Module Name
Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2
Historical Reason
Moved to historical list due to dependency on certificate #2356
Caveat
When operated in FIPS mode with modules Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2356 operating in FIPS mode, and Code Integrity (ci.dll) in Microsoft Windows 8.1 Enterprise, Windows Server 2012 R2, Windows Storage Server 2012 R2, Surface Pro 3, Surface Pro 2, Surface Pro, Surface 2, Surface, Windows RT 8.1, Windows Phone 8.1, Windows Embedded 8.1 Industry Enterprise, StorSimple 8000 Series validated to FIPS 140-2 under Cert. #2355 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 2
Embodiment
Multi-chip standalone
Description
The Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) provides cryptographic services to Windows components and applications. It includes cryptographic algorithms in an easy-to-use cryptographic module via the Cryptography Next Generation (CNG) API. It can be dynamically linked into applications for the use of general-purpose FIPS 140-2 validated cryptography.
Tested Configuration(s)
- Azure StorSimple Virtual Array Windows Server 2012 R2 on Hyper-V 6.3 on Windows Server 2012 R2 (x64) running on a Dell Precision Tower 5810 with PAA
- Azure StorSimple Virtual Array Windows Server 2012 R2 on VMware Workstation 12.5 on Windows Server 2012 R2 (x64) running on a Dell XPS 8700 with PAA (single-user mode)
- Microsoft Server 2012 R2 (x64) running on a Microsoft StorSimple 8100 with PAA
- Microsoft Server 2012 R2 (x64) running on a Microsoft StorSimple 8100 without PAA
- Microsoft Windows 8.1 Enterprise (x64) running on a Dell Dimension E521 without PAA
- Microsoft Windows 8.1 Enterprise (x64) running on a Dell Inspiron 660s without PAA and with PCLMULQDQ and SSSE 3
- Microsoft Windows 8.1 Enterprise (x64) running on a Dell PowerEdge SC440 without PAA
- Microsoft Windows 8.1 Enterprise (x64) running on a Microsoft Surface Pro 2 with PAA and with PCLMULQDQ and SSSE 3
- Microsoft Windows 8.1 Enterprise (x64) running on an HP Compaq Pro 6305 with PAA
- Microsoft Windows 8.1 Enterprise (x64) running on an HP Compaq Pro 6305 with PAA and with PCLMULQDQ and SSSE 3
- Microsoft Windows 8.1 Enterprise (x64) running on an Intel Maho Bay with PAA
- Microsoft Windows 8.1 Enterprise (x86) running on a Dell Dimension E521 without PAA
- Microsoft Windows 8.1 Enterprise (x86) running on a Dell PowerEdge SC440 without PAA
- Microsoft Windows 8.1 Enterprise (x86) running on an HP Compaq Pro 6305 with PAA
- Microsoft Windows 8.1 Enterprise (x86) running on an Intel Maho Bay with PAA
- Microsoft Windows 8.1 Pro (x64) running on an Intel Core i7 with PAA and PCLMULQDQ and SSSE 3 running on a Microsoft Surface Pro 3
- Microsoft Windows 8.1 Pro (x64) running on an Intel i5 with PAA running on a Microsoft Surface Pro 2
- Microsoft Windows 8.1 Pro (x64) running on an Intel x64 Processor with PAA running on a Microsoft Surface Pro
- Microsoft Windows Embedded 8.1 Industry Enterprise (x64) running on a Dell Dimension E521 without PAA
- Microsoft Windows Embedded 8.1 Industry Enterprise (x64) running on a Dell Inspiron 660s without PAA and with PCLMULQDQ and SSSE 3
- Microsoft Windows Embedded 8.1 Industry Enterprise (x64) running on a Dell PowerEdge SC440 without PAA
- Microsoft Windows Embedded 8.1 Industry Enterprise (x64) running on an HP Compaq Pro 6305 with PAA
