TCB Launcher

Certificate #4457

Webpage information ?

Status active
Validation dates 22.03.2023
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 1
Type Software-Hybrid
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode with modules Windows OS Loader validated to FIPS 140-2 under Cert. #4339 operating in FIPS mode or Windows Resume validated to FIPS 140-2 under Cert. #4348 operating in FIPS mode
Exceptions
  • Design Assurance: Level 2
Description The TCB Launcher Module, which consists of the binary TCBLAUNCH.EXE, is the module that launches the Hypervisor and Secure Kernel and other binary image files needed to launch those two components.
Version (Hardware) Intel Core i5-8365U[2] and Intel Core i7-8665U[1]
Tested configurations
  • Windows 10 Enterprise May 2020 Update (x64) running on a Panasonic Toughbook FZ 55 with an Intel Core i5-8365U with PAA [2]
  • Windows 10 Enterprise November 2019 Update (x64) running on a Dell Latitude 5300 2-in-1 with an Intel Core i7-8665U with PAA [1] (single-user mode)
Vendor Microsoft Corporation
References

This certificate's webpage directly references 2 certificates, transitively this expands into 3 certificates.

Security policy ?

Symmetric Algorithms
AES-128, AES-192, AES-256, AES
Hash functions
SHA-1, SHA1, SHA-384, SHA-512, SHA-256, SHA-2, SHA2
Protocols
SSL
Randomness
DRBG, RBG
Block cipher modes
CTR, GCM

Vendor
Microsoft Corporation, Microsoft

Security level
level 1
Side-channel analysis
Cold boot

Standards
FIPS 140, FIPS 140-2, FIPS 186-4, FIPS 180-4, NIST SP 800-38D, NIST SP 800-90A, NIST SP 800-133, SP 800-90A, PKCS#1

File metadata

Title Microsoft Security Policy Document
Subject FIPS Certification
Author Microsoft Corporation
Creation date D:20221025145054-07'00'
Modification date D:20221025145054-07'00'
Pages 20
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

References

Outgoing
  • 4348 - active - Windows Resume
  • 4339 - active - Windows OS Loader
Incoming
  • 4512 - active - Secure Kernel Code Integrity
  • 4515 - active - Kernel Mode Cryptographic Primitives Library
  • 4511 - active - Code Integrity
  • 4766 - active - Kernel Mode Cryptographic Primitives Library

Heuristics ?

No heuristics are available for this certificate.

References ?

Updates ?

  • 08.10.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The policy_processed_references property was updated, with the {'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4825']}}} data.
    • The module_processed_references property was updated, with the {'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4825']}}} data.
  • 09.09.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The policy_processed_references property was updated, with the {'directly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4766']}}, 'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4766']}}} data.
    • The module_processed_references property was updated, with the {'directly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4766']}}, 'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4766']}}} data.
  • 26.06.2023 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The policy_processed_references property was updated, with the {'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4537', '4538', '4536']}}} data.
    • The module_processed_references property was updated, with the {'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4537', '4538', '4536']}}} data.
  • 18.05.2023 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/March 2023_030423_0646.pdf.

    The computed heuristics were updated.

