This page was not yet optimized for use on mobile
devices.
Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub
Certificate #2605
Webpage information
Security policy
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, AES-, RC2, RC4, DES, Triple-DES, 3DES, HMAC, CMACAsymmetric Algorithms
ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA1, SHA-256, SHA-384, SHA-512, SHA-2, SHA2, MD4, MD5, PBKDF, PBKDF2Schemes
Key AgreementProtocols
SSL, TLS, TLSv1.0, IKEv1, IPsecRandomness
PRNG, DRBGElliptic Curves
P-256, P-384, P-521Block cipher modes
ECB, CBC, CTR, GCM, CCMVendor
Qualcomm, Microsoft, Microsoft CorporationSecurity level
Level 1Standards
FIPS 140-2, FIPS PUB 140-2, FIPS 180-4, FIPS 197, FIPS 186-4, FIPS 140, NIST SP 800-132, NIST SP 800-38F, NIST SP 800-38B, SP 800-38C, NIST SP 800-38D, NIST SP 800-38E, SP 800-56A, NIST SP 800-56B, NIST SP 800-131A, SP 800-131A, NIST SP 800-90A, NIST SP 800-108, SP 800-90A, SP 800-132, SP 800-38F, SP 800-56B, SP 800-108, PKCS#1, RFC 2898File metadata
| Creation date | D:20190605085606-04'00' |
|---|---|
| Modification date | D:20190605085606-04'00' |
| Pages | 54 |
References
Outgoing- 2601 - historical - BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB
- 3451 - historical - BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub
- 3652 - historical - Amazon Linux 2 Libreswan Cryptographic Module
- 3426 - historical - BitLocker® Windows Resume (winresume) in Windows 10 Enterprise LTSB
- 2702 - historical - BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise
- 2701 - historical - BitLocker® Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub
- 3427 - historical - BitLocker® Windows OS Loader (winload) in Windows 10 Enterprise LTSB
- 3464 - historical - BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise
- 2602 - historical - BitLocker® Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB
- 2606 - historical - Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub
Heuristics
No heuristics are available for this certificate.
References
Loading...
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 2605,
"dgst": "a81824dad073f33c",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"KAS#64",
"SHS#2886",
"RSA#2831",
"AES#3629",
"RSA#1784",
"KBKDF#66",
"RSA#1888",
"SHS#3048",
"SHS#2871",
"RSA#2821",
"CVL#576",
"AES#5287",
"RSA#2830",
"SHS#4249",
"Triple-DES#2672",
"RSA#1871",
"HMAC#3496",
"ECDSA#1381",
"KAS#169",
"KTS#5290",
"RSA#1889",
"RSA#1802",
"KBKDF#72",
"KTS#3653",
"RSA#1798",
"RSA#1783",
"DRBG#955",
"DRBG#2033",
"RSA#2835",
"DSA#983",
"AES#5291",
"Triple-DES#2674",
"KAS#170",
"HMAC#2233",
"CVL#663",
"DSA#1024",
"ECDSA#1383",
"Triple-DES#1969",
"SHS#4246",
"KBKDF#183",
"Triple-DES#2024",
"AES#3497",
"RSA#2828",
"RSA#1887",
"KBKDF#184",
"CVL#1758",
"DSA#1370",
"SHS#4248",
"SHS#4240",
"KAS#72",
"KTS#3507",
"ECDSA#706",
"RSA#2827",
"HMAC#2381",
"RSA#2829",
"KTS#5294",
"DSA#1369",
"SHS#3047",
"CVL#1755",
"DRBG#2035",
"HMAC#3494",
"DRBG#868",
"RSA#2825",
"ECDSA#760"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"10"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"2606"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"3464",
"2702",
"2701",
"2601",
"3451",
"3426",
"2602",
"3427"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"3566",
