Certificate 1001 - Microsoft Windows Vista Cryptographic Primitives Library (bcrypt.dll)
intCertNum 1001
strVendorName Microsoft Corporation
strURL http://www.microsoft.com
strAddress1 One Microsoft Way
strAddress2
strAddress3
strCity Redmond
strStateProv WA
strPostalCode 98052-6399
strCountry 98052-6399
strContact Dave Friant
strEmail dave.friant@microsoft.com
strPhone 425-704-7984
strFax 425-936-7329
strContact2
strEmail2
strFax2
strPhone2
intCertNum 1001
strModuleName Microsoft Windows Vista Cryptographic Primitives Library (bcrypt.dll)
strPartNumber Software Versions: 6.0.6001.22202, 6.0.6002.18005 and 6.0.6002.22872
memModuleNotes When operated in FIPS mode with Code Integrity (ci.dll) validated to FIPS 140-2 under Cert. #980 operating in FIPS mode
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf][txt]
strPURL
strModuleType Software
strValidationDate 08/15/2008;07/24/2009;09/06/2012
intOverallLevel 1
memIndividualLevelNotes -Operational Environment: Tested as meeting Level 1 with Microsoft Windows Vista Ultimate Edition SP1 (x86 Version); Microsoft Windows Vista Ultimate Edition SP1 (x64 version) (single-user mode)
strFIPSAlgorithms AES (Certs. #739 and #756);
DSA (Cert. #283);
ECDSA (Cert. #82);
HMAC (Cert. #412);
RNG (Cert. #435 and SP 800-90, vendor affirmed);
RSA (Certs. #353 and #357);
SHS (Cert. #753);
Triple-DES (Cert. #656)
strOtherAlgorithms AES (GCM and GMAC;
non-compliant);
DES;
Diffie-Hellman (key agreement: key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
EC Diffie-Hellman (key agreement: key establishment methodology provides between 128 and 256 bits of encryption strength);
MD2;
MD4;
MD5;
RC2;
RC4;
RNG (SP 800-90 Dual-EC;
non-compliant);
RSA (key wrapping;
key establishment methodology provides between 112 and 150 bits of encryption strength;
non-compliant provides less than 112 bits of encryption strength)
strConfiguration Multi-chip standalone
memModuleDescription BCRYPT.DLL provides cryptographic services, through its documented interfaces, to Windows Vista components and applications running on Windows Vista.

The cryptographic module, BCRYPT.DLL, encapsulates several different cryptographic algorithms in an easy-to-use cryptographic module accessible via the Microsoft CNG (Cryptography, Next Generation) API. It can be dynamically linked into applications by software developers to permit the use of general-purpose FIPS 140-2 compliant cryptography.
intModuleCount 1
memAdditionalNotes 07/24/09: Added v6.0.6002.18005 and updated Security Policy.
09/06/12: Added SW 6.0.6002.22872 and updated security policy.
strFirstValidtionDate 08/15/08 00:00:00
strLabName Leidos
strValidationYear 2008