Linterface de Windows 7
Windows 7 est un système d'exploitation doté d'une interface graphique intuitive qui vous permet de communiquer avec votre ordinateur pour lui demander de
Linterface de Windows 7
L'interface de Windows 7. 1.1 Utiliser le menu Démarrer et la barre des tâches de Windows 7 . 21. 1.2 Profiter de l'affichage Aero et de Windows Flip 3D ...
Création dune connexion VPN dans Windows 7 pour accéder au
Cette documentation est composée de captures d'écrans faites dans Windows 7 Professionnel en français avec l'interface « standard » et il se peut que l'
Windows 7: Using USB TAP on a Classic CodeWarrior Installation
6 déc. 2011 Certain classic CodeWarrior tools do not support the USB TAP run control interface when the host computer is running the Windows. 7 64-bit ...
Microsoft Windows 7 Cryptographic Primitives Library
2 mai 2011 and Windows 7 are either registered trademarks or trademarks of Microsoft Corporation in ... 3 CRYPTOGRAPHIC MODULE PORTS AND INTERFACES .
Accéder à linterface de ligne de commande dun commutateur
Dans cet exemple Windows 7 Édition Intégrale est utilisé et la version PuTTY est. 0.63. Étape 1. Lancez le client PuTTY sur votre ordinateur. Étape 2.
Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library
16 janv. 2013 and Windows 7 are either registered trademarks or trademarks of Microsoft Corporation in ... 3 CRYPTOGRAPHIC MODULE PORTS AND INTERFACES .
Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library
16 janv. 2013 and Windows 7 are either registered trademarks or trademarks of Microsoft Corporation in ... 3 CRYPTOGRAPHIC MODULE PORTS AND INTERFACES .
Dell Precision Rack 7910 Fiche technique de mise à jour des
l'interface « Démarrage de Windows ». Windows 7 32 bits : définissez MMIO sur. DISABLED (Désactivé) dans le programme de configuration du système. Windows 7
Windows 7 Winload OS Loader (winload.exe) Security Policy
31 août 2011 Control Input Interface . ... Status Output Interface . ... system loader which loads the Windows 7 operating system kernel (ntoskrnl.exe) ...
![Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library](https://pdfprof.com/Listes/21/6145-21140sp1328.pdf.pdf.jpg)
This Security Policy is non-proprietary and may be reproduced only in its original entirety (without revision)
1Library(cng.sys)SecurityPolicyDocument
Microsoft Windows 7 Operating System
FIPS 140-2 Security Policy Document
This document specifies the security policy for the Microsoft Kernel Mode Cryptographic Primitives Library
(CNG.SYS) as described in FIPS PUB 140-2.January 16, 2013
Document Version: 2.2
Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys) Security Policy DocumentThis Security Policy is non-proprietary and may be reproduced only in its original entirety (without revision)
2The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the
date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a
commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of
publication.This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE
INFORMATION IN THIS DOCUMENT.
Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons
Attribution-NoDerivs-NonCommercial License (which allows redistribution of the work). To view a copy of this license, visit
http://creativecommons.org/licenses/by-nd-nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford,
California 94305, USA. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights
covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the
furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
The example companies, organizations, products, people and events depicted herein are fictitious. No association with any real
company, organization, product, person or event is intended or should be inferred. © 2006 Microsoft Corporation. All rights reserved.Microsoft, Active Directory, Visual Basic, Visual Studio, Windows, the Windows logo, Windows NT, Windows Server, Windows Vista
and Windows 7 are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys) Security Policy DocumentThis Security Policy is non-proprietary and may be reproduced only in its original entirety (without revision)
31CRYPTOGRAPHIC MODULE SPECIFICATION ................................................................. 5
1.1Cryptographic Boundary ............................................................................................................... 5
2SECURITY POLICY .............................................................................................................. 5
3CRYPTOGRAPHIC MODULE PORTS AND INTERFACES ................................................. 7
3.1Exported Functions ........................................................................................................................ 7
3.2Data Input and Output Interfaces .............................................................................................. 8
3.3Control Input Interface ................................................................................................................. 8
3.4Status Output Interface ................................................................................................................ 8
3.5Cryptographic Bypass .................................................................................................................... 8
4ROLES AND AUTHENTICATION ........................................................................................ 8
4.1Roles .................................................................................................................................................. 9
4.2Maintenance Roles ......................................................................................................................... 9
4.3Operator Authentication ............................................................................................................... 9
5SERVICES ............................................................................................................................. 9
5.1Cryptographic Module Power Up and Power Down ................................................................. 9
5.1.1DriverEntry .................................................................................................................................. 9
5.1.2DriverUnload ................................................................................................................................ 9
5.2Algorithm Providers and Properties.......................................................................................... 10
5.2.1BCryptOpenAlgorithmProvider ................................................................................................... 10
5.2.2BCryptCloseAlgorithmProvider ................................................................................................... 10
5.2.3BCryptSetProperty ..................................................................................................................... 10
5.2.4BCryptGetProperty ..................................................................................................................... 10
5.2.5BCryptFreeBuffer ....................................................................................................................... 10
5.3Random Number Generation ...................................................................................................... 11
5.3.1BCryptGenRandom .................................................................................................................... 11
5.3.2SystemPrng ............................................................................................................................... 11
5.3.3EntropyRegisterSource .............................................................................................................. 12
5.3.4EntropyUnregisterSource ........................................................................................................... 13
5.3.5EntropyProvideData ................................................................................................................... 13
5.4Key and Key-Pair Generation ..................................................................................................... 13
5.4.1BCryptGenerateSymmetricKey .................................................................................................. 13
5.4.2BCryptGenerateKeyPair ............................................................................................................. 13
5.4.3BCryptFinalizeKeyPair ................................................................................................................ 14
5.4.4BCryptDuplicateKey ................................................................................................................... 14
5.4.5BCryptDestroyKey ...................................................................................................................... 14
5.5Key Entry and Output .................................................................................................................. 14
5.5.1BCryptImportKey ....................................................................................................................... 14
5.5.2BCryptImportKeyPair ................................................................................................................. 15
5.5.3BCryptExportKey........................................................................................................................ 15
5.6Encryption and Decryption ......................................................................................................... 16
5.6.1BCryptEncrypt ............................................................................................................................ 16
5.6.2BCryptDecrypt ........................................................................................................................... 17
5.7Hashing and Message Authentication ...................................................................................... 17
5.7.1BCryptCreateHash ..................................................................................................................... 17
5.7.2BCryptHashData ........................................................................................................................ 18
