Module Name
Microsoft Windows Server 2008 R2 Cryptographic Primitives Library (bcryptprimitives.dll)
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode with Windows Server 2008 R2 Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #1334 operating in FIPS mode
Embodiment
Multi-chip standalone
Description
BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows components and applications running on Windows. The cryptographic module, bcryptprimitives.dll, encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CNG (Cryptography, Next Generation) API. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 compliant cryptography.
Tested Configuration(s)
- Microsoft Windows Server 2008 R2 (IA64 version)
- Microsoft Windows Server 2008 R2 (x64 Version)
- Microsoft Windows Server 2008 R2 SP1 (IA64 version) (single-user mode)
- Microsoft Windows Server 2008 R2 SP1 (x64 version)
Approved Algorithms
AES |
Certs. #1168 and #1187 |
AES GCM |
Cert. #1168, vendor-affirmed |
AES GMAC |
Cert. #1168, vendor-affirmed |
DRBG |
Certs. #23 and #27 |
DSA |
Cert. #391 |
ECDSA |
Cert. #142 |
HMAC |
Cert. #686 |
KAS |
SP 800-56A, vendor affirmed, key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength |
RNG |
Cert. #649 |
RSA |
Certs. #559 and #567 |
SHS |
Cert. #1081 |
Triple-DES |
Cert. #846 |
Other Algorithms
AES (Cert. #1168, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); DES; HMAC MD5; MD2; MD4; MD5; RC2; RC4
Software Versions
6.1.7600.16385 or 6.1.7601.17514