"2606",
"2958"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"2600",
"3464",
"3415",
"2702",
"2701",
"2601",
"3451",
"3426",
"2700",
"2602",
"3427",
"3447"
]
}
},
"module_prunned_references": {
"_type": "Set",
"elements": [
"3464",
"2702",
"2701",
"2601",
"3451",
"3426",
"2602",
"3427"
]
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"2606"
]
},
"directly_referencing": {
"_type": "Set",
"elements": [
"3464",
"3652",
"2702",
"2701",
"2601",
"3451",
"3426",
"2602",
"3427"
]
},
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"3566",
"2606",
"2958"
]
},
"indirectly_referencing": {
"_type": "Set",
"elements": [
"2600",
"3652",
"3464",
"3553",
"3415",
"2702",
"3646",
"2701",
"2601",
"3426",
"2700",
"3451",
"2602",
"3427",
"3447"
]
}
},
"policy_prunned_references": {
"_type": "Set",
"elements": [
"3464",
"3652",
"2702",
"3451",
"2601",
"2701",
"3426",
"3427",
"2602"
]
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDH": {
"ECDH": 16
},
"ECDSA": {
"ECDSA": 17
}
},
"FF": {
"DH": {
"DH": 15,
"Diffie-Hellman": 13
},
"DSA": {
"DSA": 10
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 12
},
"CCM": {
"CCM": 6
},
"CTR": {
"CTR": 6
},
"ECB": {
"ECB": 9
},
"GCM": {
"GCM": 5
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKEv1": 2
},
"IPsec": {
"IPsec": 1
},
"TLS": {
"SSL": {
"SSL": 4
},
"TLS": {
"TLS": 2,
"TLSv1.0": 2
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 7
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 12,
"P-384": 10,
"P-521": 12
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1024": 1,
"#1369": 1,
"#1370": 1,
"#1381": 1,
"#1383": 1,
"#169": 2,
"#170": 2,
"#1755": 1,
"#1758": 1,
"#1783": 1,
"#1784": 1,
"#1798": 1,
"#1802": 1,
"#183": 1,
"#184": 1,
"#1871": 1,
"#1887": 1,
"#1888": 1,
"#1889": 1,
"#1969": 1,
"#2024": 1,
"#2033": 1,
"#2035": 1,
"#2233": 1,
"#2381": 1,
"#2601": 3,
"#2602": 2,
"#2672": 1,
"#2674": 1,
"#2701": 3,
"#2702": 2,
"#2821": 1,
"#2825": 1,
"#2827": 1,
"#2828": 1,
"#2829": 1,
"#2830": 1,
"#2831": 1,
"#2835": 1,
"#2871": 1,
"#2886": 1,
"#3047": 1,
"#3048": 1,
"#3426": 2,
"#3427": 3,
"#3451": 3,
"#3464": 2,
"#3494": 1,
"#3496": 1,
"#3497": 5,
"#3507": 1,
"#3629": 5,
"#3652": 1,
"#4240": 1,
"#4246": 1,
"#4248": 1,
"#4249": 1,
"#5287": 5,
"#5290": 1,
"#5291": 5,
"#5294": 1,
"#576": 1,
"#64": 2,
"#66": 1,
"#663": 1,
"#706": 1,
"#72": 3,
"#760": 1,
"#868": 1,
"#955": 1,
"#983": 1
}
},
"fips_certlike": {
"Certlike": {
"AES CBC 128 and 256": 4,
"AES-128": 15,
"AES-192": 10,
"AES-256": 18,
"AES-CTR 11": 1,
"DRBG (Cert. #955": 1,
"DRBG(Cert. #868": 1,
"DSA (Cert. #1024": 1,
"DSA (Cert. #983": 1,
"HMAC (Cert. #2233": 1,
"HMAC (Cert. #2381": 1,
"HMAC-SHA1": 4,
"HMAC-SHA256": 2,
"HMAC-SHA384": 2,
"HMAC-SHA512": 2,
"PKCS#1": 4,
"RSA PKCS#1": 4,
"RSASSA-PKCS1-v1_5": 2,
"SHA- 256": 3,
"SHA- 384": 1,
"SHA- 512": 1,
"SHA-1": 20,
"SHA-13": 1,
"SHA-16": 1,
"SHA-18": 1,
"SHA-2": 2,
"SHA-256": 19,
"SHA-384": 12,
"SHA-512": 11,
"SHA-512 (Cert. #2886": 1,
"SHA-512 (Cert. #3047": 1,
"SHA1": 4,
"SHA2": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 2
}
},
"hash_function": {
"MD": {
"MD4": {
"MD4": 2
},
"MD5": {
"MD5": 2
}
},
"PBKDF": {
"PBKDF": 8,
"PBKDF2": 4
},
"SHA": {
"SHA1": {
"SHA-1": 20,
"SHA1": 4
},
"SHA2": {
"SHA-2": 2,
"SHA-256": 19,
"SHA-384": 12,
