mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-05-12 13:27:23 +00:00
Implementing Mike's feedback and returning to a flat structure
This commit is contained in:
MSRobertD
parent
9560baf025
commit
c3c786d712
@ -1,7 +1,7 @@
|
|||||||
---
|
---
|
||||||
title: Windows FIPS 140 validation
|
title: Windows FIPS 140 validation
|
||||||
description: Learn how Microsoft products and cryptographic modules follow the U.S. Federal government standard FIPS 140.
|
description: Learn how Microsoft products and cryptographic modules follow the U.S. Federal government standard FIPS 140.
|
||||||
ms.date: 1/2/2024
|
ms.date: 1/25/2024
|
||||||
ms.topic: reference
|
ms.topic: reference
|
||||||
ms.author: v-rodurff
|
ms.author: v-rodurff
|
||||||
author: msrobertd
|
author: msrobertd
|
||||||
@ -11,29 +11,15 @@ ms.collection: tier3
|
|||||||
|
|
||||||
# Windows FIPS 140 validation
|
# Windows FIPS 140 validation
|
||||||
|
|
||||||
The Federal Information Processing Standard (FIPS) Publication 140 is a U.S. government standard that defines the minimum-security requirements for cryptographic modules in IT products. This topic introduces the FIPS 140 validation process for the Windows cryptographic modules. The Windows cryptographic modules are used across different Microsoft products, including Windows client operating systems, Windows Server operating systems, and Azure cloud services.
|
The Federal Information Processing Standard (FIPS) Publication 140 is a U.S. government standard that defines the minimum-security requirements for cryptographic modules in IT products. This topic introduces FIPS 140 validation for the Windows cryptographic modules. The Windows cryptographic modules are used across different Microsoft products, including Windows client operating systems, Windows Server operating systems, and Azure cloud services.
|
||||||
|
|
||||||
Microsoft maintains an active commitment to meeting the requirements of the FIPS 140 standard, having validated cryptographic modules against it since it was first established in 2001. Windows cryptographic modules are validated under the [Cryptographic Module Validation Program (CMVP)][CMVP], a joint effort between the U.S. National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS). The CMVP validates cryptographic modules against the Security Requirements for Cryptographic Modules (part of FIPS 140) and related FIPS cryptography standards. The NIST Information Technology Laboratory operates related programs that validate the FIPS approved cryptographic algorithms in the modules ([Cryptographic Algorithm Validation Program, CAVP][CAVP]) as well as the entropy source used by the modules ([Entropy Validation program][ESV]).
|
Microsoft maintains an active commitment to meeting the requirements of the FIPS 140 standard, having validated cryptographic modules against it since it was first established in 2001. Windows cryptographic modules are validated under the [Cryptographic Module Validation Program (CMVP)][CMVP], a joint effort between the U.S. National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS). The CMVP validates cryptographic modules against the Security Requirements for Cryptographic Modules (part of FIPS 140) and related FIPS cryptography standards. The NIST Information Technology Laboratory operates related programs that Microsoft also participates in: the [Cryptographic Algorithm Validation Program (CAVP)][CAVP] certifies FIPS-approved cryptographic algorithms and the [Entropy Validation program][ESV] certifies entropy sources to the NIST SP 800-90B standard.
|
||||||
|
|
||||||
The cadence for starting module validation aligns with the feature updates of Windows and Windows Server. As the software industry evolves, operating systems release more frequently. Microsoft completes validation work on major releases but, in between releases, seeks to minimize the changes to the cryptographic modules. The duration of each evaluation varies, depending on many factors.
|
## Windows client operating systems and cryptographic modules
|
||||||
|
|
||||||
## Validated modules used by Windows client
|
The Windows client releases listed below include cryptographic modules that have completed FIPS 140 validation. Expand the release for details, including the CMVP certificate, Security Policy document, and algorithm scope for each module. When the CMVP certificate validation label includes the note When operated in FIPS mode, specific configuration and security rules outlined in the Security Policy must be followed.
|
||||||
|
|
||||||
The Windows client releases listed below include cryptographic modules that have completed FIPS 140 validation. Click on the release for details, including the CMVP certificate, Security Policy document, and algorithm scope for each module. When the CMVP certificate validation label includes the note *When operated in FIPS mode*, specific configuration and security rules outlined in the Security Policy must be followed.
|
### Windows 10 releases
|
||||||
|
|
||||||
### Windows 11 and Windows 10 releases
|
|
||||||
|
|
||||||
<details>
|
|
||||||
|
|
||||||
<summary><b>Windows 11, version 21H2</b></summary>
|
|
||||||
|
|
||||||
Build: 10.0.22000. Validated Edition: Windows 11
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[Boot Manager][sp-4546]|[#3089][certificate-4546]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|
|
||||||
</details>
|
|
||||||
|
|
||||||
<details>
|
<details>
|
||||||
|
|
||||||
@ -489,7 +475,7 @@ Validated Edition: Ultimate Edition
|
|||||||
|
|
||||||
## Validated modules used by Windows Server
|
## Validated modules used by Windows Server
|
||||||
|
|
||||||
The Windows Server releases listed below include cryptographic modules that have completed FIPS 140 validation. Click on the release for details, including the CMVP certificate, Security Policy document, and algorithm scope for each module. When the CMVP certificate validation label includes the note *When operated in FIPS mode*, specific configuration and security rules outlined in the Security Policy must be followed.
|
The Windows Server releases listed below include cryptographic modules that have completed FIPS 140 validation. Expand the release for details, including the CMVP certificate, Security Policy document, and algorithm scope for each module. When the CMVP certificate validation label includes the note When operated in FIPS mode, specific configuration and security rules outlined in the Security Policy must be followed.
|
||||||
|
|
||||||
### Windows Server 2019 and 2016 releases
|
### Windows Server 2019 and 2016 releases
|
||||||
|
|
||||||
@ -497,19 +483,6 @@ The Windows Server releases listed below include cryptographic modules that have
|
|||||||
|
|
||||||
<summary><b>Windows Server 2019</b></summary>
|
<summary><b>Windows Server 2019</b></summary>
|
||||||
|
|
||||||
Builds: 10.0.17763.10021 and 10.0.17763.10127. Validated Edition: Datacenter Core
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter]|Pending [(in process)][in-process]||
|
|
||||||
|[Boot Manager][sp-4484]|[#4484][certificate-4484]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-4602]|[#4602][certificate-4602]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Cryptographic Primitives Library]|Pending [(in process)][in-process]||
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-4670]|[#4670][certificate-4670]|AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: ECDH|
|
|
||||||
|[Secure Kernel Code Integrity][sp-4640]|[#4640][certificate-4640]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Virtual TPM]|Pending [(in process)][in-process]||
|
|
||||||
|[Windows OS Loader][sp-4545]|[#4545][certificate-4545]|FIPS Approved: AES, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
Build: 10.0.17763.107. Validated Editions: Standard Core, Datacenter Core
|
Build: 10.0.17763.107. Validated Editions: Standard Core, Datacenter Core
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|Version|CMVP Certificate #|Validated Algorithms|
|
|Cryptographic Module (linked to Security Policy document)|Version|CMVP Certificate #|Validated Algorithms|
|
||||||
@ -780,7 +753,7 @@ Validated Editions: Server, Storage Server
|
|||||||
|
|
||||||
To use Windows and Windows Server in a FIPS 140 approved mode of operation, all of the specific configuration and security rules outlined in the module Security Policy documents must be followed. To view or download the Security Policy documents for a given product release, navigate to the listing of FIPS 140 validated modules for the release in the sections above and select the links to the Security Policy documents.
|
To use Windows and Windows Server in a FIPS 140 approved mode of operation, all of the specific configuration and security rules outlined in the module Security Policy documents must be followed. To view or download the Security Policy documents for a given product release, navigate to the listing of FIPS 140 validated modules for the release in the sections above and select the links to the Security Policy documents.
|
||||||
|
|
||||||
As part of the configuration rules outlined in the Security Policy documents, Windows and Windows Server may be configured to run in a FIPS 140 approved mode of operation, commonly referred to as "FIPS mode." If you turn on FIPS mode, the Cryptographic Primitives Library (bcryptprimitives.dll) and Kernel Mode Cryptographic Primitives Library (CNG.sys) modules will run self-tests before Windows runs cryptographic operations. These self-tests meet FIPS 140 requirements and ensure that the modules are functioning properly. The Cryptographic Primitives Library and the Kernel Mode Cryptographic Primitives Library are the only modules affected by FIPS mode. FIPS mode won't prevent Windows and its subsystems from using non-FIPS validated cryptographic algorithms. FIPS mode is merely advisory for applications or components other than the Cryptographic Primitives Library and the Kernel Mode Cryptographic Primitives Library. U.S. government regulations continue to mandate FIPS mode for government devices running Windows. Other customers should research and decide for themselves if FIPS mode is right for them. There are many applications and protocols that use FIPS mode policy to determine which cryptographic functionality to run. Customers seeking to follow the FIPS 140-2 standard should research the configuration settings of their applications and protocols. This research will help ensure that they can be configured to use FIPS 140-2 validated cryptography.
|
As part of the configuration rules outlined in the Security Policy documents, Windows and Windows Server may be configured to run in a FIPS 140 approved mode of operation, commonly referred to as "FIPS mode." In current versions of Windows, when you enable the FIPS mode setting, the Cryptographic Primitives Library (bcryptprimitives.dll) and Kernel Mode Cryptographic Primitives Library (CNG.sys) modules will run self-tests before Windows runs cryptographic operations. These self-tests meet FIPS 140 requirements and ensure that the modules are functioning properly. The Cryptographic Primitives Library and the Kernel Mode Cryptographic Primitives Library are the only modules that use the FIPS mode configuration setting. FIPS mode does not control which cryptographic algorithms are used. The FIPS mode setting is intended for use only by the Cryptographic Primitives Library (bcryptprimitives.dll) and Kernel Mode Cryptographic Primitives Library (CNG.sys) components in Windows.
