1
Vote

FIPS Certified Hashing Algorithm

description

Would it be possible to switch out the MD5CryptoServiceProvider in Chutzpah.Utility.Hasher to a FIPS Certified provider (i.e. AesCryptoServiceProvider, SHA256CryptoServiceProvider, SHA384CryptoServiceProvider, and SHA512CryptoServiceProvider)? When FIPSAlgorithmPolicy is enabled in the registry, Chutzpah doesn't run. Thanks.

comments

mmanela wrote Dec 24, 2013 at 5:29 AM

That seems reasonable. I will look into it. I chose MD5 because it was weak and generated short paths. I don't want to generate super long paths.