Module Name
Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub
Historical Reason
Moved to historical list due to dependency on certificate #2604
Caveat
When operated in FIPS mode with the module Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #2605 operating in FIPS mode and Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #2604 operating in FIPS mode or Code Integrity (ci.dll) in Windows Enterprise LTSB under Cert. #3437 operating in FIPS mode or Code Integrity (ci.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub under Cert. #3469 operating in FIPS mode
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 2
Embodiment
Multi-Chip Stand Alone
Description
The Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography.
Tested Configuration(s)
- Windows 10 (x64) running on a Dell XPS 8700 with PAA [1][3][4]
- Windows 10 (x64) running on a HP Compaq Pro 6305 with PAA [1][3][4]
- Windows 10 (x86) running on a Dell Inspiron 660s without PAA [1][3][4]
- Windows 10 Enterprise (x64) running on a HP Compaq Pro 6305 with PAA [1][3][4]
- Windows 10 Enterprise (x64) running on a Microsoft Surface 3 with PAA [1][3][4]
- Windows 10 Enterprise (x64) running on a Microsoft Surface Book with PAA [3][4]
- Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 2 with PAA [1][3][4]
- Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 3 with PAA [1][3][4]
- Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 4 with PAA [3][4]
- Windows 10 Enterprise (x64) running on a Microsoft Surface Pro with PAA [1][3][4]
- Windows 10 Enterprise (x86) running on a Dell Inspiron 660s without PAA [1][3][4]
- Windows 10 Enterprise LTSB (x64) running on a Dell XPS 8700 with PAA [1][2]
- Windows 10 Enterprise LTSB (x64) running on a HP Compaq Pro 6305 with PAA [1][2]
- Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface 3 with PAA [2]
- Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 2 with PAA [2]
- Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 3 with PAA [2]
- Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro with PAA [2] (single-user mode)
- Windows 10 Enterprise LTSB (x86) running on a Dell Inspiron 660s without PAA [1][2]
- Windows 10 for Surface Hub (x64) running on a Microsoft Surface Hub 55" with PAA [3][4]
- Windows 10 for Surface Hub (x64) running on a Microsoft Surface Hub 84" with PAA [3][4]
- Windows 10 Mobile (ARMv7) running on a Microsoft Lumia 635 [3][4]
- Windows 10 Mobile (ARMv7) running on a Microsoft Lumia 950 [3][4]
- Windows 10 Pro (x64) running on a HP Compaq Pro 6305 with PAA [1][3][4]
- Windows 10 Pro (x64) running on a Microsoft Surface Book with PAA [3][4]
- Windows 10 Pro (x64) running on a Microsoft Surface Pro 2 with PAA [1][3][4]
- Windows 10 Pro (x64) running on a Microsoft Surface Pro 3 with PAA [1][3][4]
- Windows 10 Pro (x64) running on a Microsoft Surface Pro 4 with PAA [3][4]
- Windows 10 Pro (x64) running on a Microsoft Surface Pro with PAA [1][3][4]
- Windows 10 Pro (x86) running on a Dell Inspiron 660s without PAA [1][3][4]
Approved Algorithms
AES |
Certs. #3497, #3629, #5287 and #5291 |
CVL |
Certs. #575, #576, #663, #664, #1754, #1755, #1757 and #1758 |
DRBG |
Certs. #868, #955, #2033 and #2035 |
DSA |
Certs. #983, #1024, #1369 and #1370 |
ECDSA |
Certs. #706, #760, #1381 and #1383 |
HMAC |
Certs. #2233, #2381, #3494 and #3496 |
KAS |
Certs. #64, #72, #169 and #170 |
KBKDF |
Certs. #66, #72, #183 and #184 |
KTS |
AES Certs. #3507, #3653, #5290 and #5294; key establishment methodology provides between 128 and 256 bits of encryption strength |
PBKDF |
vendor affirmed |
RSA |
Certs. #1783, #1784, #1798, #1802, #1871, #1887, #1888, #1889, #2821, #2825, #2827, #2828, #2829, #2830, #2831 and #2835 |
SHS |
Certs. #2871, #2886, #3047, #3048, #4240, #4246, #4248 and #4249 |
Triple-DES |
Certs. #1969, #2024, #2672 and #2674 |
Other Algorithms
HMAC-MD5; MD5; NDRNG
Software Versions
10.0.10240 [1], 10.0.10240.17643 [2], 10.0.10586 [3], 10.0.10586.1176 [4]