|
||||||
|
|
||||||
## Determine if a Windows service or application is FIPS 140 compliant
|
## Determine if a Windows service or application is FIPS 140 compliant
|
||||||
|
|
||||||
|
|||||||
@ -1,9 +0,0 @@
|
|||||||
> [!div class="op_multi_selector" title1="Product" title2="Release"]
|
|
||||||
> - [(Windows | Windows 11)](../validations/fips-140-windows11.md)
|
|
||||||
> - [(Windows | Windows 10)](../validations/fips-140-windows10.md)
|
|
||||||
> - [(Windows | Previous versions)](../validations/fips-140-windows-previous.md)
|
|
||||||
> - [(Windows Server | Windows Server 2019)](../validations/fips-140-windows-server-2019.md)
|
|
||||||
> - [(Windows Server | Windows Server 2016)](../validations/fips-140-windows-server-2016.md)
|
|
||||||
> - [(Windows Server | Windows Server semi-annual releases)](../validations/fips-140-windows-server-semi-annual.md)
|
|
||||||
> - [(Windows Server | Previous versions)](../validations/fips-140-windows-server-previous.md)
|
|
||||||
> - [(Other products | All releases)](../validations/fips-140-other-products.md)
|
|
||||||
@ -1,49 +0,0 @@
|
|||||||
---
|
|
||||||
title: Use Windows in a FIPS 140 approved mode of operation
|
|
||||||
description: Learn how to use Windows in a FIPS 140 approved mode of operation.
|
|
||||||
ms.date: 1/2/2024
|
|
||||||
ms.topic: reference
|
|
||||||
ms.author: v-rodurff
|
|
||||||
author: msrobertd
|
|
||||||
ms.reviewer: paoloma
|
|
||||||
ms.collection: tier3
|
|
||||||
---
|
|
||||||
|
|
||||||
# Use Windows in a FIPS 140 approved mode of operation
|
|
||||||
|
|
||||||
>[!IMPORTANT]
|
|
||||||
>Windows operates in a *FIPS 140 approved mode* of operation only when administrators ensure that all steps described in this topic are completed. In addition to enable the FIPS security policy setting in Windows, administrators must also ensure that validated cryptographic modules are installed in the operational environment, the security policies for the modules are followed, and applications and services use FIPS validated cryptographic algorithms only.
|
|
||||||
|
|
||||||
### Step 1: Ensure your version of Windows has FIPS 140 validated cryptographic modules
|
|
||||||
|
|
||||||
Administrators must ensure that all cryptographic modules installed in the operational environment are FIPS 140 validated. To identify which modules have been validated for a particular Microsoft product, select a product from the drop-down menus below.
|
|
||||||
|
|
||||||
[!INCLUDE [validation-selector](./includes/validation-selector.md)]
|
|
||||||
|
|
||||||
### Step 2: Ensure all security policies for all cryptographic modules are followed
|
|
||||||
|
|
||||||
Each of the cryptographic modules has a defined security policy that must be met for the module to operate in its FIPS 140 approved mode. The security policy is published in each module's public Security Policy document. To view or download the Security Policy document for a module, navigate to the listing of FIPS 140 validated modules for a given product using the drop-down menus in Step 1 and select the links to the Security Policy document for a given module.
|
|
||||||
|
|
||||||
### Step 3: Enable the FIPS security policy setting in Windows
|
|
||||||
|
|
||||||
Windows provides the following security policy setting, commonly referred to as *FIPS mode*:
|
|
||||||
|
|
||||||
> **System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing**
|
|
||||||
|
|
||||||
If you turn on FIPS mode, the Cryptographic Primitives Library `bcryptprimitives.dll` and Kernel Mode Cryptographic Primitives Library `CNG.sys` modules will run self-tests before Windows runs cryptographic operations.
|
|
||||||
|
|
||||||
>[!IMPORTANT]
|
|
||||||
>The FIPS security policy will not prevent Windows and its subsystems from using cryptographic algorithms that are not FIPS validated.
|
|
||||||
|
|
||||||
This FIPS security policy may be enabled by following the instructions in the Security Policy document for the Cryptographic Primitives Library or Kernel Mode Cryptographic Primitives Library.
|
|
||||||
|
|
||||||
For more information on the FIPS mode security policy setting, see [System cryptography: Use FIPS-compliant algorithms for encryption, hashing, and signing](/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing.md).
|
|
||||||
|
|
||||||
### Step 4: Ensure that only FIPS validated cryptographic algorithms are used
|
|
||||||
|
|
||||||
It is up to the administrator to ensure that applications and services follow the security policies of validated modules, including calling only for FIPS validated cryptographic algorithms.
|
|
||||||
|
|
||||||
>[!CAUTION]
|
|
||||||
>Neither the operating system nor the cryptographic module can prevent applications and services from calling cryptographic algorithms that have not been FIPS validated, even if the FIPS security policy setting in Windows has been enabled.
|
|
||||||
|
|
||||||
If an application or service calls for a non-approved algorithm, the module will no longer be operating its FIPS approved mode. For a listing of the validated algorithms for each module, see its Security Policy document. To view or download the Security Policy document for a module, navigate to the listing of FIPS 140 validated modules for a given product using the drop-down menus in Step 1 and click on the links to the Security Policy document for a given module.
|
|
||||||
@ -1,46 +0,0 @@
|
|||||||
---
|
|
||||||
title: FIPS 140 validated modules for other products
|
|
||||||
description: This topic lists the completed FIPS 140 cryptographic module validations for products other than Windows and Windows Server that leverage the Windows cryptographic modules.
|
|
||||||
ms.date: 1/2/2024
|
|
||||||
ms.topic: reference
|
|
||||||
ms.author: v-rodurff
|
|
||||||
author: msrobertd
|
|
||||||
ms.reviewer: paoloma
|
|
||||||
ms.collection: tier3
|
|
||||||
---
|
|
||||||
# FIPS 140 validated modules in other products
|
|
||||||
|
|
||||||
The following tables list the completed FIPS 140 validations in products other than Windows and Windows Server that leverage the Windows cryptographic modules. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate.
|
|
||||||
|
|
||||||
## Windows Embedded Compact 7 and Windows Embedded Compact 8
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Cryptographic Primitives Library (bcrypt.dll)|[7.00.2872 and 8.00.6246][sp-2956]|[2956][certificate-2956]|
|
|
||||||
|Enhanced Cryptographic Provider|[7.00.2872 and 8.00.6246][sp-2957]|[2957][certificate-2957]|
|
|
||||||
|
|
||||||
## Windows CE 6.0 and Windows Embedded Compact 7
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Enhanced Cryptographic Provider|[6.00.1937 and 7.00.1687][sp-825]|[825][certificate-825]|
|
|
||||||
|
|
||||||
## Outlook Cryptographic Provider
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Outlook Cryptographic Provider (EXCHCSP)|[SR-1A (3821)][sp-110]|[110][certificate-110]|
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
<!-- Links -->
|
|
||||||
|
|
||||||
[certificate-110]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/110
|
|
||||||
[certificate-825]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/825
|
|
||||||
[certificate-2956]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2956
|
|
||||||
[certificate-2957]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2957
|
|
||||||
|
|
||||||
[sp-110]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp110.pdf
|
|
||||||
[sp-825]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp825.pdf
|
|
||||||
[sp-2956]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2956.pdf
|
|
||||||
[sp-2957]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2957.pdf
|
|
||||||
@ -1,237 +0,0 @@
|
|||||||
---
|
|
||||||
title: FIPS 140 validated modules for previous Windows versions
|
|
||||||
description: This topic lists the completed FIPS 140 cryptographic module validations for versions of Windows prior to Windows 10.
|
|
||||||
ms.date: 1/2/2024
|
|
||||||
ms.topic: reference
|
|
||||||
ms.author: v-rodurff
|
|
||||||
author: msrobertd
|
|
||||||
ms.reviewer: paoloma
|
|
||||||
ms.collection: tier3
|
|
||||||
---
|
|
||||||
# FIPS 140 validated modules in previous Windows versions
|
|
||||||
|
|
||||||
The following tables list the completed FIPS 140 validations of cryptographic modules used in versions of Windows prior to Windows 10, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see [Use Windows in a FIPS 140 Approved Mode of Operation](../use-windows-in-fips-approved-mode.md). For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate.
