tag:blogger.com,1999:blog-7656888.post1421131625224321422..comments2023-10-11T04:24:22.301-06:00Comments on Aggregated Intelligence: FIPS validated cryptographic algorithms in .NETRaj Raohttp://www.blogger.com/profile/02773005045522319448noreply@blogger.comBlogger11125tag:blogger.com,1999:blog-7656888.post-26782282625980821202023-04-04T22:51:10.146-06:002023-04-04T22:51:10.146-06:00Is HMACSHA512 FIPS complaint? When i run the below...Is HMACSHA512 FIPS complaint? When i run the below code it's not throwing any error even after turn on of registry flag HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy<br /><br />I'm using dot net framework 4.5<br /><br /> byte[] bR = null;<br /> byte[] data = Encoding.UTF8.GetBytes("Hello, world!");<br /> byte[] data1= Encoding.UTF8.GetBytes("Test Hello, world!");<br /> using (HMACSHA512 Mac2 = new HMACSHA512(data))<br /> {<br /> Mac2.Initialize();<br /> bR = Mac2.ComputeHash(data1);<br /> }<br /><br />Please let us know your comments on the same srikantamhttps://www.blogger.com/profile/15978108885027589145noreply@blogger.comtag:blogger.com,1999:blog-7656888.post-88378864581529596622021-11-23T22:44:54.762-07:002021-11-23T22:44:54.762-07:00Thanks. This was very useful.Thanks. This was very useful.5Arete23https://www.blogger.com/profile/07706295044931893393noreply@blogger.comtag:blogger.com,1999:blog-7656888.post-12884677332185073492014-08-15T02:40:15.513-06:002014-08-15T02:40:15.513-06:00@Isaacdudes - (for posterity here) perhaps you are...@Isaacdudes - (for posterity here) perhaps you are using a build with debugging enabled or are debugging in the IDE? Debugging enabled throw exceptions even when using compliant crypto providers, such as the SHA512CryptoServiceProvider.<br /><br />You can turn this behaviour off locally to allow debugging. Discussion can be found here:<br /><br />http://forums.asp.net/t/1265047.aspxSean Kearonhttps://www.blogger.com/profile/13745810241561834202noreply@blogger.comtag:blogger.com,1999:blog-7656888.post-13531377666552942832012-09-02T20:33:36.321-06:002012-09-02T20:33:36.321-06:00AesCryptoServiceProvider works fine as a FIPs comp...AesCryptoServiceProvider works fine as a FIPs compliant symmetric algorithm too. In fact I had a problem with TripleDES, with an error regarding 'known weak key', so changed to just DES, but then read that was only for legacy systems, so tried Aes, and everything worked great.Dylan Nicholsonhttps://www.blogger.com/profile/15028032592653986291noreply@blogger.comtag:blogger.com,1999:blog-7656888.post-66312497907571837372012-02-08T12:47:27.918-07:002012-02-08T12:47:27.918-07:00Hi ,
I see SHA-512 is FIPS complaint.
http://csr...Hi ,<br /><br />I see SHA-512 is FIPS complaint.<br /><br />http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf<br /><br />I even tried, <br />SHA512CryptoServiceProvider<br /><br />http://msdn.microsoft.com/en-us/library/system.security.cryptography.sha512managed(v=vs.90).aspx#1<br /><br />But, When the FIPS mode is turned on, It throws exception.<br /><br />Is there a diferrent implementation of SHA-512 which is FIPS complaint?<br /><br />Thank you,<br />IsaacIsaachttps://www.blogger.com/profile/02742378962214297342noreply@blogger.comtag:blogger.com,1999:blog-7656888.post-45550490312066004252012-02-02T01:31:13.228-07:002012-02-02T01:31:13.228-07:00Thanks a lot..Thanks a lot..Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-7656888.post-72245856193724440182012-01-03T07:33:43.641-07:002012-01-03T07:33:43.641-07:00Thankyou!!! This was very helpful...Thankyou!!! This was very helpful...Tony Johnhttps://www.blogger.com/profile/16000577937276731061noreply@blogger.comtag:blogger.com,1999:blog-7656888.post-46182313164958726092012-01-03T07:32:54.686-07:002012-01-03T07:32:54.686-07:00Thank you!! This was very helpful...Thank you!! This was very helpful...Tony Johnhttps://www.blogger.com/profile/16000577937276731061noreply@blogger.comtag:blogger.com,1999:blog-7656888.post-18981575916218485782010-09-08T09:20:17.278-06:002010-09-08T09:20:17.278-06:00I'm using Visual Studio 2008 SP, and Framework...I'm using Visual Studio 2008 SP, and Framework 3.5 SP1 WCF Tools ona Windows 7 to connect to an HTTPS web service and I get this exception. <br />I've tried to enable the local security policy mentioned above, but it doesnt' work (I've restarted the machine too).<br />In other machines with the same configuration (as I can see) works fine!<br /><br />Have you any idea? I've googled it and I haven't found anything...Otietshttps://www.blogger.com/profile/02267431216024873989noreply@blogger.comtag:blogger.com,1999:blog-7656888.post-10802193350354249042010-01-19T05:47:51.313-07:002010-01-19T05:47:51.313-07:00Thank you thank you thank you.
I'm using Windo...Thank you thank you thank you.<br />I'm using Windows 7 and VS.Net 2008 and up until 2 days ago everything was working fine. I updated some of my 3rd party tools and BANG - "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms". Thanks to your post I could turn off FIPS compliance checking.<br />Thanks again.<br />Neville - Cape Town - South AfricaAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-7656888.post-34754177305740834672008-12-16T08:33:00.000-07:002008-12-16T08:33:00.000-07:00Our small government development shop is using VS ...Our small government development shop is using VS 2005. When the AD pushed down a GPO that enforced the fipsalgorithmpolicy = 1, we could no longer debug. I ran across at least 10 <A HREF="http://support.microsoft.com/kb/911722" REL="nofollow"> references/links</A> to either change the reg value (nope, see GPO) or mod the application's web.config <web> section to include the <machineKey> mod which didn't work. <BR/><BR/>What DID work for us was editing the devenv.exe.config.<BR/><BR/><configuration><BR/> <runtime><BR/> <enforceFIPSPolicy enabled=”0” /><BR/> </runtime><BR/></configuration><BR/><BR/>See link <A HREF="http://forums.asp.net/t/1265047.aspx" REL="nofollow">here</A> which discusses how to fix it if using VS 2008.Anonymousnoreply@blogger.com