Module Name
Cryptographic Primitives Library
Caveat
When operated in FIPS mode with modules Kernel Mode Cryptographic Primitives Library validated to FIPS 140-2 under Cert. #4766 operating in FIPS mode and Code Integrity validated to FIPS 140-2 under Cert. #4511 operating in FIPS mode or Secure Kernel Code Integrity validated to FIPS 140-2 under Cert. #4512 operating in FIPS mode
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 2
Embodiment
Multi-Chip Stand Alone
Description
The Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography.
Tested Configuration(s)
- Azure Host OS 2021 (64-bit) running on a Dell PowerEdge R840 with an Intel Xeon Platinum 8260 with PAA
- Azure Stack HCI version 21H2 (64-bit) running on an HPE ProLiant DL380 with an Intel Xeon Platinum 8276L with PAA
- Windows 10 version 20H2 Enterprise (64-bit) running on a Dell Latitude 7420 with an Intel i7-1185G7 with PAA
- Windows 10 version 20H2 Enterprise (64-bit) running on a Dell Latitude 9520 with an Intel i7-1185G7 with PAA
- Windows 10 version 20H2 Pro (64-bit) running on a Dell Latitude 3520 with an Intel i3-1115G4 with PAA
- Windows 10 version 20H2 Pro (64-bit) running on a Microsoft Surface Laptop 4 with an Intel i5-1145G7 with PAA
- Windows 10 version 20H2 Pro (64-bit) running on an HP EliteBook x360 830 G8 with an Intel i7-1165G7 with PAA
- Windows 10 version 21H1 Pro (64-bit) running on a HP EliteBook x360 830 G8 with an Intel i7-1165G7 with PAA
- Windows 10 version 21H1 Pro (64-bit) running on a Microsoft Surface Laptop 4 with an Intel i5-1145G7 with PAA
- Windows 11 (64-bit) running on a Microsoft Surface Laptop 4 with an Intel i5-1145G7 with PAA
- Windows Server 2022 Core (64-bit) on Microsoft Windows Server 2019 Hyper-V running on a Dell PowerEdge R630 with an Intel Xeon E5-2660 with PAA
- Windows Server 2022 Core Datacenter (64-bit) on Microsoft Windows Server 2019 Hyper-V running on a Dell PowerEdge R630 with an Intel Xeon E5-2660 with PAA
- Windows Server 2022 Core Datacenter (64-bit) running on an HPE ProLiant E910 with an Intel Xeon Gold 6248 without PAA
- Windows Server 20H2 Core (64-bit) on Microsoft Windows Server 2019 Hyper-V running on a Dell PowerEdge R630 with an Intel Xeon E5-2660 with PAA
- Windows Server 20H2 Core Datacenter (64-bit) on Microsoft Windows Server 2019 Hyper-V running on a Dell PowerEdge R630 with an Intel Xeon E5-2660 with PAA
- Windows Server Azure Edition (64-bit) running on a Dell PowerEdge R840 with an Intel Xeon Platinum 8260 with PAA (single-user mode)
Approved Algorithms
| AES |
Certs. #A2001, #A2004, #A2019, #A2023, #A2025, #A2031, #A2066 and #A2069 |
| CKG |
vendor affirmed |
| CVL |
Certs. #A2004, #A2019, #A2025 and #A2066 |
| DRBG |
Certs. #A2004, #A2019, #A2025 and #A2066 |
| DSA |
Certs. #A2004, #A2019, #A2025 and #A2066 |
| ECDSA |
Certs. #A2004, #A2019, #A2025 and #A2066 |
| ENT |
P |
| HMAC |
Certs. #A2004, #A2019, #A2025 and #A2066 |
| KAS |
Certs. #A2004, #A2019, #A2025 and #A2066 |
| KAS-SSC |
Certs. #A2004, #A2019, #A2025 and #A2066 |
| KBKDF |
Certs. #A2001, #A2023, #A2031 and #A2069 |
| KTS |
AES Certs. #A2001, #A2023, #A2031 and #A2069; key establishment methodology provides between 128 and 256 bits of encryption strength |
| PBKDF |
Certs. #A2004, #A2019, #A2025 and #A2066 |
| RSA |
Certs. #A2004, #A2019, #A2025 and #A2066 |
| SHS |
Certs. #A2004, #A2019, #A2025 and #A2066 |
| Triple-DES |
Certs. #A2004, #A2019, #A2025 and #A2066 |
Software Versions
10.0.19042, 10.0.19043, 10.0.20348 and 10.0.22000