|
|
||||||
|
|
||||||
## Windows 8.1
|
|
||||||
|
|
||||||
Validated Editions: RT, Pro, Enterprise, Phone, Embedded
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|BitLocker Dump Filter (dumpfve.sys)|[6.3.9600 6.3.9600.17031][sp-2354]|[#2354][certificate-2354]|
|
|
||||||
|BitLocker Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031][sp-2352]|[#2352][certificate-2352]|
|
|
||||||
|BitLocker Windows Resume (winresume) <br>*Applies only to Pro, Enterprise, and Embedded 8.*|[6.3.9600 6.3.9600.17031][sp-2353]|[#2353][certificate-2353]|
|
|
||||||
|Boot Manager|[6.3.9600 6.3.9600.17031][sp-2351]|[#2351][certificate-2351]|
|
|
||||||
|Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031][sp-2355]|[#2355][certificate-2355]|
|
|
||||||
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031][sp-2357]|[#2357][certificate-2357]|
|
|
||||||
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042][sp-2356]|[#2356][certificate-2356]|
|
|
||||||
|
|
||||||
## Windows 8
|
|
||||||
|
|
||||||
Validated Editions: RT, Home, Pro, Enterprise, Phone
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|BitLocker Dump Filter (DUMPFVE.SYS)|[6.2.9200][sp-1899]|[#1899][sp-1899]|
|
|
||||||
|BitLocker Windows OS Loader (WINLOAD)|[6.2.9200][sp-1896]|[#1896][sp-1896]|
|
|
||||||
|BitLocker Windows Resume (WINRESUME) <br>*Applies only to Home and Pro*|[6.2.9200][sp-1898]|[#1898][sp-1898]|
|
|
||||||
|Boot Manager|[6.2.9200][sp-1895]|[#1895][sp-1895]|
|
|
||||||
|Code Integrity (CI.DLL)|[6.2.9200][sp-1897]|[#1897][sp-1897]|
|
|
||||||
|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200][sp-1894]|[#1894][sp-1894]|
|
|
||||||
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200][sp-1893]|[#1893][sp-1893]|
|
|
||||||
|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200][sp-1892]|[#1892][sp-1892]|
|
|
||||||
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200][sp-1891]|[#1891][certificate-1891]|
|
|
||||||
|
|
||||||
## Windows 7
|
|
||||||
|
|
||||||
Validated Editions: Windows 7, Windows 7 SP1
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|BitLocker Drive Encryption|[6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655, and 6.1.7601.21675][sp-1332]|[1332][certificate-1332]|
|
|
||||||
|Boot Manager|[6.1.7600.16385 and 6.1.7601.17514][sp-1319]|[1319][certificate-1319]|
|
|
||||||
|Code Integrity (CI.DLL)|[6.1.7600.16385, 6.1.7600.17122, 6.1.7600.21320, 6.1.7601.17514, 6.1.7601.17950, and 6.1.7601.22108][sp-1327]|[1327][certificate-1327]|
|
|
||||||
|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.1.7600.16385 and 6.1.7601.17514][sp-1329]|[1329][certificate-1329]|
|
|
||||||
|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.1.7600.16385][sp-1330] (no change in SP1)|[1330][certificate-1330]|
|
|
||||||
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.1.7600.16385][sp-1331] (no change in SP1)|[1331][certificate-1331]|
|
|
||||||
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17725, 6.1.7601.17919, 6.1.7601.21861, 6.1.7601.22076][sp-1328]|[1328][certificate-1328]|
|
|
||||||
|Winload OS Loader (winload.exe)|[6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655, and 6.1.7601.21675][sp-1326]|[1326][certificate-1326]|
|
|
||||||
|
|
||||||
## Windows Vista SP1
|
|
||||||
|
|
||||||
Validated Edition: Ultimate Edition
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Boot Manager (bootmgr)|[6.0.6001.18000 and 6.0.6002.18005][sp-978]|[978][certificate-978]|
|
|
||||||
|Cryptographic Primitives Library (bcrypt.dll)|[6.0.6001.22202, 6.0.6002.18005, and 6.0.6002.22872][sp-1002]|[1001][certificate-1001]|
|
|
||||||
|Code Integrity (ci.dll)|[6.0.6001.18000, 6.0.6001.18023, 6.0.6001.22120, and 6.0.6002.18005][sp-980]|[980][certificate-980]|
|
|
||||||
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6001.18000 and 6.0.6002.18005][sp-1003]|[1003][certificate-1003]|
|
|
||||||
|Enhanced Cryptographic Provider (RSAENH)|[6.0.6001.22202 and 6.0.6002.18005][sp-1002]|[1002][certificate-1002]|
|
|
||||||
|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742, and 6.0.6002.22869][sp-1000]|[1000][certificate-1000]|
|
|
||||||
|Winload OS Loader (winload.exe)|[6.0.6001.18000, 6.0.6001.18027, 6.0.6001.18606, 6.0.6001.22125, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411 and 6.0.6002.22596][sp-979]|[979][certificate-979]|
|
|
||||||
|
|
||||||
## Windows Vista
|
|
||||||
|
|
||||||
Validated Edition: Ultimate Edition
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|BitLocker Drive Encryption|[6.0.6000.16386][sp-947]|[947][certificate-947]|
|
|
||||||
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6000.16386][sp-894]|[894][certificate-894]|
|
|
||||||
|Enhanced Cryptographic Provider (RSAENH) | [6.0.6000.16386][sp-893] | [893][certificate-893] |
|
|
||||||
|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6000.16386, 6.0.6000.16870 and 6.0.6000.21067][sp-891]|[891][certificate-891]|
|
|
||||||
|
|
||||||
## Windows XP SP3
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.1.2600.5507][sp-990]|[990][certificate-990]|
|
|
||||||
|Enhanced Cryptographic Provider (RSAENH)|[5.1.2600.5507][sp-989]|[989][certificate-989]|
|
|
||||||
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.1.2600.5512][sp-997]|[997][certificate-997]|
|
|
||||||
|
|
||||||
## Windows XP SP2
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|DSS/Diffie-Hellman Enhanced Cryptographic Provider|[5.1.2600.2133][sp-240]|[240][certificate-240]|
|
|
||||||
|Microsoft Enhanced Cryptographic Provider|[5.1.2600.2161][sp-238]|[238][certificate-238]|
|
|
||||||
|
|
||||||
## Windows XP SP1
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Microsoft Enhanced Cryptographic Provider|[5.1.2600.1029][sp-238]|[238][certificate-238]|
|
|
||||||
|
|
||||||
## Windows XP
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Kernel Mode Cryptographic Module|[5.1.2600.0][sp-241]|[241][certificate-241]|
|
|
||||||
|
|
||||||
## Windows 2000 SP3
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[Base DSS: 5.0.2195.3665 (SP3), Base: 5.0.2195.3839 (SP3), DSS/DH Enh: 5.0.2195.3665 (SP3), Enh: 5.0.2195.3839 (SP3)][sp-103]|[103][certificate-103]|
|
|
||||||
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.0.2195.1569][sp-106]|[106][certificate-106]|
|
|
||||||
|
|
||||||
## Windows 2000 SP2
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[Base DSS 5.0.2195.2228 (SP2), Base 5.0.2195.2228 (SP2), DSS/DH Enh 5.0.2195.2228 (SP2), Enh 5.0.2195.2228 (SP2)][sp-103]|[103][certificate-103]|
|
|
||||||
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.0.2195.1569][sp-106]|[106][certificate-106]|
|
|
||||||
|
|
||||||
## Windows 2000 SP1
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[Base DSS 5.0.2150.1391 (SP1), Base 5.0.2150.1391 (SP1), DSS/DH Enh: 5.0.2150.1391 (SP1), Enh 5.0.2150.1391 (SP1)][sp-103]|[103][certificate-103]|
|
|
||||||
|
|
||||||
## Windows 2000
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[5.0.2150.1][sp-76]|[76][certificate-76]|
|
|
||||||
|
|
||||||
## Windows 95 and Windows 98
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Base DSS Cryptographic Provider, Base Cryptographic Provider, DSS/Diffie-Hellman Enhanced Cryptographic Provider, and Enhanced Cryptographic Provider|[5.0.1877.6 and 5.0.1877.7][sp-75]|[75][certificate-75]|
|
|
||||||
|
|
||||||
## Windows NT 4.0
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Base Cryptographic Provider|[5.0.1877.6 and 5.0.1877.7][sp-68]|[68][certificate-68]|
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
<!-- Links -->
|
|
||||||
|
|
||||||
[certificate-68]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/68
|
|
||||||
[certificate-75]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/75
|
|
||||||
[certificate-76]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/76
|
|
||||||
[certificate-103]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/103
|
|
||||||
[certificate-106]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/106
|
|
||||||
[certificate-238]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/238
|
|
||||||
[certificate-240]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/240
|
|
||||||
[certificate-241]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/241
|
|
||||||
[certificate-891]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/891
|
|
||||||
[certificate-893]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/893
|
|
||||||
[certificate-894]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/894
|
|
||||||
[certificate-947]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/947
|
|
||||||
[certificate-978]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/978
|
|
||||||
[certificate-979]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/979
|
|
||||||
[certificate-980]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/980
|
|
||||||
[certificate-989]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/989
|
|
||||||
[certificate-990]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/990
|
|
||||||
[certificate-997]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/997
|
|
||||||
[certificate-1000]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1000
|
|
||||||
[certificate-1001]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1001
|
|
||||||
[certificate-1002]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1002
|
|
||||||
[certificate-1003]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1003
|
|
||||||
[certificate-1319]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1319
|
|
||||||
[certificate-1326]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1326
|
|
||||||
[certificate-1327]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1327
|
|
||||||
[certificate-1328]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1328
|
|
||||||
[certificate-1329]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1329
|
|
||||||
[certificate-1330]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1330
|
|
||||||
[certificate-1331]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1331
|
|
||||||
[certificate-1332]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1332
|
|
||||||
[certificate-1891]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1891
|
|
||||||
[certificate-2351]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2351
|
|
||||||
[certificate-2352]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2352
|
|
||||||
[certificate-2353]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2353
|
|
||||||
[certificate-2354]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2354
|
|
||||||
[certificate-2355]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2355
|
|
||||||
[certificate-2356]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356
|
|
||||||
[certificate-2357]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2357
|
|
||||||
|
|
||||||
[sp-68]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp68.pdf
|
|
||||||
[sp-75]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp75.pdf
|
|
||||||
[sp-76]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp76.pdf
|
|
||||||
[sp-103]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp103.pdf
|
|
||||||
[sp-106]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp106.pdf
|
|
||||||
[sp-238]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp238.pdf
|
|
||||||
[sp-240]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp240.pdf
|
|
||||||
[sp-241]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp241.pdf
|
|
||||||
[sp-891]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp891.pdf
|
|
||||||
[sp-893]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp893.pdf
|
|
||||||
[sp-894]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp894.pdf
|
|
||||||
[sp-947]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp947.pdf
|
|
||||||
[sp-978]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp978.pdf
|
|
||||||
[sp-979]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp979.pdf
|
|
||||||
[sp-980]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp980.pdf
|
|
||||||
[sp-989]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp989.pdf
|
|
||||||
[sp-990]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp990.pdf
|
|
||||||
[sp-997]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp997.pdf
|
|
||||||
[sp-1000]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1000.pdf
|
|
||||||
[sp-1002]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1002.pdf
|
|
||||||
[sp-1003]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1003.pdf
|
|
||||||
[sp-1319]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1319.pdf
|
|
||||||
[sp-1326]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1326.pdf
|
|
||||||
[sp-1327]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1327.pdf
|
|
||||||
[sp-1328]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1328.pdf
|
|
||||||
[sp-1329]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1329.pdf
|
|
||||||
[sp-1330]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1330.pdf
|
|
||||||
[sp-1331]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1331.pdf
|
|
||||||
[sp-1332]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1332.pdf
|
|
||||||
[sp-1891]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1891.pdf
|
|
||||||
[sp-1892]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1892.pdf
|
|
||||||
[sp-1893]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1893.pdf
|
|
||||||
[sp-1894]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1894.pdf
|
|
||||||
[sp-1895]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1895.pdf
|
|
||||||
[sp-1896]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1896.pdf
|
|
||||||
[sp-1897]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1897.pdf
|
|
||||||
[sp-1898]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1898.pdf
|
|
||||||
[sp-1899]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1899.pdf
|
|
||||||
[sp-2351]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2351.pdf
|
|
||||||
[sp-2352]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2352.pdf
|
|
||||||
[sp-2353]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2353.pdf
|
|
||||||
[sp-2354]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2354.pdf
|
|
||||||
[sp-2355]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2355.pdf
|
|
||||||
[sp-2356]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2356.pdf
|
|
||||||
[sp-2357]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2357.pdf
|
|
||||||
@ -1,69 +0,0 @@
|
|||||||
---
|
|
||||||
title: FIPS 140 validated modules for Windows Server 2016
|
|
||||||
description: This topic lists the completed FIPS 140 cryptographic module validations for Windows Server 2016.