5.7.3BCryptDuplicateHash ................................................................................................................. 18
5.7.4BCryptFinishHash ...................................................................................................................... 18
5.7.5BCryptDestroyHash ................................................................................................................... 19
5.8Signing and Verification .............................................................................................................. 19
5.8.1BCryptSignHash ......................................................................................................................... 19
5.8.2BCryptVerifySignature ............................................................................................................... 19
Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys) Security Policy DocumentThis Security Policy is non-proprietary and may be reproduced only in its original entirety (without revision)
4 5.9Secret Agreement and Key Derivation ..................................................................................... 20
5.9.1BCryptSecretAgreement ............................................................................................................ 20
5.9.2BCryptDeriveKey ........................................................................................................................ 20
5.9.3BCryptDestroySecret ................................................................................................................. 21
5.10Legacy Compatibility Interfaces ............................................................................................ 21
5.10.1Key Formatting .......................................................................................................................... 21
5.10.2Random Number Generation ..................................................................................................... 21
5.10.3Data Encryption and Decryption ............................................................................................... 22
5.10.4Hashing ..................................................................................................................................... 24
5.11Configuration ............................................................................................................................. 26
5.12Other Interfaces ........................................................................................................................ 26
6OPERATIONAL ENVIRONMENT ...................................................................................... 27
7CRYPTOGRAPHIC KEY MANAGEMENT .......................................................................... 27
7.1Cryptographic Keys, CSPs, and SRDIs ...................................................................................... 27
7.2Access Control Policy ................................................................................................................... 27
7.3Key Material ................................................................................................................................... 28
7.4Key Generation.............................................................................................................................. 28
7.5Key Establishment ........................................................................................................................ 28
7.6Key Entry and Output .................................................................................................................. 29
7.7Key Storage .................................................................................................................................... 29
7.8Key Archival ................................................................................................................................... 29
7.9Key Zeroization ............................................................................................................................. 29
8SELF-TESTS ........................................................................................................................ 29
9DESIGN ASSURANCE ........................................................................................................ 30
10ADDITIONAL DETAILS .................................................................................................. 30
Microsoft Windows 7 Kernel Mode Cryptographic Primitives Library (cng.sys) Security Policy DocumentThis Security Policy is non-proprietary and may be reproduced only in its original entirety (without revision)
51 Cryptographic Module Specification
Microsoft Kernel Mode Cryptographic Primitives Library (CNG.SYS) is a FIPS 140-2 Level 1 compliant, general purpose, software-based, cryptographic module residing at kernel mode level of Windows 7 operating system. CNG.SYS (versions 6.1.7600.16385, 6.1.7600.16915, 6.1.7600.21092, 6.1.7601.17514,6.1.7601.17725, 6.1.7601.17919, 6.1.7601.21861, and 6.1.7601.22076) runs as a kernel mode export
driver, and provides cryptographic services, through their documented interfaces, to Windows 7 kernel
components. The CNG.SYS encapsulates several different cryptographic algorithms in an easy-to-use cryptographicmodule accessible via the Microsoft CNG (Cryptography, Next Generation) API. It also supports several
cryptographic algorithms accessible via a Fips function table request irp (I/O request packet). Windows 7
kernel mode components can use general-purpose FIPS 140-2 Level 1 compliant cryptography inCNG.SYS.
1.1 Cryptographic Boundary
The Windows 7 kernel mode CNG.SYS consists of a single kernel mode export driver (SYS). The cryptographic boundary for CNG.SYS is defined as the enclosure of the computer system, on whichCNG.SYS is to be executed. The physical configuration of CNG.SYS, as defined in FIPS-140-2, is multi-
chip standalone2 Security Policy
CNG.SYS operates under several rules that encapsulate its security policy. CNG.SYS is supported on Windows 7 and Windows 7 SP1. CNG.SYS operates in FIPS mode of operation only when used with the FIPS approved version of Windows 7 Winload OS Loader (winload.exe) validated to FIPS 140-2 under Cert. #1326 operating in FIPS mode Windows 7 is an operating system supporting a "single user" mode where there is only one interactive user during a logon session. CNG.SYS is only in its Approved mode of operation when Windows is booted normally, meaning Debug mode is disabled and Driver Signing enforcement is enabled. CNG.SYS operates in its FIPS mode of operation only when one of the following DWORD registry values is set to 1: o HKLM\SYSTEM\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled o HKLM\SYSTEM\CurrentControlSet\Policies\Microsoft\Cryptography\Configuration\SelfTestAlgorithms
All users assume either the User or Cryptographic Officer roles. CNG.SYS provides no authentication of users. Roles are assumed implicitly. The authentication provided by the Windows 7 operating system is not in the scope of the validation. All cryptographic services implemented within CNG.SYS are available to the User andCryptographic Officer roles.
