diff --git a/windows/security/security-foundations/certification/fips-140-validation.md b/windows/security/security-foundations/certification/fips-140-validation.md index 739b778e25..af7736d41e 100644 --- a/windows/security/security-foundations/certification/fips-140-validation.md +++ b/windows/security/security-foundations/certification/fips-140-validation.md @@ -1,7 +1,7 @@ --- title: Windows FIPS 140 validation description: Learn how Microsoft products and cryptographic modules follow the U.S. Federal government standard FIPS 140. -ms.date: 2/1/2024 +ms.date: 11/13/2024 ms.topic: reference --- @@ -21,6 +21,8 @@ The Windows client releases listed below include cryptographic modules that have #### Windows 10 releases +- [Windows 10, version 21H1 (May 2021 Update)](validations/fips-140-windows10.md#windows-10-version-21h1-may-2021-update) +- [Windows 10, version 20H2 (October 2020 Update)](validations/fips-140-windows10.md#windows-10-version-20h2-october-2020-update) - [Windows 10, version 2004 (May 2020 Update)](validations/fips-140-windows10.md#windows-10-version-2004-may-2020-update) - [Windows 10, version 1909 (November 2019 Update)](validations/fips-140-windows10.md#windows-10-version-1909-november-2019-update) - [Windows 10, version 1903 (May 2019 Update)](validations/fips-140-windows10.md#windows-10-version-1903-may-2019-update) @@ -60,16 +62,18 @@ The Windows client releases listed below include cryptographic modules that have The Windows Server releases listed below include cryptographic modules that have completed FIPS 140 validation. Click on the release for details, including the CMVP certificate, Security Policy document, and algorithm scope for each module. When the CMVP certificate validation label includes the note *When operated in FIPS mode*, specific configuration and security rules outlined in the Security Policy must be followed. -#### Windows Server 2019 and 2016 releases +#### Windows Server 2022, 2019, and 2016 releases +- [Windows Server 2022](validations/fips-140-windows-server-2022.md#windows-server-2022) - [Windows Server 2019](validations/fips-140-windows-server-2019.md#windows-server-2019) - [Windows Server 2016](validations/fips-140-windows-server-2016.md#windows-server-2016) #### Windows Server semi-annual releases -- [Windows Server, version 2004](validations/fips-140-windows-server-semi-annual.md#windows-server-version-2004-may-2020-update) -- [Windows Server, version 1909](validations/fips-140-windows-server-semi-annual.md#windows-server-version-1909-november-2019-update) -- [Windows Server, version 1903](validations/fips-140-windows-server-semi-annual.md#windows-server-version-1903-may-2019-update) +- [Windows Server, version 20H2](validations/fips-140-windows-server-semi-annual.md#windows-server-version-20h2) +- [Windows Server, version 2004](validations/fips-140-windows-server-semi-annual.md#windows-server-version-2004) +- [Windows Server, version 1909](validations/fips-140-windows-server-semi-annual.md#windows-server-version-1909) +- [Windows Server, version 1903](validations/fips-140-windows-server-semi-annual.md#windows-server-version-1903) - [Windows Server, version 1809](validations/fips-140-windows-server-semi-annual.md#windows-server-version-1809) - [Windows Server, version 1803](validations/fips-140-windows-server-semi-annual.md#windows-server-version-1803) - [Windows Server, version 1709](validations/fips-140-windows-server-semi-annual.md#windows-server-version-1709) diff --git a/windows/security/security-foundations/certification/validations/fips-140-windows-server-2022.md b/windows/security/security-foundations/certification/validations/fips-140-windows-server-2022.md new file mode 100644 index 0000000000..828e85d5b7 --- /dev/null +++ b/windows/security/security-foundations/certification/validations/fips-140-windows-server-2022.md @@ -0,0 +1,33 @@ +--- +title: FIPS 140 validated modules for Windows Server 2022 +description: This topic lists the completed FIPS 140 cryptographic module validations for Windows Server 2022. +ms.date: 11/13/2024 +ms.topic: reference +--- + +# FIPS 140 validated modules in Windows Server 2022 + +The following tables list the completed FIPS 140 validations of cryptographic modules used in Windows Server 2022, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see [Use Windows in a FIPS approved mode of operation](../fips-140-validation.md#use-windows-in-a-fips-approved-mode-of-operation). For details on the FIPS approved algorithms used by each module, see its linked Security Policy document or module certificate. + +## Windows Server 2022 + +Build: 10.0.20348. Validated Editions: Standard, Datacenter, and Datacenter: Azure. + +|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms| +|--- |--- |--- | +|[Cryptographic Primitives Library][sp-4825]|[#4825][certificate-4825]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, ENT (P), HMAC, KAS, KAS-SSC, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES| +|[Kernel Mode Cryptographic Primitives Library][sp-4766]|[#4766][certificate-4766]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, ENT (P), HMAC, KAS, KAS-SSC, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES| + +--- + + + + + +[certificate-4766]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4766 +[certificate-4825]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4825 + + + +[sp-4766]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4766.pdf +[sp-4825]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4825.pdf diff --git a/windows/security/security-foundations/certification/validations/fips-140-windows-server-semi-annual.md b/windows/security/security-foundations/certification/validations/fips-140-windows-server-semi-annual.md index d1d1724b36..5ca0829279 100644 --- a/windows/security/security-foundations/certification/validations/fips-140-windows-server-semi-annual.md +++ b/windows/security/security-foundations/certification/validations/fips-140-windows-server-semi-annual.md @@ -1,7 +1,7 @@ --- title: FIPS 140 validated modules for Windows Server Semi-Annual Releases description: This topic lists the completed FIPS 140 cryptographic module validations for Windows Server semi-annual releases. -ms.date: 2/1/2024 +ms.date: 11/13/2024 ms.topic: reference --- @@ -9,7 +9,16 @@ ms.topic: reference