|
|
||||||
ms.date: 1/2/2024
|
|
||||||
ms.topic: reference
|
|
||||||
ms.author: v-rodurff
|
|
||||||
author: msrobertd
|
|
||||||
ms.reviewer: paoloma
|
|
||||||
ms.collection: tier3
|
|
||||||
---
|
|
||||||
# FIPS 140 validated modules in Windows Server 2016
|
|
||||||
|
|
||||||
The following tables list the completed FIPS 140 validations of cryptographic modules used in Windows Server 2016, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see [Use Windows in a FIPS 140 Approved Mode of Operation](../use-windows-in-fips-approved-mode.md). For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate.
|
|
||||||
|
|
||||||
## Windows Server 2016
|
|
||||||
|
|
||||||
Build: 10.0.14393.1770. Validated Editions: Standard, Datacenter, Storage Server.
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Windows OS Loader][sp-3502] (winload)|[#3502][certificate-3502]|FIPS Approved: AES, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[BitLocker Windows Resume][sp-3501] (winresume)|[#3501][certificate-3501]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3487]|[#3487][certificate-3487]|FIPS Approved: AES, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3510] (ci.dll)|[#3510][certificate-3510]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Secure Kernel Code Integrity][sp-3513] (skci.dll)|[#3513][certificate-3513]|FIPS Approved: RSA and SHS; Other Allowed: MD5|
|
|
||||||
|
|
||||||
Build: 10.0.14393. Validated Editions: Standard, Datacenter, Storage Server.
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-2934] (dumpfve.sys)|[#2934][certificate-2934]|FIPS Approved: AES|
|
|
||||||
|[BitLocker Windows OS Loader][sp-2932] (winload)|[#2932][certificate-2932]|FIPS Approved: AES, RSA, and SHS; Other: NDRNG|
|
|
||||||
|[BitLocker Windows Resume][sp-2933] (winresume)|[#2933][certificate-2934]|FIPS Approved: AES, RSA, and SHS; Other: MD5|
|
|
||||||
|[Boot Manager][sp-2931]|[#2931][certificate-2931]|FIPS Approved: AES, HMAC, PBKDF, RSA, and SHS; Other: MD5, Non-Compliant PBKDF, and VMK KDF|
|
|
||||||
|[Code Integrity][sp-2935] (ci.dll)|[#2935][certificate-2935]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-2937] (bcryptprimitives.dll and ncryptsslp.dll)|[#2937][certificate-2937]|FIPS Approved: AES, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other: HMAC-MD5 and MD5.|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-2936] (cng.sys)|[#2936][certificate-2936]|FIPS Approved: AES, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-2938] (skci.dll)|[#2938][certificate-2938]|FIPS Approved: RSA and SHS; Other: MD5|
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
<!-- Links -->
|
|
||||||
|
|
||||||
[certificate-2931]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931
|
|
||||||
[certificate-2932]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2932
|
|
||||||
[certificate-2934]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934
|
|
||||||
[certificate-2935]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935
|
|
||||||
[certificate-2936]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936
|
|
||||||
[certificate-2937]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937
|
|
||||||
[certificate-2938]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2938
|
|
||||||
[certificate-3487]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3487
|
|
||||||
[certificate-3501]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3501
|
|
||||||
[certificate-3502]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3502
|
|
||||||
[certificate-3510]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3510
|
|
||||||
[certificate-3513]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3513
|
|
||||||
|
|
||||||
[sp-2931]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2931.pdf
|
|
||||||
[sp-2932]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2932.pdf
|
|
||||||
[sp-2933]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2933.pdf
|
|
||||||
[sp-2934]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2934.pdf
|
|
||||||
[sp-2935]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2935.pdf
|
|
||||||
[sp-2936]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2936.pdf
|
|
||||||
[sp-2937]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2937.pdf
|
|
||||||
[sp-2938]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2938.pdf
|
|
||||||
[sp-3487]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3487.pdf
|
|
||||||
[sp-3501]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3501.pdf
|
|
||||||
[sp-3502]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3502.pdf
|
|
||||||
[sp-3510]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3510.pdf
|
|
||||||
[sp-3513]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3513.pdf
|
|
||||||
@ -1,75 +0,0 @@
|
|||||||
---
|
|
||||||
title: FIPS 140 validated modules for Windows Server 2019
|
|
||||||
description: This topic lists the completed FIPS 140 cryptographic module validations for Windows Server 2019.
|
|
||||||
ms.date: 1/2/2024
|
|
||||||
ms.topic: reference
|
|
||||||
ms.author: v-rodurff
|
|
||||||
author: msrobertd
|
|
||||||
ms.reviewer: paoloma
|
|
||||||
ms.collection: tier3
|
|
||||||
---
|
|
||||||
# FIPS 140 validated modules in Windows Server 2019
|
|
||||||
|
|
||||||
The following tables list the completed FIPS 140 validations of cryptographic modules used in Windows Server 2019, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see [Use Windows in a FIPS 140 Approved Mode of Operation](../use-windows-in-fips-approved-mode.md). For details on the FIPS approved algorithms used by each module, see its linked Security Policy document or module certificate.
|
|
||||||
|
|
||||||
## Windows Server 2019
|
|
||||||
|
|
||||||
Builds: 10.0.17763.10021 and 10.0.17763.10127. Validated Edition: Datacenter Core
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter]|Pending [(in process)][in-process]||
|
|
||||||
|[Boot Manager][sp-4484]|[#4484][certificate-4484]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-4602]|[#4602][certificate-4602]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Cryptographic Primitives Library]|Pending [(in process)][in-process]||
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-4670]|[#4670][certificate-4670]|AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: ECDH|
|
|
||||||
|[Secure Kernel Code Integrity][sp-4640]|[#4640][certificate-4640]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Virtual TPM]|Pending [(in process)][in-process]||
|
|
||||||
|[Windows OS Loader][sp-4545]|[#4545][certificate-4545]|FIPS Approved: AES, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
Build: 10.0.17763.107. Validated Editions: Standard Core, Datacenter Core
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|Version|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-3092]|10.0.17763|[#3092][certificate-3092]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3089]|10.0.17763|[#3089][certificate-3089]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3644]|10.0.17763|[#3644][certificate-3644]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-3197]|10.0.17763|[#3197][certificate-3197]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-3196]|10.0.17763|[#3196][certificate-3196]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-3651]|10.0.17763|[#3651][certificate-3651]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Virtual TPM][sp-3690]|10.0.17763|[#3690][certificate-3690]|FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Windows OS Loader][sp-3615]|10.0.17763|[#3615][certificate-3615]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
<!-- Links -->
|
|
||||||
|
|
||||||
[certificate-3089]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089
|
|
||||||
[certificate-3092]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092
|
|
||||||
[certificate-3196]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196
|
|
||||||
[certificate-3197]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197
|
|
||||||
[certificate-3615]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3615
|
|
||||||
[certificate-3644]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3644
|
|
||||||
[certificate-3651]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3651
|
|
||||||
[certificate-3690]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3690
|
|
||||||
[certificate-4484]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4484
|
|
||||||
[certificate-4545]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4545
|
|
||||||
[certificate-4602]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4602
|
|
||||||
[certificate-4640]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4640
|
|
||||||
[certificate-4670]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4670
|
|
||||||
|
|
||||||
[sp-3089]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf
|
|
||||||
[sp-3092]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf
|
|
||||||
[sp-3196]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf
|
|
||||||
[sp-3197]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf
|
|
||||||
[sp-3615]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3615.pdf
|
|
||||||
[sp-3644]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3644.pdf
|
|
||||||
[sp-3651]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3651.pdf
|
|
||||||
[sp-3690]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3690.pdf
|
|
||||||
[sp-4484]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4484.pdf
|
|
||||||
[sp-4545]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4545.pdf
|
|
||||||
[sp-4602]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4602.pdf
|
|
||||||
[sp-4640]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4640.pdf
|
|
||||||
[sp-4670]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4670.pdf
|
|
||||||
|
|
||||||
[in-process]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/modules-in-process/modules-in-process-list
|
|
||||||
@ -1,162 +0,0 @@
|
|||||||
---
|
|
||||||
title: FIPS 140 validated modules for previous Windows Server versions
|
|
||||||
description: This topic lists the completed FIPS 140 cryptographic module validations for versions of Windows Server prior to Windows Server 2016.
|
|
||||||
ms.date: 1/2/2024
|
|
||||||
ms.topic: reference
|
|
||||||
ms.author: v-rodurff
|
|
||||||
author: msrobertd
|
|
||||||
ms.reviewer: paoloma
|
|
||||||
ms.collection: tier3
|
|
||||||
---
|
|
||||||
|
|
||||||
# FIPS 140 validated modules in previous Windows Server versions
|
|
||||||
|
|
||||||
The following tables list the completed FIPS 140 validations of cryptographic modules used in versions of Windows Server prior to Windows Server 2016, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see [Use Windows in a FIPS 140 Approved Mode of Operation](../use-windows-in-fips-approved-mode.md). For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate.
