Geek asks and answers

Unknown build error "This implementation is not part of the cryptographic algorithms verified by FIPS for the Windows platform"

So, I turned on this group policy, and the first time I tried to compile my solution, I get this error. The funny thing is that I use the cryptographic function in only one place, but what I see is all my Silverlight ResourceDictionary files and userControl WPF files. Everything else seems to compile fine.

Why do I see an error only in xaml files where I do nothing with encryption? I know that I can disable the FIPS group policy, but I want to support it. Any idea why specific XAML files throw this error at compile time?

+3
source share
2 answers

After some research, I found this answer that makes sense:

WPF and FIPS

Here is the link to the link if it is deleted:

The following is the reply I got from the WPF XAML team:

We didn’t fix it because this issue was discovered days (June 2, 2008) before the release.

I still have the BBPack I didn’t checkin.  Here is the comment from the code.



            // The Federal Information Processing Standard mandates that

            // MD5 is obsolete and not safe for cryptographic checksums.

            // We are using it to coordinating source files for debugging

            // not authenticating so MD5 use is OK here.

            // But, on a OS with the FIPS compliant switch ON, the managed

            // MD5CryptoServiceProvider Ctor will throw.  So we can't use it.

            //

            // Currently we use a PInvoke wrapper to the Native layer;

            // which still works, even on a FIPS compliant machine.  A Better

            // fix would be to move to the approved SHA checksums, but that

            // will require co-ordination with VS and the Debugger groups etc.



The MSI builder and a few other tools also threw on a FIPS=1 machine.

So even we if we fixed our part (in 3.5sp1), the customer’s end-to-end solution was still broken.



General FIPS info:

http://support.microsoft.com/kb/811833/en-us
+1
source

I know that I'm a little late in the game, but recently I ran into this problem and also figured out a solution. For the reasons mentioned by @mdutra above , that’s why it doesn’t work, but interestingly, Visual Studio 2010 and 2012 have two different “fixes”.

The Microsoft Connect post states:

Submitted by Microsoft on 30/30/2012 at 16:00:

VS 2012 now builds C # projects in a separate process that launches msbuild. The entry you added to the devenv.exe.config file (which worked on VS 2010) will not be considered in this process. You must add the same entry, namely

<enforceFIPSPolicy enabled="false"/>

msbuild; ,

c:\Windows\Microsoft.Net\Framework\v4.0.30319\msbuild.exe.config

​​ </runtime> msbuild.exe.config.

C:\Windows\Microsoft.Net\Framework64\v4.0.30319\msbuild.exe.config, , MSBuild .

+3

More articles:


All Articles