This article provides technical details regarding the cryptographic modules, libraries, and protocols used by VMware Tools. It defines the functional cryptographic boundaries within VMware Tools and clarifies how SAML token signatures are processed.

VMware Tools 12.x

VMware Tools uses only OpenSSL and Windows CryptoAPI for its cryptographic operations. On Windows guest operating systems, Windows CryptoAPI is used to verify digital signatures on binaries and scripts. VMware Tools does not perform SSL/TLS communication, does not implement encryption or decryption, and does not generate cryptographic keys or certificates. Its cryptographic functionality is strictly limited to certificate and digital signature verification.