Menu
I have a C# website where I need to create a md5 hash value for a file but my web server has FIPS enabled. Changing to md5 is not an option due to server requirements and for some reason changing the file to FIPS its also out of the table.
Can I create a small desktop or command application where I am able to setup the hash value manually? Is there any alternative to accomplish this task?
696
Yeah this is important because sometimes you need to transfer passwords into the new format. I have a large database of user accounts that all use MD5, and our new server has FIPS enabled in secpol. So how can one verify that the user/pass combo provided is valid and needs converted, if one cannot create an MD5 hash...
I have found an alternative library to get the job done. https://rosettacode.org/wiki/MD5/Implementation#C.23
And you can source the additional required items from here: https://github.com/webbers/dongle.net/tree/master/src/Dongle/Criptography
101
.net 4.8 allows you to opt out of the "throw exception" behavior
<runtime>
<AppContextSwitchOverrides value="Switch.System.Security.Cryptography.UseLegacyFipsThrow=false" />
</runtime>
https://learn.microsoft.com/en-us/dotnet/framework/migration-guide/retargeting/4.7.2-4.8
26
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
