다음을 통해 공유


Issue: Getting 'This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.' exception while building Outlook VSTO add-in in VS 2010

In case you have FIPS compliance enabled and you are building VSTO/Windows applications using Visual Studio 2010 then you will get exception as mentioned below:

Error 1 Source file 'c:\users\brijs\documents\visual studio 2010\Projects\OutlookAddInFIPS\OutlookAddInFPIS\ThisAddIn.cs' could not be opened ( 'This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.' ) OutlookAddInFIPS

Error 1 Source file 'c:\users\brijs\documents\visual studio 2010\Projects\WindowsFormsApplicationFIPS\WindowsFormsApplicationFIPS\Form1.cs' could not be opened ( 'This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.' ) WindowsFormsApplicationFIPS

To know more about FIPS refer The effects of enabling the "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" security setting in Windows XP and in later versions of Windows

In order to enable FIPS you need to follow steps mentioned below

  • This security setting affects the following registry value in Windows Server 2008 and in Windows Vista: HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled
    This registry value reflects the current FIPS setting. If this setting is enabled, the value is 1. If this setting is disabled, the value is 0.
  • This security setting affects the following registry value in Windows Server 2003 and in Windows XP: HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy
    This registry value reflects the current FIPS setting. If this setting is enabled, the value is 1. If this setting is disabled, the value is 0.

After you enable or disable the System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing security setting, you must restart your application, such as Internet Explorer, for the new setting to take effect.

To workaround the above issue you can either opt out of FIPS compliance by changing the registry as mentioned above.

Or In order to just avoid the issue with Visual Studio 2010 one can follow the steps mentioned below:

  • Open Devenv.exe.config from
    C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE if you are on x64 OS
    or C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\ on x86 OS
  • Find </runtime> tag and add the following above that line:
    <enforceFIPSPolicy enabled="false"/>
  • After the above modification devenv config would look like:
    <configuration>
    <runtime>
    .
    .
    .
    <enforceFIPSPolicy enabled="false"/>
    </runtime>
    </configuration>
  • Restart Visual Studio

enforceFIPSPolicy is a .Net 2.0 SP1 config file switch which helps the application to opt out FIPS checking.

Hope this helps!!!

Comments

  • Anonymous
    November 11, 2010
    Using this setting, I can only build if none of the files being built are open in the IDE.  Is there any way to fix this?Thanks,Dexter
  • Anonymous
    November 11, 2010
    The comment has been removed
  • Anonymous
    November 11, 2010
    The comment has been removed
  • Anonymous
    September 01, 2011
    Thanks a lot. Your suggestion has worked for me. I just had to modify devevn.exe.config file.
  • Anonymous
    November 17, 2011
    Thanks for this information.It worked fine.
  • Anonymous
    December 07, 2011
    i was very worried..my visual studio wasnt not working but its working perfectly now..so thatk you :)
  • Anonymous
    January 02, 2012
    I found this linke useful to simply turn off FIPS on my machine. In my case I don't really need FIPS. It got turned on while I was installing a software that had the option of turning on FIPS. blog.aggregatedintelligence.com/.../fips-validated-cryptographic-algorithms.html
  • Anonymous
    April 19, 2012
    Ok..  Opt out works, but .gov 140-2 requires all to be FIPS enabled.  Why would you try and avoid?
  • Anonymous
    May 18, 2012
    Dave is correct, turning off the FIPS algorithm is fine if not needed however if you are required you are essentially turning off your encryption and losing security without fixing the problem.
  • Anonymous
    June 27, 2012
    Thankyou, very precise and good solution.
  • Anonymous
    July 19, 2012
    Thanks Tony for the details of disabling FIPS. It solves the problem.
  • Anonymous
    September 25, 2012
    Many thanks for the workaround. Fixed my error problem!
  • Anonymous
    August 27, 2013
    Thanks this really helped...it was so annoying. Changing the config file works.
  • Anonymous
    May 15, 2014
    Thanks you very much, this worked for me.