Multiple SFRs in PP APP V1.4 have inconsistencies with CC Part 2, two of which were previously modified by TDs.

TDs 659 and 626 are archived, and their changes replicated here.

PP_APP_V1.4 is updated as follows:

All references to FCS_CKM.1 and FCS_CKM.1.1 are renamed to FCS_CKM_EXT.1 and FCS_CKM_EXT.1.1, except for the reference in the FCS_CKM.2. TSS evaluation activity, which is replaced with FCS_CKM.1.1/AK.

All references to FCS_CKM.1/PBKDF, FCS_CKM.1.1/PBKDF, FCS_CKM.1.2/PBKDF are renamed to FCS_CKM_EXT.1/PBKDF, FCS_CKM_EXT.1.1/PBKDF, FCS_CKM_EXT.1.2/PBKDF.

The following SFRs are updated as follows, with green highlight indicating a format change, yellow highlight and underline indicating addition, and red highlight and strikethrough indicating deletion:

FCS_CKM.1.1/AK

The application shall [selection:

·       invoke platform-provided functionality,

·       implement functionality

] to generate asymmetric cryptographic keys in accordance with a specified cryptographic key generation algorithm [selection:

·       [RSA schemes] using cryptographic key sizes of [2048-bit or greater] that meet the following: [FIPS PUB 186-4, "Digital Signature Standard (DSS)”, Appendix B.3"],

·       [ECC schemes] using [“NIST curves” P-256, P-384 and [selection: P-256, P-521 , no other curves ] ]that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.4],

·       [FFC schemes] using cryptographic key sizes of [2048-bit or greater] that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.1],

·       [FFC Schemes] using [Diffie-Hellman group 14] that meet the following: [RFC 3526, Section 3],

·       [FFC Schemes] using [“safe-prime” groups] that meet the following: [NIST Special Publication 800-56A Revision 3, “Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography” and [selection: RFC 3526, RFC 7919]]

].

FCS_COP.1.1/Hash

The application shall perform [cryptographic hashing services] in accordance with a specified cryptographic algorithm [selection:

·       SHA-1,

·       SHA-256,

·       SHA-384,

·       SHA-512,

·       no other

] and message digest sizes [selection:

·       160,

·       256,

·       384,

·       512,

·       no other

] bits that meet the following: [FIPS Pub 180-4].

FCS_COP.1.1/KeyedHash

The application shall perform [keyed-hash message authentication] in accordance with a specified cryptographic algorithm [selection:

• HMAC-SHA-256
• HMAC-SHA-384
• HMAC-SHA-512

] and [selection:

• HMAC-SHA-1,
• SHA-384,
• SHA-512,
• no other algorithms

] with key sizes [assignment: key size (in bits) used in HMAC] and message digest sizes [selection: 256, 384, 512] and [selection: 160, 384, 512, no other size] bits that meet the following: [FIPS Pub 198-1, ‘The Keyed-Hash Message Authentication Code’ and FIPS Pub 180-4 ‘Secure Hash Standard’].

FCS_COP.1.1/Sig

The application shall perform [cryptographic signature services (generation and verification)] in accordance with a specified cryptographic algorithm [selection:

·       RSA schemes using cryptographic key sizes of [2048-bit or greater] that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Section 45],

·       ECDSA schemes using [“NIST curves” P-256, P-384 and [selection: P-521, no other curves]] that meet the following: [FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Section 56]

].

FCS_COP.1.1/SKC

The application shall perform [encryption/decryption] in accordance with a specified cryptographic algorithm [selection:

·       AES-CBC (as defined in NIST SP 800-38A) mode,

·       AES-GCM (as defined in NIST SP 800-38D) mode,

·       AES-XTS (as defined in NIST SP 800-38E) mode,

·       AES-CCM (as defined in NIST SP 800-38C) mode,

·       AES-CTR (as defined in NIST SP 800-38A) mode

] and cryptographic key sizes [selection: 128-bit, 256-bit].

Corrections required to complete certification report, and previous TD changes need to be incorporated.