FIPS 140 validated modules in Windows Server 2019
The following tables list the completed FIPS 140 validations of cryptographic modules used in Windows Server 2019, organized by major release of the operating system. The linked Security Policy document for each module provides details on the module capabilities and the policies the operator must follow to use the module in its FIPS approved mode of operation. For information on using the overall operating system in its FIPS approved mode, see Use Windows in a FIPS approved mode of operation. For details on the FIPS approved algorithms used by each module, see its linked Security Policy document or module certificate.
Windows Server 2019
Builds: 10.0.17763.10021 and 10.0.17763.10127. Validated Edition: Datacenter Core
| Cryptographic Module (linked to Security Policy document) | CMVP Certificate # | Validated Algorithms |
|---|---|---|
| BitLocker Dump Filter | #4688 | FIPS Approved: AES, RSA, and SHS |
| Boot Manager | #4484 | FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS |
| Code Integrity | #4602 | FIPS Approved: RSA and SHS |
| Cryptographic Primitives Library | #4687 | FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: ECDH and NDRNG |
| Kernel Mode Cryptographic Primitives Library | #4670 | AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: ECDH |
| Secure Kernel Code Integrity | #4640 | FIPS Approved: RSA and SHS |
| Virtual TPM | #4686 | FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG |
| Windows OS Loader | #4545 | FIPS Approved: AES, RSA, and SHS; Other Allowed: NDRNG |
Build: 10.0.17763.107. Validated Editions: Standard Core, Datacenter Core
| Cryptographic Module (linked to Security Policy document) | Version | CMVP Certificate # | Validated Algorithms |
|---|---|---|---|
| BitLocker Dump Filter | 10.0.17763 | #3092 | FIPS Approved: AES, RSA, and SHS |
| Boot Manager | 10.0.17763 | #3089 | FIPS Approved: AES, CKG, HMAC, PBKDF, RSA, and SHS |
| Code Integrity | 10.0.17763 | #3644 | FIPS Approved: RSA and SHS |
| Cryptographic Primitives Library | 10.0.17763 | #3197 | FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG |
| Kernel Mode Cryptographic Primitives Library | 10.0.17763 | #3196 | FIPS Approved: AES, CKG, CVL, DRBG, DSA, ECDSA, HMAC, KAS, KBKDF, KTS, PBKDF, RSA, SHS, and Triple-DES; Other Allowed: HMAC-MD5, MD5, and NDRNG |
| Secure Kernel Code Integrity | 10.0.17763 | #3651 | FIPS Approved: RSA and SHS |
| Virtual TPM | 10.0.17763 | #3690 | FIPS Approved: AES, CKG, CVL, DRBG, ECDSA, HMAC, KAS, KBKDF, KTS, RSA, and SHS; Other Allowed: NDRNG |
| Windows OS Loader | 10.0.17763 | #3615 | FIPS Approved: AES, CKG, DRBG, RSA, and SHS; Other Allowed: NDRNG |