|
|
||||||
|
|
||||||
## Windows Server 2012 R2
|
|
||||||
|
|
||||||
Validated Editions: Server, Storage Server, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|BitLocker Dump Filter (dumpfve.sys) <br>*Doesn't apply to Azure StorSimple Virtual Array Windows Server 2012 R2*|[6.3.9600 6.3.9600.17031][sp-2354]|[2354][certificate-2354]|
|
|
||||||
|BitLocker Windows OS Loader (winload)|[6.3.9600 6.3.9600.17031][sp-2352]|[2352][certificate-2352]|
|
|
||||||
|BitLocker Windows Resume (winresume) <br>*Doesn't apply to Azure StorSimple Virtual Array Windows Server 2012 R2*|[6.3.9600 6.3.9600.17031][sp-2353]|[2353][certificate-2353]|
|
|
||||||
|Boot Manager|[6.3.9600 6.3.9600.17031][sp-2351]|[2351][certificate-2351]|
|
|
||||||
|Code Integrity (ci.dll)|[6.3.9600 6.3.9600.17031][sp-2355]|[2355][certificate-2355]|
|
|
||||||
|Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll)|[6.3.9600 6.3.9600.17031][sp-2357]|[2357][certificate-2357]|
|
|
||||||
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.3.9600 6.3.9600.17042][sp-2356]|[2356][certificate-2356]|
|
|
||||||
|
|
||||||
## Windows Server 2012
|
|
||||||
|
|
||||||
Validated Editions: Server, Storage Server
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|BitLocker Dump Filter (DUMPFVE.SYS)|[6.2.9200][sp-1899]|[1899][sp-1899]|
|
|
||||||
|BitLocker Windows OS Loader (WINLOAD)|[6.2.9200][sp-1896]|[1896][sp-1896]|
|
|
||||||
|BitLocker Windows Resume (WINRESUME)|[6.2.9200][sp-1898]|[1898][sp-1898]|
|
|
||||||
|Boot Manager|[6.2.9200][sp-1895]|[1895][sp-1895]|
|
|
||||||
|Code Integrity (CI.DLL)|[6.2.9200][sp-1897]|[1897][sp-1897]|
|
|
||||||
|Enhanced Cryptographic Provider (RSAENH.DLL)|[6.2.9200][sp-1894]|[1894][sp-1894]|
|
|
||||||
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL)|[6.2.9200][sp-1893]|[1893][sp-1893]|
|
|
||||||
|Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL)|[6.2.9200][sp-1892]|[1892]|
|
|
||||||
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.2.9200][sp-1891]|[1891][certificate-1891]|
|
|
||||||
|
|
||||||
## Windows Server 2008 R2
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|BitLocker Drive Encryption|[6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675][sp-1339]|[1339][certificate-1339]|
|
|
||||||
|Boot Manager (bootmgr)|[6.1.7600.16385 or 6.1.7601.17514][sp-1321]|[1321][certificate-1321]|
|
|
||||||
|Cryptographic Primitives Library (bcryptprimitives.dll)|[66.1.7600.16385 or 6.1.7601.17514][sp-1336]|[1336][certificate-1336]|
|
|
||||||
|Enhanced Cryptographic Provider (RSAENH)|[6.1.7600.16385][sp-1337]|[1337][certificate-1337]|
|
|
||||||
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.1.7600.16385][sp-1338]|[1338][certificate-1338]|
|
|
||||||
|Kernel Mode Cryptographic Primitives Library (cng.sys)|[6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17919, 6.1.7601.17725, 6.1.7601.21861 and 6.1.7601.22076][sp-1335]|[1335][certificate-1335]|
|
|
||||||
|Winload OS Loader (winload.exe)|[6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655 and 6.1.7601.21675][sp-1333]|[1333][certificate-1333]|
|
|
||||||
|
|
||||||
## Windows Server 2008
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Boot Manager (bootmgr)|[6.0.6001.18000, 6.0.6002.18005 and 6.0.6002.22497][sp-1004]|[1004][certificate-1004]|
|
|
||||||
|Code Integrity (ci.dll)|[6.0.6001.18000 and 6.0.6002.18005][sp-1006]|[1006][certificate-1006]|
|
|
||||||
|Cryptographic Primitives Library (bcrypt.dll)|[6.0.6001.22202, 6.0.6002.18005 and 6.0.6002.22872][sp-1008]|[1008][certificate-1008]|
|
|
||||||
|Enhanced Cryptographic Provider (RSAENH)|[6.0.6001.22202 and 6.0.6002.18005][sp-1010]|[1010][certificate-1010]|
|
|
||||||
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[6.0.6001.18000 and 6.0.6002.18005][sp-1009]|[1009][certificate-1009]|
|
|
||||||
|Kernel Mode Security Support Provider Interface (ksecdd.sys)|[6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742 and 6.0.6002.22869][sp-1007]|[1007][certificate-1007]|
|
|
||||||
|Winload OS Loader (winload.exe)|[6.0.6001.18000, 6.0.6001.18606, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411, 6.0.6002.22497 and 6.0.6002.22596][sp-1005]|[1005][certificate-1005]|
|
|
||||||
|
|
||||||
## Windows Server 2003 SP2
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.3959][sp-868]|[868][certificate-868]|
|
|
||||||
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.3959][sp-875]|[875][certificate-875]|
|
|
||||||
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.3959][sp-869]|[869][certificate-869]|
|
|
||||||
|
|
||||||
## Windows Server 2003 SP1
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.1830 [Service Pack 1])][sp-382]|[382][certificate-382]|
|
|
||||||
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.1830 [Service Pack 1]][sp-381]|[381][certificate-381]|
|
|
||||||
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.1830 [SP1]][sp-405]|[405][certificate-405]|
|
|
||||||
|
|
||||||
## Windows Server 2003
|
|
||||||
|
|
||||||
|Cryptographic Module|Version (link to Security Policy)|CMVP Certificate #|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|Enhanced Cryptographic Provider (RSAENH)|[5.2.3790.0][sp-382]|[382][certificate-382]|
|
|
||||||
|Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH)|[5.2.3790.0][sp-381]|[381][certificate-381]|
|
|
||||||
|Kernel Mode Cryptographic Module (FIPS.SYS)|[5.2.3790.0][sp-405]|[405][certificate-405]|
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
<!-- Links -->
|
|
||||||
|
|
||||||
[certificate-381]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/381
|
|
||||||
[certificate-382]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/382
|
|
||||||
[certificate-405]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/405
|
|
||||||
[certificate-868]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/868
|
|
||||||
[certificate-869]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/869
|
|
||||||
[certificate-875]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/875
|
|
||||||
[certificate-1004]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1004
|
|
||||||
[certificate-1005]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1005
|
|
||||||
[certificate-1006]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1006
|
|
||||||
[certificate-1007]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1007
|
|
||||||
[certificate-1008]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1008
|
|
||||||
[certificate-1009]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1009
|
|
||||||
[certificate-1010]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1010
|
|
||||||
[certificate-1321]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1321
|
|
||||||
[certificate-1333]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1333
|
|
||||||
[certificate-1335]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1335
|
|
||||||
[certificate-1336]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1336
|
|
||||||
[certificate-1337]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1337
|
|
||||||
[certificate-1338]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1338
|
|
||||||
[certificate-1339]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1339
|
|
||||||
[certificate-1891]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/1891
|
|
||||||
[certificate-2351]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2351
|
|
||||||
[certificate-2352]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2352
|
|
||||||
[certificate-2353]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2353
|
|
||||||
[certificate-2354]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2354
|
|
||||||
[certificate-2355]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2355
|
|
||||||
[certificate-2356]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2356
|
|
||||||
[certificate-2357]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2357
|
|
||||||
|
|
||||||
[sp-381]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp381.pdf
|
|
||||||
[sp-382]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp382.pdf
|
|
||||||
[sp-405]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp405.pdf
|
|
||||||
[sp-868]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp868.pdf
|
|
||||||
[sp-869]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp869.pdf
|
|
||||||
[sp-875]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp875.pdf
|
|
||||||
[sp-1004]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1004.pdf
|
|
||||||
[sp-1005]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1005.pdf
|
|
||||||
[sp-1006]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1006.pdf
|
|
||||||
[sp-1007]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1007.pdf
|
|
||||||
[sp-1008]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1008.pdf
|
|
||||||
[sp-1009]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1009.pdf
|
|
||||||
[sp-1010]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1010.pdf
|
|
||||||
[sp-1321]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1321.pdf
|
|
||||||
[sp-1333]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1333.pdf
|
|
||||||
[sp-1335]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1335.pdf
|
|
||||||
[sp-1336]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1336.pdf
|
|
||||||
[sp-1337]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1337.pdf
|
|
||||||
[sp-1338]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1338.pdf
|
|
||||||
[sp-1339]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1339.pdf
|
|
||||||
[sp-1891]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1891.pdf
|
|
||||||
[sp-1892]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1892.pdf
|
|
||||||
[sp-1893]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1893.pdf
|
|
||||||
[sp-1894]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1894.pdf
|
|
||||||
[sp-1895]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1895.pdf
|
|
||||||
[sp-1896]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1896.pdf
|
|
||||||
[sp-1897]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1897.pdf
|
|
||||||
[sp-1898]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1898.pdf
|
|
||||||
[sp-1899]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp1899.pdf
|
|
||||||
[sp-2351]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2351.pdf
|
|
||||||
[sp-2352]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2352.pdf
|
|
||||||
[sp-2353]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2353.pdf
|
|
||||||
[sp-2354]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2354.pdf
|
|
||||||
[sp-2355]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2355.pdf
|
|
||||||
[sp-2356]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2356.pdf
|
|
||||||
[sp-2357]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2357.pdf
|
|
||||||
@ -1,148 +0,0 @@
|
|||||||
---
|
|
||||||
title: FIPS 140 validated modules for Windows Server Semi-Annual Releases
|
|
||||||
description: This topic lists the completed FIPS 140 cryptographic module validations for Windows Server semi-annual releases.