In order to invoke the approved mode of operation, the user must call FIPS approved functions. CNG.SYS implements the following FIPS-140-2 Approved algorithms. o SHA-1, SHA-256, SHA-384, SHA-512 hash (Cert. #1081) o SHA-1, SHA-256, SHA-384, SHA-512 HMAC (Cert. #677) o Triple-DES (2 key and 3 key) in ECB, CBC, and CFB8 modes (Cert. #846) o AES-128, AES-192, AES-256 in ECB, CBC, and CFB8 modes (Cert. #1168) o AES-128, AES-192 and AES-256 in CCM mode (Cert. #1178) o AES-128, AES-192 and AES-256 in GCM mode (AES Cert. #1168, vendor-affirmed) o AES-128, AES-192 and AES-256 in GMAC mode (AES Cert. #1168, vendor-affirmed) o RSA (RSASSA-PKCS1-v1_5 and RSASSA-PSS) digital signatures (Cert. #560) and X9.31RSA key-pair generation (Cert. #559)
o ECDSA with the following NIST curves: P-256, P-384, P-521 (Cert. #141)Microsof
This S
C C a lThe fo
Figure 1
1Applicati
operate th ft Windows 7Security Policy
o FIPS 1 o FIPS 1 o SP800 o SP800 o KAS - meth oNG.SYS supp
o AES K e and 25 o Diffie-H o TLS an o IKEv1NG.SYS also
s lgorithms may o RSA en o RC2, R o DES in ollowing diagMaster com
ions may not he module in7 Kernel Mode
is non-propriet186-2 x-Chang
186-2 x-Chang
-90 AES-256 -90 Dual-EC DSP800-56A (v
odology provid orts the follow ey Wrap (AES56 bits of enc
Hellman (DH)
nd EAP-TLSKey Derivati
o supports the y not be used ncrypt/decrypRC4, MD2, MD
n ECB, CBC, a ram illustrat e mponents of use any of t h a FIPS comp e Cryptograph tary and may b ge Notice Gen ge Notice Reg counter modeDRBG (Cert. #
vendor-affirm des between wing non-AppS Cert #1168;
cryption streng ) secret agree on Functions followin g non d when opera ptD4, MD5, HMA
nd CFB with 8 es the master cn g.sys cry hese non-FIPS liant manner, hic Primitives be reproduced neral Purpose gular RNG (Ce e DRBG (Cert #24) med) EC Diffie128 and 256-
proved algorit ; key establis gth) ement n FIPS 140-2 tin g the modAC MD5
18-bit feedbac
components ypto moduleS algorithms
, applicationsLibrary (cng.s
only in its origi e RNG (Cert. # ert. #649) t. #23) e-Hellman Key -bits of encryp thms allowed hment meth o approved alg ules in a FIPS ck of the modul if they need t must only us sys) Security inal entirety (w #649) y Agreement; ption strength for use in FIP odology provid orithms, thouS compliant m
e: to be FIPS co se FIPS-approPolicy Docum
quotesdbs_dbs32.pdfusesText_38[PDF] Cour municipale de la Ville de Montréal Direction des services judiciaires
[PDF] POLITIQUE DE FORMATION CONTINUE DE L ORDRE DES AGRONOMES DU QUÉBEC 2014-2017
[PDF] Problèmes à propos des nombres entiers naturels
[PDF] La démarche «projets de service»
[PDF] Vu les articles 4, 19 et 85 de la Loi sur les compétences municipales (RLRQ, chapitre C-47.1);
[PDF] PROGRAMME D ETUDE FORMATION MUSICALE POUR DANSEURS
[PDF] DOSSIER D APPRENTISSAGE
[PDF] Objectif des gardes barrières. Barrière de Sécurité. Pare-feu. Pare-feu. Types de Pare-feu. Une vue d'ensemble
[PDF] Document associé : Plan de formation continue des membres du CA Modèle type
[PDF] Election du Conseil Municipal Enfants 2013
[PDF] + + Construction en bottes de paille. Professionnaliser. pourquoi, pour qui, comment? Réseau Français de la Construction en Paille
[PDF] Document validé en CNP le 17/12/2010 et présenté aux DG ARS le 21/01/2011.
[PDF] Vous n êtes pas seul. Guide à l intention des parents pour aider les jeunes victimes d un crime
[PDF] Classes : QUATRIEMES