Our servers are set to require FIPS-compliant encryption/hashing algorithms. I implemented the July 2013 release of the AjaxControlToolkit and subsequently encountered the following error. Note that this error occurs only if debug=false (release mode). We are using .Net 4.5 on IIS 7.5, Windows 2008 R2.
Server Error: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
Stack Trace:
[InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.]
System.Security.Cryptography.SHA256Managed..ctor() +10438673
AjaxControlToolkit.ToolkitScriptManagerHelper.Hashing(String content) +45
AjaxControlToolkit.ToolkitScriptManagerCombiner.GetCombinedScriptContentHash(HttpContextBase context, String[] bundles) +32
AjaxControlToolkit.ToolkitScriptManager.OnLoad(EventArgs e) +256
System.Web.UI.Control.LoadRecursive() +54
System.Web.UI.Control.LoadRecursive() +145
System.Web.UI.Control.LoadRecursive() +145
System.Web.UI.Control.LoadRecursive() +145
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +772
Is there a way to set the hashing algorithm???
Impact: Because this error occurs on every page with a ToolScriptManager, we cannot upgrade the AjaxControlToolkit until this issue is resolved!
Comments: Line 129 of ToolKitScruptManagerHelper.cs should be as follows using (SHA256CryptoServiceProvider hashAlgorithm = new SHA256CryptoServiceProvider()) To Correct the FIPS issues with the code, I cant figure out how to change that in the source tree so hoping the Project admins can do this.
Server Error: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
Stack Trace:
[InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.]
System.Security.Cryptography.SHA256Managed..ctor() +10438673
AjaxControlToolkit.ToolkitScriptManagerHelper.Hashing(String content) +45
AjaxControlToolkit.ToolkitScriptManagerCombiner.GetCombinedScriptContentHash(HttpContextBase context, String[] bundles) +32
AjaxControlToolkit.ToolkitScriptManager.OnLoad(EventArgs e) +256
System.Web.UI.Control.LoadRecursive() +54
System.Web.UI.Control.LoadRecursive() +145
System.Web.UI.Control.LoadRecursive() +145
System.Web.UI.Control.LoadRecursive() +145
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +772
Is there a way to set the hashing algorithm???
Impact: Because this error occurs on every page with a ToolScriptManager, we cannot upgrade the AjaxControlToolkit until this issue is resolved!
Comments: Line 129 of ToolKitScruptManagerHelper.cs should be as follows using (SHA256CryptoServiceProvider hashAlgorithm = new SHA256CryptoServiceProvider()) To Correct the FIPS issues with the code, I cant figure out how to change that in the source tree so hoping the Project admins can do this.