|
|
||||||
ms.date: 1/2/2024
|
|
||||||
ms.topic: reference
|
|
||||||
ms.author: v-rodurff
|
|
||||||
author: msrobertd
|
|
||||||
ms.reviewer: paoloma
|
|
||||||
ms.collection: tier3
|
|
||||||
---
|
|
||||||
|
|
||||||
# FIPS 140 validated modules in Windows Server semi-annual releases
|
|
||||||
|
|
||||||
The following tables list the completed FIPS 140 validations of cryptographic modules used in Windows Server semi-annual releases, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see [Use Windows in a FIPS 140 Approved Mode of Operation](../use-windows-in-fips-approved-mode.md). For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate.
|
|
||||||
|
|
||||||
## Windows Server, version 2004 (May 2020 Update)
|
|
||||||
|
|
||||||
Build: 10.0.19041. Validated Editions: Standard Core, Datacenter Core
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-4538]|[#4538][certificate-4538]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3923]|[#3923][certificate-3923]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-4511]|[#4511][certificate-4511]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-4536]|[#4536][certificate-4536]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-4515]|[#4515][certificate-4515]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-4512]|[#4512][certificate-4512]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Virtual TPM][sp-4537]|[#4537][certificate-4537]|FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Windows OS Loader][sp-4339]|[#4339][certificate-4339]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
## Windows Server, version 1909 (November 2019 Update)
|
|
||||||
|
|
||||||
Build: 10.0.18363. Validated Editions: Standard Core, Datacenter Core
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-4538]|[#4538][certificate-4538]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3923]|[#3923][certificate-3923]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-4511]|[#4511][certificate-4511]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-4536]|[#4536][certificate-4536]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-4515]|[#4515][certificate-4515]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-4512]|[#4512][certificate-4512]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Virtual TPM][sp-4537]|[#4537][certificate-4537]|FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Windows OS Loader][sp-4339]|[#4339][certificate-4339]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
## Windows Server, version 1903 (May 2019 Update)
|
|
||||||
|
|
||||||
Build: 10.0.18362. Validated Editions: Standard Core, Datacenter Core
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-4538]|[#4538][certificate-4538]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3923]|[#3923][certificate-3923]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-4511]|[#4511][certificate-4511]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-4536]|[#4536][certificate-4536]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-4515]|[#4515][certificate-4515]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-4512]|[#4512][certificate-4512]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Virtual TPM][sp-4537]|[#4537][certificate-4537]|FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Windows OS Loader][sp-4339]|[#4339][certificate-4339]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
## Windows Server, version 1809
|
|
||||||
|
|
||||||
Build: 10.0.17763. Validated Editions: Standard Core, Datacenter Core
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-3092]|[#3092][certificate-3092]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3089]|[#3089][certificate-3089]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3644]|[#3644][certificate-3644]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-3197]|[#3197][certificate-3197]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-3196]|[#3196][certificate-3196]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-3651]|[#3651][certificate-3651]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Virtual TPM][sp-3690]|[#3690][certificate-3690]|FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Windows OS Loader][sp-3615]|[#3615][certificate-3615]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
## Windows Server, version 1803
|
|
||||||
|
|
||||||
Build: 10.0.17134. Validated Editions: Standard Core, Datacenter Core
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-3092]|[#3092][certificate-3092]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3089]|[#3089][certificate-3089]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3195]|[#3195][certificate-3195]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-3197]|[#3197][certificate-3197]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-3196]|[#3196][certificate-3196]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-3096]|[#3096][certificate-3096]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Windows OS Loader][sp-3480]|[#3480][certificate-3480]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
## Windows Server, version 1709
|
|
||||||
|
|
||||||
Build: 10.0.16299. Validated Editions: Standard Core, Datacenter Core
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-3092]|[#3092][certificate-3092]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3089]|[#3089][certificate-3089]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3195]|[#3195][certificate-3195]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-3197]|[#3197][certificate-3197]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-3196]|[#3196][certificate-3196]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-3096]|[#3096][certificate-3096]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Windows OS Loader][sp-3194]|[#3194][certificate-3194]|FIPS Approved: AES, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
<!-- Links -->
|
|
||||||
|
|
||||||
[certificate-3089]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089
|
|
||||||
[certificate-3092]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092
|
|
||||||
[certificate-3096]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096
|
|
||||||
[certificate-3194]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3194
|
|
||||||
[certificate-3195]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195
|
|
||||||
[certificate-3196]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196
|
|
||||||
[certificate-3197]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197
|
|
||||||
[certificate-3480]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3480
|
|
||||||
[certificate-3615]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3615
|
|
||||||
[certificate-3644]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3644
|
|
||||||
[certificate-3651]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3651
|
|
||||||
[certificate-3690]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3690
|
|
||||||
[certificate-3923]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3923
|
|
||||||
[certificate-4339]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4339
|
|
||||||
[certificate-4511]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4511
|
|
||||||
[certificate-4512]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4512
|
|
||||||
[certificate-4515]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4515
|
|
||||||
[certificate-4536]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4536
|
|
||||||
[certificate-4537]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4537
|
|
||||||
[certificate-4538]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4538
|
|
||||||
|
|
||||||
[sp-3089]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf
|
|
||||||
[sp-3092]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf
|
|
||||||
[sp-3096]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf
|
|
||||||
[sp-3194]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3194.pdf
|
|
||||||
[sp-3195]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf
|
|
||||||
[sp-3196]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf
|
|
||||||
[sp-3197]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf
|
|
||||||
[sp-3480]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3480.pdf
|
|
||||||
[sp-3615]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3615.pdf
|
|
||||||
[sp-3644]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3644.pdf
|
|
||||||
[sp-3651]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3651.pdf
|
|
||||||
[sp-3690]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3690.pdf
|
|
||||||
[sp-3923]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3923.pdf
|
|
||||||
[sp-4339]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4339.pdf
|
|
||||||
[sp-4511]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4511.pdf
|
|
||||||
[sp-4512]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4512.pdf
|
|
||||||
[sp-4515]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4515.pdf
|
|
||||||
[sp-4536]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4536.pdf
|
|
||||||
[sp-4537]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4537.pdf
|
|
||||||
[sp-4538]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4537.pdf
|
|
||||||
@ -1,322 +0,0 @@
|
|||||||
---
|
|
||||||
title: FIPS 140 validated modules for Windows 10
|
|
||||||
description: This topic lists the completed FIPS 140 cryptographic module validations for Windows 10.
|
|
||||||
ms.date: 1/2/2024
|
|
||||||
ms.topic: reference
|
|
||||||
ms.author: v-rodurff
|
|
||||||
author: msrobertd
|
|
||||||
ms.reviewer: paoloma
|
|
||||||
ms.collection: tier3
|
|
||||||
---
|
|
||||||
|
|
||||||
# FIPS 140 validated modules for Windows 10
|
|
||||||
|
|
||||||
The following tables list the completed FIPS 140 validations of cryptographic modules used in Windows 10, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see [Use Windows in a FIPS 140 Approved Mode of Operation](../use-windows-in-fips-approved-mode.md). For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate.
|
|
||||||
|
|
||||||
## Windows 10, version 2004 (May 2020 Update)
|
|
||||||
|
|
||||||
Build: 10.0.19041. Validated Editions: Home, Pro, Enterprise, Education
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-4538]|[#4538][certificate-4538]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3923]|[#3923][certificate-3923]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-4511]|[#4511][certificate-4511]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-4536]|[#4536][certificate-4536]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-4515]|[#4515][certificate-4515]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-4512]|[#4512][certificate-4512]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[TCB Launcher][sp-4457] <br>*Applies only to Enterprise Edition.*|[#4457][certificate-4457]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Windows OS Loader][sp-4339]|[#4339][certificate-4339]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Virtual TPM][sp-4537]|[#4537][certificate-4537]|FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Windows Resume][sp-4348]|[#4348][certificate-4348]|FIPS Approved: AES, HMAC, KBKDF, RSA, and SHS|
|
|
||||||
|
|
||||||
## Windows 10, version 1909 (November 2019 Update)
|
|
||||||
|
|
||||||
Build: 10.0.18363. Validated Editions: Home, Pro, Enterprise, Education
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-4538]|[#4538][certificate-4538]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3923]|[#3923][certificate-3923]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-4511]|[#4511][certificate-4511]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-4536]|[#4536][certificate-4536]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-4515]|[#4515][certificate-4515]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-4512]|[#4512][certificate-4512]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[TCB Launcher][sp-4457] <br>*Applies only to Enterprise Edition.*|[#4457][certificate-4457]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Windows OS Loader][sp-4339]|[#4339][certificate-4339]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Virtual TPM][sp-4537]|[#4537][certificate-4537]|FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Windows Resume][sp-4348]|[#4348][certificate-4348]|FIPS Approved: AES, HMAC, KBKDF, RSA, and SHS|
|
|
||||||
|
|
||||||
## Windows 10, version 1903 (May 2019 Update)
|
|
||||||
|
|
||||||
Build: 10.0.18362. Validated Editions: Home, Pro, Enterprise, Education
