The FCS_COP.1(1) Cryptographic Operation (AES Data Encryption/ Decryption) requirement is inconsistent with FCS_SSHS_EXT.1.  FCS_COP.1(1) requires support for AES_CCMP; however, the SSH requirements in FCS_SSHS_EXT.1.4 do not include AES_CCMP. If the TOE only implements SSH, then AES_CCMP is not applicable.

AES_CCMP is optional on TLS inclusion.  The requirement now appears as follows:

FCS_COP.1.1(1) The TSF shall perform [encryption/decryption] in accordance with a specified cryptographic algorithm

[selection:

• AES Key Wrap (KW) (as defined in NIST SP 800-38F),
• AES Key Wrap with Padding (KWP) (as defined in NIST SP 800-38F),
• AES-GCM (as defined in NIST SP 800-38D),
• AES-CCM (as defined in NIST SP 800-38C),
• AES-XTS (as defined in NIST SP 800-38E) mode,
• AES-CCMP-256 (as defined in NIST SP800-38C and IEEE 802.11ac-2013),
• AES-GCMP-256 (as defined in NIST SP800-38D and IEEE 802.11ac-2013),
• AES-CCMP (as defined in FIPS PUB 197, NIST SP 800-38C and IEEE 802.11-2012),
• AES-CBC (as defined in FIPS PUB 197, and NIST SP 800-38A) mode,
• AES-CTR (as defined in NIST SP 800-38A) mode]

and cryptographic key sizes  [selection: 128-bit key sizes, 256-bit key sizes].

Application Note:

For the first selection of FCS_COP.1.1(1), the ST author should choose the mode or modes in which AES operates. For the second selection, the ST author should choose the key sizes that are supported by this functionality.

Removes requirement inconsistencies