Module Name
Microsoft Windows Vista Cryptographic Primitives Library (bcrypt.dll)
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #980 operating in FIPS mode
Embodiment
Multi-chip standalone
Description
BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows Vista components and applications running on Windows Vista.
The cryptographic module, BCRYPT.DLL, encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CNG (Cryptography, Next Generation) API. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 compliant cryptography.
Tested Configuration(s)
- Microsoft Windows Vista Ultimate Edition SP1 (x64 version) (single-user mode)
- Microsoft Windows Vista Ultimate Edition SP1 (x86 Version)
Approved Algorithms
| AES |
Certs. #739 and #756 |
| DSA |
Cert. #283 |
| ECDSA |
Cert. #82 |
| HMAC |
Cert. #412 |
| RNG |
Cert. #435 and SP 800-90, vendor affirmed |
| RSA |
Certs. #353 and #357 |
| SHS |
Cert. #753 |
| Triple-DES |
Cert. #656 |
Other Algorithms
AES (GCM and GMAC; non-compliant); DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD2; MD4; MD5; RC2; RC4; RNG (SP 800-90 Dual-EC; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant provides less than 112 bits of encryption strength)
Software Versions
6.0.6001.22202, 6.0.6002.18005 and 6.0.6002.22872