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-4538]|[#4538][certificate-4538]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3923]|[#3923][certificate-3923]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-4511]|[#4511][certificate-4511]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-4536]|[#4536][certificate-4536]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-4515]|[#4515][certificate-4515]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-4512]|[#4512][certificate-4512]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Windows OS Loader][sp-4339]|[#4339][certificate-4339]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Virtual TPM][sp-4537]|[#4537][certificate-4537]|FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Windows Resume][sp-4348]|[#4348][certificate-4348]|FIPS Approved: AES, HMAC, KBKDF, RSA, and SHS|
|
|
||||||
|
|
||||||
## Windows 10, version 1809 (October 2018 Update)
|
|
||||||
|
|
||||||
Build: 10.0.17763. Validated Editions: Home, Pro, Enterprise, Education
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-3092]|[#3092][certificate-3092]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3089]|[#3089][certificate-3089]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3644]|[#3644][certificate-3644]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-3197]|[#3197][certificate-3197]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-3196]|[#3196][certificate-3196]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-3651]|[#3651][certificate-3651]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Virtual TPM][sp-3690]|[#3690][certificate-3690]|FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[Windows OS Loader][sp-3615]|[#3615][certificate-3615]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
## Windows 10, version 1803 (April 2018 Update)
|
|
||||||
|
|
||||||
Build: 10.0.17134. Validated Editions: Home, Pro, Enterprise, Education
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-3092]|[#3092][certificate-3092]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3089]|[#3089][certificate-3089]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3195]|[#3195][certificate-3195]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-3197]|[#3197][certificate-3197]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-3196]|[#3196][certificate-3196]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-3096]|[#3096][certificate-3096]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Windows OS Loader][sp-3480]|[#3480][certificate-3480]|FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
## Windows 10, version 1709 (Fall Creators Update)
|
|
||||||
|
|
||||||
Build: 10.0.16299. Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-3092]|[#3092][certificate-3092]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3089]|[#3089][certificate-3089]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3195]|[#3195][certificate-3195]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-3197]|[#3197][certificate-3197]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-3196]|[#3196][certificate-3196]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-3096]|[#3096][certificate-3096]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Windows Resume][sp-3091]|[#3091][certificate-3091]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Windows OS Loader][sp-3194]|[#3194][certificate-3194]|FIPS Approved: AES, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|
|
||||||
## Windows 10, version 1703 (Creators Update)
|
|
||||||
|
|
||||||
Build: 10.0.15063. Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-3092] <br>*Applies only to Pro, Enterprise, Education, S, Mobile, and Surface Hub Editions.*|[#3092][certificate-3092]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3089]|[#3089][certificate-3089]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3093] (ci.dll)|[#3093][certificate-3093]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-3095] (bcryptprimitives.dll and ncryptsslp.dll)|[#3095][certificate-3095]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-3094] (cng.sys)|[#3094][certificate-3094]|FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-3096] (skci.dll) <br>*Applies only to Pro, Enterprise, Education, and S Editions.*|[#3096][certificate-3096]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Windows OS Loader][sp-3090]|[#3090][certificate-3090]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Windows Resume][sp-3091] <br>*Applies only to Home, Pro, Enterprise, Education, and S Editions.*|[#3091][certificate-3091]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|
|
||||||
## Windows 10, version 1607 (Anniversary Update)
|
|
||||||
|
|
||||||
Build: 10.0.14393.1770. Validated Editions: Windows 10 (Home/Consumer), Pro, Enterprise, Enterprise LTSB, Mobile
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Windows OS Loader][sp-3502] (winload)|[#3502][certificate-3502]|FIPS Approved: AES, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[BitLocker Windows Resume][sp-3501] (winresume) <br>*Applies only to Home, Pro, Enterprise, and Enterprise LTSB Editions.*|[#3501][certificate-3501]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3487]|[#3487][certificate-3487]|FIPS Approved: AES, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3510] (ci.dll)|[#3510][certificate-3510]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Secure Kernel Code Integrity][sp-3513] (skci.dll) <br>*Applies only to Pro, Enterprise, and Enterprise LTSB Editions.*|[#3513][certificate-3513]|FIPS Approved: RSA and SHS; Other Allowed: MD5|
|
|
||||||
|
|
||||||
Build: 10.0.14393. Validated Editions: Windows 10 (Home/Consumer), Pro, Enterprise, Enterprise LTSB, Mobile
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-2934] (dumpfve.sys) <br>*Applies only to Pro, Enterprise, Enterprise LTSB, and Mobile Editions.*|[#2934][certificate-2934]|FIPS Approved: AES|
|
|
||||||
|[BitLocker Windows OS Loader][sp-2932] (winload)|[#2932][certificate-2932]|FIPS Approved: AES, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[BitLocker Windows Resume][sp-2933] (winresume) <br>*Applies only to Home, Pro, Enterprise, and Enterprise LTSB Editions.*|[#2933][certificate-2933]|FIPS Approved: AES, RSA, and SHS; Other Allowed: MD5|
|
|
||||||
|[Boot Manager][sp-2931]|[#2931][certificate-2931]|FIPS Approved: AES, HMAC, PBKDF, RSA, and SHS; Other Allowed: MD5, Non-Compliant PBKDF, and VMK KDF|
|
|
||||||
|[Code Integrity][sp-2935] (ci.dll)|[#2935][certificate-2935]|FIPS Approved: RSA and SHS|
|
|
||||||
|[Cryptographic Primitives Library][sp-2937] (bcryptprimitives.dll and ncryptsslp.dll)|[#2937][certificate-2937]|FIPS Approved: AES, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5 and MD5|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-2936] (cng.sys)|[#2936][certificate-2936]|FIPS Approved: AES, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-2938] (skci.dll) <br>*Applies only to Pro, Enterprise, and Enterprise LTSB Editions.*|[#2938][certificate-2938]|FIPS Approved: RSA and SHS; Other Allowed: MD5|
|
|
||||||
|
|
||||||
## Windows 10, version 1511 (November Update)
|
|
||||||
|
|
||||||
Build: 10.0.10586.1176. Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, Surface Hub
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Windows OS Loader][sp-3451] (winload)|[#3451][certificate-3451]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[BitLocker Windows Resume][sp-3464] (winresume) <br>*Applies only to Home, Pro, and Enterprise Editions.*|[#3464][certificate-3464]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3447]|[#3447][certificate-3447]|FIPS Approved: AES, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3469] (ci.dll)|[#3469][certificate-3469]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|
|
||||||
Build: 10.0.10586. Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, Surface Hub
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-2703] (dumpfve.sys) <br>*Applies only to Pro, Enterprise, Mobile, and Surface Hub Editions.*|[#2703][certificate-2703]|FIPS Approved: AES|
|
|
||||||
|[BitLocker Windows OS Loader][sp-2701] (winload) <br>*Applies only to Home, Pro, Enterprise, Mobile, and Surface Hub Editions.*|[#2701][certificate-2701]|FIPS Approved: AES, RSA, and SHS; Other Allowed: MD5 and NDRNG|
|
|
||||||
|[BitLocker Windows Resume][sp-2702] (winresume) <br>*Applies only to Home, Pro, and Enterprise Editions.*|[#2702][certificate-2702]|FIPS Approved: AES, RSA, and SHS; Other Allowed: MD5|
|
|
||||||
|[Boot Manager][sp-2700] <br>*Applies only to Home, Pro, Enterprise, Mobile, and Surface Hub Editions.*|[#2700][certificate-2700]|FIPS Approved: AES, HMAC, PBKDF, RSA, and SHS; Other Allowed: MD5, Non-Compliant KDF, and Non-Compliant PBKDF|
|
|
||||||
|[Code Integrity][sp-2604] (ci.dll)|[#2604][certificate-2604]|FIPS Approved: RSA and SHS; Other Allowed: Non-Compliant AES and MD5|
|
|
||||||
|[Cryptographic Primitives Library][sp-2605] (bcryptprimitives.dll and ncryptsslp.dll)|[#2606][certificate-2606]|FIPS Approved: AES, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-2605] (cng.sys)|[#2605][certificate-2605]|FIPS Approved: AES, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-2607] (skci.dll) <br>*Applies only to Enterprise and Enterprise LTSB Editions.*|[#2607][certificate-2607]|FIPS Approved: RSA and SHS|
|
|
||||||
|
|
||||||
## Windows 10, version 1507
|
|
||||||
|
|
||||||
Build: 10.0.10240.17643. Validated Editions: Enterprise LTSB
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Windows OS Loader][sp-3427] (winload)|[#3427][certificate-3427]|FIPS Approved: AES, RSA, and SHS; Other Allowed: NDRNG|
|
|
||||||
|[BitLocker Windows Resume][sp-3426] (winresume)|[#3426][certificate-3426]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|[Boot Manager][sp-3415]|[#3415][certificate-3415]|FIPS Approved: AES, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|[Code Integrity][sp-3437] (ci.dll)|[#3437][certificate-3437]|FIPS Approved: AES, RSA, and SHS|
|
|
||||||
|
|
||||||
Build: 10.0.10240. Validated Editions: Home, Pro, Enterprise, Enterprise LTSB, Mobile, and Surface Hub
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[BitLocker Dump Filter][sp-2603] (dumpfve.sys) <br>*Applies only to Pro, Enterprise, and Enterprise LTSB Editions.*|[#2603][certificate-2603]|FIPS Approved: AES|
|
|
||||||
|[BitLocker Windows OS Loader][sp-2601] (winload) <br>*Applies only to Home, Pro, Enterprise, and Enterprise LTSB Editions.*|[#2601][certificate-2601]|FIPS Approved: AES, RSA, and SHS; Other Allowed: MD5 and NDRNG|
|
|
||||||
|[BitLocker Windows Resume][sp-2602] (winresume) <br>*Applies only to Home, Pro, Enterprise, and Enterprise LTSB Editions.*|[#2602][certificate-2602]|FIPS Approved: AES, RSA, and SHS; Other Allowed: MD5|
|
|
||||||
|[Boot Manager][sp-2600] <br>*Applies only to Home, Pro, Enterprise, and Enterprise LTSB Editions.*|[#2600][certificate-2600]|FIPS Approved: AES, HMAC, KTS, PBKDF, RSA, and SHS; Other Allowed: MD5, Non-Compliant KDF, and Non-Compliant PBKDF|
|
|
||||||
|[Code Integrity][sp-2604] (ci.dll)|[#2604][certificate-2604]|FIPS Approved: RSA and SHS; Other Allowed: Non-Compliant AES and MD5|
|
|
||||||
|[Cryptographic Primitives Library][sp-2606] (bcryptprimitives.dll and ncryptsslp.dll)|[#2606][certificate-2606]|FIPS Approved: AES, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Kernel Mode Cryptographic Primitives Library][sp-2605] (cng.sys)|[#2605][certificate-2605]|FIPS Approved: AES, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG|
|
|
||||||
|[Secure Kernel Code Integrity][sp-2607] (skci.dll) <br>*Applies only to Enterprise and Enterprise LTSB Editions.*|[#2607][certificate-2607]|FIPS Approved: RSA and SHS|
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
<!-- Links -->
|
|
||||||
|
|
||||||
[certificate-2600]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2600
|
|
||||||
[certificate-2601]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2601
|
|
||||||
[certificate-2602]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2602
|
|
||||||
[certificate-2603]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2603
|
|
||||||
[certificate-2604]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2604
|
|
||||||
[certificate-2605]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2605
|
|
||||||
[certificate-2606]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2606
|
|
||||||
[certificate-2607]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2607
|
|
||||||
[certificate-2700]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2700
|
|
||||||
[certificate-2701]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2701
|
|
||||||
[certificate-2702]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2702
|
|
||||||
