Enable FIPS for both bootstrapping and install packages #225
Conversation
…thout credentials Issue# 195 FIPS issue on downlevel OSs.
|
@bmanikm @KrishnaV-MSFT can you please CR? thx. |
| hashAlgorithm = SHA512.Create(); | ||
| #endif |
There was a problem hiding this comment.
What about FIPS + PSCore combination on Windows? else part will cause the same issue again with FIPS + PSCore on Windows.
There was a problem hiding this comment.
| hashAlgorithm = OSInformation.IsFipsEnabled ? (HashAlgorithm)new SHA256CryptoServiceProvider() : SHA256.Create(); | ||
| #else | ||
| hashAlgorithm = SHA256.Create(); | ||
| #endif |
There was a problem hiding this comment.
What about FIPS + PSCore combination on Windows? else part will cause the same issue again with FIPS + PSCore on Windows.
There was a problem hiding this comment.
No Issues on CoreClr. We can not minimize to oneline: = OSInformation.IsFipsEnabled ? (HashAlgorithm)new SHA256CryptoServiceProvider() : SHA256.Create(), because SHA256CryptoServiceProvider does not exist on CoreClr. Therefore we have to add #if CoreClr here.
In reply to: 84203432 [](ancestors = 84203432)
| { | ||
| hashAlgorithm = MD5.Create(); | ||
| } | ||
|
|
There was a problem hiding this comment.
if possible, please add the test cases #Resolved
There was a problem hiding this comment.
it's not about test cases. it's the entire machine environment change. In fact, Win10... does not repro it.
In reply to: 84203632 [](ancestors = 84203632)
|
Can we also review the NuGet provider changes? are you going to send a separate PR? In reply to: 254983784 [](ancestors = 254983784) |
|
|
|
It's in the PR notes. "Please review changes for Submodule, see this link" In reply to: 254992803 [](ancestors = 254992803,254983784) |
Resolve Issue #195
Resolve Issue #208
Please review changes for Submodule, see this link
Found no issue on Win10 machines with FIPS enabled.
The fixes mainly for downlevel Windows OSs.
Tested: Nano, Inbox, PowerShellCore and Linux