Module Name
Kernel Mode Cryptographic Primitives Library
Caveat
When operated in FIPS mode with module Windows OS Loader validated to FIPS 140-2 under Cert. #4545 operating in FIPS mode
Security Level Exceptions
- Design Assurance: Level 2
Module Type
Software-Hybrid
Embodiment
Multi-Chip Stand Alone
Description
Kernel Mode Cryptographic Primitives Library (cng.sys) runs as a kernel mode export driver, and provides cryptographic services, through their documented interfaces, to Windows kernel components. It supports several cryptographic algorithms accessible via a FIPS function table request IRP (I/O request packet).
Tested Configuration(s)
- Windows Server 2019 Datacenter Core (x64) running on a Dell PowerEdge R640 Server with an Intel Xeon Gold 6230 with PAA
- Windows Server 2019 Datacenter Core (x64) running on a Dell PowerEdge R840 Server with an Intel Xeon Platinum 8260 with PAA
- Windows Server 2019 Datacenter Core (x64) running on a Dell XR2 with an Intel Xeon Silver 4114 with PAA
- Windows Server 2019 Datacenter Core (x64) running on a Rugged Mobile Appliance with an Intel Xeon D-1559 with PAA (single-user mode)
Allowed Algorithms
EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256-bits of encryption strength); NDRNG
Hardware Versions
Intel Xeon Silver 4114, Intel Xeon Gold 6230, Intel Xeon Platinum 8260 and Intel Xeon D-1559
Software Versions
10.0.17763.10021 and 10.0.17763.10127