[certificate-2703]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2703
|
|
||||||
[certificate-2931]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2931
|
|
||||||
[certificate-2932]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2932
|
|
||||||
[certificate-2933]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2933
|
|
||||||
[certificate-2934]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2934
|
|
||||||
[certificate-2935]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2935
|
|
||||||
[certificate-2936]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2936
|
|
||||||
[certificate-2937]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2937
|
|
||||||
[certificate-2938]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2938
|
|
||||||
[certificate-3089]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089
|
|
||||||
[certificate-3090]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3090
|
|
||||||
[certificate-3091]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3091
|
|
||||||
[certificate-3092]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092
|
|
||||||
[certificate-3093]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3093
|
|
||||||
[certificate-3094]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3094
|
|
||||||
[certificate-3095]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3095
|
|
||||||
[certificate-3096]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096
|
|
||||||
[certificate-3194]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3194
|
|
||||||
[certificate-3195]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195
|
|
||||||
[certificate-3196]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196
|
|
||||||
[certificate-3197]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197
|
|
||||||
[certificate-3415]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3415
|
|
||||||
[certificate-3426]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3426
|
|
||||||
[certificate-3427]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3427
|
|
||||||
[certificate-3437]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3437
|
|
||||||
[certificate-3447]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3447
|
|
||||||
[certificate-3451]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3451
|
|
||||||
[certificate-3464]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3464
|
|
||||||
[certificate-3469]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3469
|
|
||||||
[certificate-3480]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3480
|
|
||||||
[certificate-3487]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3487
|
|
||||||
[certificate-3501]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3501
|
|
||||||
[certificate-3502]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3502
|
|
||||||
[certificate-3510]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3510
|
|
||||||
[certificate-3513]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3513
|
|
||||||
[certificate-3615]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3615
|
|
||||||
[certificate-3644]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3644
|
|
||||||
[certificate-3651]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3651
|
|
||||||
[certificate-3690]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3690
|
|
||||||
[certificate-3923]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3923
|
|
||||||
[certificate-4339]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4339
|
|
||||||
[certificate-4348]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4348
|
|
||||||
[certificate-4457]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4457
|
|
||||||
[certificate-4511]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4511
|
|
||||||
[certificate-4512]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4512
|
|
||||||
[certificate-4515]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4515
|
|
||||||
[certificate-4536]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4536
|
|
||||||
[certificate-4537]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4537
|
|
||||||
[certificate-4538]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4538
|
|
||||||
|
|
||||||
[sp-2600]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2600.pdf
|
|
||||||
[sp-2601]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2601.pdf
|
|
||||||
[sp-2602]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2602.pdf
|
|
||||||
[sp-2603]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2603.pdf
|
|
||||||
[sp-2604]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2604.pdf
|
|
||||||
[sp-2605]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2605.pdf
|
|
||||||
[sp-2606]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2606.pdf
|
|
||||||
[sp-2607]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2607.pdf
|
|
||||||
[sp-2700]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2700.pdf
|
|
||||||
[sp-2701]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2701.pdf
|
|
||||||
[sp-2702]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2702.pdf
|
|
||||||
[sp-2703]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2703.pdf
|
|
||||||
[sp-2931]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2931.pdf
|
|
||||||
[sp-2932]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2932.pdf
|
|
||||||
[sp-2933]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2933.pdf
|
|
||||||
[sp-2934]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2934.pdf
|
|
||||||
[sp-2935]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2935.pdf
|
|
||||||
[sp-2936]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2936.pdf
|
|
||||||
[sp-2937]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2937.pdf
|
|
||||||
[sp-2938]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2938.pdf
|
|
||||||
[sp-3089]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf
|
|
||||||
[sp-3090]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3090.pdf
|
|
||||||
[sp-3091]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf
|
|
||||||
[sp-3092]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf
|
|
||||||
[sp-3093]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3093.pdf
|
|
||||||
[sp-3094]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3094.pdf
|
|
||||||
[sp-3095]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3095.pdf
|
|
||||||
[sp-3096]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf
|
|
||||||
[sp-3194]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3194.pdf
|
|
||||||
[sp-3195]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf
|
|
||||||
[sp-3196]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf
|
|
||||||
[sp-3197]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf
|
|
||||||
[sp-3415]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3415.pdf
|
|
||||||
[sp-3426]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3426.pdf
|
|
||||||
[sp-3427]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3427.pdf
|
|
||||||
[sp-3437]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3437.pdf
|
|
||||||
[sp-3447]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3447.pdf
|
|
||||||
[sp-3451]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3451.pdf
|
|
||||||
[sp-3464]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3464.pdf
|
|
||||||
[sp-3469]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3469.pdf
|
|
||||||
[sp-3480]: https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3480.pdf
|
|
||||||
[sp-3487]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3487.pdf
|
|
||||||
[sp-3501]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3501.pdf
|
|
||||||
[sp-3502]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3502.pdf
|
|
||||||
[sp-3510]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3510.pdf
|
|
||||||
[sp-3513]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3513.pdf
|
|
||||||
[sp-3615]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3615.pdf
|
|
||||||
[sp-3644]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3644.pdf
|
|
||||||
[sp-3651]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3651.pdf
|
|
||||||
[sp-3690]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3690.pdf
|
|
||||||
[sp-3923]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3923.pdf
|
|
||||||
[sp-4339]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4339.pdf
|
|
||||||
[sp-4348]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4348.pdf
|
|
||||||
[sp-4457]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4457.pdf
|
|
||||||
[sp-4511]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4511.pdf
|
|
||||||
[sp-4512]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4512.pdf
|
|
||||||
[sp-4515]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4515.pdf
|
|
||||||
[sp-4536]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4536.pdf
|
|
||||||
[sp-4537]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4537.pdf
|
|
||||||
[sp-4538]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4537.pdf
|
|
||||||
@ -1,30 +0,0 @@
|
|||||||
---
|
|
||||||
title: FIPS 140 validated modules for Windows 11
|
|
||||||
description: This topic lists the completed FIPS 140 cryptographic module validations for Windows 11.
|
|
||||||
ms.date: 1/2/2024
|
|
||||||
ms.topic: reference
|
|
||||||
ms.author: v-rodurff
|
|
||||||
author: msrobertd
|
|
||||||
ms.reviewer: paoloma
|
|
||||||
ms.collection: tier3
|
|
||||||
---
|
|
||||||
|
|
||||||
# FIPS 140 validated modules for Windows 11
|
|
||||||
|
|
||||||
The following tables list the completed FIPS 140 validations of cryptographic modules used in Windows 11, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see [Use Windows in a FIPS 140 Approved Mode of Operation](../use-windows-in-fips-approved-mode.md). For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate.
|
|
||||||
|
|
||||||
## Windows 11, version 21H2
|
|
||||||
|
|
||||||
Build: 10.0.22000. Validated Edition: Windows 11
|
|
||||||
|
|
||||||
|Cryptographic Module (linked to Security Policy document)|CMVP Certificate #|Validated Algorithms|
|
|
||||||
|--- |--- |--- |
|
|
||||||
|[Boot Manager][sp-4546]|[#3089][certificate-4546]|FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS|
|
|
||||||
|
|
||||||
---
|
|
||||||
|
|
||||||
<!-- Links -->
|
|
||||||
|
|
||||||
[certificate-4546]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4546
|
|
||||||
|
|
||||||
[sp-4546]: https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4546.pdf
|
|
||||||
@ -22,6 +22,15 @@ The product releases below are currently certified against the cited *Protection
|
|||||||
- The *Administrative Guide* provides guidance on configuring the product to match the evaluated configuration
|
- The *Administrative Guide* provides guidance on configuring the product to match the evaluated configuration
|
||||||
- The *Certification Report or Validation Report* documents the results of the evaluation by the validation team, with the *Assurance Activity Report* providing details on the evaluator's actions
|
- The *Certification Report or Validation Report* documents the results of the evaluation by the validation team, with the *Assurance Activity Report* providing details on the evaluator's actions
|
||||||
|
|
||||||
|
### Windows 11 (version 22H2), Windows 10 (version 22H2), Windows Server 2022, Windows Server Datacenter: Azure Edition, Azure Stack HCIv2 version 22H2, Azure Stack Hub and Edge
|
||||||
|
|
||||||
|
Certified against the Protection Profile for General Purpose Operating Systems (4.2.1), the PP-Module for VPN Client (2.4), the PP-Module for Wireless Local Area Network Client (1.0) and the PP-Module for Bluetooth (1.0)
|
||||||
|
|
||||||
|
- [Security Target](TBD)
|
||||||
|
- [Administrative Guide](TBD)
|
||||||
|
- [Assurance Activity Report](TBD)
|
||||||
|
- [Validation Report](TBD)
|
||||||
|
|
||||||
### Windows 11, Windows 10 (version 20H2, 21H1, 21H2), Windows Server, Windows Server 2022, Azure Stack HCIv2 version 21H2, Azure Stack Hub and Edge
|
### Windows 11, Windows 10 (version 20H2, 21H1, 21H2), Windows Server, Windows Server 2022, Azure Stack HCIv2 version 21H2, Azure Stack Hub and Edge
|
||||||
|
|
||||||
Certified against the Protection Profile for General Purpose Operating Systems, including the Extended Package for Wireless Local Area Network Clients and the Module for Virtual Private Network Clients
|
Certified against the Protection Profile for General Purpose Operating Systems, including the Extended Package for Wireless Local Area Network Clients and the Module for Virtual Private Network Clients
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user