NIAP: View Technical Decision Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0172:  Additional APIs added to FCS_RBG_EXT.1.1

Publication Date
2017.04.11

Protection Profiles
PP_APP_v1.2

Other References
FCS_RBG_EXT.1.1

Issue Description

In the Assurance Activity for FCS_RBG_EXT.1.1, the Windows activity states:

"The evaluator shall verify that BCryptGenRandom or CryptGenRandom API is used for classic desktop applications ... In future versions of this document, CryptGenRandom may be removed as an option as it is no longer the preferred API per vendor documentation."  This TRRT addresses additional API alternatives that are acceptable. 

Resolution

RtlGenRandom and rand_S will be added as APIs in the assurance activity for Windows under FCS_RBG_EXT.1.1.  The modified section of the AA will be as follows:

For Windows:

The evaluator shall verify that rand_s, RtlGenRandom, BCryptGenRandom, or CryptGenRandom API is used for classic desktop applications. The evaluator shall verify that the System.Random API is used for Windows Universal Applications. It is only required that the API is called/invoked, there is no requirement that the API be used directly. In future versions of this document, CryptGenRandom may be removed as an option as it is no longer the preferred API per vendor documentation.

 

 

Justification

Adding additional APIs that are acceptable today.

 
 
Site Map              Contact Us              Home