Assignments and Selections - commoncriteria/pp-template GitHub Wiki
Updated 25 April 2024
Assignments are specified using the <assignable> tag:
<assignable>list of services for which the TSF is able to initiate communications</assignable>They can be pretty much anywhere in an Element Title, even inside Selections.
<selectables>
<selectable>authentication server</selectable>
<selectable><assignable>other capabilities</assignable></selectable>
</selectables>The App Note for the containing Element should include guidance on how to fill out all Assignments.
Selections are much more complicated than Assignments. NIAP XML supports two kinds of Selections: Classic Selections and Table-based Selections.
All Selections use the confusingly similar <selectables> and <selectable> elements. <selectables> defines the set of <selectable> values.
<selectables>
<selectable>The first thing</selectable>
<selectable>The second thing</selectable>
<selectable>The last thing</selectable>
</selectables>Which results in HTML that looks something like this: [selection: The first thing, The second thing. The last thing].
The semantics of a basic Selection is that you must select at least one thing, and you may select more than one.
If you want to limit selection to only one item, use the choose-one-of or onlyone attribute on the <selectables> element. In the past, only the onlyone attribute was allowed, but either of the two attributes can be used and they both behave the same way. We recommend using the choose-one-of attribute in order to reduce confusion with the exclusive attribute. The onlyone attribute will be deprecated in the future.
<selectables choose-one-of="yes">
<selectable>The first thing</selectable>
<selectable>The second thing</selectable>
<selectable>The last thing</selectable>
</selectables>This results in HTML that looks something like this: [selection, choose one of: The first thing, The second thing. The last thing]. This also allows the ST Wizard and the Automation framework to enforce that only one selection is made.
If you want to make one selection exclusive, then use the exclusive attribute on the <selectable> element.
<selectables>
<selectable>The first thing</selectable>
<selectable>The second thing</selectable>
<selectable exclusive="yes">No other thing</selectable>
</selectables>In this case, if "No other thing" is selected, then no other things can be selected. Usually this is used in a "No other thing" or "None" situation. If there are only two selectables, and one of them is "None," it's preferable to use exclusive rather than onlyone because the case is so obvious that the "choose one of" text is not necessary. The exclusive attribute doesn't produce any extra text, but in that situation it performs as one would expect.
In order for a selection to be used elsewhere in a dependency or a rule, the <selectable> must have an id attribute. The id must be unique within the document so it is best include the SFR as part of the name.
<selectables>
<selectable id="sel-fcs-cop-1-1stthing">The first thing</selectable>
<selectable id="sel-fcs-cop-1-2ndthing">The second thing</selectable>
<selectable exclusive="yes">No other thing</selectable>
</selectables>Elsewhere you could declare a selection-based Component to depend on one of these selections using <depends on-sel="sel-fcs-cop-1-1stthing"/>. See also, Dependencies.
There are a couple ways to change the appearance of a Selection construct in HTML.
The linebreak attribute can be used to have the Selections display as a bulleted list.
<selectables linebreak="yes">
<selectable id="sel-fcs-cop-1-1stthing">The first thing</selectable>
<selectable id="sel-fcs-cop-1-2ndthing">The second thing</selectable>
<selectable exclusive="yes">No other thing</selectable>
</selectables>This is displayed something like:
[selection:
* The first thing
* The second thing
* No other thing
]
The appearance of individual Selections can be modified using the style attribute on the <selectable> element. This attribute is supposed to be passed along to the underlying HTML <li> element. Good luck. You're on your own with that one.
A non-selectable selection is necessary when an SFR is refined by striking through one or more items in a Selection. The items need to be displayed, but can't be selected. For this corner case, use the <not-selectable> element in place of the <selectable> element and supply your own text formatting.
<selectables>
<selectable id="sel-fcs-cop-1-1stthing">The first thing</selectable>
<not-selectable><h:i><h:s>The second thing</h:s></h:i></not-selectable>
<selectable exclusive="yes">No other thing</selectable>
</selectables>The second thing should appear in italics with strikethrough, and the ST Wizard knows not to allow the selection.
Expressing complicated selections using tables greatly improves readability. It has been adopted for Cryptographic requirements by the CCDB Crypto Working Group and is used in the DSCcPP and the GPCPPP.
