FPT_FLS.1 question when invoking platform DRBG

[woodbe]

If the TOE invokes platform-provided functionality, how exactly is the TOE supposed to know if the DRBG has failed? This information may not be provided as part of the interface, it may either provide it or not (say the API call fails to respond), but it may not actually know why there was a failure.

I assume the point of this is to ensure that a key with 0s only can't be generated and be considered secure, but it isn't clear how this would work in case of the platform providing this functionality

[jfisherbah]

per #13 it seems reasonable for FPT_TST.1 (and by extension FPT_FLS.1) to be selection-based on the condition of the TSF implementing its own DRBG. Since these SFRs would also be in the PP for the platform, one could assume that if the TOE is running on a PP-compliant operating system, the operational environment would be doing this self-test and responding accordingly to its failure.