Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Is there is a way to override the MD5 functionality provided by MD5CryptoServiceProvider to make it FIPS validated? This is because I would like to keep the logic used in the application and not modifying MD5 for another hashing algorithm that might cause an impact further down the road.
As far as I know, MD5 is not a FIPS approved algorithm, and therefore any application that depends on it is likely out of compliance.
I suggest either using
SHA1CryptoServiceProviderif you need your application to provide FIPS validated cryptography, or using the Bouncy Castle cryptography library (which does not honor the Windows FIPS policy setting) if your application either will not need to be FIPS-validated or uses MD5 for some non-security-related purpose.