Loading...

XML

Word

Printable

JSON

Type: Improvement
Resolution: Won't Fix
Priority: Major - P3
Fix Version/s: None
Affects Version/s: None
Component/s: Security
Labels:
None

Case:
Confidence Status:
None

Aha! Reference:
None
Tracking Level:
None
Risk Status:
None
Exec Notes:
None
Goal Link:
None
Goal Name(s):
None

MD5 is used in the SCRAM-SHA-1 implementation in a non-cryptographic manner. As such, when the machine is in FIPS compliance mode, we still fail to authenticate because we are using the managed MD5 implementation. We need to write a custom MD5 implementation for use in non-cryptographic scenarios.

is duplicated by

CSHARP-3729 Connection fails when using authentication while FIPS enabled

Closed

is related to

CSHARP-1331 Use of SHA256Managed is not FIPS compliant.

Closed

CSHARP-1937 C# Driver 2.X does not allow upload to GridFS when FIPS is enabled

Closed

CSHARP-573 Change MD5 Hash for Machine Key to Something FIPS Compliant

Closed

Assignee:: Robert Stam
Reporter:: Craig Wilson
Votes:: 3 Vote for this issue
Watchers:: 7 Start watching this issue

Created:: Jul 11 2016 02:45:51 PM UTC
Updated:: Jul 08 2021 06:21:10 PM UTC
Resolved:: Feb 05 2018 03:36:18 PM UTC

Details

Description

Attachments

Issue Links

Forms

Activity

People

Dates