Multiple SFRs in PP APP V1.3 have inconsistencies with CC Part 2.

PP_APP_V1.3 is updated as follows, with green highlight indicating format changes and yellow highlight with underline indicating additions:

FCS_COP.1.1(1)

The application shall perform [encryption/decryption] in accordance with a specified cryptographic algorithm [selection:

• AES-CBC (as defined in NIST SP 800-38A) mode,
• AES-GCM (as defined in NIST SP 800-38D) mode,
• AES-XTS (as defined in NIST SP 800-38E) mode,
• AES-CCM (as defined in NIST SP 800-38C) mode,
• AES-CTR (as defined in NIST SP 800-38A) mode

] and cryptographic key sizes [selection: 128-bit, 256-bit] .

FCS_COP.1.1(2)

The application shall perform [cryptographic hashing services] in accordance with a specified cryptographic algorithm [selection:

• SHA-1,
• SHA-256,
• SHA-384,
• SHA-512,
• no other

] and message digest sizes [selection:

• 160,
• 256,
• 384,
• 512,
• no other

] bits that meet the following: FIPS Pub 180-4.

FCS_COP.1.1(3)

The application shall perform [cryptographic signature services (generation and verification)] in accordance with a specified cryptographic algorithm [selection:

• RSA schemes using cryptographic key sizes of 2048-bit or greater that meet the following: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Section 4 ,
• ECDSA schemes using “NIST curves” P-256, P-384 and [selection: P-521, no other curves] that meet the following: FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Section 5

] .

FCS_COP.1.1(4)

The application shall perform [keyed-hash message authentication] in accordance with a specified cryptographic algorithm

• HMAC-SHA-256

and [selection:

• SHA-1,
• SHA-384,
• SHA-512,
• no other algorithms

] with key sizes [assignment: key size (in bits) used in HMAC] and message digest sizes 256 and [selection: 160, 384, 512, no other size] bits that meet the following: FIPS Pub 198-1 The Keyed-Hash Message Authentication Code and FIPS Pub 180-4 Secure Hash Standard.

Corrections required to complete certification report.