"SHA-512": 13,
"SHA2": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 33,
"PRNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140": 2,
"FIPS 140-2": 16,
"FIPS 180-4": 10,
"FIPS 186-4": 14,
"FIPS 197": 2,
"FIPS PUB 140-2": 1
},
"NIST": {
"NIST SP 800-108": 2,
"NIST SP 800-131A": 4,
"NIST SP 800-132": 5,
"NIST SP 800-38B": 2,
"NIST SP 800-38D": 2,
"NIST SP 800-38E": 2,
"NIST SP 800-38F": 5,
"NIST SP 800-56B": 2,
"NIST SP 800-90A": 2,
"SP 800-108": 3,
"SP 800-131A": 3,
"SP 800-132": 5,
"SP 800-38C": 2,
"SP 800-38F": 1,
"SP 800-56A": 9,
"SP 800-56B": 1,
"SP 800-90A": 7
},
"PKCS": {
"PKCS#1": 4
},
"RFC": {
"RFC 2898": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 26,
"AES-": 1,
"AES-128": 15,
"AES-192": 10,
"AES-256": 18
},
"RC": {
"RC2": 6,
"RC4": 6
}
},
"DES": {
"3DES": {
"3DES": 1,
"Triple-DES": 14
},
"DES": {
"DES": 8
}
},
"constructions": {
"MAC": {
"CMAC": 8,
"HMAC": 24
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Microsoft": {
"Microsoft": 104,
"Microsoft Corporation": 3
},
"Qualcomm": {
"Qualcomm": 2
}
},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20190605085606-04\u002700\u0027",
"/ModDate": "D:20190605085606-04\u002700\u0027",
"pdf_file_size_bytes": 1451355,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://msdn.microsoft.com/",
"http://msdn.microsoft.com/library/en-us/seccng/security/bcryptgetproperty_func.asp",
"http://msdn.microsoft.com/library/en-us/seccng/security/bcryptdestroykey_func.asp",
"http://windows.microsoft.com/",
"http://msdn.microsoft.com/library/en-us/seccng/security/bcryptencrypt_func.asp",
"http://creativecommons.org/licenses/by-nd-nc/1.0/",
"http://msdn.microsoft.com/library/windows/desktop/aa379916.aspx",
"http://technet.microsoft.com/en-us/library/cc750357.aspx",
"https://www.microsoft.com/en-us/howtotell/default.aspx",
"http://msdn.microsoft.com/library/en-us/seccng/security/bcryptopenalgorithmprovider_func.asp",
"http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Ar2.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 54
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "40db0cb51d6fc4c582ab0a4e5822065fb3e1e51a509bffc5cff450514bfe17ed",
"policy_txt_hash": "12ced6d9bb4cfd5208cfd1cf62d15f064e464c3c14c86e7d7b62ad2bd67942ff"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode with modules BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #2601 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #2602 operating in FIPS mode or BitLocker(R) Windows OS Loader (winload) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #2701 or #3451 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise validated to FIPS 140-2 under Cert. #2702 or #3464 operating in FIPS mode or BitLocker(R) Windows OS Loader (winload) in Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #3427 operating in FIPS mode or BitLocker(R) Windows Resume (winresume) in Windows 10 Enterprise LTSB validated to FIPS 140-2 under Cert. #3426 operating in FIPS mode",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertJune2016.pdf",
"date_sunset": null,
"description": "Kernel Mode Cryptographic Primitives Library (cng.sys) runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request IRP (I/O request packet).",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical Security: N/A",
