Sign in
 
Microsoft Developer Network > Forums Home > Using Forums Forums > Off-Topic Posts (Do Not Post Here) > FIPS
Ask a questionAsk a question
Search Forums:
 

QuestionFIPS

  • Tuesday, October 27, 2009 6:57 PMigalk474 Users MedalsUsers MedalsUsers MedalsUsers MedalsUsers Medals
     
    Sign In to Vote
    0
    Sign In to Vote
    i have enabled the
    "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing"
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy\Enabled = 1

    to encrypt my hard drive with bitlocker (i have windows 7 ultimate x64)
    so i can't disable it because i have 2 partition of 1 terabyte encrypted with it and i can decrypt them ,
    they must stay encrypted with the fips policy

    but when i try to build a new Class Library project
    with visual studio 2010 beta 2 ultimate

    a regular blank class (classes are derived from object)
    when i try to compile it give me this error:

    "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms."


    but i'm not using any of the managed cryptographic algorithms,

    can it be because that Object.GetHashCode() not using a fips compliant algorithm?


    although in .net 2.0,i think that this is the implementation of Object.GetHashCode


    int m_dwHashCodeSeed = 0;
    Thread.GetNewHashCode()
    {
        m_dwHashCodeSeed = m_dwHashCodeSeed*(m_ThreadId*4 + 5) + 1;
        return m_dwHashCodeSeed;
    }

    Object.GetHashCode()
    {
        hashCode = GetThread().GetNewHashCode() >> 7;
        return hashcode;
    }

    and there isn't any throw of fips exception




    i think that maybe in the .net 3.0-4.0
    the implementation of Object.GetHashCode() Have Changed to use one of the managed cryptographic algorithms :

    in System.Security.Cryptography:

    AesManaged
    MD5Cng
    MD5CryptoServiceProvider
    RC2CryptoServiceProvider
    RijndaelManaged
    RIPEMD160Managed
    SHA1Managed
    SHA256Managed
    SHA384Managed
    SHA512Managed

    and those managed cryptographic algorithms are not Fips compliant , only some of the CNG algorithms (such as AES) are

    i also tried to override the GetHashCode, but it didn't helped

    it doesn't let me compile wpf application , even in expression blend 3



    it probably has something to do with MSbuild or CSC

    i tried to change the target framework but it didn't help

    how can i solve/bypass it without changing the FipsAlgorithmPolicy in the registry?
    i can't compile anything
    • Moved byChao KuoMSFTWednesday, November 04, 2009 6:47 AMoff topic in MSBuild (From:MSBuild)
    •  
     

All Replies