, AES-256 GCM, no other] as part of the S/MIME protocol.
FCS_SMIME_EXT.1.4 is replaced as follows:
FCS_SMIME_EXT.1.4 The email client shall present the signatureAlgorithm field with the following: sha256withRSAEncryption and [selection:
no other algorithms
] as part of the S/MIME protocol.
Application Note: RFC 8551 mandates that receiving and sending agents support RSA with SHA256. The algorithms to be tested in the evaluated configuration are limited to the algorithms specified in the FCS_SMIME_EXT.1.4 selection. Any other algorithms implemented that do not comply with these requirements should not be included in an evaluated email client.
Test 3 of FCS_SMIME_EXT.1 is replaced as follows:
a) The evaluator shall send an encrypted message from the TOE to an OE receiver using each of the algorithms specified in the ST. The evaluator shall verify that each message is encrypted and the OE receiver can successfully decrypt each message.
b) The evaluator shall use the OE receiver to send an encrypted reply back to the TOE for each message sent in a). The evaluator shall verify that each reply is encrypted and the TOE can successfully decrypt each reply.
Test 6 of FCS_SMIME_EXT.1 is replaced as follows:
Test 6: The evaluator shall send an encrypted message to the email client using an encryption algorithm not supported according to the signatureAlgorithm field. The evaluator shall verify that the email client does not display/decrypt the contents of the message.
For FCS_SMIME_EXT.1.4, additional algorithms supported by RFC8551 will be reviewed and considered by the TC for inclusion when the Email EP is converted to a PP-Module.