tags:

views:

46

answers:

2

I'm using the SHA1Managed class in my code, but this causes a problem when I run it on a particular machine. I get this exception:

System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

The problem is caused by SHA1Managed, which is not FIPS compliant.

Which .NET SHA1 class is FIPS complient?

(I could just try them all out, I guess, but I don't have easy access to the problem machine, and I suspect I won't be able to enable FIPS on my development machine. And I'm lazy.)

+1  A: 

You might find this blog post helpful. HMACSHA1 is FIPS compliant.

Darin Dimitrov
Thanks. I ended up using SHA1CryptoServiceProvider from that list. HMACSHA1 is a bit weird in that its constructor takes a key, and its default constructor generates a random key, which was really confusing I can tell you when my hashes kept changing in value.
dangph
+1  A: 

Have you tried SHA1Cng?

Jon Skeet