- Microsoft Windows Embedded 8.1 Industry Enterprise (x64) running on an HP Compaq Pro 6305 with PAA and with PCLMULQDQ and SSSE 3
- Microsoft Windows Embedded 8.1 Industry Enterprise (x64) running on an Intel Maho Bay with PAA
- Microsoft Windows Embedded 8.1 Industry Enterprise (x64) running on an Intel Maho Bay with PAA and with PCLMULQDQ and SSSE 3
- Microsoft Windows Embedded 8.1 Industry Enterprise (x86) running on a Dell Dimension E521 without PAA
- Microsoft Windows Embedded 8.1 Industry Enterprise (x86) running on a Dell PowerEdge SC440 without PAA
- Microsoft Windows Embedded 8.1 Industry Enterprise (x86) running on an HP Compaq Pro 6305 with PAA
- Microsoft Windows Embedded 8.1 Industry Enterprise (x86) running on an Intel Maho Bay with PAA
- Microsoft Windows Phone 8.1 (ARMv7 Thumb-2) running on a Qualcomm Snapdragon 400 running on a Windows Phone 8.1
- Microsoft Windows Phone 8.1 (ARMv7 Thumb-2) running on a Qualcomm Snapdragon 800 running on a Windows Phone 8.1
- Microsoft Windows Phone 8.1 (ARMv7 Thumb-2) running on a Qualcomm Snapdragon S4 running on a Windows Phone 8.1
- Microsoft Windows RT 8.1 (ARMv7 Thumb-2) running on a Microsoft Surface 2
- Microsoft Windows RT 8.1 (ARMv7 Thumb-2) running on a Microsoft Surface RT
- Microsoft Windows RT 8.1 (ARMv7 Thumb-2) running on a Qualcomm Tablet
- Microsoft Windows RT 8.1 (ARMv7 Thumb-2) running on an NVIDIA Tegra 3 Tablet
- Microsoft Windows Server 2012 R2 (x64) running on a Dell Dimension E521 without PAA
- Microsoft Windows Server 2012 R2 (x64) running on a Dell Inspiron 660s without PAA and with PCLMULQDQ and SSSE 3
- Microsoft Windows Server 2012 R2 (x64) running on a Dell PowerEdge SC440 without PAA
- Microsoft Windows Server 2012 R2 (x64) running on an HP Compaq Pro 6305 with PAA
- Microsoft Windows Server 2012 R2 (x64) running on an HP Compaq Pro 6305 with PAA and with PCLMULQDQ and SSSE 3
- Microsoft Windows Server 2012 R2 (x64) running on an Intel Maho Bay with PAA
- Microsoft Windows Server 2012 R2 (x64) running on an Intel Maho Bay with PAA and with PCLMULQDQ and SSSE 3
- Microsoft Windows Storage Server 2012 R2 (x64) running on a Dell Dimension E521 without PAA
- Microsoft Windows Storage Server 2012 R2 (x64) running on a Dell Inspiron 660s without PAA and with PCLMULQDQ and SSSE 3
- Microsoft Windows Storage Server 2012 R2 (x64) running on a Dell PowerEdge SC440 without PAA
- Microsoft Windows Storage Server 2012 R2 (x64) running on an HP Compaq Pro 6305 with PAA
- Microsoft Windows Storage Server 2012 R2 (x64) running on an HP Compaq Pro 6305 with PAA and with PCLMULQDQ and SSSE 3
- Microsoft Windows Storage Server 2012 R2 (x64) running on an Intel Maho Bay with PAA
- Microsoft Windows Storage Server 2012 R2 (x64) running on an Intel Maho Bay with PAA and with PCLMULQDQ and SSSE 3
Approved Algorithms
AES |
Cert. #2832 |
CVL |
Cert. #323 |
DRBG |
Cert. #489 |
DSA |
Cert. #855 |
ECDSA |
Cert. #505 |
HMAC |
Cert. #1773 |
KAS |
Cert. #47 |
KBKDF |
Cert. #30 |
PBKDF |
vendor affirmed |
RSA |
Certs. #1487, #1493 and #1519 |
SHS |
Cert. #2373 |
Triple-DES |
Cert. #1692 |
Other Algorithms
AES (Cert. #2832, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES-GCM encryption (non-compliant); DES; Dual-EC DRBG (non-compliant); HMAC MD5; Legacy CAPI KDF; MD2; MD4; MD5; NDRNG; RC2; RC4; RSA (encrypt/decrypt)
Software Versions
6.3.9600 and 6.3.9600.17031