Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #3197

Details

Module Name
Cryptographic Primitives Library
Standard
FIPS 140-2
Status
Active
Sunset Date
10/21/2023
Validation Dates
10/22/2018
7/17/2019
Overall Level
1
Caveat
When operated in FIPS mode with modules Kernel Mode Cryptographic Primitives Library validated to FIPS 140-2 under Cert. #3196 operating in FIPS mode and Code Integrity validated to FIPS 140-2 under Cert. #3195 operating in FIPS mode or Secure Kernel Code Integrity validated to FIPS 140-2 under Cert. #3096 operating in FIPS mode
Security Level Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 2
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography.
Tested Configuration(s)
  • Surface Hub (x64) running on a Microsoft Surface Hub with PAA [1]
  • Windows 10 Education April 2018 Update (x64) running on a Microsoft Surface Laptop with PAA [4]
  • Windows 10 Education Fall Creators Update (x64) running on a Microsoft Surface Pro with PAA [3]
  • Windows 10 Enterprise April 2018 Update (x64) running on a Microsoft Surface Book 2 with PAA [4]
  • Windows 10 Enterprise April 2018 Update (x64) running on a Microsoft Surface Laptop with PAA [4]
  • Windows 10 Enterprise April 2018 Update (x64) running on a Microsoft Surface Pro LTE with PAA [4]
  • Windows 10 Enterprise April 2018 Update (x64) running on a Microsoft Surface Studio with PAA [4]
  • Windows 10 Enterprise April 2018 Update (x64) running on an HP Pro x2 612 G2 Detachable PC with LTE with PAA [4] (single-user mode)
  • Windows 10 Enterprise Fall Creators Update (x64) running on a Microsoft Surface Book 2 with PAA [3]
  • Windows 10 Enterprise Fall Creators Update (x64) running on a Microsoft Surface Book with PAA [3]
  • Windows 10 Enterprise Fall Creators Update (x64) running on a Microsoft Surface Laptop with PAA [3]
  • Windows 10 Enterprise Fall Creators Update (x64) running on a Microsoft Surface Pro 4 with PAA [3]
  • Windows 10 Enterprise Fall Creators Update (x64) running on a Microsoft Surface Pro with PAA [3]
  • Windows 10 Enterprise Fall Creators Update (x64) running on a Microsoft Surface Studio with PAA [3]
  • Windows 10 Enterprise Fall Creators Update (x64) running on an HP Pro x2 612 G2 Detachable PC with LTE with PAA [3]
  • Windows 10 Home April 2018 Update (x86) running on a Dell Inspiron 660s without PAA [4]
  • Windows 10 Home Fall Creators Update (x86) running on a Dell Inspiron 660s without PAA [3]
  • Windows 10 Mobile Fall Creators Update (ARMv7) running on a Microsoft Lumia 650 [2]
  • Windows 10 Mobile Fall Creators Update (ARMv7) running on a Microsoft Lumia 950 [2]
  • Windows 10 Mobile Fall Creators Update (ARMv7) running on a Microsoft Lumia 950 XL [2]
  • Windows 10 Mobile Fall Creators Update (ARMv7) running on an HP Elite x3 [2]
  • Windows 10 Pro April 2018 Update (x64) running on a Dell Latitude 12 Rugged Tablet with PAA [4]
  • Windows 10 Pro April 2018 Update (x64) running on a Dell Latitude 5290 with PAA [4]
  • Windows 10 Pro April 2018 Update (x64) running on a Microsoft Surface Book 2 with PAA [4]
  • Windows 10 Pro April 2018 Update (x64) running on a Microsoft Surface Go with PAA [4]
  • Windows 10 Pro April 2018 Update (x64) running on a Microsoft Surface Laptop with PAA [4]
  • Windows 10 Pro April 2018 Update (x64) running on a Microsoft Surface Pro LTE with PAA [4]
