Boot Manager

Certificate #4484

Webpage information ?

Status active
Validation dates 17.04.2023
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 1
Type Software-Hybrid
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode
Exceptions
  • Design Assurance: Level 2
Description The Windows system boot manager is called by the bootstrapping code that resides in the boot sector. It checks its own integrity, checks the integrity of the Windows OS Loader, and then launches it.
Version (Hardware) Intel Xeon Silver 4114, Intel Xeon Gold 6230, Intel Xeon Platinum 8260 and Intel Xeon D-1559
Tested configurations
  • Windows Server 2019 Datacenter Core (x64) running on a Dell PowerEdge R640 Server with an Intel Xeon Gold 6230 with PAA
  • Windows Server 2019 Datacenter Core (x64) running on a Dell PowerEdge R840 Server with an Intel Xeon Platinum 8260 with PAA
  • Windows Server 2019 Datacenter Core (x64) running on a Dell XR2 with an Intel Xeon Silver 4114 with PAA
  • Windows Server 2019 Datacenter Core (x64) running on a Rugged Mobile Appliance with an Intel Xeon D-1559 with PAA (single-user mode)
Vendor Microsoft Corporation
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, HMAC, HMAC-SHA-256
Asymmetric Algorithms
RSA 2048
Hash functions
SHA-1, SHA1, SHA-256, SHA-384, SHA-512, SHA-2, SHA2, PBKDF
Protocols
SSL
Randomness
DRBG
Block cipher modes
CBC, CCM, XTS

Vendor
Microsoft Corporation, Microsoft

Security level
level 1

Standards
FIPS 140, FIPS 140-2, FIPS 186-4, FIPS 180-4, FIPS 197, FIPS PUB 198-1, NIST SP 800-132, NIST SP 800-38E, NIST SP 800-38C, NIST SP 800-133, SP 800-132, PKCS#1

File metadata

Title Microsoft Security Policy
Subject FIPS Certification
Author Microsoft Corporation
Creation date D:20230320081744-07'00'
Modification date D:20230320081744-07'00'
Pages 31
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

References

Incoming
  • 4545 - active - Windows OS Loader

Heuristics ?

No heuristics are available for this certificate.

References ?

Updates ?

  • 04.07.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The policy_processed_references property was updated, with the {'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4686', '4687', '4688']}}} data.
    • The module_processed_references property was updated, with the {'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4686', '4687', '4688']}}} data.
  • 02.01.2024 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The policy_processed_references property was updated, with the {'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4670']}}} data.
    • The module_processed_references property was updated, with the {'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4670']}}} data.
  • 01.11.2023 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The policy_processed_references property was updated, with the {'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4602', '4640']}}} data.
    • The module_processed_references property was updated, with the {'indirectly_referenced_by': {'__add__': {'_type': 'Set', 'elements': ['4602', '4640']}}} data.
  • 03.07.2023 The certificate data changed.
    Certificate changed

    The computed heuristics were updated.