Here is an example from GPCP:
The above HTML is generated from the following XML:
<f-component id="sfr-fcs-ckm-1-ak" cc-id="fcs_ckm.1" iteration="AK"
name="Cryptographic Key Generation (Asymmetric Keys)" status="sel-based">
<f-element id="fcs-ckm-1e1-ak">
<title>
The TSF shall generate <h:b>asymmetric</h:b> cryptographic keys in accordance with a specified
cryptographic key generation algorithm
<selectables>
<tabularize id="fcs-ckm-1-ak-sels" title="Choices for completion of the selection
operations in FCS_CKM.1.1/AK">
<selectcol>Cryptographic key generation algorithm </selectcol>
<reqtext>and specified cryptographic key sizes</reqtext>
<selectcol>Cryptographic key sizes</selectcol>
<reqtext>that meet the following: </reqtext>
<selectcol>List of standards</selectcol>
</tabularize>
<selectable id="sel-fcs-ckm-ak-rsa">
<col>RSA</col>
<col><selectables>
<selectable id="sel-exp-ak-rsa-2048">2048 bit</selectable>
<selectable id="sel-exp-ak-rsa-3072">3072-bit</selectable></selectables></col>
<col>FIPS PUB 186-4 sec. B.3 [key generation]</col>
</selectable>
<selectable id="sel-fcs-ckm-ak-eccn">
<col>ECC-N</col>
<col><selectables>
<selectable id="sel-exp-ak-eccn-P256">256 (P-256)</selectable>
<selectable id="sel-exp-ak-eccn-P384">384 (P-384)</selectable>
<selectable id="sel-exp-ak-eccn-P521">521 (P-521)</selectable></selectables></col>
<col>FIPS PUB 186-4 sec. D.1.2 [NIST curves]<h:p/>
FIPS PUB 186-4 sec. B.4 [key generation]</col>
</selectable>
<selectable id="sel-fcs-ckm-ak-eccb">
<col>ECC-B</col>
<col><selectables>
<selectable id="sel-exp-ak-eccb-bpP256r1">256 (brainpoolP256r1)</selectable>
<selectable id="sel-exp-ak-eccb-bpP384r1">384 (brainpoolP384r1)</selectable>
<selectable id="sel-exp-ak-eccb-bpP512r1">512 (brainpoolP512r1)</selectable>
</selectables></col>
<col>RFC 5639 sec. 3 [Brainpool Curves]<h:p/>
FIPS PUB 186-4 sec. B.4 [key generation]</col>
</selectable>
<selectable id="sel-fcs-ckm-ak-dsa">
<col>DSA</col>
<col>DSA Bit lengths of p and q respectively (L, N)
<selectables>
<selectable id="sel-exp-ak-dsa-2048-224">(2048, 224)</selectable>
<selectable id="sel-exp-ak-dsa-2048-256">(2048, 256)</selectable>
<selectable id="sel-exp-ak-dsa-3027-256">(3027, 256)</selectable>
</selectables></col>
<col>FIPS PUB 186-4 sec. B.1 [key generation]</col>
</selectable>
<selectable id="sel-fcs-ckm-ak-curve25519">
<col>Curve25519</col>
<col>256 bits</col>
<col>RFC 7748 [Curve25519]<h:p/>
FIPS PUB 186-4 sec. B.4 [key generation]</col>
</selectable>
</selectables>
</title>The entire table is defined within a special <selectables> element. The <selectables> element contains a <tabularize> element to define that table and a <selectable> element for each row in the table.
The title attribute becomes the caption for the table.
The text within the <selectcol> element becomes both the heading for a column in the table and the contents of a selection statement within the title text. This is a selection statement with only one selection as it identifies a column in the table. Generally the first selection in the <title> indicates a row in the table by specifying an algorithm. The other selection statements simply correspond to the cells in the same row. There must be one <selectcol> element for each column.
The text within <reqtext> elements represents the requirements text that appears in between the selection statements.
Use the <textcol> element to create a column that is not part of the requirement, such as a row identifier. The contents of the <textcol> element becomes the column header. The following example uses <textcol> to create an "Identifier" column as the leftmost column in the table.
<tabularize id="fcs-ckm-1-ak-sels" title="Choices for completion of the selection operations in FCS_CKM.1.1/AK">
<textcol>Identifier</textcol>
<selectcol>Cryptographic key generation algorithm </selectcol>
<reqtext>and specified cryptographic key sizes</reqtext>
<selectcol>Cryptographic key sizes</selectcol>
<reqtext>that meet the following: </reqtext>
<selectcol>List of standards</selectcol>
</tabularize>Each <selectable> represents one row in the table. Each <selectable> must have a <col> element that corresponds to each <textcol> and <selectcol> element in the <tabularize> element.
For example, the following could go with the above <tabularize> element.
<selectable id="sel-fcs-ckm-ak-eccn">
<col>5</col> <!-- Identifier -->
<col>ECC-N</col> <!-- Cryptographic key generation algorithm -->
<col><selectables> <!-- Cryptographic key sizes -->
<selectable id="sel-exp-ak-eccn-P256">256 (P-256)</selectable>
<selectable id="sel-exp-ak-eccn-P384">384 (P-384)</selectable>
<selectable id="sel-exp-ak-eccn-P521">521 (P-521)</selectable></selectables></col>
<col>FIPS PUB 186-4 sec. D.1.2 [NIST curves]<h:p/> <!-- List of standards -->
FIPS PUB 186-4 sec. B.4 [key generation]</col>
</selectable>If you need selections or assignments within the cells of the table, they are specified just like any other selection or assignment.