How do you use FIPS authentication cryptographic algorithms with Visual Studio 2010 and Windows 7?

Question

How do you use FIPS authentication cryptographic algorithms with Visual Studio 2010 and Windows 7?

I turned on FIPS compliance mode in Windows 7, but now my code does not compile with the following error:

Source file 'whatever.cs' could not be opened ('This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.')

I use SHA1 encryption (hashing) and TripleDes (encryption). I also tried SHA512 and AES (256-bit key).

I can’t get the project to build, but I need to compile it to use FIPS compatible algorithms.

+6

c # visual-studio-2010 encryption fips

Scarcher2 Feb 17 '11 at 20:54

source share

3 answers

This is a list of FIPS compatible algorithms. More complete list here.

Algorithms compatible with FIPS:
Hash algorithms
HMACSHA1
MACTripleDES
SHA1CryptoServiceProvider
Symmetric Algorithms (use the same key for encryption and decryption)
DESCryptoServiceProvider
TripleDESCryptoServiceProvider
Asymmetric algorithms (use a public key for encryption and a private key for decryption)
DSACryptoServiceProvider
RSACryptoServiceProvider

So you will need to use SHA1CryptoServiceProvider and TripleDESCryptoServiceProvider to match FIPS

+9

SwDevMan81 Feb 17 '11 at 20:57

source share

You can also try closing all open files in the IDE and then creating. Someone wrote a problem> recently on Microsoft Connect: connect.microsoft.com/VisualStudio/feedback/details/644602 / ... - indiv

This also worked for me with Visual Studio 2010. In my case, I had to close all open files and restart Visual Studio

0

public wireless Jan 03 '13 at 18:22

source share

Chris haas · Accepted Answer · 2011-02-17T21:39:19+0000

Try making an empty C # application and compiling it, it should fail for the same reason. Ultimately, the problem is in Visual Studio, not in your code. Follow the instructions here and add this to the IDE configuration file ( Devenv.exe.config / VCSExpress.exe.config / vbexpress.exe.config ):

 <enforceFIPSPolicy enabled="false"/>

This does not mean that your application does not work in a mode compatible with FIPS, it means that Visual Studio is not now. Incompatible code will still compile, but if it tries to execute, you will get a System.InvalidOperationException .

I think, but I don’t know for sure, that the algorithms that VS uses to create certain hashes in libraries do not actually comply with FIPS requirements.

How do you use FIPS authentication cryptographic algorithms with Visual Studio 2010 and Windows 7?

More articles: