Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen

HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Getting exception from non-FIPS-compliant cryptography providerGetting exception from non-FIPS-compliant cryptography provider
Previous
 
Next
New Post
6/16/2017 11:30 PM
 
We have an application that runs as a DNN module.  We currently deploy it on DNN 8.0.4.  We're trying to get it running on an Army Gold Master website which requires FIPS-compliant cryptography algorithms be used.  The DNN site comes up, but when we attempt to log in the following exception is thrown:

This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

 

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.


This is the stack trace:

[InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.]
   System.Security.Cryptography.MD5CryptoServiceProvider..ctor() +4550284
   DotNetNuke.Services.Exceptions.ExceptionExtensions.Hash(Exception exc) +330
   DotNetNuke.Services.Exceptions.ExceptionInfo..ctor(Exception e) +114
   DotNetNuke.Services.Exceptions.Exceptions.GetExceptionInfo(Exception e) +45
   DotNetNuke.Services.Log.EventLog.ExceptionLogController.AddLog(BasePortalException objBasePortalException) +35
   DotNetNuke.Services.Exceptions.Exceptions.ProcessPageLoadException(Exception exc, String URL) +169
   DotNetNuke.Framework.PageBase. (EventArgs e) +743
   System.Web.UI.Page.HandleError(Exception e) +84
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +6560
   System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +245
   System.Web.UI.Page.ProcessRequest() +72
   System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context) +22
   System.Web.UI.Page.ProcessRequest(HttpContext context) +58
   ASP.default_aspx.ProcessRequest(HttpContext context) +4
   System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +188
   System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +69

It appears that an error occurs, and while trying to log the exception DNN uses the MD5CryptoServiceProvider to generate a hash. This algorithm is not supported by FIPS, so an InvalidOperationException is thrown.

Any assistance in figuring out how to make our DNN install FIPS-compliant would be appreciated!

Kevin
 
New Post
6/20/2017 7:03 PM
 
We have downloaded the source for DNN 8.0.2. Apparently it is NOT FIPS compliant, as it has several references to non-FIPS cryptography algorithms in it. This will likely lead to us having to create a custom version of DNN 8 for use by our government customers.

Very disappointing.
 
Previous
 
Next
HomeHomeUsing DNN Platf...Using DNN Platf...Administration ...Administration ...Getting exception from non-FIPS-compliant cryptography providerGetting exception from non-FIPS-compliant cryptography provider


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out