search

brockallen / BrockAllen.MembershipReboot

MembershipReboot is a user identity management and authentication library.
Other
742 stars 238 forks source link

This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms #560

Closed manriquelogany2k closed 9 years ago

manriquelogany2k commented 9 years ago

Hi there,

I was wondering what should I do when I get this error: "This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms". I get this error my attempting to create a new user account.

Thank you, Manrique

brockallen commented 9 years ago

Can you provide a all stack showing which API call triggers that?

manriquelogany2k commented 9 years ago

Hi Brock,

Here is the call stack:

at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)\r\n at System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)\r\n at System.Security.Cryptography.CryptoConfig.CreateFromName(String name, Object[] args)\r\n at BrockAllen.MembershipReboot.Helpers.Crypto.Hash(Byte[] input, String algorithm)\r\n at BrockAllen.MembershipReboot.UserAccountService1.SetVerificationKey(TAccount account, VerificationKeyPurpose purpose, String key, String state)\r\n at BrockAllen.MembershipReboot.UserAccountService1.Init(TAccount account, String tenant, String username, String password, String email, Nullable1 id, Nullable1 dateCreated)\r\n at BrockAllen.MembershipReboot.UserAccountService1.CreateAccount(String tenant, String username, String password, String email, Nullable1 id, Nullable1 dateCreated, TAccount account)\r\n at ASEBA.PIe.Customer.Infrastructure.Security.Web.AuthN.Services.UserAccountService.<>c__DisplayClass6.<CreateUserAccount>b__4()\r\n at ASEBA.PIe.Customer.Infrastructure.Security.Web.AuthN.Services.UserAccountService.tryCatchThrow(Action tryAction, Action1 catchValidationExceptionAction, Action1 catchArgumentExceptionAction)\r\n at ASEBA.PIe.Customer.ApplicationServices.AdministrationApplicationServices.UserManagement.UserManagementApplicationService.<>c__DisplayClass9.<CreateUser>b__7()\r\n at ASEBA.PIe.Customer.ApplicationServices.AdministrationApplicationServices.UserManagement.UserManagementApplicationService.tryCatch(Action tryAction, ViewModel viewModel, HttpStatusCode onExceptionHttpStatusCode)\r\n at ASEBA.PIe.Customer.ApplicationServices.AdministrationApplicationServices.UserManagement.UserManagementApplicationService.CreateUser(CreateUserViewModel createUserAccountViewModel)\r\n at ASEBA.PIe.Customer.Presentation.WebApi.Controllers.AdministrationControllers.UserManagement.CreateUserController.Post(CreateUserViewModel createUserAccountViewModel)\r\n at lambda_method(Closure , Object , Object[] )\r\n at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.<>c__DisplayClass13.<GetExecutor>b__c(Object instance, Object[] methodParameters)\r\n at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.Execute(Object instance, Object[] arguments)\r\n at System.Threading.Tasks.TaskHelpers.RunSynchronously[TResult](Func1 func, CancellationToken cancellationToken)

I did disabled the "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" policy and the issue went away. I did enable the policy and the issue came back. I only tried this in Windows 2012 R2.

Thank you for MembershipReboot and your other projects! Best regards, Manrique

brockallen commented 9 years ago

Given that it's using HashAlgorithm.Create, this means you should be able to configure in .config that you want to use the FIPS compliant implementations. I'd search the MSDN docs for this setting.

manriquelogany2k commented 9 years ago

Hi Brock, Thank you. Manrique