This topic has not yet been rated - Rate this topic

<enforceFIPSPolicy> Element

.NET Framework 4

Updated: May 2011

Specifies whether to enforce a computer configuration requirement that cryptographic algorithms must comply with the Federal Information Processing Standards (FIPS).

<configuration> Element
<runtime> Element
<enforceFIPSPolicy> Element

Copy

<enforceFIPSPolicy enabled="true|false" />

Attributes and Elements

The following sections describe attributes, child elements, and parent elements.

Attributes

Attribute	Description
enabled	Required attribute. Specifies whether to enable the enforcement of a computer configuration requirement that cryptographic algorithms must be compliant with FIPS.

Attribute

Description

enabled

Required attribute.

Specifies whether to enable the enforcement of a computer configuration requirement that cryptographic algorithms must be compliant with FIPS.

enabled Attribute

Value	Description
true	If your computer is configured to require cryptographic algorithms to be FIPS compliant, that requirement is enforced. If a class implements an algorithm that is not compliant with FIPS, the constructors or Create methods for that class throw exceptions when they are run on that computer. This is the default.
false	Cryptographic algorithms that are used by the application are not required to be compliant with FIPS, regardless of computer configuration.

Child Elements

None.

Parent Elements

Element	Description
configuration	The root element in every configuration file used by the common language runtime and .NET Framework applications.
runtime	Contains information about assembly binding and garbage collection.

Remarks

Starting with the .NET Framework 2.0, the creation of classes that implement cryptographic algorithms is controlled by the configuration of the computer. If the computer is configured to require algorithms to be compliant with FIPS, and a class implements an algorithm that is not compliant with FIPS, any attempt to create an instance of that class throws an exception. Constructors throw an InvalidOperationException exception, and Create methods throw a TargetInvocationException exception with an inner InvalidOperationException exception.

If your application runs on computers whose configurations require compliance with FIPS, and your application uses an algorithm that is not compliant with FIPS, you can use this element in your configuration file to prevent the common language runtime (CLR) from enforcing FIPS compliance. This element was introduced in the .NET Framework version 2.0 Service Pack 1.

Example

The following example shows how to prevent the CLR from enforcing FIPS compliance.

Copy

<configuration>
    <runtime>
        <enforceFIPSPolicy enabled="false"/>
    </runtime>
</configuration>

Date	History	Reason
May 2011	Missing documentation added.	Customer feedback.

Date

History

Reason

May 2011

Missing documentation added.

Customer feedback.

Did you find this helpful? Yes No

Not accurate

Not enough depth

Need more code examples

(1500 characters remaining)

Community Content Add

FAQ

<enforceFIPSPolicy> Element

Attributes

enabled Attribute

Child Elements

Parent Elements

Reference

Concepts

Other Resources