"Design Assurance: Level 2"
],
"fw_versions": null,
"historical_reason": "Moved to historical list due to sunsetting",
"hw_versions": null,
"level": 1,
"mentioned_certs": {
"2601": 1,
"2602": 1,
"2701": 1,
"2702": 1,
"3426": 1,
"3427": 1,
"3451": 1,
"3464": 1
},
"module_name": "Kernel Mode Cryptographic Primitives Library (cng.sys) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": "10.0.10240 [1], 10.0.10240.17643 [2], 10.0.10586 [3], 10.0.10586.1176 [4]",
"tested_conf": [
"Windows 10 (x64) running on a Dell XPS 8700 with PAA [1][3][4]",
"Windows 10 (x64) running on a HP Compaq Pro 6305 with PAA [1][3][4]",
"Windows 10 (x86) running on a Dell Inspiron 660s without PAA [1][3][4]",
"Windows 10 Enterprise (x64) running on a HP Compaq Pro 6305 with PAA [1][3][4]",
"Windows 10 Enterprise (x64) running on a Microsoft Surface 3 with PAA [1][3][4]",
"Windows 10 Enterprise (x64) running on a Microsoft Surface Book with PAA [3][4]",
"Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 2 with PAA [1][3][4]",
"Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 3 with PAA [1][3][4]",
"Windows 10 Enterprise (x64) running on a Microsoft Surface Pro 4 with PAA [3][4]",
"Windows 10 Enterprise (x64) running on a Microsoft Surface Pro with PAA [1][3][4]",
"Windows 10 Enterprise (x86) running on a Dell Inspiron 660s without PAA [1][3][4]",
"Windows 10 Enterprise LTSB (x64) running on a Dell XPS 8700 with PAA [1][2]",
"Windows 10 Enterprise LTSB (x64) running on a HP Compaq Pro 6305 with PAA [1][2]",
"Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface 3 with PAA [2]",
"Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 2 with PAA [2]",
"Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro 3 with PAA [2]",
"Windows 10 Enterprise LTSB (x64) running on a Microsoft Surface Pro with PAA [2] (single-user mode)",
"Windows 10 Enterprise LTSB (x86) running on a Dell Inspiron 660s without PAA [1][2]",
"Windows 10 for Surface Hub (x64) running on a Microsoft Surface Hub 55\" with PAA [3][4]",
"Windows 10 for Surface Hub (x64) running on a Microsoft Surface Hub 84\" with PAA [3][4]",
"Windows 10 Mobile (ARMv7) running on a Microsoft Lumia 635 [3][4]",
"Windows 10 Mobile (ARMv7) running on a Microsoft Lumia 950 [3][4]",
"Windows 10 Pro (x64) running on a HP Compaq Pro 6305 with PAA [1][3][4]",
"Windows 10 Pro (x64) running on a Microsoft Surface Book with PAA [3][4]",
"Windows 10 Pro (x64) running on a Microsoft Surface Pro 2 with PAA [1][3][4]",
"Windows 10 Pro (x64) running on a Microsoft Surface Pro 3 with PAA [1][3][4]",
"Windows 10 Pro (x64) running on a Microsoft Surface Pro 4 with PAA [3][4]",
"Windows 10 Pro (x64) running on a Microsoft Surface Pro with PAA [1][3][4]",
"Windows 10 Pro (x86) running on a Dell Inspiron 660s without PAA [1][3][4]"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2016-06-02",
"lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2016-08-26",
"lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
"validation_type": "Update"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2019-06-06",
"lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
"validation_type": "Update"
}
],
"vendor": "Microsoft Corporation",
"vendor_url": "http://www.microsoft.com"
}
}