    • The policy_processed_references property was updated, with the {'directly_referenced_by': {'_type': 'Set', 'elements': ['4512', '4515', '4511']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['4512', '4515', '4511']}} data.
    • The module_processed_references property was updated, with the {'directly_referenced_by': {'_type': 'Set', 'elements': ['4512', '4515', '4511']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['4512', '4515', '4511']}} data.
  • 27.03.2023 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4457,
  "dgst": "3d19e945ed5a25a3",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "AES#C1897",
        "SHS#C1897",
        "DRBG#C1897",
        "RSA#C1367",
        "RSA#C1947",
        "DRBG#C1363",
        "SHS#C1363",
        "AES#C1363"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "2",
        "1"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": {
        "_type": "Set",
        "elements": [
          "4766",
          "4515",
          "4512",
          "4511"
        ]
      },
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "4339",
          "4348"
        ]
      },
      "indirectly_referenced_by": {
        "_type": "Set",
        "elements": [
          "4515",
          "4825",
          "4766",
          "4512",
          "4537",
          "4536",
          "4538",
          "4511"
        ]
      },
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "4339",
          "3923",
          "4348"
        ]
      }
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": [
        "4339",
        "4348"
      ]
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": {
        "_type": "Set",
        "elements": [
          "4766",
          "4515",
          "4512",
          "4511"
        ]
      },
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "4339",
          "4348"
        ]
      },
      "indirectly_referenced_by": {
        "_type": "Set",
        "elements": [
          "4515",
          "4825",
          "4766",
          "4512",
          "4537",
          "4536",
          "4538",
          "4511"
        ]
      },
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "4339",
          "3923",
          "4348"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "4339",
        "4348"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {},
      "certification_process": {},
      "cipher_mode": {
        "CTR": {
          "CTR": 2
        },
        "GCM": {
          "GCM": 5
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "SSL": {
            "SSL": 2
          }
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#4339": 2,
          "#4348": 2
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES GCM 256": 2,
          "AES-128": 1,
          "AES-192": 1,
          "AES-256": 5,
          "AES-256 GCM3": 1,
          "PKCS#1": 9,
          "RSA PKCS#1": 9,
          "SHA- 256": 1,
          "SHA-1": 5,
          "SHA-2": 2,
          "SHA-256": 15,
          "SHA-384": 4,
          "SHA-512": 6,
          "SHA1": 1,
          "SHA2": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "level 1": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 5,
            "SHA1": 1
          },
          "SHA2": {
            "SHA-2": 2,
            "SHA-256": 15,
            "SHA-384": 4,
            "SHA-512": 6,
            "SHA2": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 19
        },
        "RNG": {
          "RBG": 1
        }
      },
      "side_channel_analysis": {
        "other": {
          "Cold boot": 2
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140": 5,
          "FIPS 140-2": 7,
          "FIPS 180-4": 8,
          "FIPS 186-4": 8
        },
        "NIST": {
          "NIST SP 800-133": 1,
          "NIST SP 800-38D": 1,
          "NIST SP 800-90A": 1,
          "SP 800-90A": 2
        },
        "PKCS": {
          "PKCS#1": 9
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 6,
            "AES-128": 1,
            "AES-192": 1,
            "AES-256": 6
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 20,
          "Microsoft Corporation": 23
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Microsoft Corporation",
      "/CreationDate": "D:20221025145054-07\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20221025145054-07\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "/Subject": "FIPS Certification",
      "/Title": "Microsoft Security Policy Document",
      "pdf_file_size_bytes": 554712,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4339",
          "https://www.microsoft.com/en-us/windows",
          "https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4348",
          "https://www.microsoft.com/en-us/howtotell/default.aspx",
          "http://creativecommons.org/licenses/by-nd-nc/1.0/",
          "bookmark://_Integrity_Chain_of/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 20
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "4bfdc0d820ec8815102765b138c79269d8281f76269ebee2a312a05c5f70bbef",
    "policy_txt_hash": "fac42fe341244f1b4ef893967550d89424021678fc283583e6e4980eeaa505c2"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode with modules Windows OS Loader validated to FIPS 140-2 under Cert. #4339 operating in FIPS mode or Windows Resume validated to FIPS 140-2 under Cert. #4348 operating in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/March 2023_030423_0646.pdf",
    "date_sunset": "2026-09-21",
    "description": "The TCB Launcher Module, which consists of the binary TCBLAUNCH.EXE, is the module that launches the Hypervisor and Secure Kernel and other binary image files needed to launch those two components.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Design Assurance: Level 2"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": "Intel Core i5-8365U[2] and Intel Core i7-8665U[1]",
    "level": 1,
    "mentioned_certs": {
      "4339": 1,
      "4348": 1
    },
    "module_name": "TCB Launcher",
    "module_type": "Software-Hybrid",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": "10.0.18363[1] and 10.0.19041[2]",
    "tested_conf": [
      "Windows 10 Enterprise May 2020 Update (x64) running on a Panasonic Toughbook FZ 55 with an Intel Core i5-8365U with PAA [2]",
      "Windows 10 Enterprise November 2019 Update (x64) running on a Dell Latitude 5300 2-in-1 with an Intel Core i7-8665U with PAA [1] (single-user mode)"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-03-22",
        "lab": "LEIDOS CSTL",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Microsoft Corporation",
    "vendor_url": "http://www.microsoft.com"
  }
}