microsoft/SymCrypt

FIPS 140-2 certification

BenKnigge opened this issue · 1 comments

I see that "Support FIPS 140-2 certification of products using SymCrypt" is listed as a goal, however I did not find an actual cirtificate when searching for one on NIST https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search?SearchMode=Basic&Vendor=microsoft&CertificateStatus=Active&ValidationYear=0

Does the library actually have certification? If so could you provide the certificate number?

A library can't be FIPS-140 certified, only an executable can. SymCrypt is used in CNG.SYS and BCryptPrimitives.DLL, the two primary crypto libraries used in Windows which are FIPS-140 certified. For example
https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3527
which links to algorithm certificates such as
https://csrc.nist.gov/projects/Cryptographic-Algorithm-Validation-Program/details?source=AES&number=5300
which lists the implementation name that contains SymCrypt.