    • The policy_processed_references property was updated, with the {'directly_referenced_by': {'_type': 'Set', 'elements': ['4545']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['4545']}} data.
    • The module_processed_references property was updated, with the {'directly_referenced_by': {'_type': 'Set', 'elements': ['4545']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['4545']}} data.
  • 18.05.2023 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4484,
  "dgst": "a2713a5c710ced40",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "HMAC#C1577",
        "RSA#C1586",
        "AES#C2049",
        "RSA#C2052",
        "AES#C1577",
        "AES#C1583",
        "HMAC#C2044",
        "AES#C2044",
        "SHS#C1577",
        "SHS#C2044"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "4114",
        "8260",
        "6230",
        "1559"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": {
        "_type": "Set",
        "elements": [
          "4545"
        ]
      },
      "directly_referencing": null,
      "indirectly_referenced_by": {
        "_type": "Set",
        "elements": [
          "4688",
          "4640",
          "4687",
          "4686",
          "4545",
          "4670",
          "4602"
        ]
      },
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": {
        "_type": "Set",
        "elements": [
          "4545"
        ]
      },
      "directly_referencing": null,
      "indirectly_referenced_by": {
        "_type": "Set",
        "elements": [
          "4688",
          "4640",
          "4687",
          "4686",
          "4545",
          "4670",
          "4602"
        ]
      },
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "RSA": {
          "RSA 2048": 2
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 2
        },
        "CCM": {
          "CCM": 2
        },
        "XTS": {
          "XTS": 2
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "SSL": {
            "SSL": 2
          }
        }
      },
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#2": 2,
          "#3": 4
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES CBC (128 and 256": 1,
          "AES CBC 128": 1,
          "AES-CBC 128 and 256": 1,
          "HMAC-SHA-1": 2,
          "HMAC-SHA-12": 2,
          "HMAC-SHA-256": 8,
          "PKCS#1": 6,
          "RSA 2048": 2,
          "RSA PKCS#1": 6,
          "SHA- 384": 1,
          "SHA-1": 4,
          "SHA-2": 2,
          "SHA-256": 7,
          "SHA-384": 2,
          "SHA-512": 4,
          "SHA1": 1,
          "SHA2": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "level 1": 1
        }
      },
      "hash_function": {
        "PBKDF": {
          "PBKDF": 10
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 4,
            "SHA1": 1
          },
          "SHA2": {
            "SHA-2": 2,
            "SHA-256": 7,
            "SHA-384": 2,
            "SHA-512": 4,
            "SHA2": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 1
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 13,
          "FIPS 140-2": 6,
          "FIPS 180-4": 1,
          "FIPS 186-4": 1,
          "FIPS 197": 1,
          "FIPS PUB 198-1": 1
        },
        "NIST": {
          "NIST SP 800-132": 11,
          "NIST SP 800-133": 23,
          "NIST SP 800-38C": 1,
          "NIST SP 800-38E": 2,
          "SP 800-132": 1
        },
        "PKCS": {
          "PKCS#1": 6
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 20
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 1,
            "HMAC-SHA-256": 4
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 26,
          "Microsoft Corporation": 34
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Microsoft Corporation",
      "/CreationDate": "D:20230320081744-07\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled": "True",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method": "Standard",
      "/MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId": "72f988bf-86f1-41af-91ab-2d7cd011db47",
      "/ModDate": "D:20230320081744-07\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "/Subject": "FIPS Certification",
      "/Title": "Microsoft Security Policy",
      "pdf_file_size_bytes": 633018,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation",
          "https://www.microsoft.com/en-us/howtotell/default.aspx",
          "https://technet.microsoft.com/en-us/library/ff741764.aspx",
          "https://technet.microsoft.com/en-us/library/hh994558(v=ws.10).aspx",
          "http://creativecommons.org/licenses/by-nd-nc/1.0/",
          "https://www.microsoft.com/en-us/windows",
          "https://msdn.microsoft.com/en-us/library/hh537327.aspx"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 31
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "2b7f6055cc2e9cf702e82f471fe2762026cffb64004da800856407d8533ec9ff",
    "policy_txt_hash": "992b3c943ad1e97024fd67ce7b2e7da03e5ec1429e1b90f2b8f29e85f9aafb23"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/April 2023_010523_0646.pdf",
    "date_sunset": "2026-09-21",
    "description": "The Windows system boot manager is called by the bootstrapping code that resides in the boot sector. It checks its own integrity, checks the integrity of the Windows OS Loader, and then launches it.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Design Assurance: Level 2"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": "Intel Xeon Silver 4114, Intel Xeon Gold 6230, Intel Xeon Platinum 8260 and Intel Xeon D-1559",
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Boot Manager",
    "module_type": "Software-Hybrid",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": "10.0.17763.10021 and 10.0.17763.10127",
    "tested_conf": [
      "Windows Server 2019 Datacenter Core (x64) running on a Dell PowerEdge R640 Server with an Intel Xeon Gold 6230 with PAA",
      "Windows Server 2019 Datacenter Core (x64) running on a Dell PowerEdge R840 Server with an Intel Xeon Platinum 8260 with PAA",
      "Windows Server 2019 Datacenter Core (x64) running on a Dell XR2 with an Intel Xeon Silver 4114 with PAA",
      "Windows Server 2019 Datacenter Core (x64) running on a Rugged Mobile Appliance with an Intel Xeon D-1559 with PAA (single-user mode)"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-04-17",
        "lab": "LEIDOS CSTL",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Microsoft Corporation",
    "vendor_url": "http://www.microsoft.com"
  }
}