The assurance activity for FCS_RBG_EXT.1.1 is somewhat unclear for the “invoke platform-provided DRBG functionality” case.  Additional clarification is provided in the Resolution section.

Replace the “If invoke platform-provided DRBG functionality” case in the AA with the following text:

If invoke platform-provided DRBG functionality is selected, the evaluator performs the following activities.  The evaluator shall examine the TSS to confirm that it identifies all functions (as described by the SFRs included in the ST) that obtain random numbers from the platform RBG.  The evaluator shall determine that for each of these functions, the TSS states which platform interface (API) is used to obtain the random numbers.  The evaluator shall confirm that each of these interfaces corresponds to the acceptable interfaces listed for each platform below.  The evaluator shall then decompile the application binary using an decompiler suitable for the TOE.  The evaluator shall search the output of the decompiler to determine that, for each API listed in the TSS, that API appears in the output.  If the representation of the API does not correspond directly to the strings in the following list, the evaluator shall provide a mapping from the decompiled text to its corresponding API, with a description of why the API text does not directly correspond to the decompiled text and justification that the decompiled text correspond so the associated API.

It should be noted that there is no expectation that the evaluators attempt to confirm that the APIs are being used “correctly” for the functions identified in the TSS; the activity is to list the used APIs and then do an existence check via decompilation.

The following are the per-platform list of acceptable APIs:

For BlackBerry: The evaluator shall verify that the application invokes Security Builder Crypto GSE.

For Android: The evaluator shall verify that the application uses at least one of javax.crypto.KeyGenerator class or the java.security.SecureRandom class or /dev/random or /dev/urandom.

For Windows: The evaluator shall verify that BCryptGenRandom or CryptGenRandom API is used for classic desktop applications. The evaluator shall verify that the System.Random API is used for Windows Store Applications. In future versions of this document, CryptGenRandom may be removed as an option as it is no longer the preferred API per vendor documentation.

For iOS: The evaluator shall verify that the application invokes SecRandomCopyBytes or uses /dev/random directly to acquire random.

For Linux: The evaluator shall verify that the application collects random from /dev/random or /dev/urandom.

For Solaris: The evaluator shall verify that the application collects random from /dev/random.

For Mac OS X: The evaluator shall verify that the application uses /dev/random to acquire random.

Clarifies evaluator activities with respect to the individual platforms and the use of decompilation and not source-code examination.