  • Windows 10 Pro April 2018 Update (x64) running on an HP Slimline Desktop with PAA [4]
  • Windows 10 Pro Fall Creators Update (x64) on Hyper-V on Windows Server 2016 running on a Surface Pro 4 with PAA [3]
  • Windows 10 Pro Fall Creators Update (x64) running on a Dell Latitude 5285 with PAA [3]
  • Windows 10 Pro Fall Creators Update (x64) running on a Dell Latitude 5290 with PAA [3]
  • Windows 10 Pro Fall Creators Update (x64) running on a Dell PowerEdge R630 Server with PAA [3]
  • Windows 10 Pro Fall Creators Update (x64) running on a Dell Precision Tower 5810MT with PAA [3]
  • Windows 10 Pro Fall Creators Update (x64) running on a Microsoft Surface 3 with LTE with PAA [3]
  • Windows 10 Pro Fall Creators Update (x64) running on a Microsoft Surface Laptop with PAA [3]
  • Windows 10 Pro Fall Creators Update (x64) running on a Microsoft Surface Pro 3 with PAA [3]
  • Windows 10 Pro Fall Creators Update (x64) running on a Microsoft Surface Pro with PAA [3]
  • Windows 10 Pro Fall Creators Update (x64) running on a Panasonic Toughbook with PAA [3]
  • Windows 10 Pro Fall Creators Update (x64) running on an HP Compaq Pro 6305 with PAA [3]
  • Windows 10 Pro Fall Creators Update (x64) running on an HP Slimline Desktop with PAA [3]
  • Windows 10 S Fall Creators Update (x64) running on a Microsoft Surface Laptop with PAA [3]
  • Windows Server Datacenter Core (x64) on Hyper-V on Windows Server running on a Dell Precision Tower 5810MT with PAA [3][4]
  • Windows Server Datacenter Core (x64) running on a Dell PowerEdge R630 Server with PAA [3]
  • Windows Server Datacenter Core (x64) running on a Dell PowerEdge R740 Server with PAA [3][4]
  • Windows Server Datacenter Core (x64) running on a Dell Precision Tower 5810MT with PAA [3]
  • Windows Server Standard Core (x64) on Hyper-V on Windows Server 2016 running on a Dell PowerEdge R740 Server with PAA [4]
  • Windows Server Standard Core (x64) on Hyper-V on Windows Server running on a Dell Precision Tower 5810MT with PAA [3][4]
  • Windows Server Standard Core (x64) running on a Dell PowerEdge R630 Server with PAA [3]
  • Windows Server Standard Core (x64) running on a Dell PowerEdge R740 Server with PAA [3][4]
  • Windows Server Standard Core (x64) running on a Dell Precision Tower 5810MT with PAA [3]
FIPS Algorithms
AES Certs. #4897, #4898, #4899, #4900, #4901, #4902, #5847 and #5860
CKG vendor affirmed
CVL Certs. #1496, #1498, #1507, #1509, #1511, #1513, #2110 and #2111
DRBG Certs. #1730, #1731, #1732 and #2435
DSA Certs. #1301, #1302, #1303 and #1479
ECDSA Certs. #1246, #1249, #1250 and #1563
HMAC Certs. #3267, #3268, #3269 and #3858
KAS Certs. #146, #147, #148 and #200
KBKDF Certs. #157, #158, #159 and #242
KTS AES Certs. #4898, #4899, #4900 and #5860; key establishment methodology provides between 128 and 256 bits of encryption strength
PBKDF vendor affirmed
RSA Certs. #2667, #2670, #2671, #2673, #2674, #2675, #3079 and #3080
SHS Certs. #4009, #4010, #4011 and #4633
Triple-DES Certs. #2556, #2557, #2558 and #2862
Allowed Algorithms
HMAC-MD5; MD5; NDRNG
Software Versions
10.0.15063.674 [1], 10.0.15254 [2], 10.0.16299 [3] and 10.0.17134 [4]

Vendor

Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

Mike Grimm
FIPS@microsoft.com
Phone: 800-Microsoft

Lab

LEIDOS CSTL
NVLAP Code: 200427-0