GPOS PP 4.3 FCS_COP.1/SIGN allows support for RSA signatures of 2048-bit and greater. GPOS PP 4.3 is intended to be CNSA 1.0 compliant, so the RSA minimum signature key size should be 3072-bit. However, this causes some issues for secure boot, so an exception for that is being made for now, but will be removed in a later version.

This TD updates changes made by TD0727, which is now archived.

FCS_COP.1.1/SIGN in PP_OS_V4.3 is modified as follows, with green-highlighted underlines indicating additions:

FCS_COP.1.1/SIGN

The OS shall perform [cryptographic signature services (generation and verification)] in accordance with a specified cryptographic algorithm [selection:

• RSA schemes using cryptographic key sizes of [selection: 2048-bit (for secure boot only) or greater, 3072-bit or greater] that meet the following: FIPS PUB 186-4, "Digital Signature Standard (DSS)", Section 4
• ECDSA schemes using "NIST curves" P-384 and [selection: P-521, no other curves ] that meet the following: FIPS PUB 186-4, "Digital Signature Standard (DSS)", Section 5

] and cryptographic key sizes [assignment: cryptographic algorithm] that meet the following: [assignment: list of standards].

The following evaluation activities are added to PP_OS_V4.3:

TSS

[Conditional: if “2048-bit (for secure boot only) or greater” is selected] The evaluator shall check that the TSS documents that 2048-bit RSA is used only for secure boot and a greater key size is used for any other functions.

Guidance

[Conditional: if “2048-bit (for secure boot only) or greater” is selected] The evaluator shall check that the AGD documents any configuration needed to ensure 2048-bit RSA is used only for secure boot and a greater key size is used for any other functions.

See Issue Description.