Module Name
Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, Microsoft Windows Phone 8, and Microsoft Windows
Storage Server 2012 Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)
Historical Reason
Moved to historical list in accordance with SP800-131A Revision 1 Transition (AES/TDES key wrapping)
Caveat
When operated in FIPS mode with modules Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Kernel Mode Cryptographic Primitives Library (CNG.SYS) validated to FIPS 140-2 under Cert. #1891 operating in FIPS mode, and Microsoft Windows 8, Microsoft Windows Server 2012, Microsoft Windows RT, Microsoft Surface Windows RT, Microsoft Surface Windows 8 Pro, and Microsoft Windows Phone 8 Code Integrity (CI.DLL) validated to FIPS 140-2 under Cert. #1897 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
- Design Assurance: Level 2
Embodiment
Multi-chip standalone
Description
The Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography.
This cryptographic module also maintains FIPS 140-2 validation compliance (according to FIPS 140-2 PUB Implementation Guidance G.5) on Microsoft Windows 8, Microsoft Windows 8 Pro, and Microsoft Windows Server 2012 Datacenter.
Tested Configuration(s)
- Microsoft Windows 8 Enterprise (x64) running on a Dell PowerEdge SC430 without PAA
- Microsoft Windows 8 Enterprise (x64) running on Intel Core i7 with PAA running on an Intel Client Desktop
- Microsoft Windows 8 Enterprise (x86) running on a Dell Dimension C521
- Microsoft Windows 8 Pro (x64) running on an Intel x64 Processor with PAA running on a Microsoft Surface Windows 8 Pro
- Microsoft Windows Phone 8 (ARMv7 Thumb-2) running on a Windows Phone 8
- Microsoft Windows RT (ARMv7 Thumb-2) running on a Microsoft Surface Windows RT
- Microsoft Windows RT (ARMv7 Thumb-2) running on a Qualcomm Tablet
- Microsoft Windows RT (ARMv7 Thumb-2) running on an NVIDIA Tegra 3 Tablet
- Microsoft Windows Server 2012 (x64) running on a Dell PowerEdge SC430 without PAA
- Microsoft Windows Server 2012 (x64) running on Intel Core i7 with PAA running on an Intel Client Desktop
- Microsoft Windows Storage Server 2012 (x64) running on an Intel Maho Bay with PAA
- Microsoft Windows Storage Server 2012 (x64) running on an Intel Maho Bay without PAA (single-user mode)
Approved Algorithms
AES |
Certs. #2197 and #2216 |
DRBG |
Certs. #258 and #259 |
DSA |
Cert. #687 |
ECDSA |
Cert. #341 |
HMAC |
Cert. #1345 |
KAS |
Cert. #36 |
KBKDF |
Cert. #3 |
PBKDF |
vendor affirmed |
RSA |
Certs. #1133 and #1134 |
SHS |
Cert. #1903 |
Triple-DES |
Cert. #1387 |
Other Algorithms
AES (Cert. #2197, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; Legacy CAPI KDF; MD2; MD4; MD5; HMAC MD5; RC2; RC4; RSA (encrypt/decrypt)
Software Versions
6.2.9200