Edit

Share via

FIPS 140 validated modules in previous Windows Server versions

  • Article

The following tables list the completed FIPS 140 validations of cryptographic modules used in versions of Windows Server prior to Windows Server 2016, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see Use Windows in a FIPS approved mode of operation. For details on the FIPS approved algorithms used by each module, including CAVP algorithm certificates, see the module's linked Security Policy document or CMVP module certificate.

Windows Server 2012 R2

Validated Editions: Server, Storage Server, StorSimple 8000 Series, Azure StorSimple Virtual Array Windows Server 2012 R2

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
BitLocker Dump Filter (dumpfve.sys)
Doesn't apply to Azure StorSimple Virtual Array Windows Server 2012 R2		 6.3.9600 6.3.9600.17031 2354
BitLocker Windows OS Loader (winload) 6.3.9600 6.3.9600.17031 2352
BitLocker Windows Resume (winresume)
Doesn't apply to Azure StorSimple Virtual Array Windows Server 2012 R2		 6.3.9600 6.3.9600.17031 2353
Boot Manager 6.3.9600 6.3.9600.17031 2351
Code Integrity (ci.dll) 6.3.9600 6.3.9600.17031 2355
Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) 6.3.9600 6.3.9600.17031 2357
Kernel Mode Cryptographic Primitives Library (cng.sys) 6.3.9600 6.3.9600.17042 2356

Windows Server 2012

Validated Editions: Server, Storage Server

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
BitLocker Dump Filter (DUMPFVE.SYS) 6.2.9200 1899
BitLocker Windows OS Loader (WINLOAD) 6.2.9200 1896
BitLocker Windows Resume (WINRESUME) 6.2.9200 1898
Boot Manager 6.2.9200 1895
Code Integrity (CI.DLL) 6.2.9200 1897
Enhanced Cryptographic Provider (RSAENH.DLL) 6.2.9200 1894
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH.DLL) 6.2.9200 1893
Cryptographic Primitives Library (BCRYPTPRIMITIVES.DLL) 6.2.9200 [1892]
Kernel Mode Cryptographic Primitives Library (cng.sys) 6.2.9200 1891

Windows Server 2008 R2

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
BitLocker Drive Encryption 6.1.7600.16385, 6.1.7600.16429, 6.1.7600.16757, 6.1.7600.20536, 6.1.7600.20873, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21634, 6.1.7601.21655 or 6.1.7601.21675 1339
Boot Manager (bootmgr) 6.1.7600.16385 or 6.1.7601.17514 1321
Cryptographic Primitives Library (bcryptprimitives.dll) 66.1.7600.16385 or 6.1.7601.17514 1336
Enhanced Cryptographic Provider (RSAENH) 6.1.7600.16385 1337
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) 6.1.7600.16385 1338
Kernel Mode Cryptographic Primitives Library (cng.sys) 6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514, 6.1.7601.17919, 6.1.7601.17725, 6.1.7601.21861 and 6.1.7601.22076 1335
Winload OS Loader (winload.exe) 6.1.7600.16385, 6.1.7600.16757, 6.1.7600.20897, 6.1.7600.20916, 6.1.7601.17514, 6.1.7601.17556, 6.1.7601.21655 and 6.1.7601.21675 1333

Windows Server 2008

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Boot Manager (bootmgr) 6.0.6001.18000, 6.0.6002.18005 and 6.0.6002.22497 1004
Code Integrity (ci.dll) 6.0.6001.18000 and 6.0.6002.18005 1006
Cryptographic Primitives Library (bcrypt.dll) 6.0.6001.22202, 6.0.6002.18005 and 6.0.6002.22872 1008
Enhanced Cryptographic Provider (RSAENH) 6.0.6001.22202 and 6.0.6002.18005 1010
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) 6.0.6001.18000 and 6.0.6002.18005 1009
Kernel Mode Security Support Provider Interface (ksecdd.sys) 6.0.6001.18709, 6.0.6001.18272, 6.0.6001.18796, 6.0.6001.22202, 6.0.6001.22450, 6.0.6001.22987, 6.0.6001.23069, 6.0.6002.18005, 6.0.6002.18051, 6.0.6002.18541, 6.0.6002.18643, 6.0.6002.22152, 6.0.6002.22742 and 6.0.6002.22869 1007
Winload OS Loader (winload.exe) 6.0.6001.18000, 6.0.6001.18606, 6.0.6001.22861, 6.0.6002.18005, 6.0.6002.18411, 6.0.6002.22497 and 6.0.6002.22596 1005

Windows Server 2003 SP2

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Enhanced Cryptographic Provider (RSAENH) 5.2.3790.3959 868
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) 5.2.3790.3959 875
Kernel Mode Cryptographic Module (FIPS.SYS) 5.2.3790.3959 869

Windows Server 2003 SP1

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Enhanced Cryptographic Provider (RSAENH) 5.2.3790.1830 [Service Pack 1]) 382
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) 5.2.3790.1830 [Service Pack 1] 381
Kernel Mode Cryptographic Module (FIPS.SYS) 5.2.3790.1830 [SP1] 405

Windows Server 2003

Cryptographic Module Version (link to Security Policy) CMVP Certificate #
Enhanced Cryptographic Provider (RSAENH) 5.2.3790.0 382
Enhanced DSS and Diffie-Hellman Cryptographic Provider (DSSENH) 5.2.3790.0 381
Kernel Mode Cryptographic Module (FIPS.SYS) 5.2.3790.0 405