The following tables list the completed FIPS 140 validations of cryptographic modules used in Windows Server semi-annual releases, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see [Use Windows in a FIPS approved mode of operation](../fips-140-validation.md#use-windows-in-a-fips-approved-mode-of-operation). For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate. -## Windows Server, version 2004 (May 2020 Update) +## Windows Server, version 20H2 + +Build: 10.0.19042. Validated Editions: Standard Core, Datacenter Core + +|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms| +|--- |--- |--- | +|[Cryptographic Primitives Library][sp-4825]|[#4825][certificate-4825]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, ENT (P), HMAC, KAS, KAS-SSC, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES| +|[Kernel Mode Cryptographic Primitives Library][sp-4766]|[#4766][certificate-4766]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, ENT (P), HMAC, KAS, KAS-SSC, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES| + +## Windows Server, version 2004 Build: 10.0.19041. Validated Editions: Standard Core, Datacenter Core @@ -24,7 +33,7 @@ Build: 10.0.19041. Validated Editions: Standard Core, Datacenter Core |[Virtual TPM][sp-4537]|[#4537][certificate-4537]|FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG| |[Windows OS Loader][sp-4339]|[#4339][certificate-4339]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG| -## Windows Server, version 1909 (November 2019 Update) +## Windows Server, version 1909 Build: 10.0.18363. Validated Editions: Standard Core, Datacenter Core @@ -39,7 +48,7 @@ Build: 10.0.18363. Validated Editions: Standard Core, Datacenter Core |[Virtual TPM][sp-4537]|[#4537][certificate-4537]|FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG| |[Windows OS Loader][sp-4339]|[#4339][certificate-4339]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG| -## Windows Server, version 1903 (May 2019 Update) +## Windows Server, version 1903 Build: 10.0.18362. Validated Editions: Standard Core, Datacenter Core @@ -123,6 +132,8 @@ Build: 10.0.16299. Validated Editions: Standard Core, Datacenter Core [certificate-4536]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4536 [certificate-4537]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4537 [certificate-4538]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4538 +[certificate-4766]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4766 +[certificate-4825]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4825 @@ -146,3 +157,5 @@ Build: 10.0.16299. Validated Editions: Standard Core, Datacenter Core [sp-4536]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4536.pdf [sp-4537]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4537.pdf [sp-4538]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4537.pdf +[sp-4766]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4766.pdf +[sp-4825]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4825.pdf diff --git a/windows/security/security-foundations/certification/validations/fips-140-windows10.md b/windows/security/security-foundations/certification/validations/fips-140-windows10.md index e555337cb5..9bf64e0084 100644 --- a/windows/security/security-foundations/certification/validations/fips-140-windows10.md +++ b/windows/security/security-foundations/certification/validations/fips-140-windows10.md @@ -1,7 +1,7 @@ --- title: FIPS 140 validated modules for Windows 10 description: This topic lists the completed FIPS 140 cryptographic module validations for Windows 10. -ms.date: 2/1/2024 +ms.date: 11/13/2024 ms.topic: reference --- @@ -9,6 +9,24 @@ ms.topic: reference The following tables list the completed FIPS 140 validations of cryptographic modules used in Windows 10, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see [Use Windows in a FIPS approved mode of operation](../fips-140-validation.md#use-windows-in-a-fips-approved-mode-of-operation). For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate. +## Windows 10, version 21H1 (May 2021 Update) + +Build: 10.0.19043. Validated Editions: Pro, Enterprise + +|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms| +|--- |--- |--- | +|[Cryptographic Primitives Library][sp-4825]|[#4825][certificate-4825]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, ENT (P), HMAC, KAS, KAS-SSC, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES| +|[Kernel Mode Cryptographic Primitives Library][sp-4766]|[#4766][certificate-4766]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, ENT (P), HMAC, KAS, KAS-SSC, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES| + +## Windows 10, version 20H2 (October 2020 Update) + +Build: 10.0.19042. Validated Editions: Pro, Enterprise + +|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms| +|--- |--- |--- | +|[Cryptographic Primitives Library][sp-4825]|[#4825][certificate-4825]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, ENT (P), HMAC, KAS, KAS-SSC, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES| +|[Kernel Mode Cryptographic Primitives Library][sp-4766]|[#4766][certificate-4766]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, ENT (P), HMAC, KAS, KAS-SSC, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES| + ## Windows 10, version 2004 (May 2020 Update) Build: 10.0.19041. Validated Editions: Home, Pro, Enterprise, Education @@ -257,6 +275,8 @@ Build: 10.0.10240. Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, M [certificate-4536]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4536 [certificate-4537]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4537 [certificate-4538]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4538 +[certificate-4766]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4766 +[certificate-4825]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4825 @@ -320,3 +340,5 @@ Build: 10.0.10240. Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, M [sp-4536]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4536.pdf [sp-4537]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4537.pdf [sp-4538]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4537.pdf +[sp-4766]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4766.pdf +[sp-4825]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4825.pdf